Example 16 with AuthServerContainerExclude
use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.
the class BrowserFlowTest method testLoginWithWithNoWebAuthnCredentialAndAlternativeActionProvider.
/**
* This test checks that if a alternative authentication execution which has isUserSetupAllowed -> true for
* but is not a CredentialValidator (and therefore will not be removed by the selection mechanism),
* then it will not try to create the required action, and will instead move to the next alternative
*/
@Test
@AuthServerContainerExclude(REMOTE)
public void testLoginWithWithNoWebAuthnCredentialAndAlternativeActionProvider() {
String newFlowAlias = "browser - copy 1";
configureBrowserFlowWithAlternativeWebAuthnAndPassword(newFlowAlias);
try {
loginUsernameOnlyPage.open();
loginUsernameOnlyPage.assertCurrent();
loginUsernameOnlyPage.login("test-user@localhost");
// Assert that the login skipped the OTP authenticator and moved to the password
passwordPage.assertCurrent();
} finally {
revertFlows("browser - copy 1");
}
}
Also used :
Matchers.containsString(org.hamcrest.Matchers.containsString)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
SocialLoginTest(org.keycloak.testsuite.broker.SocialLoginTest)
Test(org.junit.Test)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)
Example 17 with AuthServerContainerExclude
use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.
the class BrowserFlowTest method testLoginWithWithNoOTPCredentialAndNoRequiredActionProviderRegistered.
/**
* This test checks that if a REQUIRED authentication execution which has isUserSetupAllowed -> true
* has its requiredActionProvider in a not registered state, then it will not try to create the required action,
* and will instead raise an credential setup required error.
*/
@Test
@AuthServerContainerExclude(REMOTE)
public void testLoginWithWithNoOTPCredentialAndNoRequiredActionProviderRegistered() {
String newFlowAlias = "browser - copy 1";
configureBrowserFlowWithRequiredOTP(newFlowAlias);
RequiredActionProviderRepresentation otpRequiredAction = testRealm().flows().getRequiredAction("CONFIGURE_TOTP");
testRealm().flows().removeRequiredAction("CONFIGURE_TOTP");
try {
provideUsernamePassword("test-user@localhost");
// Assert that the login evaluates to an error, as all required elements to not validate to successful
errorPage.assertCurrent();
} finally {
revertFlows("browser - copy 1");
RequiredActionProviderSimpleRepresentation simpleRepresentation = new RequiredActionProviderSimpleRepresentation();
simpleRepresentation.setProviderId("CONFIGURE_TOTP");
simpleRepresentation.setName(otpRequiredAction.getName());
testRealm().flows().registerRequiredAction(simpleRepresentation);
}
}
Also used :
RequiredActionProviderRepresentation(org.keycloak.representations.idm.RequiredActionProviderRepresentation)
RequiredActionProviderSimpleRepresentation(org.keycloak.representations.idm.RequiredActionProviderSimpleRepresentation)
Matchers.containsString(org.hamcrest.Matchers.containsString)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
SocialLoginTest(org.keycloak.testsuite.broker.SocialLoginTest)
Test(org.junit.Test)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)
Example 18 with AuthServerContainerExclude
use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.
the class BrowserFlowTest method testLoginWithWithNoOTPCredential.
/**
* This test checks that if a REQUIRED authentication execution which has isUserSetupAllowed -> true
* has its requiredActionProvider enabled, than it will login and show the otpSetup page.
*/
@Test
@AuthServerContainerExclude(REMOTE)
public void testLoginWithWithNoOTPCredential() {
String newFlowAlias = "browser - copy 1";
configureBrowserFlowWithRequiredOTP(newFlowAlias);
;
try {
provideUsernamePassword("test-user@localhost");
// Assert that in this case you arrive to an OTP setup
Assert.assertTrue(driver.getCurrentUrl().contains("required-action?execution=CONFIGURE_TOTP"));
} finally {
revertFlows("browser - copy 1");
UserRepresentation user = testRealm().users().search("test-user@localhost").get(0);
user.setRequiredActions(Collections.emptyList());
testRealm().users().get(user.getId()).update(user);
}
}
Also used :
Matchers.containsString(org.hamcrest.Matchers.containsString)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
SocialLoginTest(org.keycloak.testsuite.broker.SocialLoginTest)
Test(org.junit.Test)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)
Example 19 with AuthServerContainerExclude
use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.
the class BrowserFlowTest method testLoginWithWithNoWebAuthnCredentialAndRequiredActionProviderDisabled.
/**
* This test checks that if a REQUIRED authentication execution which has isUserSetupAllowed -> true
* has its requiredActionProvider disabled, then it will not try to create the required action,
* and will instead raise an credential setup required error.
* NOTE: webauthn currently isn't configured by default in the realm. When this changes, this test will need to be adapted
*/
@Test
@AuthServerContainerExclude(REMOTE)
public void testLoginWithWithNoWebAuthnCredentialAndRequiredActionProviderDisabled() {
String newFlowAlias = "browser - copy 1";
configureBrowserFlowWithRequiredWebAuthn(newFlowAlias);
RequiredActionProviderSimpleRepresentation requiredActionRepresentation = new RequiredActionProviderSimpleRepresentation();
requiredActionRepresentation.setName("WebAuthn Required Action");
requiredActionRepresentation.setProviderId(WebAuthnRegisterFactory.PROVIDER_ID);
testRealm().flows().registerRequiredAction(requiredActionRepresentation);
RequiredActionProviderRepresentation rapr = testRealm().flows().getRequiredAction(WebAuthnRegisterFactory.PROVIDER_ID);
rapr.setEnabled(false);
testRealm().flows().updateRequiredAction(WebAuthnRegisterFactory.PROVIDER_ID, rapr);
try {
provideUsernamePassword("test-user@localhost");
// Assert that the login evaluates to an error, as all required elements to not validate to successful
errorPage.assertCurrent();
} finally {
revertFlows("browser - copy 1");
testRealm().flows().removeRequiredAction(WebAuthnRegisterFactory.PROVIDER_ID);
}
}
Also used :
RequiredActionProviderRepresentation(org.keycloak.representations.idm.RequiredActionProviderRepresentation)
RequiredActionProviderSimpleRepresentation(org.keycloak.representations.idm.RequiredActionProviderSimpleRepresentation)
Matchers.containsString(org.hamcrest.Matchers.containsString)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
SocialLoginTest(org.keycloak.testsuite.broker.SocialLoginTest)
Test(org.junit.Test)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)
Example 20 with AuthServerContainerExclude
use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.
the class BrowserFlowTest method testConditionalFlowWithConditionalAuthenticatorEvaluatingToFalseActsAsDisabled.
@Test
@AuthServerContainerExclude(REMOTE)
public void testConditionalFlowWithConditionalAuthenticatorEvaluatingToFalseActsAsDisabled() {
String newFlowAlias = "browser - copy 1";
configureBrowserFlowWithConditionalFlowWithOTP(newFlowAlias);
try {
loginUsernameOnlyPage.open();
loginUsernameOnlyPage.assertCurrent();
loginUsernameOnlyPage.login("test-user@localhost");
// Assert that the login evaluates to an error, as all required elements to not validate to successful
errorPage.assertCurrent();
} finally {
revertFlows("browser - copy 1");
}
}
Also used :
Matchers.containsString(org.hamcrest.Matchers.containsString)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
SocialLoginTest(org.keycloak.testsuite.broker.SocialLoginTest)
Test(org.junit.Test)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)
Aggregations
Test (org.junit.Test)108
AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)108
AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)31
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)30
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)29
Matchers.containsString (org.hamcrest.Matchers.containsString)28
AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)27
Response (javax.ws.rs.core.Response)24
UserResource (org.keycloak.admin.client.resource.UserResource)21
AbstractAuthenticationTest (org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)21
SocialLoginTest (org.keycloak.testsuite.broker.SocialLoginTest)21
MimeMessage (javax.mail.internet.MimeMessage)14
OAuthClient (org.keycloak.testsuite.util.OAuthClient)14
OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)13
ComponentRepresentation (org.keycloak.representations.idm.ComponentRepresentation)12
LinkedList (java.util.LinkedList)11
List (java.util.List)9
RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)9
HashMap (java.util.HashMap)8
IOException (java.io.IOException)7
