Last active
September 10, 2018 21:20
-
-
Save slominskir/02f0c4a429fd9a30a25539596dc145e0 to your computer and use it in GitHub Desktop.
Test Case for KEYCLOAK-7270
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Tests that user can link federated identity with existing brokered | |
* account without prompt (KEYCLOAK-7270). | |
*/ | |
@Test | |
public void testAutoLinkAccountWithBroker() throws Exception { | |
final String originalFirstBrokerLoginFlowId = getRealm().getIdentityProviderByAlias(getProviderId()).getFirstBrokerLoginFlowId(); | |
brokerServerRule.update(new KeycloakRule.KeycloakSetup() { | |
@Override | |
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) { | |
AuthenticationFlowModel newFlow = new AuthenticationFlowModel(); | |
newFlow.setAlias("AutoLink"); | |
newFlow.setDescription("AutoLink"); | |
newFlow.setProviderId("basic-flow"); | |
newFlow.setBuiltIn(false); | |
newFlow.setTopLevel(true); | |
newFlow = appRealm.addAuthenticationFlow(newFlow); | |
AuthenticationExecutionModel execution = new AuthenticationExecutionModel(); | |
execution.setParentFlow(newFlow.getId()); | |
execution.setRequirement(AuthenticationExecutionModel.Requirement.ALTERNATIVE); | |
execution.setAuthenticatorFlow(false); | |
execution.setAuthenticator("idp-create-user-if-unique"); | |
execution.setPriority(1); | |
execution = appRealm.addAuthenticatorExecution(execution); | |
AuthenticationExecutionModel execution2 = new AuthenticationExecutionModel(); | |
execution2.setParentFlow(newFlow.getId()); | |
execution2.setRequirement(AuthenticationExecutionModel.Requirement.ALTERNATIVE); | |
execution2.setAuthenticatorFlow(false); | |
execution2.setAuthenticator("idp-auto-link"); | |
execution2.setPriority(2); | |
execution2 = appRealm.addAuthenticatorExecution(execution2); | |
IdentityProviderModel idp = appRealm.getIdentityProviderByAlias(getProviderId()); | |
idp.setFirstBrokerLoginFlowId(newFlow.getId()); | |
appRealm.updateIdentityProvider(idp); | |
} | |
}, APP_REALM_ID); | |
// login through OIDC broker | |
loginIDP("pedroigor"); | |
// authenticated and redirected to app. User is linked with identity provider | |
assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8081/test-app")); | |
UserModel federatedUser = getFederatedUser(); | |
assertNotNull(federatedUser); | |
assertEquals("pedroigor", federatedUser.getUsername()); | |
assertEquals("psilva@redhat.com", federatedUser.getEmail()); | |
RealmModel realmWithBroker = getRealm(); | |
Set<FederatedIdentityModel> federatedIdentities = this.session.users().getFederatedIdentities(federatedUser, realmWithBroker); | |
assertEquals(1, federatedIdentities.size()); | |
for (FederatedIdentityModel link : federatedIdentities) { | |
Assert.assertEquals("pedroigor", link.getUserName()); | |
Assert.assertTrue(link.getIdentityProvider().equals(getProviderId())); | |
} | |
brokerServerRule.update(new KeycloakRule.KeycloakSetup() { | |
@Override | |
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) { | |
appRealm.getIdentityProviderByAlias(getProviderId()).setFirstBrokerLoginFlowId(originalFirstBrokerLoginFlowId); | |
} | |
}, APP_REALM_ID); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment