Search in sources :

Example 31 with AuthenticatorConfigRepresentation

use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.

the class X509BrowserCRLTest method loginFailedWithIntermediateRevocationListFromFile.

@Test
public void loginFailedWithIntermediateRevocationListFromFile() {
    // Not possible to test file CRL on undertow at this moment - jboss config dir doesn't exist
    ContainerAssume.assumeNotAuthServerUndertow();
    X509AuthenticatorConfigModel config = new X509AuthenticatorConfigModel().setCRLEnabled(true).setCRLRelativePath(INTERMEDIATE_CA_CRL_PATH).setConfirmationPageAllowed(true).setMappingSourceType(SUBJECTDN_EMAIL).setUserIdentityMapperType(USERNAME_EMAIL);
    AuthenticatorConfigRepresentation cfg = newConfig("x509-browser-config", config.getConfig());
    String cfgId = createConfig(browserExecution.getId(), cfg);
    Assert.assertNotNull(cfgId);
    assertLoginFailedDueRevokedCertificate();
}
Also used : X509AuthenticatorConfigModel(org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel) Matchers.containsString(org.hamcrest.Matchers.containsString) AuthenticatorConfigRepresentation(org.keycloak.representations.idm.AuthenticatorConfigRepresentation) Test(org.junit.Test)

Example 32 with AuthenticatorConfigRepresentation

use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.

the class X509BrowserCRLTest method loginWithMultipleRevocationLists.

@Test
public void loginWithMultipleRevocationLists() {
    X509AuthenticatorConfigModel config = new X509AuthenticatorConfigModel().setCRLEnabled(true).setCRLRelativePath(CRLRule.CRL_RESPONDER_ORIGIN + "/" + EMPTY_CRL_PATH + Constants.CFG_DELIMITER + CRLRule.CRL_RESPONDER_ORIGIN + "/" + INTERMEDIATE_CA_CRL_PATH).setConfirmationPageAllowed(true).setMappingSourceType(SUBJECTDN_EMAIL).setUserIdentityMapperType(USERNAME_EMAIL);
    AuthenticatorConfigRepresentation cfg = newConfig("x509-browser-config", config.getConfig());
    String cfgId = createConfig(browserExecution.getId(), cfg);
    Assert.assertNotNull(cfgId);
    assertLoginFailedDueRevokedCertificate();
}
Also used : X509AuthenticatorConfigModel(org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel) Matchers.containsString(org.hamcrest.Matchers.containsString) AuthenticatorConfigRepresentation(org.keycloak.representations.idm.AuthenticatorConfigRepresentation) Test(org.junit.Test)

Example 33 with AuthenticatorConfigRepresentation

use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.

the class X509BrowserCRLTest method loginFailedWithInvalidSignatureCRL.

@Test
public void loginFailedWithInvalidSignatureCRL() {
    X509AuthenticatorConfigModel config = new X509AuthenticatorConfigModel().setCRLEnabled(true).setCRLRelativePath(CRLRule.CRL_RESPONDER_ORIGIN + "/" + INTERMEDIATE_CA_INVALID_SIGNATURE_CRL_PATH).setConfirmationPageAllowed(true).setMappingSourceType(SUBJECTDN_EMAIL).setUserIdentityMapperType(USERNAME_EMAIL);
    AuthenticatorConfigRepresentation cfg = newConfig("x509-browser-config", config.getConfig());
    String cfgId = createConfig(browserExecution.getId(), cfg);
    Assert.assertNotNull(cfgId);
    // Verify there is an error message because of invalid CRL signature
    assertLoginFailedWithExpectedX509Error("Certificate validation's failed.\nSignature length not correct");
}
Also used : X509AuthenticatorConfigModel(org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel) Matchers.containsString(org.hamcrest.Matchers.containsString) AuthenticatorConfigRepresentation(org.keycloak.representations.idm.AuthenticatorConfigRepresentation) Test(org.junit.Test)

Example 34 with AuthenticatorConfigRepresentation

use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.

the class X509BrowserCRLTest method loginFailedWithRevocationListFromDistributionPoints.

@Test
public void loginFailedWithRevocationListFromDistributionPoints() {
    X509AuthenticatorConfigModel config = new X509AuthenticatorConfigModel().setCRLEnabled(true).setCRLDistributionPointEnabled(true).setConfirmationPageAllowed(true).setMappingSourceType(SUBJECTDN_EMAIL).setUserIdentityMapperType(USERNAME_EMAIL);
    AuthenticatorConfigRepresentation cfg = newConfig("x509-browser-config", config.getConfig());
    String cfgId = createConfig(browserExecution.getId(), cfg);
    Assert.assertNotNull(cfgId);
    assertLoginFailedDueRevokedCertificate();
}
Also used : X509AuthenticatorConfigModel(org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel) Matchers.containsString(org.hamcrest.Matchers.containsString) AuthenticatorConfigRepresentation(org.keycloak.representations.idm.AuthenticatorConfigRepresentation) Test(org.junit.Test)

Example 35 with AuthenticatorConfigRepresentation

use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.

the class InitialFlowsTest method compareAuthConfig.

private void compareAuthConfig(AuthenticationExecutionInfoRepresentation expected, AuthenticationExecutionInfoRepresentation actual) {
    AuthenticatorConfigRepresentation cfg1 = expectedConfigs.get(expected.getProviderId());
    AuthenticatorConfigRepresentation cfg2 = configs.get(actual.getAuthenticationConfig());
    if (cfg1 == null && cfg2 == null) {
        return;
    }
    Assert.assertEquals("Execution configuration alias", cfg1.getAlias(), cfg2.getAlias());
    Assert.assertEquals("Execution configuration params", cfg1.getConfig(), cfg2.getConfig());
}
Also used : AuthenticatorConfigRepresentation(org.keycloak.representations.idm.AuthenticatorConfigRepresentation)

Aggregations

AuthenticatorConfigRepresentation (org.keycloak.representations.idm.AuthenticatorConfigRepresentation)53 Test (org.junit.Test)43 Matchers.containsString (org.hamcrest.Matchers.containsString)36 X509AuthenticatorConfigModel (org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel)24 OAuthClient (org.keycloak.testsuite.util.OAuthClient)18 Response (javax.ws.rs.core.Response)7 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)6 HashMap (java.util.HashMap)5 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)4 AuthenticationExecutionInfoRepresentation (org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation)4 AuthenticationFlowRepresentation (org.keycloak.representations.idm.AuthenticationFlowRepresentation)4 AssertEvents (org.keycloak.testsuite.AssertEvents)4 NotFoundException (javax.ws.rs.NotFoundException)2 LinkedHashMap (java.util.LinkedHashMap)1 Ignore (org.junit.Ignore)1 AuthenticationManagementResource (org.keycloak.admin.client.resource.AuthenticationManagementResource)1 RealmResource (org.keycloak.admin.client.resource.RealmResource)1 MultivaluedHashMap (org.keycloak.common.util.MultivaluedHashMap)1 AuthenticationExecutionModel (org.keycloak.models.AuthenticationExecutionModel)1 AuthenticationFlowModel (org.keycloak.models.AuthenticationFlowModel)1