Java Code Examples for org.keycloak.representations.idm.RealmRepresentation#setMaxFailureWaitSeconds()

The following examples show how to use org.keycloak.representations.idm.RealmRepresentation#setMaxFailureWaitSeconds() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: BruteForceTest.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
@Override
public void configureTestRealm(RealmRepresentation testRealm) {
    UserRepresentation user = RealmRepUtil.findUser(testRealm, "test-user@localhost");
    UserBuilder.edit(user).totpSecret("totpSecret");

    testRealm.setBruteForceProtected(true);
    testRealm.setFailureFactor(2);
    testRealm.setMaxDeltaTimeSeconds(20);
    testRealm.setMaxFailureWaitSeconds(100);
    testRealm.setWaitIncrementSeconds(5);
    //testRealm.setQuickLoginCheckMilliSeconds(0L);

    userId = user.getId();

    RealmRepUtil.findClientByClientId(testRealm, "test-app").setDirectAccessGrantsEnabled(true);
    testRealm.getUsers().add(UserBuilder.create().username("user2").email("user2@localhost").password("password").build());
}
Example 2
Source File: BruteForceTest.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
@Before
public void config() {
    try {
        clearUserFailures();
        clearAllUserFailures();
        RealmRepresentation realm = adminClient.realm("test").toRepresentation();
        realm.setFailureFactor(2);
        realm.setMaxDeltaTimeSeconds(20);
        realm.setMaxFailureWaitSeconds(100);
        realm.setWaitIncrementSeconds(5);
        adminClient.realm("test").update(realm);
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
    events.clear();

}
Example 3
Source File: BruteForceTest.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
@After
public void slowItDown() throws Exception {
    try {
        clearUserFailures();
        clearAllUserFailures();
        RealmRepresentation realm = adminClient.realm("test").toRepresentation();
        realm.setMaxFailureWaitSeconds(900);
        realm.setMinimumQuickLoginWaitSeconds(60);
        realm.setWaitIncrementSeconds(60);
        realm.setQuickLoginCheckMilliSeconds(1000L);
        realm.setMaxDeltaTimeSeconds(60 * 60 * 12); // 12 hours
        realm.setFailureFactor(30);
        adminClient.realm("test").update(realm);
        testingClient.testing().setTimeOffset(Collections.singletonMap("offset", String.valueOf(0)));
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
    events.clear();
    Thread.sleep(100);
}
Example 4
Source File: FlowOverrideTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
private void setupBruteForce() {
    RealmRepresentation testRealm = adminClient.realm("test").toRepresentation();
    testRealm.setBruteForceProtected(true);
    testRealm.setFailureFactor(2);
    testRealm.setMaxDeltaTimeSeconds(20);
    testRealm.setMaxFailureWaitSeconds(100);
    testRealm.setWaitIncrementSeconds(5);
    adminClient.realm("test").update(testRealm);
}
Example 5
Source File: AbstractAdvancedBrokerTest.java    From keycloak with Apache License 2.0 4 votes vote down vote up 
@Test
public void testPostBrokerLoginFlowWithOTP_bruteForceEnabled() {
    updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
    testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(bc.getIDPAlias()));

    // Enable brute force protector in cosumer realm
    RealmResource realm = adminClient.realm(bc.consumerRealmName());
    RealmRepresentation consumerRealmRep = realm.toRepresentation();
    consumerRealmRep.setBruteForceProtected(true);
    consumerRealmRep.setFailureFactor(2);
    consumerRealmRep.setMaxDeltaTimeSeconds(20);
    consumerRealmRep.setMaxFailureWaitSeconds(100);
    consumerRealmRep.setWaitIncrementSeconds(5);
    realm.update(consumerRealmRep);

    try {
        driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));

        logInWithBroker(bc);

        totpPage.assertCurrent();
        String totpSecret = totpPage.getTotpSecret();
        totpPage.configure(totp.generateTOTP(totpSecret));
        assertNumFederatedIdentities(realm.users().search(bc.getUserLogin()).get(0).getId(), 1);
        logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());

        logInWithBroker(bc);

        loginTotpPage.assertCurrent();

        // Login for 2 times with incorrect TOTP. This should temporarily disable the user
        loginTotpPage.login("bad-totp");
        Assert.assertEquals("Invalid authenticator code.", loginTotpPage.getError());

        loginTotpPage.login("bad-totp");
        Assert.assertEquals("Invalid authenticator code.", loginTotpPage.getError());

        // Login with valid TOTP. I should not be able to login
        loginTotpPage.login(totp.generateTOTP(totpSecret));
        Assert.assertEquals("Invalid authenticator code.", loginTotpPage.getError());

        // Clear login failures
        String userId = ApiUtil.findUserByUsername(realm, bc.getUserLogin()).getId();
        realm.attackDetection().clearBruteForceForUser(userId);

        loginTotpPage.login(totp.generateTOTP(totpSecret));
        waitForAccountManagementTitle();
        logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
    } finally {
        testingClient.server(bc.consumerRealmName()).run(disablePostBrokerLoginFlow(bc.getIDPAlias()));

        // Disable brute force protector
        consumerRealmRep = realm.toRepresentation();
        consumerRealmRep.setBruteForceProtected(false);
        realm.update(consumerRealmRep);
    }
}