Search in sources :

Example 71 with EventRepresentation

use of org.keycloak.representations.idm.EventRepresentation in project keycloak by keycloak.

the class RequiredActionEmailVerificationTest method verifyEmailNewBrowserSession.

@Test
public void verifyEmailNewBrowserSession() throws IOException, MessagingException {
    loginPage.open();
    loginPage.login("test-user@localhost", "password");
    verifyEmailPage.assertCurrent();
    Assert.assertEquals(1, greenMail.getReceivedMessages().length);
    MimeMessage message = greenMail.getLastReceivedMessage();
    String verificationUrl = getPasswordResetEmailLink(message);
    AssertEvents.ExpectedEvent emailEvent = events.expectRequiredAction(EventType.SEND_VERIFY_EMAIL).detail("email", "test-user@localhost");
    EventRepresentation sendEvent = emailEvent.assertEvent();
    String mailCodeId = sendEvent.getDetails().get(Details.CODE_ID);
    driver.manage().deleteAllCookies();
    driver.navigate().to(verificationUrl.trim());
    proceedPage.assertCurrent();
    proceedPage.clickProceedLink();
    infoPage.assertCurrent();
    events.expectRequiredAction(EventType.VERIFY_EMAIL).user(testUserId).detail(Details.CODE_ID, Matchers.not(Matchers.is(mailCodeId))).client(// the "test-app" client specified in loginPage.open() is expected
    oauth.getClientId()).detail(Details.REDIRECT_URI, Matchers.any(String.class)).assertEvent();
    infoPage.assertCurrent();
    assertEquals("Your email address has been verified.", infoPage.getInfo());
    loginPage.open();
    loginPage.assertCurrent();
}
Also used : MimeMessage(javax.mail.internet.MimeMessage) AssertEvents(org.keycloak.testsuite.AssertEvents) EventRepresentation(org.keycloak.representations.idm.EventRepresentation) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest) AuthenticationSessionFailoverClusterTest(org.keycloak.testsuite.cluster.AuthenticationSessionFailoverClusterTest)

Example 72 with EventRepresentation

use of org.keycloak.representations.idm.EventRepresentation in project keycloak by keycloak.

the class EntitlementAPITest method testInvalidTokenSignature.

@Test
public void testInvalidTokenSignature() throws Exception {
    RealmEventsConfigRepresentation eventConfig = getRealm().getRealmEventsConfig();
    eventConfig.setEventsEnabled(true);
    eventConfig.setEnabledEventTypes(Arrays.asList(EventType.PERMISSION_TOKEN_ERROR.name()));
    getRealm().updateRealmEventsConfig(eventConfig);
    ClientResource client = getClient(getRealm(), RESOURCE_SERVER_TEST);
    AuthorizationResource authorization = client.authorization();
    JSPolicyRepresentation policy = new JSPolicyRepresentation();
    policy.setName(KeycloakModelUtils.generateId());
    policy.setCode("$evaluation.grant();");
    authorization.policies().js().create(policy).close();
    ResourceRepresentation resource = new ResourceRepresentation();
    resource.setName("Sensors");
    try (Response response = authorization.resources().create(resource)) {
        response.readEntity(ResourceRepresentation.class);
    }
    ResourcePermissionRepresentation permission = new ResourcePermissionRepresentation();
    permission.setName("View Sensor");
    permission.addPolicy(policy.getName());
    authorization.permissions().resource().create(permission).close();
    String accessToken = new OAuthClient().realm("authz-test").clientId(RESOURCE_SERVER_TEST).doGrantAccessTokenRequest("secret", "marta", "password").getAccessToken();
    AuthzClient authzClient = getAuthzClient(AUTHZ_CLIENT_CONFIG);
    AuthorizationRequest request = new AuthorizationRequest();
    request.addPermission("Sensors");
    request.setSubjectToken(accessToken + "i");
    try {
        authzClient.authorization().authorize(request);
        fail("should fail, session invalidated");
    } catch (Exception e) {
        Throwable expected = e.getCause();
        assertEquals(400, HttpResponseException.class.cast(expected).getStatusCode());
        assertTrue(HttpResponseException.class.cast(expected).toString().contains("unauthorized_client"));
    }
    List<EventRepresentation> events = getRealm().getEvents(Arrays.asList(EventType.PERMISSION_TOKEN_ERROR.name()), null, null, null, null, null, null, null);
    assertEquals(1, events.size());
}
Also used : RealmEventsConfigRepresentation(org.keycloak.representations.idm.RealmEventsConfigRepresentation) AuthorizationRequest(org.keycloak.representations.idm.authorization.AuthorizationRequest) OAuthClient(org.keycloak.testsuite.util.OAuthClient) JSPolicyRepresentation(org.keycloak.representations.idm.authorization.JSPolicyRepresentation) EventRepresentation(org.keycloak.representations.idm.EventRepresentation) HttpResponseException(org.keycloak.authorization.client.util.HttpResponseException) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) HttpResponseException(org.keycloak.authorization.client.util.HttpResponseException) AuthorizationDeniedException(org.keycloak.authorization.client.AuthorizationDeniedException) ExpectedException(org.junit.rules.ExpectedException) IOException(java.io.IOException) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation) AccessTokenResponse(org.keycloak.representations.AccessTokenResponse) Response(javax.ws.rs.core.Response) TokenIntrospectionResponse(org.keycloak.authorization.client.representation.TokenIntrospectionResponse) AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse) PermissionResponse(org.keycloak.representations.idm.authorization.PermissionResponse) AuthzClient(org.keycloak.authorization.client.AuthzClient) ClientResource(org.keycloak.admin.client.resource.ClientResource) Test(org.junit.Test)

Example 73 with EventRepresentation

use of org.keycloak.representations.idm.EventRepresentation in project keycloak by keycloak.

the class RealmTest method deleteSession.

@Test
public void deleteSession() {
    setupTestAppAndUser();
    oauth.doLogin("testuser", "password");
    AccessTokenResponse tokenResponse = oauth.doAccessTokenRequest(oauth.getCurrentQuery().get(OAuth2Constants.CODE), "secret");
    assertEquals(200, tokenResponse.getStatusCode());
    EventRepresentation event = events.poll();
    assertNotNull(event);
    realm.deleteSession(event.getSessionId());
    assertAdminEvents.assertEvent(realmId, OperationType.DELETE, AdminEventPaths.deleteSessionPath(event.getSessionId()), ResourceType.USER_SESSION);
    try {
        realm.deleteSession(event.getSessionId());
        fail("Expected 404");
    } catch (NotFoundException e) {
        // Expected
        assertAdminEvents.assertEmpty();
    }
    tokenResponse = oauth.doRefreshTokenRequest(tokenResponse.getRefreshToken(), "secret");
    assertEquals(400, tokenResponse.getStatusCode());
    assertEquals("Session not active", tokenResponse.getErrorDescription());
}
Also used : EventRepresentation(org.keycloak.representations.idm.EventRepresentation) AdminEventRepresentation(org.keycloak.representations.idm.AdminEventRepresentation) NotFoundException(javax.ws.rs.NotFoundException) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test)

Example 74 with EventRepresentation

use of org.keycloak.representations.idm.EventRepresentation in project keycloak by keycloak.

the class LoginTest method loginAgainWithoutRememberMe.

// KEYCLOAK-2741
@Test
public void loginAgainWithoutRememberMe() {
    setRememberMe(true);
    try {
        // login with remember me
        loginPage.open();
        assertFalse(loginPage.isRememberMeChecked());
        loginPage.setRememberMe(true);
        assertTrue(loginPage.isRememberMeChecked());
        loginPage.login("login-test", "password");
        Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
        Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
        EventRepresentation loginEvent = events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").detail(Details.REMEMBER_ME, "true").assertEvent();
        String sessionId = loginEvent.getSessionId();
        // Expire session
        testingClient.testing().removeUserSession("test", sessionId);
        // Assert rememberMe checked and username/email prefilled
        loginPage.open();
        assertTrue(loginPage.isRememberMeChecked());
        Assert.assertEquals("login-test", loginPage.getUsername());
        // login without remember me
        loginPage.setRememberMe(false);
        loginPage.login("login-test", "password");
        // Expire session
        loginEvent = events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent();
        sessionId = loginEvent.getSessionId();
        testingClient.testing().removeUserSession("test", sessionId);
        // Assert rememberMe not checked nor username/email prefilled
        loginPage.open();
        assertFalse(loginPage.isRememberMeChecked());
        assertNotEquals("login-test", loginPage.getUsername());
    } finally {
        setRememberMe(false);
    }
}
Also used : EventRepresentation(org.keycloak.representations.idm.EventRepresentation) Matchers.containsString(org.hamcrest.Matchers.containsString) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 75 with EventRepresentation

use of org.keycloak.representations.idm.EventRepresentation in project keycloak by keycloak.

the class LevelOfAssuranceFlowTest method assertLoggedInWithAcr.

private void assertLoggedInWithAcr(String acr) {
    EventRepresentation loginEvent = events.expectLogin().detail(Details.USERNAME, "test-user@localhost").assertEvent();
    IDToken idToken = sendTokenRequestAndGetIDToken(loginEvent);
    Assert.assertEquals(acr, idToken.getAcr());
}
Also used : EventRepresentation(org.keycloak.representations.idm.EventRepresentation) IDToken(org.keycloak.representations.IDToken)

Aggregations

EventRepresentation (org.keycloak.representations.idm.EventRepresentation)164 Test (org.junit.Test)124 OAuthClient (org.keycloak.testsuite.util.OAuthClient)93 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)60 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)44 RefreshToken (org.keycloak.representations.RefreshToken)27 ClientResource (org.keycloak.admin.client.resource.ClientResource)26 AccessToken (org.keycloak.representations.AccessToken)26 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)25 IDToken (org.keycloak.representations.IDToken)23 Matchers.containsString (org.hamcrest.Matchers.containsString)15 AbstractAdminTest (org.keycloak.testsuite.admin.AbstractAdminTest)15 Response (javax.ws.rs.core.Response)13 OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)13 AccessTokenResponse (org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse)12 IOException (java.io.IOException)11 RealmResource (org.keycloak.admin.client.resource.RealmResource)11 AssertEvents (org.keycloak.testsuite.AssertEvents)10 JWSInput (org.keycloak.jose.jws.JWSInput)9 TestAuthenticationChannelRequest (org.keycloak.testsuite.rest.representation.TestAuthenticationChannelRequest)9