Enable WebAuthn tests for Firefox (#30374)

Closes #22075

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
This commit is contained in:
Martin Bartoš 2024-06-18 10:36:01 +02:00 committed by GitHub
parent bb4d2ecf92
commit 5ad3abaa96
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
23 changed files with 54 additions and 20 deletions

View file

@ -686,7 +686,7 @@ jobs:
matrix:
browser:
- chrome
# - firefox disabled until https://github.com/keycloak/keycloak/issues/20777 is resolved
- firefox
fail-fast: false
steps:
- uses: actions/checkout@v4

View file

@ -35,6 +35,7 @@ import org.keycloak.representations.idm.RequiredActionProviderRepresentation;
import org.keycloak.representations.idm.UserSessionRepresentation;
import org.keycloak.testsuite.actions.AbstractAppInitiatedActionTest;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
import org.keycloak.testsuite.pages.LoginUsernameOnlyPage;
import org.keycloak.testsuite.pages.PasswordPage;
import org.keycloak.testsuite.updaters.RealmAttributeUpdater;
@ -46,6 +47,7 @@ import org.keycloak.testsuite.webauthn.authenticators.UseVirtualAuthenticators;
import org.keycloak.testsuite.webauthn.authenticators.VirtualAuthenticatorManager;
import org.keycloak.testsuite.webauthn.pages.WebAuthnRegisterPage;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.firefox.FirefoxDriver;
import java.io.IOException;
import java.util.ArrayList;
@ -165,11 +167,13 @@ public class AppInitiatedActionWebAuthnTest extends AbstractAppInitiatedActionTe
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void proceedSetupWebAuthnLogoutOtherSessionsChecked() throws IOException {
testWebAuthnLogoutOtherSessions(true);
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void proceedSetupWebAuthnLogoutOtherSessionsNotChecked() throws IOException {
testWebAuthnLogoutOtherSessions(false);
}

View file

@ -39,7 +39,7 @@ import static org.hamcrest.MatcherAssert.assertThat;
*
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class VirtualAuthenticatorsManagerTest extends AbstractWebAuthnVirtualTest {
@Drone

View file

@ -61,7 +61,7 @@ import static org.keycloak.testsuite.webauthn.utils.PropertyRequirement.YES;
import static org.openqa.selenium.virtualauthenticator.VirtualAuthenticatorOptions.Protocol;
import static org.openqa.selenium.virtualauthenticator.VirtualAuthenticatorOptions.Transport;
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class WebAuthnIdlessTest extends AbstractWebAuthnVirtualTest {
@Rule

View file

@ -43,10 +43,10 @@ import static org.keycloak.testsuite.webauthn.utils.PropertyRequirement.YES;
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class WebAuthnPropertyTest extends AbstractWebAuthnVirtualTest {
@Test
@IgnoreBrowserDriver(FirefoxDriver.class)
public void residentKey() throws IOException {
getVirtualAuthManager().useAuthenticator(DEFAULT_RESIDENT_KEY.getOptions());
@ -82,7 +82,6 @@ public class WebAuthnPropertyTest extends AbstractWebAuthnVirtualTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class)
public void timeout() throws IOException {
final Integer TIMEOUT = 3; //seconds
@ -106,7 +105,6 @@ public class WebAuthnPropertyTest extends AbstractWebAuthnVirtualTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class)
public void changeAuthenticatorProperties() throws IOException {
getVirtualAuthManager().useAuthenticator(DEFAULT_RESIDENT_KEY.getOptions());

View file

@ -39,6 +39,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
import org.keycloak.testsuite.pages.AppPage.RequestType;
import org.keycloak.testsuite.pages.ErrorPage;
import org.keycloak.testsuite.pages.LoginUsernameOnlyPage;
@ -49,6 +50,7 @@ import org.keycloak.testsuite.util.FlowUtil;
import org.keycloak.testsuite.webauthn.pages.WebAuthnAuthenticatorsList;
import org.keycloak.testsuite.webauthn.updaters.WebAuthnRealmAttributeUpdater;
import org.keycloak.util.JsonSerialization;
import org.openqa.selenium.firefox.FirefoxDriver;
import java.io.IOException;
import java.util.ArrayList;
@ -97,6 +99,7 @@ public class WebAuthnRegisterAndLoginTest extends AbstractWebAuthnVirtualTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void registerUserSuccess() throws IOException {
String username = "registerUserSuccess";
String password = "password";
@ -193,6 +196,7 @@ public class WebAuthnRegisterAndLoginTest extends AbstractWebAuthnVirtualTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void webAuthnPasswordlessAlternativeWithWebAuthnAndPassword() throws IOException {
String userId = null;

View file

@ -36,7 +36,7 @@ import static org.keycloak.testsuite.webauthn.authenticators.DefaultVirtualAuthO
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class WebAuthnTransportsTest extends AbstractWebAuthnVirtualTest {
@Test

View file

@ -45,7 +45,7 @@ public class WebAuthnErrorTest extends AbstractWebAuthnAccountTest {
protected WebAuthnErrorPage webAuthnErrorPage;
@Test
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void errorPageWithTimeout() throws IOException {
final int timeoutSec = 3;
final String authenticatorLabel = "authenticator";

View file

@ -26,9 +26,11 @@ import org.keycloak.authentication.requiredactions.WebAuthnRegisterFactory;
import org.keycloak.models.credential.WebAuthnCredentialModel;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.RequiredActionProviderRepresentation;
import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
import org.keycloak.testsuite.webauthn.pages.SigningInPage;
import org.keycloak.testsuite.webauthn.pages.WebAuthnAuthenticatorsList;
import org.keycloak.theme.DateTimeFormatterUtil;
import org.openqa.selenium.firefox.FirefoxDriver;
import java.io.Closeable;
import java.io.IOException;
@ -73,16 +75,19 @@ public class WebAuthnSigningInTest extends AbstractWebAuthnAccountTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void twoFactorWebAuthnTest() {
testWebAuthn(false);
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void passwordlessWebAuthnTest() {
testWebAuthn(true);
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void createWebAuthnSameUserLabel() {
final String SAME_LABEL = "key123";
@ -117,6 +122,7 @@ public class WebAuthnSigningInTest extends AbstractWebAuthnAccountTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void multipleSecurityKeys() {
final String LABEL = "SecurityKey#";
@ -173,6 +179,7 @@ public class WebAuthnSigningInTest extends AbstractWebAuthnAccountTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void displayAvailableAuthenticators() {
addWebAuthnCredential("authenticator#1");
addWebAuthnCredential("authenticator#2");
@ -197,6 +204,7 @@ public class WebAuthnSigningInTest extends AbstractWebAuthnAccountTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void notDisplayAvailableAuthenticatorsPasswordless() {
addWebAuthnCredential("authenticator#1", true);
addWebAuthnCredential("authenticator#2", true);
@ -218,6 +226,7 @@ public class WebAuthnSigningInTest extends AbstractWebAuthnAccountTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void availableAuthenticatorsAfterRemove(){
addWebAuthnCredential("authenticator#1");
addWebAuthnCredential("authenticator#2");
@ -338,6 +347,7 @@ public class WebAuthnSigningInTest extends AbstractWebAuthnAccountTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void userAuthenticatorTimeLocale() throws IOException {
Consumer<String> checkCreatedAtLabels = (requiredLabel) ->
webAuthnLoginPage.getAuthenticators()

View file

@ -47,7 +47,7 @@ import static org.keycloak.testsuite.webauthn.authenticators.DefaultVirtualAuthO
*
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class WebAuthnTransportLocaleTest extends AbstractWebAuthnAccountTest {
@Test

View file

@ -19,11 +19,14 @@ package org.keycloak.testsuite.webauthn.passwordless;
import org.junit.Ignore;
import org.junit.Test;
import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
import org.keycloak.testsuite.webauthn.WebAuthnPropertyTest;
import org.openqa.selenium.firefox.FirefoxDriver;
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class WebAuthnPwdLessPropertyTest extends WebAuthnPropertyTest {
@Override

View file

@ -40,6 +40,7 @@ import static org.keycloak.testsuite.webauthn.authenticators.DefaultVirtualAuthO
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class AttestationConveyanceRegisterTest extends AbstractWebAuthnVirtualTest {
@Test
@ -64,21 +65,18 @@ public class AttestationConveyanceRegisterTest extends AbstractWebAuthnVirtualTe
@Ignore("invalid cert path")
@Test
@IgnoreBrowserDriver(FirefoxDriver.class)
public void attestationConveyancePreferenceNone() {
assertAttestationConveyance(true, AttestationConveyancePreference.NONE);
}
@Ignore("invalid cert path")
@Test
@IgnoreBrowserDriver(FirefoxDriver.class)
public void attestationConveyancePreferenceIndirect() {
assertAttestationConveyance(true, AttestationConveyancePreference.INDIRECT);
}
@Ignore("invalid cert path")
@Test
@IgnoreBrowserDriver(FirefoxDriver.class)
public void attestationConveyancePreferenceDirect() {
getVirtualAuthManager().useAuthenticator(DEFAULT.getOptions().setHasResidentKey(true).setIsUserConsenting(true).setHasUserVerification(true));
assertAttestationConveyance(true, AttestationConveyancePreference.DIRECT);

View file

@ -38,7 +38,7 @@ import static org.keycloak.testsuite.webauthn.authenticators.DefaultVirtualAuthO
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class AuthAttachmentRegisterTest extends AbstractWebAuthnVirtualTest {
@Test

View file

@ -21,11 +21,14 @@ import org.hamcrest.Matchers;
import org.junit.Test;
import org.junit.Ignore;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
import org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest;
import org.keycloak.testsuite.webauthn.pages.WebAuthnAuthenticatorsList;
import org.keycloak.testsuite.webauthn.updaters.AbstractWebAuthnRealmUpdater;
import org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData;
import org.keycloak.utils.StringUtil;
import org.openqa.selenium.firefox.FirefoxDriver;
import org.openqa.selenium.firefox.FirefoxOptions;
import java.io.Closeable;
import java.io.IOException;
@ -51,6 +54,7 @@ public class PolicyJsInjectionTest extends AbstractWebAuthnVirtualTest {
protected final String REDIRECT_SCRIPT = "required\"; window.location.href = \"http://www.keycloak.org\";\"";
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void relyingPartyEntityName() {
verifyInjection((updater) -> updater.setWebAuthnPolicyRpEntityName(REDIRECT_SCRIPT),
WebAuthnRealmData::getRpEntityName,
@ -105,6 +109,7 @@ public class PolicyJsInjectionTest extends AbstractWebAuthnVirtualTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void requireResidentKey() {
// requireResidentKey is set to 'false' and the value is ignored -> success
verifyInjection((updater) -> updater.setWebAuthnPolicyRequireResidentKey(PROMPT_SCRIPT),
@ -126,6 +131,7 @@ public class PolicyJsInjectionTest extends AbstractWebAuthnVirtualTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void injectUserLabel() {
final String originalLabel = "label'`;window.prompt(\"another\");'";

View file

@ -20,9 +20,11 @@ import com.webauthn4j.data.attestation.authenticator.COSEKey;
import com.webauthn4j.data.attestation.statement.COSEAlgorithmIdentifier;
import org.junit.Test;
import org.keycloak.models.credential.dto.WebAuthnCredentialData;
import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
import org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest;
import org.keycloak.testsuite.webauthn.utils.WebAuthnDataWrapper;
import org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData;
import org.openqa.selenium.firefox.FirefoxDriver;
import java.io.Closeable;
import java.io.IOException;
@ -41,6 +43,7 @@ import static org.keycloak.crypto.Algorithm.RS512;
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class PubKeySignRegisterTest extends AbstractWebAuthnVirtualTest {
@Test

View file

@ -42,7 +42,7 @@ import static org.keycloak.testsuite.webauthn.authenticators.DefaultVirtualAuthO
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class ResidentKeyRegisterTest extends AbstractWebAuthnVirtualTest {
@Test

View file

@ -37,7 +37,7 @@ import static org.hamcrest.MatcherAssert.assertThat;
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class UserVerificationRegisterTest extends AbstractWebAuthnVirtualTest {
@Test

View file

@ -65,6 +65,7 @@ public class WebAuthnOtherSettingsTest extends AbstractWebAuthnVirtualTest {
protected AppPage appPage;
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void defaultValues() {
registerDefaultUser("webauthn");
@ -113,7 +114,7 @@ public class WebAuthnOtherSettingsTest extends AbstractWebAuthnVirtualTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void timeout() throws IOException {
final Integer TIMEOUT = 3; //seconds
@ -156,6 +157,7 @@ public class WebAuthnOtherSettingsTest extends AbstractWebAuthnVirtualTest {
}
@Test
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public void excludeCredentials() throws IOException {
List<String> acceptableAaguids = Collections.singletonList(ALL_ONE_AAGUID);

View file

@ -17,11 +17,14 @@
package org.keycloak.testsuite.webauthn.registration.passwordless;
import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
import org.keycloak.testsuite.webauthn.registration.AttestationConveyanceRegisterTest;
import org.openqa.selenium.firefox.FirefoxDriver;
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class PwdLessAttestationRegTest extends AttestationConveyanceRegisterTest {
@Override

View file

@ -24,7 +24,7 @@ import org.openqa.selenium.firefox.FirefoxDriver;
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class PwdLessAuthAttachmentRegTest extends AuthAttachmentRegisterTest {
@Override

View file

@ -17,11 +17,14 @@
package org.keycloak.testsuite.webauthn.registration.passwordless;
import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
import org.keycloak.testsuite.webauthn.registration.PubKeySignRegisterTest;
import org.openqa.selenium.firefox.FirefoxDriver;
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class PwdLessPubKeySignRegTest extends PubKeySignRegisterTest {
@Override

View file

@ -24,7 +24,7 @@ import org.openqa.selenium.firefox.FirefoxDriver;
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class PwdLessResidentKeyRegTest extends ResidentKeyRegisterTest {
@Override

View file

@ -24,7 +24,7 @@ import org.openqa.selenium.firefox.FirefoxDriver;
/**
* @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
*/
@IgnoreBrowserDriver(FirefoxDriver.class)
@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
public class PwdLessUserVerRegTest extends UserVerificationRegisterTest {
@Override