Beispiel #1
0
  @Test
  public void changeProfileNoAccess() throws Exception {
    profilePage.open();
    loginPage.login("test-user-no-access@localhost", "password");

    Assert.assertTrue(errorPage.isCurrent());
    Assert.assertEquals("No access", errorPage.getError());
  }
  @Test
  public void resetPasswordCancel() throws IOException, MessagingException {
    loginPage.open();
    loginPage.resetPassword();

    resetPasswordPage.assertCurrent();

    resetPasswordPage.changePassword("login-test");

    resetPasswordPage.assertCurrent();

    events
        .expectRequiredAction(EventType.SEND_RESET_PASSWORD)
        .user(userId)
        .detail(Details.USERNAME, "login-test")
        .detail(Details.EMAIL, "*****@*****.**")
        .assertEvent()
        .getSessionId();

    resetPasswordPage.backToLogin();

    Assert.assertTrue(loginPage.isCurrent());

    loginPage.login("login-test", "password");

    events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent();

    Assert.assertEquals(1, greenMail.getReceivedMessages().length);

    MimeMessage message = greenMail.getReceivedMessages()[0];

    String body = (String) message.getContent();
    String changePasswordUrl = MailUtil.getLink(body);

    driver.navigate().to(changePasswordUrl.trim());

    events
        .expect(EventType.RESET_PASSWORD_ERROR)
        .client((String) null)
        .user((String) null)
        .error("invalid_code")
        .clearDetails()
        .assertEvent();

    Assert.assertTrue(errorPage.isCurrent());
    Assert.assertEquals(
        "Unknown code, please login again through your application.", errorPage.getError());
  }
Beispiel #3
0
  @Test
  public void changeProfileNoAccess() throws Exception {
    profilePage.open();
    loginPage.login("test-user-no-access@localhost", "password");

    events
        .expectLogin()
        .client("account")
        .user(keycloakRule.getUser("test", "test-user-no-access@localhost").getId())
        .detail(Details.USERNAME, "test-user-no-access@localhost")
        .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
        .assertEvent();

    Assert.assertTrue(errorPage.isCurrent());
    Assert.assertEquals("No access", errorPage.getError());
  }
  // KEYCLOAK-3267
  @Test
  public void loginWithExistingUserWithBruteForceEnabled() {
    adminClient
        .realm(consumerRealmName())
        .update(RealmBuilder.create().bruteForceProtected(true).failureFactor(2).build());

    loginWithExistingUser();

    driver.navigate().to(getAccountPasswordUrl(consumerRealmName()));

    accountPasswordPage.changePassword("password", "password");

    driver
        .navigate()
        .to(
            getAuthRoot()
                + "/auth/realms/"
                + providerRealmName()
                + "/protocol/"
                + "openid-connect"
                + "/logout?redirect_uri="
                + encodeUrl(getAccountUrl(providerRealmName())));

    driver.navigate().to(getAccountUrl(consumerRealmName()));

    try {
      waitForPage("log in to");
    } catch (TimeoutException e) {
      log.debug(driver.getTitle());
      log.debug(driver.getPageSource());
      Assert.fail("Timeout while waiting for login page");
    }

    for (int i = 0; i < 3; i++) {
      try {
        waitForElementEnabled("login");
      } catch (TimeoutException e) {
        Assert.fail("Timeout while waiting for login element enabled");
      }

      accountLoginPage.login(getUserLogin(), "invalid");
    }

    assertEquals("Invalid username or password.", accountLoginPage.getError());

    accountLoginPage.clickSocial(getIDPAlias());

    try {
      waitForPage("log in to");
    } catch (TimeoutException e) {
      log.debug(driver.getTitle());
      log.debug(driver.getPageSource());
      Assert.fail("Timeout while waiting for login page");
    }

    Assert.assertTrue(
        "Driver should be on the provider realm page right now",
        driver.getCurrentUrl().contains("/auth/realms/" + providerRealmName() + "/"));

    accountLoginPage.login(getUserLogin(), getUserPassword());

    assertEquals("Account is disabled, contact admin.", errorPage.getError());
  }