From b5835fc232cadecfb96f4510b76090241c7aac3f Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Thu, 24 Jul 2014 14:15:02 +0100
Subject: [PATCH] Added test to make sure password is verified with totp login

---
 .../keycloak/testsuite/forms/LoginTotpTest.java   | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java
index 9575f462a7..b680d0932c 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java
@@ -128,4 +128,19 @@ public class LoginTotpTest {
         events.expectLogin().assertEvent();
     }
 
+    @Test
+    public void loginWithTotpInvalidPassword() throws Exception {
+        loginPage.open();
+        loginPage.login("test-user@localhost", "invalid");
+
+        loginTotpPage.assertCurrent();
+
+        loginTotpPage.login(totp.generate("totpSecret"));
+
+        loginPage.assertCurrent();
+        Assert.assertEquals("Invalid username or password.", loginPage.getError());
+
+        events.expectLogin().error("invalid_user_credentials").removeDetail(Details.CODE_ID).session((String) null).assertEvent();
+    }
+
 }