use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class WebAuthnPolicySettingsTest method timeout.
@Test
public void timeout() {
int timeout = getPolicyPage().getTimeout();
assertThat(timeout, is(0));
getPolicyPage().setTimeout(10);
getPolicyPage().clickSaveButton();
timeout = getPolicyPage().getTimeout();
assertThat(timeout, is(10));
getPolicyPage().setTimeout(-10);
getPolicyPage().clickSaveButton();
assertAlertDanger();
timeout = getPolicyPage().getTimeout();
assertThat(timeout, is(-10));
getPolicyPage().navigateTo();
waitForPageToLoad();
timeout = getPolicyPage().getTimeout();
assertThat(timeout, is(10));
getPolicyPage().setTimeout(1000000);
getPolicyPage().clickSaveButton();
assertAlertDanger();
getPolicyPage().setTimeout(500);
getPolicyPage().clickSaveButton();
timeout = getPolicyPage().getTimeout();
assertThat(timeout, is(500));
final WebAuthnRealmData realm = new WebAuthnRealmData(testRealmResource().toRepresentation(), isPasswordless());
assertThat(realm, notNullValue());
assertThat(realm.getCreateTimeout(), is(500));
}
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class WebAuthnPolicySettingsTest method acceptableAaguid.
@Test
public void acceptableAaguid() {
WebAuthnPolicyPage.MultivaluedAcceptableAaguid acceptableAaguid = getPolicyPage().getAcceptableAaguid();
assertThat(acceptableAaguid, notNullValue());
List<String> items = getAcceptableAaguid(getPolicyPage().getAcceptableAaguid());
assertThat(items, notNullValue());
acceptableAaguid.addItem(ALL_ONE_AAGUID);
getPolicyPage().clickSaveButton();
items = getAcceptableAaguid(getPolicyPage().getAcceptableAaguid());
assertThat(items, notNullValue());
assertThat(items.isEmpty(), is(false));
assertThat(items.contains(ALL_ONE_AAGUID), is(true));
final String YUBIKEY_5_AAGUID = "cb69481e-8ff7-4039-93ec-0a2729a154a8";
final String YUBICO_AAGUID = "f8a011f3-8c0a-4d15-8006-17111f9edc7d";
acceptableAaguid.addItem(YUBIKEY_5_AAGUID);
acceptableAaguid.addItem(YUBICO_AAGUID);
items = getAcceptableAaguid(getPolicyPage().getAcceptableAaguid());
assertThat(items, notNullValue());
assertThat(items, hasSize(3));
getPolicyPage().clickSaveButton();
acceptableAaguid.removeItem(0);
items = getAcceptableAaguid(getPolicyPage().getAcceptableAaguid());
assertThat(items, notNullValue());
assertThat(items, hasSize(2));
assertThat(items.contains(YUBICO_AAGUID), is(true));
assertThat(items.contains(YUBIKEY_5_AAGUID), is(true));
assertThat(items.contains(ALL_ONE_AAGUID), is(false));
assertThat(getPolicyPage().isSaveButtonEnabled(), is(true));
getPolicyPage().clickSaveButton();
pause(100);
WebAuthnRealmData realm = new WebAuthnRealmData(testRealmResource().toRepresentation(), isPasswordless());
assertThat(realm, notNullValue());
assertThat(realm.getAcceptableAaguids(), is(getAcceptableAaguid(getPolicyPage().getAcceptableAaguid())));
}
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class PolicyJsInjectionTest method relyingPartyId.
@Test
public void relyingPartyId() throws IOException {
try (Closeable u = getWebAuthnRealmUpdater().setWebAuthnPolicyRpId(PROMPT_SCRIPT).update()) {
WebAuthnRealmData data = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
assertThat(data.getRpId(), is(PROMPT_SCRIPT));
registerDefaultUser(false);
webAuthnErrorPage.assertCurrent();
final String expectedMessage = getExpectedMessageByDriver("SecurityError: The operation is insecure.", "The relying party ID is not a registrable domain suffix of, nor equal to the current domain.");
assertThat(webAuthnErrorPage.getError(), containsString(expectedMessage));
}
}
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class PolicyJsInjectionTest method userVerificationRequirement.
@Test
public void userVerificationRequirement() {
String expectedMessage = getExpectedMessageByDriver("(value of 'userVerification' member of AuthenticatorSelectionCriteria) is not a valid value for enumeration UserVerificationRequirement.", "The provided value 'required\"; window.prompt('Injection'); \"<img id=\"image-inject\" src='none'/> ' is not a valid enum value of type UserVerificationRequirement.");
verifyInjection((updater) -> updater.setWebAuthnPolicyUserVerificationRequirement(PROMPT_SCRIPT), WebAuthnRealmData::getUserVerificationRequirement, PROMPT_SCRIPT, expectedMessage);
}
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class PolicyJsInjectionTest method authenticatorAttachment.
@Test
public void authenticatorAttachment() {
final String expectedMessage = getExpectedMessageByDriver("(value of 'authenticatorAttachment' member of AuthenticatorSelectionCriteria) is not a valid value for enumeration AuthenticatorAttachment.", "The provided value 'required\"; window.location.href = \"http://www.keycloak.org\";\"' is not a valid enum value of type AuthenticatorAttachment.");
verifyInjection((updater) -> updater.setWebAuthnPolicyAuthenticatorAttachment(REDIRECT_SCRIPT), WebAuthnRealmData::getAuthenticatorAttachment, REDIRECT_SCRIPT, expectedMessage);
}
Aggregations