use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class ResidentKeyRegisterTest method assertResidentKey.
private void assertResidentKey(boolean shouldSuccess, PropertyRequirement requirement, boolean hasResidentKey) {
final String userVerification;
if (hasResidentKey) {
getVirtualAuthManager().useAuthenticator(DEFAULT_RESIDENT_KEY.getOptions());
userVerification = OPTION_REQUIRED;
} else {
userVerification = DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED;
}
try (Closeable u = getWebAuthnRealmUpdater().setWebAuthnPolicyRpEntityName("localhost").setWebAuthnPolicyRequireResidentKey(requirement.getValue()).setWebAuthnPolicyUserVerificationRequirement(userVerification).update()) {
WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
assertThat(realmData.getRpEntityName(), is("localhost"));
assertThat(realmData.getRequireResidentKey(), is(requirement.getValue()));
assertThat(realmData.getUserVerificationRequirement(), is(userVerification));
registerDefaultUser(shouldSuccess);
displayErrorMessageIfPresent();
if (!shouldSuccess) {
assertThat(webAuthnErrorPage.isCurrent(), is(true));
return;
} else {
assertThat(webAuthnErrorPage.isCurrent(), is(false));
}
final List<Credential> credentials = getVirtualAuthManager().getCurrent().getAuthenticator().getCredentials();
assertThat(credentials, notNullValue());
assertThat(credentials, not(Matchers.empty()));
if (PropertyRequirement.YES.equals(requirement)) {
final String userId = ApiUtil.findUserByUsername(testRealm(), USERNAME).getId();
final Credential credential = credentials.get(0);
assertThat(credential.isResidentCredential(), is(hasResidentKey));
assertThat(new String(credential.getUserHandle()), is(userId));
}
logout();
authenticateDefaultUser();
} catch (IOException e) {
throw new RuntimeException(e.getCause());
}
}
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class AuthAttachmentRegisterTest method authenticatorAttachmentPlatform.
@Test
public void authenticatorAttachmentPlatform() throws IOException {
try (Closeable u = getWebAuthnRealmUpdater().setWebAuthnPolicyAuthenticatorAttachment(AuthenticatorAttachment.PLATFORM.getValue()).setWebAuthnPolicyUserVerificationRequirement(UserVerificationRequirement.DISCOURAGED.getValue()).update()) {
// It shouldn't be possible to register the authenticator
getVirtualAuthManager().useAuthenticator(DEFAULT_BLE.getOptions());
WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
assertThat(realmData.getAuthenticatorAttachment(), is(AuthenticatorAttachment.PLATFORM.getValue()));
assertThat(realmData.getUserVerificationRequirement(), is(UserVerificationRequirement.DISCOURAGED.getValue()));
registerDefaultUser(false);
webAuthnRegisterPage.assertCurrent();
webAuthnRegisterPage.clickRegister();
webAuthnErrorPage.assertCurrent();
assertThat(webAuthnErrorPage.getError(), containsString("A request is already pending."));
}
}
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class UserVerificationRegisterTest method assertUserVerification.
private void assertUserVerification(boolean shouldSuccess, UserVerificationRequirement requirement, Consumer<VirtualAuthenticatorOptions> authenticator) {
VirtualAuthenticatorOptions options = getDefaultAuthenticatorOptions();
authenticator.accept(options);
getVirtualAuthManager().useAuthenticator(options);
WaitUtils.pause(200);
try (Closeable u = getWebAuthnRealmUpdater().setWebAuthnPolicyUserVerificationRequirement(requirement.getValue()).update()) {
WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
assertThat(realmData.getUserVerificationRequirement(), containsString(requirement.getValue()));
registerDefaultUser(shouldSuccess);
displayErrorMessageIfPresent();
assertThat(webAuthnErrorPage.isCurrent(), is(!shouldSuccess));
} catch (IOException e) {
throw new RuntimeException(e.getCause());
}
}
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class AttestationConveyanceRegisterTest method attestationDefaultValue.
@Test
public void attestationDefaultValue() {
WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
assertThat(realmData.getAttestationConveyancePreference(), is(DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED));
registerDefaultUser();
displayErrorMessageIfPresent();
final String credentialType = getCredentialType();
getTestingClient().server(TEST_REALM_NAME).run(session -> {
final WebAuthnDataWrapper dataWrapper = new WebAuthnDataWrapper(session, USERNAME, credentialType);
assertThat(dataWrapper, notNullValue());
final WebAuthnCredentialData data = dataWrapper.getWebAuthnData();
assertThat(data, notNullValue());
assertThat(data.getAttestationStatementFormat(), is(AttestationConveyancePreference.NONE.getValue()));
});
}
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class AttestationConveyanceRegisterTest method assertAttestationConveyance.
protected void assertAttestationConveyance(boolean shouldSuccess, AttestationConveyancePreference attestation) {
Credential credential = getDefaultResidentKeyCredential();
getVirtualAuthManager().useAuthenticator(getDefaultAuthenticatorOptions().setHasResidentKey(true));
getVirtualAuthManager().getCurrent().getAuthenticator().addCredential(credential);
try (AbstractWebAuthnRealmUpdater updater = getWebAuthnRealmUpdater().setWebAuthnPolicyAttestationConveyancePreference(attestation.getValue()).update()) {
WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
assertThat(realmData.getAttestationConveyancePreference(), is(attestation.getValue()));
registerDefaultUser(shouldSuccess);
displayErrorMessageIfPresent();
final boolean isErrorCurrent = webAuthnErrorPage.isCurrent();
assertThat(isErrorCurrent, is(!shouldSuccess));
final String credentialType = getCredentialType();
getTestingClient().server(TEST_REALM_NAME).run(session -> {
final WebAuthnDataWrapper dataWrapper = new WebAuthnDataWrapper(session, USERNAME, credentialType);
assertThat(dataWrapper, notNullValue());
final WebAuthnCredentialData data = dataWrapper.getWebAuthnData();
assertThat(data, notNullValue());
assertThat(data.getAttestationStatementFormat(), is(attestation.getValue()));
});
} catch (IOException e) {
throw new RuntimeException(e);
}
}
Aggregations