use of org.keycloak.testsuite.util.javascript.JSObjectBuilder in project keycloak by keycloak.
the class JavascriptAdapterTest method checkInitWithInvalidRealm.
// In case of incorrect/unavailable realm provided in KeycloakConfig,
// JavaScript Adapter init() should fail-fast and reject Promise with KeycloakError.
@Test
public void checkInitWithInvalidRealm() {
JSObjectBuilder keycloakConfig = JSObjectBuilder.create().add("url", authServerContextRootPage + "/auth").add("realm", "invalid-realm-name").add("clientId", CLIENT_ID);
JSObjectBuilder initOptions = defaultArguments().add("messageReceiveTimeout", 5000);
testExecutor.configure(keycloakConfig).init(initOptions, assertErrorResponse("Timeout when waiting for 3rd party check iframe message."));
}
use of org.keycloak.testsuite.util.javascript.JSObjectBuilder in project keycloak by keycloak.
the class JavascriptAdapterTest method testScopeInInitOptionsShouldBeConsideredByLoginUrl.
/**
* Test for scope handling via {@code initOptions}: <pre>{@code
* Keycloak keycloak = new Keycloak(); keycloak.init({.... scope: "profile email phone"})
* }</pre>
* See KEYCLOAK-14412
*/
@Test
public void testScopeInInitOptionsShouldBeConsideredByLoginUrl() {
JSObjectBuilder initOptions = defaultArguments().loginRequiredOnLoad().add("scope", "openid profile email phone");
try {
testExecutor.init(initOptions);
throw new RuntimeException("Probably the login-required OnLoad mode doesn't work, because testExecutor should fail with error that page was redirected.");
} catch (WebDriverException ex) {
// should happen
}
testExecutor.loginForm(testUser, this::assertOnTestAppUrl).init(initOptions, this::assertAdapterIsLoggedIn).executeScript("return window.keycloak.tokenParsed.scope", assertOutputContains("phone"));
}
use of org.keycloak.testsuite.util.javascript.JSObjectBuilder in project keycloak by keycloak.
the class JavascriptAdapterTest method testAcrInLoginOptionsShouldBeConsideredByLoginUrl.
/**
* Test for acr handling via {@code loginOptions}: <pre>{@code
* Keycloak keycloak = new Keycloak(); keycloak.login({.... acr: { values: ["foo", "bar"], essential: false}})
* }</pre>
*/
@Test
public void testAcrInLoginOptionsShouldBeConsideredByLoginUrl() {
// Test when no "acr" option given. Claims parameter won't be passed to Keycloak server
testExecutor.configure().init(defaultArguments());
JSObjectBuilder loginOptions = JSObjectBuilder.create();
testExecutor.login(loginOptions, (JavascriptStateValidator) (driver, output, events) -> {
try {
String queryString = new URL(driver.getCurrentUrl()).getQuery();
String claimsParam = UriUtils.decodeQueryString(queryString).getFirst(OIDCLoginProtocol.CLAIMS_PARAM);
Assert.assertNull(claimsParam);
} catch (IOException ioe) {
throw new AssertionError(ioe);
}
});
// Test given "acr" option will be translated into the "claims" parameter passed to Keycloak server
jsDriver.navigate().to(testAppUrl);
testExecutor.configure().init(defaultArguments());
JSObjectBuilder acr1 = JSObjectBuilder.create().add("values", new String[] { "foo", "bar" }).add("essential", false);
loginOptions = JSObjectBuilder.create().add("acr", acr1);
testExecutor.login(loginOptions, (JavascriptStateValidator) (driver, output, events) -> {
try {
String queryString = new URL(driver.getCurrentUrl()).getQuery();
String claimsParam = UriUtils.decodeQueryString(queryString).getFirst(OIDCLoginProtocol.CLAIMS_PARAM);
Assert.assertNotNull(claimsParam);
ClaimsRepresentation claimsRep = JsonSerialization.readValue(claimsParam, ClaimsRepresentation.class);
ClaimsRepresentation.ClaimValue<String> claimValue = claimsRep.getClaimValue(IDToken.ACR, ClaimsRepresentation.ClaimContext.ID_TOKEN, String.class);
Assert.assertNames(claimValue.getValues(), "foo", "bar");
Assert.assertThat(claimValue.isEssential(), is(false));
} catch (IOException ioe) {
throw new AssertionError(ioe);
}
});
}
use of org.keycloak.testsuite.util.javascript.JSObjectBuilder in project keycloak by keycloak.
the class JavascriptAdapterTest method testSilentCheckSsoLoginWithLoginIframeDisabled.
@Test
public void testSilentCheckSsoLoginWithLoginIframeDisabled() {
JSObjectBuilder checkSSO = defaultArguments().checkSSOOnLoad().add("silentCheckSsoRedirectUri", authServerContextRootPage.toString().replace(AUTH_SERVER_HOST, JS_APP_HOST) + JAVASCRIPT_URL + "/silent-check-sso.html");
testExecutor.init(checkSSO, this::assertInitNotAuth, SuiteContext.BROWSER_STRICT_COOKIES).login(this::assertOnLoginPage).loginForm(testUser, this::assertOnTestAppUrl).init(checkSSO, this::assertInitAuth, false).refresh().init(checkSSO.disableCheckLoginIframe(), this::assertInitAuth, SuiteContext.BROWSER_STRICT_COOKIES);
}
Aggregations