Remove AccountUpdateProfilePage from the testsuite (#19362)
closes #15202
This commit is contained in:
parent
4eb05490f5
commit
612fe33ade
73 changed files with 877 additions and 1278 deletions
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"themes": [{
|
||||
"name" : "address",
|
||||
"types": [ "admin", "account", "login" ]
|
||||
"types": [ "admin", "login" ]
|
||||
}, {
|
||||
"name" : "incorrect",
|
||||
"types": [ "admin" ]
|
||||
|
|
|
@ -1,114 +0,0 @@
|
|||
<#import "template.ftl" as layout>
|
||||
<@layout.mainLayout active='account' bodyClass='user'; section>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-md-10">
|
||||
<h2>${msg("editAccountHtmlTtile")}</h2>
|
||||
</div>
|
||||
<div class="col-md-2 subtitle">
|
||||
<span class="subtitle"><span class="required">*</span> ${msg("requiredFields")}</span>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<form action="${url.accountUrl}" class="form-horizontal" method="post">
|
||||
|
||||
<input type="hidden" id="stateChecker" name="stateChecker" value="${stateChecker}">
|
||||
|
||||
<div class="form-group ${messagesPerField.printIfExists('username','has-error')}">
|
||||
<div class="col-sm-2 col-md-2">
|
||||
<label for="username" class="control-label">${msg("username")}</label> <#if realm.editUsernameAllowed><span class="required">*</span></#if>
|
||||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="text" class="form-control" id="username" name="username" <#if !realm.editUsernameAllowed>disabled="disabled"</#if> value="${(account.username!'')}"/>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group ${messagesPerField.printIfExists('email','has-error')}">
|
||||
<div class="col-sm-2 col-md-2">
|
||||
<label for="email" class="control-label">${msg("email")}</label> <span class="required">*</span>
|
||||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="text" class="form-control" id="email" name="email" autofocus value="${(account.email!'')}"/>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group ${messagesPerField.printIfExists('firstName','has-error')}">
|
||||
<div class="col-sm-2 col-md-2">
|
||||
<label for="firstName" class="control-label">${msg("firstName")}</label> <span class="required">*</span>
|
||||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="text" class="form-control" id="firstName" name="firstName" value="${(account.firstName!'')}"/>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group ${messagesPerField.printIfExists('lastName','has-error')}">
|
||||
<div class="col-sm-2 col-md-2">
|
||||
<label for="lastName" class="control-label">${msg("lastName")}</label> <span class="required">*</span>
|
||||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="text" class="form-control" id="lastName" name="lastName" value="${(account.lastName!'')}"/>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<div class="col-sm-2 col-md-2">
|
||||
<label for="user.attributes.street" class="control-label">${msg("street")}</label>
|
||||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="text" class="form-control" id="user.attributes.street" name="user.attributes.street" value="${(account.attributes.street!'')}"/>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-2 col-md-2">
|
||||
<label for="user.attributes.locality" class="control-label">${msg("locality")}</label>
|
||||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="text" class="form-control" id="user.attributes.locality" name="user.attributes.locality" value="${(account.attributes.locality!'')}"/>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-2 col-md-2">
|
||||
<label for="user.attributes.region" class="control-label">${msg("region")}</label>
|
||||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="text" class="form-control" id="user.attributes.region" name="user.attributes.region" value="${(account.attributes.region!'')}"/>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-2 col-md-2">
|
||||
<label for="user.attributes.postal_code" class="control-label">${msg("postal_code")}</label>
|
||||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="text" class="form-control" id="user.attributes.postal_code" name="user.attributes.postal_code" value="${(account.attributes.postal_code!'')}"/>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-2 col-md-2">
|
||||
<label for="user.attributes.country" class="control-label">${msg("country")}</label>
|
||||
</div>
|
||||
|
||||
<div class="col-sm-10 col-md-10">
|
||||
<input type="text" class="form-control" id="user.attributes.country" name="user.attributes.country" value="${(account.attributes.country!'')}"/>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<div id="kc-form-buttons" class="col-md-offset-2 col-md-10 submit">
|
||||
<div class="">
|
||||
<#if url.referrerURI??><a href="${url.referrerURI}">${msg("backToApplication")?no_esc}/a></#if>
|
||||
<button type="submit" class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonLargeClass!}" name="submitAction" value="Save">${msg("doSave")}</button>
|
||||
<button type="submit" class="${properties.kcButtonClass!} ${properties.kcButtonDefaultClass!} ${properties.kcButtonLargeClass!}" name="submitAction" value="Cancel">${msg("doCancel")}</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
</@layout.mainLayout>
|
|
@ -1,18 +0,0 @@
|
|||
#
|
||||
# Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
# and other contributors as indicated by the @author tags.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
parent=keycloak
|
|
@ -1,198 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.pages;
|
||||
|
||||
import org.keycloak.models.Constants;
|
||||
import org.keycloak.services.resources.RealmsResource;
|
||||
import org.keycloak.testsuite.util.DroneUtils;
|
||||
import org.openqa.selenium.By;
|
||||
import org.openqa.selenium.NoSuchElementException;
|
||||
import org.openqa.selenium.WebElement;
|
||||
import org.openqa.selenium.WebDriver;
|
||||
import org.openqa.selenium.support.FindBy;
|
||||
|
||||
import jakarta.ws.rs.core.UriBuilder;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
public class AccountUpdateProfilePage extends AbstractAccountPage {
|
||||
|
||||
@FindBy(id = "username")
|
||||
private WebElement usernameInput;
|
||||
|
||||
@FindBy(id = "firstName")
|
||||
private WebElement firstNameInput;
|
||||
|
||||
@FindBy(id = "lastName")
|
||||
private WebElement lastNameInput;
|
||||
|
||||
@FindBy(id = "email")
|
||||
private WebElement emailInput;
|
||||
|
||||
|
||||
@FindBy(id = "referrer")
|
||||
private WebElement backToApplicationLink;
|
||||
|
||||
@FindBy(css = "button[type=\"submit\"][value=\"Save\"]")
|
||||
private WebElement submitButton;
|
||||
|
||||
@FindBy(css = "button[type=\"submit\"][value=\"Cancel\"]")
|
||||
private WebElement cancelButton;
|
||||
|
||||
@FindBy(className = "alert-success")
|
||||
private WebElement successMessage;
|
||||
|
||||
@FindBy(className = "alert-error")
|
||||
private WebElement errorMessage;
|
||||
|
||||
public String getPath() {
|
||||
return RealmsResource.accountUrl(UriBuilder.fromUri(getAuthServerRoot())).build("test").toString();
|
||||
}
|
||||
|
||||
public String getPath(String realm) {
|
||||
return RealmsResource.accountUrl(UriBuilder.fromUri(getAuthServerRoot())).build(realm).toString();
|
||||
}
|
||||
|
||||
public void updateProfile(String firstName, String lastName, String email) {
|
||||
firstNameInput.clear();
|
||||
firstNameInput.sendKeys(firstName);
|
||||
lastNameInput.clear();
|
||||
lastNameInput.sendKeys(lastName);
|
||||
emailInput.clear();
|
||||
emailInput.sendKeys(email);
|
||||
|
||||
submitButton.click();
|
||||
}
|
||||
|
||||
public void updateProfile(String username, String firstName, String lastName, String email) {
|
||||
usernameInput.clear();
|
||||
usernameInput.sendKeys(username);
|
||||
firstNameInput.clear();
|
||||
firstNameInput.sendKeys(firstName);
|
||||
lastNameInput.clear();
|
||||
lastNameInput.sendKeys(lastName);
|
||||
emailInput.clear();
|
||||
emailInput.sendKeys(email);
|
||||
|
||||
submitButton.click();
|
||||
}
|
||||
|
||||
public void updateUsername(String username) {
|
||||
usernameInput.clear();
|
||||
usernameInput.sendKeys(username);
|
||||
submitButton.click();
|
||||
}
|
||||
|
||||
public void updateEmail(String email) {
|
||||
emailInput.clear();
|
||||
emailInput.sendKeys(email);
|
||||
submitButton.click();
|
||||
}
|
||||
|
||||
public void updateAttribute(String attrName, String attrValue) {
|
||||
WebElement attrElement = findAttributeInputElement(attrName);
|
||||
attrElement.clear();
|
||||
attrElement.sendKeys(attrValue);
|
||||
submitButton.click();
|
||||
}
|
||||
|
||||
public void submitWithoutChanges() {
|
||||
submitButton.click();
|
||||
}
|
||||
|
||||
public void clickCancel() {
|
||||
cancelButton.click();
|
||||
}
|
||||
|
||||
|
||||
public String getUsername() {
|
||||
return usernameInput.getAttribute("value");
|
||||
}
|
||||
|
||||
public String getFirstName() {
|
||||
return firstNameInput.getAttribute("value");
|
||||
}
|
||||
|
||||
public String getLastName() {
|
||||
return lastNameInput.getAttribute("value");
|
||||
}
|
||||
|
||||
public String getEmail() {
|
||||
return emailInput.getAttribute("value");
|
||||
}
|
||||
|
||||
public String getAttribute(String attrName) {
|
||||
WebElement attrElement = findAttributeInputElement(attrName);
|
||||
return attrElement.getAttribute("value");
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isCurrent() {
|
||||
WebDriver currentDriver = DroneUtils.getCurrentDriver();
|
||||
return currentDriver.getTitle().contains("Account Management") && currentDriver.getPageSource().contains("Edit Account");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void open() {
|
||||
driver.navigate().to(getPath());
|
||||
}
|
||||
|
||||
public void open(String realm) {
|
||||
driver.navigate().to(getPath(realm));
|
||||
}
|
||||
|
||||
public void backToApplication() {
|
||||
backToApplicationLink.click();
|
||||
}
|
||||
|
||||
public String getBackToApplicationLinkText() {
|
||||
try {
|
||||
// Optional screen element, may not be present
|
||||
return backToApplicationLink.getText();
|
||||
} catch (NoSuchElementException ignored) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
public String getBackToApplicationLinkHref() {
|
||||
try {
|
||||
// Optional screen element, may not be present
|
||||
return backToApplicationLink.getAttribute("href");
|
||||
} catch (NoSuchElementException ignored) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
public String getSuccess(){
|
||||
return successMessage.getText();
|
||||
}
|
||||
|
||||
public String getError() {
|
||||
return errorMessage.getText();
|
||||
}
|
||||
|
||||
public boolean isPasswordUpdateSupported() {
|
||||
return driver.getPageSource().contains(getPath() + "/password");
|
||||
}
|
||||
|
||||
private WebElement findAttributeInputElement(String attrName) {
|
||||
String attrId = Constants.USER_ATTRIBUTES_PREFIX + attrName;
|
||||
return driver.findElement(By.id(attrId));
|
||||
}
|
||||
}
|
|
@ -77,7 +77,6 @@ public class LoginPage extends LanguageComboboxAwarePage {
|
|||
@FindBy(className = "instruction")
|
||||
private WebElement instruction;
|
||||
|
||||
|
||||
public void login(String username, String password) {
|
||||
clearUsernameInputAndWaitIfNecessary();
|
||||
usernameInput.sendKeys(username);
|
||||
|
|
|
@ -1,87 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.account.custom;
|
||||
|
||||
import jakarta.ws.rs.core.UriBuilder;
|
||||
|
||||
import org.jboss.arquillian.graphene.page.Page;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.events.Details;
|
||||
import org.keycloak.events.EventType;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.util.RealmBuilder;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||
*/
|
||||
public class CustomThemeTest extends AbstractTestRealmKeycloakTest {
|
||||
|
||||
@Override
|
||||
public void configureTestRealm(RealmRepresentation testRealm) {
|
||||
testRealm.setAccountTheme("address");
|
||||
|
||||
UserRepresentation user2 = UserBuilder.create()
|
||||
.enabled(true)
|
||||
.username("test-user-no-access@localhost")
|
||||
.email("test-user-no-access@localhost")
|
||||
.password("password")
|
||||
.build();
|
||||
|
||||
RealmBuilder.edit(testRealm)
|
||||
.user(user2);
|
||||
}
|
||||
|
||||
@Rule
|
||||
public AssertEvents events = new AssertEvents(this);
|
||||
|
||||
@Page
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
// KEYCLOAK-3494
|
||||
@Test
|
||||
public void changeProfile() throws Exception {
|
||||
profilePage.open();
|
||||
loginPage.login("test-user@localhost", "password");
|
||||
|
||||
events.expectLogin().client("account").detail(Details.REDIRECT_URI, getAccountRedirectUrl()).assertEvent();
|
||||
|
||||
Assert.assertEquals("test-user@localhost", profilePage.getEmail());
|
||||
Assert.assertEquals("", profilePage.getAttribute("street"));
|
||||
|
||||
profilePage.updateAttribute("street", "Elm 1");
|
||||
Assert.assertEquals("Elm 1", profilePage.getAttribute("street"));
|
||||
|
||||
profilePage.updateAttribute("street", "Elm 2");
|
||||
Assert.assertEquals("Elm 2", profilePage.getAttribute("street"));
|
||||
|
||||
events.expectAccount(EventType.UPDATE_PROFILE).assertEvent();
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -21,8 +21,10 @@ import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm;
|
|||
import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.URISyntaxException;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.TimeoutException;
|
||||
|
||||
import org.jboss.arquillian.drone.api.annotation.Drone;
|
||||
|
||||
import org.jboss.arquillian.graphene.page.Page;
|
||||
|
@ -33,12 +35,13 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
|||
import org.keycloak.testsuite.adapter.AbstractAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.AppServerTestEnricher;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppServerWelcomePage;
|
||||
import org.keycloak.testsuite.util.DroneUtils;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.util.JavascriptBrowser;
|
||||
import org.keycloak.testsuite.util.WaitUtils;
|
||||
import org.keycloak.testsuite.util.DroneUtils;
|
||||
import org.keycloak.testsuite.util.TestAppHelper;
|
||||
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
||||
import org.keycloak.testsuite.pages.AppServerWelcomePage;
|
||||
import org.openqa.selenium.WebDriver;
|
||||
import org.wildfly.extras.creaper.core.online.CliException;
|
||||
import org.wildfly.extras.creaper.core.online.OnlineManagementClient;
|
||||
|
@ -54,6 +57,12 @@ import org.wildfly.extras.creaper.core.online.operations.admin.Administration;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
public class ConsoleProtectionTest extends AbstractAdapterTest {
|
||||
|
||||
@Page
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Page
|
||||
protected AppPage appPage;
|
||||
|
||||
// Javascript browser needed KEYCLOAK-4703
|
||||
@Drone
|
||||
@JavascriptBrowser
|
||||
|
@ -63,10 +72,6 @@ public class ConsoleProtectionTest extends AbstractAdapterTest {
|
|||
@JavascriptBrowser
|
||||
protected AppServerWelcomePage appServerWelcomePage;
|
||||
|
||||
@Page
|
||||
@JavascriptBrowser
|
||||
protected AccountUpdateProfilePage accountUpdateProfilePage;
|
||||
|
||||
@Override
|
||||
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
||||
testRealms.add(loadRealm("/wildfly-integration/wildfly-management-realm.json"));
|
||||
|
@ -112,18 +117,13 @@ public class ConsoleProtectionTest extends AbstractAdapterTest {
|
|||
log.debug("Added jsDriver");
|
||||
}
|
||||
|
||||
private void testLogin() throws InterruptedException {
|
||||
appServerWelcomePage.navigateToConsole();
|
||||
appServerWelcomePage.login("admin", "admin");
|
||||
WaitUtils.pause(2000);
|
||||
assertTrue(appServerWelcomePage.isCurrent());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testUserCanAccessAccountService() throws InterruptedException {
|
||||
testLogin();
|
||||
public void testUserCanAccessAccountService() {
|
||||
TestAppHelper testAppHelper = new TestAppHelper(oauth, loginPage, appPage);
|
||||
testAppHelper.login("admin", "admin");
|
||||
appPage.assertCurrent();
|
||||
|
||||
appServerWelcomePage.navigateToAccessControl();
|
||||
appServerWelcomePage.navigateManageProfile();
|
||||
assertTrue(accountUpdateProfilePage.isCurrent());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -52,7 +52,6 @@ import org.keycloak.representations.idm.authorization.ClientPolicyRepresentation
|
|||
import org.keycloak.representations.idm.authorization.DecisionStrategy;
|
||||
import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement;
|
||||
import org.keycloak.services.resources.admin.permissions.AdminPermissions;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
|
@ -60,7 +59,6 @@ import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
|||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||
import org.keycloak.testsuite.broker.BrokerTestTools;
|
||||
import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.pages.LoginUpdateProfilePage;
|
||||
|
@ -113,9 +111,6 @@ public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest
|
|||
@Page
|
||||
protected LoginUpdateProfilePage loginUpdateProfilePage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
@Page
|
||||
private LoginPage loginPage;
|
||||
|
||||
|
|
|
@ -30,7 +30,6 @@ import org.keycloak.common.Profile;
|
|||
import org.keycloak.common.util.Base64Url;
|
||||
import org.keycloak.models.Constants;
|
||||
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
|
||||
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
|
||||
import org.keycloak.representations.AccessTokenResponse;
|
||||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
|
||||
|
@ -39,16 +38,15 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
|||
import org.keycloak.representations.idm.RoleRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.services.resources.LoginActionsService;
|
||||
import org.keycloak.services.resources.RealmsResource;
|
||||
import org.keycloak.testsuite.ActionURIUtils;
|
||||
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
||||
import org.keycloak.testsuite.broker.BrokerTestTools;
|
||||
import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.pages.LoginUpdateProfilePage;
|
||||
|
@ -88,9 +86,6 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
|
|||
@Page
|
||||
protected LoginUpdateProfilePage loginUpdateProfilePage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
@Page
|
||||
private LoginPage loginPage;
|
||||
|
||||
|
@ -551,21 +546,18 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
|
|||
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public void testAccountLinkingExpired() throws Exception {
|
||||
public void testAccountLinkingExpired() {
|
||||
RealmResource realm = adminClient.realms().realm(CHILD_IDP);
|
||||
List<FederatedIdentityRepresentation> links = realm.users().get(childUserId).getFederatedIdentity();
|
||||
Assert.assertTrue(links.isEmpty());
|
||||
|
||||
// Login to account mgmt first
|
||||
profilePage.open(CHILD_IDP);
|
||||
// Login to application first
|
||||
appPage.navigateTo();
|
||||
WaitUtils.waitForPageToLoad();
|
||||
|
||||
Assert.assertTrue(loginPage.isCurrent(CHILD_IDP));
|
||||
loginPage.login("child", "password");
|
||||
profilePage.assertCurrent();
|
||||
|
||||
// Now in another tab, request account linking
|
||||
UriBuilder linkBuilder = UriBuilder.fromUri(appPage.getInjectedUrl().toString())
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
package org.keycloak.testsuite.broker;
|
||||
|
||||
import jakarta.validation.constraints.AssertTrue;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.IdentityProviderResource;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
|
@ -35,9 +34,7 @@ import jakarta.ws.rs.client.ClientRequestFilter;
|
|||
import jakarta.ws.rs.client.WebTarget;
|
||||
import jakarta.ws.rs.core.HttpHeaders;
|
||||
import jakarta.ws.rs.core.Response;
|
||||
import java.io.IOException;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.Set;
|
||||
|
@ -99,7 +96,7 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
* Refers to in old test suite: org.keycloak.testsuite.broker.AbstractKeycloakIdentityProviderTest#testAccountManagementLinkIdentity
|
||||
*/
|
||||
@Test
|
||||
public void testAccountManagementLinkIdentity() throws URISyntaxException, IOException {
|
||||
public void testAccountManagementLinkIdentity() {
|
||||
createUser("consumer");
|
||||
TestAppHelper testAppHelper = new TestAppHelper(oauth, loginPage, appPage);
|
||||
|
||||
|
@ -156,7 +153,7 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
* Refers to in old test suite: org.keycloak.testsuite.broker.AbstractKeycloakIdentityProviderTest#testAccountManagementLinkedIdentityAlreadyExists
|
||||
*/
|
||||
@Test
|
||||
public void testAccountManagementLinkedIdentityAlreadyExists() throws URISyntaxException, IOException {
|
||||
public void testAccountManagementLinkedIdentityAlreadyExists() {
|
||||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
createUser(bc.consumerRealmName(), "consumer", "password", "FirstName", "LastName", "consumer@localhost.com");
|
||||
TestAppHelper testAppHelper = new TestAppHelper(oauth, loginPage, appPage);
|
||||
|
@ -182,11 +179,12 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
|
||||
identityProviderResource.update(idpRep);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
updatePasswordPage.updatePasswords("password", "password");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertTrue(appPage.isCurrent());
|
||||
|
||||
String username = bc.getUserLogin();
|
||||
|
||||
|
@ -228,9 +226,11 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
|
||||
Assert.assertTrue(AccountHelper.updatePassword(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin(), "password"));
|
||||
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
try {
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -282,7 +282,9 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
.get(client.getId())
|
||||
.update(ClientBuilder.edit(client).consentRequired(true).build());
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
driver.manage().timeouts().pageLoadTimeout(30, TimeUnit.MINUTES);
|
||||
|
@ -306,8 +308,9 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
@Test
|
||||
public void testDisabledUser() {
|
||||
loginUser();
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
RealmResource realm = adminClient.realm(bc.consumerRealmName());
|
||||
UserRepresentation userRep = realm.users().search(bc.getUserLogin()).get(0);
|
||||
|
@ -317,6 +320,9 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
|
||||
user.update(userRep);
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
errorPage.assertCurrent();
|
||||
assertEquals("Account is disabled, contact your administrator.", errorPage.getError());
|
||||
|
@ -369,8 +375,8 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
assertThat(currentRoles, hasItems(ROLE_MANAGER));
|
||||
assertThat(currentRoles, not(hasItems(ROLE_USER)));
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
userResource.roles().realmLevel().add(Collections.singletonList(userRole));
|
||||
|
||||
|
@ -417,11 +423,14 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
assertThat(currentRoles, hasItems(ROLE_MANAGER));
|
||||
assertThat(currentRoles, not(hasItems(ROLE_USER, ROLE_FRIENDLY_MANAGER)));
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
userResource.roles().realmLevel().add(Arrays.asList(userRole, friendlyManagerRole));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInAsUserInIDP();
|
||||
|
||||
currentRoles = consumerUserResource.roles().realmLevel().listAll().stream()
|
||||
|
@ -430,14 +439,15 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
assertThat(currentRoles, hasItems(ROLE_MANAGER, ROLE_FRIENDLY_MANAGER));
|
||||
assertThat(currentRoles, not(hasItems(ROLE_USER)));
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
}
|
||||
|
||||
// KEYCLOAK-4016
|
||||
@Test
|
||||
public void testExpiredCode() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Expire all browser cookies");
|
||||
driver.manage().deleteAllCookies();
|
||||
|
@ -448,7 +458,7 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
waitForPage(driver, "sorry", false);
|
||||
errorPage.assertCurrent();
|
||||
String link = errorPage.getBackToApplicationLink();
|
||||
Assert.assertTrue(link.endsWith("/auth/realms/consumer/account/"));
|
||||
Assert.assertTrue(link.contains("/auth/realms/" + bc.consumerRealmName() + "/app"));
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -459,7 +469,8 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(bc.getIDPAlias()));
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
|
@ -468,20 +479,28 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
totpPage.configure(totp.generateTOTP(totpSecret));
|
||||
RealmResource realm = adminClient.realm(bc.consumerRealmName());
|
||||
assertNumFederatedIdentities(realm.users().search(bc.getUserLogin()).get(0).getId(), 1);
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
setOtpTimeOffset(TimeBasedOTP.DEFAULT_INTERVAL_SECONDS, totp);
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
loginTotpPage.assertCurrent();
|
||||
loginTotpPage.login(totp.generateTOTP(totpSecret));
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
testingClient.server(bc.consumerRealmName()).run(disablePostBrokerLoginFlow(bc.getIDPAlias()));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
}
|
||||
|
||||
// KEYCLOAK-12986
|
||||
|
@ -501,7 +520,8 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
realm.update(consumerRealmRep);
|
||||
|
||||
try {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
|
@ -509,10 +529,14 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
String totpSecret = totpPage.getTotpSecret();
|
||||
totpPage.configure(totp.generateTOTP(totpSecret));
|
||||
assertNumFederatedIdentities(realm.users().search(bc.getUserLogin()).get(0).getId(), 1);
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
setOtpTimeOffset(TimeBasedOTP.DEFAULT_INTERVAL_SECONDS, totp);
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
loginTotpPage.assertCurrent();
|
||||
|
@ -535,8 +559,7 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
setOtpTimeOffset(TimeBasedOTP.DEFAULT_INTERVAL_SECONDS, totp);
|
||||
|
||||
loginTotpPage.login(totp.generateTOTP(totpSecret));
|
||||
waitForAccountManagementTitle();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
} finally {
|
||||
testingClient.server(bc.consumerRealmName()).run(disablePostBrokerLoginFlow(bc.getIDPAlias()));
|
||||
|
||||
|
@ -562,12 +585,20 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
idp.getConfig().put("backchannelSupported", "false");
|
||||
adminClient.realm(bc.consumerRealmName()).identityProviders().get(bc.getIDPAlias()).update(idp);
|
||||
Time.setOffset(2);
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
waitForPage(driver, "update account information", false);
|
||||
updateAccountInformationPage.assertCurrent();
|
||||
updateAccountInformationPage.updateAccountInformation("FirstName", "LastName");
|
||||
accountPage.logOut();
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
log.debug("Logging in");
|
||||
assertTrue(this.driver.getCurrentUrl().contains("/auth/realms/" + bc.consumerRealmName() + "/protocol/openid-connect/auth"));
|
||||
|
@ -595,23 +626,26 @@ public abstract class AbstractAdvancedBrokerTest extends AbstractBrokerTest {
|
|||
adminClient.realm(bc.consumerRealmName()).components().add(component);
|
||||
|
||||
createUser(bc.providerRealmName(), "test-user", "password", "FirstName", "LastName", "test-user@localhost.com");
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
loginPage.login("test-user", "password");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
Assert.assertTrue(AccountHelper.updatePassword(adminClient.realm(bc.consumerRealmName()), "test-user", "new-password"));
|
||||
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), "test-user");
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), "test-user");
|
||||
|
||||
createUser(bc.providerRealmName(), "test-user-noemail", "password", "FirstName", "LastName", "test-user-noemail@localhost.com");
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
|
||||
loginPage.login("test-user-noemail", "password");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
Assert.assertTrue(AccountHelper.updatePassword(adminClient.realm(bc.consumerRealmName()), "test-user-noemail", "new-password"));
|
||||
} finally {
|
||||
|
|
|
@ -22,7 +22,6 @@ import org.jboss.arquillian.graphene.page.Page;
|
|||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.common.util.Retry;
|
||||
import org.keycloak.models.utils.TimeBasedOTP;
|
||||
import org.keycloak.protocol.saml.SamlProtocol;
|
||||
|
@ -32,8 +31,6 @@ import org.keycloak.representations.idm.UserRepresentation;
|
|||
import org.keycloak.services.resources.RealmsResource;
|
||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
import org.keycloak.testsuite.pages.IdpConfirmLinkPage;
|
||||
import org.keycloak.testsuite.pages.IdpLinkEmailPage;
|
||||
|
@ -50,8 +47,8 @@ import org.keycloak.testsuite.pages.UpdateAccountInformationPage;
|
|||
import org.keycloak.testsuite.pages.VerifyEmailPage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.util.MailServer;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.openqa.selenium.TimeoutException;
|
||||
|
||||
import jakarta.ws.rs.core.Response;
|
||||
|
@ -64,7 +61,6 @@ import java.util.Objects;
|
|||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_CLIENT_ID;
|
||||
import static org.keycloak.testsuite.admin.ApiUtil.createUserWithAdminClient;
|
||||
import static org.keycloak.testsuite.admin.ApiUtil.resetUserPassword;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.USER_EMAIL;
|
||||
|
@ -78,14 +74,10 @@ import static org.keycloak.testsuite.util.ServerURLs.removeDefaultPorts;
|
|||
/**
|
||||
* No test methods there. Just some useful common functionality
|
||||
*/
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {
|
||||
|
||||
protected static final String ATTRIBUTE_VALUE = "attribute.value";
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage accountUpdateProfilePage;
|
||||
|
||||
@Page
|
||||
protected LoginPage loginPage;
|
||||
|
||||
|
@ -148,7 +140,6 @@ public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {
|
|||
|
||||
}
|
||||
|
||||
|
||||
protected void configureSMTPServer() {
|
||||
MailServer.start();
|
||||
MailServer.createEmailAccount(USER_EMAIL, "password");
|
||||
|
@ -158,7 +149,6 @@ public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {
|
|||
realm.update(master);
|
||||
}
|
||||
|
||||
|
||||
protected void removeSMTPConfiguration(RealmResource consumerRealm) {
|
||||
RealmRepresentation master = consumerRealm.toRepresentation();
|
||||
master.setSmtpServer(Collections.emptyMap());
|
||||
|
@ -200,7 +190,6 @@ public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {
|
|||
MailServer.stop();
|
||||
}
|
||||
|
||||
|
||||
protected String createUser(String username, String email) {
|
||||
UserRepresentation newUser = UserBuilder.create().username(username).email(email).enabled(true).build();
|
||||
String userId = createUserWithAdminClient(adminClient.realm(bc.consumerRealmName()), newUser);
|
||||
|
@ -208,7 +197,6 @@ public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {
|
|||
return userId;
|
||||
}
|
||||
|
||||
|
||||
protected String createUser(String username) {
|
||||
return createUser(username, USER_EMAIL);
|
||||
}
|
||||
|
@ -219,13 +207,15 @@ public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {
|
|||
}
|
||||
|
||||
protected void logInAsUserInIDP() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
logInWithBroker(bc);
|
||||
}
|
||||
|
||||
// We are re-authenticating to the IDP. Hence it is assumed that "username" field is not visible on the login form on the IDP side
|
||||
protected void logInAsUserInIDPWithReAuthenticate() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
|
@ -259,7 +249,7 @@ public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {
|
|||
|
||||
protected void logInAsUserInIDPForFirstTimeAndAssertSuccess() {
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
}
|
||||
|
||||
protected void updateAccountInformation() {
|
||||
|
@ -278,11 +268,6 @@ public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {
|
|||
return contextRoot + "/auth/realms/" + realmName + "/account";
|
||||
}
|
||||
|
||||
|
||||
protected String getAccountPasswordUrl(String contextRoot, String realmName) {
|
||||
return contextRoot + "/auth/realms/" + realmName + "/account/password";
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the login page for an existing client in provided realm
|
||||
*
|
||||
|
@ -324,7 +309,7 @@ public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {
|
|||
// Completely logout from realm and confirm logout if present
|
||||
protected void logoutFromRealm(String contextRoot, String realm, String initiatingIdp, String idTokenHint, String clientId, String redirectUri) {
|
||||
final String defaultRedirectUri = redirectUri != null ? redirectUri : getAccountUrl(contextRoot, realm);
|
||||
final String defaultClientId = (idTokenHint == null && clientId == null) ? ACCOUNT_MANAGEMENT_CLIENT_ID : clientId;
|
||||
final String defaultClientId = (idTokenHint == null && clientId == null) ? "test-app" : clientId;
|
||||
|
||||
executeLogoutFromRealm(contextRoot, realm, initiatingIdp, idTokenHint, defaultClientId, defaultRedirectUri);
|
||||
checkLogoutConfirmation(realm, idTokenHint, defaultClientId);
|
||||
|
@ -396,18 +381,6 @@ public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
protected void assertLoggedInAccountManagement() {
|
||||
assertLoggedInAccountManagement(bc.getUserLogin(), bc.getUserEmail());
|
||||
}
|
||||
|
||||
protected void assertLoggedInAccountManagement(String username, String email) {
|
||||
waitForAccountManagementTitle();
|
||||
Assert.assertTrue(accountUpdateProfilePage.isCurrent());
|
||||
Assert.assertEquals(accountUpdateProfilePage.getUsername(), username);
|
||||
Assert.assertEquals(accountUpdateProfilePage.getEmail(), email);
|
||||
}
|
||||
|
||||
protected void waitForAccountManagementTitle() {
|
||||
final String title = "Keycloak account management";
|
||||
waitForPage(driver, title, true);
|
||||
|
|
|
@ -15,14 +15,15 @@ import org.keycloak.representations.idm.RoleRepresentation;
|
|||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.pages.ConsentPage;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.keycloak.models.utils.DefaultAuthenticationFlows.IDP_REVIEW_PROFILE_CONFIG_ALIAS;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getProviderRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
|
||||
/**
|
||||
|
@ -48,18 +49,26 @@ public abstract class AbstractBrokerTest extends AbstractInitializedBaseBrokerTe
|
|||
}
|
||||
|
||||
protected void loginUser() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
updateAccountInformationPage.assertCurrent();
|
||||
Assert.assertTrue("We must be on correct realm right now",
|
||||
driver.getCurrentUrl().contains("/auth/realms/" + bc.consumerRealmName() + "/"));
|
||||
driver.getCurrentUrl().contains("/auth/realms/" + bc.consumerRealmName() + "/"));
|
||||
|
||||
log.debug("Updating info on updateAccount page");
|
||||
updateAccountInformationPage.updateAccountInformation(bc.getUserLogin(), bc.getUserEmail(), "Firstname", "Lastname");
|
||||
|
||||
UserRepresentation userRep = AccountHelper.getUserRepresentation(
|
||||
adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
userRep.setFirstName("Firstname");
|
||||
userRep.setLastName("Lastname");
|
||||
|
||||
AccountHelper.updateUser(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin(), userRep);
|
||||
|
||||
UsersResource consumerUsers = adminClient.realm(bc.consumerRealmName()).users();
|
||||
|
||||
int userCount = consumerUsers.count();
|
||||
|
@ -86,10 +95,12 @@ public abstract class AbstractBrokerTest extends AbstractInitializedBaseBrokerTe
|
|||
|
||||
Integer userCount = adminClient.realm(bc.consumerRealmName()).users().count();
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
assertEquals(accountPage.buildUri().toASCIIString().replace("master", "consumer") + "/", driver.getCurrentUrl());
|
||||
assertTrue(driver.getCurrentUrl().contains(getConsumerRoot() + "/auth/realms/master/app/"));
|
||||
assertEquals(userCount, adminClient.realm(bc.consumerRealmName()).users().count());
|
||||
}
|
||||
|
||||
|
@ -97,15 +108,17 @@ public abstract class AbstractBrokerTest extends AbstractInitializedBaseBrokerTe
|
|||
protected void testSingleLogout() {
|
||||
log.debug("Testing single log out");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getProviderRoot(), bc.providerRealmName()));
|
||||
oauth.realm(bc.consumerRealmName());
|
||||
oauth.clientId("broker-app");
|
||||
oauth.openLoginForm();
|
||||
|
||||
Assert.assertTrue("Should be logged in the account page", driver.getTitle().endsWith("Account Management"));
|
||||
Assert.assertTrue("Should be logged in", driver.getTitle().endsWith("AUTH_RESPONSE"));
|
||||
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
Assert.assertTrue("Should be on " + bc.providerRealmName() + " realm", driver.getCurrentUrl().contains("/auth/realms/" + bc.providerRealmName()));
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
Assert.assertTrue("Should be on " + bc.consumerRealmName() + " realm on login page",
|
||||
driver.getCurrentUrl().contains("/auth/realms/" + bc.consumerRealmName() + "/protocol/openid-connect/"));
|
||||
|
|
|
@ -39,7 +39,6 @@ import org.openqa.selenium.WebElement;
|
|||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
|
||||
/**
|
||||
|
@ -65,7 +64,9 @@ public abstract class AbstractDefaultIdpTest extends AbstractInitializedBaseBrok
|
|||
configureFlow(null);
|
||||
|
||||
// Navigate to the auth page
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
||||
Assert.assertTrue("Driver should be on the initial page and nothing should have happened",
|
||||
|
@ -81,7 +82,9 @@ public abstract class AbstractDefaultIdpTest extends AbstractInitializedBaseBrok
|
|||
createUser(bc.providerRealmName(), username, "password", "FirstName");
|
||||
|
||||
// Navigate to the auth page
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.providerRealmName());
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
||||
// Make sure we got redirected to the remote IdP automatically
|
||||
|
@ -97,7 +100,10 @@ public abstract class AbstractDefaultIdpTest extends AbstractInitializedBaseBrok
|
|||
createUser(bc.providerRealmName(), username, "password", "FirstName");
|
||||
|
||||
// Navigate to the auth page
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
oauth.realm(bc.consumerRealmName());
|
||||
oauth.openLoginForm();
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
||||
// Make sure we got redirected to the remote IdP automatically
|
||||
|
|
|
@ -29,6 +29,7 @@ import org.keycloak.testsuite.Assert;
|
|||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.forms.VerifyProfileTest;
|
||||
import org.keycloak.testsuite.pages.LoginPasswordUpdatePage;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.MailServer;
|
||||
import org.keycloak.testsuite.util.MailServerConfiguration;
|
||||
import org.keycloak.testsuite.util.SecondBrowser;
|
||||
|
@ -45,10 +46,8 @@ import static org.junit.Assert.assertThat;
|
|||
import static org.junit.Assert.assertTrue;
|
||||
import static org.keycloak.testsuite.broker.BrokerRunOnServerUtil.assertHardCodedSessionNote;
|
||||
import static org.keycloak.testsuite.broker.BrokerRunOnServerUtil.configureAutoLinkFlow;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_ALIAS;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.USER_EMAIL;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getProviderRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.util.MailAssert.assertEmailAndGetUrl;
|
||||
|
||||
|
@ -85,7 +84,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
public void testErrorExistingUserWithUpdateProfile() {
|
||||
createUser("consumer");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -109,7 +110,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
String existingUser = createUser("consumer");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "account already exists", false);
|
||||
|
@ -132,8 +135,7 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
}
|
||||
|
||||
loginPage.login("password");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertTrue(appPage.isCurrent());
|
||||
|
||||
assertNumFederatedIdentities(existingUser, 1);
|
||||
}
|
||||
|
@ -147,7 +149,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
String existingUser = createUser("consumer");
|
||||
String anotherUser = createUser("foobar", "foo@bar.baz");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "account already exists", false);
|
||||
|
@ -170,8 +174,7 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
}
|
||||
|
||||
loginPage.login("foobar", "password");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertTrue(appPage.isCurrent());
|
||||
|
||||
assertNumFederatedIdentities(existingUser, 0);
|
||||
assertNumFederatedIdentities(anotherUser, 1);
|
||||
|
@ -186,7 +189,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
updateExecutions(AbstractBrokerTest::disableExistingUser);
|
||||
String existingUser = createUser("consumer");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
assertEquals("Authenticate to link your account with " + bc.getIDPAlias(), loginPage.getInfoMessage());
|
||||
|
@ -204,8 +209,7 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
}
|
||||
|
||||
loginPage.login("consumer", "password");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertTrue(appPage.isCurrent());
|
||||
|
||||
assertNumFederatedIdentities(existingUser, 1);
|
||||
}
|
||||
|
@ -218,7 +222,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
String existingUser = createUser("consumer");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "account already exists", false);
|
||||
|
@ -254,7 +260,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
updateExecutions(AbstractBrokerTest::disableExistingUser);
|
||||
String existingUser = createUser("consumer");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
assertEquals("Authenticate to link your account with " + bc.getIDPAlias(), loginPage.getInfoMessage());
|
||||
|
@ -292,7 +300,8 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
providerUser.update(userResource);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
|
@ -345,8 +354,7 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
// Use correct password now
|
||||
loginPage.login("password");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
appPage.assertCurrent();
|
||||
assertNumFederatedIdentities(userId, 1);
|
||||
}
|
||||
|
||||
|
@ -374,7 +382,8 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
providerUser.update(userResource);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
|
@ -399,8 +408,7 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
this.passwordUpdatePage.assertCurrent();
|
||||
this.passwordUpdatePage.changePassword("password", "password");
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertTrue(appPage.isCurrent());
|
||||
assertNumFederatedIdentities(existingUser, 1);
|
||||
}
|
||||
|
||||
|
@ -428,7 +436,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
providerUser.update(userResource);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "account already exists", false);
|
||||
|
@ -487,7 +497,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "account already exists", false);
|
||||
|
@ -504,7 +516,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
updateExecutions(AbstractBrokerTest::enableUpdateProfileOnFirstLogin);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
Assert.assertTrue(updateAccountInformationPage.isCurrent());
|
||||
|
@ -526,7 +540,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
public void testRequiredUpdatedPassword() {
|
||||
updateExecutions(AbstractBrokerTest::enableRequirePassword);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
Assert.assertTrue(updateAccountInformationPage.isCurrent());
|
||||
|
@ -538,8 +554,8 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
waitForPage(driver, "update password", false);
|
||||
updatePasswordPage.updatePasswords("password", "password");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
Assert.assertTrue(appPage.isCurrent());
|
||||
}
|
||||
|
||||
|
||||
|
@ -556,7 +572,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
consumerUser.setEmail(bc.getUserEmail());
|
||||
userResource.update(consumerUser);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -580,12 +598,12 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
waitForPage(driver, "update account information", false);
|
||||
Assert.assertTrue(updateAccountInformationPage.isCurrent());
|
||||
updateAccountInformationPage.updateAccountInformation("test", "test@localhost.com", "FirstName", "LastName");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertEquals("FirstName", accountUpdateProfilePage.getFirstName());
|
||||
Assert.assertEquals("LastName", accountUpdateProfilePage.getLastName());
|
||||
Assert.assertEquals("test@localhost.com", accountUpdateProfilePage.getEmail());
|
||||
Assert.assertEquals("test", accountUpdateProfilePage.getUsername());
|
||||
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.consumerRealmName()), "test");
|
||||
|
||||
Assert.assertEquals("FirstName", userRepresentation.getFirstName());
|
||||
Assert.assertEquals("LastName", userRepresentation.getLastName());
|
||||
Assert.assertEquals("test@localhost.com", userRepresentation.getEmail());
|
||||
}
|
||||
|
||||
|
||||
|
@ -613,7 +631,8 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
Response response = idpResource.addMapper(hardCodedSessionNoteMapper);
|
||||
response.close();
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
|
@ -621,8 +640,6 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
updateAccountInformationPage.assertCurrent();
|
||||
updateAccountInformationPage.updateAccountInformation("FirstName", "LastName");
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
testingClient.server().run(assertHardCodedSessionNote());
|
||||
}
|
||||
|
||||
|
@ -640,7 +657,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
realmRep.setRegistrationEmailAsUsername(true);
|
||||
realm.update(realmRep);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
Assert.assertTrue(updateAccountInformationPage.isCurrent());
|
||||
|
@ -655,8 +674,6 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
}
|
||||
|
||||
updateAccountInformationPage.updateAccountInformation("test@redhat.com", "FirstName", "LastName");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
assertEquals(1, realm.users().search("test@redhat.com").size());
|
||||
}
|
||||
|
@ -673,7 +690,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
String linkedUserId = createUser("consumer");
|
||||
|
||||
//test
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -695,7 +714,7 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
driver.navigate().to(url);
|
||||
|
||||
//test if user is logged in
|
||||
assertEquals(accountPage.buildUri().toASCIIString().replace("master", "consumer") + "/", driver.getCurrentUrl());
|
||||
assertTrue(driver.getCurrentUrl().startsWith(getConsumerRoot() + "/auth/realms/master/app/"));
|
||||
|
||||
//test if the user has verified email
|
||||
assertTrue(realm.users().get(linkedUserId).toRepresentation().isEmailVerified());
|
||||
|
@ -722,7 +741,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
configureSMTPServer();
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -735,8 +756,6 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
"verify your email address", false);
|
||||
|
||||
driver.navigate().to(verificationUrl.trim());
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
}
|
||||
|
||||
|
||||
|
@ -756,7 +775,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
createUser(bc.providerRealmName(), "no-email", "password", "FirstName", "LastName", null);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -765,9 +786,6 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
log.debug("Logging in");
|
||||
loginPage.login("no-email", "password");
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
List<UserRepresentation> users = realm.users().search("no-email");
|
||||
assertEquals(1, users.size());
|
||||
List<String> requiredActions = users.get(0).getRequiredActions();
|
||||
|
@ -795,16 +813,15 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
identityProviderResource.update(idpRep);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
updateAccountInformationPage.assertCurrent();
|
||||
updateAccountInformationPage.updateAccountInformation("FirstName", "LastName");
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
List<UserRepresentation> users = realm.users().search(bc.getUserLogin());
|
||||
assertEquals(1, users.size());
|
||||
List<String> requiredActions = users.get(0).getRequiredActions();
|
||||
|
@ -832,7 +849,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
configureSMTPServer();
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -845,8 +864,6 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
"verify your email address", false);
|
||||
|
||||
driver.navigate().to(verificationUrl.trim());
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
List<UserRepresentation> users = realm.users().search(bc.getUserLogin());
|
||||
assertEquals(1, users.size());
|
||||
|
@ -869,7 +886,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
userResource.update(consumerUser);
|
||||
configureSMTPServer();
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
//link account by email
|
||||
|
@ -885,13 +904,13 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
"Someone wants to link your ", false);
|
||||
driver.navigate().to(url);
|
||||
//test if user is logged in
|
||||
assertEquals(accountPage.buildUri().toASCIIString().replace("master", "consumer") + "/", driver.getCurrentUrl());
|
||||
assertTrue(driver.getCurrentUrl().startsWith(getConsumerRoot() + "/auth/realms/master/app/"));
|
||||
//test if the user has verified email
|
||||
assertTrue(adminClient.realm(bc.consumerRealmName()).users().get(consumerUser.getId()).toRepresentation().isEmailVerified());
|
||||
|
||||
driver.navigate().to(url);
|
||||
waitForPage(driver, "you are already logged in.", false);
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), "consumer");
|
||||
|
||||
driver.navigate().to(url);
|
||||
waitForPage(driver, "confirm linking the account testuser of identity provider " + bc.getIDPAlias() + " with your account.", false);
|
||||
|
@ -914,7 +933,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
userResource.update(consumerUser);
|
||||
configureSMTPServer();
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
//link account by email
|
||||
|
@ -987,7 +1008,10 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
updateExecutions(AbstractBrokerTest::setUpMissingUpdateProfileOnFirstLogin);
|
||||
|
||||
createUser(bc.providerRealmName(), "no-first-name", "password", null, "LastName", "no-first-name@localhost.com");
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -1000,33 +1024,37 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
updateAccountInformationPage.assertCurrent();
|
||||
updateAccountInformationPage.updateAccountInformation("FirstName", "LastName");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertEquals("FirstName", accountUpdateProfilePage.getFirstName());
|
||||
Assert.assertEquals("LastName", accountUpdateProfilePage.getLastName());
|
||||
Assert.assertEquals("no-first-name@localhost.com", accountUpdateProfilePage.getEmail());
|
||||
Assert.assertEquals("no-first-name", accountUpdateProfilePage.getUsername());
|
||||
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.consumerRealmName()), "no-first-name");
|
||||
|
||||
Assert.assertEquals("FirstName", userRepresentation.getFirstName());
|
||||
Assert.assertEquals("LastName", userRepresentation.getLastName());
|
||||
Assert.assertEquals("no-first-name@localhost.com", userRepresentation.getEmail());
|
||||
|
||||
RealmRepresentation consumerRealmRep = adminClient.realm(bc.consumerRealmName()).toRepresentation();
|
||||
|
||||
events.expectAccount(EventType.IDENTITY_PROVIDER_FIRST_LOGIN).realm(consumerRealmRep).user((String)null)
|
||||
events.expectAccount(EventType.IDENTITY_PROVIDER_FIRST_LOGIN).client("broker-app")
|
||||
.realm(consumerRealmRep).user((String)null)
|
||||
.detail(Details.IDENTITY_PROVIDER, bc.getIDPAlias())
|
||||
.detail(Details.IDENTITY_PROVIDER_USERNAME, "no-first-name")
|
||||
.assertEvent(getFirstConsumerEvent());
|
||||
|
||||
events.expectAccount(EventType.UPDATE_PROFILE).realm(consumerRealmRep).user((String)null)
|
||||
events.expectAccount(EventType.UPDATE_PROFILE).client("broker-app")
|
||||
.realm(consumerRealmRep).user((String)null)
|
||||
.detail(Details.CONTEXT, UserProfileContext.IDP_REVIEW.name())
|
||||
.assertEvent(getFirstConsumerEvent());
|
||||
|
||||
events.expectAccount(EventType.REGISTER).realm(consumerRealmRep).user(Matchers.any(String.class)).session((String) null)
|
||||
events.expectAccount(EventType.REGISTER).client("broker-app")
|
||||
.realm(consumerRealmRep).user(Matchers.any(String.class)).session((String) null)
|
||||
.detail(Details.IDENTITY_PROVIDER_USERNAME, "no-first-name")
|
||||
.detail(Details.REGISTER_METHOD, "broker")
|
||||
.assertEvent(getFirstConsumerEvent());
|
||||
|
||||
events.expectAccount(EventType.LOGIN).realm(consumerRealmRep).user(Matchers.any(String.class)).session(Matchers.any(String.class))
|
||||
.detail(Details.IDENTITY_PROVIDER_USERNAME, "no-first-name")
|
||||
.detail(Details.IDENTITY_PROVIDER, bc.getIDPAlias())
|
||||
.assertEvent(getFirstConsumerEvent());
|
||||
events.expectAccount(EventType.LOGIN).client("broker-app")
|
||||
.realm(consumerRealmRep).user(Matchers.any(String.class)).session(Matchers.any(String.class))
|
||||
.detail(Details.IDENTITY_PROVIDER_USERNAME, "no-first-name")
|
||||
.detail(Details.IDENTITY_PROVIDER, bc.getIDPAlias())
|
||||
.assertEvent(getFirstConsumerEvent());
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -1034,7 +1062,10 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
updateExecutions(AbstractBrokerTest::setUpMissingUpdateProfileOnFirstLogin);
|
||||
|
||||
createUser(bc.providerRealmName(), "no-first-name", "password", null, "LastName", "no-first-name@localhost.com");
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -1047,37 +1078,43 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
updateAccountInformationPage.assertCurrent();
|
||||
updateAccountInformationPage.updateAccountInformation("new-email@localhost.com","FirstName", "LastName");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertEquals("FirstName", accountUpdateProfilePage.getFirstName());
|
||||
Assert.assertEquals("LastName", accountUpdateProfilePage.getLastName());
|
||||
Assert.assertEquals("new-email@localhost.com", accountUpdateProfilePage.getEmail());
|
||||
Assert.assertEquals("no-first-name", accountUpdateProfilePage.getUsername());
|
||||
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.consumerRealmName()), "no-first-name");
|
||||
|
||||
Assert.assertEquals("FirstName", userRepresentation.getFirstName());
|
||||
Assert.assertEquals("LastName", userRepresentation.getLastName());
|
||||
Assert.assertEquals("new-email@localhost.com", userRepresentation.getEmail());
|
||||
Assert.assertEquals("no-first-name", userRepresentation.getUsername());
|
||||
|
||||
RealmRepresentation consumerRealmRep = adminClient.realm(bc.consumerRealmName()).toRepresentation();
|
||||
|
||||
events.expectAccount(EventType.IDENTITY_PROVIDER_FIRST_LOGIN).realm(consumerRealmRep).user((String)null)
|
||||
events.expectAccount(EventType.IDENTITY_PROVIDER_FIRST_LOGIN).client("broker-app")
|
||||
.realm(consumerRealmRep).user((String)null)
|
||||
.detail(Details.IDENTITY_PROVIDER, bc.getIDPAlias())
|
||||
.detail(Details.IDENTITY_PROVIDER_USERNAME, "no-first-name")
|
||||
.assertEvent(getFirstConsumerEvent());
|
||||
|
||||
events.expectAccount(EventType.UPDATE_PROFILE).realm(consumerRealmRep).user((String)null)
|
||||
events.expectAccount(EventType.UPDATE_PROFILE).client("broker-app")
|
||||
.realm(consumerRealmRep).user((String)null)
|
||||
.detail(Details.CONTEXT, UserProfileContext.IDP_REVIEW.name())
|
||||
.assertEvent(getFirstConsumerEvent());
|
||||
|
||||
events.expectAccount(EventType.UPDATE_EMAIL).realm(consumerRealmRep).user((String)null).session((String) null)
|
||||
events.expectAccount(EventType.UPDATE_EMAIL).client("broker-app")
|
||||
.realm(consumerRealmRep).user((String)null).session((String) null)
|
||||
.detail(Details.CONTEXT, UserProfileContext.IDP_REVIEW.name())
|
||||
.detail(Details.IDENTITY_PROVIDER_USERNAME, "no-first-name")
|
||||
.detail(Details.PREVIOUS_EMAIL, "no-first-name@localhost.com")
|
||||
.detail(Details.UPDATED_EMAIL, "new-email@localhost.com")
|
||||
.assertEvent(getFirstConsumerEvent());
|
||||
|
||||
events.expectAccount(EventType.REGISTER).realm(consumerRealmRep).user(Matchers.any(String.class)).session((String) null)
|
||||
events.expectAccount(EventType.REGISTER).client("broker-app")
|
||||
.realm(consumerRealmRep).user(Matchers.any(String.class)).session((String) null)
|
||||
.detail(Details.IDENTITY_PROVIDER_USERNAME, "no-first-name")
|
||||
.detail(Details.REGISTER_METHOD, "broker")
|
||||
.assertEvent(events.poll());
|
||||
|
||||
events.expectAccount(EventType.LOGIN).realm(consumerRealmRep).user(Matchers.any(String.class)).session(Matchers.any(String.class))
|
||||
events.expectAccount(EventType.LOGIN).client("broker-app")
|
||||
.realm(consumerRealmRep).user(Matchers.any(String.class)).session(Matchers.any(String.class))
|
||||
.detail(Details.IDENTITY_PROVIDER_USERNAME, "no-first-name")
|
||||
.detail(Details.IDENTITY_PROVIDER, bc.getIDPAlias())
|
||||
.assertEvent(events.poll());
|
||||
|
@ -1100,7 +1137,10 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
updateExecutions(AbstractBrokerTest::setUpMissingUpdateProfileOnFirstLogin);
|
||||
|
||||
createUser(bc.providerRealmName(), "no-first-name", "password", null, "LastName", "no-first-name@localhost.com");
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -1113,17 +1153,20 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
|
||||
updateAccountInformationPage.assertCurrent();
|
||||
updateAccountInformationPage.updateAccountInformation("FirstName", "LastName");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertEquals("FirstName", accountUpdateProfilePage.getFirstName());
|
||||
Assert.assertEquals("LastName", accountUpdateProfilePage.getLastName());
|
||||
Assert.assertEquals("no-first-name@localhost.com", accountUpdateProfilePage.getEmail());
|
||||
Assert.assertEquals("no-first-name", accountUpdateProfilePage.getUsername());
|
||||
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.consumerRealmName()), "no-first-name");
|
||||
|
||||
Assert.assertEquals("FirstName", userRepresentation.getFirstName());
|
||||
Assert.assertEquals("LastName", userRepresentation.getLastName());
|
||||
Assert.assertEquals("no-first-name@localhost.com", userRepresentation.getEmail());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), "no-first-name");
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), "no-first-name");
|
||||
createUser(bc.providerRealmName(), "no-last-name", "password", "FirstName", null, "no-last-name@localhost.com");
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -1135,17 +1178,21 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
waitForPage(driver, "update account information", false);
|
||||
updateAccountInformationPage.assertCurrent();
|
||||
updateAccountInformationPage.updateAccountInformation("FirstName", "LastName");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertEquals("FirstName", accountUpdateProfilePage.getFirstName());
|
||||
Assert.assertEquals("LastName", accountUpdateProfilePage.getLastName());
|
||||
Assert.assertEquals("no-last-name@localhost.com", accountUpdateProfilePage.getEmail());
|
||||
Assert.assertEquals("no-last-name", accountUpdateProfilePage.getUsername());
|
||||
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.consumerRealmName()), "no-last-name");
|
||||
|
||||
Assert.assertEquals("FirstName", userRepresentation.getFirstName());
|
||||
Assert.assertEquals("LastName", userRepresentation.getLastName());
|
||||
Assert.assertEquals("no-last-name@localhost.com", userRepresentation.getEmail());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), "no-last-name");
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), "no-last-name");
|
||||
|
||||
createUser(bc.providerRealmName(), "no-email", "password", "FirstName", "LastName", null);
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -1158,14 +1205,12 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
updateAccountInformationPage.assertCurrent();
|
||||
updateAccountInformationPage.updateAccountInformation("no-email@localhost.com", "FirstName", "LastName");
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertEquals("FirstName", accountUpdateProfilePage.getFirstName());
|
||||
Assert.assertEquals("LastName", accountUpdateProfilePage.getLastName());
|
||||
Assert.assertEquals("no-email@localhost.com", accountUpdateProfilePage.getEmail());
|
||||
Assert.assertEquals("no-email", accountUpdateProfilePage.getUsername());
|
||||
}
|
||||
userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.consumerRealmName()), "no-email");
|
||||
|
||||
Assert.assertEquals("FirstName", userRepresentation.getFirstName());
|
||||
Assert.assertEquals("LastName", userRepresentation.getLastName());
|
||||
Assert.assertEquals("no-email@localhost.com", userRepresentation.getEmail());
|
||||
}
|
||||
|
||||
/**
|
||||
* Refers to in old test suite: org.keycloak.testsuite.broker.AbstractKeycloakIdentityProviderTest.testSuccessfulAuthenticationUpdateProfileOnMissing_nothingMissing
|
||||
|
@ -1175,7 +1220,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
updateExecutions(AbstractBrokerTest::setUpMissingUpdateProfileOnFirstLogin);
|
||||
createUser(bc.providerRealmName(), "all-info-set", "password", "FirstName", "LastName", "all-info-set@localhost.com");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -1184,12 +1231,11 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
log.debug("Logging in");
|
||||
loginPage.login("all-info-set", "password");
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertEquals("FirstName", accountUpdateProfilePage.getFirstName());
|
||||
Assert.assertEquals("LastName", accountUpdateProfilePage.getLastName());
|
||||
Assert.assertEquals("all-info-set@localhost.com", accountUpdateProfilePage.getEmail());
|
||||
Assert.assertEquals("all-info-set", accountUpdateProfilePage.getUsername());
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.providerRealmName()), "all-info-set");
|
||||
|
||||
Assert.assertEquals("FirstName", userRepresentation.getFirstName());
|
||||
Assert.assertEquals("LastName", userRepresentation.getLastName());
|
||||
Assert.assertEquals("all-info-set@localhost.com", userRepresentation.getEmail());
|
||||
}
|
||||
|
||||
|
||||
|
@ -1200,14 +1246,16 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
public void testWithoutUpdateProfile() {
|
||||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertEquals("", accountUpdateProfilePage.getFirstName());
|
||||
Assert.assertEquals("", accountUpdateProfilePage.getLastName());
|
||||
Assert.assertEquals(bc.getUserEmail(), accountUpdateProfilePage.getEmail());
|
||||
Assert.assertEquals(bc.getUserLogin(), accountUpdateProfilePage.getUsername());
|
||||
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
Assert.assertNull(userRepresentation.getFirstName());
|
||||
Assert.assertNull(userRepresentation.getLastName());
|
||||
Assert.assertEquals(bc.getUserEmail(), userRepresentation.getEmail());
|
||||
}
|
||||
|
||||
|
||||
|
@ -1219,7 +1267,9 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
public void testAutoLinkAccountWithBroker() {
|
||||
testingClient.server(bc.consumerRealmName()).run(configureAutoLinkFlow(bc.getIDPAlias()));
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
RealmResource realm = adminClient.realm(bc.consumerRealmName());
|
||||
|
@ -1227,4 +1277,4 @@ public abstract class AbstractFirstBrokerLoginTest extends AbstractInitializedBa
|
|||
assertNumFederatedIdentities(realm.users().search(bc.getUserLogin()).get(0).getId(), 1);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
|
@ -19,6 +19,7 @@ package org.keycloak.testsuite.broker;
|
|||
|
||||
import static org.keycloak.models.IdentityProviderMapperSyncMode.IMPORT;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import org.keycloak.models.IdentityProviderMapperSyncMode;
|
||||
|
@ -55,7 +56,13 @@ public abstract class AbstractGroupBrokerMapperTest extends AbstractGroupMapperT
|
|||
|
||||
public UserRepresentation createMapperAndLoginAsUserTwiceWithMapper(IdentityProviderMapperSyncMode syncMode,
|
||||
boolean createAfterFirstLogin, String groupPath) {
|
||||
return loginAsUserTwiceWithMapper(syncMode, createAfterFirstLogin, createMatchingAttributes(), groupPath);
|
||||
UserRepresentation user = null;
|
||||
|
||||
try {
|
||||
user = loginAsUserTwiceWithMapper(syncMode, createAfterFirstLogin, createMatchingAttributes(), groupPath);
|
||||
} catch (IOException e) {}
|
||||
|
||||
return user;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,10 +5,9 @@ import static org.hamcrest.Matchers.contains;
|
|||
import static org.hamcrest.Matchers.empty;
|
||||
import static org.hamcrest.Matchers.equalTo;
|
||||
import static org.hamcrest.Matchers.not;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
import org.junit.Assert;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.CreatedResponseUtil;
|
||||
import org.keycloak.broker.provider.ConfigConstants;
|
||||
import org.keycloak.models.IdentityProviderMapperSyncMode;
|
||||
|
@ -18,11 +17,13 @@ import org.keycloak.representations.idm.IdentityProviderMapperRepresentation;
|
|||
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import jakarta.ws.rs.core.Response;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:artur.baltabayev@bosch.io">Artur Baltabayev</a>,
|
||||
|
@ -62,7 +63,7 @@ public abstract class AbstractGroupMapperTest extends AbstractIdentityProviderMa
|
|||
|
||||
protected UserRepresentation loginAsUserTwiceWithMapper(
|
||||
IdentityProviderMapperSyncMode syncMode, boolean createAfterFirstLogin,
|
||||
Map<String, List<String>> userConfig, String groupPath) {
|
||||
Map<String, List<String>> userConfig, String groupPath) throws IOException {
|
||||
final IdentityProviderRepresentation idp = setupIdentityProvider();
|
||||
if (!createAfterFirstLogin) {
|
||||
createMapperInIdp(idp, syncMode, groupPath);
|
||||
|
@ -81,12 +82,12 @@ public abstract class AbstractGroupMapperTest extends AbstractIdentityProviderMa
|
|||
if (createAfterFirstLogin) {
|
||||
createMapperInIdp(idp, syncMode, groupPath);
|
||||
}
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
updateUser();
|
||||
|
||||
logInAsUserInIDP();
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
|
||||
user = findUser(bc.consumerRealmName(), bc.getUserLogin(), bc.getUserEmail());
|
||||
return user;
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
package org.keycloak.testsuite.broker;
|
||||
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
|
||||
import org.junit.After;
|
||||
|
@ -29,7 +28,9 @@ public abstract class AbstractNestedBrokerTest extends AbstractBaseBrokerTest {
|
|||
|
||||
/** Logs in subconsumer realm via consumer IDP via provider IDP and updates account information */
|
||||
protected void logInAsUserInNestedIDPForFirstTime() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), nbc.subConsumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(nbc.subConsumerRealmName());
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
log.debug("Clicking social " + nbc.getSubConsumerIDPDisplayName());
|
||||
loginPage.clickSocial(nbc.getSubConsumerIDPDisplayName());
|
||||
|
|
|
@ -9,7 +9,6 @@ import static org.hamcrest.Matchers.hasSize;
|
|||
import static org.hamcrest.Matchers.in;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.Matchers.not;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
import org.hamcrest.Matchers;
|
||||
import org.junit.Before;
|
||||
|
@ -25,9 +24,11 @@ import org.keycloak.representations.idm.ClientRepresentation;
|
|||
import org.keycloak.representations.idm.IdentityProviderMapperRepresentation;
|
||||
import org.keycloak.representations.idm.RoleRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.RoleBuilder;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
@ -77,7 +78,7 @@ public abstract class AbstractRoleMapperTest extends AbstractIdentityProviderMap
|
|||
}
|
||||
|
||||
@Test
|
||||
public void tryToCreateBrokeredUserWithNonExistingClientRoleDoesNotBreakLogin() {
|
||||
public void tryToCreateBrokeredUserWithNonExistingClientRoleDoesNotBreakLogin() throws IOException {
|
||||
String clientRoleStringWithMissingRole = createClientRoleString(CLIENT_ID, "does-not-exist");
|
||||
setup(clientRoleStringWithMissingRole);
|
||||
|
||||
|
@ -88,7 +89,7 @@ public abstract class AbstractRoleMapperTest extends AbstractIdentityProviderMap
|
|||
* This test checks that the mapper can also be applied to realm roles (other tests mostly use client roles).
|
||||
*/
|
||||
@Test
|
||||
public void mapperCanBeAppliedToRealmRoles() {
|
||||
public void mapperCanBeAppliedToRealmRoles() throws IOException {
|
||||
setup(REALM_ROLE);
|
||||
|
||||
logInAsUserInIDPForFirstTimeAndAssertSuccess();
|
||||
|
@ -97,7 +98,7 @@ public abstract class AbstractRoleMapperTest extends AbstractIdentityProviderMap
|
|||
}
|
||||
|
||||
@Test
|
||||
public void mapperStillWorksWhenClientRoleIsRenamed() {
|
||||
public void mapperStillWorksWhenClientRoleIsRenamed() throws IOException {
|
||||
setup(CLIENT_ROLE_MAPPER_REPRESENTATION);
|
||||
|
||||
String newRoleName = "new-name-" + CLIENT_ROLE;
|
||||
|
@ -116,7 +117,7 @@ public abstract class AbstractRoleMapperTest extends AbstractIdentityProviderMap
|
|||
}
|
||||
|
||||
@Test
|
||||
public void mapperStillWorksWhenClientIdIsChanged() {
|
||||
public void mapperStillWorksWhenClientIdIsChanged() throws IOException {
|
||||
setup(CLIENT_ROLE_MAPPER_REPRESENTATION);
|
||||
|
||||
String newClientId = "new-name-" + CLIENT_ID;
|
||||
|
@ -129,13 +130,15 @@ public abstract class AbstractRoleMapperTest extends AbstractIdentityProviderMap
|
|||
// mapper(s) should have been updated to the new client role name
|
||||
assertMappersAreConfiguredWithRole(expectedNewClientRoleName);
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
logInAsUserInIDPForFirstTimeAndAssertSuccess();
|
||||
|
||||
assertThatRoleHasBeenAssignedInConsumerRealm(newClientId, CLIENT_ROLE);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void mapperStillWorksWhenRealmRoleIsRenamed() {
|
||||
public void mapperStillWorksWhenRealmRoleIsRenamed() throws IOException {
|
||||
setup(REALM_ROLE);
|
||||
|
||||
String newRoleName = "new-name-" + REALM_ROLE;
|
||||
|
@ -196,7 +199,8 @@ public abstract class AbstractRoleMapperTest extends AbstractIdentityProviderMap
|
|||
if (createAfterFirstLogin) {
|
||||
createMapperInIdp(syncMode, CLIENT_ROLE_MAPPER_REPRESENTATION);
|
||||
}
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
updateUser();
|
||||
|
||||
|
@ -222,7 +226,7 @@ public abstract class AbstractRoleMapperTest extends AbstractIdentityProviderMap
|
|||
userResource.roles().realmLevel().add(Collections.singletonList(role));
|
||||
}
|
||||
|
||||
private void assertLoginSucceedsWithoutRoleAssignment() {
|
||||
private void assertLoginSucceedsWithoutRoleAssignment() throws IOException {
|
||||
logInAsUserInIDPForFirstTimeAndAssertSuccess();
|
||||
|
||||
assertThatNoRolesHaveBeenAssignedInConsumerRealm();
|
||||
|
|
|
@ -7,7 +7,6 @@ import org.openqa.selenium.JavascriptExecutor;
|
|||
import org.openqa.selenium.WebElement;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
|
||||
/**
|
||||
|
@ -21,7 +20,9 @@ public abstract class AbstractSamlLoginHintTest extends AbstractInitializedBaseB
|
|||
String username = "all-info-set@localhost.com";
|
||||
createUser(bc.providerRealmName(), username, "password");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
addLoginHintOnSocialButton(username);
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
|
@ -43,7 +44,9 @@ public abstract class AbstractSamlLoginHintTest extends AbstractInitializedBaseB
|
|||
String username = "all-info-set@localhost.com";
|
||||
createUser(bc.providerRealmName(), username, "password", "FirstName");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
addLoginHintOnSocialButton("");
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
|
|
|
@ -5,7 +5,6 @@ import static org.hamcrest.Matchers.equalTo;
|
|||
import static org.hamcrest.Matchers.notNullValue;
|
||||
import static org.hamcrest.Matchers.nullValue;
|
||||
import static org.junit.Assert.assertThat;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.KcSamlBrokerConfiguration.ATTRIBUTE_TO_MAP_FRIENDLY_NAME;
|
||||
|
||||
import java.util.List;
|
||||
|
@ -23,6 +22,7 @@ import org.keycloak.representations.idm.UserRepresentation;
|
|||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -109,7 +109,8 @@ public abstract class AbstractUserAttributeMapperTest extends AbstractIdentityPr
|
|||
|
||||
assertUserAttributes(initialUserAttributes, userRep);
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
// update user in provider realm
|
||||
UserRepresentation userRepProvider = findUser(bc.providerRealmName(), bc.getUserLogin(), email);
|
||||
|
|
|
@ -4,7 +4,6 @@ import static org.hamcrest.Matchers.is;
|
|||
import static org.junit.Assert.assertThat;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.KcOidcBrokerConfiguration.ATTRIBUTE_TO_MAP_NAME;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
|
@ -16,6 +15,7 @@ import org.keycloak.testsuite.Assert;
|
|||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:external.martin.idel@bosch.io">Martin Idel</a>,
|
||||
|
@ -63,7 +63,8 @@ public abstract class AbstractUsernameTemplateMapperTest extends AbstractIdentit
|
|||
String mappedUserName = String.format(getMapperTemplate(), userName);
|
||||
findUser(bc.consumerRealmName(), mappedUserName, bc.getUserEmail());
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), mappedUserName);
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
updateUser(updatedUserName);
|
||||
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
|
||||
package org.keycloak.testsuite.broker;
|
||||
|
||||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.admin.client.resource.UserResource;
|
||||
|
@ -25,6 +26,7 @@ import org.keycloak.representations.idm.FederatedIdentityRepresentation;
|
|||
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.broker.oidc.LegacyIdIdentityProviderFactory;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.FederatedIdentityBuilder;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
|
@ -33,8 +35,6 @@ import java.util.List;
|
|||
import static org.junit.Assert.assertEquals;
|
||||
import static org.keycloak.testsuite.admin.ApiUtil.createUserWithAdminClient;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_ALIAS;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getProviderRoot;
|
||||
import static org.keycloak.testsuite.broker.oidc.LegacyIdIdentityProvider.LEGACY_ID;
|
||||
|
||||
/**
|
||||
|
@ -86,15 +86,14 @@ public class BrokerWithLegacyIdTest extends AbstractInitializedBaseBrokerTest {
|
|||
logInAsUserInIDP();
|
||||
// id should be migrated to new one
|
||||
assertEquals(userId, getFederatedIdentity().getUserId());
|
||||
assertLoggedInAccountManagement(consumerUser.getUsername(), consumerUser.getEmail());
|
||||
appPage.assertCurrent();
|
||||
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
// try to login again to double check the new ID works
|
||||
logInAsUserInIDP();
|
||||
assertEquals(userId, getFederatedIdentity().getUserId());
|
||||
assertLoggedInAccountManagement(consumerUser.getUsername(), consumerUser.getEmail());
|
||||
appPage.assertCurrent();
|
||||
}
|
||||
|
||||
private FederatedIdentityRepresentation getFederatedIdentity() {
|
||||
|
|
|
@ -5,7 +5,6 @@ import static org.hamcrest.Matchers.not;
|
|||
import static org.junit.Assert.assertThat;
|
||||
import static org.keycloak.models.IdentityProviderMapperSyncMode.FORCE;
|
||||
import static org.keycloak.models.IdentityProviderMapperSyncMode.IMPORT;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
import java.util.HashMap;
|
||||
|
||||
|
@ -19,6 +18,7 @@ import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
|||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
|
||||
/**
|
||||
* <a href="mailto:external.martin.idel@bosch.io">Martin Idel</a>,
|
||||
|
@ -88,7 +88,7 @@ public class HardcodedUserAttributeMapperTest extends AbstractIdentityProviderMa
|
|||
if (createAfterFirstLogin) {
|
||||
createMapperInIdp(idp, syncMode);
|
||||
}
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
if (user.getAttributes() != null) {
|
||||
user.setAttributes(new HashMap<>());
|
||||
|
|
|
@ -14,6 +14,7 @@ import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
|||
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.social.github.GitHubUserAttributeMapper;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
|
||||
import java.util.HashMap;
|
||||
|
||||
|
@ -27,7 +28,6 @@ import static org.keycloak.models.IdentityProviderMapperSyncMode.LEGACY;
|
|||
import static org.keycloak.testsuite.broker.KcOidcBrokerConfiguration.HARDOCDED_CLAIM;
|
||||
import static org.keycloak.testsuite.broker.KcOidcBrokerConfiguration.HARDOCDED_VALUE;
|
||||
import static org.keycloak.testsuite.broker.KcOidcBrokerConfiguration.USER_INFO_CLAIM;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:external.martin.idel@bosch.io">Martin Idel</a>
|
||||
|
@ -115,7 +115,7 @@ public class JsonUserAttributeMapperTest extends AbstractIdentityProviderMapperT
|
|||
if (createAfterFirstLogin) {
|
||||
createGithubProviderMapper(idp, syncMode);
|
||||
}
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
if (!createAfterFirstLogin) {
|
||||
updateClaimSentToIDP(claim, updatedValue);
|
||||
|
|
|
@ -18,7 +18,6 @@ package org.keycloak.testsuite.broker;
|
|||
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_ALIAS;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.createIdentityProvider;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.keycloak.models.IdentityProviderSyncMode;
|
||||
|
@ -51,7 +50,8 @@ public class KcCustomOidcBrokerTest extends AbstractInitializedBaseBrokerTest {
|
|||
|
||||
@Test
|
||||
public void testCustomDisplayIcon() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
assertThat(driver.getPageSource(), containsString("my-custom-idp-icon"));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -45,6 +45,7 @@ import org.keycloak.testsuite.Assert;
|
|||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.client.resources.TestingCacheResource;
|
||||
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
@ -105,9 +106,9 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
|
||||
// Check that user is able to login
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
// Rotate public keys on the parent broker
|
||||
rotateKeys(Algorithm.RS256, "rsa-generated");
|
||||
|
@ -116,13 +117,13 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
logInAsUserInIDP();
|
||||
assertErrorPage("Unexpected error when authenticating with identity provider");
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
// Set time offset. New keys can be downloaded. Check that user is able to login.
|
||||
setTimeOffset(20);
|
||||
|
||||
logInAsUserInIDPWithReAuthenticate();
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
}
|
||||
|
||||
// Configure OIDC identity provider with JWKS URL and validateSignature=true
|
||||
|
@ -153,9 +154,9 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
|
||||
// Check that user is able to login
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
// Rotate public keys on the parent broker
|
||||
rotateKeys(Algorithm.RS256, "rsa-generated");
|
||||
|
@ -164,7 +165,7 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
logInAsUserInIDP();
|
||||
assertErrorPage("Unexpected error when authenticating with identity provider");
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
// Even after time offset is user not able to login, because it uses old key hardcoded in identityProvider config
|
||||
setTimeOffset(20);
|
||||
|
@ -193,11 +194,11 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
.update()) {
|
||||
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
appPage.assertCurrent();
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
logInAsUserInIDP();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -221,11 +222,11 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
.update()) {
|
||||
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
appPage.assertCurrent();
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
logInAsUserInIDP();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -248,11 +249,11 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
.update()) {
|
||||
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
appPage.assertCurrent();
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
logInAsUserInIDP();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -272,9 +273,9 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
|
||||
// Check that user is able to login
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
// Set key id to an invalid one
|
||||
cfg.setPublicKeySignatureVerifierKeyId("invalid-key-id");
|
||||
|
@ -287,22 +288,22 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
cfg.setPublicKeySignatureVerifierKeyId(expectedKeyId);
|
||||
updateIdentityProvider(idpRep);
|
||||
logInAsUserInIDPWithReAuthenticate();
|
||||
assertLoggedInAccountManagement();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
appPage.assertCurrent();
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
// Set key id to empty
|
||||
cfg.setPublicKeySignatureVerifierKeyId("");
|
||||
updateIdentityProvider(idpRep);
|
||||
logInAsUserInIDP();
|
||||
assertLoggedInAccountManagement();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
appPage.assertCurrent();
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
// Unset key id
|
||||
cfg.setPublicKeySignatureVerifierKeyId(null);
|
||||
updateIdentityProvider(idpRep);
|
||||
logInAsUserInIDP();
|
||||
assertLoggedInAccountManagement();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
appPage.assertCurrent();
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
}
|
||||
|
||||
|
||||
|
@ -315,7 +316,7 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
|
||||
// Check that user is able to login
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
|
||||
|
@ -342,9 +343,9 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
|
||||
// Check that user is able to login
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
// Check that key is cached
|
||||
IdentityProviderRepresentation idpRep = getIdentityProvider();
|
||||
|
@ -378,11 +379,11 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
|
||||
// Check that user is able to login with ES256
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
appPage.assertCurrent();
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
logInAsUserInIDP();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -397,11 +398,11 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
|
||||
// Check that user is able to login with PS512
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
appPage.assertCurrent();
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
logInAsUserInIDP();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -427,11 +428,11 @@ public class KcOIDCBrokerWithSignatureTest extends AbstractBaseBrokerTest {
|
|||
|
||||
// Check that user is able to login with ES256
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
Assert.assertTrue(appPage.isCurrent());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
|
||||
logInAsUserInIDP();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -7,7 +7,6 @@ import org.keycloak.testsuite.Assert;
|
|||
import java.util.List;
|
||||
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
public class KcOidcBrokerAcrParameterTest extends AbstractBrokerTest {
|
||||
|
||||
|
@ -21,7 +20,8 @@ public class KcOidcBrokerAcrParameterTest extends AbstractBrokerTest {
|
|||
|
||||
@Override
|
||||
protected void loginUser() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
driver.navigate().to(driver.getCurrentUrl() + "&" + ACR_VALUES + "=" + ACR_3);
|
||||
|
||||
|
|
|
@ -29,7 +29,6 @@ import org.keycloak.representations.idm.UserRepresentation;
|
|||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.userprofile.UserProfileContext;
|
||||
|
||||
import static org.keycloak.testsuite.AssertEvents.DEFAULT_USERNAME;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_ALIAS;
|
||||
|
||||
/**
|
||||
|
@ -74,7 +73,7 @@ public final class KcOidcBrokerEventTest extends AbstractBrokerTest {
|
|||
|
||||
events.expect(EventType.IDENTITY_PROVIDER_FIRST_LOGIN)
|
||||
.realm(consumerRealm.toRepresentation().getId())
|
||||
.client("account")
|
||||
.client("broker-app")
|
||||
.user((String)null)
|
||||
.detail(Details.IDENTITY_PROVIDER, IDP_OIDC_ALIAS)
|
||||
.detail(Details.IDENTITY_PROVIDER_USERNAME, bc.getUserLogin())
|
||||
|
@ -82,14 +81,14 @@ public final class KcOidcBrokerEventTest extends AbstractBrokerTest {
|
|||
|
||||
events.expect(EventType.UPDATE_PROFILE)
|
||||
.realm(consumerRealm.toRepresentation().getId())
|
||||
.client("account")
|
||||
.client("broker-app")
|
||||
.user((String)null)
|
||||
.detail(Details.CONTEXT, UserProfileContext.IDP_REVIEW.name())
|
||||
.assertEvent();
|
||||
|
||||
events.expect(EventType.REGISTER)
|
||||
.realm(consumerRealm.toRepresentation().getId())
|
||||
.client("account")
|
||||
.client("broker-app")
|
||||
.user(consumerUserId == null? Matchers.any(String.class) : Matchers.is(consumerUserId))
|
||||
.session((String) null)
|
||||
.detail(Details.USERNAME, bc.getUserLogin())
|
||||
|
@ -99,7 +98,7 @@ public final class KcOidcBrokerEventTest extends AbstractBrokerTest {
|
|||
|
||||
events.expect(EventType.LOGIN)
|
||||
.realm(consumerRealm.toRepresentation().getId())
|
||||
.client("account")
|
||||
.client("broker-app")
|
||||
.user(consumerUserId == null? Matchers.any(String.class) : Matchers.is(consumerUserId))
|
||||
.session(Matchers.any(String.class))
|
||||
.detail(Details.USERNAME, bc.getUserLogin())
|
||||
|
@ -135,7 +134,7 @@ public final class KcOidcBrokerEventTest extends AbstractBrokerTest {
|
|||
|
||||
events.expect(EventType.LOGIN)
|
||||
.realm(consumerRealm.toRepresentation().getId())
|
||||
.client("account")
|
||||
.client("broker-app")
|
||||
.user(consumerUserId == null? Matchers.any(String.class) : Matchers.is(consumerUserId))
|
||||
.session(Matchers.any(String.class))
|
||||
.detail(Details.USERNAME, bc.getUserLogin())
|
||||
|
@ -150,7 +149,8 @@ public final class KcOidcBrokerEventTest extends AbstractBrokerTest {
|
|||
events.clear();
|
||||
|
||||
// navigate to the account url of the consumer realm
|
||||
driver.navigate().to(getAccountUrl(BrokerTestTools.getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
// Do a wrong login with a user that does not exist
|
||||
loginPage.login("wrong-user", "wrong-password");
|
||||
|
@ -158,7 +158,7 @@ public final class KcOidcBrokerEventTest extends AbstractBrokerTest {
|
|||
events.expect(EventType.LOGIN_ERROR)
|
||||
.realm(consumerRealm.toRepresentation().getId())
|
||||
.user((String) null)
|
||||
.client("account")
|
||||
.client("broker-app")
|
||||
.session((String) null)
|
||||
.detail(Details.USERNAME, "wrong-user")
|
||||
.error("user_not_found")
|
||||
|
@ -173,6 +173,8 @@ public final class KcOidcBrokerEventTest extends AbstractBrokerTest {
|
|||
RealmResource consumerRealm = adminClient.realm(bc.consumerRealmName());
|
||||
UserRepresentation providerUser = providerRealm.users().search(bc.getUserLogin()).iterator().next();
|
||||
events.clear();
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
super.loginUser();
|
||||
|
||||
|
@ -212,13 +214,6 @@ public final class KcOidcBrokerEventTest extends AbstractBrokerTest {
|
|||
|
||||
super.testSingleLogout();
|
||||
|
||||
events.expect(EventType.LOGOUT)
|
||||
.realm(providerRealm.toRepresentation().getId())
|
||||
.user(providerUser.getId())
|
||||
.client((String) null)
|
||||
.session(Matchers.any(String.class))
|
||||
.assertEvent();
|
||||
|
||||
events.clear();
|
||||
}
|
||||
|
||||
|
@ -235,10 +230,11 @@ public final class KcOidcBrokerEventTest extends AbstractBrokerTest {
|
|||
Integer userCount = adminClient.realm(bc.consumerRealmName()).users().count();
|
||||
|
||||
// now do the second login
|
||||
driver.navigate().to(getAccountUrl(BrokerTestTools.getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
logInWithBroker(bc);
|
||||
|
||||
Assert.assertEquals(accountPage.buildUri().toASCIIString().replace("master", "consumer") + "/", driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().contains("/auth/realms/master/app"));
|
||||
Assert.assertEquals(userCount, adminClient.realm(bc.consumerRealmName()).users().count());
|
||||
|
||||
checkLoginEvents(providerRealm, consumerRealm, providerUser.getId(), consumerUser.getId());
|
||||
|
@ -266,7 +262,7 @@ public final class KcOidcBrokerEventTest extends AbstractBrokerTest {
|
|||
// now perform the login via the broker
|
||||
logInWithBroker(bc);
|
||||
|
||||
Assert.assertEquals(accountPage.buildUri().toASCIIString().replace("master", "consumer") + "/", driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().contains("/auth/realms/master/app"));
|
||||
Assert.assertEquals(userCount, adminClient.realm(bc.consumerRealmName()).users().count());
|
||||
|
||||
checkLoginEvents(providerRealm, consumerRealm, providerUser.getId(), consumerUser.getId());
|
||||
|
|
|
@ -17,6 +17,7 @@ import org.junit.Rule;
|
|||
import org.junit.Test;
|
||||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.util.ReverseProxy;
|
||||
|
||||
public final class KcOidcBrokerFrontendUrlTest extends AbstractBrokerTest {
|
||||
|
@ -61,7 +62,11 @@ public final class KcOidcBrokerFrontendUrlTest extends AbstractBrokerTest {
|
|||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
createUser(bc.consumerRealmName(), "consumer", "password", "FirstName", "LastName", "consumer@localhost.com");
|
||||
|
||||
driver.navigate().to(proxy.getUrl() + "/realms/consumer/account");
|
||||
oauth.clientId("broker-app");
|
||||
oauth.realm(bc.consumerRealmName());
|
||||
oauth.baseUrl(proxy.getUrl());
|
||||
oauth.openLoginForm();
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -75,8 +80,8 @@ public final class KcOidcBrokerFrontendUrlTest extends AbstractBrokerTest {
|
|||
}
|
||||
|
||||
loginPage.login(bc.getUserLogin(), bc.getUserPassword());
|
||||
waitForPage(driver, "account management", true);
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
waitForPage(driver, "AUTH_RESPONSE", true);
|
||||
appPage.assertCurrent();
|
||||
}
|
||||
|
||||
@Ignore
|
||||
|
|
|
@ -27,7 +27,6 @@ import org.keycloak.testsuite.Assert;
|
|||
import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_ALIAS;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_PROVIDER_ID;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.createIdentityProvider;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
/**
|
||||
* Migrated from old testsuite. Previous version by Pedro Igor.
|
||||
|
@ -57,7 +56,9 @@ public class KcOidcBrokerHiddenIdpHintTest extends AbstractInitializedBaseBroker
|
|||
|
||||
@Test
|
||||
public void testSuccessfulRedirectToProviderHiddenOnLoginPage() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
String url = driver.getCurrentUrl() + "&kc_idp_hint=" + bc.getIDPAlias();
|
||||
driver.navigate().to(url);
|
||||
|
|
|
@ -18,7 +18,6 @@ package org.keycloak.testsuite.broker;
|
|||
|
||||
import org.junit.Test;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
import org.keycloak.testsuite.Assert;
|
||||
|
||||
|
@ -37,7 +36,8 @@ public class KcOidcBrokerIdpHintTest extends AbstractInitializedBaseBrokerTest {
|
|||
|
||||
@Test
|
||||
public void testSuccessfulRedirect() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
String url = driver.getCurrentUrl() + "&kc_idp_hint=" + bc.getIDPAlias();
|
||||
driver.navigate().to(url);
|
||||
|
@ -55,7 +55,8 @@ public class KcOidcBrokerIdpHintTest extends AbstractInitializedBaseBrokerTest {
|
|||
// KEYCLOAK-5260
|
||||
@Test
|
||||
public void testSuccessfulRedirectToProviderAfterLoginPageShown() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
||||
String urlWithHint = driver.getCurrentUrl() + "&kc_idp_hint=" + bc.getIDPAlias();
|
||||
|
@ -71,7 +72,9 @@ public class KcOidcBrokerIdpHintTest extends AbstractInitializedBaseBrokerTest {
|
|||
driver.getCurrentUrl().contains("/auth/realms/" + bc.providerRealmName() + "/"));
|
||||
|
||||
// redirect shouldn't happen
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
Assert.assertTrue("Driver should be on the consumer realm page",
|
||||
driver.getCurrentUrl().contains("/auth/realms/" + bc.consumerRealmName() + "/"));
|
||||
|
@ -79,7 +82,8 @@ public class KcOidcBrokerIdpHintTest extends AbstractInitializedBaseBrokerTest {
|
|||
|
||||
@Test
|
||||
public void testInvalidIdentityProviderHint() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
String url = driver.getCurrentUrl() + "&kc_idp_hint=bogus-idp";
|
||||
driver.navigate().to(url);
|
||||
|
|
|
@ -9,7 +9,6 @@ import static org.keycloak.testsuite.broker.BrokerTestConstants.USER_EMAIL;
|
|||
import static org.keycloak.testsuite.broker.BrokerTestTools.createIdentityProvider;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.UserResource;
|
||||
|
@ -44,7 +43,8 @@ public class KcOidcBrokerLoginHintTest extends AbstractBrokerTest {
|
|||
|
||||
@Override
|
||||
protected void loginUser() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
driver.navigate().to(driver.getCurrentUrl() + "&login_hint=" + USER_EMAIL);
|
||||
|
||||
|
@ -100,7 +100,8 @@ public class KcOidcBrokerLoginHintTest extends AbstractBrokerTest {
|
|||
.enabled(true)
|
||||
.build()
|
||||
)) {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
waitForPageToLoad();
|
||||
driver.navigate().to(driver.getCurrentUrl() + "&login_hint=" + USER_EMAIL + "&kc_idp_hint=" + IDP_OIDC_ALIAS);
|
||||
waitForPageToLoad();
|
||||
|
|
|
@ -16,7 +16,6 @@ import static org.junit.Assert.assertEquals;
|
|||
import static org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.REALM_PROV_NAME;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getProviderRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
|
||||
public class KcOidcBrokerLogoutFrontChannelTest extends AbstractKcOidcBrokerLogoutTest {
|
||||
|
@ -69,8 +68,10 @@ public class KcOidcBrokerLogoutFrontChannelTest extends AbstractKcOidcBrokerLogo
|
|||
"broker-app",
|
||||
getConsumerRoot() + "/auth/realms/" + REALM_CONS_NAME + "/app");
|
||||
|
||||
// user should be logged out successfully from the IDP even though the id_token_hint is expired
|
||||
driver.navigate().to(getAccountUrl(getProviderRoot(), REALM_PROV_NAME));
|
||||
oauth.clientId("account");
|
||||
oauth.redirectUri(getConsumerRoot() + "/auth/realms/" + REALM_PROV_NAME + "/account");
|
||||
loginPage.open(REALM_PROV_NAME);
|
||||
|
||||
waitForPage(driver, "sign in to provider", true);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,13 +9,13 @@ import org.keycloak.representations.IDToken;
|
|||
import org.keycloak.services.managers.AuthenticationManager;
|
||||
import org.keycloak.services.util.CookieHelper;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.REALM_PROV_NAME;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getProviderRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
|
||||
public class KcOidcBrokerLogoutTest extends AbstractKcOidcBrokerLogoutTest {
|
||||
|
@ -31,31 +31,43 @@ public class KcOidcBrokerLogoutTest extends AbstractKcOidcBrokerLogoutTest {
|
|||
@Test
|
||||
public void logoutWithoutInitiatingIdpLogsOutOfIdp() {
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
oauth.clientId("account");
|
||||
oauth.redirectUri(getConsumerRoot() + "/auth/realms/" + REALM_PROV_NAME + "/account");
|
||||
loginPage.open(REALM_PROV_NAME);
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
driver.navigate().to(getAccountUrl(getProviderRoot(), REALM_PROV_NAME));
|
||||
waitForPage(driver, "sign in to provider", true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void logoutWithActualIdpAsInitiatingIdpDoesNotLogOutOfIdp() {
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName(), "kc-oidc-idp");
|
||||
driver.navigate().to(getAccountUrl(getProviderRoot(), REALM_PROV_NAME));
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.providerRealmName());
|
||||
waitForPage(driver, "sign in to provider", true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void logoutWithOtherIdpAsInitiatinIdpLogsOutOfIdp() {
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
oauth.clientId("account");
|
||||
oauth.redirectUri(getConsumerRoot() + "/auth/realms/" + REALM_PROV_NAME + "/account");
|
||||
loginPage.open(REALM_PROV_NAME);
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName(), "something-else");
|
||||
driver.navigate().to(getAccountUrl(getProviderRoot(), REALM_PROV_NAME));
|
||||
waitForPage(driver, "sign in to provider", true);
|
||||
}
|
||||
|
||||
|
@ -81,8 +93,12 @@ public class KcOidcBrokerLogoutTest extends AbstractKcOidcBrokerLogoutTest {
|
|||
driver.manage().deleteCookieNamed(AuthenticationManager.KEYCLOAK_IDENTITY_COOKIE);
|
||||
driver.manage().deleteCookieNamed(AuthenticationManager.KEYCLOAK_IDENTITY_COOKIE + CookieHelper.LEGACY_COOKIE);
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName(), null, idToken);
|
||||
driver.navigate().to(getAccountUrl(getProviderRoot(), REALM_PROV_NAME));
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
oauth.clientId("account");
|
||||
oauth.redirectUri(getConsumerRoot() + "/auth/realms/" + REALM_PROV_NAME + "/account");
|
||||
loginPage.open(REALM_PROV_NAME);
|
||||
|
||||
waitForPage(driver, "sign in to provider", true);
|
||||
}
|
||||
|
@ -118,7 +134,10 @@ public class KcOidcBrokerLogoutTest extends AbstractKcOidcBrokerLogoutTest {
|
|||
);
|
||||
|
||||
// user should be logged out successfully from the IDP even though the id_token_hint is expired
|
||||
driver.navigate().to(getAccountUrl(getProviderRoot(), REALM_PROV_NAME));
|
||||
oauth.clientId("account");
|
||||
oauth.redirectUri(getConsumerRoot() + "/auth/realms/" + REALM_PROV_NAME + "/account");
|
||||
loginPage.open(REALM_PROV_NAME);
|
||||
|
||||
waitForPage(driver, "sign in to provider", true);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -8,7 +8,6 @@ import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_PROVIDE
|
|||
import static org.keycloak.testsuite.broker.BrokerTestConstants.USER_EMAIL;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.createIdentityProvider;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.keycloak.admin.client.resource.UsersResource;
|
||||
import org.keycloak.models.IdentityProviderModel;
|
||||
|
@ -39,7 +38,8 @@ public class KcOidcBrokerNoLoginHintTest extends AbstractBrokerTest {
|
|||
|
||||
@Override
|
||||
protected void loginUser() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
driver.navigate().to(driver.getCurrentUrl() + "&login_hint=" + USER_EMAIL);
|
||||
|
||||
|
|
|
@ -6,7 +6,6 @@ import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_ALIAS;
|
|||
import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_PROVIDER_ID;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.createIdentityProvider;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
@ -43,7 +42,8 @@ public class KcOidcBrokerParameterForwardTest extends AbstractBrokerTest {
|
|||
|
||||
@Override
|
||||
protected void loginUser() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
String queryString = "&" + FORWARDED_PARAMETER + "=" + FORWARDED_PARAMETER_VALUE + "&" + PARAMETER_NOT_FORWARDED + "=" + "value";
|
||||
driver.navigate().to(driver.getCurrentUrl() + queryString);
|
||||
|
|
|
@ -55,19 +55,19 @@ public class KcOidcBrokerPassMaxAgeTest extends AbstractBrokerTest {
|
|||
@Test
|
||||
@Override
|
||||
public void loginWithExistingUser() {
|
||||
|
||||
// login as brokered user user, perform profile update on first broker login and logout user
|
||||
loginUser();
|
||||
testSingleLogout();
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
Assert.assertTrue("Driver should be on the provider realm page right now",
|
||||
driver.getCurrentUrl().contains("/auth/realms/" + bc.providerRealmName() + "/"));
|
||||
|
||||
loginPage.login(bc.getUserLogin(), bc.getUserPassword());
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
setTimeOffset(2);
|
||||
|
||||
|
@ -101,14 +101,15 @@ public class KcOidcBrokerPassMaxAgeTest extends AbstractBrokerTest {
|
|||
loginUser();
|
||||
testSingleLogout();
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
Assert.assertTrue("Driver should be on the provider realm page right now",
|
||||
driver.getCurrentUrl().contains("/auth/realms/" + bc.providerRealmName() + "/"));
|
||||
|
||||
loginPage.login(bc.getUserLogin(), bc.getUserPassword());
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
IdentityProviderResource idpResource = realmsResouce().realm(bc.consumerRealmName()).identityProviders()
|
||||
.get(bc.getIDPAlias());
|
||||
|
|
|
@ -19,21 +19,23 @@ package org.keycloak.testsuite.broker;
|
|||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.junit.Ignore;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.models.IdentityProviderSyncMode;
|
||||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.keycloak.testsuite.admin.ApiUtil.createUserWithAdminClient;
|
||||
import static org.keycloak.testsuite.admin.ApiUtil.resetUserPassword;
|
||||
import static org.keycloak.testsuite.broker.BrokerRunOnServerUtil.configurePostBrokerLoginWithOTP;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.CLIENT_ID;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.USER_EMAIL;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getProviderRoot;
|
||||
|
||||
/**
|
||||
|
@ -42,6 +44,8 @@ import static org.keycloak.testsuite.broker.BrokerTestTools.getProviderRoot;
|
|||
*
|
||||
* @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
|
||||
*/
|
||||
// Remove @Ignore when closing Github issue 20642
|
||||
@Ignore
|
||||
public class KcOidcBrokerPromptNoneRedirectTest extends AbstractInitializedBaseBrokerTest {
|
||||
|
||||
@Override
|
||||
|
@ -55,7 +59,7 @@ public class KcOidcBrokerPromptNoneRedirectTest extends AbstractInitializedBaseB
|
|||
* @throws Exception if an error occurs while running the test.
|
||||
*/
|
||||
@Test
|
||||
public void testSuccessfulRedirectToProviderWithPromptNone() throws Exception {
|
||||
public void testSuccessfulRedirectToProviderWithPromptNone() {
|
||||
/* we need to disable profile update for the prompt=none propagation to work. */
|
||||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
|
||||
|
@ -65,26 +69,29 @@ public class KcOidcBrokerPromptNoneRedirectTest extends AbstractInitializedBaseB
|
|||
/* now send an auth request to the consumer realm including both the kc_idp_hint (to identify the default provider) and prompt=none.
|
||||
The presence of the default provider should cause the request with prompt=none to be propagated to the idp instead of resulting
|
||||
in a login required error because the user is not yet authenticated in the consumer realm. */
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
String url = driver.getCurrentUrl() + "&kc_idp_hint=" + bc.getIDPAlias() + "&prompt=none";
|
||||
driver.navigate().to(url);
|
||||
|
||||
/* no need to log in again, the idp should have been able to identify that the user is already logged in and the authenticated user should
|
||||
have been established in the consumer realm. Lastly, user must be redirected to the account app as expected. */
|
||||
waitForAccountManagementTitle();
|
||||
Assert.assertTrue(driver.getCurrentUrl().contains("/auth/realms/" + bc.consumerRealmName() + "/account"));
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertTrue(driver.getCurrentUrl().contains("/auth/realms/" + bc.providerRealmName() + "/account"));
|
||||
|
||||
/* let's try logging out from the consumer realm and then send an auth request with only prompt=none. The absence of a default idp
|
||||
should result in a login required error because the user is not authenticated in the consumer realm and the request won't be propagated
|
||||
all the way to the idp where the user is authenticated. */
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName(), bc.getIDPAlias());
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
url = driver.getCurrentUrl() + "&prompt=none";
|
||||
driver.navigate().to(url);
|
||||
Assert.assertTrue(driver.getCurrentUrl().contains(bc.consumerRealmName() + "/account/login-redirect?error=login_required"));
|
||||
Assert.assertTrue(driver.getCurrentUrl().contains(bc.providerRealmName() + "/account/?error=login_required"));
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -98,11 +105,12 @@ public class KcOidcBrokerPromptNoneRedirectTest extends AbstractInitializedBaseB
|
|||
/* try sending an auth request to the consumer realm with prompt=none. As we have no user authenticated in both
|
||||
the consumer realm and the IDP, the IDP should return an error=login_required to the broker and the broker must
|
||||
in turn return the same error to the client. */
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
String url = driver.getCurrentUrl() + "&prompt=none&kc_idp_hint=" + bc.getIDPAlias();
|
||||
driver.navigate().to(url);
|
||||
Assert.assertTrue(driver.getCurrentUrl().contains(bc.consumerRealmName() + "/account/login-redirect?error=login_required"));
|
||||
Assert.assertTrue(driver.getCurrentUrl().contains("/app/auth?error=login_required"));
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -145,7 +153,7 @@ public class KcOidcBrokerPromptNoneRedirectTest extends AbstractInitializedBaseB
|
|||
* @throws Exception if an error occurs while running the test.
|
||||
*/
|
||||
@Test
|
||||
public void testLinkExistingAccountReturnsInteractionRequired() throws Exception {
|
||||
public void testLinkExistingAccountReturnsInteractionRequired() {
|
||||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
/* create user in the consumer realm with same e-mail as the user in the idp */
|
||||
UserRepresentation newUser = UserBuilder.create().username("consumer").email(USER_EMAIL).enabled(true).build();
|
||||
|
@ -182,7 +190,7 @@ public class KcOidcBrokerPromptNoneRedirectTest extends AbstractInitializedBaseB
|
|||
public void testRequireConsentReturnsInteractionRequired() throws Exception {
|
||||
RealmResource brokeredRealm = adminClient.realm(bc.providerRealmName());
|
||||
List<ClientRepresentation> clients = brokeredRealm.clients().findByClientId(CLIENT_ID);
|
||||
org.junit.Assert.assertEquals(1, clients.size());
|
||||
assertEquals(1, clients.size());
|
||||
ClientRepresentation brokerApp = clients.get(0);
|
||||
brokerApp.setConsentRequired(true);
|
||||
brokeredRealm.clients().get(brokerApp.getId()).update(brokerApp);
|
||||
|
@ -200,26 +208,31 @@ public class KcOidcBrokerPromptNoneRedirectTest extends AbstractInitializedBaseB
|
|||
authenticateDirectlyInIDP();
|
||||
|
||||
/* send an auth request to the consumer realm with prompt=none and a default provider. */
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
String url = driver.getCurrentUrl() + "&kc_idp_hint=" + bc.getIDPAlias() + "&prompt=none";
|
||||
driver.navigate().to(url);
|
||||
Assert.assertTrue(driver.getCurrentUrl().contains(bc.consumerRealmName() + "/account/login-redirect?error=interaction_required"));
|
||||
Assert.assertTrue(driver.getCurrentUrl().contains(bc.providerRealmName() + "/account/?error=interaction_required"));
|
||||
}
|
||||
|
||||
/**
|
||||
* Authenticates the broker user directly in the IDP to establish a valid authenticated session there.
|
||||
*/
|
||||
protected void authenticateDirectlyInIDP() {
|
||||
driver.navigate().to(getAccountUrl(getProviderRoot(), bc.providerRealmName()));
|
||||
oauth.clientId("account");
|
||||
oauth.redirectUri(getAccountUrl(getProviderRoot(), bc.providerRealmName()));
|
||||
loginPage.open(bc.providerRealmName());
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
Assert.assertTrue("Driver should be on the provider realm page right now",
|
||||
driver.getCurrentUrl().contains("/auth/realms/" + bc.providerRealmName() + "/"));
|
||||
loginPage.login(bc.getUserLogin(), bc.getUserPassword());
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
Assert.assertTrue(driver.getCurrentUrl().contains("/auth/realms/" + bc.providerRealmName() + "/account"));
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertTrue(
|
||||
driver.getCurrentUrl().contains(
|
||||
"/auth/realms/" + bc.providerRealmName() + "/"));
|
||||
}
|
||||
|
||||
private class KcOidcBrokerPromptNoneConfiguration extends KcOidcBrokerConfiguration {
|
||||
|
|
|
@ -10,7 +10,6 @@ import java.util.List;
|
|||
import java.util.Map;
|
||||
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
public class KcOidcBrokerPromptParameterTest extends AbstractBrokerTest {
|
||||
|
||||
|
@ -25,7 +24,8 @@ public class KcOidcBrokerPromptParameterTest extends AbstractBrokerTest {
|
|||
|
||||
@Override
|
||||
protected void loginUser() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
driver.navigate().to(driver.getCurrentUrl() + "&" + OIDCLoginProtocol.PROMPT_PARAM + "=" + PROMPT_CONSENT);
|
||||
|
||||
|
|
|
@ -26,13 +26,11 @@ import org.keycloak.OAuth2Constants;
|
|||
import org.keycloak.common.util.KeycloakUriBuilder;
|
||||
import org.keycloak.common.util.UriUtils;
|
||||
import org.keycloak.events.EventType;
|
||||
import org.keycloak.models.Constants;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.LoginExpiredPage;
|
||||
|
||||
import static org.junit.Assert.assertThat;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
|
||||
/**
|
||||
|
@ -112,8 +110,9 @@ public class KcOidcBrokerStateParameterTest extends AbstractInitializedBaseBroke
|
|||
|
||||
|
||||
@Test
|
||||
public void testCorrectStateParameterButIncorrectCode() throws Exception {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
public void testCorrectStateParameterButIncorrectCode() {
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
waitForPage(driver, "sign in to", true);
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
|
@ -150,7 +149,7 @@ public class KcOidcBrokerStateParameterTest extends AbstractInitializedBaseBroke
|
|||
.session((String) null)
|
||||
.realm(consumerRealmId)
|
||||
.user((String) null)
|
||||
.client(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID)
|
||||
.client("broker-app")
|
||||
.error("identity_provider_login_failure")
|
||||
.assertEvent();
|
||||
|
||||
|
|
|
@ -51,7 +51,8 @@ public class KcOidcBrokerSubMatchIntrospectionTest extends AbstractBrokerTest {
|
|||
|
||||
@Override
|
||||
public void testLogInAsUserInIDP() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
oauth.realm(bc.consumerRealmName());
|
||||
oauth.clientId("consumer-client");
|
||||
|
|
|
@ -36,6 +36,7 @@ import org.keycloak.representations.idm.RoleRepresentation;
|
|||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.updaters.RealmAttributeUpdater;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.testsuite.util.WaitUtils;
|
||||
|
||||
|
@ -128,6 +129,8 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
UserResource userResource = adminClient.realm(bc.providerRealmName()).users().get(userId);
|
||||
userResource.roles().realmLevel().add(Collections.singletonList(managerRole));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
logInAsUserInIDPForFirstTime();
|
||||
|
||||
UserResource consumerUserResource = adminClient.realm(bc.consumerRealmName()).users().get(
|
||||
|
@ -139,11 +142,14 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
assertThat(currentRoles, hasItems(ROLE_MANAGER));
|
||||
assertThat(currentRoles, not(hasItems(ROLE_USER)));
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
userResource.roles().realmLevel().add(Collections.singletonList(userRole));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInAsUserInIDP();
|
||||
|
||||
currentRoles = consumerUserResource.roles().realmLevel().listAll().stream()
|
||||
|
@ -173,7 +179,9 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
brokerApp.getAttributes().put("validateSignature", Boolean.TRUE.toString());
|
||||
clients.get(brokerApp.getId()).update(brokerApp);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -233,6 +241,9 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
|
||||
identityProviderResource.addMapper(hardCodedSessionNoteMapper).close();
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
loginFetchingUserFromUserEndpoint();
|
||||
|
||||
UserRepresentation user = getFederatedIdentity();
|
||||
|
@ -256,17 +267,24 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
adminClient.realm(bc.providerRealmName()).clients().create(samlClient);
|
||||
consumerRealm.identityProviders().create(samlBroker);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(samlBrokerConfig.getIDPAlias()));
|
||||
logInWithBroker(samlBrokerConfig);
|
||||
|
||||
totpPage.assertCurrent();
|
||||
String totpSecret = totpPage.getTotpSecret();
|
||||
totpPage.configure(totp.generateTOTP(totpSecret));
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
setOtpTimeOffset(DEFAULT_INTERVAL_SECONDS, totp);
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "account already exists", false);
|
||||
|
@ -300,11 +318,18 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
adminClient.realm(bc.providerRealmName()).clients().create(samlClient);
|
||||
consumerRealm.identityProviders().create(samlBroker);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(samlBrokerConfig);
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(bc.getIDPAlias()));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "account already exists", false);
|
||||
|
@ -344,15 +369,21 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
providerRealm.clients().create(samlClient);
|
||||
consumerRealm.identityProviders().create(samlBroker);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(samlBrokerConfig.getIDPAlias()));
|
||||
logInWithBroker(samlBrokerConfig);
|
||||
totpPage.assertCurrent();
|
||||
String totpSecret = totpPage.getTotpSecret();
|
||||
totpPage.configure(totp.generateTOTP(totpSecret));
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(bc.getIDPAlias()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "account already exists", false);
|
||||
|
@ -362,15 +393,16 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
|
||||
loginTotpPage.assertCurrent();
|
||||
loginTotpPage.login(totp.generateTOTP(totpSecret));
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
loginTotpPage.assertCurrent();
|
||||
loginTotpPage.login(totp.generateTOTP(totpSecret));
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
assertNumFederatedIdentities(consumerRealm.users().search(samlBrokerConfig.getUserLogin()).get(0).getId(), 2);
|
||||
} finally {
|
||||
|
@ -383,8 +415,11 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
@Test
|
||||
public void testInvalidIssuedFor() {
|
||||
loginUser();
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
|
@ -404,8 +439,11 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
@Test
|
||||
public void testInvalidAudience() {
|
||||
loginUser();
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
|
@ -486,20 +524,20 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
updateIdPSyncMode(idProvider, consumerIdentityResource,
|
||||
isForceSync ? IdentityProviderSyncMode.FORCE : IdentityProviderSyncMode.IMPORT);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
WaitUtils.waitForPageToLoad();
|
||||
|
||||
assertThat(driver.getTitle(), Matchers.containsString("Sign in to " + bc.consumerRealmName()));
|
||||
logInWithIdp(IDP_NAME, USERNAME, PASSWORD);
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
assertThat(accountUpdateProfilePage.getUsername(), Matchers.equalTo(USERNAME));
|
||||
assertThat(accountUpdateProfilePage.getEmail(), Matchers.equalTo(EMAIL));
|
||||
assertThat(accountUpdateProfilePage.getFirstName(), Matchers.equalTo(FIRST_NAME));
|
||||
assertThat(accountUpdateProfilePage.getLastName(), Matchers.equalTo(LAST_NAME));
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.providerRealmName()), USERNAME);
|
||||
|
||||
accountUpdateProfilePage.submitWithoutChanges();
|
||||
assertAccountConsoleIsCurrent();
|
||||
assertThat(userRepresentation.getUsername(), Matchers.equalTo(USERNAME));
|
||||
assertThat(userRepresentation.getEmail(), Matchers.equalTo(EMAIL));
|
||||
assertThat(userRepresentation.getFirstName(), Matchers.equalTo(FIRST_NAME));
|
||||
assertThat(userRepresentation.getLastName(), Matchers.equalTo(LAST_NAME));
|
||||
|
||||
RealmResource consumerRealmResource = realmsResouce().realm(bc.consumerRealmName());
|
||||
List<UserRepresentation> foundUsers = consumerRealmResource.users().searchByUsername(USERNAME, true);
|
||||
|
@ -511,8 +549,8 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
|
||||
checkFederatedIdentityLink(consumerUserResource, providerUserID, USERNAME);
|
||||
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), USERNAME);
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), USERNAME);
|
||||
|
||||
UserRepresentation providerUser = providerUserResource.toRepresentation();
|
||||
providerUser.setUsername(NEW_USERNAME);
|
||||
|
@ -521,25 +559,22 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
providerUser.setEmail(NEW_EMAIL);
|
||||
providerUserResource.update(providerUser);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
WaitUtils.waitForPageToLoad();
|
||||
|
||||
assertThat(driver.getTitle(), Matchers.containsString("Sign in to " + bc.consumerRealmName()));
|
||||
logInWithIdp(IDP_NAME, NEW_USERNAME, PASSWORD);
|
||||
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.consumerRealmName()), USERNAME);
|
||||
|
||||
// consumer username stays the same, even when sync mode is force
|
||||
assertThat(accountUpdateProfilePage.getUsername(), Matchers.equalTo(USERNAME));
|
||||
assertThat(userRepresentation.getUsername(), Matchers.equalTo(USERNAME));
|
||||
// other consumer attributes are updated, when sync mode is force
|
||||
assertThat(accountUpdateProfilePage.getEmail(), Matchers.equalTo(isForceSync ? NEW_EMAIL : EMAIL));
|
||||
assertThat(accountUpdateProfilePage.getFirstName(),
|
||||
Matchers.equalTo(isForceSync ? NEW_FIRST_NAME : FIRST_NAME));
|
||||
assertThat(accountUpdateProfilePage.getLastName(),
|
||||
Matchers.equalTo(isForceSync ? NEW_LAST_NAME : LAST_NAME));
|
||||
|
||||
accountUpdateProfilePage.submitWithoutChanges();
|
||||
assertAccountConsoleIsCurrent();
|
||||
assertThat(userRepresentation.getEmail(), Matchers.equalTo(isForceSync ? NEW_EMAIL : EMAIL));
|
||||
assertThat(userRepresentation.getFirstName(), Matchers.equalTo(isForceSync ? NEW_FIRST_NAME : FIRST_NAME));
|
||||
assertThat(userRepresentation.getLastName(), Matchers.equalTo(isForceSync ? NEW_LAST_NAME : LAST_NAME));
|
||||
|
||||
checkFederatedIdentityLink(consumerUserResource, providerUserID, isForceSync ? NEW_USERNAME : USERNAME);
|
||||
} finally {
|
||||
|
@ -547,10 +582,6 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
}
|
||||
}
|
||||
|
||||
private void assertAccountConsoleIsCurrent() {
|
||||
assertThat(driver.getTitle(), Matchers.containsString("Account Management"));
|
||||
}
|
||||
|
||||
private void allowUserEdit(RealmResource realmResource) {
|
||||
RealmRepresentation realm = realmResource.toRepresentation();
|
||||
realm.setEditUsernameAllowed(true);
|
||||
|
|
|
@ -17,7 +17,6 @@ import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_ALIAS;
|
|||
import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_PROVIDER_ID;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.createIdentityProvider;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
public class KcOidcBrokerUiLocalesDisabledTest extends AbstractBrokerTest {
|
||||
|
||||
|
@ -40,11 +39,11 @@ public class KcOidcBrokerUiLocalesDisabledTest extends AbstractBrokerTest {
|
|||
|
||||
@Override
|
||||
protected void loginUser() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
driver.navigate().to(driver.getCurrentUrl());
|
||||
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
|
||||
|
|
|
@ -16,7 +16,6 @@ import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_ALIAS;
|
|||
import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_PROVIDER_ID;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.createIdentityProvider;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
public class KcOidcBrokerUiLocalesEnabledTest extends AbstractBrokerTest {
|
||||
|
||||
|
@ -39,11 +38,11 @@ public class KcOidcBrokerUiLocalesEnabledTest extends AbstractBrokerTest {
|
|||
|
||||
@Override
|
||||
protected void loginUser() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
driver.navigate().to(driver.getCurrentUrl());
|
||||
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
|
||||
|
|
|
@ -5,13 +5,11 @@ import org.keycloak.models.IdentityProviderSyncMode;
|
|||
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.pages.PageUtils;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.Map;
|
||||
|
||||
import static java.util.Locale.*;
|
||||
import static org.hamcrest.CoreMatchers.*;
|
||||
import static org.keycloak.OAuth2Constants.*;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestConstants.*;
|
||||
|
@ -40,7 +38,8 @@ public class KcOidcBrokerUiLocalesWithIdpHintTest extends AbstractBrokerTest {
|
|||
|
||||
@Override
|
||||
protected void loginUser() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
driver.navigate().to(driver.getCurrentUrl() + "&ui_locales=hu&kc_idp_hint=kc-oidc-idp");
|
||||
|
||||
|
|
|
@ -3,7 +3,6 @@ package org.keycloak.testsuite.broker;
|
|||
import static org.junit.Assert.assertEquals;
|
||||
import static org.keycloak.testsuite.broker.BrokerRunOnServerUtil.removeBrokerExpiredSessions;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
|
@ -51,7 +50,9 @@ public class KcOidcBrokerWithConsentTest extends AbstractInitializedBaseBrokerTe
|
|||
*/
|
||||
@Test
|
||||
public void testConsentDeniedWithExpiredClientSession() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -78,13 +79,14 @@ public class KcOidcBrokerWithConsentTest extends AbstractInitializedBaseBrokerTe
|
|||
*/
|
||||
@Test
|
||||
public void testConsentDeniedWithExpiredAndClearedClientSession() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
// Set time offset
|
||||
invokeTimeOffset(60);
|
||||
try {
|
||||
|
||||
testingClient.server(bc.providerRealmName()).run(removeBrokerExpiredSessions());
|
||||
|
||||
// User rejected consent
|
||||
|
@ -93,7 +95,6 @@ public class KcOidcBrokerWithConsentTest extends AbstractInitializedBaseBrokerTe
|
|||
|
||||
// Assert login page with "You took too long to login..." message
|
||||
Assert.assertEquals("Your login attempt timed out. Login will start from the beginning.", loginPage.getError());
|
||||
|
||||
} finally {
|
||||
invokeTimeOffset(0);
|
||||
}
|
||||
|
@ -105,7 +106,10 @@ public class KcOidcBrokerWithConsentTest extends AbstractInitializedBaseBrokerTe
|
|||
@Test
|
||||
public void testLoginCancelConsent() {
|
||||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
// User rejected consent
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
package org.keycloak.testsuite.broker;
|
||||
|
||||
import org.jboss.arquillian.graphene.page.Page;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.AuthenticationManagementResource;
|
||||
|
@ -14,17 +13,16 @@ import org.keycloak.models.IdentityProviderSyncMode;
|
|||
import org.keycloak.representations.idm.AuthenticationExecutionRepresentation;
|
||||
import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
|
||||
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||
import org.keycloak.testsuite.pages.LoginUpdateProfilePage;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.ExecutionBuilder;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
public class KcOidcFirstBrokerLoginDetectExistingUserTest extends AbstractInitializedBaseBrokerTest {
|
||||
|
||||
@Page
|
||||
protected LoginUpdateProfilePage loginUpdateProfilePage;
|
||||
|
||||
@Override
|
||||
protected BrokerConfiguration getBrokerConfiguration() {
|
||||
return new KcOidcBrokerConfiguration();
|
||||
|
@ -102,7 +100,9 @@ public class KcOidcFirstBrokerLoginDetectExistingUserTest extends AbstractInitia
|
|||
String username = "firstandlastname";
|
||||
createUser(bc.providerRealmName(), username, BrokerTestConstants.USER_PASSWORD, firstname, lastname, "firstnamelastname@example.org");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithIdp(bc.getIDPAlias(), username, BrokerTestConstants.USER_PASSWORD);
|
||||
|
||||
loginPage.assertCurrent(bc.consumerRealmName());
|
||||
|
@ -112,7 +112,6 @@ public class KcOidcFirstBrokerLoginDetectExistingUserTest extends AbstractInitia
|
|||
|
||||
@Test
|
||||
public void loginWhenUserExistsOnConsumer() {
|
||||
|
||||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
|
||||
final String firstname = "Firstname(loginWhenUserExistsOnConsumer)";
|
||||
|
@ -122,14 +121,17 @@ public class KcOidcFirstBrokerLoginDetectExistingUserTest extends AbstractInitia
|
|||
createUser(bc.providerRealmName(), username, BrokerTestConstants.USER_PASSWORD, firstname, lastname, email);
|
||||
createUser(bc.consumerRealmName(), username, "THIS PASSWORD IS USELESS", null, null, email);
|
||||
|
||||
String accountUrl = getAccountUrl(getConsumerRoot(), bc.consumerRealmName());
|
||||
getLogger().error("> LOG INTO " + accountUrl);
|
||||
driver.navigate().to(accountUrl);
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithIdp(bc.getIDPAlias(), username, BrokerTestConstants.USER_PASSWORD);
|
||||
|
||||
assertTrue(driver.getTitle().contains("Account Management"));
|
||||
assertTrue("email must be in the page", driver.getPageSource().contains("value=\""+ email + "\""));
|
||||
assertTrue("firstname must appear in the page", driver.getPageSource().contains("value=\""+ firstname + "\""));
|
||||
assertTrue("lastname must appear in the page", driver.getPageSource().contains("value=\""+ lastname + "\""));
|
||||
assertTrue(driver.getTitle().contains("AUTH_RESPONSE"));
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(
|
||||
adminClient.realm(bc.consumerRealmName()), username);
|
||||
|
||||
assertEquals("Email is not correct", userRepresentation.getEmail(), email);
|
||||
assertEquals("Firstname is not correct", userRepresentation.getFirstName(), firstname);
|
||||
assertEquals("Lastname is not correct", userRepresentation.getLastName(), lastname);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -17,7 +17,6 @@ import org.keycloak.testsuite.util.UserBuilder;
|
|||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
/**
|
||||
* Tests first-broker-login flow with new authenticators.
|
||||
|
@ -200,7 +199,9 @@ public class KcOidcFirstBrokerLoginNewAuthTest extends AbstractInitializedBaseBr
|
|||
user.update(userRep);
|
||||
|
||||
// Login. TOTP will be required at login time.
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
loginPage.login(username, "password");
|
||||
|
||||
totpPage.assertCurrent();
|
||||
|
@ -216,7 +217,8 @@ public class KcOidcFirstBrokerLoginNewAuthTest extends AbstractInitializedBaseBr
|
|||
|
||||
// Login with broker and click "Link account"
|
||||
private void loginWithBrokerAndConfirmLinkAccount() {
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
|
@ -228,8 +230,6 @@ public class KcOidcFirstBrokerLoginNewAuthTest extends AbstractInitializedBaseBr
|
|||
|
||||
|
||||
private void assertUserAuthenticatedInConsumer(String consumerRealmUserId) {
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
assertNumFederatedIdentities(consumerRealmUserId, 1);
|
||||
}
|
||||
|
||||
|
|
|
@ -5,16 +5,18 @@ import org.junit.Test;
|
|||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.pages.LoginUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.RegisterPage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.openqa.selenium.NoSuchElementException;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.keycloak.testsuite.admin.ApiUtil.removeUserByUsername;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||
|
@ -24,6 +26,9 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
@Page
|
||||
protected LoginUpdateProfilePage loginUpdateProfilePage;
|
||||
|
||||
@Page
|
||||
protected AppPage appPage;
|
||||
|
||||
@Page
|
||||
protected RegisterPage registerPage;
|
||||
|
||||
|
@ -45,14 +50,16 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
String username = "firstandlastname";
|
||||
createUser(bc.providerRealmName(), username, BrokerTestConstants.USER_PASSWORD, firstname, lastname, "firstnamelastname@example.org");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithIdp(bc.getIDPAlias(), username, BrokerTestConstants.USER_PASSWORD);
|
||||
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.consumerRealmName()), username);
|
||||
|
||||
assertEquals(username, accountUpdateProfilePage.getUsername());
|
||||
assertEquals(firstname, accountUpdateProfilePage.getFirstName());
|
||||
assertEquals(lastname, accountUpdateProfilePage.getLastName());
|
||||
assertEquals(username, userRepresentation.getUsername());
|
||||
assertEquals(firstname, userRepresentation.getFirstName());
|
||||
assertEquals(lastname, userRepresentation.getLastName());
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -71,12 +78,16 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
adminClient.realm(bc.providerRealmName()).clients().create(samlClient);
|
||||
consumerRealm.identityProviders().create(samlBroker);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(samlBrokerConfig);
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
Assert.assertTrue(appPage.isCurrent());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
|
@ -95,8 +106,6 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
|
||||
log.debug("Clicking social " + samlBrokerConfig.getIDPAlias());
|
||||
loginPage.clickSocial(samlBrokerConfig.getIDPAlias());
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
assertNumFederatedIdentities(consumerRealm.users().search(samlBrokerConfig.getUserLogin()).get(0).getId(), 2);
|
||||
} finally {
|
||||
|
@ -126,12 +135,16 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
consumerRealm.identityProviders().create(samlBroker);
|
||||
consumerRealm.identityProviders().create(oidcBroker);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(samlBrokerConfig);
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
appPage.assertCurrent();
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
|
@ -155,8 +168,6 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
|
||||
log.debug("Clicking social " + samlBrokerConfig.getIDPAlias());
|
||||
loginPage.clickSocial(samlBrokerConfig.getIDPAlias());
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
assertNumFederatedIdentities(consumerRealm.users().search(samlBrokerConfig.getUserLogin()).get(0).getId(), 2);
|
||||
} finally {
|
||||
|
@ -181,7 +192,8 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
adminClient.realm(bc.providerRealmName()).clients().create(samlClient);
|
||||
consumerRealm.identityProviders().create(samlBroker);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
createUser(bc.getUserLogin());
|
||||
|
||||
|
@ -226,11 +238,17 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
adminClient.realm(bc.providerRealmName()).clients().create(samlClient);
|
||||
consumerRealm.identityProviders().create(samlBroker);
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(samlBrokerConfig);
|
||||
waitForPage(driver, "update account information", false);
|
||||
updateAccountInformationPage.updateAccountInformation("FirstName", "LastName");
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
|
@ -241,8 +259,6 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
// User is federated after log in with the original broker
|
||||
log.debug("Clicking social " + samlBrokerConfig.getIDPAlias());
|
||||
loginPage.clickSocial(samlBrokerConfig.getIDPAlias());
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
assertNumFederatedIdentities(consumerRealm.users().search(samlBrokerConfig.getUserLogin()).get(0).getId(), 1);
|
||||
} finally {
|
||||
|
@ -255,8 +271,12 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
public void testEditUsername() {
|
||||
updateExecutions(AbstractBrokerTest::setUpMissingUpdateProfileOnFirstLogin);
|
||||
|
||||
createUser(bc.providerRealmName(), "no-first-name", "password", null, "LastName", "no-first-name@localhost.com");
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
createUser(bc.providerRealmName(), "no-first-name", "password", null,
|
||||
"LastName", "no-first-name@localhost.com");
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -273,12 +293,12 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
assertEquals("Please specify username.", loginUpdateProfilePage.getInputErrors().getUsernameError());
|
||||
|
||||
updateAccountInformationPage.updateAccountInformation("new-username", "no-first-name@localhost.com", "First Name", "Last Name");
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
Assert.assertEquals("First Name", accountUpdateProfilePage.getFirstName());
|
||||
Assert.assertEquals("Last Name", accountUpdateProfilePage.getLastName());
|
||||
Assert.assertEquals("no-first-name@localhost.com", accountUpdateProfilePage.getEmail());
|
||||
Assert.assertEquals("new-username", accountUpdateProfilePage.getUsername());
|
||||
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(bc.consumerRealmName()), "new-username");
|
||||
|
||||
Assert.assertEquals("First Name", userRepresentation.getFirstName());
|
||||
Assert.assertEquals("Last Name", userRepresentation.getLastName());
|
||||
Assert.assertEquals("no-first-name@localhost.com", userRepresentation.getEmail());
|
||||
|
||||
}
|
||||
|
||||
|
@ -292,7 +312,8 @@ public class KcOidcFirstBrokerLoginTest extends AbstractFirstBrokerLoginTest {
|
|||
|
||||
createUser(bc.providerRealmName(), "idp-cancel-test", "password", "IDP", "Cancel", "idp-cancel@localhost.com");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
loginPage.clickRegister();
|
||||
registerPage.clickBackToLogin();
|
||||
|
|
|
@ -19,7 +19,6 @@ package org.keycloak.testsuite.broker;
|
|||
import static org.hamcrest.CoreMatchers.is;
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
import static org.keycloak.testsuite.forms.VerifyProfileTest.ATTRIBUTE_DEPARTMENT;
|
||||
import static org.keycloak.testsuite.forms.VerifyProfileTest.PERMISSIONS_ADMIN_EDITABLE;
|
||||
|
@ -64,7 +63,9 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
+ "{\"name\": \"department\", \"displayName\" : \"Department\", " + PERMISSIONS_ALL + ", \"required\":{}}"
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -95,7 +96,9 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
+ "{\"name\": \"contact\" }"
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -160,7 +163,9 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
+ "{\"name\": \"email\", " + VerifyProfileTest.PERMISSIONS_ALL + "}"
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -197,14 +202,15 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
|
||||
@Test
|
||||
public void testAttributeInputTypes() {
|
||||
|
||||
updateExecutions(AbstractBrokerTest::enableUpdateProfileOnFirstLogin);
|
||||
|
||||
setUserProfileConfiguration("{\"attributes\": ["
|
||||
+ RegisterWithUserProfileTest.UP_CONFIG_PART_INPUT_TYPES
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -224,11 +230,10 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
+ "{\"name\": \"department\", " + PERMISSIONS_ADMIN_EDITABLE + ", \"required\":{}}"
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
logInWithBroker(bc);
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
logInWithBroker(bc);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -244,11 +249,10 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
+ "{\"name\": \"department\", " + PERMISSIONS_ALL + ", \"required\":{}, \"selector\":{\"scopes\":[\"department\"]}}"
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
logInWithBroker(bc);
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
logInWithBroker(bc);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -263,7 +267,9 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
+ "{\"name\": \"department\", " + PERMISSIONS_ALL + ", \"required\":{}, \"selector\":{\"scopes\":[\"profile\"]}}"
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -281,7 +287,9 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
+ "{\"name\": \"department\", " + PERMISSIONS_ADMIN_EDITABLE + ", \"required\":{}}"
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -289,16 +297,11 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
|
||||
Assert.assertFalse(updateAccountInformationPage.isDepartmentPresent());
|
||||
|
||||
|
||||
updateAccountInformationPage.updateAccountInformation( "requiredReadOnlyAttributeNotRenderedAndNotBlockingRegistration", "requiredReadOnlyAttributeNotRenderedAndNotBlockingRegistration@email", "FirstAA", "LastAA");
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDynamicUserProfileReview_attributeRequiredAndSelectedByScopeMustBeSet() {
|
||||
|
||||
updateExecutions(AbstractBrokerTest::enableUpdateProfileOnFirstLogin);
|
||||
|
||||
//we use 'profile' scope which is requested by default
|
||||
|
@ -308,7 +311,9 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
+ "{\"name\": \"department\"," + PERMISSIONS_ALL + ", \"required\":{}, \"selector\":{\"scopes\":[\"profile\"]}}"
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -320,9 +325,6 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
|
||||
updateAccountInformationPage.updateAccountInformation( "attributeRequiredAndSelectedByScopeMustBeSet", "attributeRequiredAndSelectedByScopeMustBeSet@email", "FirstAA", "LastAA", "DepartmentAA");
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
UserRepresentation user = VerifyProfileTest.getUserByUsername(testRealm(),"attributeRequiredAndSelectedByScopeMustBeSet");
|
||||
assertEquals("FirstAA", user.getFirstName());
|
||||
assertEquals("LastAA", user.getLastName());
|
||||
|
@ -341,7 +343,9 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
+ "{\"name\": \"department\"," + PERMISSIONS_ALL + ", \"selector\":{\"scopes\":[\"profile\"]}}"
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -350,9 +354,6 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
Assert.assertTrue(updateAccountInformationPage.isDepartmentPresent());
|
||||
updateAccountInformationPage.updateAccountInformation( "attributeNotRequiredAndSelectedByScopeCanBeIgnored", "attributeNotRequiredAndSelectedByScopeCanBeIgnored@email", "FirstAA", "LastAA");
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
UserRepresentation user = VerifyProfileTest.getUserByUsername(testRealm(),"attributeNotRequiredAndSelectedByScopeCanBeIgnored");
|
||||
assertEquals("FirstAA", user.getFirstName());
|
||||
assertEquals("LastAA", user.getLastName());
|
||||
|
@ -371,7 +372,9 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
+ "{\"name\": \"department\"," + PERMISSIONS_ALL + ", \"selector\":{\"scopes\":[\"profile\"]}}"
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -380,9 +383,6 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
Assert.assertTrue(updateAccountInformationPage.isDepartmentPresent());
|
||||
updateAccountInformationPage.updateAccountInformation( "attributeNotRequiredAndSelectedByScopeCanBeSet", "attributeNotRequiredAndSelectedByScopeCanBeSet@email", "FirstAA", "LastAA","Department AA");
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
UserRepresentation user = VerifyProfileTest.getUserByUsername(testRealm(),"attributeNotRequiredAndSelectedByScopeCanBeSet");
|
||||
assertEquals("FirstAA", user.getFirstName());
|
||||
assertEquals("LastAA", user.getLastName());
|
||||
|
@ -402,7 +402,9 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
+ "{\"name\": \"department\"," + PERMISSIONS_ALL + ", \"required\":{}, \"selector\":{\"scopes\":[\"department\"]}}"
|
||||
+ "]}");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInWithBroker(bc);
|
||||
|
||||
waitForPage(driver, "update account information", false);
|
||||
|
@ -411,9 +413,6 @@ public class KcOidcFirstBrokerLoginWithUserProfileTest extends KcOidcFirstBroker
|
|||
Assert.assertFalse(updateAccountInformationPage.isDepartmentPresent());
|
||||
updateAccountInformationPage.updateAccountInformation( "attributeRequiredButNotSelectedByScopeIsNotRenderedAndNotBlockingRegistration", "attributeRequiredButNotSelectedByScopeIsNotRenderedAndNotBlockingRegistration@email", "FirstAA", "LastAA");
|
||||
|
||||
waitForAccountManagementTitle();
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
|
||||
UserRepresentation user = VerifyProfileTest.getUserByUsername(testRealm(),"attributeRequiredButNotSelectedByScopeIsNotRenderedAndNotBlockingRegistration");
|
||||
assertEquals("FirstAA", user.getFirstName());
|
||||
assertEquals("LastAA", user.getLastName());
|
||||
|
|
|
@ -14,6 +14,7 @@ import org.keycloak.representations.idm.ClientRepresentation;
|
|||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.saml.common.constants.JBossSAMLURIConstants;
|
||||
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.util.Matchers;
|
||||
import org.keycloak.testsuite.util.ReverseProxy;
|
||||
|
@ -114,7 +115,11 @@ public final class KcSamlBrokerFrontendUrlTest extends AbstractBrokerTest {
|
|||
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
|
||||
createUser(bc.consumerRealmName(), "consumer", "password", "FirstName", "LastName", "consumer@localhost.com");
|
||||
|
||||
driver.navigate().to(proxy.getUrl() + "/realms/consumer/account");
|
||||
oauth.clientId("broker-app");
|
||||
oauth.realm(bc.consumerRealmName());
|
||||
oauth.baseUrl(proxy.getUrl());
|
||||
oauth.openLoginForm();
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
loginPage.clickSocial(bc.getIDPAlias());
|
||||
waitForPage(driver, "sign in to", true);
|
||||
|
@ -128,8 +133,8 @@ public final class KcSamlBrokerFrontendUrlTest extends AbstractBrokerTest {
|
|||
}
|
||||
|
||||
loginPage.login(bc.getUserLogin(), bc.getUserPassword());
|
||||
waitForPage(driver, "account management", true);
|
||||
accountUpdateProfilePage.assertCurrent();
|
||||
waitForPage(driver, "AUTH_RESPONSE", true);
|
||||
appPage.assertCurrent();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
@ -4,19 +4,19 @@ import org.junit.Test;
|
|||
import org.keycloak.testsuite.Assert;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
|
||||
|
||||
public class KcSamlBrokerLoginHintWithOptionEnabledTest extends AbstractSamlLoginHintTest {
|
||||
|
||||
|
||||
// KEYCLOAK-13950
|
||||
@Test
|
||||
public void testPassLoginHintWithXmlCharShouldEncodeIt() {
|
||||
String username = "all-info-set@localhost.com";
|
||||
createUser(bc.providerRealmName(), username, "password", "FirstName");
|
||||
|
||||
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
log.debug("Clicking social " + bc.getIDPAlias());
|
||||
String fishyLoginHint = "<an-xml-tag>";
|
||||
addLoginHintOnSocialButton(fishyLoginHint);
|
||||
|
|
|
@ -27,6 +27,7 @@ import org.keycloak.saml.processing.core.parsers.saml.protocol.SAMLProtocolQName
|
|||
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
|
||||
import org.keycloak.testsuite.saml.AbstractSamlTest;
|
||||
import org.keycloak.testsuite.updaters.IdentityProviderAttributeUpdater;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.SamlClient;
|
||||
import org.keycloak.testsuite.util.SamlClient.Binding;
|
||||
import org.keycloak.testsuite.util.SamlClientBuilder;
|
||||
|
@ -55,7 +56,6 @@ import static org.keycloak.testsuite.util.SamlStreams.assertionsUnencrypted;
|
|||
import static org.keycloak.testsuite.util.SamlStreams.attributeStatements;
|
||||
import static org.keycloak.testsuite.util.SamlStreams.attributesUnecrypted;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getProviderRoot;
|
||||
|
||||
/**
|
||||
* Final class as it's not intended to be overriden. Feel free to remove "final" if you really know what you are doing.
|
||||
|
@ -163,12 +163,15 @@ public final class KcSamlBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
assertThat(currentRoles, hasItems(ROLE_MANAGER));
|
||||
assertThat(currentRoles, not(hasItems(ROLE_USER, ROLE_FRIENDLY_MANAGER)));
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
userResource.roles().realmLevel().add(Collections.singletonList(userRole));
|
||||
userResource.roles().realmLevel().add(Collections.singletonList(friendlyManagerRole));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInAsUserInIDP();
|
||||
|
||||
currentRoles = userResource.roles().realmLevel().listAll().stream()
|
||||
|
@ -176,11 +179,14 @@ public final class KcSamlBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
.collect(Collectors.toSet());
|
||||
assertThat(currentRoles, hasItems(ROLE_MANAGER, ROLE_USER, ROLE_FRIENDLY_MANAGER));
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
userResource.roles().realmLevel().remove(Collections.singletonList(friendlyManagerRole));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInAsUserInIDP();
|
||||
|
||||
currentRoles = userResource.roles().realmLevel().listAll().stream()
|
||||
|
@ -189,8 +195,8 @@ public final class KcSamlBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
assertThat(currentRoles, hasItems(ROLE_MANAGER, ROLE_USER));
|
||||
assertThat(currentRoles, not(hasItems(ROLE_FRIENDLY_MANAGER)));
|
||||
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -219,8 +225,8 @@ public final class KcSamlBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
assertThat(currentRoles, hasItems(ROLE_MANAGER));
|
||||
assertThat(currentRoles, not(hasItems(ROLE_USER, ROLE_FRIENDLY_MANAGER, ROLE_USER_DOT_GUIDE)));
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
UserRepresentation urp = userResourceProv.toRepresentation();
|
||||
urp.setAttributes(new HashMap<>());
|
||||
|
@ -229,6 +235,9 @@ public final class KcSamlBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
userResourceProv.roles().realmLevel().add(Collections.singletonList(userRole));
|
||||
userResourceProv.roles().realmLevel().add(Collections.singletonList(userRoleDotGuide));
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInAsUserInIDP();
|
||||
|
||||
currentRoles = userResourceCons.roles().realmLevel().listAll().stream()
|
||||
|
@ -236,13 +245,16 @@ public final class KcSamlBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
.collect(Collectors.toSet());
|
||||
assertThat(currentRoles, hasItems(ROLE_MANAGER, ROLE_USER, ROLE_USER_DOT_GUIDE, ROLE_FRIENDLY_MANAGER));
|
||||
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
|
||||
urp = userResourceProv.toRepresentation();
|
||||
urp.setAttributes(new HashMap<>());
|
||||
userResourceProv.update(urp);
|
||||
|
||||
oauth.clientId("broker-app");
|
||||
loginPage.open(bc.consumerRealmName());
|
||||
|
||||
logInAsUserInIDP();
|
||||
|
||||
currentRoles = userResourceCons.roles().realmLevel().listAll().stream()
|
||||
|
@ -251,8 +263,8 @@ public final class KcSamlBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
assertThat(currentRoles, hasItems(ROLE_MANAGER, ROLE_USER, ROLE_USER_DOT_GUIDE));
|
||||
assertThat(currentRoles, not(hasItems(ROLE_FRIENDLY_MANAGER)));
|
||||
|
||||
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
AccountHelper.logout(adminClient.realm(bc.providerRealmName()), bc.getUserLogin());
|
||||
}
|
||||
|
||||
// KEYCLOAK-6106
|
||||
|
|
|
@ -3,7 +3,6 @@ package org.keycloak.testsuite.broker;
|
|||
import static org.hamcrest.CoreMatchers.equalTo;
|
||||
import static org.hamcrest.CoreMatchers.nullValue;
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
@ -24,6 +23,7 @@ import org.keycloak.representations.AccessToken;
|
|||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
import org.keycloak.representations.idm.IdentityProviderMapperRepresentation;
|
||||
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
|
@ -131,7 +131,7 @@ public class OidcClaimToUserSessionNoteMapperTest extends AbstractIdentityProvid
|
|||
}
|
||||
|
||||
private void logout() {
|
||||
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
|
||||
AccountHelper.logout(adminClient.realm(bc.consumerRealmName()), bc.getUserLogin());
|
||||
}
|
||||
|
||||
private AccessToken login() {
|
||||
|
|
|
@ -18,7 +18,6 @@
|
|||
package org.keycloak.testsuite.federation.ldap;
|
||||
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.jboss.arquillian.graphene.page.Page;
|
||||
|
@ -29,7 +28,6 @@ import org.keycloak.storage.ldap.mappers.LDAPStorageMapper;
|
|||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.pages.LoginPasswordUpdatePage;
|
||||
|
@ -57,9 +55,6 @@ public abstract class AbstractLDAPTest extends AbstractTestRealmKeycloakTest {
|
|||
@Page
|
||||
protected RegisterPage registerPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
@Page
|
||||
protected OAuthGrantPage grantPage;
|
||||
|
||||
|
|
|
@ -28,12 +28,13 @@ import org.keycloak.common.Profile;
|
|||
import org.keycloak.component.ComponentModel;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.ldap.LDAPStorageProvider;
|
||||
import org.keycloak.storage.ldap.idm.model.LDAPObject;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.LDAPRule;
|
||||
import org.keycloak.testsuite.util.LDAPTestConfiguration;
|
||||
import org.keycloak.testsuite.util.LDAPTestUtils;
|
||||
|
@ -115,7 +116,6 @@ public class LDAPLegacyImportTest extends AbstractLDAPTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public void loginLdap() {
|
||||
loginPage.open();
|
||||
loginPage.login("johnkeycloak", "Password1");
|
||||
|
@ -123,10 +123,11 @@ public class LDAPLegacyImportTest extends AbstractLDAPTest {
|
|||
Assert.assertEquals(AppPage.RequestType.AUTH_RESPONSE, appPage.getRequestType());
|
||||
Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
|
||||
|
||||
profilePage.open();
|
||||
Assert.assertEquals("John", profilePage.getFirstName());
|
||||
Assert.assertEquals("Doe", profilePage.getLastName());
|
||||
Assert.assertEquals("john@email.org", profilePage.getEmail());
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(testRealm(), "johnkeycloak");
|
||||
|
||||
Assert.assertEquals("John", userRepresentation.getFirstName());
|
||||
Assert.assertEquals("Doe", userRepresentation.getLastName());
|
||||
Assert.assertEquals("john@email.org", userRepresentation.getEmail());
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -69,7 +69,6 @@ import org.keycloak.storage.ldap.mappers.UserAttributeLDAPStorageMapper;
|
|||
import org.keycloak.testsuite.AbstractAuthTest;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.LDAPRule;
|
||||
|
@ -421,7 +420,6 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public void deleteFederationLink() throws Exception {
|
||||
// KEYCLOAK-4789: Login in client, which requires consent
|
||||
oauth.clientId("third-party");
|
||||
|
@ -471,7 +469,6 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public void loginLdap() {
|
||||
loginPage.open();
|
||||
loginPage.login("johnkeycloak", "Password1");
|
||||
|
@ -479,10 +476,11 @@ public class LDAPProvidersIntegrationTest extends AbstractLDAPTest {
|
|||
Assert.assertEquals(AppPage.RequestType.AUTH_RESPONSE, appPage.getRequestType());
|
||||
Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
|
||||
|
||||
profilePage.open();
|
||||
Assert.assertEquals("John", profilePage.getFirstName());
|
||||
Assert.assertEquals("Doe", profilePage.getLastName());
|
||||
Assert.assertEquals("john@email.org", profilePage.getEmail());
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm(TEST_REALM_NAME), "johnkeycloak");
|
||||
|
||||
Assert.assertEquals("John", userRepresentation.getFirstName());
|
||||
Assert.assertEquals("Doe", userRepresentation.getLastName());
|
||||
Assert.assertEquals("john@email.org", userRepresentation.getEmail());
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
@ -57,7 +57,6 @@ import org.keycloak.testsuite.ProfileAssume;
|
|||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.AppPage.RequestType;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
|
@ -74,8 +73,8 @@ import org.keycloak.testsuite.util.OAuthClient;
|
|||
import org.keycloak.testsuite.util.RealmBuilder;
|
||||
import org.keycloak.testsuite.util.TokenSignatureUtil;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
import org.keycloak.testsuite.util.WaitUtils;
|
||||
import org.openqa.selenium.Cookie;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.openqa.selenium.JavascriptExecutor;
|
||||
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
|
@ -139,9 +138,6 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
|
|||
@Page
|
||||
protected ErrorPage errorPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
@Page
|
||||
protected LoginPasswordUpdatePage updatePasswordPage;
|
||||
|
||||
|
@ -360,31 +356,25 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public void loginDifferentUserAfterDisabledUserThrownOut() {
|
||||
String userId = adminClient.realm("test").users().search("test-user@localhost").get(0).getId();
|
||||
String userId = AccountHelper.getUserRepresentation(adminClient.realm("test"), "test-user@localhost").getId();
|
||||
|
||||
try {
|
||||
//profilePage.open();
|
||||
loginPage.open();
|
||||
loginPage.login("test-user@localhost", "password");
|
||||
|
||||
//accountPage.assertCurrent();
|
||||
appPage.assertCurrent();
|
||||
appPage.openAccount();
|
||||
|
||||
profilePage.assertCurrent();
|
||||
|
||||
setUserEnabled(userId, false);
|
||||
|
||||
// force refresh token which results in redirecting to login page
|
||||
profilePage.updateUsername("notPermitted");
|
||||
WaitUtils.waitForPageToLoad();
|
||||
|
||||
loginPage.open();
|
||||
loginPage.assertCurrent();
|
||||
|
||||
// try to log in as different user
|
||||
loginPage.login("keycloak-user@localhost", "password");
|
||||
profilePage.assertCurrent();
|
||||
|
||||
appPage.assertCurrent();
|
||||
} finally {
|
||||
setUserEnabled(userId, true);
|
||||
}
|
||||
|
@ -592,8 +582,6 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
|
|||
events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent().getSessionId();
|
||||
}
|
||||
|
||||
|
||||
|
||||
@Test
|
||||
public void loginLoginHint() {
|
||||
String loginFormUrl = oauth.getLoginFormUrl() + "&login_hint=login-test";
|
||||
|
@ -772,9 +760,7 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
// Login timeout scenarios
|
||||
|
||||
// KEYCLOAK-1037
|
||||
@Test
|
||||
public void loginExpiredCode() {
|
||||
|
|
|
@ -18,7 +18,6 @@ package org.keycloak.testsuite.forms;
|
|||
|
||||
import org.jboss.arquillian.graphene.page.Page;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.common.util.Base64;
|
||||
import org.keycloak.credential.CredentialModel;
|
||||
import org.keycloak.credential.hash.PasswordHashProvider;
|
||||
|
@ -35,9 +34,8 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
|||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
import javax.crypto.SecretKeyFactory;
|
||||
|
@ -55,9 +53,6 @@ import static org.junit.Assert.fail;
|
|||
*/
|
||||
public class PasswordHashingTest extends AbstractTestRealmKeycloakTest {
|
||||
|
||||
@Page
|
||||
private AccountUpdateProfilePage updateProfilePage;
|
||||
|
||||
@Override
|
||||
public void configureTestRealm(RealmRepresentation testRealm) {
|
||||
}
|
||||
|
@ -124,7 +119,6 @@ public class PasswordHashingTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
// KEYCLOAK-5282
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public void testPasswordNotRehasedUnchangedIterations() {
|
||||
setPasswordPolicy("");
|
||||
|
||||
|
@ -147,8 +141,7 @@ public class PasswordHashingTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
setPasswordPolicy("hashIterations(" + Pbkdf2Sha256PasswordHashProviderFactory.DEFAULT_ITERATIONS + ")");
|
||||
|
||||
updateProfilePage.open();
|
||||
updateProfilePage.logout();
|
||||
AccountHelper.logout(adminClient.realm("test"), username);
|
||||
|
||||
loginPage.open();
|
||||
loginPage.login(username, "password");
|
||||
|
|
|
@ -28,7 +28,6 @@ import org.keycloak.authentication.forms.RegistrationPassword;
|
|||
import org.keycloak.authentication.forms.RegistrationProfile;
|
||||
import org.keycloak.authentication.forms.RegistrationRecaptcha;
|
||||
import org.keycloak.authentication.forms.RegistrationUserCreation;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.events.Details;
|
||||
import org.keycloak.events.EventType;
|
||||
import org.keycloak.models.AuthenticationExecutionModel;
|
||||
|
@ -37,8 +36,6 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
|||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.AppPage.RequestType;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
|
@ -50,6 +47,7 @@ import org.keycloak.testsuite.util.GreenMailRule;
|
|||
import org.keycloak.testsuite.util.MailUtils;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
|
||||
import jakarta.mail.internet.MimeMessage;
|
||||
import jakarta.ws.rs.core.Response;
|
||||
|
@ -84,9 +82,6 @@ public class RegisterTest extends AbstractTestRealmKeycloakTest {
|
|||
@Page
|
||||
protected VerifyEmailPage verifyEmailPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage accountPage;
|
||||
|
||||
@Rule
|
||||
public GreenMailRule greenMail = new GreenMailRule();
|
||||
|
||||
|
@ -474,7 +469,6 @@ public class RegisterTest extends AbstractTestRealmKeycloakTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public void registerUserUmlats() {
|
||||
loginPage.open();
|
||||
|
||||
|
@ -488,16 +482,10 @@ public class RegisterTest extends AbstractTestRealmKeycloakTest {
|
|||
String userId = events.expectRegister("registeruserumlats", "registeruserumlats@email").assertEvent().getUserId();
|
||||
events.expectLogin().detail("username", "registeruserumlats").user(userId).assertEvent();
|
||||
|
||||
accountPage.open();
|
||||
assertTrue(accountPage.isCurrent());
|
||||
UserRepresentation userRepresentation = AccountHelper.getUserRepresentation(adminClient.realm("test"), "registeruserumlats");
|
||||
|
||||
UserRepresentation user = getUser(userId);
|
||||
Assert.assertNotNull(user);
|
||||
assertEquals("Äǜṳǚǘǖ", user.getFirstName());
|
||||
assertEquals("Öṏṏ", user.getLastName());
|
||||
|
||||
assertEquals("Äǜṳǚǘǖ", accountPage.getFirstName());
|
||||
assertEquals("Öṏṏ", accountPage.getLastName());
|
||||
assertEquals("Äǜṳǚǘǖ", userRepresentation.getFirstName());
|
||||
assertEquals("Öṏṏ", userRepresentation.getLastName());
|
||||
}
|
||||
|
||||
// KEYCLOAK-3266
|
||||
|
|
|
@ -18,7 +18,6 @@ package org.keycloak.testsuite.forms;
|
|||
|
||||
import org.hamcrest.Matchers;
|
||||
import org.jboss.arquillian.drone.api.annotation.Drone;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.admin.client.resource.UserResource;
|
||||
import org.keycloak.authentication.actiontoken.resetcred.ResetCredentialsActionToken;
|
||||
import org.jboss.arquillian.graphene.page.Page;
|
||||
|
@ -39,9 +38,7 @@ import org.keycloak.testsuite.AssertEvents;
|
|||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.auth.page.account.AccountManagement;
|
||||
import org.keycloak.testsuite.federation.kerberos.AbstractKerberosTest;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.AppPage.RequestType;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
|
@ -62,6 +59,9 @@ import org.keycloak.testsuite.util.RealmBuilder;
|
|||
import org.keycloak.testsuite.util.SecondBrowser;
|
||||
import org.keycloak.testsuite.util.UserActionTokenBuilder;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
import org.keycloak.testsuite.util.WaitUtils;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.TestAppHelper;
|
||||
|
||||
import jakarta.mail.MessagingException;
|
||||
import jakarta.mail.internet.MimeMessage;
|
||||
|
@ -77,13 +77,11 @@ import java.util.Map;
|
|||
import java.util.concurrent.atomic.AtomicInteger;
|
||||
|
||||
import org.junit.*;
|
||||
import org.keycloak.testsuite.util.WaitUtils;
|
||||
import org.openqa.selenium.By;
|
||||
import org.openqa.selenium.WebDriver;
|
||||
import org.openqa.selenium.WebElement;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.junit.Assert.*;
|
||||
|
||||
/**
|
||||
|
@ -147,9 +145,6 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
|
|||
@Page
|
||||
protected LoginPasswordUpdatePage updatePasswordPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage account1ProfilePage;
|
||||
|
||||
@Page
|
||||
protected LogoutConfirmPage logoutConfirmPage;
|
||||
|
||||
|
@ -159,7 +154,6 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
|
|||
private int expectedMessagesCount;
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public void resetPasswordLink() throws IOException, MessagingException {
|
||||
String username = "login-test";
|
||||
String resetUri = oauth.AUTH_SERVER_ROOT + "/realms/test/login-actions/reset-credentials";
|
||||
|
@ -198,22 +192,12 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
|
|||
.client("account")
|
||||
.user(userId).detail(Details.USERNAME, username).assertEvent();
|
||||
|
||||
EventRepresentation loginEvent = events.expectLogin().user(userId).detail(Details.USERNAME, username)
|
||||
.detail(Details.REDIRECT_URI, oauth.AUTH_SERVER_ROOT + "/realms/test/account/")
|
||||
.client("account")
|
||||
.assertEvent();
|
||||
String sessionId = loginEvent.getSessionId();
|
||||
AccountHelper.logout(testRealm(), username);
|
||||
|
||||
account1ProfilePage.assertCurrent();
|
||||
account1ProfilePage.logout();
|
||||
TestAppHelper testAppHelper = new TestAppHelper(oauth, loginPage, appPage);
|
||||
testAppHelper.login("login-test", "resetPassword");
|
||||
|
||||
events.expectLogout(sessionId).user(userId).removeDetail(Details.REDIRECT_URI).assertEvent();
|
||||
|
||||
loginPage.open();
|
||||
|
||||
loginPage.login("login-test", "resetPassword");
|
||||
|
||||
events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent();
|
||||
appPage.assertCurrent();
|
||||
|
||||
assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
|
||||
}
|
||||
|
@ -1145,12 +1129,12 @@ public class ResetPasswordTest extends AbstractTestRealmKeycloakTest {
|
|||
try (BrowserTabUtil tabUtil = BrowserTabUtil.getInstanceAndSetEnv(driver)) {
|
||||
assertThat(tabUtil.getCountOfTabs(), Matchers.is(1));
|
||||
|
||||
AccountHelper.logout(testRealm(), "login-test");
|
||||
driver.navigate().to(REQUIRED_URI);
|
||||
resetPasswordTwiceInNewTab(defaultUser, CLIENT_ID, false, REDIRECT_URI, REQUIRED_URI);
|
||||
assertThat(driver.getTitle(), Matchers.equalTo(ACCOUNT_MANAGEMENT_TITLE));
|
||||
|
||||
account1ProfilePage.assertCurrent();
|
||||
account1ProfilePage.logout();
|
||||
AccountHelper.logout(testRealm(), "login-test");
|
||||
|
||||
driver.navigate().to(REQUIRED_URI);
|
||||
resetPasswordTwiceInNewTab(defaultUser, CLIENT_ID, true, REDIRECT_URI, REQUIRED_URI);
|
||||
|
|
|
@ -23,7 +23,6 @@ import org.junit.Assert;
|
|||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.events.Details;
|
||||
import org.keycloak.events.EventType;
|
||||
import org.keycloak.models.UserModel;
|
||||
|
@ -33,9 +32,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
|||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.drone.Different;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.AppPage.RequestType;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
|
@ -67,9 +64,6 @@ public class SSOTest extends AbstractTestRealmKeycloakTest {
|
|||
@Page
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
@Page
|
||||
protected LoginPasswordUpdatePage updatePasswordPage;
|
||||
|
||||
|
@ -81,7 +75,6 @@ public class SSOTest extends AbstractTestRealmKeycloakTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public void loginSuccess() {
|
||||
loginPage.open();
|
||||
loginPage.login("test-user@localhost", "password");
|
||||
|
@ -113,8 +106,7 @@ public class SSOTest extends AbstractTestRealmKeycloakTest {
|
|||
// auth time hasn't changed as we authenticated through SSO cookie
|
||||
Assert.assertEquals(authTime, idToken.getAuth_time());
|
||||
|
||||
profilePage.open();
|
||||
assertTrue(profilePage.isCurrent());
|
||||
appPage.assertCurrent();
|
||||
|
||||
// Expire session
|
||||
testingClient.testing().removeUserSession("test", sessionId);
|
||||
|
|
|
@ -1,81 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite.i18n;
|
||||
|
||||
import org.jboss.arquillian.graphene.page.Page;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:gerbermichi@me.com">Michael Gerber</a>
|
||||
* @author Stan Silvert ssilvert@redhat.com (C) 2016 Red Hat Inc.
|
||||
*/
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public class AccountPageTest extends AbstractI18NTest {
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage accountUpdateProfilePage;
|
||||
|
||||
@Page
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Test
|
||||
public void languageDropdown() {
|
||||
accountUpdateProfilePage.open();
|
||||
loginPage.login("login@test.com", "password");
|
||||
Assert.assertTrue(accountUpdateProfilePage.isCurrent());
|
||||
|
||||
Assert.assertEquals("English", accountUpdateProfilePage.getLanguageDropdownText());
|
||||
|
||||
accountUpdateProfilePage.openLanguage("Deutsch");
|
||||
Assert.assertEquals("Deutsch", accountUpdateProfilePage.getLanguageDropdownText());
|
||||
|
||||
accountUpdateProfilePage.openLanguage("English");
|
||||
Assert.assertEquals("English", accountUpdateProfilePage.getLanguageDropdownText());
|
||||
accountUpdateProfilePage.logout();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testLocalizedReferrerLinkContent() {
|
||||
RealmResource testRealm = testRealm();
|
||||
List<ClientRepresentation> foundClients = testRealm.clients().findByClientId("var-named-test-app");
|
||||
if (foundClients.isEmpty()) {
|
||||
Assert.fail("Unable to find var-named-test-app");
|
||||
}
|
||||
ClientRepresentation namedClient = foundClients.get(0);
|
||||
|
||||
driver.navigate().to(accountUpdateProfilePage.getPath() + "?referrer=" + namedClient.getClientId());
|
||||
loginPage.login("test-user@localhost", "password");
|
||||
Assert.assertTrue(accountUpdateProfilePage.isCurrent());
|
||||
|
||||
accountUpdateProfilePage.openLanguage("Deutsch");
|
||||
Assert.assertEquals("Deutsch", accountUpdateProfilePage.getLanguageDropdownText());
|
||||
|
||||
// When a client has a name provided as a variable, the name should be resolved using a localized bundle and available to the back link
|
||||
Assert.assertEquals("Zur\u00FCck zu Test App Named - Clientkonto", accountUpdateProfilePage.getBackToApplicationLinkText());
|
||||
Assert.assertEquals(namedClient.getBaseUrl(), accountUpdateProfilePage.getBackToApplicationLinkHref());
|
||||
}
|
||||
}
|
|
@ -11,6 +11,7 @@ import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
|
|||
import org.apache.http.client.methods.CloseableHttpResponse;
|
||||
import org.jboss.arquillian.drone.api.annotation.Drone;
|
||||
import org.junit.Before;
|
||||
import org.junit.Ignore;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
|
@ -53,6 +54,8 @@ import java.util.stream.Collectors;
|
|||
|
||||
import jakarta.ws.rs.core.Response;
|
||||
|
||||
// Remove @Ignore when closing Github issue 20643
|
||||
@Ignore
|
||||
public class BackchannelLogoutTest extends AbstractNestedBrokerTest {
|
||||
|
||||
public static final String ACCOUNT_CLIENT_NAME = "account";
|
||||
|
@ -361,7 +364,6 @@ public class BackchannelLogoutTest extends AbstractNestedBrokerTest {
|
|||
|
||||
@Test
|
||||
public void postBackchannelLogoutWithoutSessionIdMultipleOpenSessionDifferentIdentityProvider() throws Exception {
|
||||
|
||||
IdentityProviderRepresentation identityProvider2 = addSecondIdentityProviderToConsumerRealm();
|
||||
String brokerClientIdProviderRealm = getClientId(nbc.providerRealmName(), BROKER_CLIENT_ID);
|
||||
|
||||
|
|
|
@ -36,11 +36,7 @@ import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
|||
import org.keycloak.testsuite.ActionURIUtils;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.pages.OAuthGrantPage;
|
||||
import org.keycloak.testsuite.util.ClientManager;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
|
||||
|
@ -57,18 +53,6 @@ public class OAuth2OnlyTest extends AbstractTestRealmKeycloakTest {
|
|||
@Rule
|
||||
public AssertEvents events = new AssertEvents(this);
|
||||
|
||||
@Page
|
||||
protected AppPage appPage;
|
||||
|
||||
@Page
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
@Page
|
||||
protected OAuthGrantPage grantPage;
|
||||
|
||||
@Page
|
||||
protected ErrorPage errorPage;
|
||||
|
||||
|
|
|
@ -29,7 +29,6 @@ import org.keycloak.representations.idm.EventRepresentation;
|
|||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
|
@ -50,13 +49,9 @@ public abstract class AbstractOIDCScopeTest extends AbstractTestRealmKeycloakTes
|
|||
@Page
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
@Page
|
||||
protected OAuthGrantPage grantPage;
|
||||
|
||||
|
||||
@Page
|
||||
protected ErrorPage errorPage;
|
||||
|
||||
|
@ -98,7 +93,6 @@ public abstract class AbstractOIDCScopeTest extends AbstractTestRealmKeycloakTes
|
|||
expectedScopes.containsAll(receivedScopes) && receivedScopes.containsAll(expectedScopes));
|
||||
}
|
||||
|
||||
|
||||
static class Tokens {
|
||||
final IDToken idToken;
|
||||
final AccessToken accessToken;
|
||||
|
|
|
@ -67,9 +67,6 @@ public class AuthorizationTokenEncryptionTest extends AbstractTestRealmKeycloakT
|
|||
@Page
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
@Page
|
||||
protected OAuthGrantPage grantPage;
|
||||
|
||||
|
|
|
@ -46,7 +46,6 @@ import org.keycloak.testsuite.admin.ApiUtil;
|
|||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||
import org.keycloak.testsuite.client.resources.TestApplicationResourceUrls;
|
||||
import org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
|
@ -75,9 +74,6 @@ public class IdTokenEncryptionTest extends AbstractTestRealmKeycloakTest {
|
|||
@Page
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
@Page
|
||||
protected OAuthGrantPage grantPage;
|
||||
|
||||
|
|
|
@ -69,6 +69,7 @@ import org.keycloak.representations.idm.ComponentRepresentation;
|
|||
import org.keycloak.representations.idm.EventRepresentation;
|
||||
import org.keycloak.representations.idm.KeysMetadataRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.services.resources.RealmsResource;
|
||||
import org.keycloak.services.util.CertificateInfoHelper;
|
||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
|
@ -78,16 +79,12 @@ import org.keycloak.testsuite.admin.ApiUtil;
|
|||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.client.resources.TestApplicationResourceUrls;
|
||||
import org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.pages.OAuthGrantPage;
|
||||
import org.keycloak.testsuite.rest.resource.TestingOIDCEndpointsApplicationResource;
|
||||
import org.keycloak.testsuite.util.ClientManager;
|
||||
import org.keycloak.testsuite.util.KeyUtils;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.testsuite.util.UserInfoClientUtil;
|
||||
import org.keycloak.testsuite.util.*;
|
||||
import org.keycloak.util.JWKSUtils;
|
||||
import org.keycloak.util.JsonSerialization;
|
||||
|
||||
|
@ -95,6 +92,8 @@ import jakarta.ws.rs.client.Client;
|
|||
import jakarta.ws.rs.core.Response;
|
||||
import jakarta.ws.rs.core.UriBuilder;
|
||||
import java.io.IOException;
|
||||
import java.net.URLEncoder;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.PublicKey;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
|
@ -110,8 +109,6 @@ import static org.keycloak.jose.jwe.JWEConstants.RSA_OAEP;
|
|||
import static org.keycloak.jose.jwe.JWEConstants.RSA_OAEP_256;
|
||||
import static org.keycloak.testsuite.admin.ApiUtil.findClientResourceByClientId;
|
||||
|
||||
import org.keycloak.testsuite.util.AdminClientUtil;
|
||||
|
||||
/**
|
||||
* Test for supporting advanced parameters of OIDC specs (max_age, prompt, ...)
|
||||
*
|
||||
|
@ -129,9 +126,6 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
@Page
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
@Page
|
||||
protected OAuthGrantPage grantPage;
|
||||
|
||||
|
@ -313,17 +307,15 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
|
||||
// Prompt=none with consent required for client
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true) // TODO remove this (KEYCLOAK-16228)
|
||||
public void promptNoneConsentRequired() throws Exception {
|
||||
public void promptNoneConsentRequired() {
|
||||
// Require consent
|
||||
ClientManager.realm(adminClient.realm("test")).clientId("test-app").consentRequired(true);
|
||||
|
||||
try {
|
||||
// login to account mgmt.
|
||||
profilePage.open();
|
||||
driver.navigate().to(RealmsResource.accountUrl(UriBuilder.fromUri(getAuthServerRoot())).build("test").toString());
|
||||
assertTrue(loginPage.isCurrent());
|
||||
loginPage.login("test-user@localhost", "password");
|
||||
profilePage.assertCurrent();
|
||||
assertEquals(driver.getCurrentUrl(), getAuthServerRoot() + "realms/test/account/");
|
||||
|
||||
events.expectLogin().client(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID)
|
||||
.removeDetail(Details.REDIRECT_URI)
|
||||
|
@ -416,7 +408,6 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
Assert.assertEquals(oldIdToken.getSessionState(), newIdToken.getSessionState());
|
||||
}
|
||||
|
||||
|
||||
// prompt=consent
|
||||
@Test
|
||||
public void promptConsent() {
|
||||
|
@ -477,9 +468,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
// DISPLAY & OTHERS
|
||||
|
||||
@Test
|
||||
public void nonSupportedParams() {
|
||||
driver.navigate().to(oauth.getLoginFormUrl() + "&display=popup&foo=foobar&claims_locales=fr");
|
||||
|
@ -495,9 +484,8 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
// REQUEST & REQUEST_URI
|
||||
|
||||
@Test
|
||||
public void requestObjectNotRequiredNotProvided() throws Exception {
|
||||
public void requestObjectNotRequiredNotProvided() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -514,7 +502,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectNotRequiredProvidedInRequestParam() throws Exception {
|
||||
public void requestObjectNotRequiredProvidedInRequestParam() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -536,7 +524,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectNotRequiredProvidedInRequestUriParam() throws Exception {
|
||||
public void requestObjectNotRequiredProvidedInRequestUriParam() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -558,7 +546,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectRequiredNotProvided() throws Exception {
|
||||
public void requestObjectRequiredNotProvided() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -578,7 +566,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectRequiredProvidedInRequestParam() throws Exception {
|
||||
public void requestObjectRequiredProvidedInRequestParam() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -604,7 +592,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectSupersedesQueryParameter() throws Exception {
|
||||
public void requestObjectSupersedesQueryParameter() {
|
||||
String stateInRequestObject = "stateInRequestObject";
|
||||
String stateInQueryParameter = "stateInQueryParameter";
|
||||
oauth.stateParamHardcoded(stateInQueryParameter);
|
||||
|
@ -632,7 +620,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectClientIdAndResponseTypeTest() throws Exception {
|
||||
public void requestObjectClientIdAndResponseTypeTest() {
|
||||
oauth.stateParamHardcoded("some-state");
|
||||
|
||||
// Test that "client_id" mandatory in the query even if set in the "request" object
|
||||
|
@ -680,7 +668,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectRequiredProvidedInRequestUriParam() throws Exception {
|
||||
public void requestObjectRequiredProvidedInRequestUriParam() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -706,7 +694,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectRequiredAsRequestParamNotProvided() throws Exception {
|
||||
public void requestObjectRequiredAsRequestParamNotProvided() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -726,7 +714,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectRequiredAsRequestParamProvidedInRequestParam() throws Exception {
|
||||
public void requestObjectRequiredAsRequestParamProvidedInRequestParam() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -752,7 +740,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectRequiredAsRequestParamProvidedInRequestUriParam() throws Exception {
|
||||
public void requestObjectRequiredAsRequestParamProvidedInRequestUriParam() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -777,7 +765,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectRequiredAsRequestUriParamNotProvided() throws Exception {
|
||||
public void requestObjectRequiredAsRequestUriParamNotProvided() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -797,7 +785,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectRequiredAsRequestUriParamProvidedInRequestParam() throws Exception {
|
||||
public void requestObjectRequiredAsRequestUriParamProvidedInRequestParam() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -822,7 +810,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestObjectRequiredAsRequestUriParamProvidedInRequestUriParam() throws Exception {
|
||||
public void requestObjectRequiredAsRequestUriParamProvidedInRequestUriParam() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
// Set request object not required for client
|
||||
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm("test"), "test-app");
|
||||
|
@ -848,7 +836,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestParamUnsigned() throws Exception {
|
||||
public void requestParamUnsigned() {
|
||||
oauth.stateParamHardcoded("mystate2");
|
||||
|
||||
String validRedirectUri = oauth.getRedirectUri();
|
||||
|
@ -876,7 +864,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamUnsigned() throws Exception {
|
||||
public void requestUriParamUnsigned() {
|
||||
String validRedirectUri = oauth.getRedirectUri();
|
||||
TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
|
||||
|
||||
|
@ -899,7 +887,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamWithAllowedRequestUris() throws Exception {
|
||||
public void requestUriParamWithAllowedRequestUris() {
|
||||
String validRedirectUri = oauth.getRedirectUri();
|
||||
TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
|
||||
oidcClientEndpointsResource.setOIDCRequest("test", "test-app", validRedirectUri, "10", "mystate1", "none");
|
||||
|
@ -960,11 +948,10 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
|
||||
// Revert
|
||||
clientMgrBuilder.setRequestUris(TestApplicationResourceUrls.clientRequestUri());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSigned() throws Exception {
|
||||
public void requestUriParamSigned() {
|
||||
String validRedirectUri = oauth.getRedirectUri();
|
||||
TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
|
||||
|
||||
|
@ -1012,7 +999,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
clientResource.update(clientRep);
|
||||
}
|
||||
|
||||
private void requestUriParamSignedIn(String expectedAlgorithm, String actualAlgorithm) throws Exception {
|
||||
private void requestUriParamSignedIn(String expectedAlgorithm, String actualAlgorithm) {
|
||||
ClientResource clientResource = null;
|
||||
ClientRepresentation clientRep = null;
|
||||
try {
|
||||
|
@ -1042,13 +1029,15 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
// set time offset, so that new keys are downloaded
|
||||
setTimeOffset(20);
|
||||
|
||||
oauth.realm("test");
|
||||
oauth.clientId("test-app");
|
||||
oauth.requestUri(TestApplicationResourceUrls.clientRequestUri());
|
||||
if (expectedAlgorithm == null || expectedAlgorithm.equals(actualAlgorithm)) {
|
||||
// Check signed request_uri will pass
|
||||
OAuthClient.AuthorizationEndpointResponse response = oauth.doLogin("test-user@localhost", "password");
|
||||
Assert.assertNotNull(response.getCode());
|
||||
Assert.assertEquals("mystate3", response.getState());
|
||||
assertTrue(appPage.isCurrent());
|
||||
appPage.assertCurrent();
|
||||
} else {
|
||||
// Verify signed request_uri will fail due to failed signature validation
|
||||
oauth.openLoginForm();
|
||||
|
@ -1067,73 +1056,73 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedES256ActualRS256() throws Exception {
|
||||
public void requestUriParamSignedExpectedES256ActualRS256() {
|
||||
// will fail
|
||||
requestUriParamSignedIn(Algorithm.ES256, Algorithm.RS256);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedNoneActualES256() throws Exception {
|
||||
public void requestUriParamSignedExpectedNoneActualES256() {
|
||||
// will fail
|
||||
requestUriParamSignedIn("none", Algorithm.ES256);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedNoneActualNone() throws Exception {
|
||||
public void requestUriParamSignedExpectedNoneActualNone() {
|
||||
// will success
|
||||
requestUriParamSignedIn("none", "none");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedES256ActualES256() throws Exception {
|
||||
public void requestUriParamSignedExpectedES256ActualES256() {
|
||||
// will success
|
||||
requestUriParamSignedIn(Algorithm.ES256, Algorithm.ES256);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedES384ActualES384() throws Exception {
|
||||
public void requestUriParamSignedExpectedES384ActualES384() {
|
||||
// will success
|
||||
requestUriParamSignedIn(Algorithm.ES384, Algorithm.ES384);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedES512ActualES512() throws Exception {
|
||||
public void requestUriParamSignedExpectedES512ActualES512() {
|
||||
// will success
|
||||
requestUriParamSignedIn(Algorithm.ES512, Algorithm.ES512);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedRS384ActualRS384() throws Exception {
|
||||
public void requestUriParamSignedExpectedRS384ActualRS384() {
|
||||
// will success
|
||||
requestUriParamSignedIn(Algorithm.RS384, Algorithm.RS384);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedRS512ActualRS512() throws Exception {
|
||||
public void requestUriParamSignedExpectedRS512ActualRS512() {
|
||||
// will success
|
||||
requestUriParamSignedIn(Algorithm.RS512, Algorithm.RS512);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedPS256ActualPS256() throws Exception {
|
||||
public void requestUriParamSignedExpectedPS256ActualPS256() {
|
||||
// will success
|
||||
requestUriParamSignedIn(Algorithm.PS256, Algorithm.PS256);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedPS384ActualPS384() throws Exception {
|
||||
public void requestUriParamSignedExpectedPS384ActualPS384() {
|
||||
// will success
|
||||
requestUriParamSignedIn(Algorithm.PS384, Algorithm.PS384);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedPS512ActualPS512() throws Exception {
|
||||
public void requestUriParamSignedExpectedPS512ActualPS512() {
|
||||
// will success
|
||||
requestUriParamSignedIn(Algorithm.PS512, Algorithm.PS512);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestUriParamSignedExpectedAnyActualES256() throws Exception {
|
||||
public void requestUriParamSignedExpectedAnyActualES256() {
|
||||
// Algorithm is null if 'any'
|
||||
// will success
|
||||
requestUriParamSignedIn(null, Algorithm.ES256);
|
||||
|
@ -1166,8 +1155,9 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
|
||||
String claimsJson = JsonSerialization.writeValueAsString(claims);
|
||||
|
||||
driver.navigate().to(oauth.getLoginFormUrl() + "&" + OIDCLoginProtocol.CLAIMS_PARAM + "=" + claimsJson);
|
||||
|
||||
driver.navigate().to(oauth.getLoginFormUrl() + "&" + OIDCLoginProtocol.CLAIMS_PARAM + "="
|
||||
+ URLEncoder.encode(claimsJson, StandardCharsets.UTF_8.toString()));
|
||||
|
||||
// need to login so session id can be read from event
|
||||
loginPage.assertCurrent();
|
||||
loginPage.login("test-user@localhost", "password");
|
||||
|
@ -1228,7 +1218,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
@Test
|
||||
public void processClaimsRequestParamSupported() throws Exception {
|
||||
public void processClaimsRequestParamSupported() {
|
||||
String clientScopeId = null;
|
||||
try {
|
||||
for (ClientScopeRepresentation rep : adminClient.realm("test").clientScopes().findAll()) {
|
||||
|
|
|
@ -31,7 +31,6 @@ import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
|||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
|
@ -54,9 +53,6 @@ public class OIDCBackwardsCompatibilityTest extends AbstractTestRealmKeycloakTes
|
|||
@Page
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Page
|
||||
protected AccountUpdateProfilePage profilePage;
|
||||
|
||||
@Page
|
||||
protected OAuthGrantPage grantPage;
|
||||
|
||||
|
@ -100,7 +96,7 @@ public class OIDCBackwardsCompatibilityTest extends AbstractTestRealmKeycloakTes
|
|||
// Open login again and assert session_state not present
|
||||
driver.navigate().to(oauth.getLoginFormUrl());
|
||||
org.keycloak.testsuite.Assert.assertEquals(AppPage.RequestType.AUTH_RESPONSE, appPage.getRequestType());
|
||||
loginEvent = events.expectLogin().detail(Details.USERNAME, "test-user@localhost").assertEvent();
|
||||
events.expectLogin().detail(Details.USERNAME, "test-user@localhost").assertEvent();
|
||||
|
||||
authzResponse = new OAuthClient.AuthorizationEndpointResponse(oauth);
|
||||
Assert.assertNull(authzResponse.getSessionState());
|
||||
|
|
|
@ -5,6 +5,7 @@ import org.keycloak.authentication.authenticators.sessionlimits.UserSessionLimit
|
|||
import org.keycloak.models.AuthenticationFlowModel;
|
||||
import org.keycloak.models.IdentityProviderModel;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.broker.AbstractInitializedBaseBrokerTest;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
@ -16,25 +17,25 @@ import static org.keycloak.testsuite.sessionlimits.UserSessionLimitsUtil.ERROR_T
|
|||
|
||||
public abstract class AbstractUserSessionLimitsBrokerTest extends AbstractInitializedBaseBrokerTest {
|
||||
@Test
|
||||
public void testSessionCountExceededAndNewSessionDeniedFirstBrokerLoginFlow() throws Exception {
|
||||
public void testSessionCountExceededAndNewSessionDeniedFirstBrokerLoginFlow() {
|
||||
configureFlow(UserSessionLimitsAuthenticatorFactory.DENY_NEW_SESSION, "0", "1");
|
||||
loginTwiceAndVerifyBehavior(UserSessionLimitsAuthenticatorFactory.DENY_NEW_SESSION);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSessionCountExceededAndOldestSessionRemovedFirstBrokerLoginFlow() throws Exception {
|
||||
public void testSessionCountExceededAndOldestSessionRemovedFirstBrokerLoginFlow() {
|
||||
configureFlow(UserSessionLimitsAuthenticatorFactory.TERMINATE_OLDEST_SESSION, "0", "1");
|
||||
loginTwiceAndVerifyBehavior(UserSessionLimitsAuthenticatorFactory.TERMINATE_OLDEST_SESSION);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRealmSessionCountExceededAndNewSessionDeniedFirstBrokerLoginFlow() throws Exception {
|
||||
public void testRealmSessionCountExceededAndNewSessionDeniedFirstBrokerLoginFlow() {
|
||||
configureFlow(UserSessionLimitsAuthenticatorFactory.DENY_NEW_SESSION, "1", "0");
|
||||
loginTwiceAndVerifyBehavior(UserSessionLimitsAuthenticatorFactory.DENY_NEW_SESSION);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRealmSessionCountExceededAndOldestFirstBrokerLoginFlow() throws Exception {
|
||||
public void testRealmSessionCountExceededAndOldestFirstBrokerLoginFlow() {
|
||||
configureFlow(UserSessionLimitsAuthenticatorFactory.TERMINATE_OLDEST_SESSION, "1", "0");
|
||||
loginTwiceAndVerifyBehavior(UserSessionLimitsAuthenticatorFactory.TERMINATE_OLDEST_SESSION);
|
||||
}
|
||||
|
@ -63,7 +64,6 @@ public abstract class AbstractUserSessionLimitsBrokerTest extends AbstractInitia
|
|||
|
||||
private void loginTwiceAndVerifyBehavior(String behavior) {
|
||||
logInAsUserInIDPForFirstTime();
|
||||
assertLoggedInAccountManagement();
|
||||
|
||||
deleteAllCookiesForRealm(bc.consumerRealmName());
|
||||
deleteAllCookiesForRealm(bc.providerRealmName());
|
||||
|
@ -71,7 +71,7 @@ public abstract class AbstractUserSessionLimitsBrokerTest extends AbstractInitia
|
|||
logInAsUserInIDP();
|
||||
|
||||
if (UserSessionLimitsAuthenticatorFactory.TERMINATE_OLDEST_SESSION.equals(behavior)) {
|
||||
assertLoggedInAccountManagement();
|
||||
appPage.assertCurrent();
|
||||
testingClient.server(bc.consumerRealmName()).run(assertSessionCount(bc.consumerRealmName(), bc.getUserLogin(), 1));
|
||||
}
|
||||
else if (UserSessionLimitsAuthenticatorFactory.DENY_NEW_SESSION.equals(behavior)) {
|
||||
|
|
|
@ -30,15 +30,25 @@ import java.util.Optional;
|
|||
|
||||
public class AccountHelper {
|
||||
|
||||
private static UserResource getUserResource(RealmResource realm, String username) {
|
||||
public static UserRepresentation getUserRepresentation(RealmResource realm, String username) {
|
||||
Optional<UserRepresentation> userResult = realm.users().search(username, true).stream().findFirst();
|
||||
if (userResult.isEmpty()) {
|
||||
throw new RuntimeException("User with username " + username + " not found");
|
||||
}
|
||||
|
||||
UserRepresentation userRepresentation = userResult.get();
|
||||
UserResource user = realm.users().get(userRepresentation.getId());
|
||||
return user;
|
||||
return userResult.get();
|
||||
}
|
||||
|
||||
private static UserResource getUserResource(RealmResource realm, String username) {
|
||||
UserRepresentation userRepresentation = getUserRepresentation(realm, username);
|
||||
|
||||
return realm.users().get(userRepresentation.getId());
|
||||
}
|
||||
|
||||
public static UserResource updateUser(RealmResource realm, String username, UserRepresentation userRepresentation) {
|
||||
AccountHelper.getUserResource(realm, username).update(userRepresentation);
|
||||
|
||||
return AccountHelper.getUserResource(realm, username);
|
||||
}
|
||||
|
||||
public static boolean updatePassword(RealmResource realm, String username, String password) {
|
||||
|
|
|
@ -24,7 +24,6 @@ import org.keycloak.testsuite.pages.LoginTotpPage;
|
|||
|
||||
import jakarta.ws.rs.core.Response;
|
||||
import java.io.IOException;
|
||||
import java.net.URISyntaxException;
|
||||
|
||||
public class TestAppHelper {
|
||||
private OAuthClient oauth;
|
||||
|
@ -45,7 +44,7 @@ public class TestAppHelper {
|
|||
this.appPage = appPage;
|
||||
}
|
||||
|
||||
public boolean login(String username, String password) throws URISyntaxException, IOException {
|
||||
public boolean login(String username, String password) {
|
||||
startLogin(username, password);
|
||||
|
||||
if (loginPage.isCurrent()) {
|
||||
|
@ -70,7 +69,7 @@ public class TestAppHelper {
|
|||
refreshToken = tokenResponse.getRefreshToken();
|
||||
}
|
||||
|
||||
public boolean login(String username, String password, String otp) throws URISyntaxException, IOException {
|
||||
public boolean login(String username, String password, String otp) {
|
||||
startLogin(username, password);
|
||||
|
||||
loginTotpPage.login(otp);
|
||||
|
@ -83,7 +82,7 @@ public class TestAppHelper {
|
|||
return appPage.isCurrent();
|
||||
}
|
||||
|
||||
public boolean login(String username, String password, String realm, String clientId, String idp) throws URISyntaxException, IOException {
|
||||
public boolean login(String username, String password, String realm, String clientId, String idp) {
|
||||
oauth.clientId(clientId);
|
||||
loginPage.open(realm);
|
||||
loginPage.clickSocial(idp);
|
||||
|
|
Loading…
Reference in a new issue