use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.
the class X509BrowserCRLTest method loginFailedWithIntermediateRevocationListFromFile.
@Test
public void loginFailedWithIntermediateRevocationListFromFile() {
// Not possible to test file CRL on undertow at this moment - jboss config dir doesn't exist
ContainerAssume.assumeNotAuthServerUndertow();
X509AuthenticatorConfigModel config = new X509AuthenticatorConfigModel().setCRLEnabled(true).setCRLRelativePath(INTERMEDIATE_CA_CRL_PATH).setConfirmationPageAllowed(true).setMappingSourceType(SUBJECTDN_EMAIL).setUserIdentityMapperType(USERNAME_EMAIL);
AuthenticatorConfigRepresentation cfg = newConfig("x509-browser-config", config.getConfig());
String cfgId = createConfig(browserExecution.getId(), cfg);
Assert.assertNotNull(cfgId);
assertLoginFailedDueRevokedCertificate();
}
use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.
the class X509BrowserCRLTest method loginWithMultipleRevocationLists.
@Test
public void loginWithMultipleRevocationLists() {
X509AuthenticatorConfigModel config = new X509AuthenticatorConfigModel().setCRLEnabled(true).setCRLRelativePath(CRLRule.CRL_RESPONDER_ORIGIN + "/" + EMPTY_CRL_PATH + Constants.CFG_DELIMITER + CRLRule.CRL_RESPONDER_ORIGIN + "/" + INTERMEDIATE_CA_CRL_PATH).setConfirmationPageAllowed(true).setMappingSourceType(SUBJECTDN_EMAIL).setUserIdentityMapperType(USERNAME_EMAIL);
AuthenticatorConfigRepresentation cfg = newConfig("x509-browser-config", config.getConfig());
String cfgId = createConfig(browserExecution.getId(), cfg);
Assert.assertNotNull(cfgId);
assertLoginFailedDueRevokedCertificate();
}
use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.
the class X509BrowserCRLTest method loginFailedWithInvalidSignatureCRL.
@Test
public void loginFailedWithInvalidSignatureCRL() {
X509AuthenticatorConfigModel config = new X509AuthenticatorConfigModel().setCRLEnabled(true).setCRLRelativePath(CRLRule.CRL_RESPONDER_ORIGIN + "/" + INTERMEDIATE_CA_INVALID_SIGNATURE_CRL_PATH).setConfirmationPageAllowed(true).setMappingSourceType(SUBJECTDN_EMAIL).setUserIdentityMapperType(USERNAME_EMAIL);
AuthenticatorConfigRepresentation cfg = newConfig("x509-browser-config", config.getConfig());
String cfgId = createConfig(browserExecution.getId(), cfg);
Assert.assertNotNull(cfgId);
// Verify there is an error message because of invalid CRL signature
assertLoginFailedWithExpectedX509Error("Certificate validation's failed.\nSignature length not correct");
}
use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.
the class X509BrowserCRLTest method loginFailedWithRevocationListFromDistributionPoints.
@Test
public void loginFailedWithRevocationListFromDistributionPoints() {
X509AuthenticatorConfigModel config = new X509AuthenticatorConfigModel().setCRLEnabled(true).setCRLDistributionPointEnabled(true).setConfirmationPageAllowed(true).setMappingSourceType(SUBJECTDN_EMAIL).setUserIdentityMapperType(USERNAME_EMAIL);
AuthenticatorConfigRepresentation cfg = newConfig("x509-browser-config", config.getConfig());
String cfgId = createConfig(browserExecution.getId(), cfg);
Assert.assertNotNull(cfgId);
assertLoginFailedDueRevokedCertificate();
}
use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.
the class InitialFlowsTest method compareAuthConfig.
private void compareAuthConfig(AuthenticationExecutionInfoRepresentation expected, AuthenticationExecutionInfoRepresentation actual) {
AuthenticatorConfigRepresentation cfg1 = expectedConfigs.get(expected.getProviderId());
AuthenticatorConfigRepresentation cfg2 = configs.get(actual.getAuthenticationConfig());
if (cfg1 == null && cfg2 == null) {
return;
}
Assert.assertEquals("Execution configuration alias", cfg1.getAlias(), cfg2.getAlias());
Assert.assertEquals("Execution configuration params", cfg1.getConfig(), cfg2.getConfig());
}
Aggregations