@Test
public void setupTotp() {
totpPage.open();
loginPage.login("test-user@localhost", "password");
events
.expectLogin()
.client("account")
.detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=totp")
.assertEvent();
Assert.assertTrue(totpPage.isCurrent());
Assert.assertFalse(driver.getPageSource().contains("Remove Google"));
// Error with false code
totpPage.configure(totp.generate(totpPage.getTotpSecret() + "123"));
Assert.assertEquals("Invalid authenticator code.", profilePage.getError());
totpPage.configure(totp.generate(totpPage.getTotpSecret()));
Assert.assertEquals("Mobile authenticator configured.", profilePage.getSuccess());
events.expectAccount(EventType.UPDATE_TOTP).assertEvent();
Assert.assertTrue(driver.getPageSource().contains("pficon-delete"));
totpPage.removeTotp();
events.expectAccount(EventType.REMOVE_TOTP).assertEvent();
}
@Test
public void changePassword() {
changePasswordPage.open();
loginPage.login("test-user@localhost", "password");
Event event =
events
.expectLogin()
.client("account")
.detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password")
.assertEvent();
String sessionId = event.getSessionId();
String userId = event.getUserId();
changePasswordPage.changePassword("", "new-password", "new-password");
Assert.assertEquals("Please specify password.", profilePage.getError());
changePasswordPage.changePassword("password", "new-password", "new-password2");
Assert.assertEquals("Password confirmation doesn't match.", profilePage.getError());
changePasswordPage.changePassword("password", "new-password", "new-password");
Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());
events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
changePasswordPage.logout();
events
.expectLogout(sessionId)
.detail(Details.REDIRECT_URI, changePasswordPage.getPath())
.assertEvent();
loginPage.open();
loginPage.login("test-user@localhost", "password");
Assert.assertEquals("Invalid username or password.", loginPage.getError());
events
.expectLogin()
.session((String) null)
.error("invalid_user_credentials")
.removeDetail(Details.CONSENT)
.assertEvent();
loginPage.open();
loginPage.login("test-user@localhost", "new-password");
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
events.expectLogin().assertEvent();
}
@Test
public void changePasswordWithLengthPasswordPolicy() {
keycloakRule.update(
new KeycloakRule.KeycloakSetup() {
@Override
public void config(
RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
appRealm.setPasswordPolicy(new PasswordPolicy("length"));
}
});
try {
changePasswordPage.open();
loginPage.login("test-user@localhost", "password");
events
.expectLogin()
.client("account")
.detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT + "?path=password")
.assertEvent();
changePasswordPage.changePassword("", "new", "new");
Assert.assertEquals("Please specify password.", profilePage.getError());
changePasswordPage.changePassword("password", "new-password", "new-password");
Assert.assertEquals("Your password has been updated.", profilePage.getSuccess());
events.expectAccount(EventType.UPDATE_PASSWORD).assertEvent();
} finally {
keycloakRule.update(
new KeycloakRule.KeycloakSetup() {
@Override
public void config(
RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
appRealm.setPasswordPolicy(new PasswordPolicy(null));
}
});
}
}
// KEYCLOAK-1534
@Test
public void changeEmailToExisting() {
profilePage.open();
loginPage.login("test-user@localhost", "password");
events
.expectLogin()
.client("account")
.detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
.assertEvent();
Assert.assertEquals("test-user@localhost", profilePage.getUsername());
Assert.assertEquals("test-user@localhost", profilePage.getEmail());
// Change to the email, which some other user has
profilePage.updateProfile("New first", "New last", "test-user-no-access@localhost");
profilePage.assertCurrent();
Assert.assertEquals("Email already exists.", profilePage.getError());
Assert.assertEquals("New first", profilePage.getFirstName());
Assert.assertEquals("New last", profilePage.getLastName());
Assert.assertEquals("test-user-no-access@localhost", profilePage.getEmail());
events.assertEmpty();
// Change some other things, but not email
profilePage.updateProfile("New first", "New last", "test-user@localhost");
Assert.assertEquals("Your account has been updated.", profilePage.getSuccess());
Assert.assertEquals("New first", profilePage.getFirstName());
Assert.assertEquals("New last", profilePage.getLastName());
Assert.assertEquals("test-user@localhost", profilePage.getEmail());
events.expectAccount(EventType.UPDATE_PROFILE).assertEvent();
// Change email and other things to original values
profilePage.updateProfile("Tom", "Brady", "test-user@localhost");
events.expectAccount(EventType.UPDATE_PROFILE).assertEvent();
}
@Test
public void changeUsername() {
// allow to edit the username in realm
keycloakRule.update(
new KeycloakRule.KeycloakSetup() {
@Override
public void config(
RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
appRealm.setEditUsernameAllowed(true);
}
});
try {
profilePage.open();
loginPage.login("test-user@localhost", "password");
events
.expectLogin()
.client("account")
.detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
.assertEvent();
Assert.assertEquals("test-user@localhost", profilePage.getUsername());
Assert.assertEquals("Tom", profilePage.getFirstName());
Assert.assertEquals("Brady", profilePage.getLastName());
Assert.assertEquals("test-user@localhost", profilePage.getEmail());
// All fields are required, so there should be an error when something is missing.
profilePage.updateProfile("", "New first", "New last", "*****@*****.**");
Assert.assertEquals("Please specify username.", profilePage.getError());
Assert.assertEquals("", profilePage.getUsername());
Assert.assertEquals("New first", profilePage.getFirstName());
Assert.assertEquals("New last", profilePage.getLastName());
Assert.assertEquals("*****@*****.**", profilePage.getEmail());
events.assertEmpty();
// Change to the username already occupied by other user
profilePage.updateProfile(
"test-user-no-access@localhost", "New first", "New last", "*****@*****.**");
Assert.assertEquals("Username already exists.", profilePage.getError());
Assert.assertEquals("test-user-no-access@localhost", profilePage.getUsername());
Assert.assertEquals("New first", profilePage.getFirstName());
Assert.assertEquals("New last", profilePage.getLastName());
Assert.assertEquals("*****@*****.**", profilePage.getEmail());
events.assertEmpty();
profilePage.updateProfile(
"test-user-new@localhost", "New first", "New last", "*****@*****.**");
Assert.assertEquals("Your account has been updated.", profilePage.getSuccess());
Assert.assertEquals("test-user-new@localhost", profilePage.getUsername());
Assert.assertEquals("New first", profilePage.getFirstName());
Assert.assertEquals("New last", profilePage.getLastName());
Assert.assertEquals("*****@*****.**", profilePage.getEmail());
} finally {
// reset user for other tests
profilePage.updateProfile("test-user@localhost", "Tom", "Brady", "test-user@localhost");
events.clear();
// reset realm
keycloakRule.update(
new KeycloakRule.KeycloakSetup() {
@Override
public void config(
RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
appRealm.setEditUsernameAllowed(false);
}
});
}
}
@Test
public void changeProfile() {
profilePage.open();
loginPage.login("test-user@localhost", "password");
events
.expectLogin()
.client("account")
.detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
.assertEvent();
Assert.assertEquals("Tom", profilePage.getFirstName());
Assert.assertEquals("Brady", profilePage.getLastName());
Assert.assertEquals("test-user@localhost", profilePage.getEmail());
// All fields are required, so there should be an error when something is missing.
profilePage.updateProfile("", "New last", "*****@*****.**");
Assert.assertEquals("Please specify first name.", profilePage.getError());
Assert.assertEquals("", profilePage.getFirstName());
Assert.assertEquals("New last", profilePage.getLastName());
Assert.assertEquals("*****@*****.**", profilePage.getEmail());
events.assertEmpty();
profilePage.updateProfile("New first", "", "*****@*****.**");
Assert.assertEquals("Please specify last name.", profilePage.getError());
Assert.assertEquals("New first", profilePage.getFirstName());
Assert.assertEquals("", profilePage.getLastName());
Assert.assertEquals("*****@*****.**", profilePage.getEmail());
events.assertEmpty();
profilePage.updateProfile("New first", "New last", "");
Assert.assertEquals("Please specify email.", profilePage.getError());
Assert.assertEquals("New first", profilePage.getFirstName());
Assert.assertEquals("New last", profilePage.getLastName());
Assert.assertEquals("", profilePage.getEmail());
events.assertEmpty();
profilePage.clickCancel();
Assert.assertEquals("Tom", profilePage.getFirstName());
Assert.assertEquals("Brady", profilePage.getLastName());
Assert.assertEquals("test-user@localhost", profilePage.getEmail());
events.assertEmpty();
profilePage.updateProfile("New first", "New last", "*****@*****.**");
Assert.assertEquals("Your account has been updated.", profilePage.getSuccess());
Assert.assertEquals("New first", profilePage.getFirstName());
Assert.assertEquals("New last", profilePage.getLastName());
Assert.assertEquals("*****@*****.**", profilePage.getEmail());
events.expectAccount(EventType.UPDATE_PROFILE).assertEvent();
events
.expectAccount(EventType.UPDATE_EMAIL)
.detail(Details.PREVIOUS_EMAIL, "test-user@localhost")
.detail(Details.UPDATED_EMAIL, "*****@*****.**")
.assertEvent();
// reset user for other tests
profilePage.updateProfile("Tom", "Brady", "test-user@localhost");
events.clear();
}