def test_should_fail_when_bad_form_on_auth(well_known_master: WellKnown,
login_html_page: str):
session_provider = lambda: mock_session({
'http://localhost:8080/auth/realms/master/protocol/openid-connect/auth':
RequestSpec(response=MockResponse(status_code=200, response='nothing'),
assertion=lambda **kwargs: kwargs['params'] == {
'response_type': 'code',
'client_id': 'account',
'code_challenge_method': 'S256',
'code_challenge':
'W59JjmjRrRjxwZVd1SZW-zfqGilWDldy2gUAMPX8EuE',
'redirect_uri': None
})
})
kapi = KeyCloakApi(well_known=well_known_master.json,
session_provider=session_provider)
with pytest.raises(FailedAuthException) as e:
r = kapi.auth(Client('account', url=''),
password='******',
username='******')
assert str(e.value) == "'NoneType' object has no attribute 'attrs'"
def test_should_make_auth(well_known_master: WellKnown, login_html_page: str):
session_provider = lambda: mock_session(
{
'http://localhost:8080/auth/realms/master/protocol/openid-connect/auth':
RequestSpec(response=MockResponse(status_code=200,
response=login_html_page),
assertion=lambda **kwargs: kwargs['params'] == {
'response_type': 'code',
'client_id': 'account',
'code_challenge_method': 'S256',
'code_challenge':
'W59JjmjRrRjxwZVd1SZW-zfqGilWDldy2gUAMPX8EuE',
'redirect_uri': None
})
},
post={
'http://localhost:8080/auth/realms/master/login-actions/authenticate?session_code=bR4rBd0QNGsd_kGuqiyLEuYuY6FK3Lx9HCYJEltUQBk&execution=de13838a-ee3d-404e-b16d-b0d7aa320844&client_id=account-console&tab_id=GXMjAPR3DsQ':
RequestSpec(response=MockResponse(status_code=302),
assertion=lambda **kwargs: kwargs['data'] == {
'password': '******',
'username': '******'
})
})
kapi = KeyCloakApi(well_known=well_known_master.json,
session_provider=session_provider)
r = kapi.auth(Client('account', url=''), password='******', username='******')
assert r.status_code == 302
def try_form_auth(self, client: Client, realm: Realm, well_known: WellKnown, results: Set[Credential],
username: Username, password: Password):
kapi = KeyCloakApi(well_known.json, verbose=super().is_verbose(),
session_provider=super().session)
try:
r = kapi.auth(client, username, password)
if r.status_code == 302:
results.add(Credential(realm, client, username, password))
super().find(self.name(), f'Form login work for {username} on realm {realm.name}, '
f'client {client.name}, ({r.headers.get("Location", "<unable to get header>")})')
except HTTPError as e:
super().verbose(f'HTTP error when login : {e}')
except FailedAuthException as e:
super().verbose(f'auth process fail : {e}')