From 80d1a2d1553d236a754893048df2e2978f33fc79 Mon Sep 17 00:00:00 2001
From: Sergey Beryozkin <sberyozkin@gmail.com>
Date: Thu, 12 Dec 2024 14:07:44 +0000
Subject: [PATCH] Generate certificates in the OIDC integration test

---
 integration-tests/oidc-mtls/pom.xml           |  52 +++++++--------
 integration-tests/oidc/pom.xml                |  27 ++++++++
 .../src/main/resources/application.properties |  15 +++--
 .../src/main/resources/client-keystore.p12    | Bin 2712 -> 0 bytes
 .../src/main/resources/client-truststore.p12  | Bin 1254 -> 0 bytes
 .../src/main/resources/server-keystore.p12    | Bin 2712 -> 0 bytes
 .../src/main/resources/server-truststore.p12  | Bin 1238 -> 0 bytes
 .../oidc/src/main/resources/upconfig.json     |  60 ------------------
 .../AbstractBearerTokenAuthorizationTest.java |   4 +-
 ...KeycloakXTestResourceLifecycleManager.java |   4 +-
 .../it/keycloak/WebsocketOidcTestCase.java    |   4 +-
 .../keycloak/client/KeycloakTestClient.java   |   5 +-
 12 files changed, 74 insertions(+), 97 deletions(-)
 delete mode 100644 integration-tests/oidc/src/main/resources/client-keystore.p12
 delete mode 100644 integration-tests/oidc/src/main/resources/client-truststore.p12
 delete mode 100644 integration-tests/oidc/src/main/resources/server-keystore.p12
 delete mode 100644 integration-tests/oidc/src/main/resources/server-truststore.p12
 delete mode 100644 integration-tests/oidc/src/main/resources/upconfig.json

diff --git a/integration-tests/oidc-mtls/pom.xml b/integration-tests/oidc-mtls/pom.xml
index 719118f28efca..7b6b331e319be 100644
--- a/integration-tests/oidc-mtls/pom.xml
+++ b/integration-tests/oidc-mtls/pom.xml
@@ -87,32 +87,32 @@
     <build>
         <plugins>
             <plugin>
-    <groupId>io.smallrye.certs</groupId>
-    <artifactId>smallrye-certificate-generator-maven-plugin</artifactId>
-    <executions>
-        <execution>
-            <phase>generate-test-resources</phase>
-            <goals>
-                <goal>generate</goal>
-            </goals>
-        </execution>
-    </executions>
-    <configuration>
-        <certificates>
-            <certificate>
-                <name>oidc</name> <!-- the name of the certificate -->
-                <formats>  <!-- List of formats to generate, are supported PEM, JKS and PKCS12 -->
-                    <format>PEM</format>
-                    <format>PKCS12</format>
-                </formats>
-                <password>password</password> <!-- Password for the key store if supported -->
-                <cn>backend-service</cn> <!-- Common Name -->
-                <duration>2</duration> <!-- in days -->
-                <client>true</client> <!-- Generate a client certificate -->
-            </certificate>
-        </certificates>
-    </configuration>
-</plugin>
+	        <groupId>io.smallrye.certs</groupId>
+	        <artifactId>smallrye-certificate-generator-maven-plugin</artifactId>
+	        <executions>
+		    <execution>
+		        <phase>generate-test-resources</phase>
+		        <goals>
+		            <goal>generate</goal>
+		        </goals>
+		    </execution>
+	        </executions>
+	        <configuration>
+		    <certificates>
+		        <certificate>
+		            <name>oidc</name> <!-- the name of the certificate -->
+		            <formats>  <!-- List of formats to generate, are supported PEM, JKS and PKCS12 -->
+		                <format>PEM</format>
+		                <format>PKCS12</format>
+		            </formats>
+		            <password>password</password> <!-- Password for the key store if supported -->
+		            <cn>backend-service</cn> <!-- Common Name -->
+		            <duration>2</duration> <!-- in days -->
+		            <client>true</client> <!-- Generate a client certificate -->
+		        </certificate>
+		    </certificates>
+	        </configuration>
+	    </plugin>
             <plugin>
                 <artifactId>maven-surefire-plugin</artifactId>
                 <configuration>
diff --git a/integration-tests/oidc/pom.xml b/integration-tests/oidc/pom.xml
index ff0b6fdd56069..e63f4b8707ff2 100644
--- a/integration-tests/oidc/pom.xml
+++ b/integration-tests/oidc/pom.xml
@@ -132,6 +132,33 @@
                     </execution>
                 </executions>
             </plugin>
+            <plugin>
+	        <groupId>io.smallrye.certs</groupId>
+	        <artifactId>smallrye-certificate-generator-maven-plugin</artifactId>
+	        <executions>
+		    <execution>
+		        <phase>generate-test-resources</phase>
+		        <goals>
+		            <goal>generate</goal>
+		        </goals>
+		    </execution>
+	        </executions>
+	        <configuration>
+		    <certificates>
+		        <certificate>
+		            <name>oidc</name> <!-- the name of the certificate -->
+		            <formats>  <!-- List of formats to generate, are supported PEM, JKS and PKCS12 -->
+		                <format>PEM</format>
+		                <format>PKCS12</format>
+		            </formats>
+		            <password>password</password> <!-- Password for the key store if supported -->
+		            <cn>backend-service</cn> <!-- Common Name -->
+		            <duration>2</duration> <!-- in days -->
+		            <client>true</client> <!-- Generate a client certificate -->
+		        </certificate>
+		    </certificates>
+	        </configuration>
+	    </plugin>
         </plugins>
     </build>
 
diff --git a/integration-tests/oidc/src/main/resources/application.properties b/integration-tests/oidc/src/main/resources/application.properties
index d8b1ec529ad7c..e4552113a34b4 100644
--- a/integration-tests/oidc/src/main/resources/application.properties
+++ b/integration-tests/oidc/src/main/resources/application.properties
@@ -1,23 +1,24 @@
 quarkus.keycloak.devservices.create-realm=false
 quarkus.keycloak.devservices.start-command=start --https-client-auth=required --hostname-strict=false --https-key-store-file=/etc/server-keystore.p12 --https-trust-store-file=/etc/server-truststore.p12 --https-trust-store-password=password --spi-user-profile-declarative-user-profile-config-file=/opt/keycloak/upconfig.json
-quarkus.keycloak.devservices.resource-aliases.keystore=server-keystore.p12
-quarkus.keycloak.devservices.resource-aliases.truststore=server-truststore.p12
+quarkus.keycloak.devservices.resource-aliases.keystore=target/certificates/oidc-keystore.p12
+quarkus.keycloak.devservices.resource-aliases.truststore=target/certificates/oidc-server-truststore.p12
 quarkus.keycloak.devservices.resource-mappings.keystore=/etc/server-keystore.p12
 quarkus.keycloak.devservices.resource-mappings.truststore=/etc/server-truststore.p12
 
 quarkus.oidc.token.principal-claim=email
 
-quarkus.oidc.tls.verification=required
-quarkus.oidc.tls.trust-store-file=client-truststore.p12
+quarkus.oidc.tls.verification=certificate-validation
+quarkus.oidc.tls.trust-store-file=target/certificates/oidc-client-truststore.p12
 quarkus.oidc.tls.trust-store-password=password
-quarkus.oidc.tls.key-store-file=client-keystore.p12
+quarkus.oidc.tls.key-store-file=target/certificates/oidc-client-keystore.p12
 quarkus.oidc.tls.key-store-password=password
 
 %tls-registry.quarkus.oidc.tls.tls-configuration-name=oidc-tls
-%tls-registry.quarkus.tls.oidc-tls.key-store.jks.path=client-keystore.p12
+%tls-registry.quarkus.tls.oidc-tls.key-store.jks.path=target/certificates/oidc-client-keystore.p12
 %tls-registry.quarkus.tls.oidc-tls.key-store.jks.password=password
-%tls-registry.quarkus.tls.oidc-tls.trust-store.jks.path=client-truststore.p12
+%tls-registry.quarkus.tls.oidc-tls.trust-store.jks.path=target/certificates/oidc-client-truststore.p12
 %tls-registry.quarkus.tls.oidc-tls.trust-store.jks.password=password
+%tls-registry.quarkus.tls.oidc-tls.hostname-verification-algorithm=NONE
 %tls-registry.quarkus.oidc.tls.verification=
 %tls-registry.quarkus.oidc.tls.trust-store-file=
 %tls-registry.quarkus.oidc.tls.trust-store-password=
diff --git a/integration-tests/oidc/src/main/resources/client-keystore.p12 b/integration-tests/oidc/src/main/resources/client-keystore.p12
deleted file mode 100644
index 11df9af88cd7347c52c3133b1bb4c06dad923695..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2712
zcma);S5y-U5{A=57bWywq?bT~fFPkrk=_OAEfhhDkWi!rM4ALNAP7=adR2;wg=VgB
zVS&(5YJwomP^5SfT=(oA@7br_hdFcR`{$p>{|u7AL;?Z9NCJ~Kj8Qh#IQ5Vf2nUuC
zn3Ny{Cb?f&3Q2%A{+9$Tg%F@czwm=!bsxt39~TP~5L8Bh>imLQNbGM1lojcORR4Qq
zLCQf8M#sk!4QP18x4T5<K9Zx!3vb*R5J-w01QbECz!?605yS`uAO&HJ9;wDaUoZqH
z3t@lJWG2{9hnkLDABS^%7#M>PAS2J%rC%FMduYs@83TIDl%vGdjyRSUy=S)Y3b)>E
z=%zK=sHH|6fer&MG7OYy+1fi>T`s(xVt#@n_Odo8Jwh%qSqKZ%MrC^K<SHJTeTpVh
z1S2_CM3ZZVX=Rj{`_!_%j3WbS5JU!fJ=sZG7|(tA>BGr=A2vf5w)o*say&^3=x5d(
z^)(re`{4=C!tQmYWxGy4>*dror#xOi(^=nir}vKiGT#JXm+#gX0}&J-hs$)2&eLA3
zzf@7=Y9A3Hc8NsB%J{zCEQs^3)B8FD4p+`)jOo~x#faE!QhYlEXP&E?JXVamyq`dB
z-}l{&z>s3LN+KPt`-lFNbEw%Sz%;L&^xgS%knqY_>YX@PAf64ve{;utwfLgHRYSCK
zl;!(ay%+e6X<@zByeYSMZ^(gXaqSm|F+Ka9qi@bm1(S(qV`<0paZYFf0yy|~)4PHy
zZY?JB;p|4qtk^5Y(9A!>e&8?OjvkckzSP{)wbLt+85k8K2U9(g;eWR?*RS%Rdwx}N
z=Bn`aJzka-y^%|?LAxJN{<7!hT`(7s;wShwOm~Rs;?78uxN2?skb<j`S`bD1{VZ3v
z;isWW_my=*yhh!UqD2w6MtIhn+5D4NOW{)PO(^6p6S)SjSy5FsEGAxT_DO4bN+Er$
zHTi1SNn7}Uor%@G%vH;j_alIp@6(t+1Wq=M%lZm*J(O=^cD4s+>(M)Og}xqsHgXQ}
z*OtXj<?303(OulGT&~EX`Pg{pq$!9(I)@Q>Vc^1x!+4xMU9-RP&!eaxAuSf+23p4P
zwHQlZF6#cQaLc`axW3el(Tk(gnZ4qxrHjdlKThewn)RKJVZpw{1u0GI>ivFy7P_wb
zyXLF_S1fOh`>w@2S?YW(hrzB)PJ^v&a;fh))M_qerQr4#3$0SSf{7x<rFzOhtfv}%
z#$4GkL|tS;5RGyNE=0odP92(0s_^HP+p9<|zH!=+`M?E=e*VS>XV1my)!FH78xv2Z
z&zV+5KK)_AJt0a5hE=aaat_3Fu^7X}w4au9hT{543>mZm2GP^GWoQBkPBPnbB8`x5
zg+7j;J9xmNgCsA}bvB?C-o`bxCbMG9`Pt9oM5B);E74pop^I0i$lxSO)eQ_u!sKg9
z<Mr022PKv+5>)s)Fmo#tlvtSm{YP(S-0{$lh1R*e<5a#whKNVp=t*&nSDnzO;jn(h
zez1^dV?R9ybZ3$--+Q!GI5yGxs#QJ8S^tLS6}6_lur$*Mk-`lwmD07h767Hhas~&}
z7?Ju@PbDgAKDbE2xaXm-0!db$G}1YWWe<WqT&A(ko0H4YE5i3foTk65pBp1(*Y)a*
zzHK(@s1+1j(#K=E)rt1TU6d4`v*p{;mpzX@76tWEgtI%*rvN*<$(n5$&qU4;700*P
zH9Gc7Rw;u#!{%eU)cK>P@8F&*xXsUYYxz<>fR!_~C0Y62odihPVxnSXUL*8*TS?jo
ze3bFw=)tizpy??!;d<v=wOVZH>Xc!&y?ypzyo+LeXd=vQbr8Ja=I>xMOV}>>fP+i_
z15qZ7I}wwI@Jd7q?mV4VX#9r9z8|P_8ALK2^oaLI)C3~s{NB*rU7yZ6o3%^W<nQO+
z;5RR^Qr1E8|Bg#Wgfg2D3&0x?1PB250&V~zkfMK!oXQBuIlF*hUlC<B6*V+k8Hqw8
zQL0D+B<%MR99Bkvc>O|dARypZyZW~R{9iGBv_9fFCyTc>yucE?Q|+PAEO|NL|A}dF
zK*=%aykGZ7r&&WQ|LJ@p0lcW+{&O*FZ;IPheI^)=TYg{jDlf%^eVrrQpnZ~t-BdlR
z0b^iEaOu;ME1H=5xOtWvbIrUQBTsCXV=h|3`{%YQ4U_wowbDo3y<x7=5kdWC1pHu4
z2u*=Xr(4pz2puZBtXTPo!@_SLfeKw72_-iEdwCTB<IH`~QmM&){}|$x1F}2*Mf4iy
z=Tw+Z<hKl}KI<onz18x)Qz@6#$}jS{hkWvFe@LuXYNjQg`_yFmgrQ=zC7&kUk@xI$
z1Os;yp0z?$e(xxzvrTj0`Q>L+ZX-7BI6h=3zowQl%6SRI2q_wrTHpDGQ_ZOLFuyQu
zodjNqR=4Y%D)d6>zYtYnRa7*Cl0ckQ(>7%T=TUb#0<uc)D=ZD7<^^SLBD~3*AxSi@
z@fNpO#`aU)EN;Ge{opa32}oj$32|&adkCjk%9B%*{)crpEb`jbeYRPMkPxntdZW5w
z9A)}7u+~}W<mk1kP|*Fqc%EiwA`H^D7t+{yI!q7usL}}YN&XWXG9z!bZWh4EWy3K!
zUwufgz+koG%tc6+Yt#awy8dQ(ytV|peWR13X5Ut|-EffWUBde)VGE<Xah@MpOMl$m
z9&M2HlG7UTS07l%Ja5xaZW2M+ntL8grf#~u@?|v}PyKKJAOY@$QtePQ{zeOh&9sbE
z4L@az{o2);Y}MrIC{8mLF?Z~fguOYp!9NN%!N$6n(C6_a#n5yVIwA$|$V#!~r6UH$
zXTb;jB1e^|BZlB9^h#<X(67S1r;uU^)eFnym91B&ye(GGc-czWFZ51qdqDY~8fUJm
zl6uQ^tyOQ=D!yLzifL}SN!!|1veoBw$7lraMWn5nV7EY?j@9NUX=%^!Ag;bk`ce2-
ztF%S0yMdnWdfZgf1zMT^iY>^;VWy03WP$An?t5lijH{p!r1X|mkioY(7Oi!WNfJb#
zHD~Wzt2uu6d;TJ!s_RXoeA61g+ahA05Iop7C&D6Gxy!xkXz?&T)hHP@JHLvBD!zc|
z!D7dx`O~E|Y9!htw-Fw;ebe8Xi@2f8kTtEfysFQFMNfP|gtC)8YW8z9m|Q|Vl9(Pl
zXt}5o=Xo4;F(-Y2@n3+=?m>nDIY2|f#qgIuQzUB*7NTZpM=*F2#b-zqS6KxPbW_o@
z-aUqo@xzYf!KKX^m1mQRIrg5og{e8TJ=*UUz$T@GhIrT}9)YK0>~9Cf+>D|doS_|D
z_m}8bgO2wUU$_9gQ(Y>**85=4KE^3?RlDskh>r=~3p<%Y{jAa+_JGgj=1NrFz&oLV
z<&<Wd*(ph>Yny%}i(Olv--sj4k;+Kc-`^St2n9eyzGzcV=H4W&eak3Mh!KhT39-MP
qwxepiM~_piATagJKoH_BJJWocem#<+MT=|gTC-O<$szxWn12FO&)xd~

diff --git a/integration-tests/oidc/src/main/resources/client-truststore.p12 b/integration-tests/oidc/src/main/resources/client-truststore.p12
deleted file mode 100644
index 8a9cefe2f5506a9e6d069666946da65f351d4567..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1254
zcmV<C1R47<f&}6M0Ru3C1dIj=Duzgg_YDCD0ic2eeFTC8c`$+mbufYiaRv!0hDe6@
z4FLxRpn?QqFoFbL0s#Opf&^Cv2`Yw2hW8Bt2LUi<1_>&LNQU<f0R;^(Sui*T2`Yw2
zhW8Bt1q?7N1Qe3)Ia=jK=06R~0F<A?EW{!v|GokOClCSwATSID2r7n1hW8Bu2?YQ!
z9R>+thDZTr0|Wso1Q1EXmy!{sQ9w3$<)7P>Xu5!c1K@J*PH6I8x0{Pqqka29-_=BO
z=b(@l@pPC&<lqN8;}s|?&|}?6Cho<#dX*!e74enkI#MYJk8#QuF$j)O{7?C!Uc_CQ
zd4Y^u1Vf2ci4MhG_W#%GPRZF9FsC~6g`lp6I0uRl$1L7zuYVOLO%U*8t}BYH&Gy{~
z87Ix5(wY1zpscV;;fmdLEo|Xw`>eDCB!F|Vr@xBU>H>ssax#V`Ea#uT4<0l7(j&&+
z>8N96Q;doS{2X3WsXJd^NtCP4Q-Yz!Gqj`SfCf@>{p|Gq_gqVjFWYDEMT&k7raXg7
zblF(bQRA{x_%Pu5q6xhM<kZkuPMFx3HV{b;V;GR0Ay$np%Y3l8>bXbTrt;7ja!JQ8
zAaTlr$1Ojf<wxpG&+NRMclspqcEj6ym)06xS5Pc{VAd{qZ!}zv9x*7cYgA}Z%ckD&
zJ^FBOWaZSTXnHS1fS#W+6nu!3T5Db_`%4yrSqrXMjL&l^WY5K)HkPsEEClgqwhvlk
z^ofI{&b@&6*X_I2Vn0Cfd29R=PEMjcQJi9;`|)g7QsECo5vY=0+QY2;KB2f_6|v1F
z_g-Wh`1o=|s_1bB78bC!_hd57Fm&ma5$-k1@&Pc*z@)MJ!p`KJc;yN8)9gj^%<|<5
zv;=;TIG6@uA8WWt$44~I)`G0WFx)PWBX3;)r3Jbms;@hv>M^D#jf@BkQwT#cnpC40
zv{lhfs4vrR!Ym&>$a6ZT$T4_l#%37GsLM-?q15}F5Jv)Sug_?wy~?v~68F2<D#OF|
zaV@Jn1zYI33E3@~$bt8~c^ySY(-~gX0=ybP`933|$lY}mj<Zz4ffB-u9@*XNLKQ(D
z2gH`%t(=kKGIXG4iUHxCyub55rY|&JhH-kDt`_tn456*hh|xU~5>@!+q<K}^TplT(
zJZ(^x5l#39tw|p7rxw&-m&Tx?$`kq8g6<;WxGmjo=_Q9HZLUhkrt?rr*q`1V2v0wR
z!~e5RTDuI{ar+LVW25VO5>S{3fk00m6d3hhWgn&(6|k13G%H;tv|F)sJUx<Z=WO^z
z$U%txDIDBRWDm2QO`D2<>8c>Fmuz(7pxp$F{{%8b8Cxw8&Gr5JbEcL@wz$QvmQyfZ
z2+fQ$0v}Hjfd2gJ!xD;>1-T&^d00_i$<;uioOQ?%B6V7a-l;eB)D6~-X=blEo(O|Y
zd|9l&<8N!B!K}%jQd|~+R$=S|cx;Osx>%sk^=S&F0p6DoL(tHzh$r3!{KZdNgi4hX
zdHvXu!R*f49WTD56;{Rifh5gBf5H~0)SE<}^32>3!Xc@PUa>GuFflL<1_@w>NC9O7
z1OfpC00baQkAxOrltBO@N>Z%SD_6j4oja+M8W`*p)s9dy2|dCD6q#YEw{%9ujk=$j
QRJgkIIahAWNCE;U5Vw;@eE<Le

diff --git a/integration-tests/oidc/src/main/resources/server-keystore.p12 b/integration-tests/oidc/src/main/resources/server-keystore.p12
deleted file mode 100644
index 6e476f513ef3069b1b9d8847effcbfe5095238d4..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2712
zcma);c{mjO7RP6`%n+|_LWm-w3?gDe$sjX{VJsO^hLPQnB}+4gYOE15_9bf}l%?z;
z`xX%yQe+)cmR`Bu=iaBD``5jH{Lb$=-|so+Ie&eggQUO`K|nB)0z1#fc{0KvVv8Hd
z4$Pv!6d@Ft{DFJ|Nr685FAJIpp+Ff2a`M4TV1xgsiwgz>Wl^9y2ci~|_`3tjjkH3l
z|4F%!@(=+_a?^l&GzRky$0$fj{h}w^CHo5mI>8G99z}Aoar}ECh!YAxim`FpM;HJd
z!4Tj{2=CZg{ht`VghLgHS!XL@v;qhPGVrtrL3vYxdPEM^%rGuxU2F{U4H@B~V}5DE
zt;J0BIrwD9_vo{g$DPZ5yiM2gk`7f=_MB^d@U1C!1wL3+`7%3hvf&X<(cyt%hTF<g
zn_wGr&d9Ga&a5x47{SPpH&)&1_7-1^-FfyxJ-6Z{s8Ln}AhWcXX7uHqpuYrm?2f^%
zn&UuFq3fZ#^DK2j_tW!S<(+b|Y=K`<PBtaf*2qsb-vvy0?LW^=0Lo}|Tw4}6cWhkb
zrNx#n(`;$%x|&gKiX4AnPwp#|x1m$2agufVir+4rP)`W@5TYtNMKi`dIl`IH42mKi
zUcD4~m-{}N%J{YC``9Y)#+5fl=c7Wm)SbuYTYY0#*527%DnLW$THSKQplBWLCFQC0
z_MXYi9TVHo(hp%k0b%9MLxH3#fp_|8k19h<do*V;Ix+?Q>xF|&uzBIq<?Ymch~5A}
zresA@R+dLu$McYaj5%=y+N|X5af1p~1)bjhfc2VC9o^GkXvKk1tzwax;YIa96XXZ+
zaC}&NjLJL1i|044_(PvH25-T@&eHrA>qhd4=Ol)EVETKXhEn^)UkbtRf%>lP`lUa^
zhFA674XYl1DcqI!-bow&BTs7|zP6DMCzxbAI?8`N&dMX2UhC^V9J3l-w0kG+3|_-r
zM2?@lm}KD}wt1nhzyi5&^BUn<#f&h6M(V`Lp{kYkX0$mf*$bwKod)I58X~JD;EiUj
zZi413<jnW7P|oLoJ9_wiZl_)O#bqcO5Pg5>y?yVC;$zsWcpH>lsw`n$@#<pk!_{Bv
zdzPCri`8^@;b0PRynfZW8iy2Nq?+av{q?#aURdc^75_w3hIhNM=2ocOT!n~paE3WO
zyIk8l$6`P6D1++w12HO=)z?_0^Tv24>fswDvx*iN-N<bxNe2fC-+r&6`~8vLW{y0U
z7tw_rd|Rs$eN%MG_u9zShX^GiL1=(uyOd~TVx#l-j|VO*li{)1P(8tX;Q*(#wAseq
zh{oat)5q&339AkP4yaTbnlDOv>4tn!DFF^&Z9F8@kMoDLX<;QN#_o4#8>bJk8{(-q
zhPRemWGEsrIq5qo9S_6SVWbrn`(BHF#%pnnVj2m2#b0#QI}I<0(@Ik~SU`Zifv_wc
zM6bWqGl{rbhU%K1;*-@ZTXU1wnqDm;?atZAmdbH2{ry>@AZBmrL`2Q9b(2qv3~KlL
z-H@`}To-iJ^OVn4#~P1E`|69`jG0y$%FVtVfB*<e_D|jNc4&Y7z${-`^2YU_Lq)Z+
z{h^n4L2=F$R(l1DHR+eYu!0E|R_MhvNpOgAs?8wRcAa1Fo0%6n>lz<9H3rE*Q2ZN{
z`VU8Aiao<<I-oa29DLL1`B(Skq*5qbe%k|cbLN8U4N_Tr4B_~@iG1;|wI<L)JNi=9
zH1=zdcpN=#DC*|A9nM&1{)-jd-HtJu!TCky$H2ITU}0tYM7=rh&{um<9&7-{SyOzj
z@4PpW>U2%$J(t+M=^#;Wz~wbjTLatZ0l~G7g~t*mHWRMmmQrd@9|)ZIfO^%??=mye
zvQuMW13An|YW265u-qNjdcIjg-mtJG85E7YO$k3QybwPUS;eoL9Joushu#k9c9-_=
zzwj}hf-QAc(m{&;#wDkK(jjp!fDgbC;0^HmCn6>Pn1V_I5I!8q&GD$xS>>~5&M2uP
zHI&tqkras6?;>`#EDFToKq7#EfP)YJ#{vE?Oa~8n+c2`?j#Pt$YvJ?y*tGRyp8pS~
zwL0~N&0<fMO%Mp$)&au{VH7YEzn|*Dt4+-=B~~OM7H|4o|0@|4(`!|=;8KI-p3Loy
z9~>q1<e2;Fj$AAh%|bEDKH{%4Trb5Lj1^o>K6g8uj`oP)HdTP0n_fdcAKJO}G|_Rd
zDAGZRraBbGm$&HIb~R@^=rRpKPEN>REpTqMt$$y~I7o^^62-bp)~vJh4o{rah*aI&
z{t|qG)0)~^!q4lD+-B>X<+ni>GFL>lODM~u%^lTkhF8ct<6=c8&pP!VJ*HVGVaC0s
zwU)o91s+5PFY_uq-_6m}2E5oGfY0nVdj!c*FEKB}ZokEo?Q?-MHq6t}9hT<Zb#4Q4
zr<IE&`R_Xfo+@Jr6&!!g*f7H~PI=`}Wk!G*>^f+~t+-DjDpJ_LEM!vJMg_j^kC`{O
z;}3Z39`cmc6daIk8XV#<>*e8najU}<^f+(wR{I-(t=oh(19z((9`PzOIWozi3*VoI
zjYQ=Ip3+=xsc3n$n)^}SN}~7g@Ve)7#?&qUsi+MysWUCas38&J?qAR-@+m;}RAXRM
z!SNR5j*SP?32q@yC1&lf(rDR*9?fgad^O)tqpDY{gwoDWkkHOq9#NaIkWKoFmhc3G
zJQrFBYA8x#A74$)sO|j>&RaUf_|j*-CnX`pS|QK9Zz%8Q8Gdo@dUyC%ZSa${#YG`S
z54qSQLW|9Jcq%!Tz=m_nc9A3SQ>TMDW!|aM=4M(Lc3J7OZ*4DFR>uxUEV>S-H&9;J
z-+weqbCbO<J2-F6JdNqPrH07I>v}Pn)=Xl!=8cbMQj<xLMB*#wBW89V$gz4lwK+VO
z(vr+|eK5FO(US{RcRe9KWuDOps<WblorQ|6tVD1C<ajlvm_N<cBl08Pv}D8tak;CP
zc-l3i+r&o*9$xktoM9ic!h_cUZ$%Ga>N=b03N{loJ_T^4CAOTfIM5ZkBQJmzRx>EI
z1D2zhRd<JzobTDU_Lul6J804y%yR(+%yB6UgZz_q{L?kUW4oT+uQqy4)-J{Nf%c4?
zxkenp-O*=#9zOD}+V*FAM=R}Eb53~eY2$n99$&PlyJnqDIZ!ZDL%S5F?UGCwZ&(Q*
zkj?VR8FTuqi;U$N))eh1y*7R0US>OQlEQ{7I(t~5)TrhOCBXi@G`B7(bE}{RjJ(Av
zK{!Z{*5Jses)$29<N&v#dTQ!=-IJC0@NYt0^~cWcWmAGf=ik$rPU6J{-^;e^=fOJD
z(Qzg+9dcbWHEn0n&D5}<Z;SRZ(1%uv-{K@))^5|MI&6j1FhYrgZ66enPVViV^!Q=1
zhGN?=i(Q=KSHHhzfID#XfTP7I5`$Dia{s>8KtLz}a`Z`NFDB5-f6~#h$z?>tk2mTg
r(6pTGb=TNS6F-FhTQ7)!_{}K}lhHeo`E|*eIZ$)GePKP$e-QI8L_6xT

diff --git a/integration-tests/oidc/src/main/resources/server-truststore.p12 b/integration-tests/oidc/src/main/resources/server-truststore.p12
deleted file mode 100644
index d006d5d2dd43e1f3fb281ef9b0f70b62366d55d5..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1238
zcmV;{1S$J4f&|h60Ru3C1bhYwDuzgg_YDCD0ic2eZ3Kb@X)uBWWiWySVFn2*hDe6@
z4FLxRpn?QaFoFb50s#Opf&@nf2`Yw2hW8Bt2LUi<1_>&LNQU<f0R;^(Sui*T2`Yw2
zhW8Bt1q?7N1QcrpJAwHxm~i;|w0kthU=YtJU)ur#ClCSwATSID2r7n1hW8Bu2?YQ!
z9R>+thDZTr0|Wso1Q02uTHfVto}cs>t6EcWV+4SL1JHTWWGObIPYjLO($cJE!p6hQ
zyi+RQq~7$Nt0^uplY-(Qg*6&o;t56~ILD{z`oq)>kGQ3aU4F?EVOGuP(4I7CGNb9H
zTH2%*k*_ys=fAZ@84#4HBY(?RIWiCfX0q#fiz*Anw@O0D*vt?B{pe<Qr^RiyMJN=m
zS-Le=zaO;%l!mT@_RYqd$_^^!xpVU_c~6&_OVyZ$Cj(eWCO$+DmM@``X=e7wgfGQc
z%f{)ex8N7j`Cdk6R4tF*c{eKBGdZu=1AeQ9)#yUSSm}jR%CKj_eEu717v0H~RR#Nl
z;H`d=@R=C<*;7}_U|z~?8JlyJ71f7jJ(`~BKK0b7X!?R9;?@B9MZT<a5K@Ml+F@^E
z0ToCVB?|ah6{WX3H=ELrCUp8Xt-yKUIN1-j?e-Nr63;0n=gLqpX@>y7)3H8giqX*t
zoT3ziOQh{2IPUSW&+Uuz@+3-;(^QJI$S#}t`=Q8Bq(7B{WFq;I#E+cwSBc3cnMtgM
z?#Orx%n<2uc)~A>{`G;Hm5z2WwDhRNUv1I~NLz7O1$QD-+SDA{u#V^x2`|$mq8`?Z
z0Vhkh8FpP0!X8ob)ZDYc1Yxe|{`ls#`zpl<9AIVdJYRhDlb3lzS=`jOFK4-f#;#u3
zjo|d+yzb#twx(gwwUccyB)!L<8gqo2X~a72Q{sQ796U~JBN*s1L&~w~hCBzj?F{!`
zSf@7eSq=g#DI<!OGXuQm&Zee3S9x}`O&ged81j$j&GsVmar#$Gi32OhFdsMwJhydk
zZa`>M2uufUIge<0RokWUH8USq;@uG4{?P}0dJQckA99BxrachA&KuYkzx<`~)CrtP
z@{uVebFGAQVA7=e+T)#Jf&8gJFYOvL=w7`OQw=)}`)_7!%waE?$18Pf*VwKa`D^s;
zz>m%2vdIz=g|l$x;9-eiLMoV|h)rGHr@F+9QhO;@xw+Zb@ge@w>mYRN#yqaMJ5S?e
zyXyfY!7D;EfU#NAbonIFa{)S@=!;7THxu<tJaf@(9p&?yTlG35#{*|vCj`tCf#y+&
z*ev6H$qB0)63&dyXL;4PjBQXs>f^N5D>={aVO4Cw%D8-N>fNn6c*%CifI$g8ony^L
za~KHBLb*MoAjFT3^Yh{U(Qm25G?a~UeD3INpyWw3B})@0^e7e0<hm=``dUe{Cf7Q8
z4j(#Bj17=rvSB$%s-p_+q_ujw*}Wp<s3Bk3gHJ>Ic2^c)g%T<rYSzEZSYi_|={kA2
z7-8;@cx7>fb;yurIc`ywk#<4b3F<ISFflL<1_@w>NC9O71OfpC00bafVWNS|wp1wX
zyU_TEQ5xQ0(1XIrK!>`w9r$zbKD_q?6k{F#kOL?OfWpAH=<&{v*odT2lL7)K5Nth0
A8vp<R

diff --git a/integration-tests/oidc/src/main/resources/upconfig.json b/integration-tests/oidc/src/main/resources/upconfig.json
deleted file mode 100644
index 8487089bc90fd..0000000000000
--- a/integration-tests/oidc/src/main/resources/upconfig.json
+++ /dev/null
@@ -1,60 +0,0 @@
-{
-	"attributes": [
-		{
-			"name": "username",
-			"displayName": "${username}",
-			"permissions": {
-				"view": ["admin", "user"],
-				"edit": ["admin", "user"]
-			},
-			"validations": {
-				"length": { "min": 3, "max": 255 },
-				"username-prohibited-characters": {},
-				"up-username-not-idn-homograph": {}
-			}
-		},
-		{
-			"name": "email",
-			"displayName": "${email}",
-			"permissions": {
-				"view": ["admin", "user"],
-				"edit": ["admin", "user"]
-			},
-			"validations": {
-				"email" : {},
-				"length": { "max": 255 }
-			}
-		},
-		{
-			"name": "firstName",
-			"displayName": "${firstName}",
-			"permissions": {
-				"view": ["admin", "user"],
-				"edit": ["admin", "user"]
-			},
-			"validations": {
-				"length": { "max": 255 },
-				"person-name-prohibited-characters": {}
-			}
-		},
-		{
-			"name": "lastName",
-			"displayName": "${lastName}",
-			"permissions": {
-				"view": ["admin", "user"],
-				"edit": ["admin", "user"]
-			},
-			"validations": {
-				"length": { "max": 255 },
-				"person-name-prohibited-characters": {}
-			}
-		}
-	],
-	"groups": [
-		{
-			"name": "user-metadata",
-			"displayHeader": "User metadata",
-			"displayDescription": "Attributes, which refer to user metadata"
-		}
-	]
-}
\ No newline at end of file
diff --git a/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/AbstractBearerTokenAuthorizationTest.java b/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/AbstractBearerTokenAuthorizationTest.java
index a1ec95be5d378..608e8af04fceb 100644
--- a/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/AbstractBearerTokenAuthorizationTest.java
+++ b/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/AbstractBearerTokenAuthorizationTest.java
@@ -16,7 +16,9 @@
 
 public abstract class AbstractBearerTokenAuthorizationTest {
 
-    KeycloakTestClient client = new KeycloakTestClient(new Tls());
+    KeycloakTestClient client = new KeycloakTestClient(
+            new Tls("target/certificates/oidc-client-keystore.p12",
+                    "target/certificates/oidc-client-truststore.p12"));
 
     @Test
     public void testSecureAccessSuccessWithCors() {
diff --git a/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/KeycloakXTestResourceLifecycleManager.java b/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/KeycloakXTestResourceLifecycleManager.java
index 57e855d482d07..dc9863d595683 100644
--- a/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/KeycloakXTestResourceLifecycleManager.java
+++ b/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/KeycloakXTestResourceLifecycleManager.java
@@ -22,7 +22,9 @@ public class KeycloakXTestResourceLifecycleManager
     private static final String KEYCLOAK_REALM = "quarkus";
     private static final String KEYCLOAK_SERVICE_CLIENT = "quarkus-app";
 
-    final KeycloakTestClient client = new KeycloakTestClient(new Tls());
+    final KeycloakTestClient client = new KeycloakTestClient(
+            new Tls("target/certificates/oidc-client-keystore.p12",
+                    "target/certificates/oidc-client-truststore.p12"));
 
     @Override
     public Map<String, String> start() {
diff --git a/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/WebsocketOidcTestCase.java b/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/WebsocketOidcTestCase.java
index 3a75d88294dc4..3c3323e40562d 100644
--- a/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/WebsocketOidcTestCase.java
+++ b/integration-tests/oidc/src/test/java/io/quarkus/it/keycloak/WebsocketOidcTestCase.java
@@ -27,7 +27,9 @@ public class WebsocketOidcTestCase {
     @TestHTTPResource("secured-hello")
     URI wsUri;
 
-    KeycloakTestClient client = new KeycloakTestClient(new Tls());
+    KeycloakTestClient client = new KeycloakTestClient(
+            new Tls("target/certificates/oidc-client-keystore.p12",
+                    "target/certificates/oidc-client-truststore.p12"));
 
     @Test
     public void websocketTest() throws Exception {
diff --git a/test-framework/keycloak-server/src/main/java/io/quarkus/test/keycloak/client/KeycloakTestClient.java b/test-framework/keycloak-server/src/main/java/io/quarkus/test/keycloak/client/KeycloakTestClient.java
index 55d2b70561e22..f510c3dac6ec3 100644
--- a/test-framework/keycloak-server/src/main/java/io/quarkus/test/keycloak/client/KeycloakTestClient.java
+++ b/test-framework/keycloak-server/src/main/java/io/quarkus/test/keycloak/client/KeycloakTestClient.java
@@ -455,6 +455,9 @@ public record Tls(String keystore, String keystorePassword,
         public Tls() {
             this("client-keystore.p12", "password", "client-truststore.p12", "password");
         }
-    };
 
+        public Tls(String keystore, String truststore) {
+            this(keystore, "password", truststore, "password");
+        }
+    };
 }