use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.
the class AppInitiatedActionTotpSetupTest method setupTotpRegisteredAfterTotpRemoval.
@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void setupTotpRegisteredAfterTotpRemoval() {
// Register new user
loginPage.open();
loginPage.clickRegister();
registerPage.register("firstName2", "lastName2", "email2@mail.com", "setupTotp2", "password2", "password2");
String userId = events.expectRegister("setupTotp2", "email2@mail.com").assertEvent().getUserId();
doAIA();
// Configure totp
totpPage.assertCurrent();
String totpCode = totpPage.getTotpSecret();
totpPage.configure(totp.generateTOTP(totpCode));
// After totp config, user should be on the app page
assertKcActionStatus(SUCCESS);
events.poll();
events.expectRequiredAction(EventType.UPDATE_TOTP).user(userId).detail(Details.USERNAME, "setuptotp2").assertEvent();
EventRepresentation loginEvent = events.expectLogin().user(userId).detail(Details.USERNAME, "setuptotp2").assertEvent();
// Logout
oauth.openLogout();
events.expectLogout(loginEvent.getSessionId()).user(userId).assertEvent();
// Try to login after logout
loginPage.open();
loginPage.login("setupTotp2", "password2");
// Totp is already configured, thus one-time password is needed, login page should be loaded
String uri = driver.getCurrentUrl();
String src = driver.getPageSource();
assertTrue(loginPage.isCurrent());
Assert.assertFalse(totpPage.isCurrent());
// Login with one-time password
loginTotpPage.login(totp.generateTOTP(totpCode));
loginEvent = events.expectLogin().user(userId).detail(Details.USERNAME, "setupTotp2").assertEvent();
// Open account page
accountTotpPage.open();
accountTotpPage.assertCurrent();
// Remove google authentificator
accountTotpPage.removeTotp();
events.expectAccount(EventType.REMOVE_TOTP).user(userId).assertEvent();
// Logout
oauth.openLogout();
events.expectLogout(loginEvent.getSessionId()).user(userId).assertEvent();
// Try to login
loginPage.open();
loginPage.login("setupTotp2", "password2");
}
use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.
the class ClientScopeTest method testCreateDynamicScopeWithFeatureDisabledAndIsDynamicScopeTrue.
@Test
@DisableFeature(value = Profile.Feature.DYNAMIC_SCOPES, skipRestart = true)
public void testCreateDynamicScopeWithFeatureDisabledAndIsDynamicScopeTrue() {
ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
scopeRep.setName("non-dynamic-scope-def2");
scopeRep.setProtocol("openid-connect");
scopeRep.setAttributes(new HashMap<String, String>() {
{
put(ClientScopeModel.IS_DYNAMIC_SCOPE, "true");
put(ClientScopeModel.DYNAMIC_SCOPE_REGEXP, "");
}
});
handleExpectedCreateFailure(scopeRep, 400, "Unexpected value \"true\" for attribute is.dynamic.scope in ClientScope");
}
use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.
the class ClientScopeTest method testCreateDynamicScopeWithFeatureDisabledAndNonEmptyDynamicScopeRegexp.
@Test
@DisableFeature(value = Profile.Feature.DYNAMIC_SCOPES, skipRestart = true)
public void testCreateDynamicScopeWithFeatureDisabledAndNonEmptyDynamicScopeRegexp() {
ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
scopeRep.setName("non-dynamic-scope-def3");
scopeRep.setProtocol("openid-connect");
scopeRep.setAttributes(new HashMap<String, String>() {
{
put(ClientScopeModel.IS_DYNAMIC_SCOPE, "false");
put(ClientScopeModel.DYNAMIC_SCOPE_REGEXP, "not-empty");
}
});
handleExpectedCreateFailure(scopeRep, 400, "Unexpected value \"not-empty\" for attribute dynamic.scope.regexp in ClientScope");
}
use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.
the class LoginTest method loginRememberMeExpiredMaxLifespan.
@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void loginRememberMeExpiredMaxLifespan() throws Exception {
try (Closeable c = new RealmAttributeUpdater(adminClient.realm("test")).setSsoSessionMaxLifespanRememberMe(1).setRememberMe(true).update()) {
// login form shown after redirect from app
oauth.clientId("test-app");
oauth.redirectUri(OAuthClient.APP_ROOT + "/auth");
oauth.openLoginForm();
assertTrue(loginPage.isCurrent());
loginPage.setRememberMe(true);
loginPage.login("test-user@localhost", "password");
// sucessful login - app page should be on display.
events.expectLogin().detail(Details.USERNAME, "test-user@localhost").assertEvent();
appPage.assertCurrent();
// expire the max lifespan.
setTimeOffset(2);
// trying to open the account page with an expired lifespan should redirect back to the login page.
appPage.openAccount();
loginPage.assertCurrent();
}
}
use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.
the class LoginTest method loginDifferentUserAfterDisabledUserThrownOut.
@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void loginDifferentUserAfterDisabledUserThrownOut() {
String userId = adminClient.realm("test").users().search("test-user@localhost").get(0).getId();
try {
// profilePage.open();
loginPage.open();
loginPage.login("test-user@localhost", "password");
// accountPage.assertCurrent();
appPage.assertCurrent();
appPage.openAccount();
profilePage.assertCurrent();
setUserEnabled(userId, false);
// force refresh token which results in redirecting to login page
profilePage.updateUsername("notPermitted");
WaitUtils.waitForPageToLoad();
loginPage.assertCurrent();
// try to log in as different user
loginPage.login("keycloak-user@localhost", "password");
profilePage.assertCurrent();
} finally {
setUserEnabled(userId, true);
}
}
Aggregations