Esempio n. 1
0
  @Test
  public void changePassword() {
    changePasswordPage.open();
    loginPage.login("test-user@localhost", "password");

    changePasswordPage.changePassword("", "new-password", "new-password");

    Assert.assertTrue(profilePage.isError());

    changePasswordPage.changePassword("password", "new-password", "new-password2");

    Assert.assertTrue(profilePage.isError());

    changePasswordPage.changePassword("password", "new-password", "new-password");

    Assert.assertTrue(profilePage.isSuccess());

    changePasswordPage.logout();

    loginPage.open();
    loginPage.login("test-user@localhost", "password");

    Assert.assertEquals("Invalid username or password.", loginPage.getError());

    loginPage.open();
    loginPage.login("test-user@localhost", "new-password");

    Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
  }
Esempio n. 2
0
  @Test
  public void changePasswordWithPasswordPolicy() {
    keycloakRule.configure(
        new KeycloakRule.KeycloakSetup() {
          @Override
          public void config(
              RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
            appRealm.setPasswordPolicy(new PasswordPolicy("length"));
          }
        });

    try {
      changePasswordPage.open();
      loginPage.login("test-user@localhost", "password");

      changePasswordPage.changePassword("", "new", "new");

      Assert.assertTrue(profilePage.isError());

      changePasswordPage.changePassword("password", "new-password", "new-password");

      Assert.assertTrue(profilePage.isSuccess());
    } finally {
      keycloakRule.configure(
          new KeycloakRule.KeycloakSetup() {
            @Override
            public void config(
                RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
              appRealm.setPasswordPolicy(new PasswordPolicy(null));
            }
          });
    }
  }
Esempio n. 3
0
  @Test
  public void setupTotp() {
    totpPage.open();
    loginPage.login("test-user@localhost", "password");

    events
        .expectLogin()
        .client("account")
        .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=totp")
        .assertEvent();

    Assert.assertTrue(totpPage.isCurrent());

    Assert.assertFalse(driver.getPageSource().contains("Remove Google"));

    // Error with false code
    totpPage.configure(totp.generate(totpPage.getTotpSecret() + "123"));

    Assert.assertEquals("Invalid authenticator code.", profilePage.getError());

    totpPage.configure(totp.generate(totpPage.getTotpSecret()));

    Assert.assertEquals("Mobile authenticator configured.", profilePage.getSuccess());

    events.expectAccount(EventType.UPDATE_TOTP).assertEvent();

    Assert.assertTrue(driver.getPageSource().contains("pficon-delete"));

    totpPage.removeTotp();

    events.expectAccount(EventType.REMOVE_TOTP).assertEvent();
  }
Esempio n. 4
0
  @Test
  public void returnToAppFromQueryParam() {
    driver.navigate().to(AccountUpdateProfilePage.PATH + "?referrer=test-app");
    loginPage.login("test-user@localhost", "password");
    Assert.assertTrue(profilePage.isCurrent());
    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());
  }
Esempio n. 5
0
  @Test
  public void returnToAppFromHeader() {
    appPage.open();
    appPage.openAccount();
    loginPage.login("test-user@localhost", "password");

    Assert.assertTrue(profilePage.isCurrent());
    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());
  }
Esempio n. 6
0
  @Test
  public void changePassword() {
    changePasswordPage.open();
    loginPage.login("test-user@localhost", "password");

    Event event =
        events
            .expectLogin()
            .client("account")
            .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password")
            .assertEvent();
    String sessionId = event.getSessionId();
    String userId = event.getUserId();
    changePasswordPage.changePassword("", "new-password", "new-password");

    Assert.assertEquals("Please specify password.", profilePage.getError());

    changePasswordPage.changePassword("password", "new-password", "new-password2");

    Assert.assertEquals("Password confirmation doesn't match.", profilePage.getError());

    changePasswordPage.changePassword("password", "new-password", "new-password");

    Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());

    events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();

    changePasswordPage.logout();

    events
        .expectLogout(sessionId)
        .detail(Details.REDIRECT_URI, changePasswordPage.getPath())
        .assertEvent();

    loginPage.open();
    loginPage.login("test-user@localhost", "password");

    Assert.assertEquals("Invalid username or password.", loginPage.getError());

    events
        .expectLogin()
        .session((String) null)
        .error("invalid_user_credentials")
        .removeDetail(Details.CONSENT)
        .assertEvent();

    loginPage.open();
    loginPage.login("test-user@localhost", "new-password");

    Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());

    events.expectLogin().assertEvent();
  }
Esempio n. 7
0
  @Test
  public void changeProfileNoAccess() throws Exception {
    profilePage.open();
    loginPage.login("test-user-no-access@localhost", "password");

    Assert.assertTrue(errorPage.isCurrent());
    Assert.assertEquals("No access", errorPage.getError());
  }
Esempio n. 8
0
  @Test
  public void returnToAppFromQueryParam() {
    driver.navigate().to(AccountUpdateProfilePage.PATH + "?referrer=test-app");
    loginPage.login("test-user@localhost", "password");
    Assert.assertTrue(profilePage.isCurrent());
    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());

    driver
        .navigate()
        .to(
            AccountUpdateProfilePage.PATH
                + "?referrer=test-app&referrer_uri=http://localhost:8081/app?test");
    Assert.assertTrue(profilePage.isCurrent());
    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());
    Assert.assertEquals(appPage.baseUrl + "?test", driver.getCurrentUrl());

    driver.navigate().to(AccountUpdateProfilePage.PATH + "?referrer=test-app");
    Assert.assertTrue(profilePage.isCurrent());

    driver.findElement(By.linkText("Authenticator")).click();
    Assert.assertTrue(totpPage.isCurrent());

    driver.findElement(By.linkText("Account")).click();
    Assert.assertTrue(profilePage.isCurrent());

    profilePage.backToApplication();

    Assert.assertTrue(appPage.isCurrent());

    events.clear();
  }
Esempio n. 9
0
  @Test
  public void setupTotp() {
    totpPage.open();
    loginPage.login("test-user@localhost", "password");

    Assert.assertTrue(totpPage.isCurrent());

    Assert.assertFalse(driver.getPageSource().contains("Remove Google"));

    // Error with false code
    totpPage.configure(totp.generate(totpPage.getTotpSecret() + "123"));

    Assert.assertTrue(profilePage.isError());

    totpPage.configure(totp.generate(totpPage.getTotpSecret()));

    Assert.assertTrue(profilePage.isSuccess());

    Assert.assertTrue(driver.getPageSource().contains("Remove Google"));
  }
Esempio n. 10
0
  @Test
  public void changePasswordWithLengthPasswordPolicy() {
    keycloakRule.update(
        new KeycloakRule.KeycloakSetup() {
          @Override
          public void config(
              RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
            appRealm.setPasswordPolicy(new PasswordPolicy("length"));
          }
        });

    try {
      changePasswordPage.open();
      loginPage.login("test-user@localhost", "password");

      events
          .expectLogin()
          .client("account")
          .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password")
          .assertEvent();

      changePasswordPage.changePassword("", "new", "new");

      Assert.assertEquals("Please specify password.", profilePage.getError());

      changePasswordPage.changePassword("password", "new-password", "new-password");

      Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());

      events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
    } finally {
      keycloakRule.update(
          new KeycloakRule.KeycloakSetup() {
            @Override
            public void config(
                RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
              appRealm.setPasswordPolicy(new PasswordPolicy(null));
            }
          });
    }
  }
Esempio n. 11
0
  @Test
  public void changeProfileNoAccess() throws Exception {
    profilePage.open();
    loginPage.login("test-user-no-access@localhost", "password");

    events
        .expectLogin()
        .client("account")
        .user(keycloakRule.getUser("test", "test-user-no-access@localhost").getId())
        .detail(Details.USERNAME, "test-user-no-access@localhost")
        .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
        .assertEvent();

    Assert.assertTrue(errorPage.isCurrent());
    Assert.assertEquals("No access", errorPage.getError());
  }
Esempio n. 12
0
  @Test
  public void changeProfile() {
    profilePage.open();
    loginPage.login("test-user@localhost", "password");

    Assert.assertEquals("", profilePage.getFirstName());
    Assert.assertEquals("", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    // All fields are required, so there should be an error when something is missing.
    profilePage.updateProfile("", "New last", "*****@*****.**");

    Assert.assertTrue(profilePage.isError());
    Assert.assertEquals("", profilePage.getFirstName());
    Assert.assertEquals("", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    profilePage.updateProfile("New first", "", "*****@*****.**");

    Assert.assertTrue(profilePage.isError());
    Assert.assertEquals("", profilePage.getFirstName());
    Assert.assertEquals("", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    profilePage.updateProfile("New first", "New last", "");

    Assert.assertTrue(profilePage.isError());
    Assert.assertEquals("", profilePage.getFirstName());
    Assert.assertEquals("", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    profilePage.updateProfile("New first", "New last", "*****@*****.**");

    Assert.assertTrue(profilePage.isSuccess());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("*****@*****.**", profilePage.getEmail());
  }
Esempio n. 13
0
  @Test
  public void viewLog() {
    keycloakRule.update(
        new KeycloakSetup() {
          @Override
          public void config(
              RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
            appRealm.setEventsEnabled(true);
          }
        });

    try {
      List<Event> expectedEvents = new LinkedList<Event>();

      loginPage.open();
      loginPage.clickRegister();

      registerPage.register(
          "view", "log", "view-log@localhost", "view-log", "password", "password");

      expectedEvents.add(events.poll());
      expectedEvents.add(events.poll());

      profilePage.open();
      profilePage.updateProfile("view", "log2", "view-log@localhost");

      expectedEvents.add(events.poll());

      logPage.open();

      Assert.assertTrue(logPage.isCurrent());

      List<List<String>> actualEvents = logPage.getEvents();

      Assert.assertEquals(expectedEvents.size(), actualEvents.size());

      for (Event e : expectedEvents) {
        boolean match = false;
        for (List<String> a : logPage.getEvents()) {
          if (e.getType().toString().replace('_', ' ').toLowerCase().equals(a.get(1))
              && e.getIpAddress().equals(a.get(2))
              && e.getClientId().equals(a.get(3))) {
            match = true;
            break;
          }
        }
        if (!match) {
          Assert.fail("Event not found " + e.getType());
        }
      }
    } finally {
      keycloakRule.update(
          new KeycloakSetup() {
            @Override
            public void config(
                RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
              appRealm.setEventsEnabled(false);
            }
          });
    }
  }
Esempio n. 14
0
  // KEYCLOAK-1534
  @Test
  public void changeEmailToExisting() {
    profilePage.open();
    loginPage.login("test-user@localhost", "password");

    events
        .expectLogin()
        .client("account")
        .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
        .assertEvent();

    Assert.assertEquals("test-user@localhost", profilePage.getUsername());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    // Change to the email, which some other user has
    profilePage.updateProfile("New first", "New last", "test-user-no-access@localhost");

    profilePage.assertCurrent();
    Assert.assertEquals("Email already exists.", profilePage.getError());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("test-user-no-access@localhost", profilePage.getEmail());

    events.assertEmpty();

    // Change some other things, but not email
    profilePage.updateProfile("New first", "New last", "test-user@localhost");

    Assert.assertEquals("Your account has been updated.", profilePage.getSuccess());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    events.expectAccount(EventType.UPDATE_PROFILE).assertEvent();

    // Change email and other things to original values
    profilePage.updateProfile("Tom", "Brady", "test-user@localhost");
    events.expectAccount(EventType.UPDATE_PROFILE).assertEvent();
  }
Esempio n. 15
0
  @Test
  public void changeUsername() {
    // allow to edit the username in realm
    keycloakRule.update(
        new KeycloakRule.KeycloakSetup() {
          @Override
          public void config(
              RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
            appRealm.setEditUsernameAllowed(true);
          }
        });

    try {
      profilePage.open();
      loginPage.login("test-user@localhost", "password");

      events
          .expectLogin()
          .client("account")
          .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
          .assertEvent();

      Assert.assertEquals("test-user@localhost", profilePage.getUsername());
      Assert.assertEquals("Tom", profilePage.getFirstName());
      Assert.assertEquals("Brady", profilePage.getLastName());
      Assert.assertEquals("test-user@localhost", profilePage.getEmail());

      // All fields are required, so there should be an error when something is missing.
      profilePage.updateProfile("", "New first", "New last", "*****@*****.**");

      Assert.assertEquals("Please specify username.", profilePage.getError());
      Assert.assertEquals("", profilePage.getUsername());
      Assert.assertEquals("New first", profilePage.getFirstName());
      Assert.assertEquals("New last", profilePage.getLastName());
      Assert.assertEquals("*****@*****.**", profilePage.getEmail());

      events.assertEmpty();

      // Change to the username already occupied by other user
      profilePage.updateProfile(
          "test-user-no-access@localhost", "New first", "New last", "*****@*****.**");

      Assert.assertEquals("Username already exists.", profilePage.getError());
      Assert.assertEquals("test-user-no-access@localhost", profilePage.getUsername());
      Assert.assertEquals("New first", profilePage.getFirstName());
      Assert.assertEquals("New last", profilePage.getLastName());
      Assert.assertEquals("*****@*****.**", profilePage.getEmail());

      events.assertEmpty();

      profilePage.updateProfile(
          "test-user-new@localhost", "New first", "New last", "*****@*****.**");

      Assert.assertEquals("Your account has been updated.", profilePage.getSuccess());
      Assert.assertEquals("test-user-new@localhost", profilePage.getUsername());
      Assert.assertEquals("New first", profilePage.getFirstName());
      Assert.assertEquals("New last", profilePage.getLastName());
      Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    } finally {
      // reset user for other tests
      profilePage.updateProfile("test-user@localhost", "Tom", "Brady", "test-user@localhost");
      events.clear();

      // reset realm
      keycloakRule.update(
          new KeycloakRule.KeycloakSetup() {
            @Override
            public void config(
                RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
              appRealm.setEditUsernameAllowed(false);
            }
          });
    }
  }
Esempio n. 16
0
  @Test
  public void changeProfile() {
    profilePage.open();
    loginPage.login("test-user@localhost", "password");

    events
        .expectLogin()
        .client("account")
        .detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
        .assertEvent();

    Assert.assertEquals("Tom", profilePage.getFirstName());
    Assert.assertEquals("Brady", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    // All fields are required, so there should be an error when something is missing.
    profilePage.updateProfile("", "New last", "*****@*****.**");

    Assert.assertEquals("Please specify first name.", profilePage.getError());
    Assert.assertEquals("", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    events.assertEmpty();

    profilePage.updateProfile("New first", "", "*****@*****.**");

    Assert.assertEquals("Please specify last name.", profilePage.getError());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("", profilePage.getLastName());
    Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    events.assertEmpty();

    profilePage.updateProfile("New first", "New last", "");

    Assert.assertEquals("Please specify email.", profilePage.getError());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("", profilePage.getEmail());

    events.assertEmpty();

    profilePage.clickCancel();

    Assert.assertEquals("Tom", profilePage.getFirstName());
    Assert.assertEquals("Brady", profilePage.getLastName());
    Assert.assertEquals("test-user@localhost", profilePage.getEmail());

    events.assertEmpty();

    profilePage.updateProfile("New first", "New last", "*****@*****.**");

    Assert.assertEquals("Your account has been updated.", profilePage.getSuccess());
    Assert.assertEquals("New first", profilePage.getFirstName());
    Assert.assertEquals("New last", profilePage.getLastName());
    Assert.assertEquals("*****@*****.**", profilePage.getEmail());

    events.expectAccount(EventType.UPDATE_PROFILE).assertEvent();
    events
        .expectAccount(EventType.UPDATE_EMAIL)
        .detail(Details.PREVIOUS_EMAIL, "test-user@localhost")
        .detail(Details.UPDATED_EMAIL, "*****@*****.**")
        .assertEvent();

    // reset user for other tests
    profilePage.updateProfile("Tom", "Brady", "test-user@localhost");
    events.clear();
  }