trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/tests/e2e/test_provider_saml.py

309 lines
12 KiB
Python
Raw Normal View History

e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
"""test SAML Provider flow"""
e2e: update for new saml-test-sp, pull image before run
2020-09-29 09:55:10 +00:00
from json import loads
pytest (#209)
2020-09-11 21:21:11 +00:00
from sys import platform
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
from time import sleep
pytest (#209)
2020-09-11 21:21:11 +00:00
from unittest.case import skipUnless
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
root: automate system migrations, move docker to lifecycle folder
2020-09-09 22:14:59 +00:00
from docker import DockerClient, from_env
from docker.models.containers import Container
from docker.types import Healthcheck
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
from selenium.webdriver.common.by import By
e2e: update e2e tests for new AccessDenied response
2020-09-15 08:29:59 +00:00
from selenium.webdriver.support import expected_conditions as ec
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * *: new sentry dsn * tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject
2020-12-05 21:08:42 +00:00
from authentik.core.models import Application
root: Random tests (#1825) * root: add pytest-randomly to randomise tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate flows for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate users for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: use generated certificate Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: keep containers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: use websockets test case Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 21:56:02 +00:00
from authentik.core.tests.utils import create_test_cert
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * *: new sentry dsn * tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject
2020-12-05 21:08:42 +00:00
from authentik.flows.models import Flow
from authentik.policies.expression.models import ExpressionPolicy
from authentik.policies.models import PolicyBinding
root: reformat to 100 line width Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 15:45:16 +00:00
from authentik.providers.saml.models import SAMLBindings, SAMLPropertyMapping, SAMLProvider
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
pytest (#209)
2020-09-11 21:21:11 +00:00
@skipUnless(platform.startswith("linux"), "requires local docker")
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
class TestProviderSAML(SeleniumTestCase):
"""test SAML Provider flow"""
container: Container
def setup_client(self, provider: SAMLProvider) -> Container:
"""Setup client saml-sp container which we test SAML against"""
client: DockerClient = from_env()
container = client.containers.run(
tests/e2e: use vanity urls Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 10:38:23 +00:00
image="beryju.org/saml-test-sp:latest",
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
detach=True,
network_mode="host",
auto_remove=True,
healthcheck=Healthcheck(
test=["CMD", "wget", "--spider", "http://localhost:9009/health"],
interval=5 * 100 * 1000000,
start_period=1 * 100 * 1000000,
),
environment={
"SP_ENTITY_ID": provider.issuer,
"SP_SSO_BINDING": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
"SP_METADATA_URL": (
e2e: SeleniumTestCase: add url() to reverse into full URL
2020-06-20 21:56:35 +00:00
self.url(
providers/saml: fix metadata download not being unauthenticated Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 18:16:07 +00:00
"authentik_api:samlprovider-metadata",
pk=provider.pk,
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
)
providers/saml: fix metadata download not being unauthenticated Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 18:16:07 +00:00
+ "?download"
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
),
},
)
while True:
container.reload()
status = container.attrs.get("State", {}).get("Health", {}).get("Status")
if status == "healthy":
return container
tests/e2e: remove logger Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 18:25:31 +00:00
self.logger.info("Container failed healthcheck")
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
sleep(1)
e2e: add @retry decorator to make e2e tests more reliable
2020-10-20 16:42:26 +00:00
@retry()
tests/e2e: fix other provider tests
2021-02-27 23:08:57 +00:00
@apply_migration("authentik_flows", "0008_default_flows")
tests/e2e: fix flow titles not being set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 07:48:45 +00:00
@apply_migration("authentik_flows", "0011_flow_title")
tests/e2e: fix other provider tests
2021-02-27 23:08:57 +00:00
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
def test_sp_initiated_implicit(self):
"""test SAML Provider flow SP-initiated flow (implicit consent)"""
# Bootstrap all needed objects
authorization_flow = Flow.objects.get(
slug="default-provider-authorization-implicit-consent"
)
provider: SAMLProvider = SAMLProvider.objects.create(
name="saml-test",
acs_url="http://localhost:9009/saml/acs",
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * *: new sentry dsn * tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject
2020-12-05 21:08:42 +00:00
audience="authentik-e2e",
issuer="authentik-e2e",
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
sp_binding=SAMLBindings.POST,
authorization_flow=authorization_flow,
root: Random tests (#1825) * root: add pytest-randomly to randomise tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate flows for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate users for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: use generated certificate Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: keep containers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: use websockets test case Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 21:56:02 +00:00
signing_kp=create_test_cert(),
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
)
provider.property_mappings.set(SAMLPropertyMapping.objects.all())
provider.save()
Application.objects.create(
*: apply new black styling
2020-09-30 17:34:22 +00:00
name="SAML",
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * *: new sentry dsn * tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject
2020-12-05 21:08:42 +00:00
slug="authentik-saml",
*: apply new black styling
2020-09-30 17:34:22 +00:00
provider=provider,
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
)
self.container = self.setup_client(provider)
self.driver.get("http://localhost:9009")
tests/e2e: fix URLs, use self.login()
2021-02-27 17:48:41 +00:00
self.login()
e2e: saml provider: wait for URL
2020-06-29 20:11:50 +00:00
self.wait_for_url("http://localhost:9009/")
e2e: update for new saml-test-sp, pull image before run
2020-09-29 09:55:10 +00:00
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
self.assertEqual(
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.name],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"][
"http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"
],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.username],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/username"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.username],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/uid"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[str(self.user.pk)],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
root: reformat to 100 line width Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 15:45:16 +00:00
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.email],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.email],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
e2e: add @retry decorator to make e2e tests more reliable
2020-10-20 16:42:26 +00:00
@retry()
tests/e2e: fix other provider tests
2021-02-27 23:08:57 +00:00
@apply_migration("authentik_flows", "0008_default_flows")
tests/e2e: fix flow titles not being set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 07:48:45 +00:00
@apply_migration("authentik_flows", "0011_flow_title")
tests/e2e: fix other provider tests
2021-02-27 23:08:57 +00:00
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
def test_sp_initiated_explicit(self):
"""test SAML Provider flow SP-initiated flow (explicit consent)"""
# Bootstrap all needed objects
authorization_flow = Flow.objects.get(
slug="default-provider-authorization-explicit-consent"
)
provider: SAMLProvider = SAMLProvider.objects.create(
name="saml-test",
acs_url="http://localhost:9009/saml/acs",
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * *: new sentry dsn * tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject
2020-12-05 21:08:42 +00:00
audience="authentik-e2e",
issuer="authentik-e2e",
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
sp_binding=SAMLBindings.POST,
authorization_flow=authorization_flow,
root: Random tests (#1825) * root: add pytest-randomly to randomise tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate flows for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate users for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: use generated certificate Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: keep containers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: use websockets test case Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 21:56:02 +00:00
signing_kp=create_test_cert(),
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
)
provider.property_mappings.set(SAMLPropertyMapping.objects.all())
provider.save()
app = Application.objects.create(
*: apply new black styling
2020-09-30 17:34:22 +00:00
name="SAML",
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * *: new sentry dsn * tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject
2020-12-05 21:08:42 +00:00
slug="authentik-saml",
*: apply new black styling
2020-09-30 17:34:22 +00:00
provider=provider,
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
)
self.container = self.setup_client(provider)
self.driver.get("http://localhost:9009")
tests/e2e: fix URLs, use self.login()
2021-02-27 17:48:41 +00:00
self.login()
tests/e2e: fix more test, add requirements for crypto
2021-02-27 22:33:15 +00:00
root: reformat to 100 line width Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 15:45:16 +00:00
self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor")))
tests/e2e: fix more test, add requirements for crypto
2021-02-27 22:33:15 +00:00
flow_executor = self.get_shadow_root("ak-flow-executor")
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
self.assertIn(
*: apply new black styling
2020-09-30 17:34:22 +00:00
app.name,
tests/e2e: fix more test, add requirements for crypto
2021-02-27 22:33:15 +00:00
consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
)
tests/e2e: fix more test, add requirements for crypto
2021-02-27 22:33:15 +00:00
consent_stage.find_element(
By.CSS_SELECTOR,
("[type=submit]"),
).click()
e2e: saml provider: wait for URL
2020-06-29 20:11:50 +00:00
self.wait_for_url("http://localhost:9009/")
e2e: update for new saml-test-sp, pull image before run
2020-09-29 09:55:10 +00:00
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
self.assertEqual(
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.name],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"][
"http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"
],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.username],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/username"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.username],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/uid"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[str(self.user.pk)],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
root: reformat to 100 line width Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 15:45:16 +00:00
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.email],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.email],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
e2e: add @retry decorator to make e2e tests more reliable
2020-10-20 16:42:26 +00:00
@retry()
tests/e2e: fix other provider tests
2021-02-27 23:08:57 +00:00
@apply_migration("authentik_flows", "0008_default_flows")
tests/e2e: fix flow titles not being set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 07:48:45 +00:00
@apply_migration("authentik_flows", "0011_flow_title")
tests/e2e: fix other provider tests
2021-02-27 23:08:57 +00:00
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
def test_idp_initiated_implicit(self):
"""test SAML Provider flow IdP-initiated flow (implicit consent)"""
# Bootstrap all needed objects
authorization_flow = Flow.objects.get(
slug="default-provider-authorization-implicit-consent"
)
provider: SAMLProvider = SAMLProvider.objects.create(
name="saml-test",
acs_url="http://localhost:9009/saml/acs",
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * *: new sentry dsn * tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject
2020-12-05 21:08:42 +00:00
audience="authentik-e2e",
issuer="authentik-e2e",
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
sp_binding=SAMLBindings.POST,
authorization_flow=authorization_flow,
root: Random tests (#1825) * root: add pytest-randomly to randomise tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate flows for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate users for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: use generated certificate Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: keep containers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: use websockets test case Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 21:56:02 +00:00
signing_kp=create_test_cert(),
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
)
provider.property_mappings.set(SAMLPropertyMapping.objects.all())
provider.save()
Application.objects.create(
*: apply new black styling
2020-09-30 17:34:22 +00:00
name="SAML",
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * *: new sentry dsn * tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject
2020-12-05 21:08:42 +00:00
slug="authentik-saml",
*: apply new black styling
2020-09-30 17:34:22 +00:00
provider=provider,
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
)
self.container = self.setup_client(provider)
self.driver.get(
e2e: SeleniumTestCase: add url() to reverse into full URL
2020-06-20 21:56:35 +00:00
self.url(
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * *: new sentry dsn * tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject
2020-12-05 21:08:42 +00:00
"authentik_providers_saml:sso-init",
e2e: SeleniumTestCase: add url() to reverse into full URL
2020-06-20 21:56:35 +00:00
application_slug=provider.application.slug,
e2e: add tests for oauth and saml provider
2020-06-20 21:53:05 +00:00
)
)
tests/e2e: fix URLs, use self.login()
2021-02-27 17:48:41 +00:00
self.login()
admin: fix get_form_class
2020-09-29 09:42:34 +00:00
sleep(1)
e2e: saml provider: wait for URL
2020-06-29 20:11:50 +00:00
self.wait_for_url("http://localhost:9009/")
e2e: update for new saml-test-sp, pull image before run
2020-09-29 09:55:10 +00:00
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
self.assertEqual(
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.name],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"][
"http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"
],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.username],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/username"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.username],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/uid"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[str(self.user.pk)],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
root: reformat to 100 line width Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 15:45:16 +00:00
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.email],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
self.assertEqual(
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"],
tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 20:30:02 +00:00
[self.user.email],
Managed objects (#519) * managed: add base manager and Ops * core: use ManagedModel for Token and PropertyMapping * providers/saml: implement managed objects for SAML Provider * sources/ldap: migrate to managed * providers/oauth2: migrate to managed * providers/proxy: migrate to managed * *: load .managed in apps * managed: add reconcile task, run on startup * providers/oauth2: fix import path for managed * providers/saml: don't set FriendlyName when mapping is none * *: use ObjectManager in tests to ensure objects exist * ci: use vmImage ubuntu-latest * providers/saml: add new mapping for username and user id * tests: remove docker proxy * tests/e2e: use updated attribute names * docs: update SAML docs * tests/e2e: fix remaining saml cases * outposts: make tokens as managed * *: make PropertyMapping SerializerModel * web: add page for property-mappings * web: add codemirror to common_styles because codemirror * docs: fix member-of in nextcloud * docs: nextcloud add admin * web: fix refresh reloading data two times * web: add loading lock to table to prevent double loads * web: add ability to use null in QueryArgs (value will be skipped) * web: add hide option to property mappings * web: fix linting
2021-02-03 20:18:31 +00:00
)
e2e/provider/saml: add negative case
2020-07-02 11:48:21 +00:00
e2e: add @retry decorator to make e2e tests more reliable
2020-10-20 16:42:26 +00:00
@retry()
tests/e2e: fix other provider tests
2021-02-27 23:08:57 +00:00
@apply_migration("authentik_flows", "0008_default_flows")
tests/e2e: fix flow titles not being set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 07:48:45 +00:00
@apply_migration("authentik_flows", "0011_flow_title")
tests/e2e: fix other provider tests
2021-02-27 23:08:57 +00:00
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
e2e/provider/saml: add negative case
2020-07-02 11:48:21 +00:00
def test_sp_initiated_denied(self):
"""test SAML Provider flow SP-initiated flow (Policy denies access)"""
# Bootstrap all needed objects
authorization_flow = Flow.objects.get(
slug="default-provider-authorization-implicit-consent"
)
negative_policy = ExpressionPolicy.objects.create(
name="negative-static", expression="return False"
)
provider: SAMLProvider = SAMLProvider.objects.create(
name="saml-test",
acs_url="http://localhost:9009/saml/acs",
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * *: new sentry dsn * tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject
2020-12-05 21:08:42 +00:00
audience="authentik-e2e",
issuer="authentik-e2e",
e2e/provider/saml: add negative case
2020-07-02 11:48:21 +00:00
sp_binding=SAMLBindings.POST,
authorization_flow=authorization_flow,
root: Random tests (#1825) * root: add pytest-randomly to randomise tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate flows for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate users for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: use generated certificate Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: keep containers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: use websockets test case Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 21:56:02 +00:00
signing_kp=create_test_cert(),
e2e/provider/saml: add negative case
2020-07-02 11:48:21 +00:00
)
provider.property_mappings.set(SAMLPropertyMapping.objects.all())
provider.save()
app = Application.objects.create(
*: apply new black styling
2020-09-30 17:34:22 +00:00
name="SAML",
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * *: new sentry dsn * tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject
2020-12-05 21:08:42 +00:00
slug="authentik-saml",
*: apply new black styling
2020-09-30 17:34:22 +00:00
provider=provider,
e2e/provider/saml: add negative case
2020-07-02 11:48:21 +00:00
)
PolicyBinding.objects.create(target=app, policy=negative_policy, order=0)
self.container = self.setup_client(provider)
self.driver.get("http://localhost:9009/")
tests/e2e: fix URLs, use self.login()
2021-02-27 17:48:41 +00:00
self.login()
e2e: update e2e tests for new AccessDenied response
2020-09-15 08:29:59 +00:00
root: reformat to 100 line width Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 15:45:16 +00:00
self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "header > h1")))
e2e/provider/saml: add negative case
2020-07-02 11:48:21 +00:00
self.assertEqual(
e2e: add tests for OAuth Source, update tests for new base templates
2020-07-08 22:41:14 +00:00
self.driver.find_element(By.CSS_SELECTOR, "header > h1").text,
e2e/provider/saml: add negative case
2020-07-02 11:48:21 +00:00
"Permission denied",
)