Search in sources :

Example 76 with EventRepresentation

use of org.keycloak.representations.idm.EventRepresentation in project keycloak by keycloak.

the class AssertEvents method poll.

public EventRepresentation poll() {
    EventRepresentation event = fetchNextEvent();
    Assert.assertNotNull("Event expected", event);
    return event;
}
Also used : EventRepresentation(org.keycloak.representations.idm.EventRepresentation)

Example 77 with EventRepresentation

use of org.keycloak.representations.idm.EventRepresentation in project keycloak by keycloak.

the class AssertEvents method assertEmpty.

public void assertEmpty() {
    EventRepresentation event = fetchNextEvent();
    Assert.assertNull("Empty event queue expected, but there is " + event, event);
}
Also used : EventRepresentation(org.keycloak.representations.idm.EventRepresentation)

Example 78 with EventRepresentation

use of org.keycloak.representations.idm.EventRepresentation in project keycloak by keycloak.

the class ClientStorageTest method testRefreshWithOfflineToken.

private String testRefreshWithOfflineToken(AccessToken oldToken, RefreshToken offlineToken, String offlineTokenString, final String sessionId, String userId) {
    // Change offset to big value to ensure userSession expired
    setTimeOffset(99999);
    Assert.assertFalse(oldToken.isActive());
    Assert.assertTrue(offlineToken.isActive());
    // Assert userSession expired
    testingClient.testing().removeExpired("test");
    try {
        testingClient.testing().removeUserSession("test", sessionId);
    } catch (NotFoundException nfe) {
    // Ignore
    }
    OAuthClient.AccessTokenResponse response = oauth.doRefreshTokenRequest(offlineTokenString, "password");
    AccessToken refreshedToken = oauth.verifyToken(response.getAccessToken());
    String offlineUserSessionId = testingClient.server().fetch((KeycloakSession session) -> session.sessions().getOfflineUserSession(session.realms().getRealmByName("test"), offlineToken.getSessionState()).getId(), String.class);
    Assert.assertEquals(200, response.getStatusCode());
    Assert.assertEquals(offlineUserSessionId, refreshedToken.getSessionState());
    // Assert new refreshToken in the response
    String newRefreshToken = response.getRefreshToken();
    Assert.assertNotNull(newRefreshToken);
    Assert.assertNotEquals(oldToken.getId(), refreshedToken.getId());
    Assert.assertEquals(userId, refreshedToken.getSubject());
    Assert.assertTrue(refreshedToken.getRealmAccess().isUserInRole(Constants.OFFLINE_ACCESS_ROLE));
    EventRepresentation refreshEvent = events.expectRefresh(offlineToken.getId(), sessionId).client("hardcoded-client").user(userId).removeDetail(Details.UPDATED_REFRESH_TOKEN_ID).detail(Details.REFRESH_TOKEN_TYPE, TokenUtil.TOKEN_TYPE_OFFLINE).assertEvent();
    Assert.assertNotEquals(oldToken.getId(), refreshEvent.getDetails().get(Details.TOKEN_ID));
    setTimeOffset(0);
    return newRefreshToken;
}
Also used : OAuthClient(org.keycloak.testsuite.util.OAuthClient) AccessToken(org.keycloak.representations.AccessToken) KeycloakSession(org.keycloak.models.KeycloakSession) EventRepresentation(org.keycloak.representations.idm.EventRepresentation) NotFoundException(javax.ws.rs.NotFoundException)

Example 79 with EventRepresentation

use of org.keycloak.representations.idm.EventRepresentation in project keycloak by keycloak.

the class TrustStoreEmailTest method verifyEmailWithSslEnabled.

@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void verifyEmailWithSslEnabled() {
    UserRepresentation user = ApiUtil.findUserByUsername(testRealm(), "test-user@localhost");
    SslMailServer.startWithSsl(this.getClass().getClassLoader().getResource(SslMailServer.PRIVATE_KEY).getFile());
    accountManagement.navigateTo();
    testRealmLoginPage.form().login(user.getUsername(), "password");
    EventRepresentation sendEvent = events.expectRequiredAction(EventType.SEND_VERIFY_EMAIL).user(user.getId()).client("account").detail(Details.USERNAME, "test-user@localhost").detail(Details.EMAIL, "test-user@localhost").removeDetail(Details.REDIRECT_URI).assertEvent();
    String mailCodeId = sendEvent.getDetails().get(Details.CODE_ID);
    assertEquals("You need to verify your email address to activate your account.", testRealmVerifyEmailPage.feedbackMessage().getText());
    String verifyEmailUrl = assertEmailAndGetUrl(MailServerConfiguration.FROM, user.getEmail(), "Someone has created a Test account with this email address.", true);
    log.info("navigating to url from email: " + verifyEmailUrl);
    driver.navigate().to(verifyEmailUrl);
    events.expectRequiredAction(EventType.VERIFY_EMAIL).user(user.getId()).client("account").detail(Details.USERNAME, "test-user@localhost").detail(Details.EMAIL, "test-user@localhost").detail(Details.CODE_ID, mailCodeId).removeDetail(Details.REDIRECT_URI).assertEvent();
    events.expectLogin().client("account").user(user.getId()).session(mailCodeId).detail(Details.USERNAME, "test-user@localhost").removeDetail(Details.REDIRECT_URI).assertEvent();
    assertCurrentUrlStartsWith(accountManagement);
    accountManagement.signOut();
    testRealmLoginPage.form().login(user.getUsername(), "password");
    assertCurrentUrlStartsWith(accountManagement);
}
Also used : EventRepresentation(org.keycloak.representations.idm.EventRepresentation) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 80 with EventRepresentation

use of org.keycloak.representations.idm.EventRepresentation in project keycloak by keycloak.

the class WebAuthnRegisterAndLoginTest method registerUserSuccess.

@Test
public void registerUserSuccess() throws IOException {
    String username = "registerUserSuccess";
    String password = "password";
    String email = "registerUserSuccess@email";
    String userId = null;
    try (RealmAttributeUpdater rau = updateRealmWithDefaultWebAuthnSettings(testRealm()).update()) {
        loginPage.open();
        loginPage.clickRegister();
        registerPage.assertCurrent();
        String authenticatorLabel = SecretGenerator.getInstance().randomString(24);
        registerPage.register("firstName", "lastName", email, username, password, password);
        // User was registered. Now he needs to register WebAuthn credential
        webAuthnRegisterPage.assertCurrent();
        webAuthnRegisterPage.clickRegister();
        webAuthnRegisterPage.registerWebAuthnCredential(authenticatorLabel);
        appPage.assertCurrent();
        assertThat(appPage.getRequestType(), is(RequestType.AUTH_RESPONSE));
        appPage.openAccount();
        // confirm that registration is successfully completed
        userId = events.expectRegister(username, email).assertEvent().getUserId();
        // confirm registration event
        EventRepresentation eventRep = events.expectRequiredAction(CUSTOM_REQUIRED_ACTION).user(userId).detail(Details.CUSTOM_REQUIRED_ACTION, WebAuthnRegisterFactory.PROVIDER_ID).detail(WebAuthnConstants.PUBKEY_CRED_LABEL_ATTR, authenticatorLabel).detail(WebAuthnConstants.PUBKEY_CRED_AAGUID_ATTR, ALL_ZERO_AAGUID).assertEvent();
        String regPubKeyCredentialId = eventRep.getDetails().get(WebAuthnConstants.PUBKEY_CRED_ID_ATTR);
        // confirm login event
        String sessionId = events.expectLogin().user(userId).detail(Details.CUSTOM_REQUIRED_ACTION, WebAuthnRegisterFactory.PROVIDER_ID).detail(WebAuthnConstants.PUBKEY_CRED_LABEL_ATTR, authenticatorLabel).assertEvent().getSessionId();
        // confirm user registered
        assertUserRegistered(userId, username.toLowerCase(), email.toLowerCase());
        assertRegisteredCredentials(userId, ALL_ZERO_AAGUID, "none");
        events.clear();
        // logout by user
        appPage.logout();
        // confirm logout event
        events.expectLogout(sessionId).user(userId).assertEvent();
        // login by user
        loginPage.open();
        loginPage.login(username, password);
        webAuthnLoginPage.assertCurrent();
        final WebAuthnAuthenticatorsList authenticators = webAuthnLoginPage.getAuthenticators();
        assertThat(authenticators.getCount(), is(1));
        assertThat(authenticators.getLabels(), Matchers.contains(authenticatorLabel));
        webAuthnLoginPage.clickAuthenticate();
        appPage.assertCurrent();
        assertThat(appPage.getRequestType(), is(RequestType.AUTH_RESPONSE));
        appPage.openAccount();
        // confirm login event
        sessionId = events.expectLogin().user(userId).detail(WebAuthnConstants.PUBKEY_CRED_ID_ATTR, regPubKeyCredentialId).detail(WebAuthnConstants.USER_VERIFICATION_CHECKED, Boolean.FALSE.toString()).assertEvent().getSessionId();
        events.clear();
        // logout by user
        appPage.logout();
        // confirm logout event
        events.expectLogout(sessionId).user(userId).assertEvent();
    } finally {
        removeFirstCredentialForUser(userId, WebAuthnCredentialModel.TYPE_TWOFACTOR);
    }
}
Also used : WebAuthnAuthenticatorsList(org.keycloak.testsuite.webauthn.pages.WebAuthnAuthenticatorsList) EventRepresentation(org.keycloak.representations.idm.EventRepresentation) WebAuthnRealmAttributeUpdater(org.keycloak.testsuite.webauthn.updaters.WebAuthnRealmAttributeUpdater) RealmAttributeUpdater(org.keycloak.testsuite.updaters.RealmAttributeUpdater) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test)

Aggregations

EventRepresentation (org.keycloak.representations.idm.EventRepresentation)164 Test (org.junit.Test)124 OAuthClient (org.keycloak.testsuite.util.OAuthClient)93 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)60 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)44 RefreshToken (org.keycloak.representations.RefreshToken)27 ClientResource (org.keycloak.admin.client.resource.ClientResource)26 AccessToken (org.keycloak.representations.AccessToken)26 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)25 IDToken (org.keycloak.representations.IDToken)23 Matchers.containsString (org.hamcrest.Matchers.containsString)15 AbstractAdminTest (org.keycloak.testsuite.admin.AbstractAdminTest)15 Response (javax.ws.rs.core.Response)13 OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)13 AccessTokenResponse (org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse)12 IOException (java.io.IOException)11 RealmResource (org.keycloak.admin.client.resource.RealmResource)11 AssertEvents (org.keycloak.testsuite.AssertEvents)10 JWSInput (org.keycloak.jose.jws.JWSInput)9 TestAuthenticationChannelRequest (org.keycloak.testsuite.rest.representation.TestAuthenticationChannelRequest)9