KEYCLOAK-5273

2017-10-25 10:31:11 -04:00 · 2017-10-25 10:31:11 -04:00 · 8c1a3253fb
commit 8c1a3253fb
parent 74f5c1c160
1 changed files with 176 additions and 0 deletions
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageConsentTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageConsentTest.java
@ -0,0 +1,176 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.keycloak.testsuite.federation.storage;
+
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.graphene.page.Page;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.keycloak.OAuth2Constants;
+import org.keycloak.common.util.MultivaluedHashMap;
+import org.keycloak.models.ClientModel;
+import org.keycloak.models.ClientTemplateModel;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.ProtocolMapperModel;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.UserModel;
+import org.keycloak.protocol.oidc.OIDCLoginProtocol;
+import org.keycloak.protocol.oidc.OIDCLoginProtocolFactory;
+import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
+import org.keycloak.representations.idm.ComponentRepresentation;
+import org.keycloak.representations.idm.RoleRepresentation;
+import org.keycloak.representations.idm.UserRepresentation;
+import org.keycloak.storage.UserStorageProvider;
+import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
+import org.keycloak.testsuite.adapter.page.ProductPortal;
+import org.keycloak.testsuite.adapter.servlet.ProductServlet;
+import org.keycloak.testsuite.admin.ApiUtil;
+import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
+import org.keycloak.testsuite.federation.UserMapStorageFactory;
+import org.keycloak.testsuite.pages.ConsentPage;
+
+import javax.ws.rs.core.Response;
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlEquals;
+import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLoginUrlOf;
+
+/**
+ * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+ * @version $Revision: 1 $
+ */
+@AppServerContainer("auth-server-undertow")
+public class UserStorageConsentTest extends AbstractServletsAdapterTest {
+
+    @Page
+    private ProductPortal productPortal;
+
+    @Page
+    protected ConsentPage consentPage;
+
+
+
+    @Deployment(name = ProductPortal.DEPLOYMENT_NAME)
+    protected static WebArchive productPortal() {
+        return servletDeployment(ProductPortal.DEPLOYMENT_NAME, ProductServlet.class);
+    }
+
+    @Before
+    public void addProvidersBeforeTest() throws URISyntaxException, IOException {
+        ComponentRepresentation memProvider = new ComponentRepresentation();
+        memProvider.setName("memory");
+        memProvider.setProviderId(UserMapStorageFactory.PROVIDER_ID);
+        memProvider.setProviderType(UserStorageProvider.class.getName());
+        memProvider.setConfig(new MultivaluedHashMap<>());
+        memProvider.getConfig().putSingle("priority", Integer.toString(0));
+
+        addComponent(memProvider);
+    }
+
+    protected String addComponent(ComponentRepresentation component) {
+        Response resp = testRealmResource().components().add(component);
+        resp.close();
+        String id = ApiUtil.getCreatedId(resp);
+        getCleanup().addComponentId(id);
+        return id;
+    }
+
+
+
+
+    public static void setupConsent(KeycloakSession session) {
+        RealmModel realm = session.realms().getRealmByName("demo");
+        ClientModel product = session.realms().getClientByClientId("product-portal", realm);
+        product.setConsentRequired(true);
+        ClientTemplateModel clientTemplate = realm.addClientTemplate("template");
+        clientTemplate.setFullScopeAllowed(true);
+        System.err.println("client template protocol mappers size: " + clientTemplate.getProtocolMappers().size());
+
+        for (ProtocolMapperModel mapper : product.getProtocolMappers()) {
+            if (mapper.getProtocol().equals(OIDCLoginProtocol.LOGIN_PROTOCOL)) {
+                if (mapper.getName().equals(OIDCLoginProtocolFactory.USERNAME)
+                        || mapper.getName().equals(OIDCLoginProtocolFactory.EMAIL)
+                        || mapper.getName().equals(OIDCLoginProtocolFactory.GIVEN_NAME)
+                        ) {
+                    ProtocolMapperModel copy = new ProtocolMapperModel();
+                    copy.setName(mapper.getName());
+                    copy.setProtocol(mapper.getProtocol());
+                    Map<String, String> config = new HashMap<>();
+                    config.putAll(mapper.getConfig());
+                    copy.setConfig(config);
+                    copy.setProtocolMapper(mapper.getProtocolMapper());
+                    copy.setConsentText(mapper.getConsentText());
+                    clientTemplate.addProtocolMapper(copy);
+                }
+            }
+            product.removeProtocolMapper(mapper);
+        }
+        product.setClientTemplate(clientTemplate);
+        product.setUseTemplateMappers(true);
+        product.setUseTemplateScope(true);
+        product.setUseTemplateConfig(false);
+    }
+
+    /**
+     * KEYCLOAK-5273
+     *
+     * @throws Exception
+     */
+    @Test
+    public void testLogin() throws Exception {
+        testingClient.server().run(UserStorageConsentTest::setupConsent);
+        UserRepresentation memuser = new UserRepresentation();
+        memuser.setUsername("memuser");
+        String uid = ApiUtil.createUserAndResetPasswordWithAdminClient(testRealmResource(), memuser, "password");
+        System.out.println("uid: " + uid);
+        Assert.assertTrue(uid.startsWith("f:"));  // make sure its federated
+        RoleRepresentation roleRep = adminClient.realm("demo").roles().get("user").toRepresentation();
+        List<RoleRepresentation> roleList = new ArrayList<>();
+        roleList.add(roleRep);
+        adminClient.realm("demo").users().get(uid).roles().realmLevel().add(roleList);
+
+
+
+        productPortal.navigateTo();
+        assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
+        testRealmLoginPage.form().login("memuser", "password");
+        org.keycloak.testsuite.Assert.assertTrue(consentPage.isCurrent());
+        consentPage.confirm();
+        assertCurrentUrlEquals(productPortal.toString());
+        Assert.assertTrue(driver.getPageSource().contains("iPhone"));
+        String logoutUri = OIDCLoginProtocolService.logoutUrl(authServerPage.createUriBuilder())
+                .queryParam(OAuth2Constants.REDIRECT_URI, productPortal.toString())
+                .build("demo").toString();
+
+        driver.navigate().to(logoutUri);
+        assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
+        productPortal.navigateTo();
+        assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
+        testRealmLoginPage.form().login("memuser", "password");
+        assertCurrentUrlEquals(productPortal.toString());
+        Assert.assertTrue(driver.getPageSource().contains("iPhone"));   }
+
+
+
+}