Search in sources :

Example 21 with DisableFeature

use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.

the class PasswordHashingTest method testPasswordNotRehasedUnchangedIterations.

// KEYCLOAK-5282
@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void testPasswordNotRehasedUnchangedIterations() {
    setPasswordPolicy("");
    String username = "testPasswordNotRehasedUnchangedIterations";
    createUser(username);
    PasswordCredentialModel credential = PasswordCredentialModel.createFromCredentialModel(fetchCredentials(username));
    String credentialId = credential.getId();
    byte[] salt = credential.getPasswordSecretData().getSalt();
    setPasswordPolicy("hashIterations");
    loginPage.open();
    loginPage.login(username, "password");
    credential = PasswordCredentialModel.createFromCredentialModel(fetchCredentials(username));
    assertEquals(credentialId, credential.getId());
    assertArrayEquals(salt, credential.getPasswordSecretData().getSalt());
    setPasswordPolicy("hashIterations(" + Pbkdf2Sha256PasswordHashProviderFactory.DEFAULT_ITERATIONS + ")");
    updateProfilePage.open();
    updateProfilePage.logout();
    loginPage.open();
    loginPage.login(username, "password");
    credential = PasswordCredentialModel.createFromCredentialModel(fetchCredentials(username));
    assertEquals(credentialId, credential.getId());
    assertArrayEquals(salt, credential.getPasswordSecretData().getSalt());
}
Also used : PasswordCredentialModel(org.keycloak.models.credential.PasswordCredentialModel) DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 22 with DisableFeature

use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.

the class UserTest method updateUserWithHashedCredentials.

@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void updateUserWithHashedCredentials() {
    String userId = createUser("user_hashed_creds", "user_hashed_creds@localhost");
    byte[] salt = new byte[] { -69, 85, 87, 99, 26, -107, 125, 99, -77, 30, -111, 118, 108, 100, -117, -56 };
    PasswordCredentialModel credentialModel = PasswordCredentialModel.createFromValues("pbkdf2-sha256", salt, 27500, "uskEPZWMr83pl2mzNB95SFXfIabe2UH9ClENVx/rrQqOjFEjL2aAOGpWsFNNF3qoll7Qht2mY5KxIDm3Rnve2w==");
    credentialModel.setCreatedDate(1001l);
    CredentialRepresentation hashedPassword = ModelToRepresentation.toRepresentation(credentialModel);
    UserRepresentation userRepresentation = new UserRepresentation();
    userRepresentation.setCredentials(Collections.singletonList(hashedPassword));
    realm.users().get(userId).update(userRepresentation);
    String accountUrl = RealmsResource.accountUrl(UriBuilder.fromUri(getAuthServerRoot())).build(REALM_NAME).toString();
    driver.navigate().to(accountUrl);
    assertEquals("Sign in to your account", PageUtils.getPageTitle(driver));
    loginPage.login("user_hashed_creds", "admin");
    assertTrue(driver.getTitle().contains("Account Management"));
}
Also used : CredentialRepresentation(org.keycloak.representations.idm.CredentialRepresentation) PasswordCredentialModel(org.keycloak.models.credential.PasswordCredentialModel) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature) Test(org.junit.Test)

Example 23 with DisableFeature

use of org.keycloak.testsuite.arquillian.annotation.DisableFeature in project keycloak by keycloak.

the class LDAPProvidersIntegrationTest method deleteFederationLink.

@Test
// TODO remove this (KEYCLOAK-16228)
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
public void deleteFederationLink() throws Exception {
    // KEYCLOAK-4789: Login in client, which requires consent
    oauth.clientId("third-party");
    loginPage.open();
    loginPage.login("johnkeycloak", "Password1");
    grantPage.assertCurrent();
    grantPage.accept();
    Assert.assertEquals(AppPage.RequestType.AUTH_RESPONSE, appPage.getRequestType());
    Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
    ComponentRepresentation ldapRep = testRealm().components().component(ldapModelId).toRepresentation();
    testRealm().components().component(ldapModelId).remove();
    // User not available once LDAP provider was removed
    loginPage.open();
    loginPage.login("johnkeycloak", "Password1");
    loginPage.assertCurrent();
    Assert.assertEquals("Invalid username or password.", loginPage.getInputError());
    // Re-add LDAP provider
    Map<String, String> cfg = getLDAPRule().getConfig();
    ldapModelId = testingClient.testing().ldap(TEST_REALM_NAME).createLDAPProvider(cfg, isImportEnabled());
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        LDAPTestUtils.addZipCodeLDAPMapper(ctx.getRealm(), ctx.getLdapModel());
    });
    oauth.clientId("test-app");
    loginLdap();
}
Also used : ComponentRepresentation(org.keycloak.representations.idm.ComponentRepresentation) DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature) AbstractAuthTest(org.keycloak.testsuite.AbstractAuthTest) Test(org.junit.Test)

Aggregations

DisableFeature (org.keycloak.testsuite.arquillian.annotation.DisableFeature)23 Test (org.junit.Test)21 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)11 OAuthClient (org.keycloak.testsuite.util.OAuthClient)4 Matchers.containsString (org.hamcrest.Matchers.containsString)3 RealmResource (org.keycloak.admin.client.resource.RealmResource)3 UserResource (org.keycloak.admin.client.resource.UserResource)3 EventRepresentation (org.keycloak.representations.idm.EventRepresentation)3 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)3 Closeable (java.io.Closeable)2 ClientResource (org.keycloak.admin.client.resource.ClientResource)2 PasswordCredentialModel (org.keycloak.models.credential.PasswordCredentialModel)2 RefreshToken (org.keycloak.representations.RefreshToken)2 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)2 ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)2 RequiredActionProviderRepresentation (org.keycloak.representations.idm.RequiredActionProviderRepresentation)2 AbstractAuthenticationTest (org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)2 AbstractKerberosTest (org.keycloak.testsuite.federation.kerberos.AbstractKerberosTest)2 WebElement (org.openqa.selenium.WebElement)2 Arrays (java.util.Arrays)1