authentik/tests/e2e/test_provider_oauth2_github.py

"""test OAuth Provider flow"""
from sys import platform
from time import sleep
from typing import Any, Dict, Optional
from unittest.case import skipUnless

from docker.types import Healthcheck
from selenium.webdriver.common.by import By
from selenium.webdriver.common.keys import Keys
from selenium.webdriver.support import expected_conditions as ec

from passbook.core.models import Application
from passbook.flows.models import Flow
from passbook.policies.expression.models import ExpressionPolicy
from passbook.policies.models import PolicyBinding
from passbook.providers.oauth2.generators import (
    generate_client_id,
    generate_client_secret,
)
from passbook.providers.oauth2.models import ClientTypes, OAuth2Provider, ResponseTypes
from tests.e2e.utils import USER, SeleniumTestCase, retry


@skipUnless(platform.startswith("linux"), "requires local docker")
class TestProviderOAuth2Github(SeleniumTestCase):
    """test OAuth Provider flow"""

    def setUp(self):
        self.client_id = generate_client_id()
        self.client_secret = generate_client_secret()
        super().setUp()

    def get_container_specs(self) -> Optional[Dict[str, Any]]:
        """Setup client grafana container which we test OAuth against"""
        return {
            "image": "docker.beryju.org/proxy/grafana/grafana:7.1.0",
            "detach": True,
            "network_mode": "host",
            "auto_remove": True,
            "healthcheck": Healthcheck(
                test=["CMD", "wget", "--spider", "http://localhost:3000"],
                interval=5 * 100 * 1000000,
                start_period=1 * 100 * 1000000,
            ),
            "environment": {
                "GF_AUTH_GITHUB_ENABLED": "true",
                "GF_AUTH_GITHUB_ALLOW_SIGN_UP": "true",
                "GF_AUTH_GITHUB_CLIENT_ID": self.client_id,
                "GF_AUTH_GITHUB_CLIENT_SECRET": self.client_secret,
                "GF_AUTH_GITHUB_SCOPES": "user:email,read:org",
                "GF_AUTH_GITHUB_AUTH_URL": self.url(
                    "passbook_providers_oauth2_github:github-authorize"
                ),
                "GF_AUTH_GITHUB_TOKEN_URL": self.url(
                    "passbook_providers_oauth2_github:github-access-token"
                ),
                "GF_AUTH_GITHUB_API_URL": self.url(
                    "passbook_providers_oauth2_github:github-user"
                ),
                "GF_LOG_LEVEL": "debug",
            },
        }

    @retry()
    def test_authorization_consent_implied(self):
        """test OAuth Provider flow (default authorization flow with implied consent)"""
        # Bootstrap all needed objects
        authorization_flow = Flow.objects.get(
            slug="default-provider-authorization-implicit-consent"
        )
        provider = OAuth2Provider.objects.create(
            name="grafana",
            client_id=self.client_id,
            client_secret=self.client_secret,
            client_type=ClientTypes.CONFIDENTIAL,
            response_type=ResponseTypes.CODE,
            redirect_uris="http://localhost:3000/login/github",
            authorization_flow=authorization_flow,
        )
        Application.objects.create(
            name="Grafana",
            slug="grafana",
            provider=provider,
        )

        self.driver.get("http://localhost:3000")
        self.driver.find_element(By.CLASS_NAME, "btn-service--github").click()
        self.driver.find_element(By.ID, "id_uid_field").click()
        self.driver.find_element(By.ID, "id_uid_field").send_keys(USER().username)
        self.driver.find_element(By.ID, "id_uid_field").send_keys(Keys.ENTER)
        self.driver.find_element(By.ID, "id_password").send_keys(USER().username)
        self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER)

        self.wait_for_url("http://localhost:3000/?orgId=1")
        self.driver.get("http://localhost:3000/profile")
        self.assertEqual(
            self.driver.find_element(By.CLASS_NAME, "page-header__title").text,
            USER().username,
        )
        self.assertEqual(
            self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute(
                "value"
            ),
            USER().username,
        )
        self.assertEqual(
            self.driver.find_element(
                By.CSS_SELECTOR, "input[name=email]"
            ).get_attribute("value"),
            USER().email,
        )
        self.assertEqual(
            self.driver.find_element(
                By.CSS_SELECTOR, "input[name=login]"
            ).get_attribute("value"),
            USER().username,
        )

    @retry()
    def test_authorization_consent_explicit(self):
        """test OAuth Provider flow (default authorization flow with explicit consent)"""
        # Bootstrap all needed objects
        authorization_flow = Flow.objects.get(
            slug="default-provider-authorization-explicit-consent"
        )
        provider = OAuth2Provider.objects.create(
            name="grafana",
            client_id=self.client_id,
            client_secret=self.client_secret,
            client_type=ClientTypes.CONFIDENTIAL,
            response_type=ResponseTypes.CODE,
            redirect_uris="http://localhost:3000/login/github",
            authorization_flow=authorization_flow,
        )
        app = Application.objects.create(
            name="Grafana",
            slug="grafana",
            provider=provider,
        )

        self.driver.get("http://localhost:3000")
        self.driver.find_element(By.CLASS_NAME, "btn-service--github").click()
        self.driver.find_element(By.ID, "id_uid_field").click()
        self.driver.find_element(By.ID, "id_uid_field").send_keys(USER().username)
        self.driver.find_element(By.ID, "id_uid_field").send_keys(Keys.ENTER)
        self.driver.find_element(By.ID, "id_password").send_keys(USER().username)
        self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER)

        sleep(1)

        self.assertEqual(
            app.name,
            self.driver.find_element(By.ID, "application-name").text,
        )
        self.assertEqual(
            "GitHub Compatibility: Access you Email addresses",
            self.driver.find_element(By.ID, "scope-user:email").text,
        )
        self.driver.find_element(
            By.CSS_SELECTOR,
            ("[type=submit]"),
        ).click()

        self.wait_for_url("http://localhost:3000/?orgId=1")
        self.driver.get("http://localhost:3000/profile")
        self.assertEqual(
            self.driver.find_element(By.CLASS_NAME, "page-header__title").text,
            USER().username,
        )
        self.assertEqual(
            self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute(
                "value"
            ),
            USER().username,
        )
        self.assertEqual(
            self.driver.find_element(
                By.CSS_SELECTOR, "input[name=email]"
            ).get_attribute("value"),
            USER().email,
        )
        self.assertEqual(
            self.driver.find_element(
                By.CSS_SELECTOR, "input[name=login]"
            ).get_attribute("value"),
            USER().username,
        )

    @retry()
    def test_denied(self):
        """test OAuth Provider flow (default authorization flow, denied)"""
        # Bootstrap all needed objects
        authorization_flow = Flow.objects.get(
            slug="default-provider-authorization-explicit-consent"
        )
        provider = OAuth2Provider.objects.create(
            name="grafana",
            client_id=self.client_id,
            client_secret=self.client_secret,
            client_type=ClientTypes.CONFIDENTIAL,
            response_type=ResponseTypes.CODE,
            redirect_uris="http://localhost:3000/login/github",
            authorization_flow=authorization_flow,
        )
        app = Application.objects.create(
            name="Grafana",
            slug="grafana",
            provider=provider,
        )

        negative_policy = ExpressionPolicy.objects.create(
            name="negative-static", expression="return False"
        )
        PolicyBinding.objects.create(target=app, policy=negative_policy, order=0)

        self.driver.get("http://localhost:3000")
        self.driver.find_element(By.CLASS_NAME, "btn-service--github").click()
        self.driver.find_element(By.ID, "id_uid_field").click()
        self.driver.find_element(By.ID, "id_uid_field").send_keys(USER().username)
        self.driver.find_element(By.ID, "id_uid_field").send_keys(Keys.ENTER)
        self.driver.find_element(By.ID, "id_password").send_keys(USER().username)
        self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER)

        self.wait.until(
            ec.presence_of_element_located((By.CSS_SELECTOR, "header > h1"))
        )
        self.assertEqual(
            self.driver.find_element(By.CSS_SELECTOR, "header > h1").text,
            "Permission denied",
        )
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`"""test OAuth Provider flow"""`
pytest (#209) 2020-09-11 21:21:11 +00:00			`from sys import platform`
e2e: add tests for TOTP Setup, static OTP Setup and otp validation 2020-09-25 17:39:49 +00:00			`from time import sleep`
pytest (#209) 2020-09-11 21:21:11 +00:00			`from typing import Any, Dict, Optional`
			`from unittest.case import skipUnless`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00
root: automate system migrations, move docker to lifecycle folder 2020-09-09 22:14:59 +00:00			`from docker.types import Healthcheck`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`from selenium.webdriver.common.by import By`
			`from selenium.webdriver.common.keys import Keys`
e2e: update e2e tests for new AccessDenied response 2020-09-15 08:29:59 +00:00			`from selenium.webdriver.support import expected_conditions as ec`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00
			`from passbook.core.models import Application`
			`from passbook.flows.models import Flow`
e2e: Add denied tests for oauth and oidc provider 2020-07-02 19:55:02 +00:00			`from passbook.policies.expression.models import ExpressionPolicy`
			`from passbook.policies.models import PolicyBinding`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`from passbook.providers.oauth2.generators import (`
			`generate_client_id,`
			`generate_client_secret,`
			`)`
			`from passbook.providers.oauth2.models import ClientTypes, OAuth2Provider, ResponseTypes`
tests: move integration tests into separate folder, add separate pipeline task 2020-11-19 13:25:53 +00:00			`from tests.e2e.utils import USER, SeleniumTestCase, retry`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00

pytest (#209) 2020-09-11 21:21:11 +00:00			`@skipUnless(platform.startswith("linux"), "requires local docker")`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`class TestProviderOAuth2Github(SeleniumTestCase):`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`"""test OAuth Provider flow"""`

			`def setUp(self):`
			`self.client_id = generate_client_id()`
			`self.client_secret = generate_client_secret()`
e2e: only initialise selenium after setting up container 2020-07-10 14:49:25 +00:00			`super().setUp()`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00
pytest (#209) 2020-09-11 21:21:11 +00:00			`def get_container_specs(self) -> Optional[Dict[str, Any]]:`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`"""Setup client grafana container which we test OAuth against"""`
pytest (#209) 2020-09-11 21:21:11 +00:00			`return {`
e2e: use docker proxy for test images 2020-10-26 23:34:30 +00:00			`"image": "docker.beryju.org/proxy/grafana/grafana:7.1.0",`
pytest (#209) 2020-09-11 21:21:11 +00:00			`"detach": True,`
			`"network_mode": "host",`
			`"auto_remove": True,`
			`"healthcheck": Healthcheck(`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`test=["CMD", "wget", "--spider", "http://localhost:3000"],`
			`interval=5 * 100 * 1000000,`
			`start_period=1 * 100 * 1000000,`
			`),`
pytest (#209) 2020-09-11 21:21:11 +00:00			`"environment": {`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`"GF_AUTH_GITHUB_ENABLED": "true",`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`"GF_AUTH_GITHUB_ALLOW_SIGN_UP": "true",`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`"GF_AUTH_GITHUB_CLIENT_ID": self.client_id,`
			`"GF_AUTH_GITHUB_CLIENT_SECRET": self.client_secret,`
			`"GF_AUTH_GITHUB_SCOPES": "user:email,read:org",`
e2e: SeleniumTestCase: add url() to reverse into full URL 2020-06-20 21:56:35 +00:00			`"GF_AUTH_GITHUB_AUTH_URL": self.url(`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`"passbook_providers_oauth2_github:github-authorize"`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`),`
e2e: SeleniumTestCase: add url() to reverse into full URL 2020-06-20 21:56:35 +00:00			`"GF_AUTH_GITHUB_TOKEN_URL": self.url(`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`"passbook_providers_oauth2_github:github-access-token"`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`),`
e2e: SeleniumTestCase: add url() to reverse into full URL 2020-06-20 21:56:35 +00:00			`"GF_AUTH_GITHUB_API_URL": self.url(`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`"passbook_providers_oauth2_github:github-user"`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`),`
			`"GF_LOG_LEVEL": "debug",`
			`},`
pytest (#209) 2020-09-11 21:21:11 +00:00			`}`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00
e2e: add @retry decorator to make e2e tests more reliable 2020-10-20 16:42:26 +00:00			`@retry()`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`def test_authorization_consent_implied(self):`
			`"""test OAuth Provider flow (default authorization flow with implied consent)"""`
			`# Bootstrap all needed objects`
			`authorization_flow = Flow.objects.get(`
			`slug="default-provider-authorization-implicit-consent"`
			`)`
			`provider = OAuth2Provider.objects.create(`
			`name="grafana",`
			`client_id=self.client_id,`
			`client_secret=self.client_secret,`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`client_type=ClientTypes.CONFIDENTIAL,`
			`response_type=ResponseTypes.CODE,`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`redirect_uris="http://localhost:3000/login/github",`
			`authorization_flow=authorization_flow,`
			`)`
			`Application.objects.create(`
*: apply new black styling 2020-09-30 17:34:22 +00:00			`name="Grafana",`
			`slug="grafana",`
			`provider=provider,`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`)`

			`self.driver.get("http://localhost:3000")`
			`self.driver.find_element(By.CLASS_NAME, "btn-service--github").click()`
			`self.driver.find_element(By.ID, "id_uid_field").click()`
			`self.driver.find_element(By.ID, "id_uid_field").send_keys(USER().username)`
			`self.driver.find_element(By.ID, "id_uid_field").send_keys(Keys.ENTER)`
			`self.driver.find_element(By.ID, "id_password").send_keys(USER().username)`
			`self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER)`
e2e: wait for grafana URL 2020-06-29 21:04:05 +00:00
			`self.wait_for_url("http://localhost:3000/?orgId=1")`
e2e: cleanup tests, remove XPATH selectors 2020-09-28 16:17:07 +00:00			`self.driver.get("http://localhost:3000/profile")`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`self.assertEqual(`
			`self.driver.find_element(By.CLASS_NAME, "page-header__title").text,`
			`USER().username,`
			`)`
			`self.assertEqual(`
sources/*: remove path-based import from all sources 2020-07-20 13:11:27 +00:00			`self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute(`
			`"value"`
			`),`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`USER().username,`
			`)`
			`self.assertEqual(`
			`self.driver.find_element(`
e2e: fix oauth/oidc tests not working with current grafana 2020-07-20 11:49:07 +00:00			`By.CSS_SELECTOR, "input[name=email]"`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`).get_attribute("value"),`
			`USER().email,`
			`)`
			`self.assertEqual(`
			`self.driver.find_element(`
e2e: fix oauth/oidc tests not working with current grafana 2020-07-20 11:49:07 +00:00			`By.CSS_SELECTOR, "input[name=login]"`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`).get_attribute("value"),`
			`USER().username,`
			`)`

e2e: add @retry decorator to make e2e tests more reliable 2020-10-20 16:42:26 +00:00			`@retry()`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`def test_authorization_consent_explicit(self):`
			`"""test OAuth Provider flow (default authorization flow with explicit consent)"""`
			`# Bootstrap all needed objects`
			`authorization_flow = Flow.objects.get(`
			`slug="default-provider-authorization-explicit-consent"`
			`)`
			`provider = OAuth2Provider.objects.create(`
			`name="grafana",`
			`client_id=self.client_id,`
			`client_secret=self.client_secret,`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`client_type=ClientTypes.CONFIDENTIAL,`
			`response_type=ResponseTypes.CODE,`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`redirect_uris="http://localhost:3000/login/github",`
			`authorization_flow=authorization_flow,`
			`)`
			`app = Application.objects.create(`
*: apply new black styling 2020-09-30 17:34:22 +00:00			`name="Grafana",`
			`slug="grafana",`
			`provider=provider,`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`)`

			`self.driver.get("http://localhost:3000")`
			`self.driver.find_element(By.CLASS_NAME, "btn-service--github").click()`
			`self.driver.find_element(By.ID, "id_uid_field").click()`
			`self.driver.find_element(By.ID, "id_uid_field").send_keys(USER().username)`
			`self.driver.find_element(By.ID, "id_uid_field").send_keys(Keys.ENTER)`
			`self.driver.find_element(By.ID, "id_password").send_keys(USER().username)`
			`self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER)`

ci: run e2e tests with failfast 2020-09-25 20:17:04 +00:00			`sleep(1)`

e2e: cleanup tests, remove XPATH selectors 2020-09-28 16:17:07 +00:00			`self.assertEqual(`
*: apply new black styling 2020-09-30 17:34:22 +00:00			`app.name,`
			`self.driver.find_element(By.ID, "application-name").text,`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`)`
			`self.assertEqual(`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`"GitHub Compatibility: Access you Email addresses",`
e2e: cleanup tests, remove XPATH selectors 2020-09-28 16:17:07 +00:00			`self.driver.find_element(By.ID, "scope-user:email").text,`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`)`
*: apply new black styling 2020-09-30 17:34:22 +00:00			`self.driver.find_element(`
			`By.CSS_SELECTOR,`
			`("[type=submit]"),`
			`).click()`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00
e2e: wait for grafana URL 2020-06-29 21:04:05 +00:00			`self.wait_for_url("http://localhost:3000/?orgId=1")`
e2e: cleanup tests, remove XPATH selectors 2020-09-28 16:17:07 +00:00			`self.driver.get("http://localhost:3000/profile")`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`self.assertEqual(`
			`self.driver.find_element(By.CLASS_NAME, "page-header__title").text,`
			`USER().username,`
			`)`
			`self.assertEqual(`
sources/*: remove path-based import from all sources 2020-07-20 13:11:27 +00:00			`self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute(`
			`"value"`
			`),`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`USER().username,`
			`)`
			`self.assertEqual(`
			`self.driver.find_element(`
e2e: fix oauth/oidc tests not working with current grafana 2020-07-20 11:49:07 +00:00			`By.CSS_SELECTOR, "input[name=email]"`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`).get_attribute("value"),`
			`USER().email,`
			`)`
			`self.assertEqual(`
			`self.driver.find_element(`
e2e: fix oauth/oidc tests not working with current grafana 2020-07-20 11:49:07 +00:00			`By.CSS_SELECTOR, "input[name=login]"`
e2e: add tests for oauth and saml provider 2020-06-20 21:53:05 +00:00			`).get_attribute("value"),`
			`USER().username,`
			`)`
e2e: Add denied tests for oauth and oidc provider 2020-07-02 19:55:02 +00:00
e2e: add @retry decorator to make e2e tests more reliable 2020-10-20 16:42:26 +00:00			`@retry()`
e2e: Add denied tests for oauth and oidc provider 2020-07-02 19:55:02 +00:00			`def test_denied(self):`
			`"""test OAuth Provider flow (default authorization flow, denied)"""`
			`# Bootstrap all needed objects`
			`authorization_flow = Flow.objects.get(`
			`slug="default-provider-authorization-explicit-consent"`
			`)`
			`provider = OAuth2Provider.objects.create(`
			`name="grafana",`
			`client_id=self.client_id,`
			`client_secret=self.client_secret,`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`client_type=ClientTypes.CONFIDENTIAL,`
			`response_type=ResponseTypes.CODE,`
e2e: Add denied tests for oauth and oidc provider 2020-07-02 19:55:02 +00:00			`redirect_uris="http://localhost:3000/login/github",`
			`authorization_flow=authorization_flow,`
			`)`
			`app = Application.objects.create(`
*: apply new black styling 2020-09-30 17:34:22 +00:00			`name="Grafana",`
			`slug="grafana",`
			`provider=provider,`
e2e: Add denied tests for oauth and oidc provider 2020-07-02 19:55:02 +00:00			`)`

			`negative_policy = ExpressionPolicy.objects.create(`
			`name="negative-static", expression="return False"`
			`)`
			`PolicyBinding.objects.create(target=app, policy=negative_policy, order=0)`

			`self.driver.get("http://localhost:3000")`
			`self.driver.find_element(By.CLASS_NAME, "btn-service--github").click()`
			`self.driver.find_element(By.ID, "id_uid_field").click()`
			`self.driver.find_element(By.ID, "id_uid_field").send_keys(USER().username)`
			`self.driver.find_element(By.ID, "id_uid_field").send_keys(Keys.ENTER)`
			`self.driver.find_element(By.ID, "id_password").send_keys(USER().username)`
			`self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER)`
e2e: update e2e tests for new AccessDenied response 2020-09-15 08:29:59 +00:00
			`self.wait.until(`
			`ec.presence_of_element_located((By.CSS_SELECTOR, "header > h1"))`
			`)`
e2e: Add denied tests for oauth and oidc provider 2020-07-02 19:55:02 +00:00			`self.assertEqual(`
e2e: add tests for OAuth Source, update tests for new base templates 2020-07-08 22:41:14 +00:00			`self.driver.find_element(By.CSS_SELECTOR, "header > h1").text,`
e2e: Add denied tests for oauth and oidc provider 2020-07-02 19:55:02 +00:00			`"Permission denied",`
			`)`