@Test
public void changePassword() {
changePasswordPage.open();
loginPage.login("test-user@localhost", "password");
changePasswordPage.changePassword("", "new-password", "new-password");
Assert.assertTrue(profilePage.isError());
changePasswordPage.changePassword("password", "new-password", "new-password2");
Assert.assertTrue(profilePage.isError());
changePasswordPage.changePassword("password", "new-password", "new-password");
Assert.assertTrue(profilePage.isSuccess());
changePasswordPage.logout();
loginPage.open();
loginPage.login("test-user@localhost", "password");
Assert.assertEquals("Invalid username or password.", loginPage.getError());
loginPage.open();
loginPage.login("test-user@localhost", "new-password");
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
}
@Test
public void loginInvalidUsername() {
loginPage.open();
loginPage.login("invalid", "password");
loginPage.assertCurrent();
Assert.assertEquals("Invalid username or password.", loginPage.getError());
}
@Test
public void loginInvalidPassword() {
loginPage.open();
loginPage.login("test-user@localhost", "invalid");
loginPage.assertCurrent();
Assert.assertEquals("Invalid username or password.", loginPage.getError());
}
@Test
public void changePassword() {
changePasswordPage.open();
loginPage.login("test-user@localhost", "password");
Event event =
events
.expectLogin()
.client("account")
.detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password")
.assertEvent();
String sessionId = event.getSessionId();
String userId = event.getUserId();
changePasswordPage.changePassword("", "new-password", "new-password");
Assert.assertEquals("Please specify password.", profilePage.getError());
changePasswordPage.changePassword("password", "new-password", "new-password2");
Assert.assertEquals("Password confirmation doesn't match.", profilePage.getError());
changePasswordPage.changePassword("password", "new-password", "new-password");
Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());
events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
changePasswordPage.logout();
events
.expectLogout(sessionId)
.detail(Details.REDIRECT_URI, changePasswordPage.getPath())
.assertEvent();
loginPage.open();
loginPage.login("test-user@localhost", "password");
Assert.assertEquals("Invalid username or password.", loginPage.getError());
events
.expectLogin()
.session((String) null)
.error("invalid_user_credentials")
.removeDetail(Details.CONSENT)
.assertEvent();
loginPage.open();
loginPage.login("test-user@localhost", "new-password");
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
events.expectLogin().assertEvent();
}
@Test
public void loginWithHotpInvalidPassword() throws Exception {
loginPage.open();
loginPage.login("test-user@localhost", "invalid");
Assert.assertTrue(loginPage.isCurrent());
Assert.assertEquals("Invalid username or password.", loginPage.getError());
events
.expectLogin()
.error("invalid_user_credentials")
.session((String) null)
.removeDetail(Details.CONSENT)
.assertEvent();
}
@Test
public void loginWithHotpFailure() throws Exception {
loginPage.open();
loginPage.login("test-user@localhost", "password");
Assert.assertTrue(loginTotpPage.isCurrent());
loginTotpPage.login("123456");
loginTotpPage.assertCurrent();
Assert.assertEquals("Invalid authenticator code.", loginPage.getError());
// loginPage.assertCurrent(); // Invalid authenticator code.
// Assert.assertEquals("Invalid username or password.", loginPage.getError());
events
.expectLogin()
.error("invalid_user_credentials")
.session((String) null)
.removeDetail(Details.CONSENT)
.assertEvent();
}
// KEYCLOAK-3267
@Test
public void loginWithExistingUserWithBruteForceEnabled() {
adminClient
.realm(consumerRealmName())
.update(RealmBuilder.create().bruteForceProtected(true).failureFactor(2).build());
loginWithExistingUser();
driver.navigate().to(getAccountPasswordUrl(consumerRealmName()));
accountPasswordPage.changePassword("password", "password");
driver
.navigate()
.to(
getAuthRoot()
+ "/auth/realms/"
+ providerRealmName()
+ "/protocol/"
+ "openid-connect"
+ "/logout?redirect_uri="
+ encodeUrl(getAccountUrl(providerRealmName())));
driver.navigate().to(getAccountUrl(consumerRealmName()));
try {
waitForPage("log in to");
} catch (TimeoutException e) {
log.debug(driver.getTitle());
log.debug(driver.getPageSource());
Assert.fail("Timeout while waiting for login page");
}
for (int i = 0; i < 3; i++) {
try {
waitForElementEnabled("login");
} catch (TimeoutException e) {
Assert.fail("Timeout while waiting for login element enabled");
}
accountLoginPage.login(getUserLogin(), "invalid");
}
assertEquals("Invalid username or password.", accountLoginPage.getError());
accountLoginPage.clickSocial(getIDPAlias());
try {
waitForPage("log in to");
} catch (TimeoutException e) {
log.debug(driver.getTitle());
log.debug(driver.getPageSource());
Assert.fail("Timeout while waiting for login page");
}
Assert.assertTrue(
"Driver should be on the provider realm page right now",
driver.getCurrentUrl().contains("/auth/realms/" + providerRealmName() + "/"));
accountLoginPage.login(getUserLogin(), getUserPassword());
assertEquals("Account is disabled, contact admin.", errorPage.getError());
}