KEYCLOAK-6706 E-mail verification won't let user back into the app
This commit is contained in:
parent
fdc9882709
commit
248654a75e
2 changed files with 89 additions and 1 deletions
|
@ -117,7 +117,7 @@ public class LoginActionsServiceChecks {
|
||||||
}
|
}
|
||||||
|
|
||||||
UserSessionModel userSession = context.getSession().sessions().getUserSession(context.getRealm(), authSessionId);
|
UserSessionModel userSession = context.getSession().sessions().getUserSession(context.getRealm(), authSessionId);
|
||||||
if (userSession != null) {
|
if (userSession != null && userSession.getUser().getRequiredActions().isEmpty()) {
|
||||||
LoginFormsProvider loginForm = context.getSession().getProvider(LoginFormsProvider.class).setAuthenticationSession(context.getAuthenticationSession())
|
LoginFormsProvider loginForm = context.getSession().getProvider(LoginFormsProvider.class).setAuthenticationSession(context.getAuthenticationSession())
|
||||||
.setSuccess(Messages.ALREADY_LOGGED_IN);
|
.setSuccess(Messages.ALREADY_LOGGED_IN);
|
||||||
|
|
||||||
|
|
|
@ -37,6 +37,7 @@ import org.keycloak.representations.idm.UserRepresentation;
|
||||||
import org.keycloak.testsuite.AssertEvents;
|
import org.keycloak.testsuite.AssertEvents;
|
||||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||||
import org.keycloak.testsuite.admin.ApiUtil;
|
import org.keycloak.testsuite.admin.ApiUtil;
|
||||||
|
import org.keycloak.testsuite.broker.BrokerTestTools;
|
||||||
import org.keycloak.testsuite.pages.AppPage;
|
import org.keycloak.testsuite.pages.AppPage;
|
||||||
import org.keycloak.testsuite.pages.AppPage.RequestType;
|
import org.keycloak.testsuite.pages.AppPage.RequestType;
|
||||||
import org.keycloak.testsuite.pages.ProceedPage;
|
import org.keycloak.testsuite.pages.ProceedPage;
|
||||||
|
@ -832,4 +833,91 @@ public class RequiredActionEmailVerificationTest extends AbstractTestRealmKeyclo
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void verifyEmailWhileLoggedIn() throws IOException, MessagingException {
|
||||||
|
UserAttributeUpdater userAttributeUpdater = new UserAttributeUpdater(testRealm().users().get(testUserId));
|
||||||
|
userAttributeUpdater.setEmailVerified(true).update();
|
||||||
|
|
||||||
|
final String testRealmName = testRealm().toRepresentation().getRealm();
|
||||||
|
accountPage.setAuthRealm(testRealmName);
|
||||||
|
oauth.realm(testRealmName).clientId("account").redirectUri(getAuthServerRoot() + "realms/" + testRealmName + "/account");
|
||||||
|
loginPage.open();
|
||||||
|
loginPage.login("test-user@localhost", "password");
|
||||||
|
accountPage.assertCurrent();
|
||||||
|
|
||||||
|
userAttributeUpdater.setEmailVerified(false).setRequiredActions(RequiredAction.VERIFY_EMAIL).update();
|
||||||
|
|
||||||
|
// this will result in email verification
|
||||||
|
loginPage.open();
|
||||||
|
verifyEmailPage.assertCurrent();
|
||||||
|
|
||||||
|
Assert.assertEquals(1, greenMail.getReceivedMessages().length);
|
||||||
|
MimeMessage message = greenMail.getLastReceivedMessage();
|
||||||
|
|
||||||
|
String verificationUrl = getPasswordResetEmailLink(message);
|
||||||
|
|
||||||
|
// confirm
|
||||||
|
driver.navigate().to(verificationUrl);
|
||||||
|
|
||||||
|
// back to account, already logged in
|
||||||
|
accountPage.assertCurrent();
|
||||||
|
|
||||||
|
// email should be verified and required actions empty
|
||||||
|
UserRepresentation user = testRealm().users().get(testUserId).toRepresentation();
|
||||||
|
Assert.assertTrue(user.isEmailVerified());
|
||||||
|
Assert.assertThat(user.getRequiredActions(), Matchers.empty());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void verifyEmailInNewBrowserWhileLoggedInFirstBrowser() throws IOException, MessagingException {
|
||||||
|
UserAttributeUpdater userAttributeUpdater = new UserAttributeUpdater(testRealm().users().get(testUserId));
|
||||||
|
userAttributeUpdater.setEmailVerified(true).update();
|
||||||
|
|
||||||
|
final String testRealmName = testRealm().toRepresentation().getRealm();
|
||||||
|
accountPage.setAuthRealm(testRealmName);
|
||||||
|
oauth.realm(testRealmName).clientId("account").redirectUri(getAuthServerRoot() + "realms/" + testRealmName + "/account");
|
||||||
|
loginPage.open();
|
||||||
|
loginPage.login("test-user@localhost", "password");
|
||||||
|
accountPage.assertCurrent();
|
||||||
|
|
||||||
|
userAttributeUpdater.setEmailVerified(false).setRequiredActions(RequiredAction.VERIFY_EMAIL).update();
|
||||||
|
|
||||||
|
// this will result in email verification
|
||||||
|
loginPage.open();
|
||||||
|
verifyEmailPage.assertCurrent();
|
||||||
|
|
||||||
|
Assert.assertEquals(1, greenMail.getReceivedMessages().length);
|
||||||
|
MimeMessage message = greenMail.getLastReceivedMessage();
|
||||||
|
|
||||||
|
String verificationUrl = getPasswordResetEmailLink(message);
|
||||||
|
|
||||||
|
// confirm in the second browser
|
||||||
|
driver2.navigate().to(verificationUrl);
|
||||||
|
|
||||||
|
// follow the link
|
||||||
|
final WebElement proceedLink = driver2.findElement(By.linkText("» Click here to proceed"));
|
||||||
|
assertThat(proceedLink, Matchers.notNullValue());
|
||||||
|
proceedLink.click();
|
||||||
|
|
||||||
|
// confirmation in the second browser
|
||||||
|
assertThat(driver2.getPageSource(), Matchers.containsString("kc-info-message"));
|
||||||
|
assertThat(driver2.getPageSource(), Matchers.containsString("Your email address has been verified."));
|
||||||
|
|
||||||
|
final WebElement backToApplicationLink = driver2.findElement(By.linkText("« Back to Application"));
|
||||||
|
assertThat(backToApplicationLink, Matchers.notNullValue());
|
||||||
|
backToApplicationLink.click();
|
||||||
|
|
||||||
|
// login page should be shown in the second browser
|
||||||
|
assertThat(driver2.getPageSource(), Matchers.containsString("kc-login"));
|
||||||
|
assertThat(driver2.getPageSource(), Matchers.containsString("Log In"));
|
||||||
|
|
||||||
|
// email should be verified and required actions empty
|
||||||
|
UserRepresentation user = testRealm().users().get(testUserId).toRepresentation();
|
||||||
|
Assert.assertTrue(user.isEmailVerified());
|
||||||
|
Assert.assertThat(user.getRequiredActions(), Matchers.empty());
|
||||||
|
|
||||||
|
// after refresh in the first browser the account console should be shown
|
||||||
|
driver.navigate().refresh();
|
||||||
|
accountPage.assertCurrent();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue