@Test
public void changeProfileNoAccess() throws Exception {
profilePage.open();
loginPage.login("test-user-no-access@localhost", "password");
Assert.assertTrue(errorPage.isCurrent());
Assert.assertEquals("No access", errorPage.getError());
}
@Test
public void resetPasswordCancel() throws IOException, MessagingException {
loginPage.open();
loginPage.resetPassword();
resetPasswordPage.assertCurrent();
resetPasswordPage.changePassword("login-test");
resetPasswordPage.assertCurrent();
events
.expectRequiredAction(EventType.SEND_RESET_PASSWORD)
.user(userId)
.detail(Details.USERNAME, "login-test")
.detail(Details.EMAIL, "*****@*****.**")
.assertEvent()
.getSessionId();
resetPasswordPage.backToLogin();
Assert.assertTrue(loginPage.isCurrent());
loginPage.login("login-test", "password");
events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent();
Assert.assertEquals(1, greenMail.getReceivedMessages().length);
MimeMessage message = greenMail.getReceivedMessages()[0];
String body = (String) message.getContent();
String changePasswordUrl = MailUtil.getLink(body);
driver.navigate().to(changePasswordUrl.trim());
events
.expect(EventType.RESET_PASSWORD_ERROR)
.client((String) null)
.user((String) null)
.error("invalid_code")
.clearDetails()
.assertEvent();
Assert.assertTrue(errorPage.isCurrent());
Assert.assertEquals(
"Unknown code, please login again through your application.", errorPage.getError());
}
@Test
public void changeProfileNoAccess() throws Exception {
profilePage.open();
loginPage.login("test-user-no-access@localhost", "password");
events
.expectLogin()
.client("account")
.user(keycloakRule.getUser("test", "test-user-no-access@localhost").getId())
.detail(Details.USERNAME, "test-user-no-access@localhost")
.detail(Details.REDIRECT_URI, ACCOUNT_REDIRECT)
.assertEvent();
Assert.assertTrue(errorPage.isCurrent());
Assert.assertEquals("No access", errorPage.getError());
}
// KEYCLOAK-3267
@Test
public void loginWithExistingUserWithBruteForceEnabled() {
adminClient
.realm(consumerRealmName())
.update(RealmBuilder.create().bruteForceProtected(true).failureFactor(2).build());
loginWithExistingUser();
driver.navigate().to(getAccountPasswordUrl(consumerRealmName()));
accountPasswordPage.changePassword("password", "password");
driver
.navigate()
.to(
getAuthRoot()
+ "/auth/realms/"
+ providerRealmName()
+ "/protocol/"
+ "openid-connect"
+ "/logout?redirect_uri="
+ encodeUrl(getAccountUrl(providerRealmName())));
driver.navigate().to(getAccountUrl(consumerRealmName()));
try {
waitForPage("log in to");
} catch (TimeoutException e) {
log.debug(driver.getTitle());
log.debug(driver.getPageSource());
Assert.fail("Timeout while waiting for login page");
}
for (int i = 0; i < 3; i++) {
try {
waitForElementEnabled("login");
} catch (TimeoutException e) {
Assert.fail("Timeout while waiting for login element enabled");
}
accountLoginPage.login(getUserLogin(), "invalid");
}
assertEquals("Invalid username or password.", accountLoginPage.getError());
accountLoginPage.clickSocial(getIDPAlias());
try {
waitForPage("log in to");
} catch (TimeoutException e) {
log.debug(driver.getTitle());
log.debug(driver.getPageSource());
Assert.fail("Timeout while waiting for login page");
}
Assert.assertTrue(
"Driver should be on the provider realm page right now",
driver.getCurrentUrl().contains("/auth/realms/" + providerRealmName() + "/"));
accountLoginPage.login(getUserLogin(), getUserPassword());
assertEquals("Account is disabled, contact admin.", errorPage.getError());
}