Search in sources :

Example 11 with WebAuthnRealmData

use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.

the class ResidentKeyRegisterTest method assertResidentKey.

private void assertResidentKey(boolean shouldSuccess, PropertyRequirement requirement, boolean hasResidentKey) {
    final String userVerification;
    if (hasResidentKey) {
        getVirtualAuthManager().useAuthenticator(DEFAULT_RESIDENT_KEY.getOptions());
        userVerification = OPTION_REQUIRED;
    } else {
        userVerification = DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED;
    }
    try (Closeable u = getWebAuthnRealmUpdater().setWebAuthnPolicyRpEntityName("localhost").setWebAuthnPolicyRequireResidentKey(requirement.getValue()).setWebAuthnPolicyUserVerificationRequirement(userVerification).update()) {
        WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
        assertThat(realmData.getRpEntityName(), is("localhost"));
        assertThat(realmData.getRequireResidentKey(), is(requirement.getValue()));
        assertThat(realmData.getUserVerificationRequirement(), is(userVerification));
        registerDefaultUser(shouldSuccess);
        displayErrorMessageIfPresent();
        if (!shouldSuccess) {
            assertThat(webAuthnErrorPage.isCurrent(), is(true));
            return;
        } else {
            assertThat(webAuthnErrorPage.isCurrent(), is(false));
        }
        final List<Credential> credentials = getVirtualAuthManager().getCurrent().getAuthenticator().getCredentials();
        assertThat(credentials, notNullValue());
        assertThat(credentials, not(Matchers.empty()));
        if (PropertyRequirement.YES.equals(requirement)) {
            final String userId = ApiUtil.findUserByUsername(testRealm(), USERNAME).getId();
            final Credential credential = credentials.get(0);
            assertThat(credential.isResidentCredential(), is(hasResidentKey));
            assertThat(new String(credential.getUserHandle()), is(userId));
        }
        logout();
        authenticateDefaultUser();
    } catch (IOException e) {
        throw new RuntimeException(e.getCause());
    }
}
Also used : Credential(org.openqa.selenium.virtualauthenticator.Credential) Closeable(java.io.Closeable) IOException(java.io.IOException) WebAuthnRealmData(org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData)

Example 12 with WebAuthnRealmData

use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.

the class AuthAttachmentRegisterTest method authenticatorAttachmentPlatform.

@Test
public void authenticatorAttachmentPlatform() throws IOException {
    try (Closeable u = getWebAuthnRealmUpdater().setWebAuthnPolicyAuthenticatorAttachment(AuthenticatorAttachment.PLATFORM.getValue()).setWebAuthnPolicyUserVerificationRequirement(UserVerificationRequirement.DISCOURAGED.getValue()).update()) {
        // It shouldn't be possible to register the authenticator
        getVirtualAuthManager().useAuthenticator(DEFAULT_BLE.getOptions());
        WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
        assertThat(realmData.getAuthenticatorAttachment(), is(AuthenticatorAttachment.PLATFORM.getValue()));
        assertThat(realmData.getUserVerificationRequirement(), is(UserVerificationRequirement.DISCOURAGED.getValue()));
        registerDefaultUser(false);
        webAuthnRegisterPage.assertCurrent();
        webAuthnRegisterPage.clickRegister();
        webAuthnErrorPage.assertCurrent();
        assertThat(webAuthnErrorPage.getError(), containsString("A request is already pending."));
    }
}
Also used : Closeable(java.io.Closeable) WebAuthnRealmData(org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData) Test(org.junit.Test) AbstractWebAuthnVirtualTest(org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest)

Example 13 with WebAuthnRealmData

use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.

the class UserVerificationRegisterTest method assertUserVerification.

private void assertUserVerification(boolean shouldSuccess, UserVerificationRequirement requirement, Consumer<VirtualAuthenticatorOptions> authenticator) {
    VirtualAuthenticatorOptions options = getDefaultAuthenticatorOptions();
    authenticator.accept(options);
    getVirtualAuthManager().useAuthenticator(options);
    WaitUtils.pause(200);
    try (Closeable u = getWebAuthnRealmUpdater().setWebAuthnPolicyUserVerificationRequirement(requirement.getValue()).update()) {
        WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
        assertThat(realmData.getUserVerificationRequirement(), containsString(requirement.getValue()));
        registerDefaultUser(shouldSuccess);
        displayErrorMessageIfPresent();
        assertThat(webAuthnErrorPage.isCurrent(), is(!shouldSuccess));
    } catch (IOException e) {
        throw new RuntimeException(e.getCause());
    }
}
Also used : Closeable(java.io.Closeable) IOException(java.io.IOException) VirtualAuthenticatorOptions(org.openqa.selenium.virtualauthenticator.VirtualAuthenticatorOptions) WebAuthnRealmData(org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData)

Example 14 with WebAuthnRealmData

use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.

the class AttestationConveyanceRegisterTest method attestationDefaultValue.

@Test
public void attestationDefaultValue() {
    WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
    assertThat(realmData.getAttestationConveyancePreference(), is(DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED));
    registerDefaultUser();
    displayErrorMessageIfPresent();
    final String credentialType = getCredentialType();
    getTestingClient().server(TEST_REALM_NAME).run(session -> {
        final WebAuthnDataWrapper dataWrapper = new WebAuthnDataWrapper(session, USERNAME, credentialType);
        assertThat(dataWrapper, notNullValue());
        final WebAuthnCredentialData data = dataWrapper.getWebAuthnData();
        assertThat(data, notNullValue());
        assertThat(data.getAttestationStatementFormat(), is(AttestationConveyancePreference.NONE.getValue()));
    });
}
Also used : WebAuthnDataWrapper(org.keycloak.testsuite.webauthn.utils.WebAuthnDataWrapper) WebAuthnCredentialData(org.keycloak.models.credential.dto.WebAuthnCredentialData) WebAuthnRealmData(org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData) Test(org.junit.Test) AbstractWebAuthnVirtualTest(org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest)

Example 15 with WebAuthnRealmData

use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.

the class AttestationConveyanceRegisterTest method assertAttestationConveyance.

protected void assertAttestationConveyance(boolean shouldSuccess, AttestationConveyancePreference attestation) {
    Credential credential = getDefaultResidentKeyCredential();
    getVirtualAuthManager().useAuthenticator(getDefaultAuthenticatorOptions().setHasResidentKey(true));
    getVirtualAuthManager().getCurrent().getAuthenticator().addCredential(credential);
    try (AbstractWebAuthnRealmUpdater updater = getWebAuthnRealmUpdater().setWebAuthnPolicyAttestationConveyancePreference(attestation.getValue()).update()) {
        WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
        assertThat(realmData.getAttestationConveyancePreference(), is(attestation.getValue()));
        registerDefaultUser(shouldSuccess);
        displayErrorMessageIfPresent();
        final boolean isErrorCurrent = webAuthnErrorPage.isCurrent();
        assertThat(isErrorCurrent, is(!shouldSuccess));
        final String credentialType = getCredentialType();
        getTestingClient().server(TEST_REALM_NAME).run(session -> {
            final WebAuthnDataWrapper dataWrapper = new WebAuthnDataWrapper(session, USERNAME, credentialType);
            assertThat(dataWrapper, notNullValue());
            final WebAuthnCredentialData data = dataWrapper.getWebAuthnData();
            assertThat(data, notNullValue());
            assertThat(data.getAttestationStatementFormat(), is(attestation.getValue()));
        });
    } catch (IOException e) {
        throw new RuntimeException(e);
    }
}
Also used : WebAuthnDataWrapper(org.keycloak.testsuite.webauthn.utils.WebAuthnDataWrapper) Credential(org.openqa.selenium.virtualauthenticator.Credential) WebAuthnCredentialData(org.keycloak.models.credential.dto.WebAuthnCredentialData) AbstractWebAuthnRealmUpdater(org.keycloak.testsuite.webauthn.updaters.AbstractWebAuthnRealmUpdater) IOException(java.io.IOException) WebAuthnRealmData(org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData)

Aggregations

WebAuthnRealmData (org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData)29 Test (org.junit.Test)22 Closeable (java.io.Closeable)12 AbstractConsoleTest (org.keycloak.testsuite.console.AbstractConsoleTest)10 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)9 AbstractWebAuthnVirtualTest (org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest)9 IOException (java.io.IOException)6 IgnoreBrowserDriver (org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver)4 WebAuthnCredentialData (org.keycloak.models.credential.dto.WebAuthnCredentialData)3 WebAuthnDataWrapper (org.keycloak.testsuite.webauthn.utils.WebAuthnDataWrapper)3 NoSuchElementException (org.openqa.selenium.NoSuchElementException)2 Credential (org.openqa.selenium.virtualauthenticator.Credential)2 AttestationConveyancePreference (com.webauthn4j.data.AttestationConveyancePreference)1 AuthenticatorAttachment (com.webauthn4j.data.AuthenticatorAttachment)1 UserVerificationRequirement (com.webauthn4j.data.UserVerificationRequirement)1 COSEKey (com.webauthn4j.data.attestation.authenticator.COSEKey)1 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)1 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)1 RealmAttributeUpdater (org.keycloak.testsuite.updaters.RealmAttributeUpdater)1 WebAuthnPolicyPage (org.keycloak.testsuite.webauthn.pages.WebAuthnPolicyPage)1