More cli options

mock/build.gradle

@@ -31,7 +31,6 @@ dependencies {
     testImplementation "org.junit.jupiter:junit-jupiter-api:$junit5_version"
     testImplementation "org.junit.jupiter:junit-jupiter-params:$junit5_version"
     testImplementation "org.mockito:mockito-junit-jupiter:$mockito_version"
-    testImplementation 'org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:1.0.2'
     testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine:$junit5_version"
     testRuntimeOnly "org.slf4j:slf4j-simple:$slf4j_version"
     annotationProcessor "com.google.dagger:dagger-compiler:$dagger_version"

mock/src/main/java/com/tngtech/keycloakmock/api/KeycloakMock.java

@@ -59,7 +59,11 @@ public KeycloakMock() {
   public KeycloakMock(@Nonnull final ServerConfig serverConfig) {
     this.serverConfig = serverConfig;
     this.defaultConfiguration = new UrlConfiguration(serverConfig);
-    this.signatureComponent = DaggerSignatureComponent.create();
+    this.signatureComponent =
+        DaggerSignatureComponent.builder()
+            .defaultScopes(serverConfig.getDefaultScopes())
+            .defaultTokenLifespan(serverConfig.getDefaultTokenLifespan())
+            .build();
   }
 
   /**

mock/src/main/java/com/tngtech/keycloakmock/api/ServerConfig.java

@@ -3,11 +3,10 @@
 import com.tngtech.keycloakmock.impl.Protocol;
 import java.time.Duration;
 import java.util.ArrayList;
+import java.util.Collection;
 import java.util.Collections;
-import java.util.HashSet;
 import java.util.List;
 import java.util.Objects;
-import java.util.Set;
 import javax.annotation.Nonnull;
 
 /** Server configuration to use. */
@@ -26,8 +25,8 @@ public final class ServerConfig {
   @Nonnull private final String contextPath;
   @Nonnull private final String defaultRealm;
   @Nonnull private final List<String> resourcesToMapRolesTo;
-  @Nonnull private final Set<String> defaultScopes;
-  @Nonnull private final Duration tokenLifespan;
+  @Nonnull private final List<String> defaultScopes;
+  @Nonnull private final Duration defaultTokenLifespan;
 
   private ServerConfig(@Nonnull final Builder builder) {
     this.port = builder.port;
@@ -37,7 +36,7 @@ private ServerConfig(@Nonnull final Builder builder) {
     this.defaultRealm = builder.defaultRealm;
     this.resourcesToMapRolesTo = builder.resourcesToMapRolesTo;
     this.defaultScopes = builder.defaultScopes;
-    this.tokenLifespan = builder.tokenLifespan;
+    this.defaultTokenLifespan = builder.defaultTokenLifespan;
   }
 
   /**
@@ -148,18 +147,18 @@ public String getDefaultRealm() {
    * @return default scopes
    */
   @Nonnull
-  public Set<String> getDefaultScopes() {
-    return Collections.unmodifiableSet(defaultScopes);
+  public List<String> getDefaultScopes() {
+    return Collections.unmodifiableList(defaultScopes);
   }
 
   /**
-   * Get access token lifespan
+   * Get default access token lifespan.
    *
-   * @return token lifespan
+   * @return default token lifespan
    */
   @Nonnull
-  public Duration getTokenLifespan() {
-    return tokenLifespan;
+  public Duration getDefaultTokenLifespan() {
+    return defaultTokenLifespan;
   }
 
   /**
@@ -175,8 +174,8 @@ public static final class Builder {
     @Nonnull private String contextPath = DEFAULT_CONTEXT_PATH;
     @Nonnull private String defaultRealm = DEFAULT_REALM;
     @Nonnull private final List<String> resourcesToMapRolesTo = new ArrayList<>();
-    @Nonnull private final Set<String> defaultScopes = new HashSet<>();
-    @Nonnull private Duration tokenLifespan = DEFAULT_TOKEN_LIFESPAN;
+    @Nonnull private final List<String> defaultScopes = new ArrayList<>();
+    @Nonnull private Duration defaultTokenLifespan = DEFAULT_TOKEN_LIFESPAN;
 
     private Builder() {
       defaultScopes.add(DEFAULT_SCOPE);
@@ -353,13 +352,13 @@ public Builder withResourceToMapRolesTo(@Nonnull String resource) {
      *
      * <p>Set of client scopes to be configured. Default scope 'openid' is always added.
      *
-     * @param defaultScopes as set
+     * @param defaultScopes the scopes to add
      * @return builder
      * @see <a href="https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims">scope
      *     claims</a>
      */
     @Nonnull
-    public Builder withDefaultScopes(@Nonnull final Set<String> defaultScopes) {
+    public Builder withDefaultScopes(@Nonnull final Collection<String> defaultScopes) {
       this.defaultScopes.addAll(defaultScopes);
       return this;
     }
@@ -381,15 +380,17 @@ public Builder withDefaultScope(@Nonnull final String defaultScope) {
     }
 
     /**
-     * Set default access token lifespan ("exp" filed will be set as issuedAt + tokenLifespan). + By
-     * default lifespan 10 hours.
+     * Set default access token lifespan.
+     *
+     * <p>Token expiry 'exp' will be set as 'issuedAt' + 'tokenLifespan'. The default lifespan is 10
+     * hours.
      *
      * @param tokenLifespan as duration
      * @return builder
      */
     @Nonnull
-    public Builder withTokenLifespan(@Nonnull final Duration tokenLifespan) {
-      this.tokenLifespan = tokenLifespan;
+    public Builder withDefaultTokenLifespan(@Nonnull final Duration tokenLifespan) {
+      this.defaultTokenLifespan = tokenLifespan;
       return this;
     }
 

mock/src/main/java/com/tngtech/keycloakmock/api/TokenConfig.java

@@ -8,7 +8,7 @@
 import java.nio.charset.StandardCharsets;
 import java.time.Duration;
 import java.time.Instant;
-import java.time.temporal.ChronoUnit;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Base64;
 import java.util.Collection;
@@ -39,15 +39,15 @@ public class TokenConfig {
   @Nonnull private final Set<String> audience;
   @Nonnull private final String authorizedParty;
   @Nonnull private final String subject;
-  @Nonnull private final String scope;
+  @Nonnull private final List<String> scopes;
   @Nonnull private final Map<String, Object> claims;
   @Nonnull private final Access realmAccess;
   @Nonnull private final Map<String, Access> resourceAccess;
   @Nonnull private final Instant issuedAt;
   @Nonnull private final Instant authenticationTime;
-  @Nonnull private final Instant expiration;
   private final boolean generateUserDataFromSubject;
   @Nullable private final Instant notBefore;
+  @Nullable private final Instant expiration;
   @Nullable private final String hostname;
   @Nullable private final String realm;
   @Nullable private final String name;
@@ -66,16 +66,16 @@ private TokenConfig(@Nonnull final Builder builder) {
     authorizedParty = builder.authorizedParty;
     subject = builder.subject;
     generateUserDataFromSubject = builder.generateUserDataFromSubject;
-    scope = String.join(" ", builder.scope);
+    scopes = builder.scopes;
     claims = builder.claims;
     realmAccess = builder.realmRoles;
     resourceAccess = builder.resourceAccess;
     issuedAt = builder.issuedAt;
     authenticationTime = builder.authenticationTime;
-    expiration = builder.expiration;
     hostname = builder.hostname;
     realm = builder.realm;
     notBefore = builder.notBefore;
+    expiration = builder.expiration;
     givenName = builder.givenName;
     familyName = builder.familyName;
     if (builder.name != null) {
@@ -124,8 +124,8 @@ public boolean isGenerateUserDataFromSubject() {
   }
 
   @Nonnull
-  public String getScope() {
-    return scope;
+  public List<String> getScopes() {
+    return scopes;
   }
 
   @Nonnull
@@ -153,16 +153,16 @@ public Instant getAuthenticationTime() {
     return authenticationTime;
   }
 
-  @Nonnull
-  public Instant getExpiration() {
-    return expiration;
-  }
-
   @Nullable
   public Instant getNotBefore() {
     return notBefore;
   }
 
+  @Nullable
+  public Instant getExpiration() {
+    return expiration;
+  }
+
   @Nullable
   public String getHostname() {
     return hostname;
@@ -213,15 +213,15 @@ public static final class Builder {
     @Nonnull private final Set<String> audience = new HashSet<>();
     @Nonnull private String authorizedParty = "client";
     @Nonnull private String subject = "user";
-    @Nonnull private final Set<String> scope = new HashSet<>();
+    @Nonnull private final List<String> scopes = new ArrayList<>();
     @Nonnull private final Map<String, Object> claims = new HashMap<>();
     @Nonnull private final Access realmRoles = new Access();
     @Nonnull private final Map<String, Access> resourceAccess = new HashMap<>();
     @Nonnull private Instant issuedAt = Instant.now();
-    @Nonnull private Instant expiration = issuedAt.plus(10, ChronoUnit.HOURS);
     @Nonnull private Instant authenticationTime = Instant.now();
     private boolean generateUserDataFromSubject = false;
     @Nullable private Instant notBefore;
+    @Nullable private Instant expiration;
     @Nullable private String hostname;
     @Nullable private String realm;
     @Nullable private String givenName;
@@ -445,8 +445,8 @@ public Builder withSubjectAndGeneratedUserData(@Nonnull final String subject) {
     /**
      * Add scope.
      *
-     * <p>The scope for which this token has been requested. Always contains the scopes configured
-     * in ServerConfig.
+     * <p>The scope for which this token has been requested. If not set, the default scopes
+     * configured in {@link ServerConfig} will be used.
      *
      * @param scope the scope to add
      * @return builder
@@ -455,15 +455,15 @@ public Builder withSubjectAndGeneratedUserData(@Nonnull final String subject) {
      */
     @Nonnull
     public Builder withScope(@Nonnull final String scope) {
-      this.scope.add(scope);
+      this.scopes.add(scope);
       return this;
     }
 
     /**
      * Add scopes.
      *
-     * <p>The scopes for which this token has been requested. Always contains the scopes configured
-     * in ServerConfig.
+     * <p>The scopes for which this token has been requested. If not set, the default scopes
+     * configured in {@link ServerConfig} will be used.
      *
      * @param scopes the scopes to add
      * @return builder
@@ -472,7 +472,7 @@ public Builder withScope(@Nonnull final String scope) {
      */
     @Nonnull
     public Builder withScopes(@Nonnull final Collection<String> scopes) {
-      this.scope.addAll(scopes);
+      this.scopes.addAll(scopes);
       return this;
     }
 
@@ -653,16 +653,41 @@ public Builder withAuthenticationTime(@Nonnull final Instant authenticationTime)
     /**
      * Set expiration date.
      *
+     * <p>As an alternative, you can also set the token lifespan instead using {@link
+     * #withTokenLifespan(Duration)}.
+     *
+     * <p>If no expiration is configured, the default token lifespan configured in {@link
+     * ServerConfig.Builder#withDefaultTokenLifespan(Duration)} will be used.
+     *
      * @param expiration the instant when the token expires
      * @return builder
      * @see <a href="https://openid.net/specs/openid-connect-core-1_0.html#IDToken">ID token</a>
+     * @see #withTokenLifespan(Duration)
      */
     @Nonnull
     public Builder withExpiration(@Nonnull final Instant expiration) {
       this.expiration = Objects.requireNonNull(expiration);
       return this;
     }
 
+    /**
+     * Set lifespan of generated token.
+     *
+     * <p>This is an alternative option to setting the expiration directly via {@link
+     * #withExpiration(Instant)}. The expiration will be calculated as issuedAt + tokenLifespan.
+     *
+     * <p>If no token lifespan is configured, the default token lifespan configured in {@link
+     * ServerConfig.Builder#withDefaultTokenLifespan(Duration)} will be used.
+     *
+     * @param tokenLifespan duration the token should be valid
+     * @return builder
+     * @see #withExpiration(Instant)
+     */
+    public Builder withTokenLifespan(Duration tokenLifespan) {
+      this.expiration = issuedAt.plus(tokenLifespan);
+      return this;
+    }
+
     /**
      * Set not before date.
      *
@@ -769,11 +794,6 @@ public Builder withAuthenticationContextClassReference(
     public TokenConfig build() {
       return new TokenConfig(this);
     }
-
-    public Builder witTokenLifespan(Duration tokenLifespan) {
-      this.expiration = issuedAt.plus(tokenLifespan);
-      return this;
-    }
   }
 
   /**