Beispiel #1
0
  @Test
  public void setupTotp() {
    totpPage.open();
    loginPage.login("test-user@localhost", "password");

    events
        .expectLogin()
        .client("account")
        .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=totp")
        .assertEvent();

    Assert.assertTrue(totpPage.isCurrent());

    Assert.assertFalse(driver.getPageSource().contains("Remove Google"));

    // Error with false code
    totpPage.configure(totp.generate(totpPage.getTotpSecret() + "123"));

    Assert.assertEquals("Invalid authenticator code.", profilePage.getError());

    totpPage.configure(totp.generate(totpPage.getTotpSecret()));

    Assert.assertEquals("Mobile authenticator configured.", profilePage.getSuccess());

    events.expectAccount(EventType.UPDATE_TOTP).assertEvent();

    Assert.assertTrue(driver.getPageSource().contains("pficon-delete"));

    totpPage.removeTotp();

    events.expectAccount(EventType.REMOVE_TOTP).assertEvent();
  }
Beispiel #2
0
  @Test
  public void changePassword() {
    changePasswordPage.open();
    loginPage.login("test-user@localhost", "password");

    Event event =
        events
            .expectLogin()
            .client("account")
            .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password")
            .assertEvent();
    String sessionId = event.getSessionId();
    String userId = event.getUserId();
    changePasswordPage.changePassword("", "new-password", "new-password");

    Assert.assertEquals("Please specify password.", profilePage.getError());

    changePasswordPage.changePassword("password", "new-password", "new-password2");

    Assert.assertEquals("Password confirmation doesn't match.", profilePage.getError());

    changePasswordPage.changePassword("password", "new-password", "new-password");

    Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());

    events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();

    changePasswordPage.logout();

    events
        .expectLogout(sessionId)
        .detail(Details.REDIRECT_URI, changePasswordPage.getPath())
        .assertEvent();

    loginPage.open();
    loginPage.login("test-user@localhost", "password");

    Assert.assertEquals("Invalid username or password.", loginPage.getError());

    events
        .expectLogin()
        .session((String) null)
        .error("invalid_user_credentials")
        .removeDetail(Details.CONSENT)
        .assertEvent();

    loginPage.open();
    loginPage.login("test-user@localhost", "new-password");

    Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());

    events.expectLogin().assertEvent();
  }
Beispiel #3
0
  @Test
  public void changePasswordWithLengthPasswordPolicy() {
    keycloakRule.update(
        new KeycloakRule.KeycloakSetup() {
          @Override
          public void config(
              RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
            appRealm.setPasswordPolicy(new PasswordPolicy("length"));
          }
        });

    try {
      changePasswordPage.open();
      loginPage.login("test-user@localhost", "password");

      events
          .expectLogin()
          .client("account")
          .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password")
          .assertEvent();

      changePasswordPage.changePassword("", "new", "new");

      Assert.assertEquals("Please specify password.", profilePage.getError());

      changePasswordPage.changePassword("password", "new-password", "new-password");

      Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());

      events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
    } finally {
      keycloakRule.update(
          new KeycloakRule.KeycloakSetup() {
            @Override
            public void config(
                RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
              appRealm.setPasswordPolicy(new PasswordPolicy(null));
            }
          });
    }
  }
Beispiel #4
0
  // KEYCLOAK-1534
  @Test
  public void changeEmailToExisting() {
    profilePage.open();
    loginPage.login("test-user@localhost", "password");

    events
        .expectLogin()
        .client("account")
        .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
        .assertEvent();

    Assert.assertEquals("test-user@localhost", profilePage.getUsername());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    // Change to the email, which some other user has
    profilePage.updateProfile("New first", "New last", "test-user-no-access@localhost");

    profilePage.assertCurrent();
    Assert.assertEquals("Email already exists.", profilePage.getError());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("test-user-no-access@localhost", profilePage.getEmail());

    events.assertEmpty();

    // Change some other things, but not email
    profilePage.updateProfile("New first", "New last", "test-user@localhost");

    Assert.assertEquals("Your account has been updated.", profilePage.getSuccess());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    events.expectAccount(EventType.UPDATE_PROFILE).assertEvent();

    // Change email and other things to original values
    profilePage.updateProfile("Tom", "Brady", "test-user@localhost");
    events.expectAccount(EventType.UPDATE_PROFILE).assertEvent();
  }
Beispiel #5
0
  @Test
  public void changeUsername() {
    // allow to edit the username in realm
    keycloakRule.update(
        new KeycloakRule.KeycloakSetup() {
          @Override
          public void config(
              RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
            appRealm.setEditUsernameAllowed(true);
          }
        });

    try {
      profilePage.open();
      loginPage.login("test-user@localhost", "password");

      events
          .expectLogin()
          .client("account")
          .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
          .assertEvent();

      Assert.assertEquals("test-user@localhost", profilePage.getUsername());
      Assert.assertEquals("Tom", profilePage.getFirstName());
      Assert.assertEquals("Brady", profilePage.getLastName());
      Assert.assertEquals("test-user@localhost", profilePage.getEmail());

      // All fields are required, so there should be an error when something is missing.
      profilePage.updateProfile("", "New first", "New last", "*****@*****.**");

      Assert.assertEquals("Please specify username.", profilePage.getError());
      Assert.assertEquals("", profilePage.getUsername());
      Assert.assertEquals("New first", profilePage.getFirstName());
      Assert.assertEquals("New last", profilePage.getLastName());
      Assert.assertEquals("*****@*****.**", profilePage.getEmail());

      events.assertEmpty();

      // Change to the username already occupied by other user
      profilePage.updateProfile(
          "test-user-no-access@localhost", "New first", "New last", "*****@*****.**");

      Assert.assertEquals("Username already exists.", profilePage.getError());
      Assert.assertEquals("test-user-no-access@localhost", profilePage.getUsername());
      Assert.assertEquals("New first", profilePage.getFirstName());
      Assert.assertEquals("New last", profilePage.getLastName());
      Assert.assertEquals("*****@*****.**", profilePage.getEmail());

      events.assertEmpty();

      profilePage.updateProfile(
          "test-user-new@localhost", "New first", "New last", "*****@*****.**");

      Assert.assertEquals("Your account has been updated.", profilePage.getSuccess());
      Assert.assertEquals("test-user-new@localhost", profilePage.getUsername());
      Assert.assertEquals("New first", profilePage.getFirstName());
      Assert.assertEquals("New last", profilePage.getLastName());
      Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    } finally {
      // reset user for other tests
      profilePage.updateProfile("test-user@localhost", "Tom", "Brady", "test-user@localhost");
      events.clear();

      // reset realm
      keycloakRule.update(
          new KeycloakRule.KeycloakSetup() {
            @Override
            public void config(
                RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
              appRealm.setEditUsernameAllowed(false);
            }
          });
    }
  }
Beispiel #6
0
  @Test
  public void changeProfile() {
    profilePage.open();
    loginPage.login("test-user@localhost", "password");

    events
        .expectLogin()
        .client("account")
        .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
        .assertEvent();

    Assert.assertEquals("Tom", profilePage.getFirstName());
    Assert.assertEquals("Brady", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    // All fields are required, so there should be an error when something is missing.
    profilePage.updateProfile("", "New last", "*****@*****.**");

    Assert.assertEquals("Please specify first name.", profilePage.getError());
    Assert.assertEquals("", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    events.assertEmpty();

    profilePage.updateProfile("New first", "", "*****@*****.**");

    Assert.assertEquals("Please specify last name.", profilePage.getError());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("", profilePage.getLastName());
    Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    events.assertEmpty();

    profilePage.updateProfile("New first", "New last", "");

    Assert.assertEquals("Please specify email.", profilePage.getError());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("", profilePage.getEmail());

    events.assertEmpty();

    profilePage.clickCancel();

    Assert.assertEquals("Tom", profilePage.getFirstName());
    Assert.assertEquals("Brady", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    events.assertEmpty();

    profilePage.updateProfile("New first", "New last", "*****@*****.**");

    Assert.assertEquals("Your account has been updated.", profilePage.getSuccess());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    events.expectAccount(EventType.UPDATE_PROFILE).assertEvent();
    events
        .expectAccount(EventType.UPDATE_EMAIL)
        .detail(Details.PREVIOUS_EMAIL, "test-user@localhost")
        .detail(Details.UPDATED_EMAIL, "*****@*****.**")
        .assertEvent();

    // reset user for other tests
    profilePage.updateProfile("Tom", "Brady", "test-user@localhost");
    events.clear();
  }