mposolda
Pedro Igor
parent
29de841883
commit
c18e8ff535
13 changed files with 72 additions and 103 deletions
|
|
@ -106,14 +106,6 @@ public class DefaultAuthenticationFlows {
|
|||
execution.setAuthenticatorFlow(false);
|
||||
realm.addAuthenticatorExecution(execution);
|
||||
|
||||
execution = new AuthenticationExecutionModel();
|
||||
execution.setParentFlow(registrationFormFlow.getId());
|
||||
execution.setRequirement(AuthenticationExecutionModel.Requirement.REQUIRED);
|
||||
execution.setAuthenticator("registration-profile-action");
|
||||
execution.setPriority(40);
|
||||
execution.setAuthenticatorFlow(false);
|
||||
realm.addAuthenticatorExecution(execution);
|
||||
|
||||
execution = new AuthenticationExecutionModel();
|
||||
execution.setParentFlow(registrationFormFlow.getId());
|
||||
execution.setRequirement(AuthenticationExecutionModel.Requirement.REQUIRED);
|
||||
|
|
|
|||
|
|
@ -34,8 +34,7 @@ public enum UserProfileContext {
|
|||
USER_API(false),
|
||||
ACCOUNT(true),
|
||||
IDP_REVIEW(false),
|
||||
REGISTRATION_PROFILE(false),
|
||||
REGISTRATION_USER_CREATION(false),
|
||||
REGISTRATION(false),
|
||||
UPDATE_EMAIL(false);
|
||||
|
||||
protected boolean resetEmailVerified;
|
||||
|
|
|
|||
|
|
@ -21,27 +21,18 @@ import org.keycloak.Config;
|
|||
import org.keycloak.authentication.FormAction;
|
||||
import org.keycloak.authentication.FormActionFactory;
|
||||
import org.keycloak.authentication.FormContext;
|
||||
import org.keycloak.events.Details;
|
||||
import org.keycloak.events.Errors;
|
||||
import org.keycloak.forms.login.LoginFormsProvider;
|
||||
import org.keycloak.models.AuthenticationExecutionModel;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.KeycloakSessionFactory;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.utils.FormMessage;
|
||||
import org.keycloak.provider.ProviderConfigProperty;
|
||||
import org.keycloak.services.messages.Messages;
|
||||
import org.keycloak.services.validation.Validation;
|
||||
import org.keycloak.userprofile.UserProfileContext;
|
||||
import org.keycloak.userprofile.ValidationException;
|
||||
import org.keycloak.userprofile.UserProfile;
|
||||
import org.keycloak.userprofile.UserProfileProvider;
|
||||
|
||||
import jakarta.ws.rs.core.MultivaluedMap;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* TODO: This class not needed. Remove it entirely (will need some migration)
|
||||
*
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
|
|
@ -60,40 +51,11 @@ public class RegistrationProfile implements FormAction, FormActionFactory {
|
|||
|
||||
@Override
|
||||
public void validate(org.keycloak.authentication.ValidationContext context) {
|
||||
MultivaluedMap<String, String> formData = context.getHttpRequest().getDecodedFormParameters();
|
||||
|
||||
context.getEvent().detail(Details.REGISTER_METHOD, "form");
|
||||
|
||||
UserProfileProvider profileProvider = context.getSession().getProvider(UserProfileProvider.class);
|
||||
UserProfile profile = profileProvider.create(UserProfileContext.REGISTRATION_PROFILE, formData);
|
||||
|
||||
try {
|
||||
profile.validate();
|
||||
} catch (ValidationException pve) {
|
||||
List<FormMessage> errors = Validation.getFormErrorsFromValidation(pve.getErrors());
|
||||
|
||||
if (pve.hasError(Messages.EMAIL_EXISTS, Messages.INVALID_EMAIL)) {
|
||||
context.getEvent().detail(Details.EMAIL, profile.getAttributes().getFirstValue(UserModel.EMAIL));
|
||||
}
|
||||
|
||||
if (pve.hasError(Messages.EMAIL_EXISTS)) {
|
||||
context.error(Errors.EMAIL_IN_USE);
|
||||
} else
|
||||
context.error(Errors.INVALID_REGISTRATION);
|
||||
|
||||
context.validationError(formData, errors);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
context.success();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void success(FormContext context) {
|
||||
UserModel user = context.getUser();
|
||||
UserProfileProvider provider = context.getSession().getProvider(UserProfileProvider.class);
|
||||
provider.create(UserProfileContext.REGISTRATION_PROFILE, context.getHttpRequest().getDecodedFormParameters(), user).update();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@
|
|||
|
||||
package org.keycloak.authentication.forms;
|
||||
|
||||
import jakarta.ws.rs.core.MultivaluedHashMap;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.authentication.AuthenticationFlowError;
|
||||
import org.keycloak.authentication.AuthenticationFlowException;
|
||||
|
|
@ -39,9 +40,9 @@ import org.keycloak.provider.ProviderConfigProperty;
|
|||
import org.keycloak.services.messages.Messages;
|
||||
import org.keycloak.services.validation.Validation;
|
||||
import org.keycloak.userprofile.UserProfileContext;
|
||||
import org.keycloak.userprofile.UserProfileProvider;
|
||||
import org.keycloak.userprofile.ValidationException;
|
||||
import org.keycloak.userprofile.UserProfile;
|
||||
import org.keycloak.userprofile.UserProfileProvider;
|
||||
|
||||
import jakarta.ws.rs.core.MultivaluedMap;
|
||||
import java.util.List;
|
||||
|
|
@ -56,7 +57,7 @@ public class RegistrationUserCreation implements FormAction, FormActionFactory {
|
|||
|
||||
@Override
|
||||
public String getHelpText() {
|
||||
return "This action must always be first! Validates the username of the user in validation phase. In success phase, this will create the user in the database.";
|
||||
return "This action must always be first! Validates the username and user profile of the user in validation phase. In success phase, this will create the user in the database including his user profile.";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -69,9 +70,7 @@ public class RegistrationUserCreation implements FormAction, FormActionFactory {
|
|||
MultivaluedMap<String, String> formData = context.getHttpRequest().getDecodedFormParameters();
|
||||
context.getEvent().detail(Details.REGISTER_METHOD, "form");
|
||||
|
||||
KeycloakSession session = context.getSession();
|
||||
UserProfileProvider profileProvider = session.getProvider(UserProfileProvider.class);
|
||||
UserProfile profile = profileProvider.create(UserProfileContext.REGISTRATION_USER_CREATION, formData);
|
||||
UserProfile profile = getOrCreateUserProfile(context, formData);
|
||||
String email = profile.getAttributes().getFirstValue(UserModel.EMAIL);
|
||||
|
||||
String username = profile.getAttributes().getFirstValue(UserModel.USERNAME);
|
||||
|
|
@ -92,12 +91,16 @@ public class RegistrationUserCreation implements FormAction, FormActionFactory {
|
|||
} catch (ValidationException pve) {
|
||||
List<FormMessage> errors = Validation.getFormErrorsFromValidation(pve.getErrors());
|
||||
|
||||
if (pve.hasError(Messages.EMAIL_EXISTS, Messages.INVALID_EMAIL)) {
|
||||
context.getEvent().detail(Details.EMAIL, profile.getAttributes().getFirstValue(UserModel.EMAIL));
|
||||
}
|
||||
|
||||
if (pve.hasError(Messages.EMAIL_EXISTS)) {
|
||||
context.error(Errors.EMAIL_IN_USE);
|
||||
} else if (pve.hasError(Messages.MISSING_EMAIL, Messages.MISSING_USERNAME, Messages.INVALID_EMAIL)) {
|
||||
context.error(Errors.INVALID_REGISTRATION);
|
||||
} else if (pve.hasError(Messages.USERNAME_EXISTS)) {
|
||||
context.error(Errors.USERNAME_IN_USE);
|
||||
} else {
|
||||
context.error(Errors.INVALID_REGISTRATION);
|
||||
}
|
||||
|
||||
context.validationError(formData, errors);
|
||||
|
|
@ -128,10 +131,7 @@ public class RegistrationUserCreation implements FormAction, FormActionFactory {
|
|||
.detail(Details.REGISTER_METHOD, "form")
|
||||
.detail(Details.EMAIL, email);
|
||||
|
||||
KeycloakSession session = context.getSession();
|
||||
|
||||
UserProfileProvider profileProvider = session.getProvider(UserProfileProvider.class);
|
||||
UserProfile profile = profileProvider.create(UserProfileContext.REGISTRATION_USER_CREATION, formData);
|
||||
UserProfile profile = getOrCreateUserProfile(context, formData);
|
||||
UserModel user = profile.create();
|
||||
|
||||
user.setEnabled(true);
|
||||
|
|
@ -188,7 +188,7 @@ public class RegistrationUserCreation implements FormAction, FormActionFactory {
|
|||
|
||||
@Override
|
||||
public String getDisplayType() {
|
||||
return "Registration User Creation";
|
||||
return "Registration User Profile Creation";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -228,4 +228,30 @@ public class RegistrationUserCreation implements FormAction, FormActionFactory {
|
|||
public String getId() {
|
||||
return PROVIDER_ID;
|
||||
}
|
||||
|
||||
private MultivaluedMap<String, String> normalizeFormParameters(MultivaluedMap<String, String> formParams) {
|
||||
MultivaluedHashMap<String, String> copy = new MultivaluedHashMap<>(formParams);
|
||||
|
||||
// Remove "password" and "password-confirm" to avoid leaking them in the user-profile data
|
||||
copy.remove(RegistrationPage.FIELD_PASSWORD);
|
||||
copy.remove(RegistrationPage.FIELD_PASSWORD_CONFIRM);
|
||||
|
||||
return copy;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get user profile instance for current HTTP request (KeycloakSession) and for given context. This assumes that there is
|
||||
* single user registered within HTTP request, which is always the case in Keycloak
|
||||
*/
|
||||
public UserProfile getOrCreateUserProfile(FormContext formContext, MultivaluedMap<String, String> formData) {
|
||||
KeycloakSession session = formContext.getSession();
|
||||
UserProfile profile = (UserProfile) session.getAttribute("UP_REGISTER");
|
||||
if (profile == null) {
|
||||
formData = normalizeFormParameters(formData);
|
||||
UserProfileProvider profileProvider = session.getProvider(UserProfileProvider.class);
|
||||
profile = profileProvider.create(UserProfileContext.REGISTRATION, formData);
|
||||
session.setAttribute("UP_REGISTER", profile);
|
||||
}
|
||||
return profile;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ import java.util.stream.Stream;
|
|||
import jakarta.ws.rs.core.MultivaluedMap;
|
||||
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.userprofile.UserProfile;
|
||||
import org.keycloak.userprofile.UserProfileContext;
|
||||
import org.keycloak.userprofile.UserProfileProvider;
|
||||
|
|
@ -49,7 +50,7 @@ public class RegisterBean extends AbstractUserProfileBean {
|
|||
|
||||
@Override
|
||||
protected UserProfile createUserProfile(UserProfileProvider provider) {
|
||||
return provider.create(UserProfileContext.REGISTRATION_PROFILE, null, null);
|
||||
return provider.create(UserProfileContext.REGISTRATION, null, (UserModel) null);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -59,7 +60,7 @@ public class RegisterBean extends AbstractUserProfileBean {
|
|||
|
||||
@Override
|
||||
public String getContext() {
|
||||
return UserProfileContext.REGISTRATION_PROFILE.name();
|
||||
return UserProfileContext.REGISTRATION.name();
|
||||
}
|
||||
|
||||
public Map<String, String> getFormData() {
|
||||
|
|
|
|||
|
|
@ -22,14 +22,14 @@ package org.keycloak.userprofile;
|
|||
import static org.keycloak.userprofile.DefaultAttributes.READ_ONLY_ATTRIBUTE_KEY;
|
||||
import static org.keycloak.userprofile.UserProfileContext.ACCOUNT;
|
||||
import static org.keycloak.userprofile.UserProfileContext.IDP_REVIEW;
|
||||
import static org.keycloak.userprofile.UserProfileContext.REGISTRATION_PROFILE;
|
||||
import static org.keycloak.userprofile.UserProfileContext.REGISTRATION_USER_CREATION;
|
||||
import static org.keycloak.userprofile.UserProfileContext.REGISTRATION;
|
||||
import static org.keycloak.userprofile.UserProfileContext.UPDATE_EMAIL;
|
||||
import static org.keycloak.userprofile.UserProfileContext.UPDATE_PROFILE;
|
||||
import static org.keycloak.userprofile.UserProfileContext.USER_API;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
|
@ -77,8 +77,7 @@ public abstract class AbstractUserProfileProvider<U extends UserProfileProvider>
|
|||
KeycloakContext context = session.getContext();
|
||||
RealmModel realm = context.getRealm();
|
||||
|
||||
if (REGISTRATION_PROFILE.equals(c.getContext()) || REGISTRATION_USER_CREATION.equals(c.getContext())
|
||||
|| IDP_REVIEW.equals(c.getContext())) {
|
||||
if (REGISTRATION.equals(c.getContext()) || IDP_REVIEW.equals(c.getContext())) {
|
||||
return !realm.isRegistrationEmailAsUsername();
|
||||
}
|
||||
|
||||
|
|
@ -95,7 +94,7 @@ public abstract class AbstractUserProfileProvider<U extends UserProfileProvider>
|
|||
RealmModel realm = context.getRealm();
|
||||
|
||||
switch (c.getContext()) {
|
||||
case REGISTRATION_PROFILE:
|
||||
case REGISTRATION:
|
||||
case IDP_REVIEW:
|
||||
return !realm.isRegistrationEmailAsUsername();
|
||||
case UPDATE_PROFILE:
|
||||
|
|
@ -113,7 +112,7 @@ public abstract class AbstractUserProfileProvider<U extends UserProfileProvider>
|
|||
private static boolean editEmailCondition(AttributeContext c) {
|
||||
RealmModel realm = c.getSession().getContext().getRealm();
|
||||
|
||||
if (REGISTRATION_PROFILE.equals(c.getContext()) || USER_API.equals(c.getContext())) {
|
||||
if (REGISTRATION.equals(c.getContext()) || USER_API.equals(c.getContext())) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
@ -131,7 +130,7 @@ public abstract class AbstractUserProfileProvider<U extends UserProfileProvider>
|
|||
private static boolean readEmailCondition(AttributeContext c) {
|
||||
UserProfileContext context = c.getContext();
|
||||
|
||||
if (REGISTRATION_PROFILE.equals(context) || USER_API.equals(c.getContext())) {
|
||||
if (REGISTRATION.equals(context) || USER_API.equals(c.getContext())) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
@ -231,12 +230,11 @@ public abstract class AbstractUserProfileProvider<U extends UserProfileProvider>
|
|||
|
||||
addContextualProfileMetadata(configureUserProfile(createBrokeringProfile(readOnlyValidator)));
|
||||
addContextualProfileMetadata(configureUserProfile(createAccountProfile(ACCOUNT, readOnlyValidator)));
|
||||
addContextualProfileMetadata(configureUserProfile(createDefaultProfile(REGISTRATION_PROFILE, readOnlyValidator)));
|
||||
addContextualProfileMetadata(configureUserProfile(createDefaultProfile(UPDATE_PROFILE, readOnlyValidator)));
|
||||
if (Profile.isFeatureEnabled(Profile.Feature.UPDATE_EMAIL)) {
|
||||
addContextualProfileMetadata(configureUserProfile(createDefaultProfile(UPDATE_EMAIL, readOnlyValidator)));
|
||||
}
|
||||
addContextualProfileMetadata(configureUserProfile(createRegistrationUserCreationProfile()));
|
||||
addContextualProfileMetadata(configureUserProfile(createRegistrationUserCreationProfile(readOnlyValidator)));
|
||||
addContextualProfileMetadata(configureUserProfile(createUserResourceValidation(config)));
|
||||
}
|
||||
|
||||
|
|
@ -340,14 +338,14 @@ public abstract class AbstractUserProfileProvider<U extends UserProfileProvider>
|
|||
}
|
||||
}
|
||||
|
||||
private UserProfileMetadata createRegistrationUserCreationProfile() {
|
||||
UserProfileMetadata metadata = new UserProfileMetadata(REGISTRATION_USER_CREATION);
|
||||
private UserProfileMetadata createRegistrationUserCreationProfile(AttributeValidatorMetadata readOnlyValidator) {
|
||||
UserProfileMetadata metadata = createDefaultProfile(REGISTRATION, readOnlyValidator);
|
||||
|
||||
metadata.addAttribute(UserModel.USERNAME, -2, new AttributeValidatorMetadata(RegistrationEmailAsUsernameUsernameValueValidator.ID), new AttributeValidatorMetadata(RegistrationUsernameExistsValidator.ID), new AttributeValidatorMetadata(UsernameHasValueValidator.ID));
|
||||
metadata.getAttribute(UserModel.USERNAME).get(0).addValidators(Arrays.asList(
|
||||
new AttributeValidatorMetadata(RegistrationEmailAsUsernameUsernameValueValidator.ID), new AttributeValidatorMetadata(RegistrationUsernameExistsValidator.ID), new AttributeValidatorMetadata(UsernameHasValueValidator.ID)));
|
||||
|
||||
metadata.addAttribute(UserModel.EMAIL, -1, new AttributeValidatorMetadata(RegistrationEmailAsUsernameEmailValueValidator.ID));
|
||||
|
||||
metadata.addAttribute(READ_ONLY_ATTRIBUTE_KEY, 1000, createReadOnlyAttributeUnchangedValidator(readOnlyAttributesPattern));
|
||||
metadata.getAttribute(UserModel.EMAIL).get(0).addValidators(Collections.singletonList(
|
||||
new AttributeValidatorMetadata(RegistrationEmailAsUsernameEmailValueValidator.ID)));
|
||||
|
||||
return metadata;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,7 +27,6 @@ import java.io.ByteArrayInputStream;
|
|||
import java.io.IOException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Optional;
|
||||
|
|
@ -160,7 +159,6 @@ public class DeclarativeUserProfileProvider extends AbstractUserProfileProvider<
|
|||
|
||||
if (!isEnabled(realm)) {
|
||||
if(!context.equals(UserProfileContext.USER_API)
|
||||
&& !context.equals(UserProfileContext.REGISTRATION_USER_CREATION)
|
||||
&& !context.equals(UserProfileContext.UPDATE_EMAIL)) {
|
||||
decoratedMetadata.addAttribute(UserModel.FIRST_NAME, 1, new AttributeValidatorMetadata(BlankAttributeValidator.ID, BlankAttributeValidator.createConfig(
|
||||
Messages.MISSING_FIRST_NAME, metadata.getContext() == UserProfileContext.IDP_REVIEW))).setAttributeDisplayName("${firstName}");
|
||||
|
|
@ -306,10 +304,8 @@ public class DeclarativeUserProfileProvider extends AbstractUserProfileProvider<
|
|||
protected UserProfileMetadata decorateUserProfileForCache(UserProfileMetadata decoratedMetadata, UPConfig parsedConfig) {
|
||||
UserProfileContext context = decoratedMetadata.getContext();
|
||||
|
||||
// do not change config for REGISTRATION_USER_CREATION context, everything important is covered thanks to REGISTRATION_PROFILE
|
||||
// do not change config for UPDATE_EMAIL context, validations are already set and do not need including anything else from the configuration
|
||||
if (parsedConfig == null
|
||||
|| context == UserProfileContext.REGISTRATION_USER_CREATION
|
||||
|| context == UserProfileContext.UPDATE_EMAIL
|
||||
) {
|
||||
return decoratedMetadata;
|
||||
|
|
|
|||
|
|
@ -197,10 +197,9 @@ public class InitialFlowsTest extends AbstractAuthenticationTest {
|
|||
|
||||
execs = new LinkedList<>();
|
||||
addExecInfo(execs, "registration form", "registration-page-form", false, 0, 0, REQUIRED, true, new String[]{REQUIRED, DISABLED});
|
||||
addExecInfo(execs, "Registration User Creation", "registration-user-creation", false, 1, 0, REQUIRED, null, new String[]{REQUIRED, DISABLED});
|
||||
addExecInfo(execs, "Profile Validation", "registration-profile-action", false, 1, 1, REQUIRED, null, new String[]{REQUIRED, DISABLED});
|
||||
addExecInfo(execs, "Password Validation", "registration-password-action", false, 1, 2, REQUIRED, null, new String[]{REQUIRED, DISABLED});
|
||||
addExecInfo(execs, "Recaptcha", "registration-recaptcha-action", true, 1, 3, DISABLED, null, new String[]{REQUIRED, DISABLED});
|
||||
addExecInfo(execs, "Registration User Profile Creation", "registration-user-creation", false, 1, 0, REQUIRED, null, new String[]{REQUIRED, DISABLED});
|
||||
addExecInfo(execs, "Password Validation", "registration-password-action", false, 1, 1, REQUIRED, null, new String[]{REQUIRED, DISABLED});
|
||||
addExecInfo(execs, "Recaptcha", "registration-recaptcha-action", true, 1, 2, DISABLED, null, new String[]{REQUIRED, DISABLED});
|
||||
expected.add(new FlowExecutions(flow, execs));
|
||||
|
||||
flow = newFlow("reset credentials", "Reset credentials for a user if they forgot their password or something", "basic-flow", true, true);
|
||||
|
|
|
|||
|
|
@ -68,9 +68,9 @@ public class ProvidersTest extends AbstractAuthenticationTest {
|
|||
"This can only be used on the internet and must be configured after you add it.");
|
||||
addProviderInfo(expected, "registration-password-action", "Password Validation",
|
||||
"Validates that password matches password confirmation field. It also will store password in user's credential store.");
|
||||
addProviderInfo(expected, "registration-user-creation", "Registration User Creation",
|
||||
"This action must always be first! Validates the username of the user in validation phase. " +
|
||||
"In success phase, this will create the user in the database.");
|
||||
addProviderInfo(expected, "registration-user-creation", "Registration User Profile Creation",
|
||||
"This action must always be first! Validates the username and user profile of the user in validation phase. " +
|
||||
"In success phase, this will create the user in the database including his user profile.");
|
||||
addProviderInfo(expected, "registration-terms-and-conditions", "Terms and conditions",
|
||||
"Asks the user to accept terms and conditions before submitting its registration form.");
|
||||
|
||||
|
|
|
|||
|
|
@ -50,10 +50,10 @@ public class RegistrationFlowTest extends AbstractAuthenticationTest {
|
|||
|
||||
// Should fail to add execution under top level flow
|
||||
Map<String, String> data2 = new HashMap<>();
|
||||
data2.put("provider", "registration-profile-action");
|
||||
data2.put("provider", "registration-password-action");
|
||||
try {
|
||||
authMgmtResource.addExecution("registration2", data2);
|
||||
Assert.fail("Not expected to add execution of type 'registration-profile-action' under top flow");
|
||||
Assert.fail("Not expected to add execution of type 'registration-password-action' under top flow");
|
||||
} catch (BadRequestException bre) {
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -873,7 +873,6 @@ public class RegisterTest extends AbstractTestRealmKeycloakTest {
|
|||
.addSubFlowExecution("Sub Flow", AuthenticationFlow.BASIC_FLOW, AuthenticationExecutionModel.Requirement.ALTERNATIVE, subflow -> subflow
|
||||
.addSubFlowExecution("Sub sub Form Flow", AuthenticationFlow.FORM_FLOW, AuthenticationExecutionModel.Requirement.REQUIRED, subsubflow -> subsubflow
|
||||
.addAuthenticatorExecution(AuthenticationExecutionModel.Requirement.REQUIRED, RegistrationUserCreation.PROVIDER_ID)
|
||||
.addAuthenticatorExecution(AuthenticationExecutionModel.Requirement.REQUIRED, RegistrationProfile.PROVIDER_ID)
|
||||
.addAuthenticatorExecution(AuthenticationExecutionModel.Requirement.REQUIRED, RegistrationPassword.PROVIDER_ID)
|
||||
.addAuthenticatorExecution(AuthenticationExecutionModel.Requirement.DISABLED, RegistrationRecaptcha.PROVIDER_ID)
|
||||
.addAuthenticatorExecution(termsAndConditionRequirement, RegistrationTermsAndConditions.PROVIDER_ID)
|
||||
|
|
|
|||
|
|
@ -1156,7 +1156,7 @@ public class UserProfileTest extends AbstractUserProfileTest {
|
|||
assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
|
||||
}
|
||||
|
||||
profile = provider.create(UserProfileContext.REGISTRATION_PROFILE, attributes);
|
||||
profile = provider.create(UserProfileContext.REGISTRATION, attributes);
|
||||
try {
|
||||
profile.validate();
|
||||
fail("Should fail validation");
|
||||
|
|
@ -1212,7 +1212,7 @@ public class UserProfileTest extends AbstractUserProfileTest {
|
|||
profile = provider.create(UserProfileContext.ACCOUNT, attributes);
|
||||
profile.validate();
|
||||
|
||||
profile = provider.create(UserProfileContext.REGISTRATION_PROFILE, attributes);
|
||||
profile = provider.create(UserProfileContext.REGISTRATION, attributes);
|
||||
profile.validate();
|
||||
|
||||
// fail on User API
|
||||
|
|
@ -1451,9 +1451,7 @@ public class UserProfileTest extends AbstractUserProfileTest {
|
|||
profile.validate();
|
||||
|
||||
// no fail on auth flow scopes when scope is not required
|
||||
profile = provider.create(UserProfileContext.REGISTRATION_PROFILE, attributes);
|
||||
profile.validate();
|
||||
profile = provider.create(UserProfileContext.REGISTRATION_USER_CREATION, attributes);
|
||||
profile = provider.create(UserProfileContext.REGISTRATION, attributes);
|
||||
profile.validate();
|
||||
profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
|
||||
profile.validate();
|
||||
|
|
@ -1478,7 +1476,7 @@ public class UserProfileTest extends AbstractUserProfileTest {
|
|||
assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
|
||||
}
|
||||
try {
|
||||
profile = provider.create(UserProfileContext.REGISTRATION_PROFILE, attributes);
|
||||
profile = provider.create(UserProfileContext.REGISTRATION, attributes);
|
||||
profile.validate();
|
||||
fail("Should fail validation");
|
||||
} catch (ValidationException ve) {
|
||||
|
|
|
|||
|
|
@ -42,8 +42,7 @@ public class UPConfigUtilsTest {
|
|||
Assert.assertFalse(UPConfigUtils.canBeAuthFlowContext(UserProfileContext.USER_API));
|
||||
|
||||
Assert.assertTrue(UPConfigUtils.canBeAuthFlowContext(UserProfileContext.IDP_REVIEW));
|
||||
Assert.assertTrue(UPConfigUtils.canBeAuthFlowContext(UserProfileContext.REGISTRATION_PROFILE));
|
||||
Assert.assertTrue(UPConfigUtils.canBeAuthFlowContext(UserProfileContext.REGISTRATION_USER_CREATION));
|
||||
Assert.assertTrue(UPConfigUtils.canBeAuthFlowContext(UserProfileContext.REGISTRATION));
|
||||
Assert.assertTrue(UPConfigUtils.canBeAuthFlowContext(UserProfileContext.UPDATE_PROFILE));
|
||||
}
|
||||
|
||||
|
|
@ -63,14 +62,14 @@ public class UPConfigUtilsTest {
|
|||
Assert.assertFalse(UPConfigUtils.isRoleForContext(UserProfileContext.USER_API, roles));
|
||||
Assert.assertTrue(UPConfigUtils.isRoleForContext(UserProfileContext.ACCOUNT, roles));
|
||||
Assert.assertTrue(UPConfigUtils.isRoleForContext(UserProfileContext.IDP_REVIEW, roles));
|
||||
Assert.assertTrue(UPConfigUtils.isRoleForContext(UserProfileContext.REGISTRATION_PROFILE, roles));
|
||||
Assert.assertTrue(UPConfigUtils.isRoleForContext(UserProfileContext.REGISTRATION, roles));
|
||||
|
||||
// both in roles
|
||||
roles.add(ROLE_ADMIN);
|
||||
Assert.assertTrue(UPConfigUtils.isRoleForContext(UserProfileContext.USER_API, roles));
|
||||
Assert.assertTrue(UPConfigUtils.isRoleForContext(UserProfileContext.ACCOUNT, roles));
|
||||
Assert.assertTrue(UPConfigUtils.isRoleForContext(UserProfileContext.IDP_REVIEW, roles));
|
||||
Assert.assertTrue(UPConfigUtils.isRoleForContext(UserProfileContext.REGISTRATION_PROFILE, roles));
|
||||
Assert.assertTrue(UPConfigUtils.isRoleForContext(UserProfileContext.REGISTRATION, roles));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
|||
Loading…
Reference in a new issue