tests/e2e: ensure akadmin is not used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
parent
b2d2e7cbc8
commit
060f19ce06
|
|
@ -17,7 +17,7 @@ from authentik.flows.models import Flow, FlowStageBinding
|
|||
from authentik.stages.authenticator_static.models import AuthenticatorStaticStage
|
||||
from authentik.stages.authenticator_totp.models import AuthenticatorTOTPStage
|
||||
from authentik.stages.authenticator_validate.models import AuthenticatorValidateStage
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
|
|
@ -32,8 +32,7 @@ class TestFlowsAuthenticator(SeleniumTestCase):
|
|||
"""test flow with otp stages"""
|
||||
sleep(1)
|
||||
# Setup TOTP Device
|
||||
user = USER()
|
||||
device = TOTPDevice.objects.create(user=user, confirmed=True, digits=6)
|
||||
device = TOTPDevice.objects.create(user=self.user, confirmed=True, digits=6)
|
||||
|
||||
flow: Flow = Flow.objects.get(slug="default-authentication-flow")
|
||||
FlowStageBinding.objects.create(
|
||||
|
|
@ -53,7 +52,7 @@ class TestFlowsAuthenticator(SeleniumTestCase):
|
|||
code_stage.find_element(By.CSS_SELECTOR, "input[name=code]").send_keys(totp.token())
|
||||
code_stage.find_element(By.CSS_SELECTOR, "input[name=code]").send_keys(Keys.ENTER)
|
||||
self.wait_for_url(self.if_user_url("/library"))
|
||||
self.assert_user(USER())
|
||||
self.assert_user(self.user)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp")
|
||||
|
|
@ -68,7 +67,7 @@ class TestFlowsAuthenticator(SeleniumTestCase):
|
|||
self.login()
|
||||
|
||||
self.wait_for_url(self.if_user_url("/library"))
|
||||
self.assert_user(USER())
|
||||
self.assert_user(self.user)
|
||||
|
||||
self.driver.get(
|
||||
self.url(
|
||||
|
|
@ -98,7 +97,7 @@ class TestFlowsAuthenticator(SeleniumTestCase):
|
|||
totp_stage.find_element(By.CSS_SELECTOR, "input[name=code]").send_keys(Keys.ENTER)
|
||||
sleep(3)
|
||||
|
||||
self.assertTrue(TOTPDevice.objects.filter(user=USER(), confirmed=True).exists())
|
||||
self.assertTrue(TOTPDevice.objects.filter(user=self.user, confirmed=True).exists())
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp")
|
||||
|
|
@ -113,7 +112,7 @@ class TestFlowsAuthenticator(SeleniumTestCase):
|
|||
self.login()
|
||||
|
||||
self.wait_for_url(self.if_user_url("/library"))
|
||||
self.assert_user(USER())
|
||||
self.assert_user(self.user)
|
||||
|
||||
self.driver.get(
|
||||
self.url(
|
||||
|
|
@ -134,6 +133,6 @@ class TestFlowsAuthenticator(SeleniumTestCase):
|
|||
self.wait_for_url(destination_url)
|
||||
sleep(1)
|
||||
|
||||
self.assertTrue(StaticDevice.objects.filter(user=USER(), confirmed=True).exists())
|
||||
device = StaticDevice.objects.filter(user=USER(), confirmed=True).first()
|
||||
self.assertTrue(StaticDevice.objects.filter(user=self.user, confirmed=True).exists())
|
||||
device = StaticDevice.objects.filter(user=self.user, confirmed=True).first()
|
||||
self.assertTrue(StaticToken.objects.filter(token=token, device=device).exists())
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ from authentik.stages.identification.models import IdentificationStage
|
|||
from authentik.stages.prompt.models import FieldTypes, Prompt, PromptStage
|
||||
from authentik.stages.user_login.models import UserLoginStage
|
||||
from authentik.stages.user_write.models import UserWriteStage
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
|
|
@ -218,10 +218,10 @@ class TestFlowsEnroll(SeleniumTestCase):
|
|||
wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "input[name=username]")))
|
||||
prompt_stage.find_element(By.CSS_SELECTOR, "input[name=username]").send_keys("foo")
|
||||
prompt_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys(
|
||||
USER().username
|
||||
self.user.username
|
||||
)
|
||||
prompt_stage.find_element(By.CSS_SELECTOR, "input[name=password_repeat]").send_keys(
|
||||
USER().username
|
||||
self.user.username
|
||||
)
|
||||
prompt_stage.find_element(By.CSS_SELECTOR, ".pf-c-button").click()
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
from sys import platform
|
||||
from unittest.case import skipUnless
|
||||
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
|
|
@ -23,4 +23,4 @@ class TestFlowsLogin(SeleniumTestCase):
|
|||
)
|
||||
self.login()
|
||||
self.wait_for_url(self.if_user_url("/library"))
|
||||
self.assert_user(USER())
|
||||
self.assert_user(self.user)
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ from authentik.core.models import User
|
|||
from authentik.flows.models import Flow, FlowDesignation
|
||||
from authentik.lib.generators import generate_key
|
||||
from authentik.stages.password.models import PasswordStage
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
|
|
@ -63,6 +63,6 @@ class TestFlowsStageSetup(SeleniumTestCase):
|
|||
)
|
||||
|
||||
self.wait_for_url(self.if_user_url("/library"))
|
||||
# Because USER() is cached, we need to get the user manually here
|
||||
user = User.objects.get(username=USER().username)
|
||||
# Because self.user is cached, we need to get the user manually here
|
||||
user = User.objects.get(username=self.user.username)
|
||||
self.assertTrue(user.check_password(new_password))
|
||||
|
|
|
|||
|
|
@ -11,7 +11,6 @@ from ldap3 import ALL, ALL_ATTRIBUTES, ALL_OPERATIONAL_ATTRIBUTES, SUBTREE, Conn
|
|||
from ldap3.core.exceptions import LDAPInvalidCredentialsResult
|
||||
|
||||
from authentik.core.models import Application, User
|
||||
from authentik.core.tests.utils import create_test_admin_user
|
||||
from authentik.events.models import Event, EventAction
|
||||
from authentik.flows.models import Flow
|
||||
from authentik.outposts.managed import MANAGED_OUTPOST
|
||||
|
|
@ -49,14 +48,13 @@ class TestProviderLDAP(SeleniumTestCase):
|
|||
def _prepare(self) -> User:
|
||||
"""prepare user, provider, app and container"""
|
||||
# set additionalHeaders to test later
|
||||
user = create_test_admin_user(set_password=True)
|
||||
user.attributes["extraAttribute"] = "bar"
|
||||
user.save()
|
||||
self.user.attributes["extraAttribute"] = "bar"
|
||||
self.user.save()
|
||||
|
||||
ldap: LDAPProvider = LDAPProvider.objects.create(
|
||||
name="ldap_provider",
|
||||
authorization_flow=Flow.objects.get(slug="default-authentication-flow"),
|
||||
search_group=user.ak_groups.first(),
|
||||
search_group=self.user.ak_groups.first(),
|
||||
search_mode=SearchModes.CACHED,
|
||||
)
|
||||
# we need to create an application to actually access the ldap
|
||||
|
|
@ -80,7 +78,7 @@ class TestProviderLDAP(SeleniumTestCase):
|
|||
healthcheck_retries += 1
|
||||
sleep(0.5)
|
||||
sleep(5)
|
||||
return user, outpost
|
||||
return outpost
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp")
|
||||
|
|
@ -88,22 +86,22 @@ class TestProviderLDAP(SeleniumTestCase):
|
|||
@object_manager
|
||||
def test_ldap_bind_success(self):
|
||||
"""Test simple bind"""
|
||||
user, _ = self._prepare()
|
||||
self._prepare()
|
||||
server = Server("ldap://localhost:3389", get_info=ALL)
|
||||
_connection = Connection(
|
||||
server,
|
||||
raise_exceptions=True,
|
||||
user=f"cn={user.username},ou=users,DC=ldap,DC=goauthentik,DC=io",
|
||||
password=user.username,
|
||||
user=f"cn={self.user.username},ou=users,DC=ldap,DC=goauthentik,DC=io",
|
||||
password=self.user.username,
|
||||
)
|
||||
_connection.bind()
|
||||
self.assertTrue(
|
||||
Event.objects.filter(
|
||||
action=EventAction.LOGIN,
|
||||
user={
|
||||
"pk": user.pk,
|
||||
"email": user.email,
|
||||
"username": user.username,
|
||||
"pk": self.user.pk,
|
||||
"email": self.user.email,
|
||||
"username": self.user.username,
|
||||
},
|
||||
)
|
||||
)
|
||||
|
|
@ -114,22 +112,22 @@ class TestProviderLDAP(SeleniumTestCase):
|
|||
@object_manager
|
||||
def test_ldap_bind_success_ssl(self):
|
||||
"""Test simple bind with ssl"""
|
||||
user, _ = self._prepare()
|
||||
self._prepare()
|
||||
server = Server("ldaps://localhost:6636", get_info=ALL)
|
||||
_connection = Connection(
|
||||
server,
|
||||
raise_exceptions=True,
|
||||
user=f"cn={user.username},ou=users,DC=ldap,DC=goauthentik,DC=io",
|
||||
password=user.username,
|
||||
user=f"cn={self.user.username},ou=users,DC=ldap,DC=goauthentik,DC=io",
|
||||
password=self.user.username,
|
||||
)
|
||||
_connection.bind()
|
||||
self.assertTrue(
|
||||
Event.objects.filter(
|
||||
action=EventAction.LOGIN,
|
||||
user={
|
||||
"pk": user.pk,
|
||||
"email": user.email,
|
||||
"username": user.username,
|
||||
"pk": self.user.pk,
|
||||
"email": self.user.email,
|
||||
"username": self.user.username,
|
||||
},
|
||||
)
|
||||
)
|
||||
|
|
@ -140,13 +138,13 @@ class TestProviderLDAP(SeleniumTestCase):
|
|||
@object_manager
|
||||
def test_ldap_bind_fail(self):
|
||||
"""Test simple bind (failed)"""
|
||||
user, _ = self._prepare()
|
||||
self._prepare()
|
||||
server = Server("ldap://localhost:3389", get_info=ALL)
|
||||
_connection = Connection(
|
||||
server,
|
||||
raise_exceptions=True,
|
||||
user=f"cn={user.username},ou=users,DC=ldap,DC=goauthentik,DC=io",
|
||||
password=user.username + "fqwerwqer",
|
||||
user=f"cn={self.user.username},ou=users,DC=ldap,DC=goauthentik,DC=io",
|
||||
password=self.user.username + "fqwerwqer",
|
||||
)
|
||||
with self.assertRaises(LDAPInvalidCredentialsResult):
|
||||
_connection.bind()
|
||||
|
|
@ -164,27 +162,29 @@ class TestProviderLDAP(SeleniumTestCase):
|
|||
@object_manager
|
||||
def test_ldap_bind_search(self):
|
||||
"""Test simple bind + search"""
|
||||
user, outpost = self._prepare()
|
||||
outpost = self._prepare()
|
||||
server = Server("ldap://localhost:3389", get_info=ALL)
|
||||
_connection = Connection(
|
||||
server,
|
||||
raise_exceptions=True,
|
||||
user=f"cn={user.username},ou=users,dc=ldap,dc=goauthentik,dc=io",
|
||||
password=user.username,
|
||||
user=f"cn={self.user.username},ou=users,dc=ldap,dc=goauthentik,dc=io",
|
||||
password=self.user.username,
|
||||
)
|
||||
_connection.bind()
|
||||
self.assertTrue(
|
||||
Event.objects.filter(
|
||||
action=EventAction.LOGIN,
|
||||
user={
|
||||
"pk": user.pk,
|
||||
"email": user.email,
|
||||
"username": user.username,
|
||||
"pk": self.user.pk,
|
||||
"email": self.user.email,
|
||||
"username": self.user.username,
|
||||
},
|
||||
)
|
||||
)
|
||||
|
||||
embedded_account = Outpost.objects.filter(managed=MANAGED_OUTPOST).first().user
|
||||
# Remove akadmin to ensure list is correct
|
||||
User.objects.filter(username="akadmin").delete()
|
||||
|
||||
_connection.search(
|
||||
"ou=users,dc=ldap,dc=goauthentik,dc=io",
|
||||
|
|
@ -256,25 +256,25 @@ class TestProviderLDAP(SeleniumTestCase):
|
|||
"type": "searchResEntry",
|
||||
},
|
||||
{
|
||||
"dn": f"cn={user.username},ou=users,dc=ldap,dc=goauthentik,dc=io",
|
||||
"dn": f"cn={self.user.username},ou=users,dc=ldap,dc=goauthentik,dc=io",
|
||||
"attributes": {
|
||||
"cn": [user.username],
|
||||
"sAMAccountName": [user.username],
|
||||
"uid": [user.uid],
|
||||
"name": [user.name],
|
||||
"displayName": [user.name],
|
||||
"mail": [user.email],
|
||||
"cn": [self.user.username],
|
||||
"sAMAccountName": [self.user.username],
|
||||
"uid": [self.user.uid],
|
||||
"name": [self.user.name],
|
||||
"displayName": [self.user.name],
|
||||
"mail": [self.user.email],
|
||||
"objectClass": [
|
||||
"user",
|
||||
"organizationalPerson",
|
||||
"inetOrgPerson",
|
||||
"goauthentik.io/ldap/user",
|
||||
],
|
||||
"uidNumber": [str(2000 + user.pk)],
|
||||
"gidNumber": [str(2000 + user.pk)],
|
||||
"uidNumber": [str(2000 + self.user.pk)],
|
||||
"gidNumber": [str(2000 + self.user.pk)],
|
||||
"memberOf": [
|
||||
f"cn={group.name},ou=groups,dc=ldap,dc=goauthentik,dc=io"
|
||||
for group in user.ak_groups.all()
|
||||
for group in self.user.ak_groups.all()
|
||||
],
|
||||
"accountStatus": ["true"],
|
||||
"superuser": ["true"],
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ from authentik.lib.generators import generate_id, generate_key
|
|||
from authentik.policies.expression.models import ExpressionPolicy
|
||||
from authentik.policies.models import PolicyBinding
|
||||
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
|
|
@ -89,19 +89,19 @@ class TestProviderOAuth2Github(SeleniumTestCase):
|
|||
self.driver.get("http://localhost:3000/profile")
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CLASS_NAME, "page-header__title").text,
|
||||
USER().username,
|
||||
self.user.username,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute("value"),
|
||||
USER().username,
|
||||
self.user.username,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=email]").get_attribute("value"),
|
||||
USER().email,
|
||||
self.user.email,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=login]").get_attribute("value"),
|
||||
USER().username,
|
||||
self.user.username,
|
||||
)
|
||||
|
||||
@retry()
|
||||
|
|
@ -157,19 +157,19 @@ class TestProviderOAuth2Github(SeleniumTestCase):
|
|||
self.driver.get("http://localhost:3000/profile")
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CLASS_NAME, "page-header__title").text,
|
||||
USER().username,
|
||||
self.user.username,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute("value"),
|
||||
USER().username,
|
||||
self.user.username,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=email]").get_attribute("value"),
|
||||
USER().email,
|
||||
self.user.email,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=login]").get_attribute("value"),
|
||||
USER().username,
|
||||
self.user.username,
|
||||
)
|
||||
|
||||
@retry()
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ from authentik.providers.oauth2.constants import (
|
|||
SCOPE_OPENID_PROFILE,
|
||||
)
|
||||
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
|
|
@ -147,19 +147,19 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
|||
self.driver.get("http://localhost:3000/profile")
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CLASS_NAME, "page-header__title").text,
|
||||
USER().name,
|
||||
self.user.name,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute("value"),
|
||||
USER().name,
|
||||
self.user.name,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=email]").get_attribute("value"),
|
||||
USER().email,
|
||||
self.user.email,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=login]").get_attribute("value"),
|
||||
USER().email,
|
||||
self.user.email,
|
||||
)
|
||||
|
||||
@retry()
|
||||
|
|
@ -204,19 +204,19 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
|||
self.driver.get("http://localhost:3000/profile")
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CLASS_NAME, "page-header__title").text,
|
||||
USER().name,
|
||||
self.user.name,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute("value"),
|
||||
USER().name,
|
||||
self.user.name,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=email]").get_attribute("value"),
|
||||
USER().email,
|
||||
self.user.email,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=login]").get_attribute("value"),
|
||||
USER().email,
|
||||
self.user.email,
|
||||
)
|
||||
self.driver.get("http://localhost:3000/logout")
|
||||
self.wait_for_url(
|
||||
|
|
@ -286,19 +286,19 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
|||
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CLASS_NAME, "page-header__title").text,
|
||||
USER().name,
|
||||
self.user.name,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute("value"),
|
||||
USER().name,
|
||||
self.user.name,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=email]").get_attribute("value"),
|
||||
USER().email,
|
||||
self.user.email,
|
||||
)
|
||||
self.assertEqual(
|
||||
self.driver.find_element(By.CSS_SELECTOR, "input[name=login]").get_attribute("value"),
|
||||
USER().email,
|
||||
self.user.email,
|
||||
)
|
||||
|
||||
@retry()
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ from authentik.providers.oauth2.constants import (
|
|||
SCOPE_OPENID_PROFILE,
|
||||
)
|
||||
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
|
|
@ -146,14 +146,14 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
|
|||
self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "pre")))
|
||||
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
|
||||
|
||||
self.assertEqual(body["IDTokenClaims"]["nickname"], USER().username)
|
||||
self.assertEqual(body["UserInfo"]["nickname"], USER().username)
|
||||
self.assertEqual(body["IDTokenClaims"]["nickname"], self.user.username)
|
||||
self.assertEqual(body["UserInfo"]["nickname"], self.user.username)
|
||||
|
||||
self.assertEqual(body["IDTokenClaims"]["name"], USER().name)
|
||||
self.assertEqual(body["UserInfo"]["name"], USER().name)
|
||||
self.assertEqual(body["IDTokenClaims"]["name"], self.user.name)
|
||||
self.assertEqual(body["UserInfo"]["name"], self.user.name)
|
||||
|
||||
self.assertEqual(body["IDTokenClaims"]["email"], USER().email)
|
||||
self.assertEqual(body["UserInfo"]["email"], USER().email)
|
||||
self.assertEqual(body["IDTokenClaims"]["email"], self.user.email)
|
||||
self.assertEqual(body["UserInfo"]["email"], self.user.email)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp")
|
||||
|
|
@ -211,14 +211,14 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
|
|||
self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "pre")))
|
||||
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
|
||||
|
||||
self.assertEqual(body["IDTokenClaims"]["nickname"], USER().username)
|
||||
self.assertEqual(body["UserInfo"]["nickname"], USER().username)
|
||||
self.assertEqual(body["IDTokenClaims"]["nickname"], self.user.username)
|
||||
self.assertEqual(body["UserInfo"]["nickname"], self.user.username)
|
||||
|
||||
self.assertEqual(body["IDTokenClaims"]["name"], USER().name)
|
||||
self.assertEqual(body["UserInfo"]["name"], USER().name)
|
||||
self.assertEqual(body["IDTokenClaims"]["name"], self.user.name)
|
||||
self.assertEqual(body["UserInfo"]["name"], self.user.name)
|
||||
|
||||
self.assertEqual(body["IDTokenClaims"]["email"], USER().email)
|
||||
self.assertEqual(body["UserInfo"]["email"], USER().email)
|
||||
self.assertEqual(body["IDTokenClaims"]["email"], self.user.email)
|
||||
self.assertEqual(body["UserInfo"]["email"], self.user.email)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp")
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ from authentik.providers.oauth2.constants import (
|
|||
SCOPE_OPENID_PROFILE,
|
||||
)
|
||||
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
|
|
@ -148,9 +148,9 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
|
|||
sleep(1)
|
||||
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
|
||||
print(body)
|
||||
self.assertEqual(body["profile"]["nickname"], USER().username)
|
||||
self.assertEqual(body["profile"]["name"], USER().name)
|
||||
self.assertEqual(body["profile"]["email"], USER().email)
|
||||
self.assertEqual(body["profile"]["nickname"], self.user.username)
|
||||
self.assertEqual(body["profile"]["name"], self.user.name)
|
||||
self.assertEqual(body["profile"]["email"], self.user.email)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp")
|
||||
|
|
@ -210,9 +210,9 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
|
|||
sleep(1)
|
||||
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
|
||||
|
||||
self.assertEqual(body["profile"]["nickname"], USER().username)
|
||||
self.assertEqual(body["profile"]["name"], USER().name)
|
||||
self.assertEqual(body["profile"]["email"], USER().email)
|
||||
self.assertEqual(body["profile"]["nickname"], self.user.username)
|
||||
self.assertEqual(body["profile"]["name"], self.user.name)
|
||||
self.assertEqual(body["profile"]["email"], self.user.email)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp")
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ from authentik.flows.models import Flow
|
|||
from authentik.outposts.models import DockerServiceConnection, Outpost, OutpostConfig, OutpostType
|
||||
from authentik.outposts.tasks import outpost_local_connection
|
||||
from authentik.providers.proxy.models import ProxyProvider
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
|
|
@ -62,9 +62,8 @@ class TestProviderProxy(SeleniumTestCase):
|
|||
def test_proxy_simple(self):
|
||||
"""Test simple outpost setup with single provider"""
|
||||
# set additionalHeaders to test later
|
||||
user = USER()
|
||||
user.attributes["additionalHeaders"] = {"X-Foo": "bar"}
|
||||
user.save()
|
||||
self.user.attributes["additionalHeaders"] = {"X-Foo": "bar"}
|
||||
self.user.save()
|
||||
|
||||
proxy: ProxyProvider = ProxyProvider.objects.create(
|
||||
name="proxy_provider",
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ from authentik.flows.models import Flow
|
|||
from authentik.policies.expression.models import ExpressionPolicy
|
||||
from authentik.policies.models import PolicyBinding
|
||||
from authentik.providers.saml.models import SAMLBindings, SAMLPropertyMapping, SAMLProvider
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
|
|
@ -96,29 +96,29 @@ class TestProviderSAML(SeleniumTestCase):
|
|||
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"],
|
||||
[USER().name],
|
||||
[self.user.name],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"][
|
||||
"http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"
|
||||
],
|
||||
[USER().username],
|
||||
[self.user.username],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/username"],
|
||||
[USER().username],
|
||||
[self.user.username],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/uid"],
|
||||
[str(USER().pk)],
|
||||
[str(self.user.pk)],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"],
|
||||
[USER().email],
|
||||
[self.user.email],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"],
|
||||
[USER().email],
|
||||
[self.user.email],
|
||||
)
|
||||
|
||||
@retry()
|
||||
|
|
@ -174,29 +174,29 @@ class TestProviderSAML(SeleniumTestCase):
|
|||
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"],
|
||||
[USER().name],
|
||||
[self.user.name],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"][
|
||||
"http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"
|
||||
],
|
||||
[USER().username],
|
||||
[self.user.username],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/username"],
|
||||
[USER().username],
|
||||
[self.user.username],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/uid"],
|
||||
[str(USER().pk)],
|
||||
[str(self.user.pk)],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"],
|
||||
[USER().email],
|
||||
[self.user.email],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"],
|
||||
[USER().email],
|
||||
[self.user.email],
|
||||
)
|
||||
|
||||
@retry()
|
||||
|
|
@ -243,29 +243,29 @@ class TestProviderSAML(SeleniumTestCase):
|
|||
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"],
|
||||
[USER().name],
|
||||
[self.user.name],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"][
|
||||
"http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"
|
||||
],
|
||||
[USER().username],
|
||||
[self.user.username],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/username"],
|
||||
[USER().username],
|
||||
[self.user.username],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.goauthentik.io/2021/02/saml/uid"],
|
||||
[str(USER().pk)],
|
||||
[str(self.user.pk)],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"],
|
||||
[USER().email],
|
||||
[self.user.email],
|
||||
)
|
||||
self.assertEqual(
|
||||
body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"],
|
||||
[USER().email],
|
||||
[self.user.email],
|
||||
)
|
||||
|
||||
@retry()
|
||||
|
|
|
|||
|
|
@ -27,15 +27,11 @@ from structlog.stdlib import get_logger
|
|||
|
||||
from authentik.core.api.users import UserSerializer
|
||||
from authentik.core.models import User
|
||||
from authentik.core.tests.utils import create_test_admin_user
|
||||
from authentik.managed.manager import ObjectManager
|
||||
|
||||
RETRIES = int(environ.get("RETRIES", "3"))
|
||||
|
||||
# pylint: disable=invalid-name
|
||||
def USER() -> User: # noqa
|
||||
"""Cached function that always returns akadmin"""
|
||||
return User.objects.get(username="akadmin")
|
||||
|
||||
|
||||
def get_docker_tag() -> str:
|
||||
"""Get docker-tag based off of CI variables"""
|
||||
|
|
@ -53,6 +49,7 @@ class SeleniumTestCase(ChannelsLiveServerTestCase):
|
|||
|
||||
container: Optional[Container] = None
|
||||
wait_timeout: int
|
||||
user: User
|
||||
|
||||
def setUp(self):
|
||||
super().setUp()
|
||||
|
|
@ -63,6 +60,7 @@ class SeleniumTestCase(ChannelsLiveServerTestCase):
|
|||
self.driver.implicitly_wait(30)
|
||||
self.wait = WebDriverWait(self.driver, self.wait_timeout)
|
||||
self.logger = get_logger()
|
||||
self.user = create_test_admin_user(set_password=True)
|
||||
if specs := self.get_container_specs():
|
||||
self.container = self._start_container(specs)
|
||||
|
||||
|
|
@ -162,7 +160,7 @@ class SeleniumTestCase(ChannelsLiveServerTestCase):
|
|||
|
||||
identification_stage.find_element(By.CSS_SELECTOR, "input[name=uidField]").click()
|
||||
identification_stage.find_element(By.CSS_SELECTOR, "input[name=uidField]").send_keys(
|
||||
USER().username
|
||||
self.user.username
|
||||
)
|
||||
identification_stage.find_element(By.CSS_SELECTOR, "input[name=uidField]").send_keys(
|
||||
Keys.ENTER
|
||||
|
|
@ -171,7 +169,7 @@ class SeleniumTestCase(ChannelsLiveServerTestCase):
|
|||
flow_executor = self.get_shadow_root("ak-flow-executor")
|
||||
password_stage = self.get_shadow_root("ak-stage-password", flow_executor)
|
||||
password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys(
|
||||
USER().username
|
||||
self.user.username
|
||||
)
|
||||
password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys(Keys.ENTER)
|
||||
sleep(1)
|
||||
|
|
|
|||
Reference in New Issue