Details
diff --git a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
index d0eb66b..b3f2638 100755
--- a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
@@ -436,7 +436,11 @@ public class AuthenticationManager {
// refresh the cookies!
createLoginCookie(session, realm, userSession.getUser(), userSession, uriInfo, clientConnection);
if (userSession.getState() != UserSessionModel.State.LOGGED_IN) userSession.setState(UserSessionModel.State.LOGGED_IN);
- if (userSession.isRememberMe()) createRememberMeCookie(realm, userSession.getLoginUsername(), uriInfo, clientConnection);
+ if (userSession.isRememberMe()) {
+ createRememberMeCookie(realm, userSession.getLoginUsername(), uriInfo, clientConnection);
+ } else {
+ expireRememberMeCookie(realm, uriInfo, clientConnection);
+ }
// Update userSession note with authTime. But just if flag SSO_AUTH is not set
if (!isSSOAuthentication(clientSession)) {
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
index c4522c6..adb6734 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
@@ -45,6 +45,7 @@ import java.util.Map;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertTrue;
/**
@@ -481,6 +482,55 @@ public class LoginTest extends TestRealmKeycloakTest {
setRememberMe(false);
}
}
+
+ //KEYCLOAK-2741
+ @Test
+ public void loginAgainWithoutRememberMe() {
+ setRememberMe(true);
+
+ try {
+ //login with remember me
+ loginPage.open();
+ assertFalse(loginPage.isRememberMeChecked());
+ loginPage.setRememberMe(true);
+ assertTrue(loginPage.isRememberMeChecked());
+ loginPage.login("login-test", "password");
+
+ Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
+ Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
+ EventRepresentation loginEvent = events.expectLogin().user(userId)
+ .detail(Details.USERNAME, "login-test")
+ .detail(Details.REMEMBER_ME, "true")
+ .assertEvent();
+ String sessionId = loginEvent.getSessionId();
+
+ // Expire session
+ testingClient.testing().removeUserSession("test", sessionId);
+
+ // Assert rememberMe checked and username/email prefilled
+ loginPage.open();
+ assertTrue(loginPage.isRememberMeChecked());
+ Assert.assertEquals("login-test", loginPage.getUsername());
+
+ //login without remember me
+ loginPage.setRememberMe(false);
+ loginPage.login("login-test", "password");
+
+ // Expire session
+ loginEvent = events.expectLogin().user(userId)
+ .detail(Details.USERNAME, "login-test")
+ .assertEvent();
+ sessionId = loginEvent.getSessionId();
+ testingClient.testing().removeUserSession("test", sessionId);
+
+ // Assert rememberMe not checked nor username/email prefilled
+ loginPage.open();
+ assertFalse(loginPage.isRememberMeChecked());
+ assertNotEquals("login-test", loginPage.getUsername());
+ } finally {
+ setRememberMe(false);
+ }
+ }
@Test
// KEYCLOAK-3181
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LogoutTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LogoutTest.java
index 1dd7aac..0810029 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LogoutTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LogoutTest.java
@@ -29,8 +29,10 @@ import org.keycloak.testsuite.pages.LoginPage;
import java.io.IOException;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertTrue;
+import org.keycloak.testsuite.auth.page.account.AccountManagement;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@@ -47,6 +49,9 @@ public class LogoutTest extends TestRealmKeycloakTest {
@Page
protected LoginPage loginPage;
+ @Page
+ protected AccountManagement accountManagementPage;
+
@Override
public void configureTestRealm(RealmRepresentation testRealm) {
}
@@ -130,4 +135,45 @@ public class LogoutTest extends TestRealmKeycloakTest {
events.expectLogin().session(sessionId3).removeDetail(Details.USERNAME).assertEvent();
}
+ //KEYCLOAK-2741
+ @Test
+ public void logoutWithRememberMe() {
+ setRememberMe(true);
+
+ try {
+ loginPage.open();
+ assertFalse(loginPage.isRememberMeChecked());
+ loginPage.setRememberMe(true);
+ assertTrue(loginPage.isRememberMeChecked());
+ loginPage.login("test-user@localhost", "password");
+
+ String sessionId = events.expectLogin().assertEvent().getSessionId();
+
+ // Expire session
+ testingClient.testing().removeUserSession("test", sessionId);
+
+ // Assert rememberMe checked and username/email prefilled
+ loginPage.open();
+ assertTrue(loginPage.isRememberMeChecked());
+ assertEquals("test-user@localhost", loginPage.getUsername());
+
+ loginPage.login("test-user@localhost", "password");
+
+ //log out
+ appPage.openAccount();
+ accountManagementPage.signOut();
+ // Assert rememberMe not checked nor username/email prefilled
+ assertTrue(loginPage.isCurrent());
+ assertFalse(loginPage.isRememberMeChecked());
+ assertNotEquals("test-user@localhost", loginPage.getUsername());
+ } finally {
+ setRememberMe(false);
+ }
+ }
+
+ private void setRememberMe(boolean enabled) {
+ RealmRepresentation rep = adminClient.realm("test").toRepresentation();
+ rep.setRememberMe(enabled);
+ adminClient.realm("test").update(rep);
+ }
}
