// KEYCLOAK-2102
  @Test
  public void spnegoCaseInsensitiveTest() throws Exception {
    KeycloakRule keycloakRule = getKeycloakRule();
    AssertEvents events = getAssertEvents();

    Response spnegoResponse = spnegoLogin("MyDuke", "theduke");
    Assert.assertEquals(302, spnegoResponse.getStatus());

    events
        .expectLogin()
        .client("kerberos-app")
        .user(keycloakRule.getUser("test", "myduke").getId())
        .detail(Details.REDIRECT_URI, KERBEROS_APP_URL)
        // .detail(Details.AUTH_METHOD, "spnego")
        .detail(Details.USERNAME, "myduke")
        .assertEvent();

    String location = spnegoResponse.getLocation().toString();
    driver.navigate().to(location);

    String pageSource = driver.getPageSource();
    Assert.assertTrue(
        pageSource.contains("Kerberos Test")
            && pageSource.contains("Kerberos servlet secured content"));

    spnegoResponse.close();
    events.clear();
  }
Beispiel #2
0
  @Test
  public void returnToAppFromQueryParam() {
    driver.navigate().to(AccountUpdateProfilePage.PATH + "?referrer=test-app");
    loginPage.login("test-user@localhost", "password");
    Assert.assertTrue(profilePage.isCurrent());
    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());

    driver
        .navigate()
        .to(
            AccountUpdateProfilePage.PATH
                + "?referrer=test-app&referrer_uri=http://localhost:8081/app?test");
    Assert.assertTrue(profilePage.isCurrent());
    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());
    Assert.assertEquals(appPage.baseUrl + "?test", driver.getCurrentUrl());

    driver.navigate().to(AccountUpdateProfilePage.PATH + "?referrer=test-app");
    Assert.assertTrue(profilePage.isCurrent());

    driver.findElement(By.linkText("Authenticator")).click();
    Assert.assertTrue(totpPage.isCurrent());

    driver.findElement(By.linkText("Account")).click();
    Assert.assertTrue(profilePage.isCurrent());

    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());

    events.clear();
  }
  @Test
  public void usernamePasswordLoginTest() throws Exception {
    KeycloakRule keycloakRule = getKeycloakRule();
    AssertEvents events = getAssertEvents();

    // Change editMode to READ_ONLY
    updateProviderEditMode(UserFederationProvider.EditMode.READ_ONLY);

    // Login with username/password from kerberos
    changePasswordPage.open();
    // Only needed if you are providing a click thru to bypass kerberos.  Currently there is a
    // javascript
    // to forward the user if kerberos isn't enabled.
    // bypassPage.isCurrent();
    // bypassPage.clickContinue();
    loginPage.assertCurrent();
    loginPage.login("jduke", "theduke");
    changePasswordPage.assertCurrent();

    // Change password is not possible as editMode is READ_ONLY
    changePasswordPage.changePassword("theduke", "newPass", "newPass");
    Assert.assertTrue(
        driver
            .getPageSource()
            .contains("You can't update your password as your account is read only"));

    // Change editMode to UNSYNCED
    updateProviderEditMode(UserFederationProvider.EditMode.UNSYNCED);

    // Successfully change password now
    changePasswordPage.changePassword("theduke", "newPass", "newPass");
    Assert.assertTrue(driver.getPageSource().contains("Your password has been updated."));
    changePasswordPage.logout();

    // Only needed if you are providing a click thru to bypass kerberos.  Currently there is a
    // javascript
    // to forward the user if kerberos isn't enabled.
    // bypassPage.isCurrent();
    // bypassPage.clickContinue();
    // Login with old password doesn't work, but with new password works
    loginPage.login("jduke", "theduke");
    loginPage.assertCurrent();
    loginPage.login("jduke", "newPass");
    changePasswordPage.assertCurrent();
    changePasswordPage.logout();

    // Assert SPNEGO login still with the old password as mode is unsynced
    events.clear();
    Response spnegoResponse = spnegoLogin("jduke", "theduke");
    Assert.assertEquals(302, spnegoResponse.getStatus());
    String redirect = spnegoResponse.getLocation().toString();
    events
        .expectLogin()
        .client("kerberos-app")
        .user(keycloakRule.getUser("test", "jduke").getId())
        .detail(Details.REDIRECT_URI, KERBEROS_APP_URL)
        // .detail(Details.AUTH_METHOD, "spnego")
        .detail(Details.USERNAME, "jduke")
        .assertEvent();
    spnegoResponse.close();
  }
Beispiel #4
0
  @Test
  public void changeUsername() {
    // allow to edit the username in realm
    keycloakRule.update(
        new KeycloakRule.KeycloakSetup() {
          @Override
          public void config(
              RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
            appRealm.setEditUsernameAllowed(true);
          }
        });

    try {
      profilePage.open();
      loginPage.login("test-user@localhost", "password");

      events
          .expectLogin()
          .client("account")
          .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
          .assertEvent();

      Assert.assertEquals("test-user@localhost", profilePage.getUsername());
      Assert.assertEquals("Tom", profilePage.getFirstName());
      Assert.assertEquals("Brady", profilePage.getLastName());
      Assert.assertEquals("test-user@localhost", profilePage.getEmail());

      // All fields are required, so there should be an error when something is missing.
      profilePage.updateProfile("", "New first", "New last", "*****@*****.**");

      Assert.assertEquals("Please specify username.", profilePage.getError());
      Assert.assertEquals("", profilePage.getUsername());
      Assert.assertEquals("New first", profilePage.getFirstName());
      Assert.assertEquals("New last", profilePage.getLastName());
      Assert.assertEquals("*****@*****.**", profilePage.getEmail());

      events.assertEmpty();

      // Change to the username already occupied by other user
      profilePage.updateProfile(
          "test-user-no-access@localhost", "New first", "New last", "*****@*****.**");

      Assert.assertEquals("Username already exists.", profilePage.getError());
      Assert.assertEquals("test-user-no-access@localhost", profilePage.getUsername());
      Assert.assertEquals("New first", profilePage.getFirstName());
      Assert.assertEquals("New last", profilePage.getLastName());
      Assert.assertEquals("*****@*****.**", profilePage.getEmail());

      events.assertEmpty();

      profilePage.updateProfile(
          "test-user-new@localhost", "New first", "New last", "*****@*****.**");

      Assert.assertEquals("Your account has been updated.", profilePage.getSuccess());
      Assert.assertEquals("test-user-new@localhost", profilePage.getUsername());
      Assert.assertEquals("New first", profilePage.getFirstName());
      Assert.assertEquals("New last", profilePage.getLastName());
      Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    } finally {
      // reset user for other tests
      profilePage.updateProfile("test-user@localhost", "Tom", "Brady", "test-user@localhost");
      events.clear();

      // reset realm
      keycloakRule.update(
          new KeycloakRule.KeycloakSetup() {
            @Override
            public void config(
                RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
              appRealm.setEditUsernameAllowed(false);
            }
          });
    }
  }
Beispiel #5
0
  @Test
  public void changeProfile() {
    profilePage.open();
    loginPage.login("test-user@localhost", "password");

    events
        .expectLogin()
        .client("account")
        .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
        .assertEvent();

    Assert.assertEquals("Tom", profilePage.getFirstName());
    Assert.assertEquals("Brady", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    // All fields are required, so there should be an error when something is missing.
    profilePage.updateProfile("", "New last", "*****@*****.**");

    Assert.assertEquals("Please specify first name.", profilePage.getError());
    Assert.assertEquals("", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    events.assertEmpty();

    profilePage.updateProfile("New first", "", "*****@*****.**");

    Assert.assertEquals("Please specify last name.", profilePage.getError());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("", profilePage.getLastName());
    Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    events.assertEmpty();

    profilePage.updateProfile("New first", "New last", "");

    Assert.assertEquals("Please specify email.", profilePage.getError());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("", profilePage.getEmail());

    events.assertEmpty();

    profilePage.clickCancel();

    Assert.assertEquals("Tom", profilePage.getFirstName());
    Assert.assertEquals("Brady", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    events.assertEmpty();

    profilePage.updateProfile("New first", "New last", "*****@*****.**");

    Assert.assertEquals("Your account has been updated.", profilePage.getSuccess());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    events.expectAccount(EventType.UPDATE_PROFILE).assertEvent();
    events
        .expectAccount(EventType.UPDATE_EMAIL)
        .detail(Details.PREVIOUS_EMAIL, "test-user@localhost")
        .detail(Details.UPDATED_EMAIL, "*****@*****.**")
        .assertEvent();

    // reset user for other tests
    profilePage.updateProfile("Tom", "Brady", "test-user@localhost");
    events.clear();
  }