Ejemplo n.º 1
0
  @Test
  public void changePassword() {
    changePasswordPage.open();
    loginPage.login("test-user@localhost", "password");

    changePasswordPage.changePassword("", "new-password", "new-password");

    Assert.assertTrue(profilePage.isError());

    changePasswordPage.changePassword("password", "new-password", "new-password2");

    Assert.assertTrue(profilePage.isError());

    changePasswordPage.changePassword("password", "new-password", "new-password");

    Assert.assertTrue(profilePage.isSuccess());

    changePasswordPage.logout();

    loginPage.open();
    loginPage.login("test-user@localhost", "password");

    Assert.assertEquals("Invalid username or password.", loginPage.getError());

    loginPage.open();
    loginPage.login("test-user@localhost", "new-password");

    Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
  }
Ejemplo n.º 2
0
  @Test
  public void changePassword() {
    changePasswordPage.open();
    loginPage.login("test-user@localhost", "password");

    Event event =
        events
            .expectLogin()
            .client("account")
            .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password")
            .assertEvent();
    String sessionId = event.getSessionId();
    String userId = event.getUserId();
    changePasswordPage.changePassword("", "new-password", "new-password");

    Assert.assertEquals("Please specify password.", profilePage.getError());

    changePasswordPage.changePassword("password", "new-password", "new-password2");

    Assert.assertEquals("Password confirmation doesn't match.", profilePage.getError());

    changePasswordPage.changePassword("password", "new-password", "new-password");

    Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());

    events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();

    changePasswordPage.logout();

    events
        .expectLogout(sessionId)
        .detail(Details.REDIRECT_URI, changePasswordPage.getPath())
        .assertEvent();

    loginPage.open();
    loginPage.login("test-user@localhost", "password");

    Assert.assertEquals("Invalid username or password.", loginPage.getError());

    events
        .expectLogin()
        .session((String) null)
        .error("invalid_user_credentials")
        .removeDetail(Details.CONSENT)
        .assertEvent();

    loginPage.open();
    loginPage.login("test-user@localhost", "new-password");

    Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());

    events.expectLogin().assertEvent();
  }
Ejemplo n.º 3
0
  @Test
  public void setupTotp() {
    totpPage.open();
    loginPage.login("test-user@localhost", "password");

    events
        .expectLogin()
        .client("account")
        .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=totp")
        .assertEvent();

    Assert.assertTrue(totpPage.isCurrent());

    Assert.assertFalse(driver.getPageSource().contains("Remove Google"));

    // Error with false code
    totpPage.configure(totp.generate(totpPage.getTotpSecret() + "123"));

    Assert.assertEquals("Invalid authenticator code.", profilePage.getError());

    totpPage.configure(totp.generate(totpPage.getTotpSecret()));

    Assert.assertEquals("Mobile authenticator configured.", profilePage.getSuccess());

    events.expectAccount(EventType.UPDATE_TOTP).assertEvent();

    Assert.assertTrue(driver.getPageSource().contains("pficon-delete"));

    totpPage.removeTotp();

    events.expectAccount(EventType.REMOVE_TOTP).assertEvent();
  }
Ejemplo n.º 4
0
  @Test
  public void loginSuccess() {
    loginPage.open();
    loginPage.login("test-user@localhost", "password");

    Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
  }
Ejemplo n.º 5
0
 private void loginSuccessAndLogout(String username, String password) {
   loginPage.open();
   loginPage.login(username, password);
   Assert.assertEquals(AppPage.RequestType.AUTH_RESPONSE, appPage.getRequestType());
   Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
   oauth.openLogout();
 }
Ejemplo n.º 6
0
  @Test
  public void returnToAppFromQueryParam() {
    driver.navigate().to(AccountUpdateProfilePage.PATH + "?referrer=test-app");
    loginPage.login("test-user@localhost", "password");
    Assert.assertTrue(profilePage.isCurrent());
    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());

    driver
        .navigate()
        .to(
            AccountUpdateProfilePage.PATH
                + "?referrer=test-app&referrer_uri=http://localhost:8081/app?test");
    Assert.assertTrue(profilePage.isCurrent());
    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());
    Assert.assertEquals(appPage.baseUrl + "?test", driver.getCurrentUrl());

    driver.navigate().to(AccountUpdateProfilePage.PATH + "?referrer=test-app");
    Assert.assertTrue(profilePage.isCurrent());

    driver.findElement(By.linkText("Authenticator")).click();
    Assert.assertTrue(totpPage.isCurrent());

    driver.findElement(By.linkText("Account")).click();
    Assert.assertTrue(profilePage.isCurrent());

    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());

    events.clear();
  }
Ejemplo n.º 7
0
  @Test
  public void changePasswordWithPasswordPolicy() {
    keycloakRule.configure(
        new KeycloakRule.KeycloakSetup() {
          @Override
          public void config(
              RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
            appRealm.setPasswordPolicy(new PasswordPolicy("length"));
          }
        });

    try {
      changePasswordPage.open();
      loginPage.login("test-user@localhost", "password");

      changePasswordPage.changePassword("", "new", "new");

      Assert.assertTrue(profilePage.isError());

      changePasswordPage.changePassword("password", "new-password", "new-password");

      Assert.assertTrue(profilePage.isSuccess());
    } finally {
      keycloakRule.configure(
          new KeycloakRule.KeycloakSetup() {
            @Override
            public void config(
                RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
              appRealm.setPasswordPolicy(new PasswordPolicy(null));
            }
          });
    }
  }
Ejemplo n.º 8
0
  public void testRedirectSignedLoginLogoutFront() {
    // visit 1st app an logg in
    System.out.println("visit 1st app ");
    driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig/");
    assertAtLoginPageRedirectBinding();
    System.out.println("login to form");
    loginPage.login("bburke", "password");
    assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee-sig/");
    Assert.assertTrue(driver.getPageSource().contains("bburke"));

    // visit 2nd app
    System.out.println("visit 2nd app ");
    driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig-front/");
    assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee-sig-front/");
    Assert.assertTrue(driver.getPageSource().contains("bburke"));

    // visit 3rd app
    System.out.println("visit 3rd app ");
    driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig/");
    assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-sig/");
    Assert.assertTrue(driver.getPageSource().contains("bburke"));

    // logout of first app
    System.out.println("GLO");
    driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig?GLO=true");
    checkLoggedOut(APP_SERVER_BASE_URL + "/employee-sig/", false);
    driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig-front/");
    String currentUrl = driver.getCurrentUrl();
    Assert.assertTrue(currentUrl.startsWith(AUTH_SERVER_URL + "/realms/demo/protocol/saml"));
    driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig/");
    assertAtLoginPagePostBinding();
  }
Ejemplo n.º 9
0
  @Test
  public void loginWithExistingUser() {
    logInAsUserInIDP();

    Integer userCount = adminClient.realm(consumerRealmName()).users().count();

    driver.navigate().to(getAccountUrl(consumerRealmName()));

    log.debug("Clicking social " + getIDPAlias());
    accountLoginPage.clickSocial(getIDPAlias());

    waitForPage("log in to");

    Assert.assertTrue(
        "Driver should be on the provider realm page right now",
        driver.getCurrentUrl().contains("/auth/realms/" + providerRealmName() + "/"));

    accountLoginPage.login(getUserLogin(), getUserPassword());

    assertEquals(
        accountPage.buildUri().toASCIIString().replace("master", "consumer") + "/",
        driver.getCurrentUrl());

    assertEquals(userCount, adminClient.realm(consumerRealmName()).users().count());
  }
Ejemplo n.º 10
0
  public void testPostPassiveLoginLogout(boolean forbiddenIfNotauthenticated) {
    // first request on passive app - no login page shown, user not logged in as we are in passive
    // mode.
    // Shown page depends on used authentication mechanism, some may return forbidden error, some
    // return requested page with anonymous user (not logged in)
    driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-passive/");
    assertEquals(APP_SERVER_BASE_URL + "/sales-post-passive/saml", driver.getCurrentUrl());
    System.out.println(driver.getPageSource());
    if (forbiddenIfNotauthenticated) {
      Assert.assertTrue(driver.getPageSource().contains("HTTP status code: 403"));
    } else {
      Assert.assertTrue(driver.getPageSource().contains("principal=null"));
    }

    // login user by asking login from other app
    driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post/");
    loginPage.login("bburke", "password");

    // navigate to the passive app again, we have to be logged in now
    driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-passive/");
    assertEquals(APP_SERVER_BASE_URL + "/sales-post-passive/", driver.getCurrentUrl());
    System.out.println(driver.getPageSource());
    Assert.assertTrue(driver.getPageSource().contains("bburke"));

    // logout from both app
    driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-passive?GLO=true");
    driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post?GLO=true");

    // refresh passive app page, not logged in again as we are in passive mode
    driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-passive/");
    assertEquals(APP_SERVER_BASE_URL + "/sales-post-passive/saml", driver.getCurrentUrl());
    Assert.assertFalse(driver.getPageSource().contains("bburke"));
  }
Ejemplo n.º 11
0
  @Test
  public void testRedirectSignedLoginLogoutFront() {
    // visit 1st app an logg in
    System.out.println("visit 1st app ");
    driver.navigate().to("http://localhost:8081/employee-sig/");
    assertAtLoginPageRedirectBinding();
    System.out.println("login to form");
    loginPage.login("bburke", "password");
    Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/employee-sig/");
    Assert.assertTrue(driver.getPageSource().contains("bburke"));

    // visit 2nd app
    System.out.println("visit 2nd app ");
    driver.navigate().to("http://localhost:8081/employee-sig-front/");
    Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/employee-sig-front/");
    Assert.assertTrue(driver.getPageSource().contains("bburke"));

    // visit 3rd app
    System.out.println("visit 3rd app ");
    driver.navigate().to("http://localhost:8081/sales-post-sig/");
    Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/sales-post-sig/");
    Assert.assertTrue(driver.getPageSource().contains("bburke"));

    // logout of first app
    System.out.println("GLO");
    driver.navigate().to("http://localhost:8081/employee-sig?GLO=true");
    checkLoggedOut("http://localhost:8081/employee-sig/", false);
    driver.navigate().to("http://localhost:8081/employee-sig-front/");
    assertAtLoginPageRedirectBinding();
    driver.navigate().to("http://localhost:8081/sales-post-sig/");
    assertAtLoginPagePostBinding();
  }
Ejemplo n.º 12
0
 @Test
 public void testPostBadRealmSignature() {
   driver.navigate().to("http://localhost:8081/bad-realm-sales-post-sig/");
   assertAtLoginPagePostBinding();
   loginPage.login("bburke", "password");
   Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/bad-realm-sales-post-sig/");
   Assert.assertTrue(driver.getPageSource().contains("null"));
 }
Ejemplo n.º 13
0
  @Test
  public void changeProfileNoAccess() throws Exception {
    profilePage.open();
    loginPage.login("test-user-no-access@localhost", "password");

    Assert.assertTrue(errorPage.isCurrent());
    Assert.assertEquals("No access", errorPage.getError());
  }
Ejemplo n.º 14
0
 public void testPostSimpleUnauthorized(CheckAuthError error) {
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post/");
   assertAtLoginPagePostBinding();
   loginPage.login("unauthorized", "password");
   assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post/");
   System.out.println(driver.getPageSource());
   error.check(driver);
 }
Ejemplo n.º 15
0
  @Test
  public void returnToAppFromQueryParam() {
    driver.navigate().to(AccountUpdateProfilePage.PATH + "?referrer=test-app");
    loginPage.login("test-user@localhost", "password");
    Assert.assertTrue(profilePage.isCurrent());
    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());
  }
Ejemplo n.º 16
0
  @Test
  public void loginInvalidPassword() {
    loginPage.open();
    loginPage.login("test-user@localhost", "invalid");

    loginPage.assertCurrent();

    Assert.assertEquals("Invalid username or password.", loginPage.getError());
  }
Ejemplo n.º 17
0
 public void testPostEncryptedLoginLogout() {
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-enc/");
   assertAtLoginPagePostBinding();
   loginPage.login("bburke", "password");
   assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-enc/");
   Assert.assertTrue(driver.getPageSource().contains("bburke"));
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-enc?GLO=true");
   checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post-enc/", true);
 }
Ejemplo n.º 18
0
 public void testPostSimpleLoginLogoutIdpInitiatedRedirectTo() {
   driver.navigate().to(AUTH_SERVER_URL + "/realms/demo/protocol/saml/clients/sales-post2");
   loginPage.login("bburke", "password");
   assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post2/foo");
   System.out.println(driver.getPageSource());
   Assert.assertTrue(driver.getPageSource().contains("bburke"));
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post2?GLO=true");
   checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post2/", true);
 }
Ejemplo n.º 19
0
  @Test
  public void loginInvalidUsername() {
    loginPage.open();
    loginPage.login("invalid", "password");

    loginPage.assertCurrent();

    Assert.assertEquals("Invalid username or password.", loginPage.getError());
  }
Ejemplo n.º 20
0
 public void testPostSignedLoginLogout() {
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig/");
   assertEquals(driver.getCurrentUrl(), AUTH_SERVER_URL + "/realms/demo/protocol/saml");
   loginPage.login("bburke", "password");
   assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-sig/");
   Assert.assertTrue(driver.getPageSource().contains("bburke"));
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig?GLO=true");
   checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post-sig/");
 }
Ejemplo n.º 21
0
 public void testRedirectSignedLoginLogoutFrontNoSSO() {
   driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig-front/");
   assertAtLoginPageRedirectBinding();
   loginPage.login("bburke", "password");
   assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee-sig-front/");
   Assert.assertTrue(driver.getPageSource().contains("bburke"));
   driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig-front?GLO=true");
   checkLoggedOut(APP_SERVER_BASE_URL + "/employee-sig-front/", false);
 }
Ejemplo n.º 22
0
 public void testRedirectSignedLoginLogoutFrontNoSSO() {
   driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig-front/");
   Assert.assertTrue(
       driver.getCurrentUrl().startsWith(AUTH_SERVER_URL + "/realms/demo/protocol/saml"));
   loginPage.login("bburke", "password");
   assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee-sig-front/");
   Assert.assertTrue(driver.getPageSource().contains("bburke"));
   driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig-front?GLO=true");
   checkLoggedOut(APP_SERVER_BASE_URL + "/employee-sig-front/");
 }
Ejemplo n.º 23
0
 @Test
 public void testPostSimpleLoginLogoutIdpInitiated() {
   driver.navigate().to("http://localhost:8081/auth/realms/demo/protocol/saml/clients/sales-post");
   loginPage.login("bburke", "password");
   Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/sales-post/");
   System.out.println(driver.getPageSource());
   Assert.assertTrue(driver.getPageSource().contains("bburke"));
   driver.navigate().to("http://localhost:8081/sales-post?GLO=true");
   checkLoggedOut("http://localhost:8081/sales-post/", true);
 }
Ejemplo n.º 24
0
 public void testPostSignedLoginLogoutEmailNameID() {
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig-email/");
   assertAtLoginPagePostBinding();
   loginPage.login("bburke", "password");
   assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-sig-email/");
   System.out.println(driver.getPageSource());
   Assert.assertTrue(driver.getPageSource().contains("[email protected]"));
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig-email?GLO=true");
   checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post-sig-email/", true);
 }
Ejemplo n.º 25
0
 @Test
 public void testPostEncryptedLoginLogout() {
   driver.navigate().to("http://localhost:8081/sales-post-enc/");
   assertAtLoginPagePostBinding();
   loginPage.login("bburke", "password");
   Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/sales-post-enc/");
   Assert.assertTrue(driver.getPageSource().contains("bburke"));
   driver.navigate().to("http://localhost:8081/sales-post-enc?GLO=true");
   checkLoggedOut("http://localhost:8081/sales-post-enc/", true);
 }
Ejemplo n.º 26
0
 public void testPostSignedResponseAndAssertionLoginLogout() {
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-assertion-and-response-sig/");
   assertAtLoginPagePostBinding();
   loginPage.login("bburke", "password");
   assertEquals(
       driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-assertion-and-response-sig/");
   Assert.assertTrue(driver.getPageSource().contains("bburke"));
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-assertion-and-response-sig?GLO=true");
   checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post-assertion-and-response-sig/", true);
 }
Ejemplo n.º 27
0
 @Test
 public void testRedirectSignedLoginLogout() {
   driver.navigate().to("http://localhost:8081/employee-sig/");
   assertAtLoginPageRedirectBinding();
   loginPage.login("bburke", "password");
   Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/employee-sig/");
   Assert.assertTrue(driver.getPageSource().contains("bburke"));
   driver.navigate().to("http://localhost:8081/employee-sig?GLO=true");
   checkLoggedOut("http://localhost:8081/employee-sig/", false);
 }
Ejemplo n.º 28
0
  public void testMetadataPostSignedLoginLogout() throws Exception {

    driver.navigate().to(APP_SERVER_BASE_URL + "/sales-metadata/");
    assertAtLoginPagePostBinding();
    loginPage.login("bburke", "password");
    assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-metadata/");
    String pageSource = driver.getPageSource();
    Assert.assertTrue(pageSource.contains("bburke"));
    driver.navigate().to(APP_SERVER_BASE_URL + "/sales-metadata?GLO=true");
    checkLoggedOut(APP_SERVER_BASE_URL + "/sales-metadata/", true);
  }
Ejemplo n.º 29
0
 public void testPostSignedLoginLogoutPersistentNameID() {
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig-persistent/");
   assertEquals(driver.getCurrentUrl(), AUTH_SERVER_URL + "/realms/demo/protocol/saml");
   loginPage.login("bburke", "password");
   assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-sig-persistent/");
   System.out.println(driver.getPageSource());
   Assert.assertFalse(driver.getPageSource().contains("bburke"));
   Assert.assertTrue(driver.getPageSource().contains("principal=G-"));
   driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig-persistent?GLO=true");
   checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post-sig-persistent/");
 }
Ejemplo n.º 30
0
  @Test
  public void returnToAppFromHeader() {
    appPage.open();
    appPage.openAccount();
    loginPage.login("test-user@localhost", "password");

    Assert.assertTrue(profilePage.isCurrent());
    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());
  }