Enable WebAuthn tests for Firefox (keycloak#30374)

Closes keycloak#22075 Signed-off-by: Martin Bartoš <mabartos@redhat.com>
fiskaly · Jun 18, 2024 · 5ad3aba · 5ad3aba
1 parent bb4d2ec
commit 5ad3aba
Show file tree

Hide file tree

Showing 23 changed files with 54 additions and 20 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -686,7 +686,7 @@ jobs:
       matrix:
         browser:
           - chrome
-          # - firefox  disabled until https://github.com/keycloak/keycloak/issues/20777 is resolved
+          - firefox
       fail-fast: false
     steps:
       - uses: actions/checkout@v4

diff --git a/...ts/base/src/test/java/org/keycloak/testsuite/webauthn/AppInitiatedActionWebAuthnTest.java b/...ts/base/src/test/java/org/keycloak/testsuite/webauthn/AppInitiatedActionWebAuthnTest.java
@@ -35,6 +35,7 @@
 import org.keycloak.representations.idm.UserSessionRepresentation;
 import org.keycloak.testsuite.actions.AbstractAppInitiatedActionTest;
 import org.keycloak.testsuite.admin.ApiUtil;
+import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
 import org.keycloak.testsuite.pages.LoginUsernameOnlyPage;
 import org.keycloak.testsuite.pages.PasswordPage;
 import org.keycloak.testsuite.updaters.RealmAttributeUpdater;
@@ -46,6 +47,7 @@
 import org.keycloak.testsuite.webauthn.authenticators.VirtualAuthenticatorManager;
 import org.keycloak.testsuite.webauthn.pages.WebAuthnRegisterPage;
 import org.openqa.selenium.WebDriver;
+import org.openqa.selenium.firefox.FirefoxDriver;
 
 import java.io.IOException;
 import java.util.ArrayList;
@@ -165,11 +167,13 @@ public void cancelSetupWebAuthn() {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void proceedSetupWebAuthnLogoutOtherSessionsChecked() throws IOException {
         testWebAuthnLogoutOtherSessions(true);
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void proceedSetupWebAuthnLogoutOtherSessionsNotChecked() throws IOException {
         testWebAuthnLogoutOtherSessions(false);
     }

diff --git a/.../base/src/test/java/org/keycloak/testsuite/webauthn/VirtualAuthenticatorsManagerTest.java b/.../base/src/test/java/org/keycloak/testsuite/webauthn/VirtualAuthenticatorsManagerTest.java
@@ -39,7 +39,7 @@
  *
  * @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
  */
-@IgnoreBrowserDriver(FirefoxDriver.class)
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class VirtualAuthenticatorsManagerTest extends AbstractWebAuthnVirtualTest {
 
     @Drone

diff --git a/...quillian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnIdlessTest.java b/...quillian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnIdlessTest.java
@@ -61,7 +61,7 @@
 import static org.openqa.selenium.virtualauthenticator.VirtualAuthenticatorOptions.Protocol;
 import static org.openqa.selenium.virtualauthenticator.VirtualAuthenticatorOptions.Transport;
 
-@IgnoreBrowserDriver(FirefoxDriver.class)
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class WebAuthnIdlessTest extends AbstractWebAuthnVirtualTest {
 
     @Rule

diff --git a/...illian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnPropertyTest.java b/...illian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnPropertyTest.java
@@ -43,10 +43,10 @@
 /**
  * @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
  */
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class WebAuthnPropertyTest extends AbstractWebAuthnVirtualTest {
 
     @Test
-    @IgnoreBrowserDriver(FirefoxDriver.class)
     public void residentKey() throws IOException {
         getVirtualAuthManager().useAuthenticator(DEFAULT_RESIDENT_KEY.getOptions());
 
@@ -82,7 +82,6 @@ public void residentKey() throws IOException {
     }
 
     @Test
-    @IgnoreBrowserDriver(FirefoxDriver.class)
     public void timeout() throws IOException {
         final Integer TIMEOUT = 3; //seconds
 
@@ -106,7 +105,6 @@ public void timeout() throws IOException {
     }
 
     @Test
-    @IgnoreBrowserDriver(FirefoxDriver.class)
     public void changeAuthenticatorProperties() throws IOException {
         getVirtualAuthManager().useAuthenticator(DEFAULT_RESIDENT_KEY.getOptions());
 
@@ -167,4 +165,4 @@ public void requiredActionRegistration() {
 
         appPage.assertCurrent();
     }
-}
+}
diff --git a/...ests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnRegisterAndLoginTest.java b/...ests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnRegisterAndLoginTest.java
@@ -39,6 +39,7 @@
 import org.keycloak.representations.idm.UserRepresentation;
 import org.keycloak.testsuite.admin.AbstractAdminTest;
 import org.keycloak.testsuite.admin.ApiUtil;
+import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
 import org.keycloak.testsuite.pages.AppPage.RequestType;
 import org.keycloak.testsuite.pages.ErrorPage;
 import org.keycloak.testsuite.pages.LoginUsernameOnlyPage;
@@ -49,6 +50,7 @@
 import org.keycloak.testsuite.webauthn.pages.WebAuthnAuthenticatorsList;
 import org.keycloak.testsuite.webauthn.updaters.WebAuthnRealmAttributeUpdater;
 import org.keycloak.util.JsonSerialization;
+import org.openqa.selenium.firefox.FirefoxDriver;
 
 import java.io.IOException;
 import java.util.ArrayList;
@@ -97,6 +99,7 @@ public void addTestRealms(List<RealmRepresentation> testRealms) {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void registerUserSuccess() throws IOException {
         String username = "registerUserSuccess";
         String password = "password";
@@ -193,6 +196,7 @@ public void registerUserSuccess() throws IOException {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void webAuthnPasswordlessAlternativeWithWebAuthnAndPassword() throws IOException {
         String userId = null;
 

diff --git a/...lian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnTransportsTest.java b/...lian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnTransportsTest.java
@@ -36,7 +36,7 @@
 /**
  * @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
  */
-@IgnoreBrowserDriver(FirefoxDriver.class)
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class WebAuthnTransportsTest extends AbstractWebAuthnVirtualTest {
 
     @Test

diff --git a/...n/tests/base/src/test/java/org/keycloak/testsuite/webauthn/account/WebAuthnErrorTest.java b/...n/tests/base/src/test/java/org/keycloak/testsuite/webauthn/account/WebAuthnErrorTest.java
@@ -45,7 +45,7 @@ public class WebAuthnErrorTest extends AbstractWebAuthnAccountTest {
     protected WebAuthnErrorPage webAuthnErrorPage;
 
     @Test
-    @IgnoreBrowserDriver(FirefoxDriver.class)
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void errorPageWithTimeout() throws IOException {
         final int timeoutSec = 3;
         final String authenticatorLabel = "authenticator";

diff --git a/...sts/base/src/test/java/org/keycloak/testsuite/webauthn/account/WebAuthnSigningInTest.java b/...sts/base/src/test/java/org/keycloak/testsuite/webauthn/account/WebAuthnSigningInTest.java
@@ -26,9 +26,11 @@
 import org.keycloak.models.credential.WebAuthnCredentialModel;
 import org.keycloak.representations.idm.CredentialRepresentation;
 import org.keycloak.representations.idm.RequiredActionProviderRepresentation;
+import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
 import org.keycloak.testsuite.webauthn.pages.SigningInPage;
 import org.keycloak.testsuite.webauthn.pages.WebAuthnAuthenticatorsList;
 import org.keycloak.theme.DateTimeFormatterUtil;
+import org.openqa.selenium.firefox.FirefoxDriver;
 
 import java.io.Closeable;
 import java.io.IOException;
@@ -73,16 +75,19 @@ public void categoriesTest() {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void twoFactorWebAuthnTest() {
         testWebAuthn(false);
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void passwordlessWebAuthnTest() {
         testWebAuthn(true);
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void createWebAuthnSameUserLabel() {
         final String SAME_LABEL = "key123";
 
@@ -117,6 +122,7 @@ public void createWebAuthnSameUserLabel() {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void multipleSecurityKeys() {
         final String LABEL = "SecurityKey#";
 
@@ -173,6 +179,7 @@ public void setUpLinksTest() {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void displayAvailableAuthenticators() {
         addWebAuthnCredential("authenticator#1");
         addWebAuthnCredential("authenticator#2");
@@ -197,6 +204,7 @@ public void displayAvailableAuthenticators() {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void notDisplayAvailableAuthenticatorsPasswordless() {
         addWebAuthnCredential("authenticator#1", true);
         addWebAuthnCredential("authenticator#2", true);
@@ -218,6 +226,7 @@ public void notDisplayAvailableAuthenticatorsPasswordless() {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void availableAuthenticatorsAfterRemove(){
         addWebAuthnCredential("authenticator#1");
         addWebAuthnCredential("authenticator#2");
@@ -338,6 +347,7 @@ public void checkAuthenticatorTimeLocale() throws ParseException, IOException {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void userAuthenticatorTimeLocale() throws IOException {
         Consumer<String> checkCreatedAtLabels = (requiredLabel) ->
                 webAuthnLoginPage.getAuthenticators()

diff --git a/...se/src/test/java/org/keycloak/testsuite/webauthn/account/WebAuthnTransportLocaleTest.java b/...se/src/test/java/org/keycloak/testsuite/webauthn/account/WebAuthnTransportLocaleTest.java
@@ -47,7 +47,7 @@
  *
  * @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
  */
-@IgnoreBrowserDriver(FirefoxDriver.class)
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class WebAuthnTransportLocaleTest extends AbstractWebAuthnAccountTest {
 
     @Test

diff --git a/...c/test/java/org/keycloak/testsuite/webauthn/passwordless/WebAuthnPwdLessPropertyTest.java b/...c/test/java/org/keycloak/testsuite/webauthn/passwordless/WebAuthnPwdLessPropertyTest.java
@@ -19,11 +19,14 @@
 
 import org.junit.Ignore;
 import org.junit.Test;
+import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
 import org.keycloak.testsuite.webauthn.WebAuthnPropertyTest;
+import org.openqa.selenium.firefox.FirefoxDriver;
 
 /**
  * @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
  */
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class WebAuthnPwdLessPropertyTest extends WebAuthnPropertyTest {
 
     @Override

diff --git a/.../java/org/keycloak/testsuite/webauthn/registration/AttestationConveyanceRegisterTest.java b/.../java/org/keycloak/testsuite/webauthn/registration/AttestationConveyanceRegisterTest.java
@@ -40,6 +40,7 @@
 /**
  * @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
  */
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class AttestationConveyanceRegisterTest extends AbstractWebAuthnVirtualTest {
 
     @Test
@@ -64,21 +65,18 @@ public void attestationDefaultValue() {
 
     @Ignore("invalid cert path")
     @Test
-    @IgnoreBrowserDriver(FirefoxDriver.class)
     public void attestationConveyancePreferenceNone() {
         assertAttestationConveyance(true, AttestationConveyancePreference.NONE);
     }
 
     @Ignore("invalid cert path")
     @Test
-    @IgnoreBrowserDriver(FirefoxDriver.class)
     public void attestationConveyancePreferenceIndirect() {
         assertAttestationConveyance(true, AttestationConveyancePreference.INDIRECT);
     }
 
     @Ignore("invalid cert path")
     @Test
-    @IgnoreBrowserDriver(FirefoxDriver.class)
     public void attestationConveyancePreferenceDirect() {
         getVirtualAuthManager().useAuthenticator(DEFAULT.getOptions().setHasResidentKey(true).setIsUserConsenting(true).setHasUserVerification(true));
         assertAttestationConveyance(true, AttestationConveyancePreference.DIRECT);

diff --git a/...rc/test/java/org/keycloak/testsuite/webauthn/registration/AuthAttachmentRegisterTest.java b/...rc/test/java/org/keycloak/testsuite/webauthn/registration/AuthAttachmentRegisterTest.java
@@ -38,7 +38,7 @@
 /**
  * @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
  */
-@IgnoreBrowserDriver(FirefoxDriver.class)
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class AuthAttachmentRegisterTest extends AbstractWebAuthnVirtualTest {
 
     @Test

diff --git a/...ase/src/test/java/org/keycloak/testsuite/webauthn/registration/PolicyJsInjectionTest.java b/...ase/src/test/java/org/keycloak/testsuite/webauthn/registration/PolicyJsInjectionTest.java
@@ -21,11 +21,14 @@
 import org.junit.Test;
 import org.junit.Ignore;
 import org.keycloak.representations.idm.CredentialRepresentation;
+import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
 import org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest;
 import org.keycloak.testsuite.webauthn.pages.WebAuthnAuthenticatorsList;
 import org.keycloak.testsuite.webauthn.updaters.AbstractWebAuthnRealmUpdater;
 import org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData;
 import org.keycloak.utils.StringUtil;
+import org.openqa.selenium.firefox.FirefoxDriver;
+import org.openqa.selenium.firefox.FirefoxOptions;
 
 import java.io.Closeable;
 import java.io.IOException;
@@ -51,6 +54,7 @@ public class PolicyJsInjectionTest extends AbstractWebAuthnVirtualTest {
     protected final String REDIRECT_SCRIPT = "required\"; window.location.href = \"http://www.keycloak.org\";\"";
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void relyingPartyEntityName() {
         verifyInjection((updater) -> updater.setWebAuthnPolicyRpEntityName(REDIRECT_SCRIPT),
                 WebAuthnRealmData::getRpEntityName,
@@ -105,6 +109,7 @@ public void authenticatorAttachment() {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void requireResidentKey() {
         // requireResidentKey is set to 'false' and the value is ignored -> success
         verifyInjection((updater) -> updater.setWebAuthnPolicyRequireResidentKey(PROMPT_SCRIPT),
@@ -126,6 +131,7 @@ public void userVerificationRequirement() {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void injectUserLabel() {
         final String originalLabel = "label'`;window.prompt(\"another\");'";
 

diff --git a/...se/src/test/java/org/keycloak/testsuite/webauthn/registration/PubKeySignRegisterTest.java b/...se/src/test/java/org/keycloak/testsuite/webauthn/registration/PubKeySignRegisterTest.java
@@ -20,9 +20,11 @@
 import com.webauthn4j.data.attestation.statement.COSEAlgorithmIdentifier;
 import org.junit.Test;
 import org.keycloak.models.credential.dto.WebAuthnCredentialData;
+import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
 import org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest;
 import org.keycloak.testsuite.webauthn.utils.WebAuthnDataWrapper;
 import org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData;
+import org.openqa.selenium.firefox.FirefoxDriver;
 
 import java.io.Closeable;
 import java.io.IOException;
@@ -41,6 +43,7 @@
 /**
  * @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
  */
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class PubKeySignRegisterTest extends AbstractWebAuthnVirtualTest {
 
     @Test

diff --git a/...e/src/test/java/org/keycloak/testsuite/webauthn/registration/ResidentKeyRegisterTest.java b/...e/src/test/java/org/keycloak/testsuite/webauthn/registration/ResidentKeyRegisterTest.java
@@ -42,7 +42,7 @@
 /**
  * @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
  */
-@IgnoreBrowserDriver(FirefoxDriver.class)
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class ResidentKeyRegisterTest extends AbstractWebAuthnVirtualTest {
 
     @Test

diff --git a/.../test/java/org/keycloak/testsuite/webauthn/registration/UserVerificationRegisterTest.java b/.../test/java/org/keycloak/testsuite/webauthn/registration/UserVerificationRegisterTest.java
@@ -37,7 +37,7 @@
 /**
  * @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
  */
-@IgnoreBrowserDriver(FirefoxDriver.class)
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class UserVerificationRegisterTest extends AbstractWebAuthnVirtualTest {
 
     @Test

diff --git a/...src/test/java/org/keycloak/testsuite/webauthn/registration/WebAuthnOtherSettingsTest.java b/...src/test/java/org/keycloak/testsuite/webauthn/registration/WebAuthnOtherSettingsTest.java
@@ -65,6 +65,7 @@ public class WebAuthnOtherSettingsTest extends AbstractWebAuthnVirtualTest {
     protected AppPage appPage;
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void defaultValues() {
         registerDefaultUser("webauthn");
 
@@ -113,7 +114,7 @@ public void defaultValues() {
     }
 
     @Test
-    @IgnoreBrowserDriver(FirefoxDriver.class)
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void timeout() throws IOException {
         final Integer TIMEOUT = 3; //seconds
 
@@ -156,6 +157,7 @@ public void acceptableAaguidsShouldBeEmptyOrNullByDefault() {
     }
 
     @Test
+    @IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
     public void excludeCredentials() throws IOException {
         List<String> acceptableAaguids = Collections.singletonList(ALL_ONE_AAGUID);
 

diff --git a/.../org/keycloak/testsuite/webauthn/registration/passwordless/PwdLessAttestationRegTest.java b/.../org/keycloak/testsuite/webauthn/registration/passwordless/PwdLessAttestationRegTest.java
@@ -17,11 +17,14 @@
 
 package org.keycloak.testsuite.webauthn.registration.passwordless;
 
+import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
 import org.keycloak.testsuite.webauthn.registration.AttestationConveyanceRegisterTest;
+import org.openqa.selenium.firefox.FirefoxDriver;
 
 /**
  * @author <a href="mailto:mabartos@redhat.com">Martin Bartos</a>
  */
+@IgnoreBrowserDriver(FirefoxDriver.class) // See https://github.com/keycloak/keycloak/issues/10368
 public class PwdLessAttestationRegTest extends AttestationConveyanceRegisterTest {
 
     @Override