Merge pull request #2765 from stianst/master

KEYCLOAK-2932 KEYCLOAK-2934
This commit is contained in:
Stian Thorgersen 2016-04-28 14:29:22 +02:00
commit a206a6d16d
4 changed files with 44 additions and 48 deletions

View file

@ -337,7 +337,7 @@ public class LoginTest extends TestRealmKeycloakTest {
try {
// Setting offset to more than one day to force password update
// elapsedTime > timeToExpire
Time.setOffset(86405);
setTimeOffset(86405);
loginPage.open();
@ -347,6 +347,8 @@ public class LoginTest extends TestRealmKeycloakTest {
updatePasswordPage.changePassword("updatedPassword", "updatedPassword");
setTimeOffset(0);
events.expectRequiredAction(EventType.UPDATE_PASSWORD).user(userId).detail(Details.USERNAME, "login-test").assertEvent();
assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
@ -359,8 +361,6 @@ public class LoginTest extends TestRealmKeycloakTest {
UserBuilder userBuilder = UserBuilder.edit(userRsc.toRepresentation())
.password("password");
userRsc.update(userBuilder.build());
Time.setOffset(0);
}
}
@ -371,7 +371,7 @@ public class LoginTest extends TestRealmKeycloakTest {
try {
// Setting offset to less than one day to avoid forced password update
// elapsedTime < timeToExpire
Time.setOffset(86205);
setTimeOffset(86205);
loginPage.open();
@ -380,42 +380,38 @@ public class LoginTest extends TestRealmKeycloakTest {
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent();
setTimeOffset(0);
events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent();
} finally {
setPasswordPolicy(null);
Time.setOffset(0);
}
}
@Test
public void loginNoTimeoutWithLongWait() {
try {
loginPage.open();
loginPage.open();
Time.setOffset(1700);
setTimeOffset(1700);
loginPage.login("login-test", "password");
loginPage.login("login-test", "password");
events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent().getSessionId();
} finally {
Time.setOffset(0);
}
setTimeOffset(0);
events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent().getSessionId();
}
@Test
public void loginTimeout() {
try {
loginPage.open();
loginPage.open();
Time.setOffset(1850);
setTimeOffset(1850);
loginPage.login("login-test", "password");
loginPage.login("login-test", "password");
events.expectLogin().clearDetails().detail(Details.CODE_ID, AssertEvents.isCodeId()).user((String) null).session((String) null).error("expired_code").assertEvent().getSessionId();
} finally {
Time.setOffset(0);
}
setTimeOffset(0);
events.expectLogin().clearDetails().detail(Details.CODE_ID, AssertEvents.isCodeId()).user((String) null).session((String) null).error("expired_code").assertEvent().getSessionId();
}
@Test
@ -485,26 +481,22 @@ public class LoginTest extends TestRealmKeycloakTest {
// KEYCLOAK-1037
@Test
public void loginExpiredCode() {
try {
loginPage.open();
Time.setOffset(5000);
testingClient.testing().removeExpired("test");
loginPage.open();
setTimeOffset(5000);
testingClient.testing().removeExpired("test");
loginPage.login("login@test.com", "password");
loginPage.login("login@test.com", "password");
//loginPage.assertCurrent();
loginPage.assertCurrent();
//loginPage.assertCurrent();
loginPage.assertCurrent();
//Assert.assertEquals("Login timeout. Please login again.", loginPage.getError());
//Assert.assertEquals("Login timeout. Please login again.", loginPage.getError());
setTimeOffset(0);
events.expectLogin().user((String) null).session((String) null).error("expired_code").clearDetails()
.detail(Details.RESTART_AFTER_TIMEOUT, "true")
.client((String) null)
.assertEvent();
} finally {
Time.setOffset(0);
}
events.expectLogin().user((String) null).session((String) null).error("expired_code").clearDetails()
.detail(Details.RESTART_AFTER_TIMEOUT, "true")
.client((String) null)
.assertEvent();
}
}

View file

@ -280,11 +280,13 @@ public class AccessTokenTest extends AbstractKeycloakTest {
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
Time.setOffset(2);
setTimeOffset(2);
OAuthClient.AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
Assert.assertEquals(400, response.getStatusCode());
setTimeOffset(0);
AssertEvents.ExpectedEvent expectedEvent = events.expectCodeToToken(codeId, null);
expectedEvent.error("invalid_code")
.removeDetail(Details.TOKEN_ID)
@ -296,8 +298,6 @@ public class AccessTokenTest extends AbstractKeycloakTest {
events.clear();
RealmManager.realm(adminClient.realm("test")).accessCodeLifeSpan(60);
Time.setOffset(0);
}
@Test

View file

@ -365,9 +365,9 @@ public class ClientAuthSignedJWTTest extends AbstractKeycloakTest {
@Test
public void testAssertionExpired() throws Exception {
Time.setOffset(-1000);
String invalidJwt = getClient1SignedJWT();
Time.setOffset(0);
setTimeOffset(1000);
List<NameValuePair> parameters = new LinkedList<NameValuePair>();
parameters.add(new BasicNameValuePair(OAuth2Constants.GRANT_TYPE, OAuth2Constants.CLIENT_CREDENTIALS));
@ -377,14 +377,16 @@ public class ClientAuthSignedJWTTest extends AbstractKeycloakTest {
HttpResponse resp = sendRequest(oauth.getServiceAccountUrl(), parameters);
OAuthClient.AccessTokenResponse response = new OAuthClient.AccessTokenResponse(resp);
setTimeOffset(0);
assertError(response, "client1", "unauthorized_client", Errors.INVALID_CLIENT_CREDENTIALS);
}
@Test
public void testAssertionInvalidNotBefore() throws Exception {
Time.setOffset(1000);
String invalidJwt = getClient1SignedJWT();
Time.setOffset(0);
setTimeOffset(-1000);
List<NameValuePair> parameters = new LinkedList<NameValuePair>();
parameters.add(new BasicNameValuePair(OAuth2Constants.GRANT_TYPE, OAuth2Constants.CLIENT_CREDENTIALS));
@ -394,6 +396,8 @@ public class ClientAuthSignedJWTTest extends AbstractKeycloakTest {
HttpResponse resp = sendRequest(oauth.getServiceAccountUrl(), parameters);
OAuthClient.AccessTokenResponse response = new OAuthClient.AccessTokenResponse(resp);
setTimeOffset(0);
assertError(response, "client1", "unauthorized_client", Errors.INVALID_CLIENT_CREDENTIALS);
}

View file

@ -355,7 +355,7 @@ public class ResourceOwnerPasswordCredentialsGrantTest extends AbstractKeycloakT
new PasswordPolicy("forceExpiredPasswordChange(1)").toString());
try {
Time.setOffset(60 * 60 * 48);
setTimeOffset(60 * 60 * 48);
oauth.clientId("resource-owner");
@ -366,6 +366,8 @@ public class ResourceOwnerPasswordCredentialsGrantTest extends AbstractKeycloakT
assertEquals("invalid_grant", response.getError());
assertEquals("Account is not fully set up", response.getErrorDescription());
setTimeOffset(0);
events.expectLogin()
.client("resource-owner")
.session((String) null)
@ -374,8 +376,6 @@ public class ResourceOwnerPasswordCredentialsGrantTest extends AbstractKeycloakT
.user((String) null)
.assertEvent();
} finally {
Time.setOffset(0);
RealmManager.realm(realmResource).passwordPolicy(new PasswordPolicy("").toString());
UserManager.realm(realmResource).username("test-user@localhost")
.removeRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD.toString());