Example 6 with DisableFeature
use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.
the class LoginTest method loginRememberMeExpiredIdle.
@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void loginRememberMeExpiredIdle() throws Exception {
try (Closeable c = new RealmAttributeUpdater(adminClient.realm("test")).setSsoSessionIdleTimeoutRememberMe(1).setRememberMe(true).update()) {
// login form shown after redirect from app
oauth.clientId("test-app");
oauth.redirectUri(OAuthClient.APP_ROOT + "/auth");
oauth.openLoginForm();
assertTrue(loginPage.isCurrent());
loginPage.setRememberMe(true);
loginPage.login("test-user@localhost", "password");
// sucessful login - app page should be on display.
events.expectLogin().detail(Details.USERNAME, "test-user@localhost").assertEvent();
appPage.assertCurrent();
// expire idle timeout using the timeout window.
setTimeOffset(2 + SessionTimeoutHelper.IDLE_TIMEOUT_WINDOW_SECONDS);
// trying to open the account page with an expired idle timeout should redirect back to the login page.
appPage.openAccount();
loginPage.assertCurrent();
}
}
Also used :
Closeable(java.io.Closeable)
RealmAttributeUpdater(org.keycloak.testsuite.updaters.RealmAttributeUpdater)
DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature)
Test(org.junit.Test)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
Example 7 with DisableFeature
use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.
the class ResetPasswordTest method resetPasswordLink.
@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void resetPasswordLink() throws IOException, MessagingException {
String username = "login-test";
String resetUri = oauth.AUTH_SERVER_ROOT + "/realms/test/login-actions/reset-credentials";
driver.navigate().to(resetUri);
resetPasswordPage.assertCurrent();
resetPasswordPage.changePassword(username);
loginPage.assertCurrent();
assertEquals("You should receive an email shortly with further instructions.", loginPage.getSuccessMessage());
events.expectRequiredAction(EventType.SEND_RESET_PASSWORD).user(userId).detail(Details.REDIRECT_URI, oauth.AUTH_SERVER_ROOT + "/realms/test/account/").client("account").detail(Details.USERNAME, username).detail(Details.EMAIL, "login@test.com").session((String) null).assertEvent();
assertEquals(1, greenMail.getReceivedMessages().length);
MimeMessage message = greenMail.getReceivedMessages()[0];
String changePasswordUrl = MailUtils.getPasswordResetEmailLink(message);
driver.navigate().to(changePasswordUrl.trim());
updatePasswordPage.assertCurrent();
updatePasswordPage.changePassword("resetPassword", "resetPassword");
events.expectRequiredAction(EventType.UPDATE_PASSWORD).detail(Details.REDIRECT_URI, oauth.AUTH_SERVER_ROOT + "/realms/test/account/").client("account").user(userId).detail(Details.USERNAME, username).assertEvent();
String sessionId = events.expectLogin().user(userId).detail(Details.USERNAME, username).detail(Details.REDIRECT_URI, oauth.AUTH_SERVER_ROOT + "/realms/test/account/").client("account").assertEvent().getSessionId();
oauth.openLogout();
events.expectLogout(sessionId).user(userId).session(sessionId).assertEvent();
loginPage.open();
loginPage.login("login-test", "resetPassword");
events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent();
assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
}
Also used :
MimeMessage(javax.mail.internet.MimeMessage)
DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature)
AbstractKerberosTest(org.keycloak.testsuite.federation.kerberos.AbstractKerberosTest)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
Example 8 with DisableFeature
use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.
the class ResetPasswordTest method resetPasswordLinkNewTabAndProperRedirectAccount.
@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void resetPasswordLinkNewTabAndProperRedirectAccount() throws IOException {
final String REQUIRED_URI = OAuthClient.AUTH_SERVER_ROOT + "/realms/test/account/applications";
final String REDIRECT_URI = getAccountRedirectUrl() + "?path=applications";
final String CLIENT_ID = "account";
final String ACCOUNT_MANAGEMENT_TITLE = getProjectName() + " Account Management";
try (BrowserTabUtil tabUtil = BrowserTabUtil.getInstanceAndSetEnv(driver)) {
assertThat(tabUtil.getCountOfTabs(), Matchers.is(1));
driver.navigate().to(REQUIRED_URI);
resetPasswordTwiceInNewTab(defaultUser, CLIENT_ID, false, REDIRECT_URI, REQUIRED_URI);
assertThat(driver.getTitle(), Matchers.equalTo(ACCOUNT_MANAGEMENT_TITLE));
oauth.openLogout();
driver.navigate().to(REQUIRED_URI);
resetPasswordTwiceInNewTab(defaultUser, CLIENT_ID, true, REDIRECT_URI, REQUIRED_URI);
assertThat(driver.getTitle(), Matchers.equalTo(ACCOUNT_MANAGEMENT_TITLE));
}
}
Also used :
BrowserTabUtil(org.keycloak.testsuite.util.BrowserTabUtil)
DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature)
AbstractKerberosTest(org.keycloak.testsuite.federation.kerberos.AbstractKerberosTest)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
Example 9 with DisableFeature
use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.
the class SSOTest method loginSuccess.
@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void loginSuccess() {
loginPage.open();
loginPage.login("test-user@localhost", "password");
assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
EventRepresentation loginEvent = events.expectLogin().assertEvent();
String sessionId = loginEvent.getSessionId();
IDToken idToken = sendTokenRequestAndGetIDToken(loginEvent);
Assert.assertEquals("1", idToken.getAcr());
Long authTime = idToken.getAuth_time();
appPage.open();
oauth.openLoginForm();
assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
loginEvent = events.expectLogin().removeDetail(Details.USERNAME).client("test-app").assertEvent();
String sessionId2 = loginEvent.getSessionId();
assertEquals(sessionId, sessionId2);
// acr is 0 as we authenticated through SSO cookie
idToken = sendTokenRequestAndGetIDToken(loginEvent);
Assert.assertEquals("0", idToken.getAcr());
// auth time hasn't changed as we authenticated through SSO cookie
Assert.assertEquals(authTime, idToken.getAuth_time());
profilePage.open();
assertTrue(profilePage.isCurrent());
// Expire session
testingClient.testing().removeUserSession("test", sessionId);
oauth.doLogin("test-user@localhost", "password");
String sessionId4 = events.expectLogin().assertEvent().getSessionId();
assertNotEquals(sessionId, sessionId4);
events.clear();
}
Also used :
EventRepresentation(org.keycloak.representations.idm.EventRepresentation)
IDToken(org.keycloak.representations.IDToken)
DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature)
Test(org.junit.Test)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
Example 10 with DisableFeature
use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.
the class OIDCAdvancedRequestParamsTest method promptNoneConsentRequired.
// Prompt=none with consent required for client
@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void promptNoneConsentRequired() throws Exception {
// Require consent
ClientManager.realm(adminClient.realm("test")).clientId("test-app").consentRequired(true);
try {
// login to account mgmt.
profilePage.open();
assertTrue(loginPage.isCurrent());
loginPage.login("test-user@localhost", "password");
profilePage.assertCurrent();
events.expectLogin().client(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID).removeDetail(Details.REDIRECT_URI).detail(Details.USERNAME, "test-user@localhost").assertEvent();
// Assert error shown when trying prompt=none and consent not yet retrieved
driver.navigate().to(oauth.getLoginFormUrl() + "&prompt=none");
assertTrue(appPage.isCurrent());
Assert.assertEquals(AppPage.RequestType.AUTH_RESPONSE, appPage.getRequestType());
OAuthClient.AuthorizationEndpointResponse resp = new OAuthClient.AuthorizationEndpointResponse(oauth);
Assert.assertNull(resp.getCode());
Assert.assertEquals(OAuthErrorException.INTERACTION_REQUIRED, resp.getError());
// Confirm consent
driver.navigate().to(oauth.getLoginFormUrl());
grantPage.assertCurrent();
grantPage.accept();
events.expectLogin().detail(Details.USERNAME, "test-user@localhost").detail(Details.CONSENT, Details.CONSENT_VALUE_CONSENT_GRANTED).assertEvent();
// Consent not required anymore. Login with prompt=none should success
driver.navigate().to(oauth.getLoginFormUrl() + "&prompt=none");
Assert.assertEquals(AppPage.RequestType.AUTH_RESPONSE, appPage.getRequestType());
resp = new OAuthClient.AuthorizationEndpointResponse(oauth);
Assert.assertNotNull(resp.getCode());
Assert.assertNull(resp.getError());
events.expectLogin().detail(Details.USERNAME, "test-user@localhost").detail(Details.CONSENT, Details.CONSENT_VALUE_PERSISTED_CONSENT).assertEvent();
} finally {
// Revert consent
UserResource user = ApiUtil.findUserByUsernameId(adminClient.realm("test"), "test-user@localhost");
user.revokeConsent("test-app");
// revert require consent
ClientManager.realm(adminClient.realm("test")).clientId("test-app").consentRequired(false);
}
}
Also used :
OAuthClient(org.keycloak.testsuite.util.OAuthClient)
UserResource(org.keycloak.admin.client.resource.UserResource)
DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature)
AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest)
Test(org.junit.Test)
AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)
Aggregations
DisableFeature (org.keycloak.testsuite.arquillian.annotation.DisableFeature)23
Test (org.junit.Test)21
AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)11
OAuthClient (org.keycloak.testsuite.util.OAuthClient)4
Matchers.containsString (org.hamcrest.Matchers.containsString)3
RealmResource (org.keycloak.admin.client.resource.RealmResource)3
UserResource (org.keycloak.admin.client.resource.UserResource)3
EventRepresentation (org.keycloak.representations.idm.EventRepresentation)3
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)3
Closeable (java.io.Closeable)2
ClientResource (org.keycloak.admin.client.resource.ClientResource)2
PasswordCredentialModel (org.keycloak.models.credential.PasswordCredentialModel)2
RefreshToken (org.keycloak.representations.RefreshToken)2
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)2
ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)2
RequiredActionProviderRepresentation (org.keycloak.representations.idm.RequiredActionProviderRepresentation)2
AbstractAuthenticationTest (org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)2
AbstractKerberosTest (org.keycloak.testsuite.federation.kerberos.AbstractKerberosTest)2
WebElement (org.openqa.selenium.WebElement)2
Arrays (java.util.Arrays)1
