Search in sources :

Example 16 with AuthServerContainerExclude

use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.

the class BrowserFlowTest method testLoginWithWithNoWebAuthnCredentialAndAlternativeActionProvider.

/**
 * This test checks that if a alternative authentication execution which has isUserSetupAllowed -> true for
 * but is not a CredentialValidator (and therefore will not be removed by the selection mechanism),
 * then it will not try to create the required action, and will instead move to the next alternative
 */
@Test
@AuthServerContainerExclude(REMOTE)
public void testLoginWithWithNoWebAuthnCredentialAndAlternativeActionProvider() {
    String newFlowAlias = "browser - copy 1";
    configureBrowserFlowWithAlternativeWebAuthnAndPassword(newFlowAlias);
    try {
        loginUsernameOnlyPage.open();
        loginUsernameOnlyPage.assertCurrent();
        loginUsernameOnlyPage.login("test-user@localhost");
        // Assert that the login skipped the OTP authenticator and moved to the password
        passwordPage.assertCurrent();
    } finally {
        revertFlows("browser - copy 1");
    }
}
Also used : Matchers.containsString(org.hamcrest.Matchers.containsString) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) SocialLoginTest(org.keycloak.testsuite.broker.SocialLoginTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)

Example 17 with AuthServerContainerExclude

use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.

the class BrowserFlowTest method testLoginWithWithNoOTPCredentialAndNoRequiredActionProviderRegistered.

/**
 * This test checks that if a REQUIRED authentication execution which has isUserSetupAllowed -> true
 * has its requiredActionProvider in a not registered state, then it will not try to create the required action,
 * and will instead raise an credential setup required error.
 */
@Test
@AuthServerContainerExclude(REMOTE)
public void testLoginWithWithNoOTPCredentialAndNoRequiredActionProviderRegistered() {
    String newFlowAlias = "browser - copy 1";
    configureBrowserFlowWithRequiredOTP(newFlowAlias);
    RequiredActionProviderRepresentation otpRequiredAction = testRealm().flows().getRequiredAction("CONFIGURE_TOTP");
    testRealm().flows().removeRequiredAction("CONFIGURE_TOTP");
    try {
        provideUsernamePassword("test-user@localhost");
        // Assert that the login evaluates to an error, as all required elements to not validate to successful
        errorPage.assertCurrent();
    } finally {
        revertFlows("browser - copy 1");
        RequiredActionProviderSimpleRepresentation simpleRepresentation = new RequiredActionProviderSimpleRepresentation();
        simpleRepresentation.setProviderId("CONFIGURE_TOTP");
        simpleRepresentation.setName(otpRequiredAction.getName());
        testRealm().flows().registerRequiredAction(simpleRepresentation);
    }
}
Also used : RequiredActionProviderRepresentation(org.keycloak.representations.idm.RequiredActionProviderRepresentation) RequiredActionProviderSimpleRepresentation(org.keycloak.representations.idm.RequiredActionProviderSimpleRepresentation) Matchers.containsString(org.hamcrest.Matchers.containsString) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) SocialLoginTest(org.keycloak.testsuite.broker.SocialLoginTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)

Example 18 with AuthServerContainerExclude

use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.

the class BrowserFlowTest method testLoginWithWithNoOTPCredential.

/**
 * This test checks that if a REQUIRED authentication execution which has isUserSetupAllowed -> true
 * has its requiredActionProvider enabled, than it will login and show the otpSetup page.
 */
@Test
@AuthServerContainerExclude(REMOTE)
public void testLoginWithWithNoOTPCredential() {
    String newFlowAlias = "browser - copy 1";
    configureBrowserFlowWithRequiredOTP(newFlowAlias);
    ;
    try {
        provideUsernamePassword("test-user@localhost");
        // Assert that in this case you arrive to an OTP setup
        Assert.assertTrue(driver.getCurrentUrl().contains("required-action?execution=CONFIGURE_TOTP"));
    } finally {
        revertFlows("browser - copy 1");
        UserRepresentation user = testRealm().users().search("test-user@localhost").get(0);
        user.setRequiredActions(Collections.emptyList());
        testRealm().users().get(user.getId()).update(user);
    }
}
Also used : Matchers.containsString(org.hamcrest.Matchers.containsString) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) SocialLoginTest(org.keycloak.testsuite.broker.SocialLoginTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)

Example 19 with AuthServerContainerExclude

use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.

the class BrowserFlowTest method testLoginWithWithNoWebAuthnCredentialAndRequiredActionProviderDisabled.

/**
 * This test checks that if a REQUIRED authentication execution which has isUserSetupAllowed -> true
 * has its requiredActionProvider disabled, then it will not try to create the required action,
 * and will instead raise an credential setup required error.
 * NOTE: webauthn currently isn't configured by default in the realm. When this changes, this test will need to be adapted
 */
@Test
@AuthServerContainerExclude(REMOTE)
public void testLoginWithWithNoWebAuthnCredentialAndRequiredActionProviderDisabled() {
    String newFlowAlias = "browser - copy 1";
    configureBrowserFlowWithRequiredWebAuthn(newFlowAlias);
    RequiredActionProviderSimpleRepresentation requiredActionRepresentation = new RequiredActionProviderSimpleRepresentation();
    requiredActionRepresentation.setName("WebAuthn Required Action");
    requiredActionRepresentation.setProviderId(WebAuthnRegisterFactory.PROVIDER_ID);
    testRealm().flows().registerRequiredAction(requiredActionRepresentation);
    RequiredActionProviderRepresentation rapr = testRealm().flows().getRequiredAction(WebAuthnRegisterFactory.PROVIDER_ID);
    rapr.setEnabled(false);
    testRealm().flows().updateRequiredAction(WebAuthnRegisterFactory.PROVIDER_ID, rapr);
    try {
        provideUsernamePassword("test-user@localhost");
        // Assert that the login evaluates to an error, as all required elements to not validate to successful
        errorPage.assertCurrent();
    } finally {
        revertFlows("browser - copy 1");
        testRealm().flows().removeRequiredAction(WebAuthnRegisterFactory.PROVIDER_ID);
    }
}
Also used : RequiredActionProviderRepresentation(org.keycloak.representations.idm.RequiredActionProviderRepresentation) RequiredActionProviderSimpleRepresentation(org.keycloak.representations.idm.RequiredActionProviderSimpleRepresentation) Matchers.containsString(org.hamcrest.Matchers.containsString) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) SocialLoginTest(org.keycloak.testsuite.broker.SocialLoginTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)

Example 20 with AuthServerContainerExclude

use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.

the class BrowserFlowTest method testConditionalFlowWithConditionalAuthenticatorEvaluatingToFalseActsAsDisabled.

@Test
@AuthServerContainerExclude(REMOTE)
public void testConditionalFlowWithConditionalAuthenticatorEvaluatingToFalseActsAsDisabled() {
    String newFlowAlias = "browser - copy 1";
    configureBrowserFlowWithConditionalFlowWithOTP(newFlowAlias);
    try {
        loginUsernameOnlyPage.open();
        loginUsernameOnlyPage.assertCurrent();
        loginUsernameOnlyPage.login("test-user@localhost");
        // Assert that the login evaluates to an error, as all required elements to not validate to successful
        errorPage.assertCurrent();
    } finally {
        revertFlows("browser - copy 1");
    }
}
Also used : Matchers.containsString(org.hamcrest.Matchers.containsString) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) SocialLoginTest(org.keycloak.testsuite.broker.SocialLoginTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)

Aggregations

Test (org.junit.Test)108 AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)108 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)31 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)30 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)29 Matchers.containsString (org.hamcrest.Matchers.containsString)28 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)27 Response (javax.ws.rs.core.Response)24 UserResource (org.keycloak.admin.client.resource.UserResource)21 AbstractAuthenticationTest (org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)21 SocialLoginTest (org.keycloak.testsuite.broker.SocialLoginTest)21 MimeMessage (javax.mail.internet.MimeMessage)14 OAuthClient (org.keycloak.testsuite.util.OAuthClient)14 OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)13 ComponentRepresentation (org.keycloak.representations.idm.ComponentRepresentation)12 LinkedList (java.util.LinkedList)11 List (java.util.List)9 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)9 HashMap (java.util.HashMap)8 IOException (java.io.IOException)7