Search in sources :

Example 16 with DisableFeature

use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.

the class AppInitiatedActionTotpSetupTest method setupTotpRegisteredAfterTotpRemoval.

@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void setupTotpRegisteredAfterTotpRemoval() {
    // Register new user
    loginPage.open();
    loginPage.clickRegister();
    registerPage.register("firstName2", "lastName2", "email2@mail.com", "setupTotp2", "password2", "password2");
    String userId = events.expectRegister("setupTotp2", "email2@mail.com").assertEvent().getUserId();
    doAIA();
    // Configure totp
    totpPage.assertCurrent();
    String totpCode = totpPage.getTotpSecret();
    totpPage.configure(totp.generateTOTP(totpCode));
    // After totp config, user should be on the app page
    assertKcActionStatus(SUCCESS);
    events.poll();
    events.expectRequiredAction(EventType.UPDATE_TOTP).user(userId).detail(Details.USERNAME, "setuptotp2").assertEvent();
    EventRepresentation loginEvent = events.expectLogin().user(userId).detail(Details.USERNAME, "setuptotp2").assertEvent();
    // Logout
    oauth.openLogout();
    events.expectLogout(loginEvent.getSessionId()).user(userId).assertEvent();
    // Try to login after logout
    loginPage.open();
    loginPage.login("setupTotp2", "password2");
    // Totp is already configured, thus one-time password is needed, login page should be loaded
    String uri = driver.getCurrentUrl();
    String src = driver.getPageSource();
    assertTrue(loginPage.isCurrent());
    Assert.assertFalse(totpPage.isCurrent());
    // Login with one-time password
    loginTotpPage.login(totp.generateTOTP(totpCode));
    loginEvent = events.expectLogin().user(userId).detail(Details.USERNAME, "setupTotp2").assertEvent();
    // Open account page
    accountTotpPage.open();
    accountTotpPage.assertCurrent();
    // Remove google authentificator
    accountTotpPage.removeTotp();
    events.expectAccount(EventType.REMOVE_TOTP).user(userId).assertEvent();
    // Logout
    oauth.openLogout();
    events.expectLogout(loginEvent.getSessionId()).user(userId).assertEvent();
    // Try to login
    loginPage.open();
    loginPage.login("setupTotp2", "password2");
}
Also used : EventRepresentation(org.keycloak.representations.idm.EventRepresentation) DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature) Test(org.junit.Test)

Example 17 with DisableFeature

use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.

the class ClientScopeTest method testCreateDynamicScopeWithFeatureDisabledAndIsDynamicScopeTrue.

@Test
@DisableFeature(value = Profile.Feature.DYNAMIC_SCOPES, skipRestart = true)
public void testCreateDynamicScopeWithFeatureDisabledAndIsDynamicScopeTrue() {
    ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
    scopeRep.setName("non-dynamic-scope-def2");
    scopeRep.setProtocol("openid-connect");
    scopeRep.setAttributes(new HashMap<String, String>() {

        {
            put(ClientScopeModel.IS_DYNAMIC_SCOPE, "true");
            put(ClientScopeModel.DYNAMIC_SCOPE_REGEXP, "");
        }
    });
    handleExpectedCreateFailure(scopeRep, 400, "Unexpected value \"true\" for attribute is.dynamic.scope in ClientScope");
}
Also used : ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature) Test(org.junit.Test)

Example 18 with DisableFeature

use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.

the class ClientScopeTest method testCreateDynamicScopeWithFeatureDisabledAndNonEmptyDynamicScopeRegexp.

@Test
@DisableFeature(value = Profile.Feature.DYNAMIC_SCOPES, skipRestart = true)
public void testCreateDynamicScopeWithFeatureDisabledAndNonEmptyDynamicScopeRegexp() {
    ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
    scopeRep.setName("non-dynamic-scope-def3");
    scopeRep.setProtocol("openid-connect");
    scopeRep.setAttributes(new HashMap<String, String>() {

        {
            put(ClientScopeModel.IS_DYNAMIC_SCOPE, "false");
            put(ClientScopeModel.DYNAMIC_SCOPE_REGEXP, "not-empty");
        }
    });
    handleExpectedCreateFailure(scopeRep, 400, "Unexpected value \"not-empty\" for attribute dynamic.scope.regexp in ClientScope");
}
Also used : ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature) Test(org.junit.Test)

Example 19 with DisableFeature

use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.

the class LoginTest method loginRememberMeExpiredMaxLifespan.

@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void loginRememberMeExpiredMaxLifespan() throws Exception {
    try (Closeable c = new RealmAttributeUpdater(adminClient.realm("test")).setSsoSessionMaxLifespanRememberMe(1).setRememberMe(true).update()) {
        // login form shown after redirect from app
        oauth.clientId("test-app");
        oauth.redirectUri(OAuthClient.APP_ROOT + "/auth");
        oauth.openLoginForm();
        assertTrue(loginPage.isCurrent());
        loginPage.setRememberMe(true);
        loginPage.login("test-user@localhost", "password");
        // sucessful login - app page should be on display.
        events.expectLogin().detail(Details.USERNAME, "test-user@localhost").assertEvent();
        appPage.assertCurrent();
        // expire the max lifespan.
        setTimeOffset(2);
        // trying to open the account page with an expired lifespan should redirect back to the login page.
        appPage.openAccount();
        loginPage.assertCurrent();
    }
}
Also used : Closeable(java.io.Closeable) RealmAttributeUpdater(org.keycloak.testsuite.updaters.RealmAttributeUpdater) DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 20 with DisableFeature

use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.

the class LoginTest method loginDifferentUserAfterDisabledUserThrownOut.

@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void loginDifferentUserAfterDisabledUserThrownOut() {
    String userId = adminClient.realm("test").users().search("test-user@localhost").get(0).getId();
    try {
        // profilePage.open();
        loginPage.open();
        loginPage.login("test-user@localhost", "password");
        // accountPage.assertCurrent();
        appPage.assertCurrent();
        appPage.openAccount();
        profilePage.assertCurrent();
        setUserEnabled(userId, false);
        // force refresh token which results in redirecting to login page
        profilePage.updateUsername("notPermitted");
        WaitUtils.waitForPageToLoad();
        loginPage.assertCurrent();
        // try to log in as different user
        loginPage.login("keycloak-user@localhost", "password");
        profilePage.assertCurrent();
    } finally {
        setUserEnabled(userId, true);
    }
}
Also used : Matchers.containsString(org.hamcrest.Matchers.containsString) DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Aggregations

DisableFeature (org.keycloak.testsuite.arquillian.annotation.DisableFeature)23 Test (org.junit.Test)21 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)11 OAuthClient (org.keycloak.testsuite.util.OAuthClient)4 Matchers.containsString (org.hamcrest.Matchers.containsString)3 RealmResource (org.keycloak.admin.client.resource.RealmResource)3 UserResource (org.keycloak.admin.client.resource.UserResource)3 EventRepresentation (org.keycloak.representations.idm.EventRepresentation)3 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)3 Closeable (java.io.Closeable)2 ClientResource (org.keycloak.admin.client.resource.ClientResource)2 PasswordCredentialModel (org.keycloak.models.credential.PasswordCredentialModel)2 RefreshToken (org.keycloak.representations.RefreshToken)2 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)2 ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)2 RequiredActionProviderRepresentation (org.keycloak.representations.idm.RequiredActionProviderRepresentation)2 AbstractAuthenticationTest (org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)2 AbstractKerberosTest (org.keycloak.testsuite.federation.kerberos.AbstractKerberosTest)2 WebElement (org.openqa.selenium.WebElement)2 Arrays (java.util.Arrays)1