libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-6641 Stabilize SpringBoot tests

Browse source
This commit is contained in:
mhajas 2019-04-02 17:55:44 +02:00 committed by Hynek Mlnařík
parent 6806a4c660
commit 3f08238c2d
20 changed files with 392 additions and 234 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
testsuite/integration-arquillian/test-apps/spring-boot-2-adapter/pom.xml
View file

@ -155,6 +155,7 @@
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${springboot-version}</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>

1
testsuite/integration-arquillian/test-apps/spring-boot-21-adapter/pom.xml
View file

@ -158,6 +158,7 @@
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${springboot-version}</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>

1
testsuite/integration-arquillian/test-apps/spring-boot-adapter/pom.xml
View file

@ -183,6 +183,7 @@
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${springboot-version}</version>
</plugin>
</plugins>
</build>

4
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/auth/page/account/Sessions.java
View file

@ -24,6 +24,8 @@ import javax.ws.rs.core.UriBuilder;
import java.util.LinkedList;
import java.util.List;
import static org.keycloak.testsuite.util.UIUtils.clickLink;
/**
*
* @author <a href="mailto:pmensik@redhat.com">Petr Mensik</a>
@ -40,7 +42,7 @@ public class Sessions extends AccountManagement {
private WebElement logoutAllLink;
public void logoutAll() {
logoutAllLink.click();
clickLink(logoutAllLink);
}
public List<List<String>> getSessions() {

4
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountApplicationsPage.java
View file

@ -26,6 +26,8 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import static org.keycloak.testsuite.util.UIUtils.clickLink;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
@ -46,7 +48,7 @@ public class AccountApplicationsPage extends AbstractAccountPage {
}
public void revokeGrant(String clientId) {
driver.findElement(By.id("revoke-" + clientId)).click();
clickLink(driver.findElement(By.id("revoke-" + clientId)));
}
public Map<String, AppEntry> getApplications() {

4
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/LoginPage.java
View file

@ -23,6 +23,8 @@ import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
import static org.keycloak.testsuite.util.UIUtils.clickLink;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
@ -152,7 +154,7 @@ public class LoginPage extends LanguageComboboxAwarePage {
public void clickSocial(String providerId) {
WebElement socialButton = findSocialButton(providerId);
socialButton.click();
clickLink(socialButton);
}
public WebElement findSocialButton(String providerId) {

5
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/LoginUpdateProfilePage.java
View file

@ -20,6 +20,8 @@ package org.keycloak.testsuite.pages;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
import static org.keycloak.testsuite.util.UIUtils.clickLink;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
@ -53,7 +55,8 @@ public class LoginUpdateProfilePage extends AbstractPage {
emailInput.clear();
emailInput.sendKeys(email);
}
submitButton.click();
clickLink(submitButton);
}
public String getError() {

6
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/OAuthGrantPage.java
View file

@ -26,6 +26,8 @@ import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
import static org.keycloak.testsuite.util.UIUtils.clickLink;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
@ -46,11 +48,11 @@ public class OAuthGrantPage extends LanguageComboboxAwarePage {
public void accept(){
acceptButton.click();
clickLink(acceptButton);
}
public void cancel(){
cancelButton.click();
clickLink(cancelButton);
}
@Override

6
testsuite/integration-arquillian/tests/other/springboot-tests/pom.xml
View file

@ -28,6 +28,11 @@
<artifactId>keycloak-test-helper</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.assertj</groupId>
<artifactId>assertj-core</artifactId>
<version>3.11.1</version>
</dependency>
</dependencies>
<build>
@ -75,6 +80,7 @@
<argument>-B</argument>
<argument>-Dkeycloak.version=${project.version}</argument>
<argument>-Pspring-boot-adapter-${adapter.container}</argument>
<!-- When $repo.argument is in separate <argument> it causes NPE when repo.argument is not set-->
<argument>-Dmaven.repo.local=${settings.localRepository}</argument>
<argument>-Djetty.adapter.version=${jetty.adapter.version}</argument>
<argument>${repo.argument}</argument>

28
testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/AbstractSpringbootPage.java Normal file
View file

@ -0,0 +1,28 @@
package org.keycloak.testsuite.springboot;
import org.keycloak.testsuite.pages.AbstractPage;
import static org.assertj.core.api.Assertions.assertThat;
public abstract class AbstractSpringbootPage extends AbstractPage {
protected String title;
public AbstractSpringbootPage(String title) {
this.title = title;
}
public void assertIsCurrent() {
assertThat(driver.getTitle()).isEqualToIgnoringCase(title);
}
@Override
public boolean isCurrent() {
return driver.getTitle().equalsIgnoreCase(title);
}
@Override
public void open() throws Exception {
}
}

16
testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/LinkingPage.java
View file

@ -4,19 +4,17 @@ import org.keycloak.testsuite.pages.AbstractPage;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
public class LinkingPage extends AbstractPage {
public class LinkingPage extends AbstractSpringbootPage {
public static final String PAGE_TITLE = "linking page result";
public LinkingPage() {
super(PAGE_TITLE);
}
@FindBy(id = "error")
private WebElement errorMessage;
@Override
public boolean isCurrent() {
return driver.getTitle().equalsIgnoreCase("linking page result");
}
@Override
public void open() throws Exception {
}
public String getErrorMessage() {
return errorMessage.getText();

13
testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/SessionPage.java
View file

@ -5,20 +5,15 @@ import org.keycloak.testsuite.pages.AbstractPage;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
public class SessionPage extends AbstractPage {
public static final String PAGE_TITLE = "session counter page";
public class SessionPage extends AbstractSpringbootPage {
@FindBy(id = "counter")
private WebElement counterElement;
@Override
public boolean isCurrent() {
return driver.getTitle().equalsIgnoreCase(PAGE_TITLE);
}
public static final String PAGE_TITLE = "session counter page";
@Override
public void open() throws Exception {
public SessionPage() {
super(PAGE_TITLE);
}
public int getCounter() {

14
testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/SpringAdminPage.java
View file

@ -1,23 +1,17 @@
package org.keycloak.testsuite.springboot;
import org.keycloak.testsuite.pages.AbstractPage;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
public class SpringAdminPage extends AbstractPage {
public class SpringAdminPage extends AbstractSpringbootPage {
@FindBy(className = "test")
private WebElement testDiv;
public static final String PAGE_TITLE = "springboot admin page";
@Override
public boolean isCurrent() {
return driver.getTitle().equalsIgnoreCase("springboot admin page");
}
@Override
public void open() throws Exception {
public SpringAdminPage() {
super(PAGE_TITLE);
}
public String getTestDivString() {

27
testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/SpringApplicationPage.java
View file

@ -1,10 +1,11 @@
package org.keycloak.testsuite.springboot;
import org.keycloak.testsuite.pages.AbstractPage;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
public class SpringApplicationPage extends AbstractPage {
import static org.keycloak.testsuite.util.UIUtils.clickLink;
public class SpringApplicationPage extends AbstractSpringbootPage {
@FindBy(className = "test")
private WebElement testDiv;
@ -12,29 +13,13 @@ public class SpringApplicationPage extends AbstractPage {
@FindBy(className = "adminlink")
private WebElement adminLink;
private String title;
public static final String PAGE_TITLE = "springboot test page";
public SpringApplicationPage() {
super();
title = "springboot test page";
}
public String getTitle() {
return title;
}
@Override
public boolean isCurrent() {
return driver.getTitle().equalsIgnoreCase(title);
}
@Override
public void open() throws Exception {
super(PAGE_TITLE);
}
public void goAdmin() {
adminLink.click();
clickLink(adminLink);
}
}

10
testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/TokenPage.java
View file

@ -5,11 +5,19 @@ import java.net.URL;
import org.jboss.arquillian.test.api.ArquillianResource;
import org.keycloak.testsuite.adapter.page.AbstractShowTokensPage;
import static org.assertj.core.api.Assertions.assertThat;
public class TokenPage extends AbstractShowTokensPage {
public static final String PAGE_TITLE = "tokens from spring boot";
@Override
public boolean isCurrent() {
return driver.getTitle().equalsIgnoreCase("tokens from spring boot");
return driver.getTitle().equalsIgnoreCase(PAGE_TITLE);
}
public void assertIsCurrent() {
assertThat(driver.getTitle()).isEqualToIgnoringCase(PAGE_TITLE);
}
@Override

4
testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/AbstractSpringBootTest.java
View file

@ -29,6 +29,7 @@ import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.SuiteContext;
import org.keycloak.testsuite.auth.page.login.OIDCLogin;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.util.WaitUtils;
import org.keycloak.util.TokenUtil;
@ -69,6 +70,9 @@ public abstract class AbstractSpringBootTest extends AbstractKeycloakTest {
@Page
LoginPage loginPage;
@Page
protected OIDCLogin testRealmLoginPage;
@Page
SpringApplicationPage applicationPage;

224
testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/AccountLinkSpringBootTest.java
View file

@ -4,6 +4,7 @@ import org.jboss.arquillian.graphene.page.Page;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.resource.ClientResource;
@ -34,9 +35,12 @@ import java.util.List;
import java.util.Map;
import java.util.UUID;
import static org.assertj.core.api.Assertions.assertThat;
import static org.keycloak.models.AccountRoles.MANAGE_ACCOUNT;
import static org.keycloak.models.AccountRoles.MANAGE_ACCOUNT_LINKS;
import static org.keycloak.testsuite.admin.ApiUtil.createUserAndResetPasswordWithAdminClient;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.WaitUtils.pause;
public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
@ -155,6 +159,8 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
@Before
public void createParentChild() {
BrokerTestTools.createKcOidcBroker(adminClient, REALM_NAME, PARENT_REALM, suiteContext);
testRealmLoginPage.setAuthRealm(REALM_NAME);
}
@ -162,7 +168,7 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
public void testErrorConditions() throws Exception {
RealmResource realm = adminClient.realms().realm(REALM_NAME);
List<FederatedIdentityRepresentation> links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
ClientRepresentation client = adminClient.realms().realm(REALM_NAME).clients().findByClientId(CLIENT_ID).get(0);
@ -179,28 +185,26 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
.build(REALM_NAME, PARENT_REALM).toString();
// test that child user cannot log into parent realm
navigateTo(linkUrl);
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
loginPage.login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
Assert.assertTrue(driver.getCurrentUrl().contains("link_error=not_logged_in"));
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
assertThat(driver.getCurrentUrl()).contains("link_error=not_logged_in");
logoutAll();
// now log in
navigateTo(LINKING_URL + "?response=true");
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
loginPage.login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
Assert.assertTrue("Must be on linking page", linkingPage.isCurrent());
Assert.assertEquals("account linked", linkingPage.getErrorMessage().toLowerCase());
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
linkingPage.assertIsCurrent();
assertThat(linkingPage.getErrorMessage()).isEqualToIgnoringCase("account linked");
// now test CSRF with bad hash.
navigateTo(linkUrl);
Assert.assertTrue(driver.getPageSource().contains("We're sorry..."));
assertThat(driver.getPageSource()).contains("We're sorry...");
logoutAll();
@ -220,10 +224,11 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
clientResource.getScopeMappings().realmLevel().add(roles);
navigateTo(LINKING_URL + "?response=true");
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
loginPage.login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
Assert.assertTrue(linkingPage.isCurrent());
Assert.assertEquals("account linked", linkingPage.getErrorMessage().toLowerCase());
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
linkingPage.assertIsCurrent();
assertThat(linkingPage.getErrorMessage()).isEqualToIgnoringCase("account linked");
UriBuilder linkBuilder = UriBuilder.fromUri(LINKING_URL);
String clientLinkUrl = linkBuilder.clone()
@ -231,86 +236,93 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
.queryParam("provider", PARENT_REALM).build().toString();
navigateTo(clientLinkUrl);
Assert.assertTrue(driver.getCurrentUrl().contains("error=not_allowed"));
assertThat(driver.getCurrentUrl()).contains("error=not_allowed");
logoutAll();
// add MANAGE_ACCOUNT_LINKS scope should pass.
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
roles = new LinkedList<>();
roles.add(manageLinks);
clientResource.getScopeMappings().clientLevel(accountId).add(roles);
navigateTo(clientLinkUrl);
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
loginPage.login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
Assert.assertTrue(loginPage.isCurrent(PARENT_REALM));
loginPage.login(PARENT_USERNAME, PARENT_PASSWORD);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
Assert.assertTrue(driver.getCurrentUrl().startsWith(linkBuilder.toTemplate()));
Assert.assertTrue(driver.getPageSource().contains("Account linked"));
testRealmLoginPage.setAuthRealm(PARENT_REALM);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(PARENT_USERNAME, PARENT_PASSWORD);
testRealmLoginPage.setAuthRealm(REALM_NAME); // clean
assertThat(driver.getCurrentUrl()).startsWith(linkBuilder.toTemplate());
assertThat(driver.getPageSource()).contains("Account linked");
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertFalse(links.isEmpty());
assertThat(links).isNotEmpty();
realm.users().get(childUserId).removeFederatedIdentity(PARENT_REALM);
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
clientResource.getScopeMappings().clientLevel(accountId).remove(roles);
logoutAll();
navigateTo(clientLinkUrl);
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
loginPage.login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
Assert.assertTrue(driver.getCurrentUrl().contains("link_error=not_allowed"));
assertThat(driver.getCurrentUrl()).contains("link_error=not_allowed");
logoutAll();
// add MANAGE_ACCOUNT scope should pass
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
roles = new LinkedList<>();
roles.add(manageAccount);
clientResource.getScopeMappings().clientLevel(accountId).add(roles);
navigateTo(clientLinkUrl);
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
loginPage.login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
Assert.assertTrue(loginPage.isCurrent(PARENT_REALM));
loginPage.login(PARENT_USERNAME, PARENT_PASSWORD);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
Assert.assertTrue(driver.getCurrentUrl().startsWith(linkBuilder.toTemplate()));
Assert.assertTrue(driver.getPageSource().contains("Account linked"));
testRealmLoginPage.setAuthRealm(PARENT_REALM);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(PARENT_USERNAME, PARENT_PASSWORD);
testRealmLoginPage.setAuthRealm(REALM_NAME); // clean
assertThat(driver.getCurrentUrl()).startsWith(linkBuilder.toTemplate());
assertThat(driver.getPageSource()).contains("Account linked");
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertFalse(links.isEmpty());
assertThat(links).isNotEmpty();
realm.users().get(childUserId).removeFederatedIdentity(PARENT_REALM);
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
clientResource.getScopeMappings().clientLevel(accountId).remove(roles);
logoutAll();
navigateTo(clientLinkUrl);
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
loginPage.login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
Assert.assertTrue(driver.getCurrentUrl().contains("link_error=not_allowed"));
assertThat(driver.getCurrentUrl()).contains("link_error=not_allowed");
logoutAll();
// undo fullScopeAllowed
client = adminClient.realms().realm(REALM_NAME).clients().findByClientId(CLIENT_ID).get(0);
@ -318,7 +330,7 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
clientResource.update(client);
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
logoutAll();
}
@ -327,7 +339,7 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
public void testAccountLink() throws Exception {
RealmResource realm = adminClient.realms().realm(REALM_NAME);
List<FederatedIdentityRepresentation> links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
UriBuilder linkBuilder = UriBuilder.fromUri(LINKING_URL);
String linkUrl = linkBuilder.clone()
@ -335,15 +347,21 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
.queryParam("provider", PARENT_REALM).build().toString();
log.info("linkUrl: " + linkUrl);
navigateTo(linkUrl);
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
Assert.assertTrue(driver.getPageSource().contains(PARENT_REALM));
loginPage.login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
Assert.assertTrue(loginPage.isCurrent(PARENT_REALM));
loginPage.login(PARENT_USERNAME, PARENT_PASSWORD);
assertCurrentUrlStartsWith(testRealmLoginPage);
assertThat(driver.getPageSource()).contains(PARENT_REALM);
testRealmLoginPage.form().login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
testRealmLoginPage.setAuthRealm(PARENT_REALM);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(PARENT_USERNAME, PARENT_PASSWORD);
testRealmLoginPage.setAuthRealm(REALM_NAME); // clean
log.info("After linking: " + driver.getCurrentUrl());
log.info(driver.getPageSource());
Assert.assertTrue(driver.getCurrentUrl().startsWith(linkBuilder.toTemplate()));
Assert.assertTrue(driver.getPageSource().contains("Account linked"));
assertThat(driver.getCurrentUrl()).startsWith(linkBuilder.toTemplate());
assertThat(driver.getPageSource()).contains("Account linked");
OAuthClient.AccessTokenResponse response = oauth.doGrantAccessTokenRequest(
REALM_NAME,
@ -352,24 +370,28 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
null,
CLIENT_ID,
SECRET);
Assert.assertNotNull(response.getAccessToken());
Assert.assertNull(response.getError());
assertThat(response.getAccessToken()).isNotNull();
assertThat(response.getError()).isNull();
Client httpClient = ClientBuilder.newClient();
String firstToken = getToken(response, httpClient);
Assert.assertNotNull(firstToken);
assertThat(firstToken).isNotNull();
navigateTo(linkUrl);
Assert.assertTrue(driver.getPageSource().contains("Account linked"));
assertThat(driver.getPageSource()).contains("Account linked");
String nextToken = getToken(response, httpClient);
Assert.assertNotNull(nextToken);
Assert.assertNotEquals(firstToken, nextToken);
assertThat(nextToken).isNotNull();
assertThat(firstToken).isNotEqualTo(nextToken);
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertFalse(links.isEmpty());
assertThat(links).isNotEmpty();
realm.users().get(childUserId).removeFederatedIdentity(PARENT_REALM);
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
logoutAll();
}
@ -383,40 +405,46 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
try {
List<FederatedIdentityRepresentation> links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
UriBuilder linkBuilder = UriBuilder.fromUri(LINKING_URL);
String linkUrl = linkBuilder.clone()
.queryParam("realm", REALM_NAME)
.queryParam("provider", PARENT_REALM).build().toString();
navigateTo(linkUrl);
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
assertCurrentUrlStartsWith(testRealmLoginPage);
// should not be on login page. This is what we are testing
Assert.assertFalse(driver.getPageSource().contains(PARENT_REALM));
assertThat(driver.getPageSource()).doesNotContain(PARENT_REALM);
// now test that we can still link.
loginPage.login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
Assert.assertTrue(loginPage.isCurrent(PARENT_REALM));
loginPage.login(PARENT_USERNAME, PARENT_PASSWORD);
testRealmLoginPage.form().login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
testRealmLoginPage.setAuthRealm(PARENT_REALM);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(PARENT_USERNAME, PARENT_PASSWORD);
testRealmLoginPage.setAuthRealm(REALM_NAME);
log.info("After linking: " + driver.getCurrentUrl());
log.info(driver.getPageSource());
Assert.assertTrue(driver.getCurrentUrl().startsWith(linkBuilder.toTemplate()));
Assert.assertTrue(driver.getPageSource().contains("Account linked"));
assertThat(driver.getCurrentUrl()).startsWith(linkBuilder.toTemplate());
assertThat(driver.getPageSource()).contains("Account linked");
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertFalse(links.isEmpty());
assertThat(links).isNotEmpty();
realm.users().get(childUserId).removeFederatedIdentity(PARENT_REALM);
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
logoutAll();
log.info("testing link-only attack");
navigateTo(linkUrl);
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
assertCurrentUrlStartsWith(testRealmLoginPage);
log.info("login page uri is: " + driver.getCurrentUrl());
@ -443,7 +471,7 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
navigateTo(uri);
Assert.assertTrue(driver.getPageSource().contains("Could not send authentication request to identity provider."));
assertThat(driver.getPageSource()).contains("Could not send authentication request to identity provider.");
} finally {
rep.setLinkOnly(false);
realm.identityProviders().get(PARENT_REALM).update(rep);
@ -454,14 +482,14 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
public void testAccountNotLinkedAutomatically() throws Exception {
RealmResource realm = adminClient.realms().realm(REALM_NAME);
List<FederatedIdentityRepresentation> links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
// Login to account mgmt first
profilePage.open(REALM_NAME);
WaitUtils.waitForPageToLoad();
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
loginPage.login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
profilePage.assertCurrent();
// Now in another tab, open login screen with "prompt=login" . Login screen will be displayed even if I have SSO cookie
@ -471,22 +499,27 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
.build().toString();
navigateTo(linkUrl);
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
assertCurrentUrlStartsWith(testRealmLoginPage);
loginPage.clickSocial(PARENT_REALM);
Assert.assertTrue(loginPage.isCurrent(PARENT_REALM));
loginPage.login(PARENT_USERNAME, PARENT_PASSWORD);
testRealmLoginPage.setAuthRealm(PARENT_REALM);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(PARENT_USERNAME, PARENT_PASSWORD);
testRealmLoginPage.setAuthRealm(REALM_NAME);
// Test I was not automatically linked.
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
loginUpdateProfilePage.assertCurrent();
loginUpdateProfilePage.update("Joe", "Doe", "joe@parent.com");
errorPage.assertCurrent();
Assert.assertEquals("You are already authenticated as different user '"
+ CHILD_USERNAME_1
+ "' in this session. Please logout first.", errorPage.getError());
assertThat(errorPage.getError()).isEqualTo("You are already authenticated as different user '"
+ CHILD_USERNAME_1
+ "' in this session. Please logout first.");
logoutAll();
@ -499,14 +532,14 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
public void testAccountLinkingExpired() throws Exception {
RealmResource realm = adminClient.realms().realm(REALM_NAME);
List<FederatedIdentityRepresentation> links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
// Login to account mgmt first
profilePage.open(REALM_NAME);
WaitUtils.waitForPageToLoad();
Assert.assertTrue(loginPage.isCurrent(REALM_NAME));
loginPage.login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(CHILD_USERNAME_1, CHILD_PASSWORD_1);
profilePage.assertCurrent();
// Now in another tab, request account linking
@ -516,22 +549,33 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
.queryParam("provider", PARENT_REALM).build().toString();
navigateTo(linkUrl);
Assert.assertTrue(loginPage.isCurrent(PARENT_REALM));
testRealmLoginPage.setAuthRealm(PARENT_REALM);
assertCurrentUrlStartsWith(testRealmLoginPage);
setTimeOffset(1); // We need to "wait" for 1 second so that notBeforePolicy invalidates token created when logging to child realm
// Logout "child" userSession in the meantime (for example through admin request)
realm.logoutAll();
// Finish login on parent.
loginPage.login(PARENT_USERNAME, PARENT_PASSWORD);
testRealmLoginPage.form().login(PARENT_USERNAME, PARENT_PASSWORD);
// Test I was not automatically linked
links = realm.users().get(childUserId).getFederatedIdentity();
Assert.assertTrue(links.isEmpty());
assertThat(links).isEmpty();
errorPage.assertCurrent();
Assert.assertEquals("Requested broker account linking, but current session is no longer valid.", errorPage.getError());
assertThat(errorPage.getError()).isEqualTo("Requested broker account linking, but current session is no longer valid.");
logoutAll();
navigateTo(linkUrl); // Check we are logged out
testRealmLoginPage.setAuthRealm(REALM_NAME);
assertCurrentUrlStartsWith(testRealmLoginPage);
resetTimeOffset();
}
private void navigateTo(String uri) {

56
testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/BasicSpringBootTest.java
View file

@ -1,7 +1,6 @@
package org.keycloak.testsuite.springboot;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.admin.client.resource.RolesResource;
@ -9,6 +8,10 @@ import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.admin.ApiUtil;
import static org.assertj.core.api.Assertions.assertThat;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
public class BasicSpringBootTest extends AbstractSpringBootTest {
private static final String USER_LOGIN_2 = "testuser2";
@ -26,6 +29,8 @@ public class BasicSpringBootTest extends AbstractSpringBootTest {
rolesResource.create(role);
addUser(USER_LOGIN_2, USER_EMAIL_2, USER_PASSWORD_2, INCORRECT_ROLE);
testRealmLoginPage.setAuthRealm(REALM_NAME);
}
@After
@ -39,56 +44,61 @@ public class BasicSpringBootTest extends AbstractSpringBootTest {
adminClient.realm(REALM_NAME).roles().deleteRole(INCORRECT_ROLE);
}
private void navigateToApplication() {
driver.navigate().to(APPLICATION_URL + "/index.html");
waitForPageToLoad();
}
@Test
public void testCorrectUser() {
driver.navigate().to(APPLICATION_URL + "/index.html");
Assert.assertTrue("Must be on application page", applicationPage.isCurrent());
navigateToApplication();
applicationPage.assertIsCurrent();
applicationPage.goAdmin();
Assert.assertTrue("Must be on login page", loginPage.isCurrent());
assertCurrentUrlStartsWith(testRealmLoginPage);
loginPage.login(USER_LOGIN, USER_PASSWORD);
testRealmLoginPage.form().login(USER_LOGIN, USER_PASSWORD);
Assert.assertTrue("Must be on admin page", adminPage.isCurrent());
Assert.assertTrue("Admin page must contain correct div",
driver.getPageSource().contains("You are now admin"));
adminPage.assertIsCurrent();
assertThat(driver.getPageSource()).contains("You are now admin");
driver.navigate().to(logoutPage(BASE_URL));
waitForPageToLoad();
Assert.assertTrue("Must be on login page", loginPage.isCurrent());
assertCurrentUrlStartsWith(testRealmLoginPage);
}
@Test
public void testIncorrectUser() {
driver.navigate().to(APPLICATION_URL + "/index.html");
Assert.assertTrue("Must be on application page", applicationPage.isCurrent());
navigateToApplication();
applicationPage.assertIsCurrent();
applicationPage.goAdmin();
Assert.assertTrue("Must be on login page", loginPage.isCurrent());
assertCurrentUrlStartsWith(testRealmLoginPage);
loginPage.login(USER_LOGIN_2, USER_PASSWORD_2);
testRealmLoginPage.form().login(USER_LOGIN_2, USER_PASSWORD_2);
Assert.assertTrue("Must return 403 because of incorrect role", driver.getPageSource().contains("Forbidden"));
assertThat(driver.getPageSource()).contains("Forbidden");
driver.navigate().to(logoutPage(BASE_URL));
waitForPageToLoad();
}
@Test
public void testIncorrectCredentials() {
driver.navigate().to(APPLICATION_URL + "/index.html");
Assert.assertTrue("Must be on application page", applicationPage.isCurrent());
navigateToApplication();
applicationPage.assertIsCurrent();
applicationPage.goAdmin();
Assert.assertTrue("Must be on login page", loginPage.isCurrent());
assertCurrentUrlStartsWith(testRealmLoginPage);
loginPage.login(USER_LOGIN, USER_PASSWORD_2);
testRealmLoginPage.form().login(USER_LOGIN, USER_PASSWORD_2);
Assert.assertEquals("Error message about password",
"Invalid username or password.", loginPage.getError());
assertThat(testRealmLoginPage.feedbackMessage().isError()).isTrue();
assertThat(testRealmLoginPage.feedbackMessage().getText()).isEqualTo("Invalid username or password.");
}
}

92
testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/OfflineTokenSpringBootTest.java
View file

@ -1,7 +1,10 @@
package org.keycloak.testsuite.springboot;
import org.eclipse.persistence.annotations.BatchFetch;
import org.hibernate.annotations.SelectBeforeUpdate;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.OAuth2Constants;
@ -21,7 +24,10 @@ import org.openqa.selenium.By;
import javax.ws.rs.core.UriBuilder;
import java.util.List;
import static org.assertj.core.api.Assertions.assertThat;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.WaitUtils.pause;
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
public class OfflineTokenSpringBootTest extends AbstractSpringBootTest {
private static final String SERVLET_URL = BASE_URL + "/TokenServlet";
@ -35,22 +41,26 @@ public class OfflineTokenSpringBootTest extends AbstractSpringBootTest {
@Page
private OAuthGrantPage oauthGrantPage;
@Before
public void setUpAuthRealm() {
testRealmLoginPage.setAuthRealm(REALM_NAME);
}
@Test
public void testTokens() {
String servletUri = UriBuilder.fromUri(SERVLET_URL)
.queryParam(OAuth2Constants.SCOPE, OAuth2Constants.OFFLINE_ACCESS)
.build().toString();
driver.navigate().to(servletUri);
waitForPageToLoad();
Assert.assertTrue("Must be on login page", loginPage.isCurrent());
loginPage.login(USER_LOGIN, USER_PASSWORD);
assertCurrentUrlStartsWith(testRealmLoginPage);
testRealmLoginPage.form().login(USER_LOGIN, USER_PASSWORD);
WaitUtils.waitUntilElement(By.tagName("body")).is().visible();
tokenPage.assertIsCurrent();
Assert.assertTrue("Must be on tokens page", tokenPage.isCurrent());
Assert.assertEquals(TokenUtil.TOKEN_TYPE_OFFLINE, tokenPage.getRefreshToken().getType());
Assert.assertEquals(0, tokenPage.getRefreshToken().getExpiration());
assertThat(tokenPage.getRefreshToken().getType()).isEqualTo(TokenUtil.TOKEN_TYPE_OFFLINE);
assertThat(tokenPage.getRefreshToken().getExpiration()).isEqualTo(0);
String accessTokenId = tokenPage.getAccessToken().getId();
String refreshTokenId = tokenPage.getRefreshToken().getId();
@ -58,14 +68,17 @@ public class OfflineTokenSpringBootTest extends AbstractSpringBootTest {
setAdapterAndServerTimeOffset(9999, SERVLET_URL);
driver.navigate().to(SERVLET_URL);
Assert.assertTrue("Must be on tokens page", tokenPage.isCurrent());
Assert.assertNotEquals(refreshTokenId, tokenPage.getRefreshToken().getId());
Assert.assertNotEquals(accessTokenId, tokenPage.getAccessToken().getId());
waitForPageToLoad();
tokenPage.assertIsCurrent();
assertThat(tokenPage.getRefreshToken().getId()).isNotEqualTo(refreshTokenId);
assertThat(tokenPage.getAccessToken().getId()).isNotEqualTo(accessTokenId);
setAdapterAndServerTimeOffset(0, SERVLET_URL);
driver.navigate().to(logoutPage(SERVLET_URL));
Assert.assertTrue("Must be on login page", loginPage.isCurrent());
waitForPageToLoad();
assertCurrentUrlStartsWith(testRealmLoginPage);
}
@Test
@ -75,34 +88,42 @@ public class OfflineTokenSpringBootTest extends AbstractSpringBootTest {
.queryParam(OAuth2Constants.SCOPE, OAuth2Constants.OFFLINE_ACCESS)
.build().toString();
driver.navigate().to(servletUri);
WaitUtils.waitUntilElement(By.tagName("body")).is().visible();
waitForPageToLoad();
loginPage.login(USER_LOGIN, USER_PASSWORD);
Assert.assertTrue("Must be on token page", tokenPage.isCurrent());
assertCurrentUrlStartsWith(testRealmLoginPage);
Assert.assertEquals(tokenPage.getRefreshToken().getType(), TokenUtil.TOKEN_TYPE_OFFLINE);
testRealmLoginPage.form().login(USER_LOGIN, USER_PASSWORD);
tokenPage.assertIsCurrent();
assertThat(tokenPage.getRefreshToken().getType()).isEqualTo(TokenUtil.TOKEN_TYPE_OFFLINE);
// Assert refresh works with increased time
setAdapterAndServerTimeOffset(9999, SERVLET_URL);
driver.navigate().to(SERVLET_URL);
Assert.assertTrue("Must be on token page", tokenPage.isCurrent());
waitForPageToLoad();
tokenPage.assertIsCurrent();
setAdapterAndServerTimeOffset(0, SERVLET_URL);
events.clear();
// Go to account service and revoke grant
accountAppPage.open();
waitForPageToLoad();
List<String> additionalGrants = accountAppPage.getApplications().get(CLIENT_ID).getAdditionalGrants();
Assert.assertEquals(additionalGrants.size(), 1);
Assert.assertEquals(additionalGrants.get(0), "Offline Token");
assertThat(additionalGrants)
.hasSize(1)
.contains("Offline Token");
accountAppPage.revokeGrant(CLIENT_ID);
pause(500);
Assert.assertEquals(accountAppPage.getApplications().get(CLIENT_ID).getAdditionalGrants().size(), 0);
assertThat(accountAppPage.getApplications().get(CLIENT_ID).getAdditionalGrants()).hasSize(0);
UserRepresentation userRepresentation =
ApiUtil.findUserByUsername(realmsResouce().realm(REALM_NAME), USER_LOGIN);
Assert.assertNotNull("User should exist", userRepresentation);
ApiUtil.findUserByUsername(realmsResouce().realm(REALM_NAME), USER_LOGIN);
assertThat(userRepresentation).isNotNull();
events.expect(EventType.REVOKE_GRANT).realm(REALM_ID).user(userRepresentation.getId())
.client("account").detail(Details.REVOKED_CLIENT, CLIENT_ID).assertEvent();
@ -110,7 +131,9 @@ public class OfflineTokenSpringBootTest extends AbstractSpringBootTest {
// Assert refresh doesn't work now (increase time one more time)
setAdapterAndServerTimeOffset(9999, SERVLET_URL);
driver.navigate().to(SERVLET_URL);
loginPage.assertCurrent();
waitForPageToLoad();
assertCurrentUrlStartsWith(testRealmLoginPage);
setAdapterAndServerTimeOffset(0, SERVLET_URL);
}
@ -120,35 +143,36 @@ public class OfflineTokenSpringBootTest extends AbstractSpringBootTest {
// Assert grant page doesn't have 'Offline Access' role when offline token is not requested
driver.navigate().to(SERVLET_URL);
loginPage.login(USER_LOGIN, USER_PASSWORD);
waitForPageToLoad();
testRealmLoginPage.form().login(USER_LOGIN, USER_PASSWORD);
oauthGrantPage.assertCurrent();
WaitUtils.waitUntilElement(By.xpath("//body")).text().not().contains("Offline access");
oauthGrantPage.cancel();
driver.navigate().to(UriBuilder.fromUri(SERVLET_URL)
.queryParam(OAuth2Constants.SCOPE, OAuth2Constants.OFFLINE_ACCESS)
.build().toString());
WaitUtils.waitUntilElement(By.tagName("body")).is().visible();
waitForPageToLoad();
loginPage.login(USER_LOGIN, USER_PASSWORD);
testRealmLoginPage.form().login(USER_LOGIN, USER_PASSWORD);
oauthGrantPage.assertCurrent();
WaitUtils.waitUntilElement(By.xpath("//body")).text().contains(OAuthGrantPage.OFFLINE_ACCESS_CONSENT_TEXT);
oauthGrantPage.accept();
Assert.assertTrue("Must be on token page", tokenPage.isCurrent());
Assert.assertEquals(tokenPage.getRefreshToken().getType(), TokenUtil.TOKEN_TYPE_OFFLINE);
tokenPage.assertIsCurrent();
assertThat(tokenPage.getRefreshToken().getType()).isEqualTo(TokenUtil.TOKEN_TYPE_OFFLINE);
String accountAppPageUrl =
Urls.accountApplicationsPage(getAuthServerRoot(), REALM_NAME).toString();
driver.navigate().to(accountAppPageUrl);
waitForPageToLoad();
AccountApplicationsPage.AppEntry offlineClient = accountAppPage.getApplications().get(CLIENT_ID);
Assert.assertTrue(offlineClient.getClientScopesGranted().contains(OAuthGrantPage.OFFLINE_ACCESS_CONSENT_TEXT));
Assert.assertTrue(offlineClient.getAdditionalGrants().contains("Offline Token"));
assertThat(offlineClient.getClientScopesGranted()).contains(OAuthGrantPage.OFFLINE_ACCESS_CONSENT_TEXT);
assertThat(offlineClient.getAdditionalGrants()).contains("Offline Token");
//This was necessary to be introduced, otherwise other testcases will fail
driver.navigate().to(logoutPage(SERVLET_URL));
loginPage.assertCurrent();
assertCurrentUrlStartsWith(testRealmLoginPage);
events.clear();

110
testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/SessionSpringBootTest.java
View file

@ -3,7 +3,6 @@ package org.keycloak.testsuite.springboot;
import org.jboss.arquillian.drone.api.annotation.Drone;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.admin.client.resource.ClientResource;
@ -13,11 +12,18 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.auth.page.account.Sessions;
import org.keycloak.testsuite.auth.page.login.OIDCLogin;
import org.keycloak.testsuite.util.DroneUtils;
import org.keycloak.testsuite.util.SecondBrowser;
import org.keycloak.testsuite.util.WaitUtils;
import org.openqa.selenium.By;
import org.openqa.selenium.WebDriver;
import static org.assertj.core.api.Assertions.assertThat;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.WaitUtils.pause;
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
public class SessionSpringBootTest extends AbstractSpringBootTest {
private static final String SERVLET_URL = BASE_URL + "/SessionServlet";
@ -29,10 +35,18 @@ public class SessionSpringBootTest extends AbstractSpringBootTest {
@Page
private SessionPage sessionPage;
@Page
@SecondBrowser
private SessionPage secondBrowserSessionPage;
@Drone
@SecondBrowser
private WebDriver driver2;
@Page
@SecondBrowser
private OIDCLogin secondTestRealmLoginPage;
@Page
private Sessions realmSessions;
@ -40,23 +54,24 @@ public class SessionSpringBootTest extends AbstractSpringBootTest {
public void setDefaultPageUriParameters() {
super.setDefaultPageUriParameters();
realmSessions.setAuthRealm(REALM_NAME);
testRealmLoginPage.setAuthRealm(REALM_NAME);
secondTestRealmLoginPage.setAuthRealm(REALM_NAME);
}
private void loginAndCheckSession() {
driver.navigate().to(SERVLET_URL);
Assert.assertTrue("Must be on login page", loginPage.isCurrent());
loginPage.login(USER_LOGIN, USER_PASSWORD);
WaitUtils.waitUntilElement(By.tagName("body")).is().visible();
Assert.assertTrue("Must be on servlet page", sessionPage.isCurrent());
Assert.assertEquals("Counter must be 0", 0, sessionPage.getCounter());
waitForPageToLoad();
assertCurrentUrlStartsWith(testRealmLoginPage, driver);
testRealmLoginPage.form().login(USER_LOGIN, USER_PASSWORD);
sessionPage.assertIsCurrent();
assertThat(sessionPage.getCounter()).isEqualTo(0);
driver.navigate().to(SERVLET_URL);
Assert.assertEquals("Counter now must be 1", 1, sessionPage.getCounter());
}
waitForPageToLoad();
private boolean checkCounterInSource(WebDriver driver, int counter) {
return driver.getPageSource().replaceAll("\\s", "")
.contains("<spanid=\"counter\">" + counter + "</span>");
assertThat(sessionPage.getCounter()).isEqualTo(1);
}
@Before
@ -74,37 +89,52 @@ public class SessionSpringBootTest extends AbstractSpringBootTest {
@Test
public void testSingleSessionInvalidated() {
loginAndCheckSession();
// cannot pass to loginAndCheckSession becayse loginPage is not working together with driver2, therefore copypasta
DroneUtils.addWebDriver(driver2);
driver2.navigate().to(SERVLET_URL);
waitForPageToLoad(); // driver2 will be used because of DroneUtils.addWebDriver()
log.info("current title is " + driver2.getTitle());
Assert.assertTrue("Must be on login page", driver2.getTitle().toLowerCase().startsWith("log in to"));
driver2.findElement(By.id("username")).sendKeys(USER_LOGIN);
driver2.findElement(By.id("password")).sendKeys(USER_PASSWORD);
driver2.findElement(By.id("password")).submit();
Assert.assertTrue("Must be on session page", driver2.getTitle().equals(SessionPage.PAGE_TITLE));
Assert.assertTrue("Counter must be 0", checkCounterInSource(driver2, 0));
assertCurrentUrlStartsWith(secondTestRealmLoginPage, driver2);
secondTestRealmLoginPage.form().login(USER_LOGIN, USER_PASSWORD);
secondBrowserSessionPage.assertIsCurrent();
assertThat(secondBrowserSessionPage.getCounter()).isEqualTo(0);
// Counter increased now
driver2.navigate().to(SERVLET_URL);
Assert.assertTrue("Counter must be 1", checkCounterInSource(driver2, 1));
waitForPageToLoad(); // driver2 will be used because of DroneUtils.addWebDriver()
assertThat(secondBrowserSessionPage.getCounter()).isEqualTo(1);
DroneUtils.removeWebDriver(); // From now driver will be used instead of driver2
// Logout in browser1
driver.navigate().to(logoutPage(SERVLET_URL));
waitForPageToLoad();
// Assert that I am logged out in browser1
driver.navigate().to(SERVLET_URL);
Assert.assertTrue("Must be on login page", loginPage.isCurrent());
waitForPageToLoad();
assertCurrentUrlStartsWith(testRealmLoginPage, driver);
// Assert that I am still logged in browser2 and same session is still preserved
DroneUtils.addWebDriver(driver2);
driver2.navigate().to(SERVLET_URL);
Assert.assertTrue("Must be on session page", driver2.getTitle().equals(SessionPage.PAGE_TITLE));
Assert.assertTrue("Counter must be 2", checkCounterInSource(driver2, 2));
waitForPageToLoad();
secondBrowserSessionPage.assertIsCurrent();
assertThat(secondBrowserSessionPage.getCounter()).isEqualTo(2);
driver2.navigate().to(logoutPage(SERVLET_URL));
Assert.assertTrue("Must be on login page", driver2.getTitle().toLowerCase().startsWith("log in to"));
waitForPageToLoad();
assertCurrentUrlStartsWith(secondTestRealmLoginPage, driver2);
DroneUtils.removeWebDriver();
}
@Test
@ -117,7 +147,9 @@ public class SessionSpringBootTest extends AbstractSpringBootTest {
clientResource = realmResource.clients().get(clientRep.getId());
}
}
Assert.assertNotNull(clientResource);
assertThat(clientResource).isNotNull();
clientResource.toRepresentation().setAdminUrl("");
int origTokenLifespan = realmRep.getAccessCodeLifespan();
realmRep.setAccessCodeLifespan(1);
@ -129,17 +161,24 @@ public class SessionSpringBootTest extends AbstractSpringBootTest {
// Logout
String logoutUri = logoutPage(SERVLET_URL);
driver.navigate().to(logoutUri);
waitForPageToLoad();
// Assert that http session was invalidated
driver.navigate().to(SERVLET_URL);
Assert.assertTrue("Must be on login page", loginPage.isCurrent());
loginPage.login(USER_LOGIN, USER_PASSWORD);
Assert.assertTrue("Must be on session page", sessionPage.isCurrent());
Assert.assertEquals("Counter must be 0", 0, sessionPage.getCounter());
waitForPageToLoad();
assertCurrentUrlStartsWith(testRealmLoginPage, driver);
testRealmLoginPage.form().login(USER_LOGIN, USER_PASSWORD);
sessionPage.assertIsCurrent();
assertThat(sessionPage.getCounter()).isEqualTo(0);
clientResource.toRepresentation().setAdminUrl(BASE_URL);
realmRep.setAccessCodeLifespan(origTokenLifespan);
realmResource.update(realmRep);
driver.navigate().to(logoutUri);
waitForPageToLoad();
}
@Test
@ -153,17 +192,26 @@ public class SessionSpringBootTest extends AbstractSpringBootTest {
// user1 should be still logged with original httpSession in our browser window
driver.navigate().to(SERVLET_URL);
Assert.assertTrue("Must be on session page", sessionPage.isCurrent());
Assert.assertEquals("Counter must be 2", 2, sessionPage.getCounter());
waitForPageToLoad();
sessionPage.assertIsCurrent();
assertThat(sessionPage.getCounter()).isEqualTo(2);
driver.navigate().to(logoutPage(SERVLET_URL));
waitForPageToLoad();
}
@Test
public void testAccountManagementSessionsLogout() {
loginAndCheckSession();
realmSessions.navigateTo();
realmSessions.logoutAll();
// Assert I need to login again (logout was propagated to the app)
loginAndCheckSession();
driver.navigate().to(logoutPage(SERVLET_URL));
waitForPageToLoad();
}
}