Example 6 with HmacOTP
use of org.keycloak.models.utils.HmacOTP in project keycloak by keycloak.
the class AppInitiatedActionTotpSetupTest method setupOtpPolicyChangedHotp.
@Test
public void setupOtpPolicyChangedHotp() {
RealmRepresentation realmRep = adminClient.realm("test").toRepresentation();
RealmBuilder.edit(realmRep).otpLookAheadWindow(0).otpDigits(6).otpPeriod(30).otpType(OTPCredentialModel.HOTP).otpAlgorithm(HmacOTP.HMAC_SHA1).otpInitialCounter(0);
adminClient.realm("test").update(realmRep);
doAIA();
loginPage.login("test-user@localhost", "password");
totpPage.assertCurrent();
String totpSecret = totpPage.getTotpSecret();
HmacOTP otpgen = new HmacOTP(6, HmacOTP.HMAC_SHA1, 1);
totpPage.configure(otpgen.generateHOTP(totpSecret, 0));
String sessionId = events.expectRequiredAction(EventType.UPDATE_TOTP).assertEvent().getDetails().get(Details.CODE_ID);
// RequestType reqType = appPage.getRequestType();
assertKcActionStatus(SUCCESS);
EventRepresentation loginEvent = events.expectLogin().session(sessionId).assertEvent();
oauth.openLogout();
events.expectLogout(loginEvent.getSessionId()).assertEvent();
loginPage.open();
loginPage.login("test-user@localhost", "password");
String token = otpgen.generateHOTP(totpSecret, 1);
loginTotpPage.login(token);
assertKcActionStatus(null);
events.expectLogin().assertEvent();
oauth.openLogout();
events.expectLogout(null).session(AssertEvents.isUUID()).assertEvent();
// test lookAheadWindow
realmRep = adminClient.realm("test").toRepresentation();
RealmBuilder.edit(realmRep).otpLookAheadWindow(5).otpDigits(6).otpPeriod(30).otpType(OTPCredentialModel.HOTP).otpAlgorithm(HmacOTP.HMAC_SHA1).otpInitialCounter(0);
adminClient.realm("test").update(realmRep);
loginPage.open();
loginPage.login("test-user@localhost", "password");
token = otpgen.generateHOTP(totpSecret, 4);
loginTotpPage.assertCurrent();
loginTotpPage.login(token);
assertKcActionStatus(null);
events.expectLogin().assertEvent();
// Revert
realmRep = adminClient.realm("test").toRepresentation();
RealmBuilder.edit(realmRep).otpLookAheadWindow(1).otpDigits(6).otpPeriod(30).otpType(OTPCredentialModel.TOTP).otpAlgorithm(HmacOTP.HMAC_SHA1).otpInitialCounter(0);
adminClient.realm("test").update(realmRep);
}
Also used :
HmacOTP(org.keycloak.models.utils.HmacOTP)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
EventRepresentation(org.keycloak.representations.idm.EventRepresentation)
Test(org.junit.Test)
Aggregations
HmacOTP (org.keycloak.models.utils.HmacOTP)6
Test (org.junit.Test)3
RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)3
OTPPolicy (org.keycloak.models.OTPPolicy)2
TimeBasedOTP (org.keycloak.models.utils.TimeBasedOTP)2
EventRepresentation (org.keycloak.representations.idm.EventRepresentation)2
Before (org.junit.Before)1
UserCredentialModel (org.keycloak.models.UserCredentialModel)1
OTPCredentialModel (org.keycloak.models.credential.OTPCredentialModel)1
OTPCredentialData (org.keycloak.models.credential.dto.OTPCredentialData)1
OTPSecretData (org.keycloak.models.credential.dto.OTPSecretData)1
AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)1
