KEYCLOAK-1028 Make sure we return invalid response with response_type is token
This commit is contained in:
parent
2d785b5d5e
commit
b4af5c4a1e
1 changed files with 11 additions and 0 deletions
|
@ -31,6 +31,7 @@ import org.keycloak.events.Errors;
|
|||
import org.keycloak.events.EventType;
|
||||
import org.keycloak.models.Constants;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
|
||||
import org.keycloak.services.managers.ClientSessionCode;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
|
@ -44,6 +45,7 @@ import org.keycloak.testsuite.rule.WebRule;
|
|||
import org.openqa.selenium.By;
|
||||
import org.openqa.selenium.WebDriver;
|
||||
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
import java.io.IOException;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
@ -191,6 +193,15 @@ public class AuthorizationCodeTest {
|
|||
assertCode(codeId, response.getCode());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authorizationRequestInvalidResponseType() throws IOException {
|
||||
UriBuilder b = UriBuilder.fromUri(oauth.getLoginFormUrl());
|
||||
b.replaceQueryParam(OAuth2Constants.RESPONSE_TYPE, "token");
|
||||
driver.navigate().to(b.build().toURL());
|
||||
assertEquals("Invalid parameter: response_type", errorPage.getError());
|
||||
events.expectLogin().error(Errors.INVALID_REQUEST).user((String) null).session((String) null).clearDetails().detail(Details.RESPONSE_TYPE, "token").assertEvent();
|
||||
}
|
||||
|
||||
private void assertCode(String expectedCodeId, String actualCode) {
|
||||
ClientSessionCode code = keycloakRule.verifyCode(actualCode);
|
||||
assertEquals(expectedCodeId, code.getClientSession().getId());
|
||||
|
|
Loading…
Reference in a new issue