libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-18873 href attribute of a "Unable to scan?" tag is wrong in "Configure TOTP" page

Browse source
This commit is contained in:
chen kqing 2021-08-06 17:59:19 +08:00 committed by Marek Posolda
parent 12b8c0c9d3
commit c9809f0151
2 changed files with 53 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
services/src/main/java/org/keycloak/forms/login/freemarker/model/TotpBean.java
View file

@ -77,7 +77,8 @@ public class TotpBean {
}
public String getManualUrl() {
return uriBuilder.replaceQueryParam("session_code").replaceQueryParam("mode", "manual").build().toString();
return uriBuilder.replaceQueryParam("session_code").replaceQueryParam("mode", "manual")
.replaceQueryParam("execution", UserModel.RequiredAction.CONFIGURE_TOTP.name()).build().toString();
}
public String getQrUrl() {

51
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionPriorityTest.java
View file

@ -26,6 +26,7 @@ import org.keycloak.events.Details;
import org.keycloak.events.EventType;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserModel.RequiredAction;
import org.keycloak.models.utils.TimeBasedOTP;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
@ -35,12 +36,18 @@ import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.pages.AppPage.RequestType;
import org.keycloak.testsuite.pages.LoginConfigTotpPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.LoginPasswordUpdatePage;
import org.keycloak.testsuite.pages.LoginUpdateProfileEditUsernameAllowedPage;
import org.keycloak.testsuite.pages.TermsAndConditionsPage;
import org.keycloak.testsuite.util.UserBuilder;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.not;
/**
* @author <a href="mailto:wadahiro@gmail.com">Hiroyuki Wada</a>
*/
@ -69,6 +76,9 @@ public class RequiredActionPriorityTest extends AbstractTestRealmKeycloakTest {
@Page
protected TermsAndConditionsPage termsPage;
@Page
protected LoginConfigTotpPage totpPage;
@Before
public void setupRequiredActions() {
setRequiredActionEnabled("test", TermsAndConditions.PROVIDER_ID, true, false);
@ -158,4 +168,45 @@ public class RequiredActionPriorityTest extends AbstractTestRealmKeycloakTest {
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
events.expectLogin().assertEvent();
}
@Test
public void setupTotpAfterUpdatePassword() {
String testUserId = ApiUtil.findUserByUsername(testRealm(), "test-user@localhost").getId();
setRequiredActionEnabled("test", testUserId, RequiredAction.CONFIGURE_TOTP.name(), true);
setRequiredActionEnabled("test", testUserId, RequiredAction.UPDATE_PASSWORD.name(), true);
setRequiredActionEnabled("test", testUserId, TermsAndConditions.PROVIDER_ID, false);
setRequiredActionEnabled("test", testUserId, RequiredAction.UPDATE_PROFILE.name(), false);
// make UPDATE_PASSWORD on top
testRealm().flows().raiseRequiredActionPriority(UserModel.RequiredAction.UPDATE_PASSWORD.name());
testRealm().flows().raiseRequiredActionPriority(UserModel.RequiredAction.UPDATE_PASSWORD.name());
// Login
loginPage.open();
loginPage.login("test-user@localhost", "password");
// change password
changePasswordPage.assertCurrent();
changePasswordPage.changePassword("new-password", "new-password");
events.expectRequiredAction(EventType.UPDATE_PASSWORD).assertEvent();
// CONFIGURE_TOTP
totpPage.assertCurrent();
totpPage.clickManual();
String pageSource = driver.getPageSource();
assertThat(pageSource, not(containsString("Unable to scan?")));
assertThat(pageSource, containsString("Scan barcode?"));
TimeBasedOTP totp = new TimeBasedOTP();
totpPage.configure(totp.generateTOTP(totpPage.getTotpSecret()), "userLabel");
events.expectRequiredAction(EventType.UPDATE_TOTP).assertEvent();
// Logined
appPage.assertCurrent();
assertThat(appPage.getRequestType(), is(RequestType.AUTH_RESPONSE));
events.expectLogin().assertEvent();
}
}