@Test
  public void testRealmKeyRotationWithNewKeyDownload() throws Exception {
    // Login success first
    loginToTokenMinTtlApp();

    // Logout
    String logoutUri =
        OIDCLoginProtocolService.logoutUrl(authServerPage.createUriBuilder())
            .queryParam(OAuth2Constants.REDIRECT_URI, tokenMinTTLPage.toString())
            .build("demo")
            .toString();
    driver.navigate().to(logoutUri);
    assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);

    // Generate new realm key
    generateNewRealmKey();

    // Try to login again. It should fail now because not yet allowed to download new keys
    tokenMinTTLPage.navigateTo();
    testRealmLoginPage.form().waitForUsernameInputPresent();
    assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
    testRealmLoginPage.form().login("*****@*****.**", "password");
    URLAssert.assertCurrentUrlStartsWith(driver, tokenMinTTLPage.getInjectedUrl().toString());
    Assert.assertNull(tokenMinTTLPage.getAccessToken());

    driver.navigate().to(logoutUri);
    assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);

    setAdapterAndServerTimeOffset(300, tokenMinTTLPage.toString() + "/unsecured/foo");

    // Try to login. Should work now due to realm key change
    loginToTokenMinTtlApp();
    driver.navigate().to(logoutUri);

    // Revert public keys change
    resetKeycloakDeploymentForAdapter(tokenMinTTLPage.toString() + "/unsecured/foo");
  }