test: fix the tests for latest keycloak

test_keycloak_init.sh

@@ -13,7 +13,7 @@ function keycloak_stop() {
 
 function keycloak_start() {
     echo "Starting keycloak docker container"
-    docker run -d --name unittest_keycloak -e KEYCLOAK_ADMIN="${KEYCLOAK_ADMIN}" -e KEYCLOAK_ADMIN_PASSWORD="${KEYCLOAK_ADMIN_PASSWORD}" -e KC_FEATURES="token-exchange" -p "${KEYCLOAK_PORT}:8080" "${KEYCLOAK_DOCKER_IMAGE}" start-dev
+    docker run -d --name unittest_keycloak -e KEYCLOAK_ADMIN="${KEYCLOAK_ADMIN}" -e KEYCLOAK_ADMIN_PASSWORD="${KEYCLOAK_ADMIN_PASSWORD}" -e KC_FEATURES="token-exchange,admin-fine-grained-authz" -p "${KEYCLOAK_PORT}:8080" "${KEYCLOAK_DOCKER_IMAGE}" start-dev
     SECONDS=0
     until curl --silent --output /dev/null localhost:$KEYCLOAK_PORT; do
       sleep 5;

tests/test_keycloak_admin.py

@@ -506,7 +506,8 @@ def test_server_info(admin: KeycloakAdmin):
     :type admin: KeycloakAdmin
     """
     info = admin.get_server_info()
-    assert set(info.keys()) == {
+    assert set(info.keys()).issubset(
+        {
             "systemInfo",
             "memoryInfo",
             "profileInfo",
@@ -520,7 +521,9 @@ def test_server_info(admin: KeycloakAdmin):
             "componentTypes",
             "passwordPolicies",
             "enums",
-    }, info.keys()
+            "cryptoInfo",
+        }
+    ), info.keys()
 
 
 def test_groups(admin: KeycloakAdmin, user: str):
@@ -790,7 +793,7 @@ def test_clients(admin: KeycloakAdmin, realm: str):
 
     with pytest.raises(KeycloakGetError) as err:
         admin.get_client_authz_settings(client_id=client_id)
-    assert err.match('500: b\'{"error":"HTTP 500 Internal Server Error"}\'')
+    assert err.match('404: b\'{"error":"HTTP 404 Not Found"}\'')
 
     # Authz resources
     res = admin.get_client_authz_resources(client_id=auth_client_id)
@@ -799,7 +802,7 @@ def test_clients(admin: KeycloakAdmin, realm: str):
 
     with pytest.raises(KeycloakGetError) as err:
         admin.get_client_authz_resources(client_id=client_id)
-    assert err.match('500: b\'{"error":"unknown_error"}\'')
+    assert err.match('404: b\'{"error":"HTTP 404 Not Found"}\'')
 
     res = admin.create_client_authz_resource(
         client_id=auth_client_id, payload={"name": "test-resource"}
@@ -885,7 +888,7 @@ def test_clients(admin: KeycloakAdmin, realm: str):
 
     with pytest.raises(KeycloakGetError) as err:
         admin.get_client_authz_scopes(client_id=client_id)
-    assert err.match('500: b\'{"error":"unknown_error"}\'')
+    assert err.match('404: b\'{"error":"HTTP 404 Not Found"}\'')
 
     # Test service account user
     res = admin.get_client_service_account_user(client_id=auth_client_id)

tests/test_keycloak_openid.py

@@ -135,6 +135,7 @@ def test_token(oid_with_credentials: Tuple[KeycloakOpenID, str, str]):
     assert token == {
         "access_token": mock.ANY,
         "expires_in": 300,
+        "id_token": mock.ANY,
         "not-before-policy": 0,
         "refresh_expires_in": 1800,
         "refresh_token": mock.ANY,
@@ -148,6 +149,7 @@ def test_token(oid_with_credentials: Tuple[KeycloakOpenID, str, str]):
     assert token == {
         "access_token": mock.ANY,
         "expires_in": 300,
+        "id_token": mock.ANY,
         "not-before-policy": 0,
         "refresh_expires_in": 1800,
         "refresh_token": mock.ANY,
@@ -161,6 +163,7 @@ def test_token(oid_with_credentials: Tuple[KeycloakOpenID, str, str]):
     assert token == {
         "access_token": mock.ANY,
         "expires_in": 300,
+        "id_token": mock.ANY,
         "not-before-policy": 0,
         "refresh_expires_in": 1800,
         "refresh_token": mock.ANY,

tox.ini

@@ -2,6 +2,7 @@
 requires =
     tox-poetry
     poetry
+    tox<4.0.0
 envlist = check, apply-check, docs, tests, build, changelog
 
 [testenv]