From bca389307056045d0e05a5de0355365dccedc91c Mon Sep 17 00:00:00 2001
From: Thomas Raehalme <thomas.raehalme@aitiofinland.com>
Date: Fri, 8 Jan 2016 13:14:04 +0200
Subject: [PATCH] Required action TermsAndConditions now stores user attribute
 indicating acceptance of terms and conditions.

---
 .../requiredactions/TermsAndConditions.java   | 14 ++++++++---
 .../actions/TermsAndConditionsTest.java       | 24 +++++++++++++++++++
 2 files changed, 35 insertions(+), 3 deletions(-)

diff --git a/services/src/main/java/org/keycloak/authentication/requiredactions/TermsAndConditions.java b/services/src/main/java/org/keycloak/authentication/requiredactions/TermsAndConditions.java
index cb5ecd260e..e48b437ddd 100755
--- a/services/src/main/java/org/keycloak/authentication/requiredactions/TermsAndConditions.java
+++ b/services/src/main/java/org/keycloak/authentication/requiredactions/TermsAndConditions.java
@@ -1,5 +1,9 @@
 package org.keycloak.authentication.requiredactions;
 
+import java.text.SimpleDateFormat;
+import java.util.Arrays;
+import java.util.Date;
+
 import org.keycloak.Config;
 import org.keycloak.authentication.RequiredActionContext;
 import org.keycloak.authentication.RequiredActionFactory;
@@ -14,8 +18,8 @@ import javax.ws.rs.core.Response;
  * @version $Revision: 1 $
  */
 public class TermsAndConditions implements RequiredActionProvider, RequiredActionFactory {
-
     public static final String PROVIDER_ID = "terms_and_conditions";
+    public static final String USER_ATTRIBUTE = PROVIDER_ID;
 
     @Override
     public RequiredActionProvider create(KeycloakSession session) {
@@ -46,18 +50,22 @@ public class TermsAndConditions implements RequiredActionProvider, RequiredActio
 
     @Override
     public void requiredActionChallenge(RequiredActionContext context) {
-        Response challenge =  context.form().createForm("terms.ftl");
+        Response challenge = context.form().createForm("terms.ftl");
         context.challenge(challenge);
     }
 
     @Override
     public void processAction(RequiredActionContext context) {
         if (context.getHttpRequest().getDecodedFormParameters().containsKey("cancel")) {
+            context.getUser().removeAttribute(USER_ATTRIBUTE);
             context.failure();
             return;
         }
-        context.success();
 
+        SimpleDateFormat dateTimeFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ");
+        context.getUser().setAttribute(USER_ATTRIBUTE, Arrays.asList(dateTimeFormat.format(new Date())));
+
+        context.success();
     }
 
     @Override
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/actions/TermsAndConditionsTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/actions/TermsAndConditionsTest.java
index f758900d3b..d8709238eb 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/actions/TermsAndConditionsTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/actions/TermsAndConditionsTest.java
@@ -32,6 +32,7 @@ import org.keycloak.events.Errors;
 import org.keycloak.events.EventType;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.UserModel;
+import org.keycloak.representations.idm.UserRepresentation;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.testsuite.AssertEvents;
 import org.keycloak.testsuite.pages.AppPage;
@@ -44,6 +45,11 @@ import org.keycloak.testsuite.rule.WebResource;
 import org.keycloak.testsuite.rule.WebRule;
 import org.openqa.selenium.WebDriver;
 
+import java.util.List;
+import java.util.Map;
+
+import static org.junit.Assert.*;
+
 /**
  * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
  */
@@ -96,6 +102,16 @@ public class TermsAndConditionsTest {
         Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
 
         events.expectLogin().session(sessionId).assertEvent();
+
+        // assert user attribute is properly set
+        UserRepresentation user = keycloakRule.getUser("test", "test-user@localhost");
+        Map<String,List<String>> attributes = user.getAttributesAsListValues();
+        assertNotNull("timestamp for terms acceptance was not stored in user attributes", attributes);
+        List<String> termsAndConditions = attributes.get(TermsAndConditions.USER_ATTRIBUTE);
+        assertTrue("timestamp for terms acceptance was not stored in user attributes as "
+                + TermsAndConditions.USER_ATTRIBUTE, termsAndConditions.size() == 1);
+        assertNotNull("expected non-null timestamp for terms acceptance in user attribute "
+                + TermsAndConditions.USER_ATTRIBUTE, termsAndConditions.get(0));
     }
 
     @Test
@@ -113,6 +129,14 @@ public class TermsAndConditionsTest {
                 .removeDetail(Details.CONSENT)
                 .assertEvent();
 
+
+        // assert user attribute is properly removed
+        UserRepresentation user = keycloakRule.getUser("test", "test-user@localhost");
+        Map<String,List<String>> attributes = user.getAttributesAsListValues();
+        if (attributes != null) {
+            assertNull("expected null for terms acceptance user attribute " + TermsAndConditions.USER_ATTRIBUTE,
+                    attributes.get(TermsAndConditions.USER_ATTRIBUTE));
+        }
     }