From 5011960cacb82163fadea0980615334259a5e428 Mon Sep 17 00:00:00 2001
From: zschwarz <zschwarz@redhat.com>
Date: Fri, 29 Jul 2016 09:55:56 +0200
Subject: [PATCH] Password policy tests refactoring

---
 .../testsuite/account/AccountTest.java        | 131 +++++++++++++++++-
 .../authentication/PasswordPolicyTest.java    |   6 +
 2 files changed, 133 insertions(+), 4 deletions(-)

diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountTest.java
index 5f8a51df68..5d12db4ca5 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountTest.java
@@ -45,6 +45,7 @@ import javax.ws.rs.core.UriBuilder;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
+
 import org.jboss.arquillian.drone.api.annotation.Drone;
 import org.jboss.arquillian.graphene.page.Page;
 import org.keycloak.representations.idm.EventRepresentation;
@@ -207,10 +208,9 @@ public class AccountTest extends TestRealmKeycloakTest {
         testRealm.setPasswordPolicy(policy);
         testRealm().update(testRealm);
     }
-    @Test
-    public void changePasswordWithLengthPasswordPolicy() {
-        setPasswordPolicy("length");
 
+    @Test
+    public void changePasswordWithBlankCurrentPassword() {
         changePasswordPage.open();
         loginPage.login("test-user@localhost", "password");
         events.expectLogin().client("account").detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password").assertEvent();
@@ -219,7 +219,130 @@ public class AccountTest extends TestRealmKeycloakTest {
         Assert.assertEquals("Please specify password.", profilePage.getError());
         events.expectAccount(EventType.UPDATE_PASSWORD_ERROR).error(Errors.PASSWORD_MISSING).assertEvent();
 
-        changePasswordPage.changePassword("password", "new-password", "new-password");
+        changePasswordPage.changePassword("password", "new", "new");
+        Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());
+        events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
+    }
+
+    @Test
+    public void changePasswordWithLengthPasswordPolicy() {
+        setPasswordPolicy("length(8)");
+
+        changePasswordPage.open();
+        loginPage.login("test-user@localhost", "password");
+        events.expectLogin().client("account").detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password").assertEvent();
+
+        changePasswordPage.changePassword("password", "1234", "1234");
+        Assert.assertEquals("Invalid password: minimum length 8.", profilePage.getError());
+        events.expectAccount(EventType.UPDATE_PASSWORD_ERROR).error(Errors.PASSWORD_REJECTED).assertEvent();
+
+        changePasswordPage.changePassword("password", "12345678", "12345678");
+        Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());
+        events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
+    }
+
+    @Test
+    public void changePasswordWithDigitsPolicy() {
+        setPasswordPolicy("digits(2)");
+
+        changePasswordPage.open();
+        loginPage.login("test-user@localhost", "password");
+        events.expectLogin().client("account").detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password").assertEvent();
+
+        changePasswordPage.changePassword("password", "invalidPassword1", "invalidPassword1");
+        Assert.assertEquals("Invalid password: must contain at least 2 numerical digits.", profilePage.getError());
+        events.expectAccount(EventType.UPDATE_PASSWORD_ERROR).error(Errors.PASSWORD_REJECTED).assertEvent();
+
+        changePasswordPage.changePassword("password", "validPassword12", "validPassword12");
+        Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());
+        events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
+    }
+
+    @Test
+    public void changePasswordWithLowerCasePolicy() {
+        setPasswordPolicy("lowerCase(2)");
+
+        changePasswordPage.open();
+        loginPage.login("test-user@localhost", "password");
+        events.expectLogin().client("account").detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password").assertEvent();
+
+        changePasswordPage.changePassword("password", "iNVALIDPASSWORD", "iNVALIDPASSWORD");
+        Assert.assertEquals("Invalid password: must contain at least 2 lower case characters.", profilePage.getError());
+        events.expectAccount(EventType.UPDATE_PASSWORD_ERROR).error(Errors.PASSWORD_REJECTED).assertEvent();
+
+        changePasswordPage.changePassword("password", "vaLIDPASSWORD", "vaLIDPASSWORD");
+        Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());
+        events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
+    }
+
+    @Test
+    public void changePasswordWithUpperCasePolicy() {
+        setPasswordPolicy("upperCase(2)");
+
+        changePasswordPage.open();
+        loginPage.login("test-user@localhost", "password");
+        events.expectLogin().client("account").detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password").assertEvent();
+
+        changePasswordPage.changePassword("password", "Invalidpassword", "Invalidpassword");
+        Assert.assertEquals("Invalid password: must contain at least 2 upper case characters.", profilePage.getError());
+        events.expectAccount(EventType.UPDATE_PASSWORD_ERROR).error(Errors.PASSWORD_REJECTED).assertEvent();
+
+
+        changePasswordPage.changePassword("password", "VAlidpassword", "VAlidpassword");
+        Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());
+        events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
+    }
+
+    @Test
+    public void changePasswordWithSpecialCharsPolicy() {
+        setPasswordPolicy("specialChars(2)");
+
+        changePasswordPage.open();
+        loginPage.login("test-user@localhost", "password");
+        events.expectLogin().client("account").detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password").assertEvent();
+
+        changePasswordPage.changePassword("password", "invalidPassword*", "invalidPassword*");
+        Assert.assertEquals("Invalid password: must contain at least 2 special characters.", profilePage.getError());
+        events.expectAccount(EventType.UPDATE_PASSWORD_ERROR).error(Errors.PASSWORD_REJECTED).assertEvent();
+
+
+        changePasswordPage.changePassword("password", "validPassword*#", "validPassword*#");
+        Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());
+        events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
+    }
+
+    @Test
+    public void changePasswordWithNotUsernamePolicy() {
+        setPasswordPolicy("notUsername(1)");
+
+        changePasswordPage.open();
+        loginPage.login("test-user@localhost", "password");
+        events.expectLogin().client("account").detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password").assertEvent();
+
+        changePasswordPage.changePassword("password", "test-user@localhost", "test-user@localhost");
+        Assert.assertEquals("Invalid password: must not be equal to the username.", profilePage.getError());
+        events.expectAccount(EventType.UPDATE_PASSWORD_ERROR).error(Errors.PASSWORD_REJECTED).assertEvent();
+
+
+        changePasswordPage.changePassword("password", "newPassword", "newPassword");
+        Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());
+        events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
+    }
+
+    @Test
+    public void changePasswordWithRegexPatternsPolicy() {
+        setPasswordPolicy("regexPattern(^[A-Z]+#[a-z]{8}$)");
+
+        changePasswordPage.open();
+        loginPage.login("test-user@localhost", "password");
+        events.expectLogin().client("account").detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password").assertEvent();
+
+        changePasswordPage.changePassword("password", "invalidPassword", "invalidPassword");
+        Assert.assertEquals("Invalid password: fails to match regex pattern(s).", profilePage.getError());
+        events.expectAccount(EventType.UPDATE_PASSWORD_ERROR).error(Errors.PASSWORD_REJECTED).assertEvent();
+
+
+        changePasswordPage.changePassword("password", "VALID#password", "VALID#password");
         Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());
         events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
     }
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authentication/PasswordPolicyTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authentication/PasswordPolicyTest.java
index 68da020b1a..e70acd4f30 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authentication/PasswordPolicyTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authentication/PasswordPolicyTest.java
@@ -178,6 +178,12 @@ public class PasswordPolicyTest extends AbstractConsoleTest {
 
         testUserCredentialsPage.resetPassword("firstPassword");
         assertAlertDanger();
+
+        testUserCredentialsPage.resetPassword("thirdPassword");
+        assertAlertSuccess();
+
+        testUserCredentialsPage.resetPassword("firstPassword");
+        assertAlertSuccess();
     }
 
 }