diff --git a/common/src/main/java/org/keycloak/common/Profile.java b/common/src/main/java/org/keycloak/common/Profile.java index 84d0c47f969..4eb1a6fa731 100755 --- a/common/src/main/java/org/keycloak/common/Profile.java +++ b/common/src/main/java/org/keycloak/common/Profile.java @@ -96,7 +96,7 @@ public class Profile { RECOVERY_CODES("Recovery codes", Type.DEFAULT), - UPDATE_EMAIL("Update Email Action", Type.PREVIEW), + UPDATE_EMAIL("Update Email Action", Type.DEFAULT), FIPS("FIPS 140-2 mode", Type.DISABLED_BY_DEFAULT), diff --git a/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java b/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java index 2840b20b19f..28e19e03e57 100755 --- a/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java +++ b/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java @@ -18,7 +18,6 @@ package org.keycloak.federation.kerberos; import org.jboss.logging.Logger; -import org.keycloak.common.Profile; import org.keycloak.common.constants.KerberosConstants; import org.keycloak.credential.CredentialAuthentication; import org.keycloak.credential.CredentialInput; @@ -289,9 +288,7 @@ public class KerberosFederationProvider implements UserStorageProvider, user.setSingleAttribute(KERBEROS_PRINCIPAL, kerberosPrincipal.toString()); if (kerberosConfig.isUpdateProfileFirstLogin()) { - if (Profile.isFeatureEnabled(Profile.Feature.UPDATE_EMAIL)) { - user.addRequiredAction(UserModel.RequiredAction.UPDATE_EMAIL); - } + user.addRequiredAction(UserModel.RequiredAction.UPDATE_EMAIL); user.addRequiredAction(UserModel.RequiredAction.UPDATE_PROFILE); } diff --git a/js/apps/account-ui/test/personal-info/personal-info.spec.ts b/js/apps/account-ui/test/personal-info/personal-info.spec.ts index 824726e5e0b..6c270063e4c 100644 --- a/js/apps/account-ui/test/personal-info/personal-info.spec.ts +++ b/js/apps/account-ui/test/personal-info/personal-info.spec.ts @@ -20,7 +20,6 @@ test.describe("Personal info page", () => { test("sets basic information", async ({ page }) => { await login(page, user, "pwd", realm); - await page.getByTestId("email").fill(`${user}@somewhere.com`); await page.getByTestId("firstName").fill("Erik"); await page.getByTestId("lastName").fill("de Wit"); await page.getByTestId("save").click(); diff --git a/server-spi-private/src/main/java/org/keycloak/models/utils/DefaultRequiredActions.java b/server-spi-private/src/main/java/org/keycloak/models/utils/DefaultRequiredActions.java index 93e2f8524ff..2835522af01 100755 --- a/server-spi-private/src/main/java/org/keycloak/models/utils/DefaultRequiredActions.java +++ b/server-spi-private/src/main/java/org/keycloak/models/utils/DefaultRequiredActions.java @@ -193,7 +193,7 @@ public class DefaultRequiredActions { verifyProfile.setName("Verify Profile"); verifyProfile.setProviderId(UserModel.RequiredAction.VERIFY_PROFILE.name()); verifyProfile.setDefaultAction(false); - verifyProfile.setPriority(90); + verifyProfile.setPriority(100); realm.addRequiredActionProvider(verifyProfile); } } @@ -219,7 +219,7 @@ public class DefaultRequiredActions { deleteCredential.setName("Delete Credential"); deleteCredential.setProviderId("delete_credential"); deleteCredential.setDefaultAction(false); - deleteCredential.setPriority(100); + deleteCredential.setPriority(110); realm.addRequiredActionProvider(deleteCredential); } } @@ -232,7 +232,7 @@ public class DefaultRequiredActions { idpLink.setName("Linking Identity Provider"); idpLink.setProviderId("idp_link"); idpLink.setDefaultAction(false); - idpLink.setPriority(110); + idpLink.setPriority(120); realm.addRequiredActionProvider(idpLink); } } @@ -287,7 +287,7 @@ public class DefaultRequiredActions { recoveryCodes.setName("Recovery Authentication Codes"); recoveryCodes.setProviderId(PROVIDER_ID); recoveryCodes.setDefaultAction(false); - recoveryCodes.setPriority(120); + recoveryCodes.setPriority(130); realm.addRequiredActionProvider(recoveryCodes); } } @@ -308,7 +308,7 @@ public class DefaultRequiredActions { webauthnRegister.setName("Webauthn Register"); webauthnRegister.setProviderId(PROVIDER_ID); webauthnRegister.setDefaultAction(false); - webauthnRegister.setPriority(70); + webauthnRegister.setPriority(80); realm.addRequiredActionProvider(webauthnRegister); } } @@ -329,7 +329,7 @@ public class DefaultRequiredActions { webauthnRegister.setName("Webauthn Register Passwordless"); webauthnRegister.setProviderId(PROVIDER_ID); webauthnRegister.setDefaultAction(false); - webauthnRegister.setPriority(80); + webauthnRegister.setPriority(90); realm.addRequiredActionProvider(webauthnRegister); } } diff --git a/server-spi/src/main/java/org/keycloak/userprofile/UserProfileContext.java b/server-spi/src/main/java/org/keycloak/userprofile/UserProfileContext.java index 947571fcbae..b1344ee20d0 100644 --- a/server-spi/src/main/java/org/keycloak/userprofile/UserProfileContext.java +++ b/server-spi/src/main/java/org/keycloak/userprofile/UserProfileContext.java @@ -68,7 +68,7 @@ public enum UserProfileContext { * In this context, a user profile is managed by themselves when updating their email through an application initiated action. * In this context, only the {@link UserModel#EMAIL} attribute is supported. */ - UPDATE_EMAIL(false, true, false, Set.of(UserModel.EMAIL)::contains); + UPDATE_EMAIL(false, true, true, Set.of(UserModel.EMAIL)::contains); private final boolean resetEmailVerified; private final Predicate attributeSelector; diff --git a/services/src/main/java/org/keycloak/userprofile/DeclarativeUserProfileProviderFactory.java b/services/src/main/java/org/keycloak/userprofile/DeclarativeUserProfileProviderFactory.java index 4a20a8039c9..2b2ff49d464 100644 --- a/services/src/main/java/org/keycloak/userprofile/DeclarativeUserProfileProviderFactory.java +++ b/services/src/main/java/org/keycloak/userprofile/DeclarativeUserProfileProviderFactory.java @@ -152,6 +152,16 @@ public class DeclarativeUserProfileProviderFactory implements UserProfileProvide } if (Profile.isFeatureEnabled(Profile.Feature.UPDATE_EMAIL)) { + if (UPDATE_PROFILE.equals(c.getContext())) { + if (!isNewUser(c)) { + if (c.getUser().getEmail() == null || c.getUser().getEmail().isEmpty()) { + // allow to set email via UPDATE_PROFILE if the email is not set for the user + return true; + } + } else if (UserModel.EMAIL.equals(c.getAttribute().getKey()) && c.getAttribute().getValue().isEmpty()) { + return true; + } + } return !(UPDATE_PROFILE.equals(c.getContext()) || ACCOUNT.equals(c.getContext())); } @@ -170,6 +180,16 @@ public class DeclarativeUserProfileProviderFactory implements UserProfileProvide } if (Profile.isFeatureEnabled(Profile.Feature.UPDATE_EMAIL)) { + if (UPDATE_PROFILE.equals(c.getContext())) { + if (!isNewUser(c)) { + if (c.getUser().getEmail() == null || c.getUser().getEmail().isEmpty()) { + // show email field in UPDATE_PROFILE page if the email is not set for the user + return true; + } + } else if (UserModel.EMAIL.equals(c.getAttribute().getKey()) && c.getAttribute().getValue().isEmpty()) { + return true; + } + } return !UPDATE_PROFILE.equals(context); } @@ -233,9 +253,7 @@ public class DeclarativeUserProfileProviderFactory implements UserProfileProvide addContextualProfileMetadata(configureUserProfile(createBrokeringProfile(readOnlyValidator))); addContextualProfileMetadata(configureUserProfile(createAccountProfile(ACCOUNT, readOnlyValidator))); addContextualProfileMetadata(configureUserProfile(createDefaultProfile(UPDATE_PROFILE, readOnlyValidator))); - if (Profile.isFeatureEnabled(Profile.Feature.UPDATE_EMAIL)) { - addContextualProfileMetadata(configureUserProfile(createDefaultProfile(UPDATE_EMAIL, readOnlyValidator))); - } + addContextualProfileMetadata(configureUserProfile(createDefaultProfile(UPDATE_EMAIL, readOnlyValidator))); addContextualProfileMetadata(configureUserProfile(createRegistrationUserCreationProfile(readOnlyValidator))); addContextualProfileMetadata(configureUserProfile(createUserResourceValidation(config))); } diff --git a/test-framework/examples/tests/src/test/java/org/keycloak/test/examples/CustomConfigTest.java b/test-framework/examples/tests/src/test/java/org/keycloak/test/examples/CustomConfigTest.java index c1b31f923d8..0ba3e5e9a8d 100644 --- a/test-framework/examples/tests/src/test/java/org/keycloak/test/examples/CustomConfigTest.java +++ b/test-framework/examples/tests/src/test/java/org/keycloak/test/examples/CustomConfigTest.java @@ -19,17 +19,17 @@ public class CustomConfigTest { Keycloak adminClient; @Test - public void testUpdateEmailFeatureEnabled() { - Optional updateEmailFeature = adminClient.serverInfo().getInfo().getFeatures().stream().filter(f -> f.getName().equals(Profile.Feature.UPDATE_EMAIL.name())).findFirst(); - Assertions.assertTrue(updateEmailFeature.isPresent()); - Assertions.assertTrue(updateEmailFeature.get().isEnabled()); + public void testPasskeyFeatureEnabled() { + Optional passKeysFeature = adminClient.serverInfo().getInfo().getFeatures().stream().filter(f -> f.getName().equals(Profile.Feature.PASSKEYS.name())).findFirst(); + Assertions.assertTrue(passKeysFeature.isPresent()); + Assertions.assertTrue(passKeysFeature.get().isEnabled()); } public static class CustomServerConfig implements KeycloakServerConfig { @Override public KeycloakServerConfigBuilder configure(KeycloakServerConfigBuilder config) { - return config.features(Profile.Feature.UPDATE_EMAIL); + return config.features(Profile.Feature.PASSKEYS); } } diff --git a/tests/base/src/test/java/org/keycloak/tests/admin/authentication/RequiredActionsTest.java b/tests/base/src/test/java/org/keycloak/tests/admin/authentication/RequiredActionsTest.java index bae0ff8e1b5..574a520db77 100644 --- a/tests/base/src/test/java/org/keycloak/tests/admin/authentication/RequiredActionsTest.java +++ b/tests/base/src/test/java/org/keycloak/tests/admin/authentication/RequiredActionsTest.java @@ -66,6 +66,7 @@ public class RequiredActionsTest extends AbstractAuthenticationTest { addRequiredAction(expected, "CONFIGURE_RECOVERY_AUTHN_CODES", "Recovery Authentication Codes", true, false, null); addRequiredAction(expected, "CONFIGURE_TOTP", "Configure OTP", true, false, null); addRequiredAction(expected, "TERMS_AND_CONDITIONS", "Terms and Conditions", false, false, null); + addRequiredAction(expected, "UPDATE_EMAIL", "Update Email", true, false, null); addRequiredAction(expected, "UPDATE_PASSWORD", "Update Password", true, false, null); addRequiredAction(expected, "UPDATE_PROFILE", "Update Profile", true, false, null); addRequiredAction(expected, "VERIFY_EMAIL", "Verify Email", true, false, null); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java index 1cd55e8c821..e3c0b2627af 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java @@ -35,7 +35,6 @@ import org.keycloak.authentication.requiredactions.DeleteCredentialAction; import org.keycloak.authentication.requiredactions.WebAuthnPasswordlessRegisterFactory; import org.keycloak.authentication.requiredactions.WebAuthnRegisterFactory; import org.keycloak.broker.provider.util.SimpleHttp; -import org.keycloak.common.Profile; import org.keycloak.common.enums.AccountRestApiVersion; import org.keycloak.common.util.ObjectUtil; import org.keycloak.credential.CredentialTypeMetadata; @@ -73,7 +72,6 @@ import org.keycloak.services.util.ResolveRelative; import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.admin.ApiUtil; import org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest; -import org.keycloak.testsuite.arquillian.annotation.EnableFeature; import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.util.oauth.AccessTokenResponse; import org.keycloak.testsuite.util.TokenUtil; @@ -137,17 +135,15 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { user = getUser(); assertNotNull(user.getUserProfileMetadata()); - // can write both username and email + // can write username assertUserProfileAttributeMetadata(user, "username", "${username}", true, false); - assertUserProfileAttributeMetadata(user, "email", "${email}", true, false); + assertUserProfileAttributeMetadata(user, "email", "${email}", true, true); assertUserProfileAttributeMetadata(user, "firstName", "${firstName}", true, false); assertUserProfileAttributeMetadata(user, "lastName", "${lastName}", true, false); user.setUsername("changed-username"); - user.setEmail("changed-email@keycloak.org"); user = updateAndGet(user); assertEquals("changed-username", user.getUsername()); - assertEquals("changed-email@keycloak.org", user.getEmail()); realmRep.setRegistrationEmailAsUsername(false); realmRep.setEditUsernameAllowed(false); @@ -157,7 +153,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { assertNotNull(user.getUserProfileMetadata()); // username is readonly but email is writable assertUserProfileAttributeMetadata(user, "username", "${username}", true, true); - assertUserProfileAttributeMetadata(user, "email", "${email}", true, false); + assertUserProfileAttributeMetadata(user, "email", "${email}", true, true); user.setUsername("should-not-change"); user.setEmail("changed-email@keycloak.org"); @@ -170,15 +166,8 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { assertNotNull(user.getUserProfileMetadata()); // username is read-only, not required, and is the same as email - // but email is writable assertUserProfileAttributeMetadata(user, "username", "${username}", false, true); - assertUserProfileAttributeMetadata(user, "email", "${email}", true, false); - - user.setUsername("should-be-the-email"); - user.setEmail("user@keycloak.org"); - user = updateAndGet(user); - assertEquals("user@keycloak.org", user.getUsername()); - assertEquals("user@keycloak.org", user.getEmail()); + assertUserProfileAttributeMetadata(user, "email", "${email}", true, true); realmRep.setRegistrationEmailAsUsername(true); realmRep.setEditUsernameAllowed(false); @@ -191,29 +180,16 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { assertUserProfileAttributeMetadata(user, "email", "${email}", true, true); user.setUsername("should-be-the-email"); - user.setEmail("should-not-change@keycloak.org"); user = updateAndGet(user); - assertEquals("user@keycloak.org", user.getUsername()); - assertEquals("user@keycloak.org", user.getEmail()); + assertEquals("test-user@localhost", user.getUsername()); realmRep.setRegistrationEmailAsUsername(false); realmRep.setEditUsernameAllowed(true); realm.update(realmRep); user = getUser(); user.setUsername("different-than-email"); - user.setEmail("user@keycloak.org"); user = updateAndGet(user); assertEquals("different-than-email", user.getUsername()); - assertEquals("user@keycloak.org", user.getEmail()); - - realmRep.setRegistrationEmailAsUsername(true); - realmRep.setEditUsernameAllowed(false); - realm.update(realmRep); - user = getUser(); - user.setEmail("should-not-change@keycloak.org"); - user = updateAndGet(user); - assertEquals("user@keycloak.org", user.getEmail()); - assertEquals(user.getEmail(), user.getUsername()); } finally { realmRep.setRegistrationEmailAsUsername(registrationEmailAsUsername); realmRep.setEditUsernameAllowed(editUsernameAllowed); @@ -277,7 +253,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { String originalUsername = user.getUsername(); String originalFirstName = user.getFirstName(); String originalLastName = user.getLastName(); - String originalEmail = user.getEmail(); user.setAttributes(Optional.ofNullable(user.getAttributes()).orElse(new HashMap<>())); try { @@ -288,14 +263,12 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { user.setFirstName(null); user.setLastName("Bob"); - user.setEmail(null); user.getAttributes().clear(); user = updateAndGet(user); assertEquals(user.getLastName(), "Bob"); assertNull(user.getFirstName()); - assertNull(user.getEmail()); } finally { RealmRepresentation realmRep = adminClient.realm("test").toRepresentation(); @@ -305,55 +278,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { user.setUsername(originalUsername); user.setFirstName(originalFirstName); user.setLastName(originalLastName); - user.setEmail(originalEmail); - SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); - System.out.println(response.asString()); - assertEquals(204, response.getStatus()); - } - - } - - /** - * Reproducer for bugs KEYCLOAK-17424 and KEYCLOAK-17582 - */ - @Test - public void testUpdateProfileEmailChangeSetsEmailVerified() throws IOException { - UserRepresentation user = getUser(); - String originalEmail = user.getEmail(); - try { - RealmRepresentation realmRep = adminClient.realm("test").toRepresentation(); - - realmRep.setRegistrationEmailAsUsername(false); - adminClient.realm("test").update(realmRep); - - //set flag over adminClient to initial value - UserResource userResource = adminClient.realm("test").users().get(user.getId()); - org.keycloak.representations.idm.UserRepresentation ur = userResource.toRepresentation(); - ur.setEmailVerified(true); - userResource.update(ur); - //make sure flag is correct before the test - user = getUser(); - assertEquals(true, user.isEmailVerified()); - - // Update without email change - flag not reset to false - user.setEmail(originalEmail); - user = updateAndGet(user); - assertEquals(originalEmail, user.getEmail()); - assertEquals(true, user.isEmailVerified()); - - - // Update email - flag must be reset to false - user.setEmail("bobby@localhost"); - user = updateAndGet(user); - assertEquals("bobby@localhost", user.getEmail()); - assertEquals(false, user.isEmailVerified()); - - } finally { - RealmRepresentation realmRep = adminClient.realm("test").toRepresentation(); - realmRep.setEditUsernameAllowed(true); - adminClient.realm("test").update(realmRep); - - user.setEmail(originalEmail); SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); System.out.println(response.asString()); assertEquals(204, response.getStatus()); @@ -374,7 +298,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { String originalUsername = user.getUsername(); String originalFirstName = user.getFirstName(); String originalLastName = user.getLastName(); - String originalEmail = user.getEmail(); assertNull(user.getAttributes()); user.setAttributes(new HashMap<>()); @@ -384,7 +307,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { realmRep.setRegistrationEmailAsUsername(false); adminClient.realm("test").update(realmRep); - user.setEmail("bobby@localhost"); user.setFirstName("Homer"); user.setLastName("Simpsons"); user.getAttributes().put("attr1", Collections.singletonList("val1")); @@ -396,8 +318,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { events.poll(); events.expectAccount(EventType.UPDATE_PROFILE).user(user.getId()) .detail(Details.CONTEXT, UserProfileContext.ACCOUNT.name()) - .detail(Details.PREVIOUS_EMAIL, originalEmail) - .detail(Details.UPDATED_EMAIL, "bobby@localhost") .detail(Details.PREVIOUS_FIRST_NAME, originalFirstName) .detail(Details.PREVIOUS_LAST_NAME, originalLastName) .detail(Details.UPDATED_FIRST_NAME, "Homer") @@ -413,7 +333,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { user.setUsername(originalUsername); user.setFirstName(originalFirstName); user.setLastName(originalLastName); - user.setEmail(originalEmail); SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); System.out.println(response.asString()); assertEquals(204, response.getStatus()); @@ -434,7 +353,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { String originalUsername = user.getUsername(); String originalFirstName = user.getFirstName(); String originalLastName = user.getLastName(); - String originalEmail = user.getEmail(); user.setAttributes(Optional.ofNullable(user.getAttributes()).orElse(new HashMap<>())); try { @@ -468,18 +386,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { assertEquals(2, user.getAttributes().get("attr2").size()); assertThat(user.getAttributes().get("attr2"), containsInAnyOrder("val2", "val3")); - // Update email - user.setEmail("bobby@localhost"); - user = updateAndGet(user); - assertEquals("bobby@localhost", user.getEmail()); - - user.setEmail("john-doh@localhost"); - updateError(user, 409, Messages.EMAIL_EXISTS); - - user.setEmail("test-user@localhost"); - user = updateAndGet(user); - assertEquals("test-user@localhost", user.getEmail()); - user.setUsername("john-doh@localhost"); updateError(user, 409, Messages.USERNAME_EXISTS); @@ -494,10 +400,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { user = updateAndGet(user); assertEquals("test-user@localhost", user.getUsername()); - user.setEmail("new@localhost"); - user = updateAndGet(user); - assertEquals("new@localhost", user.getUsername()); - realmRep.setRegistrationEmailAsUsername(false); adminClient.realm("test").update(realmRep); @@ -520,7 +422,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { user.setUsername(originalUsername); user.setFirstName(originalFirstName); user.setLastName(originalLastName); - user.setEmail(originalEmail); SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); System.out.println(response.asString()); assertEquals(204, response.getStatus()); @@ -1836,7 +1737,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest { assertThat(error.getError(), containsString("Invalid json representation for UserRepresentation. Unrecognized field \"invalid\" at line")); } - @EnableFeature(Profile.Feature.UPDATE_EMAIL) + @Test public void testEmailWhenUpdateEmailEnabled() throws Exception { reconnectAdminClient(); RealmRepresentation realm = testRealm().toRepresentation(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceWithUserProfileTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceWithUserProfileTest.java index 5db6912239e..d0504ef6c7a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceWithUserProfileTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceWithUserProfileTest.java @@ -115,7 +115,7 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe assertNotNull(user.getUserProfileMetadata()); assertUserProfileAttributeMetadata(user, "username", "${username}", true, false); - assertUserProfileAttributeMetadata(user, "email", "${email}", true, false); + assertUserProfileAttributeMetadata(user, "email", "${email}", true, true); UserProfileAttributeMetadata uam = assertUserProfileAttributeMetadata(user, "firstName", "${profile.firstName}", true, false); assertNull(uam.getAnnotations()); @@ -155,7 +155,7 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe assertNotNull(user.getUserProfileMetadata()); assertUserProfileAttributeMetadata(user, "username", "${username}", true, true); - assertUserProfileAttributeMetadata(user, "email", "${email}", true, false); + assertUserProfileAttributeMetadata(user, "email", "${email}", true, true); assertNull(getUserProfileAttributeMetadata(user, "firstName")); assertNull(getUserProfileAttributeMetadata(user, "lastName")); @@ -211,7 +211,7 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe assertNotNull(user.getUserProfileMetadata()); assertUserProfileAttributeMetadata(user, "username", "${username}", true, true); - assertUserProfileAttributeMetadata(user, "email", "${email}", true, false); + assertUserProfileAttributeMetadata(user, "email", "${email}", true, true); assertUserProfileAttributeMetadata(user, "firstName", "${profile.firstName}", true, true); assertUserProfileAttributeMetadata(user, "lastName", "Last name", true, true); @@ -266,7 +266,7 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe assertNotNull(user.getUserProfileMetadata()); assertUserProfileAttributeMetadata(user, "username", "${username}", true, true); - assertUserProfileAttributeMetadata(user, "email", "${email}", true, false); + assertUserProfileAttributeMetadata(user, "email", "${email}", true, true); UserProfileAttributeMetadata uam = assertUserProfileAttributeMetadata(user, "firstName", "${profile.firstName}", true, false); assertNull(uam.getAnnotations()); @@ -323,7 +323,6 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe String originalUsername = user.getUsername(); String originalFirstName = user.getFirstName(); String originalLastName = user.getLastName(); - String originalEmail = user.getEmail(); user.setAttributes(Optional.ofNullable(user.getAttributes()).orElse(new HashMap<>())); Map> originalAttributes = new HashMap<>(user.getAttributes()); @@ -333,7 +332,6 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe realmRep.setRegistrationEmailAsUsername(false); adminClient.realm("test").update(realmRep); - user.setEmail("bobby@localhost"); user.setFirstName("Homer"); user.setLastName("Simpsons"); user.getAttributes().put("attr1", Collections.singletonList("val11")); @@ -345,8 +343,6 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe //skip login to the REST API event events.expectAccount(EventType.UPDATE_PROFILE).user(user.getId()) .detail(Details.CONTEXT, UserProfileContext.ACCOUNT.name()) - .detail(Details.PREVIOUS_EMAIL, originalEmail) - .detail(Details.UPDATED_EMAIL, "bobby@localhost") .detail(Details.PREVIOUS_FIRST_NAME, originalFirstName) .detail(Details.PREVIOUS_LAST_NAME, originalLastName) .detail(Details.UPDATED_FIRST_NAME, "Homer") @@ -363,7 +359,6 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe user.setUsername(originalUsername); user.setFirstName(originalFirstName); user.setLastName(originalLastName); - user.setEmail(originalEmail); user.setAttributes(originalAttributes); SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); System.out.println(response.asString()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractAppInitiatedActionUpdateEmailTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractAppInitiatedActionUpdateEmailTest.java index 49e3cb8fe7a..bef989e9cf7 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractAppInitiatedActionUpdateEmailTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractAppInitiatedActionUpdateEmailTest.java @@ -21,16 +21,13 @@ import org.junit.Assert; import org.junit.Before; import org.junit.Test; import org.keycloak.admin.client.resource.RealmResource; -import org.keycloak.common.Profile; import org.keycloak.models.UserModel; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.testsuite.admin.ApiUtil; -import org.keycloak.testsuite.arquillian.annotation.EnableFeature; import org.keycloak.testsuite.pages.EmailUpdatePage; import org.keycloak.testsuite.util.UserBuilder; -@EnableFeature(Profile.Feature.UPDATE_EMAIL) public abstract class AbstractAppInitiatedActionUpdateEmailTest extends AbstractAppInitiatedActionTest { @Page diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractRequiredActionUpdateEmailTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractRequiredActionUpdateEmailTest.java index 96e751524a2..b5cb5030d6c 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractRequiredActionUpdateEmailTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractRequiredActionUpdateEmailTest.java @@ -28,14 +28,12 @@ import org.junit.Rule; import org.junit.Test; import org.keycloak.admin.client.resource.RealmResource; import org.keycloak.admin.client.resource.UserResource; -import org.keycloak.common.Profile; import org.keycloak.models.UserModel; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.testsuite.AbstractTestRealmKeycloakTest; import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.admin.ApiUtil; -import org.keycloak.testsuite.arquillian.annotation.EnableFeature; import org.keycloak.testsuite.auth.page.login.UpdateEmailPage; import org.keycloak.testsuite.pages.AppPage; import org.keycloak.testsuite.pages.LoginPage; @@ -43,7 +41,6 @@ import org.keycloak.testsuite.util.SecondBrowser; import org.keycloak.testsuite.util.UserBuilder; import org.openqa.selenium.WebDriver; -@EnableFeature(Profile.Feature.UPDATE_EMAIL) public abstract class AbstractRequiredActionUpdateEmailTest extends AbstractTestRealmKeycloakTest { @Rule diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AppInitiatedActionUpdateProfileTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AppInitiatedActionUpdateProfileTest.java index df102d6919c..2eba26479fd 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AppInitiatedActionUpdateProfileTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AppInitiatedActionUpdateProfileTest.java @@ -16,10 +16,6 @@ */ package org.keycloak.testsuite.actions; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.anyOf; -import static org.hamcrest.Matchers.containsString; - import org.hamcrest.Matchers; import org.jboss.arquillian.graphene.page.Page; import org.junit.Assert; @@ -87,11 +83,10 @@ public class AppInitiatedActionUpdateProfileTest extends AbstractAppInitiatedAct updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").submit(); events.expectRequiredAction(EventType.UPDATE_PROFILE).detail(Details.PREVIOUS_FIRST_NAME, "Tom").detail(Details.UPDATED_FIRST_NAME, "New first") .detail(Details.PREVIOUS_LAST_NAME, "Brady").detail(Details.UPDATED_LAST_NAME, "New last") - .detail(Details.PREVIOUS_EMAIL, "test-user@localhost").detail(Details.UPDATED_EMAIL, "new@email.com") .assertEvent(); events.expectLogin().assertEvent(); @@ -101,7 +96,6 @@ public class AppInitiatedActionUpdateProfileTest extends AbstractAppInitiatedAct UserRepresentation user = ActionUtil.findUserWithAdminClient(adminClient, "test-user@localhost"); Assert.assertEquals("New first", user.getFirstName()); Assert.assertEquals("New last", user.getLastName()); - Assert.assertEquals("new@email.com", user.getEmail()); Assert.assertEquals("test-user@localhost", user.getUsername()); } @@ -117,12 +111,11 @@ public class AppInitiatedActionUpdateProfileTest extends AbstractAppInitiatedAct updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").submit(); events.expectLogin().assertEvent(); events.expectRequiredAction(EventType.UPDATE_PROFILE).detail(Details.PREVIOUS_FIRST_NAME, "Tom").detail(Details.UPDATED_FIRST_NAME, "New first") .detail(Details.PREVIOUS_LAST_NAME, "Brady").detail(Details.UPDATED_LAST_NAME, "New last") - .detail(Details.PREVIOUS_EMAIL, "test-user@localhost").detail(Details.UPDATED_EMAIL, "new@email.com") .assertEvent(); events.expectLogin().assertEvent(); @@ -132,7 +125,6 @@ public class AppInitiatedActionUpdateProfileTest extends AbstractAppInitiatedAct UserRepresentation user = ActionUtil.findUserWithAdminClient(adminClient, "test-user@localhost"); Assert.assertEquals("New first", user.getFirstName()); Assert.assertEquals("New last", user.getLastName()); - Assert.assertEquals("new@email.com", user.getEmail()); Assert.assertEquals("test-user@localhost", user.getUsername()); } @@ -167,7 +159,7 @@ public class AppInitiatedActionUpdateProfileTest extends AbstractAppInitiatedAct updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("new").firstName("New first").lastName("New last").email("john-doh@localhost").submit(); + updateProfilePage.prepareUpdate().username("new").firstName("New first").lastName("New last").submit(); events.expectLogin() .event(EventType.UPDATE_PROFILE) @@ -201,14 +193,13 @@ public class AppInitiatedActionUpdateProfileTest extends AbstractAppInitiatedAct updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("new").firstName("").lastName("New last").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("new").firstName("").lastName("New last").submit(); updateProfilePage.assertCurrent(); // assert that form holds submitted values during validation error Assert.assertEquals("", updateProfilePage.getFirstName()); Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("new@email.com", updateProfilePage.getEmail()); Assert.assertEquals("Please specify this field.", updateProfilePage.getInputErrors().getFirstNameError()); @@ -223,67 +214,19 @@ public class AppInitiatedActionUpdateProfileTest extends AbstractAppInitiatedAct updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("new").firstName("New first").lastName("").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("new").firstName("New first").lastName("").submit(); updateProfilePage.assertCurrent(); // assert that form holds submitted values during validation error Assert.assertEquals("New first", updateProfilePage.getFirstName()); Assert.assertEquals("", updateProfilePage.getLastName()); - Assert.assertEquals("new@email.com", updateProfilePage.getEmail()); Assert.assertEquals("Please specify this field.", updateProfilePage.getInputErrors().getLastNameError()); events.assertEmpty(); } - @Test - public void updateProfileMissingEmail() { - doAIA(); - - loginPage.login("test-user@localhost", "password"); - - updateProfilePage.assertCurrent(); - - updateProfilePage.prepareUpdate().username("new").firstName("New first").lastName("New last").email("").submit(); - - updateProfilePage.assertCurrent(); - - // assert that form holds submitted values during validation error - Assert.assertEquals("New first", updateProfilePage.getFirstName()); - Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("", updateProfilePage.getEmail()); - - assertThat(updateProfilePage.getInputErrors().getEmailError(), anyOf( - containsString("Please specify email"), - containsString("Please specify this field") - )); - - events.assertEmpty(); - } - - @Test - public void updateProfileInvalidEmail() { - doAIA(); - - loginPage.login("test-user@localhost", "password"); - - updateProfilePage.assertCurrent(); - - updateProfilePage.prepareUpdate().username("invalid").firstName("New first").lastName("New last").email("invalidemail").submit(); - - updateProfilePage.assertCurrent(); - - // assert that form holds submitted values during validation error - Assert.assertEquals("New first", updateProfilePage.getFirstName()); - Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("invalidemail", updateProfilePage.getEmail()); - - Assert.assertEquals("Invalid email address.", updateProfilePage.getInputErrors().getEmailError()); - - events.assertEmpty(); - } - @Test public void updateProfileMissingUsername() { doAIA(); @@ -292,14 +235,13 @@ public class AppInitiatedActionUpdateProfileTest extends AbstractAppInitiatedAct updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("").firstName("New first").lastName("New last").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("").firstName("New first").lastName("New last").submit(); updateProfilePage.assertCurrent(); // assert that form holds submitted values during validation error Assert.assertEquals("New first", updateProfilePage.getFirstName()); Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("new@email.com", updateProfilePage.getEmail()); Assert.assertEquals("", updateProfilePage.getUsername()); Assert.assertEquals("Please specify username.", updateProfilePage.getInputErrors().getUsernameError()); @@ -315,14 +257,13 @@ public class AppInitiatedActionUpdateProfileTest extends AbstractAppInitiatedAct updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").submit(); updateProfilePage.assertCurrent(); // assert that form holds submitted values during validation error Assert.assertEquals("New first", updateProfilePage.getFirstName()); Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("new@email.com", updateProfilePage.getEmail()); Assert.assertEquals("test-user@localhost", updateProfilePage.getUsername()); Assert.assertEquals("Username already exists.", updateProfilePage.getInputErrors().getUsernameError()); @@ -330,28 +271,6 @@ public class AppInitiatedActionUpdateProfileTest extends AbstractAppInitiatedAct events.assertEmpty(); } - @Test - public void updateProfileDuplicatedEmail() { - doAIA(); - - loginPage.login("test-user@localhost", "password"); - - updateProfilePage.assertCurrent(); - - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").email("keycloak-user@localhost").submit(); - - updateProfilePage.assertCurrent(); - - // assert that form holds submitted values during validation error - Assert.assertEquals("New first", updateProfilePage.getFirstName()); - Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("keycloak-user@localhost", updateProfilePage.getEmail()); - - Assert.assertEquals("Email already exists.", updateProfilePage.getInputErrors().getEmailError()); - - events.assertEmpty(); - } - @Test public void updateProfileExpiredCookies() { doAIA(); @@ -362,7 +281,7 @@ public class AppInitiatedActionUpdateProfileTest extends AbstractAppInitiatedAct // Expire cookies and assert the page with "back to application" link present driver.manage().deleteAllCookies(); - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").email("keycloak-user@localhost").submit(); + updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").submit(); errorPage.assertCurrent(); String backToAppLink = errorPage.getBackToApplicationLink(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java index 8316c02f35a..5119305b9c1 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionEmailVerificationTest.java @@ -77,7 +77,6 @@ import java.util.Set; import org.hamcrest.Matchers; import org.junit.Assume; -import org.keycloak.testsuite.util.WaitUtils; import org.openqa.selenium.By; import org.openqa.selenium.WebDriver; import org.openqa.selenium.WebElement; @@ -1113,7 +1112,7 @@ public class RequiredActionEmailVerificationTest extends AbstractTestRealmKeyclo } @Test - @EnableFeature(value = Profile.Feature.UPDATE_EMAIL, skipRestart = true) + @EnableFeature(value = Profile.Feature.UPDATE_EMAIL, skipRestart = true) // The feature is enabled by default but skipRestart = true is important for the test public void actionTokenWithInvalidRequiredActions() throws IOException { // Send email with required action testRealm().users().get(testUserId).executeActionsEmail(List.of(RequiredAction.UPDATE_EMAIL.name())); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionMultipleActionsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionMultipleActionsTest.java index db7729a0633..15afc9f3070 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionMultipleActionsTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionMultipleActionsTest.java @@ -105,14 +105,11 @@ public class RequiredActionMultipleActionsTest extends AbstractTestRealmKeycloak } public String updateProfile(String codeId) { - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last") - .email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").submit(); AssertEvents.ExpectedEvent expectedEvent = events.expectRequiredAction(EventType.UPDATE_PROFILE) .detail(Details.UPDATED_FIRST_NAME, "New first") - .detail(Details.UPDATED_LAST_NAME, "New last") - .detail(Details.PREVIOUS_EMAIL, "test-user@localhost") - .detail(Details.UPDATED_EMAIL, "new@email.com"); + .detail(Details.UPDATED_LAST_NAME, "New last"); if (codeId != null) { expectedEvent.detail(Details.CODE_ID, codeId); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionPriorityTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionPriorityTest.java index f86d3481069..17036361159 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionPriorityTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionPriorityTest.java @@ -62,7 +62,6 @@ public class RequiredActionPriorityTest extends AbstractTestRealmKeycloakTest { private static final String EMAIL = "test-user@localhost"; private static final String USERNAME = EMAIL; private static final String PASSWORD = "password"; - private static final String NEW_EMAIL = "new@email.com"; private static final String NEW_FIRST_NAME = "New first"; private static final String NEW_LAST_NAME = "New last"; private static final String NEW_PASSWORD = "new-password"; @@ -146,12 +145,9 @@ public class RequiredActionPriorityTest extends AbstractTestRealmKeycloakTest { // Finally, update profile updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().firstName(NEW_FIRST_NAME).lastName(NEW_LAST_NAME) - .email(NEW_EMAIL).submit(); + updateProfilePage.prepareUpdate().firstName(NEW_FIRST_NAME).lastName(NEW_LAST_NAME).submit(); events.expectRequiredAction(EventType.UPDATE_PROFILE).detail(Details.UPDATED_FIRST_NAME, NEW_FIRST_NAME) .detail(Details.UPDATED_LAST_NAME, NEW_LAST_NAME) - .detail(Details.PREVIOUS_EMAIL, EMAIL) - .detail(Details.UPDATED_EMAIL, NEW_EMAIL) .assertEvent(); // Logged in @@ -190,12 +186,9 @@ public class RequiredActionPriorityTest extends AbstractTestRealmKeycloakTest { // Second, update profile updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().firstName(NEW_FIRST_NAME).lastName(NEW_LAST_NAME) - .email(NEW_EMAIL).submit(); + updateProfilePage.prepareUpdate().firstName(NEW_FIRST_NAME).lastName(NEW_LAST_NAME).submit(); events.expectRequiredAction(EventType.UPDATE_PROFILE).detail(Details.UPDATED_FIRST_NAME, NEW_FIRST_NAME) .detail(Details.UPDATED_LAST_NAME, NEW_LAST_NAME) - .detail(Details.PREVIOUS_EMAIL, EMAIL) - .detail(Details.UPDATED_EMAIL, NEW_EMAIL) .assertEvent(); // Finally, accept terms @@ -247,12 +240,9 @@ public class RequiredActionPriorityTest extends AbstractTestRealmKeycloakTest { // Finally, update profile. Action specified by "kc_action" should be always triggered last updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().firstName(NEW_FIRST_NAME).lastName(NEW_LAST_NAME) - .email(NEW_EMAIL).submit(); + updateProfilePage.prepareUpdate().firstName(NEW_FIRST_NAME).lastName(NEW_LAST_NAME).submit(); events.expectRequiredAction(EventType.UPDATE_PROFILE).detail(Details.UPDATED_FIRST_NAME, NEW_FIRST_NAME) .detail(Details.UPDATED_LAST_NAME, NEW_LAST_NAME) - .detail(Details.PREVIOUS_EMAIL, EMAIL) - .detail(Details.UPDATED_EMAIL, NEW_EMAIL) .assertEvent(); // Logged in @@ -306,12 +296,9 @@ public class RequiredActionPriorityTest extends AbstractTestRealmKeycloakTest { // Second, update profile updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().firstName(NEW_FIRST_NAME).lastName(NEW_LAST_NAME) - .email(NEW_EMAIL).submit(); + updateProfilePage.prepareUpdate().firstName(NEW_FIRST_NAME).lastName(NEW_LAST_NAME).submit(); events.expectRequiredAction(EventType.UPDATE_PROFILE).detail(Details.UPDATED_FIRST_NAME, NEW_FIRST_NAME) .detail(Details.UPDATED_LAST_NAME, NEW_LAST_NAME) - .detail(Details.PREVIOUS_EMAIL, EMAIL) - .detail(Details.UPDATED_EMAIL, NEW_EMAIL) .assertEvent(); // Finally, accept terms diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionUpdateProfileTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionUpdateProfileTest.java index 1a9fd799746..2bca32027f1 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionUpdateProfileTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionUpdateProfileTest.java @@ -16,8 +16,6 @@ */ package org.keycloak.testsuite.actions; -import static org.hamcrest.Matchers.anyOf; -import static org.hamcrest.Matchers.containsString; import static org.junit.Assert.assertFalse; import static org.keycloak.userprofile.config.UPConfigUtils.ROLE_ADMIN; import static org.keycloak.userprofile.config.UPConfigUtils.ROLE_USER; @@ -122,11 +120,10 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP updateProfilePage.assertCurrent(); assertFalse(updateProfilePage.isCancelDisplayed()); - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").submit(); events.expectRequiredAction(EventType.UPDATE_PROFILE).detail(Details.PREVIOUS_FIRST_NAME, "Tom").detail(Details.UPDATED_FIRST_NAME, "New first") .detail(Details.PREVIOUS_LAST_NAME, "Brady").detail(Details.UPDATED_LAST_NAME, "New last") - .detail(Details.PREVIOUS_EMAIL, "test-user@localhost").detail(Details.UPDATED_EMAIL, "new@email.com") .assertEvent(); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); @@ -136,10 +133,7 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP UserRepresentation user = ActionUtil.findUserWithAdminClient(adminClient, "test-user@localhost"); Assert.assertEquals("New first", user.getFirstName()); Assert.assertEquals("New last", user.getLastName()); - Assert.assertEquals("new@email.com", user.getEmail()); Assert.assertEquals("test-user@localhost", user.getUsername()); - // email changed so verify that emailVerified flag is reset - Assert.assertEquals(false, user.isEmailVerified()); } @Test @@ -152,7 +146,7 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("new").firstName("New first").lastName("New last").email("john-doh@localhost").submit(); + updateProfilePage.prepareUpdate().username("new").firstName("New first").lastName("New last").submit(); events.expectLogin().event(EventType.UPDATE_PROFILE).detail(Details.UPDATED_FIRST_NAME, "New first").user(userId).session(Matchers.nullValue(String.class)).removeDetail(Details.CONSENT) .detail(Details.UPDATED_LAST_NAME, "New last").user(userId).session(Matchers.nullValue(String.class)).removeDetail(Details.CONSENT) @@ -167,7 +161,6 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP UserRepresentation user = ActionUtil.findUserWithAdminClient(adminClient, "new"); Assert.assertEquals("New first", user.getFirstName()); Assert.assertEquals("New last", user.getLastName()); - Assert.assertEquals("john-doh@localhost", user.getEmail()); Assert.assertEquals("new", user.getUsername()); // email not changed so verify that emailVerified flag is NOT reset Assert.assertEquals(true, user.isEmailVerified()); @@ -182,14 +175,13 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("new").firstName("").lastName("New last").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("new").firstName("").lastName("New last").submit(); updateProfilePage.assertCurrent(); // assert that form holds submitted values during validation error Assert.assertEquals("", updateProfilePage.getFirstName()); Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("new@email.com", updateProfilePage.getEmail()); Assert.assertEquals("Please specify this field.", updateProfilePage.getInputErrors().getFirstNameError()); events.assertEmpty(); @@ -203,69 +195,19 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("new").firstName("New first").lastName("").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("new").firstName("New first").lastName("").submit(); updateProfilePage.assertCurrent(); // assert that form holds submitted values during validation error Assert.assertEquals("New first", updateProfilePage.getFirstName()); Assert.assertEquals("", updateProfilePage.getLastName()); - Assert.assertEquals("new@email.com", updateProfilePage.getEmail()); Assert.assertEquals("Please specify this field.", updateProfilePage.getInputErrors().getLastNameError()); events.assertEmpty(); } - @Test - public void updateProfileMissingEmail() { - loginPage.open(); - - loginPage.login("test-user@localhost", getPassword("test-user@localhost")); - - updateProfilePage.assertCurrent(); - - updateProfilePage.prepareUpdate().username("new").firstName("New first").lastName("New last") - .email("").submit(); - - updateProfilePage.assertCurrent(); - - // assert that form holds submitted values during validation error - Assert.assertEquals("New first", updateProfilePage.getFirstName()); - Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("", updateProfilePage.getEmail()); - - assertThat(updateProfilePage.getInputErrors().getEmailError(), anyOf( - containsString("Please specify email"), - containsString("Please specify this field") - )); - - events.assertEmpty(); - } - - @Test - public void updateProfileInvalidEmail() { - loginPage.open(); - - loginPage.login("test-user@localhost", getPassword("test-user@localhost")); - - updateProfilePage.assertCurrent(); - - updateProfilePage.prepareUpdate().username("invalid").firstName("New first").lastName("New last") - .email("invalidemail").submit(); - - updateProfilePage.assertCurrent(); - - // assert that form holds submitted values during validation error - Assert.assertEquals("New first", updateProfilePage.getFirstName()); - Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("invalidemail", updateProfilePage.getEmail()); - - Assert.assertEquals("Invalid email address.", updateProfilePage.getInputErrors().getEmailError()); - - events.assertEmpty(); - } - @Test public void updateProfileMissingUsername() { loginPage.open(); @@ -274,14 +216,13 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("").firstName("New first").lastName("New last").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("").firstName("New first").lastName("New last").submit(); updateProfilePage.assertCurrent(); // assert that form holds submitted values during validation error Assert.assertEquals("New first", updateProfilePage.getFirstName()); Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("new@email.com", updateProfilePage.getEmail()); Assert.assertEquals("", updateProfilePage.getUsername()); Assert.assertEquals("Please specify username.", updateProfilePage.getInputErrors().getUsernameError()); @@ -297,14 +238,13 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").submit(); updateProfilePage.assertCurrent(); // assert that form holds submitted values during validation error Assert.assertEquals("New first", updateProfilePage.getFirstName()); Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("new@email.com", updateProfilePage.getEmail()); Assert.assertEquals("test-user@localhost", updateProfilePage.getUsername()); Assert.assertEquals("Username already exists.", updateProfilePage.getInputErrors().getUsernameError()); @@ -312,29 +252,6 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP events.assertEmpty(); } - @Test - public void updateProfileDuplicatedEmail() { - loginPage.open(); - - loginPage.login("test-user@localhost", getPassword("test-user@localhost")); - - updateProfilePage.assertCurrent(); - - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last") - .email("keycloak-user@localhost").submit(); - - updateProfilePage.assertCurrent(); - - // assert that form holds submitted values during validation error - Assert.assertEquals("New first", updateProfilePage.getFirstName()); - Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("keycloak-user@localhost", updateProfilePage.getEmail()); - - Assert.assertEquals("Email already exists.", updateProfilePage.getInputErrors().getEmailError()); - - events.assertEmpty(); - } - @Test public void updateProfileDuplicateUsernameWithEmail() { getCleanup().addUserId(createUser(TEST_REALM_NAME, "user1@local.com", generatePassword("user1@local.com"), "user1", "user1", "user1@local.org")); @@ -345,14 +262,13 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP updateProfilePage.assertCurrent(); - updateProfilePage.prepareUpdate().username("user1@local.org").firstName("New first").lastName("New last").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("user1@local.org").firstName("New first").lastName("New last").submit(); updateProfilePage.assertCurrent(); // assert that form holds submitted values during validation error Assert.assertEquals("New first", updateProfilePage.getFirstName()); Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("new@email.com", updateProfilePage.getEmail()); Assert.assertEquals("user1@local.org", updateProfilePage.getUsername()); Assert.assertEquals("Username already exists.", updateProfilePage.getInputErrors().getUsernameError()); @@ -360,31 +276,6 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP events.assertEmpty(); } - @Test - public void updateProfileDuplicatedEmailWithUsername() { - getCleanup().addUserId(createUser(TEST_REALM_NAME, "user1@local.com", generatePassword("user1@local.com"), "user1", "user1", "user1@local.org")); - - loginPage.open(); - - loginPage.login("test-user@localhost", getPassword("test-user@localhost")); - - updateProfilePage.assertCurrent(); - - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last") - .email("user1@local.com").submit(); - - updateProfilePage.assertCurrent(); - - // assert that form holds submitted values during validation error - Assert.assertEquals("New first", updateProfilePage.getFirstName()); - Assert.assertEquals("New last", updateProfilePage.getLastName()); - Assert.assertEquals("user1@local.com", updateProfilePage.getEmail()); - - Assert.assertEquals("Email already exists.", updateProfilePage.getInputErrors().getEmailError()); - - events.assertEmpty(); - } - @Test public void updateProfileExpiredCookies() { loginPage.open(); @@ -395,7 +286,7 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP // Expire cookies and assert the page with "back to application" link present driver.manage().deleteAllCookies(); - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").email("keycloak-user@localhost").submit(); + updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").submit(); errorPage.assertCurrent(); String backToAppLink = errorPage.getBackToApplicationLink(); @@ -427,9 +318,9 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP updateProfilePage.assertCurrent(); assertFalse(updateProfilePage.isCancelDisplayed()); - updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username("test-user@localhost").firstName("New first").lastName("New last").submit(); - events.expectRequiredAction(EventType.UPDATE_PROFILE).detail(Details.CONTEXT, UserProfileContext.UPDATE_PROFILE.name()).detail(Details.PREVIOUS_EMAIL, "test-user@localhost").detail(Details.UPDATED_EMAIL, "new@email.com").assertEvent(); + events.expectRequiredAction(EventType.UPDATE_PROFILE).detail(Details.CONTEXT, UserProfileContext.UPDATE_PROFILE.name()).assertEvent(); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); @@ -439,7 +330,6 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP userRep = ActionUtil.findUserWithAdminClient(adminClient, "test-user@localhost"); Assert.assertEquals("New first", userRep.getFirstName()); Assert.assertEquals("New last", userRep.getLastName()); - Assert.assertEquals("new@email.com", userRep.getEmail()); Assert.assertEquals("test-user@localhost", userRep.getUsername()); Assert.assertNotNull(userRep.getAttributes()); Assert.assertTrue(userRep.getAttributes().containsKey("custom")); @@ -482,7 +372,7 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP updateProfilePage.setAttribute(elementId, value); updateProfilePage.clickAddAttributeValue(elementId); } - updateProfilePage.update("f", "l", "e@keycloak.org"); + updateProfilePage.update("f", "l"); UserRepresentation userRep = ActionUtil.findUserWithAdminClient(adminClient, "john-doh@localhost"); assertThat(userRep.getAttributes().get(attribute), Matchers.containsInAnyOrder(values.toArray())); @@ -504,7 +394,7 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP } } } - updateProfilePage.update("f", "l", "e@keycloak.org"); + updateProfilePage.update("f", "l"); userRep = ActionUtil.findUserWithAdminClient(adminClient, "john-doh@localhost"); assertThat(userRep.getAttributes().get(attribute), Matchers.hasSize(1)); assertThat(userRep.getAttributes().get(attribute).get(0), Matchers.in(values)); @@ -534,7 +424,7 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP if (StringUtil.isBlank(updateProfilePage.getAttribute(attribute + "-0"))) { updateProfilePage.setAttribute(attribute + "-0", lastValue); } - updateProfilePage.update("f", "l", "e@keycloak.org"); + updateProfilePage.update("f", "l"); userRep = ActionUtil.findUserWithAdminClient(adminClient, "john-doh@localhost"); assertThat(userRep.getAttributes().get(attribute), Matchers.hasSize(1)); assertThat(userRep.getAttributes().get(attribute).get(0), Matchers.in(values)); @@ -548,7 +438,7 @@ public class RequiredActionUpdateProfileTest extends AbstractChangeImportedUserP updateProfilePage.setAttribute(elementId, value); updateProfilePage.clickAddAttributeValue(elementId); } - updateProfilePage.update("f", "l", "e@keycloak.org"); + updateProfilePage.update("f", "l"); // restart the update profile flow userRep = ActionUtil.findUserWithAdminClient(adminClient, "john-doh@localhost"); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionUpdateProfileWithUserProfileTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionUpdateProfileWithUserProfileTest.java index f1b6c69147d..6a3e162331b 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionUpdateProfileWithUserProfileTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/RequiredActionUpdateProfileWithUserProfileTest.java @@ -212,7 +212,7 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest //assert fields location in form //assert fields and groups location in form, attributes without a group appear first List element = driver.findElements(By.cssSelector("form#kc-update-profile-form input")); - String[] labelOrder = new String[]{"lastName", "department", "username", "firstName", "email"}; + String[] labelOrder = new String[]{"lastName", "department", "username", "firstName"}; for (int i = 0; i < labelOrder.length; i++) { WebElement webElement = element.get(i); String id = webElement.getAttribute("id"); @@ -274,11 +274,10 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest updateProfilePage.assertCurrent(); assertFalse(updateProfilePage.isCancelDisplayed()); - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("New first").lastName("").email("new@email.com").submit(); + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("New first").lastName("").submit(); events.expectRequiredAction(EventType.UPDATE_PROFILE).detail(Details.PREVIOUS_FIRST_NAME, "Tom").detail(Details.UPDATED_FIRST_NAME, "New first") .detail(Details.PREVIOUS_LAST_NAME, "Brady") - .detail(Details.PREVIOUS_EMAIL, USERNAME1).detail(Details.UPDATED_EMAIL, "new@email.com") .assertEvent(); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); @@ -288,7 +287,6 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest UserRepresentation user = ActionUtil.findUserWithAdminClient(adminClient, USERNAME1); Assert.assertEquals("New first", user.getFirstName()); assertThat(StringUtils.isEmpty(user.getLastName()), is(true)); - Assert.assertEquals("new@email.com", user.getEmail()); Assert.assertEquals(USERNAME1, user.getUsername()); assertNull(user.getLastName()); } @@ -310,11 +308,11 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest updateProfilePage.assertCurrent(); //submit with error - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("First").lastName("L").email(USERNAME1).submit(); + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("First").lastName("L").submit(); updateProfilePage.assertCurrent(); //submit OK - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("First").lastName("Last").email(USERNAME1).submit(); + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("First").lastName("Last").submit(); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); Assert.assertNotNull(oauth.parseLoginResponse().getCode()); @@ -343,7 +341,7 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest Assert.assertFalse(updateProfilePage.isDepartmentEnabled()); //update of the other attributes must be successful in this case - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("First").lastName("Last").email(USERNAME1).submit(); + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("First").lastName("Last").submit(); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); Assert.assertNotNull(oauth.parseLoginResponse().getCode()); @@ -370,7 +368,7 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest Assert.assertFalse(updateProfilePage.isDepartmentEnabled()); //update of the other attributes must be successful in this case - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("First").lastName("Last").email(USERNAME1).submit(); + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("First").lastName("Last").submit(); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); Assert.assertNotNull(oauth.parseLoginResponse().getCode()); @@ -397,7 +395,7 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest Assert.assertFalse("'department' field is visible", updateProfilePage.isDepartmentPresent()); //update of the other attributes must be successful in this case - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("First").lastName("Last").email(USERNAME1).submit(); + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("First").lastName("Last").submit(); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); Assert.assertNotNull(oauth.parseLoginResponse().getCode()); @@ -422,12 +420,12 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest updateProfilePage.assertCurrent(); //submit with error - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC").email(USERNAME1) + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC") .department("").submit(); updateProfilePage.assertCurrent(); //submit OK - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC").email(USERNAME1) + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC") .department("DepartmentCC").submit(); // we also test additional attribute configured to be audited in the event @@ -463,12 +461,12 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest updateProfilePage.assertCurrent(); //submit with error - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC").email(USERNAME1) + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC") .department("").submit(); updateProfilePage.assertCurrent(); //submit OK - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC").email(USERNAME1) + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC") .department("DepartmentCC").submit(); events.expectRequiredAction(EventType.UPDATE_PROFILE).client(client_scope_optional.getClientId()) @@ -503,12 +501,12 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest updateProfilePage.assertCurrent(); //submit with error - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC").email(USERNAME1) + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC") .department("").submit(); updateProfilePage.assertCurrent(); //submit OK - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC").email(USERNAME1) + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC") .department("DepartmentCC").submit(); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); @@ -537,12 +535,12 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest updateProfilePage.assertCurrent(); //submit with error - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC").email(USERNAME1) + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC") .department("").submit(); updateProfilePage.assertCurrent(); //submit OK - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC").email(USERNAME1) + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC") .department("DepartmentCC").submit(); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); @@ -571,7 +569,7 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest updateProfilePage.assertCurrent(); Assert.assertTrue(updateProfilePage.isDepartmentPresent()); - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC").email(USERNAME1) + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC") .department("DepartmentCC").submit(); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); @@ -600,7 +598,7 @@ public class RequiredActionUpdateProfileWithUserProfileTest extends AbstractTest updateProfilePage.assertCurrent(); Assert.assertFalse(updateProfilePage.isDepartmentPresent()); - updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC").email(USERNAME1).submit(); + updateProfilePage.prepareUpdate().username(USERNAME1).firstName("FirstCC").lastName("LastCC").submit(); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); Assert.assertNotNull(oauth.parseLoginResponse().getCode()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cluster/AuthenticationSessionFailoverClusterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cluster/AuthenticationSessionFailoverClusterTest.java index 90378443bb0..8fc1a97f11a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cluster/AuthenticationSessionFailoverClusterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cluster/AuthenticationSessionFailoverClusterTest.java @@ -107,7 +107,7 @@ public class AuthenticationSessionFailoverClusterTest extends AbstractFailoverCl updateProfilePage.assertCurrent(); // Successfully update profile and assert user logged - updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3").email("john@doe3.com").submit(); + updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3").submit(); appPage.assertCurrent(); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosTest.java index 2604ef24a50..e25a5fc953a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosTest.java @@ -17,6 +17,7 @@ package org.keycloak.testsuite.federation.kerberos; +import static org.junit.Assert.assertThat; import static org.keycloak.testsuite.admin.AbstractAdminTest.loadJson; import static org.keycloak.testsuite.auth.page.AuthRealm.TEST; @@ -47,6 +48,7 @@ import org.apache.http.client.utils.URLEncodedUtils; import org.apache.http.config.RegistryBuilder; import org.apache.http.impl.client.BasicCredentialsProvider; import org.apache.http.impl.client.HttpClientBuilder; +import org.hamcrest.Matchers; import org.ietf.jgss.GSSCredential; import org.jboss.arquillian.graphene.page.Page; import org.jboss.resteasy.client.jaxrs.ResteasyClient; @@ -311,8 +313,8 @@ public abstract class AbstractKerberosTest extends AbstractAuthTest { } if (updateProfileActionExpected) { - Assert.assertEquals(UserModel.RequiredAction.UPDATE_PROFILE.toString(), - user.getRequiredActions().iterator().next()); + assertThat(user.getRequiredActions(), + Matchers.containsInAnyOrder(UserModel.RequiredAction.UPDATE_PROFILE.toString(), UserModel.RequiredAction.UPDATE_EMAIL.toString())); } else { Assert.assertTrue(user.getRequiredActions().isEmpty()); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/KerberosStandaloneTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/KerberosStandaloneTest.java index 0af9fc6d346..2e5780bdb17 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/KerberosStandaloneTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/KerberosStandaloneTest.java @@ -125,7 +125,6 @@ public class KerberosStandaloneTest extends AbstractKerberosSingleRealmTest { Assert.assertEquals(200, spnegoResponse.getStatus()); String responseText = spnegoResponse.readEntity(String.class); Assert.assertTrue(responseText.contains("You need to update your user profile to activate your account.")); - Assert.assertTrue(responseText.contains("hnelson@" + kerberosRule.getConfig().get(KerberosConstants.KERBEROS_REALM).toLowerCase())); spnegoResponse.close(); // Assert user was imported and has required action on him diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPAccountRestApiTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPAccountRestApiTest.java index b772a2c516e..537e5ed0437 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPAccountRestApiTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPAccountRestApiTest.java @@ -266,18 +266,18 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest { appRealm.setEditUsernameAllowed(false); }); UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); - user.setEmail("john-alias@email.org"); + user.setLastName("Brady"); SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus(); UserRepresentation usernew = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); assertEquals("johnkeycloak", usernew.getUsername()); assertEquals("John", usernew.getFirstName()); - assertEquals("Doe", usernew.getLastName()); - assertEquals("john-alias@email.org", usernew.getEmail()); + assertEquals("Brady", usernew.getLastName()); + assertEquals("john@email.org", usernew.getEmail()); assertFalse(usernew.isEmailVerified()); //clean up - usernew.setEmail("john@email.org"); + user.setLastName("Doe"); SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus(); } @@ -290,21 +290,21 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest { appRealm.setEditUsernameAllowed(false); }); UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); - user.setEmail("john-alias@email.org"); + user.setFirstName("Tom"); SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus(); UserRepresentation usernew = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); assertEquals("johnkeycloak", usernew.getUsername()); - assertEquals("John", usernew.getFirstName()); + assertEquals("Tom", usernew.getFirstName()); assertEquals("Doe", usernew.getLastName()); - assertEquals("john-alias@email.org", usernew.getEmail()); + assertEquals("john@email.org", usernew.getEmail()); assertFalse(usernew.isEmailVerified()); // No metadata attributes like LDAP_ID or LDAP_ENTRY_DN present in account REST API Assert.assertNull(usernew.getAttributes()); //clean up - usernew.setEmail("john@email.org"); + usernew.setFirstName("John"); final int i = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus(); org.keycloak.representations.idm.UserRepresentation userRep = testRealm().users() diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/BrowserButtonsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/BrowserButtonsTest.java index c80a4c1b35f..b49e0928bff 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/BrowserButtonsTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/BrowserButtonsTest.java @@ -159,7 +159,7 @@ public class BrowserButtonsTest extends AbstractChangeImportedUserPasswordsTest // Successfully update profile and assert user logged - updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3").email("john@doe3.com").submit(); + updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3").submit(); appPage.assertCurrent(); } @@ -204,7 +204,7 @@ public class BrowserButtonsTest extends AbstractChangeImportedUserPasswordsTest updateProfilePage.assertCurrent(); // Successfully update profile and assert user logged - updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3").email("john@doe3.com").submit(); + updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3").submit(); appPage.assertCurrent(); } @@ -218,7 +218,7 @@ public class BrowserButtonsTest extends AbstractChangeImportedUserPasswordsTest loginPage.open(); loginPage.login("login-test", getPassword("login-test")); updatePasswordPage.changePassword(getPassword("login-test"), getPassword("login-test")); - updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3").email("john@doe3.com").submit(); + updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3").submit(); // Assert on consent screen grantPage.assertCurrent(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/MultipleTabsLoginTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/MultipleTabsLoginTest.java index 4b1b6dad1c2..2e63579dfbf 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/MultipleTabsLoginTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/MultipleTabsLoginTest.java @@ -270,8 +270,7 @@ public class MultipleTabsLoginTest extends AbstractChangeImportedUserPasswordsTe private void loginSuccessAndDoRequiredActions() { loginPage.login("login-test", getPassword("login-test")); updatePasswordPage.changePassword(getPassword("login-test"), getPassword("login-test")); - updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3") - .email("john@doe3.com").submit(); + updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3").submit(); appPage.assertCurrent(); } @@ -517,8 +516,7 @@ public class MultipleTabsLoginTest extends AbstractChangeImportedUserPasswordsTe updatePasswordPage.assertCurrent(); updatePasswordPage.changePassword(getPassword("login-test"), getPassword("login-test")); - updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3") - .email("john@doe3.com").submit(); + updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3").submit(); appPage.assertCurrent(); } @@ -556,8 +554,7 @@ public class MultipleTabsLoginTest extends AbstractChangeImportedUserPasswordsTe updatePasswordPage.assertCurrent(); updatePasswordPage.changePassword(getPassword("login-test"), getPassword("login-test")); - updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3") - .email("john@doe3.com").submit(); + updateProfilePage.prepareUpdate().firstName("John").lastName("Doe3").submit(); appPage.assertCurrent(); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/VerifyProfileTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/VerifyProfileTest.java index 333f2374b78..53724384846 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/VerifyProfileTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/VerifyProfileTest.java @@ -23,7 +23,7 @@ import org.junit.Assert; import org.junit.Rule; import org.junit.Test; import org.keycloak.admin.client.resource.RealmResource; -import org.keycloak.common.Profile; +import org.keycloak.admin.client.resource.UserResource; import org.keycloak.events.Details; import org.keycloak.events.EventType; import org.keycloak.events.admin.OperationType; @@ -36,7 +36,8 @@ import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.representations.userprofile.config.UPConfig; import org.keycloak.testsuite.AbstractChangeImportedUserPasswordsTest; import org.keycloak.testsuite.AssertEvents; -import org.keycloak.testsuite.arquillian.annotation.EnableFeature; +import org.keycloak.testsuite.admin.ApiUtil; +import org.keycloak.testsuite.auth.page.login.UpdateEmailPage; import org.keycloak.testsuite.pages.AppPage; import org.keycloak.testsuite.pages.AppPage.RequestType; import org.keycloak.testsuite.pages.LoginPage; @@ -97,6 +98,9 @@ public class VerifyProfileTest extends AbstractChangeImportedUserPasswordsTest { private static ClientRepresentation client_scope_default; private static ClientRepresentation client_scope_optional; + @Page + protected UpdateEmailPage updateEmailPage; + @Override protected boolean removeVerifyProfileAtImport() { // we need the verify profile action enabled as default @@ -247,7 +251,7 @@ public class VerifyProfileTest extends AbstractChangeImportedUserPasswordsTest { //assert fields location in form List element = driver.findElements(By.cssSelector("form#kc-update-profile-form input")); - String[] labelOrder = new String[]{"lastName", "department", "username", "firstName", "email"}; + String[] labelOrder = new String[]{"lastName", "department", "username", "firstName"}; for (int i = 0; i < labelOrder.length; i++) { WebElement webElement = element.get(i); String id = webElement.getAttribute("id"); @@ -371,7 +375,7 @@ public class VerifyProfileTest extends AbstractChangeImportedUserPasswordsTest { verifyProfilePage.assertCurrent(); assertFalse(verifyProfilePage.isUsernamePresent()); - assertTrue(verifyProfilePage.isEmailPresent()); + assertFalse(verifyProfilePage.isEmailPresent()); realm.setEditUsernameAllowed(true); testRealm().update(realm); @@ -403,7 +407,7 @@ public class VerifyProfileTest extends AbstractChangeImportedUserPasswordsTest { verifyProfilePage.assertCurrent(); assertFalse(verifyProfilePage.isUsernamePresent()); - assertTrue(verifyProfilePage.isEmailPresent()); + assertFalse(verifyProfilePage.isEmailPresent()); realm.setEditUsernameAllowed(false); realm.setRegistrationEmailAsUsername(true); @@ -421,7 +425,7 @@ public class VerifyProfileTest extends AbstractChangeImportedUserPasswordsTest { driver.navigate().refresh(); verifyProfilePage.assertCurrent(); assertTrue(verifyProfilePage.isUsernamePresent()); - assertTrue(verifyProfilePage.isEmailPresent()); + assertFalse(verifyProfilePage.isEmailPresent()); } finally { realm.setEditUsernameAllowed(false); realm.setRegistrationEmailAsUsername(false); @@ -430,7 +434,6 @@ public class VerifyProfileTest extends AbstractChangeImportedUserPasswordsTest { } @Test - @EnableFeature(Profile.Feature.UPDATE_EMAIL) public void testUsernameOnlyIfEmailAsUsernameIsDisabledWithUpdateEmailFeature() throws Exception { reconnectAdminClient(); RealmRepresentation realm = testRealm().toRepresentation(); @@ -1050,6 +1053,11 @@ public class VerifyProfileTest extends AbstractChangeImportedUserPasswordsTest { setUserProfileConfiguration(CONFIGURATION_FOR_USER_EDIT); updateUser(user5Id, true, "", "ExistingLast"); + UserResource userResource = ApiUtil.findUserByUsernameId(testRealm(), "login-test5"); + UserRepresentation userRepresentation = userResource.toRepresentation(); + userRepresentation.setRequiredActions(List.of(UserModel.RequiredAction.UPDATE_EMAIL.name())); + userResource.update(userRepresentation); + setUserProfileConfiguration("{\"attributes\": [" + "{\"name\": \"firstName\"," + PERMISSIONS_ALL + ", \"required\": {}}," + "{\"name\": \"lastName\"," + PERMISSIONS_ALL + "}" @@ -1058,10 +1066,13 @@ public class VerifyProfileTest extends AbstractChangeImportedUserPasswordsTest { loginPage.open(); loginPage.login("login-test5", getPassword("login-test5")); + updateEmailPage.assertCurrent(); + updateEmailPage.changeEmail("newemail@test.org"); + verifyProfilePage.assertCurrent(); //submit OK - verifyProfilePage.updateEmail("newemail@test.org","FirstCC", "LastCC"); + verifyProfilePage.update("FirstCC", "LastCC"); Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType()); Assert.assertNotNull(oauth.parseLoginResponse().getCode()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java index 182eb68d70f..42cac545e6e 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java @@ -1001,9 +1001,9 @@ public abstract class AbstractMigrationTest extends AbstractKeycloakTest { if (action.getAlias().equals("update_user_locale")) { assertEquals(1000, action.getPriority()); } else if (action.getAlias().equals("delete_credential")) { - assertEquals(100, action.getPriority()); - } else if (action.getAlias().equals("idp_link")) { assertEquals(110, action.getPriority()); + } else if (action.getAlias().equals("idp_link")) { + assertEquals(120, action.getPriority()); } else { assertEquals(priority, action.getPriority()); } @@ -1353,7 +1353,7 @@ public abstract class AbstractMigrationTest extends AbstractKeycloakTest { assertEquals("delete_credential", rep.getAlias()); assertEquals("delete_credential", rep.getProviderId()); assertEquals("Delete Credential", rep.getName()); - assertEquals(100, rep.getPriority()); + assertEquals(110, rep.getPriority()); assertTrue(rep.isEnabled()); assertFalse(rep.isDefaultAction()); } @@ -1364,7 +1364,7 @@ public abstract class AbstractMigrationTest extends AbstractKeycloakTest { assertEquals("idp_link", rep.getAlias()); assertEquals("idp_link", rep.getProviderId()); assertEquals("Linking Identity Provider", rep.getName()); - assertEquals(110, rep.getPriority()); + assertEquals(120, rep.getPriority()); assertTrue(rep.isEnabled()); assertFalse(rep.isDefaultAction()); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/user/profile/UserProfileTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/user/profile/UserProfileTest.java index aeec98ff209..a0c3f0f1608 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/user/profile/UserProfileTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/user/profile/UserProfileTest.java @@ -49,7 +49,7 @@ import org.hamcrest.Matchers; import org.junit.Assert; import org.junit.Test; import org.keycloak.admin.client.resource.RealmResource; -import org.keycloak.common.Profile.Feature; +import org.keycloak.common.Profile; import org.keycloak.common.util.MultivaluedHashMap; import org.keycloak.component.ComponentModel; import org.keycloak.component.ComponentValidationException; @@ -577,7 +577,6 @@ public class UserProfileTest extends AbstractUserProfileTest { String userName = org.keycloak.models.utils.KeycloakModelUtils.generateId(); attributes.put(UserModel.USERNAME, userName); - attributes.put(UserModel.EMAIL, "user@keycloak.org"); attributes.put(UserModel.FIRST_NAME, "Joe"); attributes.put(UserModel.LAST_NAME, "Doe"); attributes.put("address", "fixed-address"); @@ -590,14 +589,12 @@ public class UserProfileTest extends AbstractUserProfileTest { attributes.put(UserModel.FIRST_NAME, "Alice"); attributes.put(UserModel.LAST_NAME, "In Chains"); - attributes.put(UserModel.EMAIL, "alice@keycloak.org"); profile = provider.create(UserProfileContext.ACCOUNT, attributes, user); Set attributesUpdated = new HashSet<>(); Map attributesUpdatedOldValues = new HashMap<>(); attributesUpdatedOldValues.put(UserModel.FIRST_NAME, "Joe"); attributesUpdatedOldValues.put(UserModel.LAST_NAME, "Doe"); - attributesUpdatedOldValues.put(UserModel.EMAIL, "user@keycloak.org"); profile.update((attributeName, userModel, oldValue) -> { assertTrue(attributesUpdated.add(attributeName)); @@ -605,7 +602,7 @@ public class UserProfileTest extends AbstractUserProfileTest { assertEquals(attributes.get(attributeName), userModel.getFirstAttribute(attributeName)); }); - assertThat(attributesUpdated, containsInAnyOrder(UserModel.FIRST_NAME, UserModel.LAST_NAME, UserModel.EMAIL)); + assertThat(attributesUpdated, containsInAnyOrder(UserModel.FIRST_NAME, UserModel.LAST_NAME)); configureAuthenticationSession(session); @@ -637,7 +634,6 @@ public class UserProfileTest extends AbstractUserProfileTest { attributes.put(UserModel.USERNAME, org.keycloak.models.utils.KeycloakModelUtils.generateId()); attributes.put(UserModel.FIRST_NAME, "John"); attributes.put(UserModel.LAST_NAME, "Doe"); - attributes.put(UserModel.EMAIL, org.keycloak.models.utils.KeycloakModelUtils.generateId() + "@keycloak.org"); attributes.put("address", Arrays.asList("fixed-address")); attributes.put("department", Arrays.asList("sales")); @@ -766,9 +762,12 @@ public class UserProfileTest extends AbstractUserProfileTest { profile = provider.create(UserProfileContext.ACCOUNT, attributes, user); - profile.update(); - - assertEquals("E-Mail address should have been changed!", "changed@foo.bar", user.getEmail()); + try { + profile.update(); + fail("Should fail since email can be updated only via update-email action"); + } catch (ValidationException ve) { + assertTrue(ve.isAttributeOnError("email")); + } } @Test @@ -782,7 +781,6 @@ public class UserProfileTest extends AbstractUserProfileTest { attributes.put(UserModel.USERNAME, org.keycloak.models.utils.KeycloakModelUtils.generateId()); attributes.put(UserModel.FIRST_NAME, "John"); attributes.put(UserModel.LAST_NAME, "Doe"); - attributes.put(UserModel.EMAIL, org.keycloak.models.utils.KeycloakModelUtils.generateId() + "@keycloak.org"); attributes.put("address", Arrays.asList("fixed-address")); attributes.put("department", Arrays.asList("sales")); attributes.put("phone", Arrays.asList("fixed-phone")); @@ -2227,7 +2225,6 @@ public class UserProfileTest extends AbstractUserProfileTest { assertEquals(attributes.get(UserModel.EMAIL).toLowerCase(), profileAttributes.getFirst(UserModel.EMAIL)); } - @EnableFeature(Feature.UPDATE_EMAIL) @Test public void testEmailAttributeInUpdateEmailContext() { getTestingClient().server(TEST_REALM_NAME).run((RunOnServer) UserProfileTest::testEmailAttributeInUpdateEmailContext); @@ -2313,7 +2310,7 @@ public class UserProfileTest extends AbstractUserProfileTest { } } - @EnableFeature(Feature.UPDATE_EMAIL) + @EnableFeature(Profile.Feature.UPDATE_EMAIL) @Test public void testEmailAnnotationsInAccountContext() { getTestingClient().server(TEST_REALM_NAME).run((RunOnServer) UserProfileTest::testEmailAnnotationsInAccountContext);