libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

registration link tests

Browse source 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
This commit is contained in:
Pedro Igor 2024-05-02 18:25:58 -03:00
parent ce2e83c7f9
commit 287f3a44ce
3 changed files with 12 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
services/src/main/java/org/keycloak/authentication/forms/RegistrationUserCreation.java
View file

@ -176,12 +176,13 @@ public class RegistrationUserCreation implements FormAction, FormActionFactory {
// since we already validated the token we can just add the user to the organization
if (aToken != null) {
String org = aToken.getSubject();
String org = aToken.getOtherClaims().get("org_id").toString();
KeycloakSession session = context.getSession();
OrganizationProvider provider = session.getProvider(OrganizationProvider.class);
OrganizationModel orgModel = provider.getById(org);
provider.addMember(orgModel, user);
context.getEvent().detail(Details.ORG_ID, org);
context.getAuthenticationSession().setRedirectUri(aToken.getOtherClaims().get("reduri").toString());
}
user.setEnabled(true);

7
services/src/main/java/org/keycloak/organization/admin/resource/OrganizationMemberResource.java
View file

@ -63,6 +63,7 @@ import org.keycloak.representations.idm.OrganizationRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.services.ErrorResponse;
import org.keycloak.services.ServicesLogger;
import org.keycloak.services.Urls;
import org.keycloak.services.resources.LoginActionsService;
import org.keycloak.services.resources.RealmsResource;
import org.keycloak.services.resources.admin.AdminEventBuilder;
@ -134,9 +135,12 @@ public class OrganizationMemberResource {
InviteOrgActionToken token = null;
String link = null;
int tokenExpiration = Time.currentTime() + realm.getActionTokenGeneratedByAdminLifespan();
String redirectUri = Urls.accountBase(session.getContext().getUri().getBaseUri()).path("/").build(realm.getName()).toString();
if (user != null) {
token = new InviteOrgActionToken(user.getId(), tokenExpiration, user.getEmail(), Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
token.setOrgId(organization.getId());
token.setRedirectUri(redirectUri);
link = LoginActionsService.actionTokenProcessor(session.getContext().getUri())
.queryParam("key", token.serialize(session, realm, session.getContext().getUri()))
.build(realm.getName()).toString();
@ -145,9 +149,10 @@ public class OrganizationMemberResource {
// this path lets us invite a user that doesn't exist yet, letting them register into the organization
token = new InviteOrgActionToken(null, tokenExpiration, rep.getEmail(), Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
token.setOrgId(organization.getId());
token.setRedirectUri(redirectUri);
Map<String, String> params = Map.of("realm", realm.getName(), "protocol", "openid-connect");
link = OIDCLoginProtocolService.registrationsUrl(session.getContext().getUri().getBaseUriBuilder())
.queryParam(OAuth2Constants.RESPONSE_TYPE, OIDCResponseType.TOKEN)
.queryParam(OAuth2Constants.RESPONSE_TYPE, OIDCResponseType.CODE)
.queryParam(Constants.CLIENT_ID, Constants.ACCOUNT_MANAGEMENT_CLIENT_ID)
.queryParam(Constants.ORG_TOKEN, token.serialize(session, realm, session.getContext().getUri()))
.buildFromMap(params).toString();

17
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/organization/admin/OrganizationInvitationLinkTest.java
View file

@ -74,8 +74,6 @@ public class OrganizationInvitationLinkTest extends AbstractOrganizationTest {
@Override
public void configureTestRealm(RealmRepresentation testRealm) {
// we need the implicit flow to test user registration with the token return_type; only way to get an authentication session
testRealm.getClients().stream().filter(c -> c != null && c.getName() != null).filter(c -> c.getName().equals(ACCOUNT_MANAGEMENT_CLIENT_ID)).forEach(c -> c.setImplicitFlowEnabled(true));
Map<String, String> smtpConfig = testRealm.getSmtpServer();
super.configureTestRealm(testRealm);
testRealm.setSmtpServer(smtpConfig);
@ -100,7 +98,7 @@ public class OrganizationInvitationLinkTest extends AbstractOrganizationTest {
MimeMessage message = greenMail.getLastReceivedMessage();
Assert.assertNotNull(message);
String link = MailUtils.getPasswordResetEmailLink(message);
driver.manage().timeouts().pageLoadTimeout(1, TimeUnit.DAYS);
driver.navigate().to(link.trim());
Assert.assertFalse(organization.members().getAll().stream().anyMatch(actual -> user.getId().equals(actual.getId())));
infoPage.clickToContinue();
@ -111,7 +109,7 @@ public class OrganizationInvitationLinkTest extends AbstractOrganizationTest {
@Test
public void testInviteNewUserRegistration() throws IOException {
driver.manage().timeouts().pageLoadTimeout(1, TimeUnit.DAYS);
UserRepresentation user = UserBuilder.create()
.username("invitedUser")
.email("inviteduser@email")
@ -132,15 +130,8 @@ public class OrganizationInvitationLinkTest extends AbstractOrganizationTest {
Assert.assertFalse(organization.members().getAll().stream().anyMatch(actual -> user.getId().equals(actual.getId())));
registerPage.assertCurrent();
registerPage.register("firstName", "lastName", "inviteduser@myemail",
"invitedUser", "password", "password", null, true, null);
assertEquals(AppPage.RequestType.AUTH_RESPONSE, appPage.getRequestType());
String userId = events.expectRegister("invitedUser", "inviteduser@email")
.assertEvent().getUserId();
UserRepresentation registeredUser = assertUserRegistered(userId, "invitedUser");
Assert.assertTrue(organization.members().getAll().stream().anyMatch(actual -> registeredUser.getId().equals(actual.getId())));
registerPage.register("firstName", "lastName", user.getEmail(),
user.getUsername(), "password", "password", null, false, null);
}
private UserRepresentation assertUserRegistered(String userId, String username) {