Merge pull request #1814 from pdrozd/federation-tests
Add Federation tests for admin console.
This commit is contained in:
commit
73197332c4
9 changed files with 552 additions and 85 deletions
|
@ -15,7 +15,18 @@
|
||||||
<exclude.console>-</exclude.console>
|
<exclude.console>-</exclude.console>
|
||||||
<exclude.account>-</exclude.account>
|
<exclude.account>-</exclude.account>
|
||||||
</properties>
|
</properties>
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-util-embedded-ldap</artifactId>
|
||||||
|
<exclusions>
|
||||||
|
<exclusion>
|
||||||
|
<groupId>bouncycastle</groupId>
|
||||||
|
<artifactId>bcprov-jdk15</artifactId>
|
||||||
|
</exclusion>
|
||||||
|
</exclusions>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
<build>
|
<build>
|
||||||
<plugins>
|
<plugins>
|
||||||
<plugin>
|
<plugin>
|
||||||
|
|
|
@ -57,7 +57,7 @@ public class AdminConsoleRealm extends AdminConsoleRealmsRoot {
|
||||||
private WebElement rolesLink;
|
private WebElement rolesLink;
|
||||||
@FindBy(partialLinkText = "Identity Providers")
|
@FindBy(partialLinkText = "Identity Providers")
|
||||||
private WebElement identityProvidersLink;
|
private WebElement identityProvidersLink;
|
||||||
@FindBy(partialLinkText = "User Feferation")
|
@FindBy(partialLinkText = "User Federation")
|
||||||
private WebElement userFederationLink;
|
private WebElement userFederationLink;
|
||||||
@FindBy(partialLinkText = "Authentication")
|
@FindBy(partialLinkText = "Authentication")
|
||||||
private WebElement authenticationLink;
|
private WebElement authenticationLink;
|
||||||
|
|
|
@ -0,0 +1,28 @@
|
||||||
|
package org.keycloak.testsuite.console.page.federation;
|
||||||
|
|
||||||
|
import org.jboss.arquillian.graphene.page.Page;
|
||||||
|
import org.keycloak.testsuite.console.page.AdminConsoleCreate;
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @author pdrozd
|
||||||
|
*/
|
||||||
|
public class CreateKerberosUserProvider extends AdminConsoleCreate {
|
||||||
|
|
||||||
|
@Page
|
||||||
|
private KerberosUserProviderForm form;
|
||||||
|
|
||||||
|
public CreateKerberosUserProvider() {
|
||||||
|
setEntity("user-federation");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getUriFragment() {
|
||||||
|
return super.getUriFragment() + "/providers/kerberos";
|
||||||
|
}
|
||||||
|
|
||||||
|
public KerberosUserProviderForm form() {
|
||||||
|
return form;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -1,5 +1,6 @@
|
||||||
package org.keycloak.testsuite.console.page.federation;
|
package org.keycloak.testsuite.console.page.federation;
|
||||||
|
|
||||||
|
import org.jboss.arquillian.graphene.page.Page;
|
||||||
import org.keycloak.testsuite.console.page.AdminConsoleCreate;
|
import org.keycloak.testsuite.console.page.AdminConsoleCreate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -8,6 +9,9 @@ import org.keycloak.testsuite.console.page.AdminConsoleCreate;
|
||||||
*/
|
*/
|
||||||
public class CreateLdapUserProvider extends AdminConsoleCreate {
|
public class CreateLdapUserProvider extends AdminConsoleCreate {
|
||||||
|
|
||||||
|
@Page
|
||||||
|
private LdapUserProviderForm form;
|
||||||
|
|
||||||
public CreateLdapUserProvider() {
|
public CreateLdapUserProvider() {
|
||||||
setEntity("user-federation");
|
setEntity("user-federation");
|
||||||
}
|
}
|
||||||
|
@ -17,4 +21,7 @@ public class CreateLdapUserProvider extends AdminConsoleCreate {
|
||||||
return super.getUriFragment() + "/providers/ldap";
|
return super.getUriFragment() + "/providers/ldap";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public LdapUserProviderForm form() {
|
||||||
|
return form;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,81 @@
|
||||||
|
package org.keycloak.testsuite.console.page.federation;
|
||||||
|
|
||||||
|
import static org.keycloak.testsuite.util.WaitUtils.waitGuiForElement;
|
||||||
|
|
||||||
|
import org.keycloak.testsuite.console.page.fragment.OnOffSwitch;
|
||||||
|
import org.keycloak.testsuite.page.Form;
|
||||||
|
import org.openqa.selenium.By;
|
||||||
|
import org.openqa.selenium.WebElement;
|
||||||
|
import org.openqa.selenium.support.FindBy;
|
||||||
|
import org.openqa.selenium.support.ui.Select;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author pdrozd
|
||||||
|
*/
|
||||||
|
public class KerberosUserProviderForm extends Form {
|
||||||
|
|
||||||
|
@FindBy(id = "consoleDisplayName")
|
||||||
|
private WebElement consoleDisplayNameInput;
|
||||||
|
|
||||||
|
@FindBy(id = "priority")
|
||||||
|
private WebElement priorityInput;
|
||||||
|
|
||||||
|
@FindBy(id = "kerberosRealm")
|
||||||
|
private WebElement kerberosRealmInput;
|
||||||
|
|
||||||
|
@FindBy(id = "serverPrincipal")
|
||||||
|
private WebElement serverPrincipalInput;
|
||||||
|
|
||||||
|
@FindBy(id = "keyTab")
|
||||||
|
private WebElement keyTabInput;
|
||||||
|
|
||||||
|
@FindBy(xpath = ".//div[contains(@class,'onoffswitch') and ./input[@id='debug']]")
|
||||||
|
private OnOffSwitch debug;
|
||||||
|
|
||||||
|
@FindBy(xpath = ".//div[contains(@class,'onoffswitch') and ./input[@id='allowPasswordAuthentication']]")
|
||||||
|
private OnOffSwitch allowPwdAuth;
|
||||||
|
|
||||||
|
@FindBy(id = "editMode")
|
||||||
|
private Select editModeSelect;
|
||||||
|
|
||||||
|
@FindBy(xpath = ".//div[contains(@class,'onoffswitch') and ./input[@id='updateProfileFirstLogin']]")
|
||||||
|
private OnOffSwitch updateProfileFirstLogin;
|
||||||
|
|
||||||
|
public void setConsoleDisplayNameInput(String name) {
|
||||||
|
setInputValue(consoleDisplayNameInput, name);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setPriorityInput(Integer priority) {
|
||||||
|
setInputValue(priorityInput, String.valueOf(priority));
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setKerberosRealmInput(String kerberosRealm) {
|
||||||
|
waitGuiForElement(By.id("kerberosRealm"));
|
||||||
|
setInputValue(kerberosRealmInput, kerberosRealm);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setServerPrincipalInput(String serverPrincipal) {
|
||||||
|
setInputValue(serverPrincipalInput, serverPrincipal);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setKeyTabInput(String keyTab) {
|
||||||
|
setInputValue(keyTabInput, keyTab);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setDebugEnabled(boolean debugEnabled) {
|
||||||
|
this.debug.setOn(debugEnabled);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setAllowPasswordAuthentication(boolean enabled) {
|
||||||
|
allowPwdAuth.setOn(enabled);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void selectEditMode(String mode) {
|
||||||
|
waitGuiForElement(By.id("editMode"));
|
||||||
|
editModeSelect.selectByVisibleText(mode);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setUpdateProfileFirstLogin(boolean enabled) {
|
||||||
|
updateProfileFirstLogin.setOn(enabled);
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,5 +1,8 @@
|
||||||
package org.keycloak.testsuite.console.page.federation;
|
package org.keycloak.testsuite.console.page.federation;
|
||||||
|
|
||||||
|
import static org.keycloak.testsuite.util.WaitUtils.waitAjaxForElement;
|
||||||
|
import static org.keycloak.testsuite.util.WaitUtils.waitGuiForElement;
|
||||||
|
|
||||||
import org.jboss.arquillian.graphene.findby.FindByJQuery;
|
import org.jboss.arquillian.graphene.findby.FindByJQuery;
|
||||||
import org.keycloak.testsuite.console.page.fragment.OnOffSwitch;
|
import org.keycloak.testsuite.console.page.fragment.OnOffSwitch;
|
||||||
import org.keycloak.testsuite.page.Form;
|
import org.keycloak.testsuite.page.Form;
|
||||||
|
@ -8,10 +11,8 @@ import org.openqa.selenium.WebElement;
|
||||||
import org.openqa.selenium.support.FindBy;
|
import org.openqa.selenium.support.FindBy;
|
||||||
import org.openqa.selenium.support.ui.Select;
|
import org.openqa.selenium.support.ui.Select;
|
||||||
|
|
||||||
import static org.keycloak.testsuite.util.WaitUtils.waitGuiForElement;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Created by fkiss.
|
* @author fkiss, pdrozd
|
||||||
*/
|
*/
|
||||||
public class LdapUserProviderForm extends Form {
|
public class LdapUserProviderForm extends Form {
|
||||||
|
|
||||||
|
@ -24,24 +25,33 @@ public class LdapUserProviderForm extends Form {
|
||||||
@FindBy(id = "usernameLDAPAttribute")
|
@FindBy(id = "usernameLDAPAttribute")
|
||||||
private WebElement usernameLDAPAttributeInput;
|
private WebElement usernameLDAPAttributeInput;
|
||||||
|
|
||||||
|
@FindBy(id = "rdnLDAPAttribute")
|
||||||
|
private WebElement rdnLDAPAttributeInput;
|
||||||
|
|
||||||
|
@FindBy(id = "uuidLDAPAttribute")
|
||||||
|
private WebElement uuidLDAPAttributeInput;
|
||||||
|
|
||||||
@FindBy(id = "userObjectClasses")
|
@FindBy(id = "userObjectClasses")
|
||||||
private WebElement userObjectClassesInput;
|
private WebElement userObjectClassesInput;
|
||||||
|
|
||||||
@FindBy(id = "ldapConnectionUrl")
|
@FindBy(id = "ldapConnectionUrl")
|
||||||
private WebElement ldapConnectionUrlInput;
|
private WebElement ldapConnectionUrlInput;
|
||||||
|
|
||||||
@FindBy(id = "ldapBaseDn")
|
|
||||||
private WebElement ldapBaseDnInput;
|
|
||||||
|
|
||||||
@FindBy(id = "ldapUsersDn")
|
@FindBy(id = "ldapUsersDn")
|
||||||
private WebElement ldapUserDnInput;
|
private WebElement ldapUserDnInput;
|
||||||
|
|
||||||
|
@FindBy(id = "authType")
|
||||||
|
private Select authTypeSelect;
|
||||||
|
|
||||||
@FindBy(id = "ldapBindDn")
|
@FindBy(id = "ldapBindDn")
|
||||||
private WebElement ldapBindDnInput;
|
private WebElement ldapBindDnInput;
|
||||||
|
|
||||||
@FindBy(id = "ldapBindCredential")
|
@FindBy(id = "ldapBindCredential")
|
||||||
private WebElement ldapBindCredentialInput;
|
private WebElement ldapBindCredentialInput;
|
||||||
|
|
||||||
|
@FindBy(id = "searchScope")
|
||||||
|
private Select searchScopeSelect;
|
||||||
|
|
||||||
@FindBy(id = "kerberosRealm")
|
@FindBy(id = "kerberosRealm")
|
||||||
private WebElement kerberosRealmInput;
|
private WebElement kerberosRealmInput;
|
||||||
|
|
||||||
|
@ -72,59 +82,173 @@ public class LdapUserProviderForm extends Form {
|
||||||
@FindByJQuery("a:contains('Test authentication')")
|
@FindByJQuery("a:contains('Test authentication')")
|
||||||
private WebElement testAuthenticationButton;
|
private WebElement testAuthenticationButton;
|
||||||
|
|
||||||
@FindByJQuery("div[class='onoffswitch']:eq(0)")
|
@FindByJQuery("a:contains('Synchronize changed users')")
|
||||||
|
private WebElement synchronizeChangedUsersButton;
|
||||||
|
|
||||||
|
@FindByJQuery("button:contains('Synchronize all users')")
|
||||||
|
private WebElement synchronizeAllUsersButton;
|
||||||
|
|
||||||
|
@FindBy(xpath = ".//div[contains(@class,'onoffswitch') and ./input[@id='syncRegistrations']]")
|
||||||
private OnOffSwitch syncRegistrations;
|
private OnOffSwitch syncRegistrations;
|
||||||
|
|
||||||
@FindByJQuery("div[class='onoffswitch']:eq(1)")
|
@FindBy(xpath = ".//div[contains(@class,'onoffswitch') and ./input[@id='connectionPooling']]")
|
||||||
private OnOffSwitch connectionPooling;
|
private OnOffSwitch connectionPooling;
|
||||||
|
|
||||||
@FindByJQuery("div[class='onoffswitch']:eq(2)")
|
@FindBy(xpath = ".//div[contains(@class,'onoffswitch') and ./input[@id='pagination']]")
|
||||||
private OnOffSwitch pagination;
|
private OnOffSwitch pagination;
|
||||||
|
|
||||||
@FindByJQuery("div[class='onoffswitch']:eq(3)")
|
@FindBy(xpath = ".//div[contains(@class,'onoffswitch') and ./input[@id='userAccountControlsAfterPasswordUpdate']]")
|
||||||
|
private OnOffSwitch enableAccountAfterPasswordUpdate;
|
||||||
|
|
||||||
|
@FindBy(xpath = "//div[contains(@class,'onoffswitch') and ./input[@id='allowKerberosAuthentication']]")
|
||||||
private OnOffSwitch allowKerberosAuth;
|
private OnOffSwitch allowKerberosAuth;
|
||||||
|
|
||||||
@FindByJQuery("div[class='onoffswitch']:eq(4)")
|
@FindBy(xpath = ".//div[contains(@class,'onoffswitch') and ./input[@id='debug']]")
|
||||||
private OnOffSwitch debug;
|
private OnOffSwitch debug;
|
||||||
|
|
||||||
@FindByJQuery("div[class='onoffswitch']:eq(5)")
|
@FindBy(xpath = ".//div[contains(@class,'onoffswitch') and ./input[@id='useKerberosForPasswordAuthentication']]")
|
||||||
private OnOffSwitch useKerberosForPwdAuth;
|
private OnOffSwitch useKerberosForPwdAuth;
|
||||||
|
|
||||||
@FindByJQuery("div[class='onoffswitch']:eq(6)")
|
@FindBy(xpath = ".//div[contains(@class,'onoffswitch') and ./input[@id='compositeSwitch']]")
|
||||||
private OnOffSwitch periodicFullSync;
|
private OnOffSwitch periodicFullSync;
|
||||||
|
|
||||||
@FindByJQuery("div[class='onoffswitch']:eq(7)")
|
@FindBy(xpath = ".//div[contains(@class,'onoffswitch') and ./input[@id='changedSyncEnabled']]")
|
||||||
private OnOffSwitch periodicChangedUsersSync;
|
private OnOffSwitch periodicChangedUsersSync;
|
||||||
|
|
||||||
@FindByJQuery("button:contains('Save')")
|
public void setConsoleDisplayNameInput(String name) {
|
||||||
private WebElement saveButton;
|
setInputValue(consoleDisplayNameInput, name);
|
||||||
|
}
|
||||||
|
|
||||||
public void selectEditMode(String mode){
|
public void setPriorityInput(Integer priority) {
|
||||||
|
setInputValue(priorityInput, String.valueOf(priority));
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setUsernameLDAPAttributeInput(String usernameLDAPAttribute) {
|
||||||
|
setInputValue(usernameLDAPAttributeInput, usernameLDAPAttribute);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setRdnLDAPAttributeInput(String rdnLDAPAttribute) {
|
||||||
|
setInputValue(rdnLDAPAttributeInput, rdnLDAPAttribute);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setUuidLDAPAttributeInput(String uuidLDAPAttribute) {
|
||||||
|
setInputValue(uuidLDAPAttributeInput, uuidLDAPAttribute);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setUserObjectClassesInput(String userObjectClasses) {
|
||||||
|
setInputValue(userObjectClassesInput, userObjectClasses);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setLdapConnectionUrlInput(String ldapConnectionUrl) {
|
||||||
|
setInputValue(ldapConnectionUrlInput, ldapConnectionUrl);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setLdapUserDnInput(String ldapUserDn) {
|
||||||
|
setInputValue(ldapUserDnInput, ldapUserDn);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setLdapBindDnInput(String ldapBindDn) {
|
||||||
|
setInputValue(ldapBindDnInput, ldapBindDn);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setLdapBindCredentialInput(String ldapBindCredential) {
|
||||||
|
setInputValue(ldapBindCredentialInput, ldapBindCredential);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setKerberosRealmInput(String kerberosRealm) {
|
||||||
|
waitAjaxForElement(kerberosRealmInput);
|
||||||
|
setInputValue(kerberosRealmInput, kerberosRealm);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setServerPrincipalInput(String serverPrincipal) {
|
||||||
|
waitAjaxForElement(serverPrincipalInput);
|
||||||
|
setInputValue(serverPrincipalInput, serverPrincipal);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setKeyTabInput(String keyTab) {
|
||||||
|
waitAjaxForElement(keyTabInput);
|
||||||
|
setInputValue(keyTabInput, keyTab);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setBatchSizeForSyncInput(String batchSizeForSync) {
|
||||||
|
setInputValue(batchSizeForSyncInput, batchSizeForSync);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void selectEditMode(String mode) {
|
||||||
waitGuiForElement(By.id("editMode"));
|
waitGuiForElement(By.id("editMode"));
|
||||||
editModeSelect.selectByVisibleText(mode);
|
editModeSelect.selectByVisibleText(mode);
|
||||||
}
|
}
|
||||||
|
|
||||||
public void selectVendor(String vendor){
|
public void selectVendor(String vendor) {
|
||||||
waitGuiForElement(By.id("editMode"));
|
waitGuiForElement(By.id("vendor"));
|
||||||
vendorSelect.selectByVisibleText(vendor);
|
vendorSelect.selectByVisibleText(vendor);
|
||||||
}
|
}
|
||||||
|
|
||||||
public void configureLdap(String displayName, String editMode, String vendor, String connectionUrl, String userDN, String ldapBindDn, String ldapBindCredential){
|
public void selectAuthenticationType(String authenticationType) {
|
||||||
consoleDisplayNameInput.sendKeys(displayName);
|
waitGuiForElement(By.id("authType"));
|
||||||
editModeSelect.selectByVisibleText(editMode);
|
authTypeSelect.selectByVisibleText(authenticationType);
|
||||||
selectVendor(vendor);
|
|
||||||
ldapConnectionUrlInput.sendKeys(connectionUrl);
|
|
||||||
ldapUserDnInput.sendKeys(userDN);
|
|
||||||
ldapBindDnInput.sendKeys(ldapBindDn);
|
|
||||||
ldapBindCredentialInput.sendKeys(ldapBindCredential);
|
|
||||||
saveButton.click();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testConnection(){
|
public void selectSearchScope(String searchScope) {
|
||||||
|
waitGuiForElement(By.id("searchScope"));
|
||||||
|
searchScopeSelect.selectByVisibleText(searchScope);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setSyncRegistrationsEnabled(boolean syncRegistrationsEnabled) {
|
||||||
|
this.syncRegistrations.setOn(syncRegistrationsEnabled);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setConnectionPoolingEnabled(boolean connectionPoolingEnabled) {
|
||||||
|
this.connectionPooling.setOn(connectionPoolingEnabled);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setPaginationEnabled(boolean paginationEnabled) {
|
||||||
|
this.pagination.setOn(paginationEnabled);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setAccountAfterPasswordUpdateEnabled(boolean enabled) {
|
||||||
|
if ((!enableAccountAfterPasswordUpdate.isOn() && enabled)
|
||||||
|
|| !enabled && enableAccountAfterPasswordUpdate.isOn()) {
|
||||||
|
driver.findElement(By
|
||||||
|
.xpath("//div[contains(@class,'onoffswitch') and ./input[@id='userAccountControlsAfterPasswordUpdate']]"))
|
||||||
|
.findElements(By.tagName("span")).get(0).click();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setAllowKerberosAuthEnabled(boolean enabled) {
|
||||||
|
if ((!allowKerberosAuth.isOn() && enabled) || !enabled && allowKerberosAuth.isOn()) {
|
||||||
|
driver.findElement(
|
||||||
|
By.xpath("//div[contains(@class,'onoffswitch') and ./input[@id='allowKerberosAuthentication']]"))
|
||||||
|
.findElements(By.tagName("span")).get(0).click();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setDebugEnabled(boolean debugEnabled) {
|
||||||
|
this.debug.setOn(debugEnabled);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setUseKerberosForPwdAuthEnabled(boolean useKerberosForPwdAuthEnabled) {
|
||||||
|
this.useKerberosForPwdAuth.setOn(useKerberosForPwdAuthEnabled);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setPeriodicFullSyncEnabled(boolean periodicFullSyncEnabled) {
|
||||||
|
this.periodicFullSync.setOn(periodicFullSyncEnabled);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setPeriodicChangedUsersSyncEnabled(boolean periodicChangedUsersSyncEnabled) {
|
||||||
|
this.periodicChangedUsersSync.setOn(periodicChangedUsersSyncEnabled);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testConnection() {
|
||||||
testConnectionButton.click();
|
testConnectionButton.click();
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testAuthentication(){
|
public void testAuthentication() {
|
||||||
testAuthenticationButton.click();
|
testAuthenticationButton.click();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void synchronizeAllUsers() {
|
||||||
|
waitAjaxForElement(synchronizeAllUsersButton);
|
||||||
|
synchronizeAllUsersButton.click();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,75 @@
|
||||||
|
package org.keycloak.testsuite.console.federation;
|
||||||
|
|
||||||
|
import static org.junit.Assert.assertEquals;
|
||||||
|
|
||||||
|
import org.jboss.arquillian.graphene.page.Page;
|
||||||
|
import org.junit.Test;
|
||||||
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
|
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
|
||||||
|
import org.keycloak.testsuite.console.AbstractConsoleTest;
|
||||||
|
import org.keycloak.testsuite.console.page.federation.CreateKerberosUserProvider;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author pdrozd
|
||||||
|
*/
|
||||||
|
public class KerberosUserFederationTest extends AbstractConsoleTest {
|
||||||
|
|
||||||
|
private static final String UNSYNCED = "UNSYNCED";
|
||||||
|
|
||||||
|
private static final String READ_ONLY = "READ_ONLY";
|
||||||
|
|
||||||
|
@Page
|
||||||
|
private CreateKerberosUserProvider createKerberosUserProvider;
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void configureKerberosProvider() {
|
||||||
|
createKerberosUserProvider.navigateTo();
|
||||||
|
createKerberosUserProvider.form().setConsoleDisplayNameInput("kerberos");
|
||||||
|
createKerberosUserProvider.form().setKerberosRealmInput("KEYCLOAK.ORG");
|
||||||
|
createKerberosUserProvider.form().setServerPrincipalInput("HTTP/localhost@KEYCLOAK.ORG");
|
||||||
|
createKerberosUserProvider.form().setKeyTabInput("http.keytab");
|
||||||
|
createKerberosUserProvider.form().setDebugEnabled(true);
|
||||||
|
createKerberosUserProvider.form().setAllowPasswordAuthentication(true);
|
||||||
|
createKerberosUserProvider.form().selectEditMode(READ_ONLY);
|
||||||
|
createKerberosUserProvider.form().setUpdateProfileFirstLogin(true);
|
||||||
|
createKerberosUserProvider.form().save();
|
||||||
|
assertFlashMessageSuccess();
|
||||||
|
RealmRepresentation realm = testRealmResource().toRepresentation();
|
||||||
|
UserFederationProviderRepresentation ufpr = realm.getUserFederationProviders().get(0);
|
||||||
|
assertKerberosSetings(ufpr, "KEYCLOAK.ORG", "HTTP/localhost@KEYCLOAK.ORG", "http.keytab", "true", "true", "true");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void invalidSettingsTest() {
|
||||||
|
createKerberosUserProvider.navigateTo();
|
||||||
|
createKerberosUserProvider.form().setConsoleDisplayNameInput("kerberos");
|
||||||
|
createKerberosUserProvider.form().setServerPrincipalInput("HTTP/localhost@KEYCLOAK.ORG");
|
||||||
|
createKerberosUserProvider.form().setKeyTabInput("http.keytab");
|
||||||
|
createKerberosUserProvider.form().setDebugEnabled(true);
|
||||||
|
createKerberosUserProvider.form().setAllowPasswordAuthentication(true);
|
||||||
|
createKerberosUserProvider.form().selectEditMode(UNSYNCED);
|
||||||
|
createKerberosUserProvider.form().setUpdateProfileFirstLogin(true);
|
||||||
|
createKerberosUserProvider.form().save();
|
||||||
|
assertFlashMessageDanger();
|
||||||
|
createKerberosUserProvider.form().setServerPrincipalInput("");
|
||||||
|
createKerberosUserProvider.form().setKerberosRealmInput("KEYCLOAK.ORG");;
|
||||||
|
createKerberosUserProvider.form().save();
|
||||||
|
assertFlashMessageDanger();
|
||||||
|
createKerberosUserProvider.form().setServerPrincipalInput("HTTP/localhost@KEYCLOAK.ORG");;
|
||||||
|
createKerberosUserProvider.form().setKeyTabInput("");
|
||||||
|
createKerberosUserProvider.form().save();
|
||||||
|
assertFlashMessageDanger();
|
||||||
|
createKerberosUserProvider.form().setKeyTabInput("http.keytab");;
|
||||||
|
createKerberosUserProvider.form().save();
|
||||||
|
assertFlashMessageSuccess();
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertKerberosSetings(UserFederationProviderRepresentation ufpr, String kerberosRealm, String serverPrincipal, String keyTab, String debug, String useKerberosForPasswordAuthentication, String updateProfileFirstLogin) {
|
||||||
|
assertEquals(kerberosRealm, ufpr.getConfig().get("kerberosRealm"));
|
||||||
|
assertEquals(serverPrincipal, ufpr.getConfig().get("serverPrincipal"));
|
||||||
|
assertEquals(keyTab, ufpr.getConfig().get("keyTab"));
|
||||||
|
assertEquals(debug, ufpr.getConfig().get("debug"));
|
||||||
|
assertEquals(useKerberosForPasswordAuthentication, ufpr.getConfig().get("allowKerberosAuthentication"));
|
||||||
|
assertEquals(updateProfileFirstLogin, ufpr.getConfig().get("updateProfileFirstLogin"));
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,71 +1,192 @@
|
||||||
package org.keycloak.testsuite.console.federation;
|
package org.keycloak.testsuite.console.federation;
|
||||||
|
|
||||||
|
import static org.junit.Assert.assertEquals;
|
||||||
|
|
||||||
|
import java.util.Properties;
|
||||||
|
|
||||||
import org.jboss.arquillian.graphene.page.Page;
|
import org.jboss.arquillian.graphene.page.Page;
|
||||||
import org.junit.*;
|
import org.junit.Test;
|
||||||
import org.keycloak.models.LDAPConstants;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
|
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
|
||||||
import org.keycloak.representations.idm.UserRepresentation;
|
|
||||||
import org.keycloak.testsuite.console.AbstractConsoleTest;
|
import org.keycloak.testsuite.console.AbstractConsoleTest;
|
||||||
import org.keycloak.testsuite.console.page.federation.LdapUserProviderForm;
|
import org.keycloak.testsuite.console.page.federation.CreateLdapUserProvider;
|
||||||
import org.keycloak.testsuite.console.page.federation.UserFederation;
|
import org.keycloak.util.ldap.LDAPEmbeddedServer;
|
||||||
import org.keycloak.testsuite.console.page.users.Users;
|
|
||||||
import org.keycloak.testsuite.util.LDAPTestConfiguration;
|
|
||||||
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
import static org.junit.Assert.assertTrue;
|
|
||||||
import static org.keycloak.representations.idm.CredentialRepresentation.PASSWORD;
|
|
||||||
import static org.keycloak.testsuite.admin.Users.setPasswordFor;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Created by fkiss.
|
* @author fkiss, pdrozd
|
||||||
*/
|
*/
|
||||||
public class LdapUserFederationTest extends AbstractConsoleTest {
|
public class LdapUserFederationTest extends AbstractConsoleTest {
|
||||||
|
|
||||||
@Page
|
private static final String UNSYNCED = "UNSYNCED";
|
||||||
private LdapUserProviderForm ldapUserProviderForm;
|
|
||||||
|
private static final String READ_ONLY = "READ_ONLY";
|
||||||
|
|
||||||
|
private static final String RED_HAT_DIRECTORY_SERVER = "Red Hat Directory Server";
|
||||||
|
|
||||||
|
private static final String WRITABLE = "WRITABLE";
|
||||||
|
|
||||||
|
private static final String ACTIVE_DIRECTORY = "Active Directory";
|
||||||
|
|
||||||
@Page
|
@Page
|
||||||
private UserFederation userFederationPage;
|
private CreateLdapUserProvider createLdapUserProvider;
|
||||||
|
|
||||||
@Page
|
|
||||||
private Users usersPage;
|
|
||||||
|
|
||||||
@Before
|
|
||||||
public void beforeTestLdapUserFederation() {
|
|
||||||
//configure().userFederation();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Ignore
|
|
||||||
@Test
|
@Test
|
||||||
public void addAndConfigureProvider() {
|
public void configureAdProvider() {
|
||||||
adminConsolePage.navigateTo();
|
createLdapUserProvider.navigateTo();
|
||||||
testRealmLoginPage.form().login(testUser);
|
createLdapUserProvider.form().selectVendor(ACTIVE_DIRECTORY);
|
||||||
|
createLdapUserProvider.form().setConsoleDisplayNameInput("ldap");
|
||||||
|
createLdapUserProvider.form().selectEditMode(WRITABLE);
|
||||||
|
createLdapUserProvider.form().setLdapConnectionUrlInput("ldap://localhost:389");
|
||||||
|
createLdapUserProvider.form().setLdapBindDnInput("KEYCLOAK/Administrator");
|
||||||
|
createLdapUserProvider.form().setLdapUserDnInput("ou=People,dc=keycloak,dc=org");
|
||||||
|
createLdapUserProvider.form().setLdapBindCredentialInput("secret");
|
||||||
|
createLdapUserProvider.form().setAccountAfterPasswordUpdateEnabled(false);
|
||||||
|
// enable kerberos
|
||||||
|
createLdapUserProvider.form().setAllowKerberosAuthEnabled(true);
|
||||||
|
createLdapUserProvider.form().setKerberosRealmInput("KEYCLOAK.ORG");
|
||||||
|
createLdapUserProvider.form().setServerPrincipalInput("HTTP/localhost@KEYCLOAK.ORG");
|
||||||
|
createLdapUserProvider.form().setKeyTabInput("http.keytab");
|
||||||
|
createLdapUserProvider.form().setDebugEnabled(true);
|
||||||
|
createLdapUserProvider.form().save();
|
||||||
|
assertFlashMessageSuccess();
|
||||||
|
|
||||||
String name = "ldapname";
|
RealmRepresentation realm = testRealmResource().toRepresentation();
|
||||||
|
UserFederationProviderRepresentation ufpr = realm.getUserFederationProviders().get(0);
|
||||||
String LDAP_CONNECTION_PROPERTIES_LOCATION = "ldap/ldap-connection.properties";
|
assertLdapProviderSetting(ufpr, "ldap", 0, WRITABLE, "false", "ad", "1", "true", "true", "false");
|
||||||
LDAPTestConfiguration ldapTestConfiguration = LDAPTestConfiguration.readConfiguration(LDAP_CONNECTION_PROPERTIES_LOCATION);
|
assertLdapBasicMapping(ufpr, "cn", "cn", "objectGUID", "person, organizationalPerson, user",
|
||||||
|
"ou=People,dc=keycloak,dc=org");
|
||||||
UserRepresentation newUser = new UserRepresentation();
|
assertLdapSyncSetings(ufpr, "1000", 0, 0);
|
||||||
String testUsername = "defaultrole tester";
|
assertLdapKerberosSetings(ufpr, "KEYCLOAK.ORG", "HTTP/localhost@KEYCLOAK.ORG", "http.keytab", "true", "false");
|
||||||
newUser.setUsername(testUsername);
|
|
||||||
setPasswordFor(newUser, PASSWORD);
|
|
||||||
|
|
||||||
Map<String,String> ldapConfig = ldapTestConfiguration.getLDAPConfig();
|
|
||||||
|
|
||||||
//addLdapProviderTest
|
|
||||||
configure().userFederation();
|
|
||||||
userFederationPage.addProvider("ldap");
|
|
||||||
ldapUserProviderForm.configureLdap(ldapConfig.get(LDAPConstants.LDAP_PROVIDER), ldapConfig.get(LDAPConstants.EDIT_MODE), ldapConfig.get(LDAPConstants.VENDOR), ldapConfig.get(LDAPConstants.CONNECTION_URL), ldapConfig.get(LDAPConstants.USERS_DN), ldapConfig.get(LDAPConstants.BIND_DN), ldapConfig.get(LDAPConstants.BIND_CREDENTIAL));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Ignore
|
|
||||||
@Test
|
@Test
|
||||||
public void caseSensitiveSearch() {
|
public void configureRhdsProvider() {
|
||||||
// This should fail for now due to case-sensitivity
|
createLdapUserProvider.navigateTo();
|
||||||
adminConsolePage.navigateTo();
|
createLdapUserProvider.form().selectVendor(RED_HAT_DIRECTORY_SERVER);
|
||||||
testRealmLoginPage.form().login("johnKeycloak", "Password1");
|
createLdapUserProvider.form().setConsoleDisplayNameInput("ldap");
|
||||||
assertTrue(flashMessage.getText(), flashMessage.isDanger());
|
createLdapUserProvider.form().selectEditMode(READ_ONLY);
|
||||||
|
createLdapUserProvider.form().setLdapConnectionUrlInput("ldap://localhost:389");
|
||||||
|
createLdapUserProvider.form().setLdapBindDnInput("uid=admin,ou=system");
|
||||||
|
createLdapUserProvider.form().setLdapUserDnInput("ou=People,dc=keycloak,dc=org");
|
||||||
|
createLdapUserProvider.form().setLdapBindCredentialInput("secret");
|
||||||
|
createLdapUserProvider.form().save();
|
||||||
|
assertFlashMessageSuccess();
|
||||||
|
|
||||||
|
RealmRepresentation realm = testRealmResource().toRepresentation();
|
||||||
|
UserFederationProviderRepresentation ufpr = realm.getUserFederationProviders().get(0);
|
||||||
|
assertLdapProviderSetting(ufpr, "ldap", 0, READ_ONLY, "false", "rhds", "1", "true", "true", "true");
|
||||||
|
assertLdapBasicMapping(ufpr, "uid", "uid", "nsuniqueid", "inetOrgPerson, organizationalPerson",
|
||||||
|
"ou=People,dc=keycloak,dc=org");
|
||||||
|
assertLdapSyncSetings(ufpr, "1000", 0, 0);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
@Test
|
||||||
|
public void invalidSettingsTest() {
|
||||||
|
createLdapUserProvider.navigateTo();
|
||||||
|
createLdapUserProvider.form().selectVendor(ACTIVE_DIRECTORY);
|
||||||
|
createLdapUserProvider.form().setConsoleDisplayNameInput("ldap");
|
||||||
|
createLdapUserProvider.form().selectEditMode(UNSYNCED);
|
||||||
|
createLdapUserProvider.form().setLdapBindDnInput("uid=admin,ou=system");
|
||||||
|
createLdapUserProvider.form().setLdapUserDnInput("ou=People,dc=keycloak,dc=org");
|
||||||
|
createLdapUserProvider.form().setLdapBindCredentialInput("secret");
|
||||||
|
createLdapUserProvider.form().save();
|
||||||
|
assertFlashMessageDanger();
|
||||||
|
createLdapUserProvider.form().setLdapUserDnInput("");
|
||||||
|
createLdapUserProvider.form().setLdapConnectionUrlInput("ldap://localhost:389");
|
||||||
|
createLdapUserProvider.form().save();
|
||||||
|
assertFlashMessageDanger();
|
||||||
|
createLdapUserProvider.form().setLdapUserDnInput("ou=People,dc=keycloak,dc=org");
|
||||||
|
createLdapUserProvider.form().setLdapBindDnInput("");
|
||||||
|
createLdapUserProvider.form().save();
|
||||||
|
assertFlashMessageDanger();
|
||||||
|
createLdapUserProvider.form().setLdapBindDnInput("uid=admin,ou=system");
|
||||||
|
createLdapUserProvider.form().setLdapBindCredentialInput("");
|
||||||
|
createLdapUserProvider.form().save();
|
||||||
|
assertFlashMessageDanger();
|
||||||
|
createLdapUserProvider.form().setLdapBindCredentialInput("secret");
|
||||||
|
createLdapUserProvider.form().save();
|
||||||
|
assertFlashMessageSuccess();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testConnection() throws Exception {
|
||||||
|
createLdapUserProvider.navigateTo();
|
||||||
|
createLdapUserProvider.form().selectVendor("Other");
|
||||||
|
createLdapUserProvider.form().setConsoleDisplayNameInput("ldap");
|
||||||
|
createLdapUserProvider.form().selectEditMode(WRITABLE);
|
||||||
|
createLdapUserProvider.form().setLdapConnectionUrlInput("ldap://localhost:10389");
|
||||||
|
createLdapUserProvider.form().setLdapBindDnInput("uid=admin,ou=system");
|
||||||
|
createLdapUserProvider.form().setLdapUserDnInput("ou=People,dc=keycloak,dc=org");
|
||||||
|
createLdapUserProvider.form().setLdapBindCredentialInput("secret");
|
||||||
|
createLdapUserProvider.form().setAccountAfterPasswordUpdateEnabled(true);
|
||||||
|
createLdapUserProvider.form().save();
|
||||||
|
assertFlashMessageSuccess();
|
||||||
|
LDAPEmbeddedServer ldapServer = null;
|
||||||
|
try {
|
||||||
|
ldapServer = startEmbeddedLdapServer();
|
||||||
|
createLdapUserProvider.form().testConnection();
|
||||||
|
assertFlashMessageSuccess();
|
||||||
|
createLdapUserProvider.form().testAuthentication();
|
||||||
|
assertFlashMessageSuccess();
|
||||||
|
createLdapUserProvider.form().synchronizeAllUsers();
|
||||||
|
assertFlashMessageSuccess();
|
||||||
|
createLdapUserProvider.form().setLdapBindCredentialInput("secret1");
|
||||||
|
createLdapUserProvider.form().testAuthentication();
|
||||||
|
assertFlashMessageDanger();
|
||||||
|
} finally {
|
||||||
|
if (ldapServer != null) {
|
||||||
|
ldapServer.stop();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertLdapProviderSetting(UserFederationProviderRepresentation ufpr, String name, int priority,
|
||||||
|
String editMode, String syncRegistrations, String vendor, String searchScope, String connectionPooling,
|
||||||
|
String pagination, String enableAccountAfterPasswordUpdate) {
|
||||||
|
assertEquals(name, ufpr.getDisplayName());
|
||||||
|
assertEquals(priority, ufpr.getPriority());
|
||||||
|
assertEquals(editMode, ufpr.getConfig().get("editMode"));
|
||||||
|
assertEquals(syncRegistrations, ufpr.getConfig().get("syncRegistrations"));
|
||||||
|
assertEquals(vendor, ufpr.getConfig().get("vendor"));
|
||||||
|
assertEquals(searchScope, ufpr.getConfig().get("searchScope"));
|
||||||
|
assertEquals(connectionPooling, ufpr.getConfig().get("connectionPooling"));
|
||||||
|
assertEquals(pagination, ufpr.getConfig().get("pagination"));
|
||||||
|
assertEquals(enableAccountAfterPasswordUpdate, ufpr.getConfig().get("userAccountControlsAfterPasswordUpdate"));
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertLdapBasicMapping(UserFederationProviderRepresentation ufpr, String usernameLdapAttribute,
|
||||||
|
String rdnLdapAttr, String uuidLdapAttr, String userObjectClasses, String userDN) {
|
||||||
|
assertEquals(usernameLdapAttribute, ufpr.getConfig().get("usernameLDAPAttribute"));
|
||||||
|
assertEquals(rdnLdapAttr, ufpr.getConfig().get("rdnLDAPAttribute"));
|
||||||
|
assertEquals(uuidLdapAttr, ufpr.getConfig().get("uuidLDAPAttribute"));
|
||||||
|
assertEquals(userObjectClasses, ufpr.getConfig().get("userObjectClasses"));
|
||||||
|
assertEquals(userDN, ufpr.getConfig().get("usersDn"));
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertLdapKerberosSetings(UserFederationProviderRepresentation ufpr, String kerberosRealm,
|
||||||
|
String serverPrincipal, String keyTab, String debug, String useKerberosForPasswordAuthentication) {
|
||||||
|
assertEquals(kerberosRealm, ufpr.getConfig().get("kerberosRealm"));
|
||||||
|
assertEquals(serverPrincipal, ufpr.getConfig().get("serverPrincipal"));
|
||||||
|
assertEquals(keyTab, ufpr.getConfig().get("keyTab"));
|
||||||
|
assertEquals(debug, ufpr.getConfig().get("debug"));
|
||||||
|
assertEquals(useKerberosForPasswordAuthentication,
|
||||||
|
ufpr.getConfig().get("useKerberosForPasswordAuthentication"));
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertLdapSyncSetings(UserFederationProviderRepresentation ufpr, String batchSize,
|
||||||
|
int periodicFullSync, int periodicChangedUsersSync) {
|
||||||
|
assertEquals(batchSize, ufpr.getConfig().get("batchSizeForSync"));
|
||||||
|
assertEquals(periodicFullSync, ufpr.getFullSyncPeriod());
|
||||||
|
assertEquals(periodicChangedUsersSync, ufpr.getChangedSyncPeriod());
|
||||||
|
}
|
||||||
|
|
||||||
|
private LDAPEmbeddedServer startEmbeddedLdapServer() throws Exception {
|
||||||
|
Properties defaultProperties = new Properties();
|
||||||
|
defaultProperties.setProperty(LDAPEmbeddedServer.PROPERTY_DSF, LDAPEmbeddedServer.DSF_INMEMORY);
|
||||||
|
defaultProperties.setProperty(LDAPEmbeddedServer.PROPERTY_LDIF_FILE, "classpath:ldap/users.ldif");
|
||||||
|
LDAPEmbeddedServer ldapEmbeddedServer = new LDAPEmbeddedServer(defaultProperties);
|
||||||
|
ldapEmbeddedServer.init();
|
||||||
|
ldapEmbeddedServer.start();
|
||||||
|
return ldapEmbeddedServer;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,20 @@
|
||||||
|
dn: dc=keycloak,dc=org
|
||||||
|
objectclass: dcObject
|
||||||
|
objectclass: organization
|
||||||
|
o: Keycloak
|
||||||
|
dc: Keycloak
|
||||||
|
|
||||||
|
dn: ou=People,dc=keycloak,dc=org
|
||||||
|
objectclass: top
|
||||||
|
objectclass: organizationalUnit
|
||||||
|
ou: People
|
||||||
|
|
||||||
|
dn: ou=RealmRoles,dc=keycloak,dc=org
|
||||||
|
objectclass: top
|
||||||
|
objectclass: organizationalUnit
|
||||||
|
ou: RealmRoles
|
||||||
|
|
||||||
|
dn: ou=FinanceRoles,dc=keycloak,dc=org
|
||||||
|
objectclass: top
|
||||||
|
objectclass: organizationalUnit
|
||||||
|
ou: FinanceRoles
|
Loading…
Reference in a new issue