KEYCLOAK-5861 Remove AUTH_SESSION_ID when END_AFTER_REQUIRED_ACTIONS set
This commit is contained in:
Hynek Mlnarik
Hynek Mlnařík
parent
4a012b73ea
commit
00fb36437d
6 changed files with 111 additions and 21 deletions
|
|
@ -765,10 +765,10 @@ public class AuthenticationManager {
|
||||||
}
|
}
|
||||||
Response response = infoPage
|
Response response = infoPage
|
||||||
.createInfoPage();
|
.createInfoPage();
|
||||||
|
|
||||||
|
new AuthenticationSessionManager(session).removeAuthenticationSession(authSession.getRealm(), authSession, true);
|
||||||
|
|
||||||
return response;
|
return response;
|
||||||
|
|
||||||
// Don't remove authentication session for now, to ensure that browser buttons (back/refresh) will still work fine.
|
|
||||||
|
|
||||||
}
|
}
|
||||||
RealmModel realm = authSession.getRealm();
|
RealmModel realm = authSession.getRealm();
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -16,6 +16,7 @@
|
||||||
*/
|
*/
|
||||||
package org.keycloak.testsuite.auth.page.account;
|
package org.keycloak.testsuite.auth.page.account;
|
||||||
|
|
||||||
|
import org.keycloak.testsuite.util.URLUtils;
|
||||||
import org.openqa.selenium.WebElement;
|
import org.openqa.selenium.WebElement;
|
||||||
import org.openqa.selenium.support.FindBy;
|
import org.openqa.selenium.support.FindBy;
|
||||||
|
|
||||||
|
|
@ -77,4 +78,8 @@ public class Account extends AccountManagement {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public boolean isCurrent() {
|
||||||
|
return URLUtils.currentUrlStartWith(toString()); // Sometimes after login the URL ends with /# or similar
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -26,6 +26,7 @@ import javax.ws.rs.core.UriBuilder;
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
import org.junit.Assert;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
|
|
@ -102,4 +103,9 @@ public abstract class AbstractPage {
|
||||||
return URLUtils.currentUrlEqual(toString());
|
return URLUtils.currentUrlEqual(toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void assertCurrent() {
|
||||||
|
String name = getClass().getSimpleName();
|
||||||
|
Assert.assertTrue("Expected " + name + " but was " + driver.getTitle() + " (" + driver.getCurrentUrl() + ")",
|
||||||
|
isCurrent());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,6 @@ import org.keycloak.admin.client.resource.RealmResource;
|
||||||
import org.keycloak.representations.idm.RealmRepresentation;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import java.io.Closeable;
|
import java.io.Closeable;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
|
|
@ -12,14 +11,14 @@ import java.util.Map;
|
||||||
*/
|
*/
|
||||||
public class RealmAttributeUpdater {
|
public class RealmAttributeUpdater {
|
||||||
|
|
||||||
private final Map<String, String> originalAttributes = new HashMap<>();
|
|
||||||
|
|
||||||
private final RealmResource realmResource;
|
private final RealmResource realmResource;
|
||||||
|
|
||||||
private final RealmRepresentation rep;
|
private final RealmRepresentation rep;
|
||||||
|
private final RealmRepresentation origRep;
|
||||||
|
|
||||||
public RealmAttributeUpdater(RealmResource realmResource) {
|
public RealmAttributeUpdater(RealmResource realmResource) {
|
||||||
this.realmResource = realmResource;
|
this.realmResource = realmResource;
|
||||||
|
this.origRep = realmResource.toRepresentation();
|
||||||
this.rep = realmResource.toRepresentation();
|
this.rep = realmResource.toRepresentation();
|
||||||
if (this.rep.getAttributes() == null) {
|
if (this.rep.getAttributes() == null) {
|
||||||
this.rep.setAttributes(new HashMap<>());
|
this.rep.setAttributes(new HashMap<>());
|
||||||
|
|
@ -27,29 +26,18 @@ public class RealmAttributeUpdater {
|
||||||
}
|
}
|
||||||
|
|
||||||
public RealmAttributeUpdater setAttribute(String name, String value) {
|
public RealmAttributeUpdater setAttribute(String name, String value) {
|
||||||
if (! originalAttributes.containsKey(name)) {
|
|
||||||
this.originalAttributes.put(name, this.rep.getAttributes().put(name, value));
|
|
||||||
} else {
|
|
||||||
this.rep.getAttributes().put(name, value);
|
this.rep.getAttributes().put(name, value);
|
||||||
}
|
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public RealmAttributeUpdater removeAttribute(String name) {
|
public RealmAttributeUpdater removeAttribute(String name) {
|
||||||
if (! originalAttributes.containsKey(name)) {
|
|
||||||
this.originalAttributes.put(name, this.rep.getAttributes().put(name, null));
|
|
||||||
} else {
|
|
||||||
this.rep.getAttributes().put(name, null);
|
this.rep.getAttributes().put(name, null);
|
||||||
}
|
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Closeable update() {
|
public Closeable update() {
|
||||||
realmResource.update(rep);
|
realmResource.update(rep);
|
||||||
|
|
||||||
return () -> {
|
return () -> realmResource.update(origRep);
|
||||||
rep.getAttributes().putAll(originalAttributes);
|
|
||||||
realmResource.update(rep);
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,55 @@
|
||||||
|
package org.keycloak.testsuite.updaters;
|
||||||
|
|
||||||
|
import org.keycloak.admin.client.resource.UserResource;
|
||||||
|
import org.keycloak.representations.idm.UserRepresentation;
|
||||||
|
import java.io.Closeable;
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @author hmlnarik
|
||||||
|
*/
|
||||||
|
public class UserAttributeUpdater {
|
||||||
|
|
||||||
|
private final UserResource userResource;
|
||||||
|
|
||||||
|
private final UserRepresentation rep;
|
||||||
|
private final UserRepresentation origRep;
|
||||||
|
|
||||||
|
public UserAttributeUpdater(UserResource userResource) {
|
||||||
|
this.userResource = userResource;
|
||||||
|
this.origRep = userResource.toRepresentation();
|
||||||
|
this.rep = userResource.toRepresentation();
|
||||||
|
if (this.rep.getAttributes() == null) {
|
||||||
|
this.rep.setAttributes(new HashMap<>());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public UserAttributeUpdater setAttribute(String name, List<String> value) {
|
||||||
|
this.rep.getAttributes().put(name, value);
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public UserAttributeUpdater setAttribute(String name, String... values) {
|
||||||
|
this.rep.getAttributes().put(name, Arrays.asList(values));
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public UserAttributeUpdater removeAttribute(String name) {
|
||||||
|
this.rep.getAttributes().put(name, null);
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public UserAttributeUpdater setEmailVerified(Boolean emailVerified) {
|
||||||
|
rep.setEmailVerified(emailVerified);
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public Closeable update() {
|
||||||
|
userResource.update(rep);
|
||||||
|
|
||||||
|
return () -> userResource.update(origRep);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -27,6 +27,7 @@ import org.keycloak.events.Details;
|
||||||
import org.keycloak.events.Errors;
|
import org.keycloak.events.Errors;
|
||||||
import org.keycloak.events.EventType;
|
import org.keycloak.events.EventType;
|
||||||
import org.keycloak.models.Constants;
|
import org.keycloak.models.Constants;
|
||||||
|
import org.keycloak.models.UserModel.RequiredAction;
|
||||||
import org.keycloak.representations.idm.EventRepresentation;
|
import org.keycloak.representations.idm.EventRepresentation;
|
||||||
import org.keycloak.representations.idm.RealmRepresentation;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.representations.idm.UserRepresentation;
|
import org.keycloak.representations.idm.UserRepresentation;
|
||||||
|
|
@ -41,15 +42,17 @@ import org.keycloak.testsuite.pages.InfoPage;
|
||||||
import org.keycloak.testsuite.pages.LoginPage;
|
import org.keycloak.testsuite.pages.LoginPage;
|
||||||
import org.keycloak.testsuite.pages.RegisterPage;
|
import org.keycloak.testsuite.pages.RegisterPage;
|
||||||
import org.keycloak.testsuite.pages.VerifyEmailPage;
|
import org.keycloak.testsuite.pages.VerifyEmailPage;
|
||||||
|
import org.keycloak.testsuite.updaters.UserAttributeUpdater;
|
||||||
import org.keycloak.testsuite.util.GreenMailRule;
|
import org.keycloak.testsuite.util.GreenMailRule;
|
||||||
import org.keycloak.testsuite.util.MailUtils;
|
import org.keycloak.testsuite.util.MailUtils;
|
||||||
import org.keycloak.testsuite.util.UserActionTokenBuilder;
|
import org.keycloak.testsuite.util.UserActionTokenBuilder;
|
||||||
import org.keycloak.testsuite.util.UserBuilder;
|
import org.keycloak.testsuite.util.UserBuilder;
|
||||||
|
|
||||||
|
import java.io.Closeable;
|
||||||
import javax.mail.MessagingException;
|
import javax.mail.MessagingException;
|
||||||
import javax.mail.Multipart;
|
|
||||||
import javax.mail.internet.MimeMessage;
|
import javax.mail.internet.MimeMessage;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.util.Arrays;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
@ -581,4 +584,37 @@ public class RequiredActionEmailVerificationTest extends AbstractTestRealmKeyclo
|
||||||
return MailUtils.getPasswordResetEmailLink(message);
|
return MailUtils.getPasswordResetEmailLink(message);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// https://issues.jboss.org/browse/KEYCLOAK-5861
|
||||||
|
@Test
|
||||||
|
public void verifyEmailNewBrowserSessionWithClientRedirect() throws IOException, MessagingException {
|
||||||
|
try (Closeable u = new UserAttributeUpdater(testRealm().users().get(testUserId))
|
||||||
|
.setEmailVerified(false)
|
||||||
|
.update()) {
|
||||||
|
testRealm().users().get(testUserId).executeActionsEmail(Arrays.asList(RequiredAction.VERIFY_EMAIL.name()));
|
||||||
|
|
||||||
|
Assert.assertEquals(1, greenMail.getReceivedMessages().length);
|
||||||
|
MimeMessage message = greenMail.getLastReceivedMessage();
|
||||||
|
|
||||||
|
String verificationUrl = getPasswordResetEmailLink(message);
|
||||||
|
|
||||||
|
driver.manage().deleteAllCookies();
|
||||||
|
|
||||||
|
driver.navigate().to(verificationUrl.trim());
|
||||||
|
proceedPage.assertCurrent();
|
||||||
|
proceedPage.clickProceedLink();
|
||||||
|
|
||||||
|
infoPage.assertCurrent();
|
||||||
|
assertEquals("Your account has been updated.", infoPage.getInfo());
|
||||||
|
|
||||||
|
// Now log into account page
|
||||||
|
accountPage.setAuthRealm(testRealm().toRepresentation().getRealm());
|
||||||
|
accountPage.navigateTo();
|
||||||
|
|
||||||
|
loginPage.assertCurrent();
|
||||||
|
loginPage.login("test-user@localhost", "password");
|
||||||
|
|
||||||
|
accountPage.assertCurrent();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue