Quarkus: Integration tests - how to mock OIDC?

Question

I am trying to run some integration tests with Quarkus and protecting our JAX-RS application using Bearer Token Authorization.

Based on what we can see on the Quarkus Guide in theory it is possible to mock the behaviour of the authorization mechanism just to not need to have an Authorization Server (like Keycloak) running in local.

The problem I found is that I can't find the OidcWiremockTestResource.class in any of the dependencies described. Where it is?

Also, how we can avoid having an Authorization Server running for running some tests against our endpoints?

I found that it is possible to mock the JsonWebToken and the SecurityIdentity just using:

    @InjectMock
    SecurityIdentity identity;

    @InjectMock
    JsonWebToken token;

and it worked pretty well, but still when I try to run the integration tests the Authorization Server is required to be up and running. Otherwise Quarkus fails trying to connect to it.

I tried to disable the OIDC extension ( quarkus.oidc.enabled=false ) but then, of course, the code does not compile (the endpoints do not recognize the dependencies).

So, which one is the best approach for just skip the OIDC connection when running some Integration Test?

Best,

Answer 1

OidcWiremocTestResource is available in 1.13.1.Final .

Additionally, a TestSecurity annotation will be possible to use in such cases starting from Quarkus 2.0 and possibly from 1.13.2.Final (if this PR will get backported): https://github.com/quarkusio/quarkus/pull/16362

Finally Quarkus 2.0 will have a Keycloak test support module - if you work with Keycloak then it will help with testing against live Keycloak instance.