consistent passwords

1 month ago · 3ed2305603
3 changed files with 14 additions and 11 deletions
--- a/test/s3/iam/s3_iam_framework.go
+++ b/test/s3/iam/s3_iam_framework.go
@ -197,11 +197,13 @@ func (f *S3IAMTestFramework) getKeycloakToken(username string) (string, error) {
 // getTestUserPassword returns the password for test users
 func (f *S3IAMTestFramework) getTestUserPassword(username string) string {
 	// Password generation matches setup_keycloak_docker.sh logic:
 	// password="${username//[^a-zA-Z]/}123" (removes non-alphabetic chars + "123")
 	userPasswords := map[string]string{
 		"admin-user":      "admin123",
 		"read-user":       "read123",
 		"write-user":      "readwrite123",
 		"write-only-user": "writeonly123",
 		"admin-user":      "adminuser123",      // "admin-user" -> "adminuser" + "123"
 		"read-user":       "readuser123",       // "read-user" -> "readuser" + "123"
 		"write-user":      "writeuser123",      // "write-user" -> "writeuser" + "123"
 		"write-only-user": "writeonlyuser123", // "write-only-user" -> "writeonlyuser" + "123"
 	}
 	return userPasswords[username]
--- a/test/s3/iam/s3_keycloak_integration_test.go
+++ b/test/s3/iam/s3_keycloak_integration_test.go
@ -129,7 +129,8 @@ func TestKeycloakTokenExpiration(t *testing.T) {
 	}
 	// Get a short-lived token (if Keycloak is configured for it)
 	tokenResp, err := framework.keycloakClient.AuthenticateUser("admin-user", "admin123")
 	// Use consistent password that matches Docker setup script logic: "adminuser123"
 	tokenResp, err := framework.keycloakClient.AuthenticateUser("admin-user", "adminuser123")
 	require.NoError(t, err)
 	// Verify token properties
--- a/test/s3/iam/setup_keycloak.sh
+++ b/test/s3/iam/setup_keycloak.sh
@ -24,13 +24,13 @@ ROLE_READONLY="s3-read-only"
 ROLE_WRITEONLY="s3-write-only"
 ROLE_READWRITE="s3-read-write"
 # User credentials (compatible with older bash versions)
 # User credentials (matches Docker setup script logic: removes non-alphabetic chars + "123")
 get_user_password() {
  case "$1" in
    "admin-user") echo "admin123" ;;
    "read-user") echo "read123" ;;
    "write-user") echo "readwrite123" ;;
    "write-only-user") echo "writeonly123" ;;
    "admin-user") echo "adminuser123" ;;        # "admin-user" -> "adminuser123"
    "read-user") echo "readuser123" ;;          # "read-user" -> "readuser123"
    "write-user") echo "writeuser123" ;;        # "write-user" -> "writeuser123"
    "write-only-user") echo "writeonlyuser123" ;;  # "write-only-user" -> "writeonlyuser123"
    *) echo "" ;;
  esac
 }
@ -342,7 +342,7 @@ main() {
    -d "client_id=${CLIENT_ID}" \
    -d "client_secret=${CLIENT_SECRET}" \
    -d "username=admin-user" \
    -d "password=admin123" \
    -d "password=adminuser123" \
    -d "scope=openid profile email" \
    -o /tmp/auth_test_response.json)