KEYCLOAK-2574 Add more admin-client authentication tests

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/AbstractAuthenticationTest.java

@@ -21,6 +21,7 @@
 import org.junit.Before;
 import org.keycloak.admin.client.resource.AuthenticationManagementResource;
 import org.keycloak.admin.client.resource.RealmResource;
+import org.keycloak.representations.idm.AuthenticationExecutionExportRepresentation;
 import org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation;
 import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
 import org.keycloak.representations.idm.AuthenticatorConfigRepresentation;
@@ -92,14 +93,41 @@ void compareExecution(AuthenticationExecutionInfoRepresentation expected, Authen
         Assert.assertEquals("Execution requirement choices - " + actual.getProviderId(), expected.getRequirementChoices(), actual.getRequirementChoices());
     }
 
+    void compareExecution(AuthenticationExecutionExportRepresentation expected, AuthenticationExecutionExportRepresentation actual) {
+        Assert.assertEquals("Execution flowAlias - " + actual.getAuthenticator(), expected.getFlowAlias(), actual.getFlowAlias());
+        Assert.assertEquals("Execution authenticator - " + actual.getAuthenticator(), expected.getAuthenticator(), actual.getAuthenticator());
+        Assert.assertEquals("Execution userSetupAllowed - " + actual.getAuthenticator(), expected.isUserSetupAllowed(), actual.isUserSetupAllowed());
+        Assert.assertEquals("Execution authenticatorFlow - " + actual.getAuthenticator(), expected.isAutheticatorFlow(), actual.isAutheticatorFlow());
+        Assert.assertEquals("Execution authenticatorConfig - " + actual.getAuthenticator(), expected.getAuthenticatorConfig(), actual.getAuthenticatorConfig());
+        Assert.assertEquals("Execution priority - " + actual.getAuthenticator(), expected.getPriority(), actual.getPriority());
+        Assert.assertEquals("Execution requirement - " + actual.getAuthenticator(), expected.getRequirement(), actual.getRequirement());
+    }
+
+    void compareExecutions(List<AuthenticationExecutionExportRepresentation> expected, List<AuthenticationExecutionExportRepresentation> actual) {
+        Assert.assertNotNull("Executions should not be null", actual);
+        Assert.assertEquals("Size", expected.size(), actual.size());
+
+        for (int i = 0; i < expected.size(); i++) {
+            compareExecution(expected.get(i), actual.get(i));
+        }
+    }
+
     void compareFlows(AuthenticationFlowRepresentation expected, AuthenticationFlowRepresentation actual) {
         Assert.assertEquals("Flow alias", expected.getAlias(), actual.getAlias());
         Assert.assertEquals("Flow description", expected.getDescription(), actual.getDescription());
         Assert.assertEquals("Flow providerId", expected.getProviderId(), actual.getProviderId());
         Assert.assertEquals("Flow top level", expected.isTopLevel(), actual.isTopLevel());
         Assert.assertEquals("Flow built-in", expected.isBuiltIn(), actual.isBuiltIn());
-    }
 
+        List<AuthenticationExecutionExportRepresentation> expectedExecs = expected.getAuthenticationExecutions();
+        List<AuthenticationExecutionExportRepresentation> actualExecs = actual.getAuthenticationExecutions();
+
+        if (expectedExecs == null) {
+            Assert.assertTrue("Executions should be null or empty", actualExecs == null || actualExecs.size() == 0);
+        } else {
+            compareExecutions(expectedExecs, actualExecs);
+        }
+    }
 
     AuthenticationFlowRepresentation newFlow(String alias, String description,
                                                        String providerId, boolean topLevel, boolean builtIn) {
@@ -112,8 +140,8 @@ AuthenticationFlowRepresentation newFlow(String alias, String description,
         return flow;
     }
 
-    AuthenticationExecutionInfoRepresentation newExecution(String displayName, String providerId, Boolean configurable,
-                                                           int level, int index, String requirement, Boolean authFlow, String[] choices) {
+    AuthenticationExecutionInfoRepresentation newExecInfo(String displayName, String providerId, Boolean configurable,
+                                                          int level, int index, String requirement, Boolean authFlow, String[] choices) {
 
         AuthenticationExecutionInfoRepresentation execution = new AuthenticationExecutionInfoRepresentation();
         execution.setRequirement(requirement);
@@ -129,6 +157,12 @@ AuthenticationExecutionInfoRepresentation newExecution(String displayName, Strin
         return execution;
     }
 
+    void addExecInfo(List<AuthenticationExecutionInfoRepresentation> target, String displayName, String providerId, Boolean configurable,
+                 int level, int index, String requirement, Boolean authFlow, String[] choices) {
+
+        AuthenticationExecutionInfoRepresentation exec = newExecInfo(displayName, providerId, configurable, level, index, requirement, authFlow, choices);
+        target.add(exec);
+    }
 
     AuthenticatorConfigRepresentation newConfig(String alias, String[] keyvalues) {
         AuthenticatorConfigRepresentation config = new AuthenticatorConfigRepresentation();

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/ExecutionTest.java

@@ -83,7 +83,7 @@ public void testAddRemoveExecution() {
             response.close();
         }
 
-        compareExecution(newExecution("Review Profile", "idp-review-profile", true, 0, 3, DISABLED, null, new String[]{REQUIRED, DISABLED}), exec);
+        compareExecution(newExecInfo("Review Profile", "idp-review-profile", true, 0, 3, DISABLED, null, new String[]{REQUIRED, DISABLED}), exec);
 
         // remove execution
         authMgmtResource.removeExecution(exec.getId());
@@ -143,7 +143,7 @@ public void testAddRemoveExecution() {
 
         // Note: there is no checking in addExecution if requirement is one of requirementChoices
         // Thus we can have OPTIONAL which is neither ALTERNATIVE, nor DISABLED
-        compareExecution(newExecution("Cookie", "auth-cookie", false, 0, 2, OPTIONAL, null, new String[]{ALTERNATIVE, DISABLED}), exec);
+        compareExecution(newExecInfo("Cookie", "auth-cookie", false, 0, 2, OPTIONAL, null, new String[]{ALTERNATIVE, DISABLED}), exec);
     }
 
     @Test

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java

@@ -19,12 +19,14 @@
 
 import org.junit.Assert;
 import org.junit.Test;
+import org.keycloak.representations.idm.AuthenticationExecutionExportRepresentation;
 import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
 
 import javax.ws.rs.BadRequestException;
 import javax.ws.rs.core.Response;
 import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 
 /**
  * @author <a href="mailto:mstrukel@redhat.com">Marko Strukelj</a>
@@ -62,13 +64,52 @@ public void testAddRemoveFlow() {
             response.close();
         }
 
-        // check that new flow is returned
+        // check that new flow is returned in a children list
         flows = authMgmtResource.getFlows();
         AuthenticationFlowRepresentation found = findFlowByAlias("browser-2", flows);
 
-        Assert.assertNotNull("created flow visible", found);
+        Assert.assertNotNull("created flow visible in parent", found);
         compareFlows(newFlow, found);
 
+        // check that new flow is returned individually
+        AuthenticationFlowRepresentation found2 = authMgmtResource.getFlow(found.getId());
+        Assert.assertNotNull("created flow visible directly", found2);
+        compareFlows(newFlow, found2);
+
+
+        // add execution flow using a different method
+        Map<String, String> data = new HashMap<>();
+        data.put("alias", "SomeFlow");
+        data.put("type", "basic-flow");
+        data.put("description", "Test flow");
+        data.put("provider", "registration-page-form");
+
+        try {
+            authMgmtResource.addExecutionFlow("inexistent-parent-flow-alias", data);
+            Assert.fail("addExecutionFlow for inexistent parent should have failed");
+        } catch (Exception expected) {
+        }
+
+        authMgmtResource.addExecutionFlow("browser-2", data);
+
+        // check that new flow is returned in a children list
+        flows = authMgmtResource.getFlows();
+        found2 = findFlowByAlias("browser-2", flows);
+        Assert.assertNotNull("created flow visible in parent", found2);
+
+        List<AuthenticationExecutionExportRepresentation> execs = found2.getAuthenticationExecutions();
+        Assert.assertNotNull(execs);
+        Assert.assertEquals("Size one", 1, execs.size());
+
+        AuthenticationExecutionExportRepresentation expected = new AuthenticationExecutionExportRepresentation();
+        expected.setFlowAlias("SomeFlow");
+        expected.setUserSetupAllowed(false);
+        expected.setAuthenticator("registration-page-form");
+        expected.setAutheticatorFlow(true);
+        expected.setRequirement("DISABLED");
+        expected.setPriority(0);
+        compareExecution(expected, execs.get(0));
+
         // delete non-built-in flow
         authMgmtResource.deleteFlow(found.getId());
 
@@ -122,6 +163,12 @@ public void testCopyFlow() {
         // adjust expected values before comparing
         browser.setAlias("Copy of browser");
         browser.setBuiltIn(false);
+        browser.getAuthenticationExecutions().get(2).setFlowAlias("Copy of browser forms");
+        compareFlows(browser, copyOfBrowser);
+
+        // get new flow directly and compare
+        copyOfBrowser = authMgmtResource.getFlow(copyOfBrowser.getId());
+        Assert.assertNotNull(copyOfBrowser);
         compareFlows(browser, copyOfBrowser);
     }