libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Old account console dependencies removed. Closes #19668

Browse source 
* LoginTest
* SessionServletAdapterTest
* ClientRedirectTest
* TrustStoreEmailTest
* BrowserFlowTest
* SocialLoginTest
* JavascriptAdapterTest
This commit is contained in:
Lukas Hanusovsky 2023-04-27 14:07:44 +02:00 committed by Michal Hajas
parent c685366169
commit 2ad8f7dd62
7 changed files with 53 additions and 85 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SessionServletAdapterTest.java
View file

@ -23,9 +23,7 @@ import org.jboss.arquillian.graphene.page.Page;
import org.jboss.shrinkwrap.api.spec.WebArchive; import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.After; import org.junit.After;
import org.junit.Test; import org.junit.Test;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.resource.ClientResource; import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.common.Profile;
import org.keycloak.protocol.oidc.OIDCLoginProtocolService; import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.RealmRepresentation;
@ -33,12 +31,12 @@ import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.Assert; import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest; import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
import org.keycloak.testsuite.adapter.page.SessionPortal; import org.keycloak.testsuite.adapter.page.SessionPortal;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.auth.page.account.Sessions; import org.keycloak.testsuite.auth.page.account.Sessions;
import org.keycloak.testsuite.auth.page.login.Login; import org.keycloak.testsuite.auth.page.login.Login;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
import org.keycloak.testsuite.pages.InfoPage; import org.keycloak.testsuite.pages.InfoPage;
import org.keycloak.testsuite.pages.LogoutConfirmPage; import org.keycloak.testsuite.pages.LogoutConfirmPage;
import org.keycloak.testsuite.util.AccountHelper;
import org.keycloak.testsuite.utils.arquillian.ContainerConstants; import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
import org.keycloak.testsuite.util.SecondBrowser; import org.keycloak.testsuite.util.SecondBrowser;
import org.openqa.selenium.By; import org.openqa.selenium.By;
@ -210,12 +208,10 @@ public class SessionServletAdapterTest extends AbstractServletsAdapterTest {
//KEYCLOAK-1216 //KEYCLOAK-1216
@Test @Test
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
public void testAccountManagementSessionsLogout() { public void testAccountManagementSessionsLogout() {
// login as bburke // login as bburke
loginAndCheckSession(testRealmLoginPage); loginAndCheckSession(testRealmLoginPage);
testRealmSessions.navigateTo(); AccountHelper.logout(testRealmResource(), "bburke@redhat.com");
testRealmSessions.logoutAll();
// Assert I need to login again (logout was propagated to the app) // Assert I need to login again (logout was propagated to the app)
loginAndCheckSession(testRealmLoginPage); loginAndCheckSession(testRealmLoginPage);
} }

60
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/SocialLoginTest.java
View file

@ -29,10 +29,9 @@ import org.keycloak.representations.idm.authorization.DecisionStrategy;
import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement; import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement;
import org.keycloak.services.resources.admin.permissions.AdminPermissions; import org.keycloak.services.resources.admin.permissions.AdminPermissions;
import org.keycloak.testsuite.AbstractKeycloakTest; import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected; import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.auth.page.login.UpdateAccount; import org.keycloak.testsuite.auth.page.login.UpdateAccount;
import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.social.AbstractSocialLoginPage; import org.keycloak.testsuite.pages.social.AbstractSocialLoginPage;
import org.keycloak.testsuite.pages.social.BitbucketLoginPage; import org.keycloak.testsuite.pages.social.BitbucketLoginPage;
@ -98,7 +97,6 @@ import com.google.common.collect.ImmutableMap;
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a> * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
* @author Vaclav Muzikar <vmuzikar@redhat.com> * @author Vaclav Muzikar <vmuzikar@redhat.com>
*/ */
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
public class SocialLoginTest extends AbstractKeycloakTest { public class SocialLoginTest extends AbstractKeycloakTest {
public static final String SOCIAL_CONFIG = "social.config"; public static final String SOCIAL_CONFIG = "social.config";
@ -110,6 +108,9 @@ public class SocialLoginTest extends AbstractKeycloakTest {
@Page @Page
private LoginPage loginPage; private LoginPage loginPage;
@Page
private AppPage appPage;
@Page @Page
private UpdateAccount updateAccountPage; private UpdateAccount updateAccountPage;
@ -173,12 +174,13 @@ public class SocialLoginTest extends AbstractKeycloakTest {
@Before @Before
public void beforeSocialLoginTest() { public void beforeSocialLoginTest() {
accountPage.setAuthRealm(REALM); oauth.realm(REALM);
} }
@After @After
public void afterSocialLoginTest() { public void afterSocialLoginTest() {
currentTestProvider = null; currentTestProvider = null;
oauth.realm("test");
} }
private void removeUser() { private void removeUser() {
@ -246,7 +248,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
setTestProvider(OPENSHIFT); setTestProvider(OPENSHIFT);
performLogin(); performLogin();
assertUpdateProfile(false, false, true); assertUpdateProfile(false, false, true);
assertAccount(); appPage.assertCurrent();
testTokenExchange(); testTokenExchange();
} }
@ -256,7 +258,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
setTestProvider(OPENSHIFT4); setTestProvider(OPENSHIFT4);
performLogin(); performLogin();
assertUpdateProfile(false, false, true); assertUpdateProfile(false, false, true);
assertAccount(); appPage.assertCurrent();
testTokenExchange(); testTokenExchange();
} }
@ -265,7 +267,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
setTestProvider(OPENSHIFT4_KUBE_ADMIN); setTestProvider(OPENSHIFT4_KUBE_ADMIN);
performLogin(); performLogin();
assertUpdateProfile(true, true, true); assertUpdateProfile(true, true, true);
assertAccount(); appPage.assertCurrent();
} }
@Test @Test
@ -275,7 +277,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
addAttributeMapper("ocp-groups", "groups"); addAttributeMapper("ocp-groups", "groups");
performLogin(); performLogin();
assertUpdateProfile(false, false, true); assertUpdateProfile(false, false, true);
assertAccount(); appPage.assertCurrent();
assertAttribute("ocp-groups", getConfig("groups")); assertAttribute("ocp-groups", getConfig("groups"));
} }
@ -284,7 +286,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
public void googleLogin() throws InterruptedException { public void googleLogin() throws InterruptedException {
setTestProvider(GOOGLE); setTestProvider(GOOGLE);
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
testTokenExchange(); testTokenExchange();
} }
@ -295,7 +297,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
navigateToLoginPage(); navigateToLoginPage();
assertTrue(driver.getCurrentUrl().contains("hd=" + getConfig(GOOGLE_HOSTED_DOMAIN, "hostedDomain"))); assertTrue(driver.getCurrentUrl().contains("hd=" + getConfig(GOOGLE_HOSTED_DOMAIN, "hostedDomain")));
doLogin(); doLogin();
assertAccount(); appPage.assertCurrent();
testTokenExchange(); testTokenExchange();
} }
@ -320,7 +322,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
public void bitbucketLogin() throws InterruptedException { public void bitbucketLogin() throws InterruptedException {
setTestProvider(BITBUCKET); setTestProvider(BITBUCKET);
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
testTokenExchange(); testTokenExchange();
} }
@ -329,7 +331,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
public void gitlabLogin() throws InterruptedException { public void gitlabLogin() throws InterruptedException {
setTestProvider(GITLAB); setTestProvider(GITLAB);
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
testTokenExchange(); testTokenExchange();
} }
@ -338,7 +340,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
public void facebookLogin() throws InterruptedException { public void facebookLogin() throws InterruptedException {
setTestProvider(FACEBOOK); setTestProvider(FACEBOOK);
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
testTokenExchange(); testTokenExchange();
} }
@ -348,7 +350,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
setTestProvider(FACEBOOK_INCLUDE_BIRTHDAY); setTestProvider(FACEBOOK_INCLUDE_BIRTHDAY);
addAttributeMapper("birthday", "birthday"); addAttributeMapper("birthday", "birthday");
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
assertAttribute("birthday", getConfig("profile.birthday")); assertAttribute("birthday", getConfig("profile.birthday"));
testTokenExchange(); testTokenExchange();
} }
@ -358,7 +360,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
setTestProvider(INSTAGRAM); setTestProvider(INSTAGRAM);
performLogin(); performLogin();
assertUpdateProfile(true, true, true); assertUpdateProfile(true, true, true);
assertAccount(); appPage.assertCurrent();
} }
@ -367,7 +369,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
public void githubLogin() throws InterruptedException { public void githubLogin() throws InterruptedException {
setTestProvider(GITHUB); setTestProvider(GITHUB);
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
testTokenExchange(); testTokenExchange();
} }
@ -375,21 +377,21 @@ public class SocialLoginTest extends AbstractKeycloakTest {
public void githubPrivateEmailLogin() throws InterruptedException { public void githubPrivateEmailLogin() throws InterruptedException {
setTestProvider(GITHUB_PRIVATE_EMAIL); setTestProvider(GITHUB_PRIVATE_EMAIL);
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
} }
@Test @Test
public void twitterLogin() { public void twitterLogin() {
setTestProvider(TWITTER); setTestProvider(TWITTER);
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
} }
@Test @Test
public void linkedinLogin() { public void linkedinLogin() {
setTestProvider(LINKEDIN); setTestProvider(LINKEDIN);
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
} }
@Test @Test
@ -398,7 +400,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
addAttributeMapper("picture", addAttributeMapper("picture",
"profilePicture.displayImage~.elements[0].identifiers[0].identifier"); "profilePicture.displayImage~.elements[0].identifiers[0].identifier");
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
assertAttribute("picture", getConfig("profile.picture")); assertAttribute("picture", getConfig("profile.picture"));
} }
@ -406,14 +408,14 @@ public class SocialLoginTest extends AbstractKeycloakTest {
public void microsoftLogin() { public void microsoftLogin() {
setTestProvider(MICROSOFT); setTestProvider(MICROSOFT);
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
} }
@Test @Test
public void paypalLogin() { public void paypalLogin() {
setTestProvider(PAYPAL); setTestProvider(PAYPAL);
performLogin(); performLogin();
assertAccount(); appPage.assertCurrent();
} }
@Test @Test
@ -421,7 +423,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
setTestProvider(STACKOVERFLOW); setTestProvider(STACKOVERFLOW);
performLogin(); performLogin();
assertUpdateProfile(false, false, true); assertUpdateProfile(false, false, true);
assertAccount(); appPage.assertCurrent();
} }
public IdentityProviderRepresentation buildIdp(Provider provider) { public IdentityProviderRepresentation buildIdp(Provider provider) {
@ -495,7 +497,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
private void navigateToLoginPage() { private void navigateToLoginPage() {
currentSocialLoginPage.logout(); // try to logout first to be sure we're not logged in currentSocialLoginPage.logout(); // try to logout first to be sure we're not logged in
accountPage.navigateTo(); driver.navigate().to(oauth.getLoginFormUrl());
loginPage.clickSocial(currentTestProvider.id()); loginPage.clickSocial(currentTestProvider.id());
// Just to be sure there's no redirect in progress // Just to be sure there's no redirect in progress
@ -516,14 +518,6 @@ public class SocialLoginTest extends AbstractKeycloakTest {
WaitUtils.waitForPageToLoad(); WaitUtils.waitForPageToLoad();
} }
private void assertAccount() {
assertTrue(URLUtils.currentUrlStartsWith(accountPage.toString())); // Sometimes after login the URL ends with /# or similar
assertEquals(getConfig("profile.firstName"), accountPage.getFirstName());
assertEquals(getConfig("profile.lastName"), accountPage.getLastName());
assertEquals(getConfig("profile.email"), accountPage.getEmail());
}
private void assertAttribute(String attrName, String expectedValue) { private void assertAttribute(String attrName, String expectedValue) {
List<UserRepresentation> users = adminClient.realm(REALM).users().search(null, null, null); List<UserRepresentation> users = adminClient.realm(REALM).users().search(null, null, null);
assertEquals(1, users.size()); assertEquals(1, users.size());
@ -533,7 +527,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
} }
private void assertUpdateProfile(boolean firstName, boolean lastName, boolean email) { private void assertUpdateProfile(boolean firstName, boolean lastName, boolean email) {
assertTrue(URLUtils.currentUrlDoesntStartWith(accountPage.toString())); assertTrue(URLUtils.currentUrlDoesntStartWith(oauth.APP_AUTH_ROOT));
if (firstName) { if (firstName) {
assertTrue(updateAccountPage.fields().getFirstName().isEmpty()); assertTrue(updateAccountPage.fields().getFirstName().isEmpty());

6
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRedirectTest.java
View file

@ -21,7 +21,6 @@ import org.junit.Test;
import org.junit.Rule; import org.junit.Rule;
import org.keycloak.OAuth2Constants; import org.keycloak.OAuth2Constants;
import org.keycloak.OAuthErrorException; import org.keycloak.OAuthErrorException;
import org.keycloak.common.Profile;
import org.keycloak.common.util.KeycloakUriBuilder; import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.constants.ServiceUrlConstants; import org.keycloak.constants.ServiceUrlConstants;
import org.keycloak.protocol.oidc.OIDCLoginProtocol; import org.keycloak.protocol.oidc.OIDCLoginProtocol;
@ -30,7 +29,6 @@ import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil; import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.util.ClientBuilder; import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.RealmBuilder; import org.keycloak.testsuite.util.RealmBuilder;
@ -68,7 +66,6 @@ public class ClientRedirectTest extends AbstractTestRealmKeycloakTest {
* @throws Exception * @throws Exception
*/ */
@Test @Test
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
public void testClientRedirectEndpoint() throws Exception { public void testClientRedirectEndpoint() throws Exception {
oauth.doLogin("test-user@localhost", "password"); oauth.doLogin("test-user@localhost", "password");
@ -77,9 +74,6 @@ public class ClientRedirectTest extends AbstractTestRealmKeycloakTest {
driver.get(getAuthServerRoot().toString() + "realms/test/clients/dummy-test/redirect"); driver.get(getAuthServerRoot().toString() + "realms/test/clients/dummy-test/redirect");
assertEquals("http://example.org/dummy/base-path", driver.getCurrentUrl()); assertEquals("http://example.org/dummy/base-path", driver.getCurrentUrl());
driver.get(getAuthServerRoot().toString() + "realms/test/clients/account/redirect");
assertEquals(getAuthServerRoot().toString() + "realms/test/account/", driver.getCurrentUrl());
} }
@Test @Test

8
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/BrowserFlowTest.java
View file

@ -18,7 +18,6 @@ import org.keycloak.authentication.authenticators.conditional.ConditionalRoleAut
import org.keycloak.authentication.authenticators.conditional.ConditionalUserAttributeValueFactory; import org.keycloak.authentication.authenticators.conditional.ConditionalUserAttributeValueFactory;
import org.keycloak.authentication.authenticators.conditional.ConditionalUserConfiguredAuthenticatorFactory; import org.keycloak.authentication.authenticators.conditional.ConditionalUserConfiguredAuthenticatorFactory;
import org.keycloak.authentication.requiredactions.WebAuthnRegisterFactory; import org.keycloak.authentication.requiredactions.WebAuthnRegisterFactory;
import org.keycloak.common.Profile;
import org.keycloak.events.Details; import org.keycloak.events.Details;
import org.keycloak.models.AuthenticationExecutionModel; import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationExecutionModel.Requirement; import org.keycloak.models.AuthenticationExecutionModel.Requirement;
@ -37,7 +36,6 @@ import org.keycloak.testsuite.ActionURIUtils;
import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil; import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest; import org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.auth.page.login.OneTimeCode; import org.keycloak.testsuite.auth.page.login.OneTimeCode;
import org.keycloak.testsuite.authentication.SetUserAttributeAuthenticatorFactory; import org.keycloak.testsuite.authentication.SetUserAttributeAuthenticatorFactory;
import org.keycloak.testsuite.broker.SocialLoginTest; import org.keycloak.testsuite.broker.SocialLoginTest;
@ -543,8 +541,6 @@ public class BrowserFlowTest extends AbstractTestRealmKeycloakTest {
} }
@Test @Test
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
public void testAlternativeNonInteractiveExecutorInSubflow() { public void testAlternativeNonInteractiveExecutorInSubflow() {
final String newFlowAlias = "browser - alternative non-interactive executor"; final String newFlowAlias = "browser - alternative non-interactive executor";
testingClient.server("test").run(session -> FlowUtil.inCurrentRealm(session).copyBrowserFlow(newFlowAlias)); testingClient.server("test").run(session -> FlowUtil.inCurrentRealm(session).copyBrowserFlow(newFlowAlias));
@ -568,7 +564,11 @@ public class BrowserFlowTest extends AbstractTestRealmKeycloakTest {
// Check that Keycloak is redirecting us to the Keycloak account management page // Check that Keycloak is redirecting us to the Keycloak account management page
WebElement aHref = driver.findElement(By.tagName("a")); WebElement aHref = driver.findElement(By.tagName("a"));
driver.get(aHref.getAttribute("href")); driver.get(aHref.getAttribute("href"));
// Waiting for account redirection from app page
driver.wait(1000);
assertThat(driver.getTitle(), containsString("Account Management")); assertThat(driver.getTitle(), containsString("Account Management"));
} catch (Throwable t) {
t.printStackTrace();
} finally { } finally {
revertFlows("browser - alternative non-interactive executor"); revertFlows("browser - alternative non-interactive executor");
} }

8
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
View file

@ -20,11 +20,9 @@ import java.io.Closeable;
import java.util.Arrays; import java.util.Arrays;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.UUID;
import jakarta.ws.rs.client.Client; import jakarta.ws.rs.client.Client;
import jakarta.ws.rs.core.Response; import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.UriBuilder; import jakarta.ws.rs.core.UriBuilder;
import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.RandomStringUtils;
import org.jboss.arquillian.graphene.page.Page; import org.jboss.arquillian.graphene.page.Page;
import org.junit.Assert; import org.junit.Assert;
@ -910,7 +908,6 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
} }
@Test @Test
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
public void loginRememberMeExpiredIdle() throws Exception { public void loginRememberMeExpiredIdle() throws Exception {
try (Closeable c = new RealmAttributeUpdater(adminClient.realm("test")) try (Closeable c = new RealmAttributeUpdater(adminClient.realm("test"))
.setSsoSessionIdleTimeoutRememberMe(1) .setSsoSessionIdleTimeoutRememberMe(1)
@ -933,13 +930,12 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
setTimeOffset(2 + SessionTimeoutHelper.IDLE_TIMEOUT_WINDOW_SECONDS); setTimeOffset(2 + SessionTimeoutHelper.IDLE_TIMEOUT_WINDOW_SECONDS);
// trying to open the account page with an expired idle timeout should redirect back to the login page. // trying to open the account page with an expired idle timeout should redirect back to the login page.
appPage.openAccount(); loginPage.open();
loginPage.assertCurrent(); loginPage.assertCurrent();
} }
} }
@Test @Test
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
public void loginRememberMeExpiredMaxLifespan() throws Exception { public void loginRememberMeExpiredMaxLifespan() throws Exception {
try (Closeable c = new RealmAttributeUpdater(adminClient.realm("test")) try (Closeable c = new RealmAttributeUpdater(adminClient.realm("test"))
.setSsoSessionMaxLifespanRememberMe(1) .setSsoSessionMaxLifespanRememberMe(1)
@ -962,7 +958,7 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
setTimeOffset(2); setTimeOffset(2);
// trying to open the account page with an expired lifespan should redirect back to the login page. // trying to open the account page with an expired lifespan should redirect back to the login page.
appPage.openAccount(); loginPage.open();
loginPage.assertCurrent(); loginPage.assertCurrent();
} }
} }

16
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/JavascriptAdapterTest.java
View file

@ -7,11 +7,9 @@ import org.junit.Rule;
import org.junit.Test; import org.junit.Test;
import org.keycloak.OAuth2Constants; import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.resource.ClientResource; import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.common.Profile;
import org.keycloak.common.util.Retry; import org.keycloak.common.util.Retry;
import org.keycloak.common.util.UriUtils; import org.keycloak.common.util.UriUtils;
import org.keycloak.events.Details; import org.keycloak.events.Details;
import org.keycloak.events.EventType;
import org.keycloak.protocol.oidc.OIDCLoginProtocol; import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.representations.ClaimsRepresentation; import org.keycloak.representations.ClaimsRepresentation;
import org.keycloak.representations.IDToken; import org.keycloak.representations.IDToken;
@ -23,15 +21,15 @@ import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil; import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.SuiteContext; import org.keycloak.testsuite.arquillian.SuiteContext;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.auth.page.account.Applications; import org.keycloak.testsuite.auth.page.account.Applications;
import org.keycloak.testsuite.auth.page.login.OAuthGrant; import org.keycloak.testsuite.auth.page.login.OAuthGrant;
import org.keycloak.testsuite.auth.page.login.UpdatePassword; import org.keycloak.testsuite.auth.page.login.UpdatePassword;
import org.keycloak.testsuite.updaters.RealmAttributeUpdater; import org.keycloak.testsuite.updaters.RealmAttributeUpdater;
import org.keycloak.testsuite.util.JavascriptBrowser; import org.keycloak.testsuite.util.JavascriptBrowser;
import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.util.AccountHelper;
import org.keycloak.testsuite.util.RealmBuilder; import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.UserBuilder; import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.javascript.JSObjectBuilder; import org.keycloak.testsuite.util.javascript.JSObjectBuilder;
import org.keycloak.testsuite.util.javascript.JavascriptStateValidator; import org.keycloak.testsuite.util.javascript.JavascriptStateValidator;
import org.keycloak.testsuite.util.javascript.JavascriptTestExecutor; import org.keycloak.testsuite.util.javascript.JavascriptTestExecutor;
@ -145,7 +143,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
public void testJSConsoleAuth() { public void testJSConsoleAuth() {
testExecutor.init(defaultArguments(), this::assertInitNotAuth) testExecutor.init(defaultArguments(), this::assertInitNotAuth)
.login(this::assertOnLoginPage) .login(this::assertOnLoginPage)
.loginForm( UserBuilder.create().username("user").password("invalid-password").build(), .loginForm(UserBuilder.create().username("user").password("invalid-password").build(),
(driver1, output, events) -> assertCurrentUrlDoesntStartWith(testAppUrl, driver1)) (driver1, output, events) -> assertCurrentUrlDoesntStartWith(testAppUrl, driver1))
.loginForm(UserBuilder.create().username("invalid-user").password("password").build(), .loginForm(UserBuilder.create().username("invalid-user").password("password").build(),
(driver1, output, events) -> assertCurrentUrlDoesntStartWith(testAppUrl, driver1)) (driver1, output, events) -> assertCurrentUrlDoesntStartWith(testAppUrl, driver1))
@ -290,7 +288,6 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
} }
@Test @Test
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
public void grantBrowserBasedApp() { public void grantBrowserBasedApp() {
Assume.assumeTrue("This test doesn't work with phantomjs", !"phantomjs".equals(System.getProperty("js.browser"))); Assume.assumeTrue("This test doesn't work with phantomjs", !"phantomjs".equals(System.getProperty("js.browser")));
@ -321,11 +318,8 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
applicationsPage.navigateTo(); applicationsPage.navigateTo();
events.expectCodeToToken(codeId, loginEvent.getSessionId()).client(CLIENT_ID).assertEvent(); events.expectCodeToToken(codeId, loginEvent.getSessionId()).client(CLIENT_ID).assertEvent();
applicationsPage.revokeGrantForApplication(CLIENT_ID); AccountHelper.revokeConsents(adminClient.realm(REALM_NAME), testUser.getUsername(),CLIENT_ID);
events.expect(EventType.REVOKE_GRANT) Assert.assertTrue(AccountHelper.getUserConsents(adminClient.realm(REALM_NAME), testUser.getUsername()).isEmpty());
.client("account")
.detail(Details.REVOKED_CLIENT, CLIENT_ID)
.assertEvent();
jsDriver.navigate().to(testAppUrl); jsDriver.navigate().to(testAppUrl);
testExecutor.configure() // need to configure because we refreshed page testExecutor.configure() // need to configure because we refreshed page

32
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/ssl/TrustStoreEmailTest.java
View file

@ -20,7 +20,6 @@ import org.jboss.arquillian.graphene.page.Page;
import org.junit.After; import org.junit.After;
import org.junit.Rule; import org.junit.Rule;
import org.junit.Test; import org.junit.Test;
import org.keycloak.common.Profile;
import org.keycloak.events.Details; import org.keycloak.events.Details;
import org.keycloak.events.Errors; import org.keycloak.events.Errors;
import org.keycloak.events.EventType; import org.keycloak.events.EventType;
@ -31,11 +30,10 @@ import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.Assert; import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil; import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.auth.page.AuthRealm; import org.keycloak.testsuite.auth.page.AuthRealm;
import org.keycloak.testsuite.auth.page.account.AccountManagement;
import org.keycloak.testsuite.auth.page.login.OIDCLogin; import org.keycloak.testsuite.auth.page.login.OIDCLogin;
import org.keycloak.testsuite.auth.page.login.VerifyEmail; import org.keycloak.testsuite.auth.page.login.VerifyEmail;
import org.keycloak.testsuite.util.AccountHelper;
import org.keycloak.testsuite.util.MailServerConfiguration; import org.keycloak.testsuite.util.MailServerConfiguration;
import org.keycloak.testsuite.util.SslMailServer; import org.keycloak.testsuite.util.SslMailServer;
@ -47,7 +45,6 @@ import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
* *
* @author fkiss * @author fkiss
*/ */
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
public class TrustStoreEmailTest extends AbstractTestRealmKeycloakTest { public class TrustStoreEmailTest extends AbstractTestRealmKeycloakTest {
@Page @Page
@ -56,9 +53,6 @@ public class TrustStoreEmailTest extends AbstractTestRealmKeycloakTest {
@Page @Page
protected AuthRealm testRealmPage; protected AuthRealm testRealmPage;
@Page
protected AccountManagement accountManagement;
@Page @Page
private VerifyEmail testRealmVerifyEmailPage; private VerifyEmail testRealmVerifyEmailPage;
@ -79,7 +73,6 @@ public class TrustStoreEmailTest extends AbstractTestRealmKeycloakTest {
super.setDefaultPageUriParameters(); super.setDefaultPageUriParameters();
testRealmPage.setAuthRealm("test"); testRealmPage.setAuthRealm("test");
testRealmVerifyEmailPage.setAuthRealm(testRealmPage); testRealmVerifyEmailPage.setAuthRealm(testRealmPage);
accountManagement.setAuthRealm(testRealmPage);
testRealmLoginPage.setAuthRealm(testRealmPage); testRealmLoginPage.setAuthRealm(testRealmPage);
} }
@ -94,12 +87,12 @@ public class TrustStoreEmailTest extends AbstractTestRealmKeycloakTest {
UserRepresentation user = ApiUtil.findUserByUsername(testRealm(), "test-user@localhost"); UserRepresentation user = ApiUtil.findUserByUsername(testRealm(), "test-user@localhost");
SslMailServer.startWithSsl(this.getClass().getClassLoader().getResource(SslMailServer.PRIVATE_KEY).getFile()); SslMailServer.startWithSsl(this.getClass().getClassLoader().getResource(SslMailServer.PRIVATE_KEY).getFile());
accountManagement.navigateTo(); driver.navigate().to(oauth.getLoginFormUrl());
testRealmLoginPage.form().login(user.getUsername(), "password"); testRealmLoginPage.form().login(user.getUsername(), "password");
EventRepresentation sendEvent = events.expectRequiredAction(EventType.SEND_VERIFY_EMAIL) EventRepresentation sendEvent = events.expectRequiredAction(EventType.SEND_VERIFY_EMAIL)
.user(user.getId()) .user(user.getId())
.client("account") .client("test-app")
.detail(Details.USERNAME, "test-user@localhost") .detail(Details.USERNAME, "test-user@localhost")
.detail(Details.EMAIL, "test-user@localhost") .detail(Details.EMAIL, "test-user@localhost")
.removeDetail(Details.REDIRECT_URI) .removeDetail(Details.REDIRECT_URI)
@ -118,7 +111,7 @@ public class TrustStoreEmailTest extends AbstractTestRealmKeycloakTest {
events.expectRequiredAction(EventType.VERIFY_EMAIL) events.expectRequiredAction(EventType.VERIFY_EMAIL)
.user(user.getId()) .user(user.getId())
.client("account") .client("test-app")
.detail(Details.USERNAME, "test-user@localhost") .detail(Details.USERNAME, "test-user@localhost")
.detail(Details.EMAIL, "test-user@localhost") .detail(Details.EMAIL, "test-user@localhost")
.detail(Details.CODE_ID, mailCodeId) .detail(Details.CODE_ID, mailCodeId)
@ -126,17 +119,18 @@ public class TrustStoreEmailTest extends AbstractTestRealmKeycloakTest {
.assertEvent(); .assertEvent();
events.expectLogin() events.expectLogin()
.client("account") .client("test-app")
.user(user.getId()) .user(user.getId())
.session(mailCodeId) .session(mailCodeId)
.detail(Details.USERNAME, "test-user@localhost") .detail(Details.USERNAME, "test-user@localhost")
.removeDetail(Details.REDIRECT_URI) .removeDetail(Details.REDIRECT_URI)
.assertEvent(); .assertEvent();
assertCurrentUrlStartsWith(accountManagement); assertCurrentUrlStartsWith(oauth.APP_AUTH_ROOT);
accountManagement.signOut(); AccountHelper.logout(testRealm(), user.getUsername());
driver.navigate().to(oauth.getLoginFormUrl());
testRealmLoginPage.form().login(user.getUsername(), "password"); testRealmLoginPage.form().login(user.getUsername(), "password");
assertCurrentUrlStartsWith(accountManagement); assertCurrentUrlStartsWith(oauth.APP_AUTH_ROOT);
} }
@Test @Test
@ -144,13 +138,13 @@ public class TrustStoreEmailTest extends AbstractTestRealmKeycloakTest {
UserRepresentation user = ApiUtil.findUserByUsername(testRealm(), "test-user@localhost"); UserRepresentation user = ApiUtil.findUserByUsername(testRealm(), "test-user@localhost");
SslMailServer.startWithSsl(this.getClass().getClassLoader().getResource(SslMailServer.INVALID_KEY).getFile()); SslMailServer.startWithSsl(this.getClass().getClassLoader().getResource(SslMailServer.INVALID_KEY).getFile());
accountManagement.navigateTo(); driver.navigate().to(oauth.getLoginFormUrl());
loginPage.form().login(user.getUsername(), "password"); loginPage.form().login(user.getUsername(), "password");
events.expectRequiredAction(EventType.SEND_VERIFY_EMAIL_ERROR) events.expectRequiredAction(EventType.SEND_VERIFY_EMAIL_ERROR)
.error(Errors.EMAIL_SEND_FAILED) .error(Errors.EMAIL_SEND_FAILED)
.user(user.getId()) .user(user.getId())
.client("account") .client("test-app")
.detail(Details.USERNAME, "test-user@localhost") .detail(Details.USERNAME, "test-user@localhost")
.detail(Details.EMAIL, "test-user@localhost") .detail(Details.EMAIL, "test-user@localhost")
.removeDetail(Details.REDIRECT_URI) .removeDetail(Details.REDIRECT_URI)
@ -174,13 +168,13 @@ public class TrustStoreEmailTest extends AbstractTestRealmKeycloakTest {
try { try {
SslMailServer.startWithSsl(this.getClass().getClassLoader().getResource(SslMailServer.PRIVATE_KEY).getFile()); SslMailServer.startWithSsl(this.getClass().getClassLoader().getResource(SslMailServer.PRIVATE_KEY).getFile());
accountManagement.navigateTo(); driver.navigate().to(oauth.getLoginFormUrl());
loginPage.form().login(user.getUsername(), "password"); loginPage.form().login(user.getUsername(), "password");
events.expectRequiredAction(EventType.SEND_VERIFY_EMAIL_ERROR) events.expectRequiredAction(EventType.SEND_VERIFY_EMAIL_ERROR)
.error(Errors.EMAIL_SEND_FAILED) .error(Errors.EMAIL_SEND_FAILED)
.user(user.getId()) .user(user.getId())
.client("account") .client("test-app")
.detail(Details.USERNAME, "test-user@localhost") .detail(Details.USERNAME, "test-user@localhost")
.detail(Details.EMAIL, "test-user@localhost") .detail(Details.EMAIL, "test-user@localhost")
.removeDetail(Details.REDIRECT_URI) .removeDetail(Details.REDIRECT_URI)