Disable webauthn buttons after click

Closes #41037

Signed-off-by: rmartinc <[email protected]>

Author: rmartinc

testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/WaitUtils.java

@@ -19,6 +19,7 @@
 import org.jboss.arquillian.graphene.wait.ElementBuilder;
 import org.keycloak.executors.ExecutorsProvider;
 import org.keycloak.testsuite.client.KeycloakTestingClient;
+import org.keycloak.testsuite.pages.AbstractPage;
 import org.openqa.selenium.By;
 import org.openqa.selenium.TimeoutException;
 import org.openqa.selenium.WebDriver;
@@ -91,6 +92,12 @@ public static void waitUntilElementClassContains(WebElement element, String valu
         );
     }
 
+    public static void waitUntilPageIsCurrent(AbstractPage page) {
+        WebDriver driver = getCurrentDriver();
+        WebDriverWait wait = new WebDriverWait(driver, Duration.ofMillis(PAGELOAD_TIMEOUT_MILLIS));
+        wait.until((WebDriver driver1) -> page.isCurrent());
+    }
+
     public static void pause(long millis) {
         if (millis > 0) {
             log.info("Wait: " + millis + "ms");

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/registration/AuthAttachmentRegisterTest.java

@@ -21,6 +21,7 @@
 import org.junit.Test;
 import org.junit.Ignore;
 import org.keycloak.testsuite.arquillian.annotation.IgnoreBrowserDriver;
+import org.keycloak.testsuite.util.WaitUtils;
 import org.keycloak.testsuite.webauthn.AbstractWebAuthnVirtualTest;
 import org.keycloak.testsuite.webauthn.utils.WebAuthnRealmData;
 import org.openqa.selenium.firefox.FirefoxDriver;
@@ -59,6 +60,7 @@ public void authenticatorAttachmentPlatform() throws IOException {
         try (Closeable u = getWebAuthnRealmUpdater()
                 .setWebAuthnPolicyAuthenticatorAttachment(AuthenticatorAttachment.PLATFORM.getValue())
                 .setWebAuthnPolicyUserVerificationRequirement(UserVerificationRequirement.DISCOURAGED.getValue())
+                .setWebAuthnPolicyCreateTimeout(3)
                 .update()) {
 
             // It shouldn't be possible to register the authenticator
@@ -70,12 +72,18 @@ public void authenticatorAttachmentPlatform() throws IOException {
 
             registerDefaultUser(false);
 
+            // Instead of returning an error it seems that selenium webauthn just hangs
+            // So we cannot test this correctly
             webAuthnRegisterPage.assertCurrent();
 
+            // click authentication again does nothing
             webAuthnRegisterPage.clickRegister();
+            webAuthnRegisterPage.clickRegister();
+            webAuthnRegisterPage.assertCurrent();
 
-            webAuthnErrorPage.assertCurrent();
-            assertThat(webAuthnErrorPage.getError(), containsString("A request is already pending."));
+            // it timeouts after create timeout
+            WaitUtils.waitUntilPageIsCurrent(webAuthnErrorPage);
+            assertThat(webAuthnErrorPage.getError(), containsString("The operation either timed out or was not allowed."));
         }
     }
 

themes/src/main/resources/theme/base/login/login-passkeys-conditional-authenticate.ftl

@@ -114,7 +114,7 @@
             };
             authButton.addEventListener("click", () => {
                 authenticateByWebAuthn(input);
-            });
+            }, { once: true });
 
             const args = {
                 isUserIdentified : ${isUserIdentified},

themes/src/main/resources/theme/base/login/passkeys.ftl

@@ -33,7 +33,7 @@
                authButton.addEventListener("click", (event) => {
                    event.preventDefault();
                    authenticateByWebAuthn({errmsg : "${msg("webauthn-unsupported-browser-text")?no_esc}", ...args});
-               });
+               }, { once: true });
            }
         </script>
         <a id="authenticateWebAuthnButton" href="#" class="${properties.kcButtonSecondaryClass!} ${properties.kcButtonBlockClass!} ${properties.kcMarginTopClass!}">

themes/src/main/resources/theme/base/login/webauthn-authenticate.ftl

@@ -89,7 +89,7 @@
                 errmsg : "${msg("webauthn-unsupported-browser-text")?no_esc}"
             };
             authenticateByWebAuthn(input);
-        });
+        }, { once: true });
     </script>
 
     <#elseif section = "info">

themes/src/main/resources/theme/base/login/webauthn-register.ftl

@@ -43,7 +43,7 @@
                     errmsg : "${msg("webauthn-unsupported-browser-text")?no_esc}"
                 };
                 registerByWebAuthn(input);
-            });
+            }, { once: true });
         </script>
 
         <input type="submit"

themes/src/main/resources/theme/keycloak.v2/login/webauthn-authenticate.ftl

@@ -116,7 +116,7 @@
                 errmsg : "${msg("webauthn-unsupported-browser-text")?no_esc}"
             };
             authenticateByWebAuthn(input);
-        });
+        }, { once: true });
     </script>
 
     <#elseif section = "info">

themes/src/main/resources/theme/keycloak.v2/login/webauthn-register.ftl

@@ -44,7 +44,7 @@
                     errmsg : "${msg("webauthn-unsupported-browser-text")?no_esc}"
                 };
                 registerByWebAuthn(input);
-            });
+            },  { once: true });
         </script>
 
             <@buttons.actionGroup horizontal=true>