Example 16 with WebAuthnRealmData
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class PolicyJsInjectionTest method verifyInjection.
/**
* Verify the possibility of executing the JS injection in WebAuthn Policy settings
*
* @param realmSetter set Realm WebAuthn policy
* @param realmGetter get Realm WebAuthn policy
* @param expectedValue expected value save in realm
* @param errorMessage expected message if it's present
*/
private void verifyInjection(Consumer<AbstractWebAuthnRealmUpdater<?>> realmSetter, Function<WebAuthnRealmData, String> realmGetter, String expectedValue, String errorMessage) {
AbstractWebAuthnRealmUpdater<?> updater = getWebAuthnRealmUpdater();
realmSetter.accept(updater);
try (Closeable u = updater.update()) {
WebAuthnRealmData data = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
assertThat(realmGetter.apply(data), is(expectedValue));
boolean shouldSuccess = StringUtil.isBlank(errorMessage);
registerDefaultUser(shouldSuccess);
if (shouldSuccess) {
appPage.assertCurrent();
} else {
webAuthnErrorPage.assertCurrent();
assertThat(webAuthnErrorPage.getError(), containsString(errorMessage));
}
} catch (IOException e) {
throw new RuntimeException("Cannot verify test scenarios for WebAuthn Policy JS Injection", e);
}
}
Also used :
Closeable(java.io.Closeable)
IOException(java.io.IOException)
WebAuthnRealmData(org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData)
Example 17 with WebAuthnRealmData
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class PolicyJsInjectionTest method attestationConveyancePreference.
@Test
public void attestationConveyancePreference() {
final String expectedMessage = getExpectedMessageByDriver("(value of 'attestation' member of PublicKeyCredentialCreationOptions) is not a valid value for enumeration AttestationConveyancePreference.", "The provided value 'required\"; window.location.href = \"http://www.keycloak.org\";\"' is not a valid enum value of type AttestationConveyancePreference.");
verifyInjection((updater) -> updater.setWebAuthnPolicyAttestationConveyancePreference(REDIRECT_SCRIPT), WebAuthnRealmData::getAttestationConveyancePreference, REDIRECT_SCRIPT, expectedMessage);
}
Also used :
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
WebAuthnRealmData(org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData)
Test(org.junit.Test)
AbstractWebAuthnVirtualTest(org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest)
Example 18 with WebAuthnRealmData
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class WebAuthnOtherSettingsTest method excludeCredentials.
@Test
public void excludeCredentials() throws IOException {
List<String> acceptableAaguids = Collections.singletonList(ALL_ONE_AAGUID);
try (Closeable u = getWebAuthnRealmUpdater().setWebAuthnPolicyAcceptableAaguids(acceptableAaguids).update()) {
WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
assertThat(realmData.getAcceptableAaguids(), Matchers.contains(ALL_ONE_AAGUID));
registerDefaultUser();
webAuthnErrorPage.assertCurrent();
assertThat(webAuthnErrorPage.getError(), allOf(containsString("not acceptable aaguid"), containsString(ALL_ZERO_AAGUID)));
}
}
Also used :
Closeable(java.io.Closeable)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
WebAuthnRealmData(org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData)
AbstractWebAuthnVirtualTest(org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest)
Test(org.junit.Test)
Example 19 with WebAuthnRealmData
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class WebAuthnOtherSettingsTest method timeout.
@Test
@IgnoreBrowserDriver(FirefoxDriver.class)
public void timeout() throws IOException {
// seconds
final Integer TIMEOUT = 3;
getVirtualAuthManager().removeAuthenticator();
try (Closeable u = getWebAuthnRealmUpdater().setWebAuthnPolicyCreateTimeout(TIMEOUT).update()) {
WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
assertThat(realmData.getCreateTimeout(), is(TIMEOUT));
loginPage.open();
loginPage.clickRegister();
registerPage.assertCurrent();
registerPage.register("firstName", "lastName", EMAIL, USERNAME, PASSWORD, PASSWORD);
// User was registered. Now he needs to register WebAuthn credential
webAuthnRegisterPage.assertCurrent();
webAuthnRegisterPage.clickRegister();
pause((TIMEOUT + 2) * 1000);
webAuthnErrorPage.assertCurrent();
assertThat(webAuthnErrorPage.getError(), containsString("The operation either timed out or was not allowed"));
webAuthnErrorPage.clickTryAgain();
waitForPageToLoad();
webAuthnRegisterPage.assertCurrent();
webAuthnRegisterPage.clickRegister();
assertThat(webAuthnErrorPage.isCurrent(), is(false));
}
}
Also used :
Closeable(java.io.Closeable)
WebAuthnRealmData(org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData)
AbstractWebAuthnVirtualTest(org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest)
Test(org.junit.Test)
IgnoreBrowserDriver(org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver)
Example 20 with WebAuthnRealmData
use of org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData in project keycloak by keycloak.
the class WebAuthnOtherSettingsTest method acceptableAaguidsShouldBeEmptyOrNullByDefault.
@Test
public void acceptableAaguidsShouldBeEmptyOrNullByDefault() {
WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
assertThat(realmData.getAcceptableAaguids(), anyOf(nullValue(), Matchers.empty()));
}
Also used :
WebAuthnRealmData(org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData)
AbstractWebAuthnVirtualTest(org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest)
Test(org.junit.Test)
Aggregations
WebAuthnRealmData (org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData)29
Test (org.junit.Test)22
Closeable (java.io.Closeable)12
AbstractConsoleTest (org.keycloak.testsuite.console.AbstractConsoleTest)10
CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)9
AbstractWebAuthnVirtualTest (org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest)9
IOException (java.io.IOException)6
IgnoreBrowserDriver (org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver)4
WebAuthnCredentialData (org.keycloak.models.credential.dto.WebAuthnCredentialData)3
WebAuthnDataWrapper (org.keycloak.testsuite.webauthn.utils.WebAuthnDataWrapper)3
NoSuchElementException (org.openqa.selenium.NoSuchElementException)2
Credential (org.openqa.selenium.virtualauthenticator.Credential)2
AttestationConveyancePreference (com.webauthn4j.data.AttestationConveyancePreference)1
AuthenticatorAttachment (com.webauthn4j.data.AuthenticatorAttachment)1
UserVerificationRequirement (com.webauthn4j.data.UserVerificationRequirement)1
COSEKey (com.webauthn4j.data.attestation.authenticator.COSEKey)1
RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)1
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)1
RealmAttributeUpdater (org.keycloak.testsuite.updaters.RealmAttributeUpdater)1
WebAuthnPolicyPage (org.keycloak.testsuite.webauthn.pages.WebAuthnPolicyPage)1
