add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
2cab4b7cda
commit
1a57f14f59
|
@ -39,6 +39,7 @@ class Migration(migrations.Migration):
|
||||||
("authentik.sources.oauth", "authentik Sources.OAuth"),
|
("authentik.sources.oauth", "authentik Sources.OAuth"),
|
||||||
("authentik.sources.plex", "authentik Sources.Plex"),
|
("authentik.sources.plex", "authentik Sources.Plex"),
|
||||||
("authentik.sources.saml", "authentik Sources.SAML"),
|
("authentik.sources.saml", "authentik Sources.SAML"),
|
||||||
|
("authentik.sources.scim", "authentik Sources.SCIM"),
|
||||||
("authentik.stages.authenticator_duo", "authentik Stages.Authenticator.Duo"),
|
("authentik.stages.authenticator_duo", "authentik Stages.Authenticator.Duo"),
|
||||||
("authentik.stages.authenticator_sms", "authentik Stages.Authenticator.SMS"),
|
("authentik.stages.authenticator_sms", "authentik Stages.Authenticator.SMS"),
|
||||||
(
|
(
|
||||||
|
|
0
authentik/sources/scim/tests/__init__.py
Normal file
0
authentik/sources/scim/tests/__init__.py
Normal file
86
authentik/sources/scim/tests/test_auth.py
Normal file
86
authentik/sources/scim/tests/test_auth.py
Normal file
|
@ -0,0 +1,86 @@
|
||||||
|
"""Test SCIM Auth"""
|
||||||
|
from django.urls import reverse
|
||||||
|
from rest_framework.test import APITestCase
|
||||||
|
|
||||||
|
from authentik.core.models import Token, TokenIntents
|
||||||
|
from authentik.core.tests.utils import create_test_admin_user
|
||||||
|
from authentik.lib.generators import generate_id
|
||||||
|
from authentik.sources.scim.models import SCIMSource
|
||||||
|
|
||||||
|
|
||||||
|
class TestSCIMAuth(APITestCase):
|
||||||
|
"""Test SCIM Auth view"""
|
||||||
|
|
||||||
|
def setUp(self) -> None:
|
||||||
|
self.user = create_test_admin_user()
|
||||||
|
self.token = Token.objects.create(
|
||||||
|
user=self.user,
|
||||||
|
identifier=generate_id(),
|
||||||
|
intent=TokenIntents.INTENT_API,
|
||||||
|
)
|
||||||
|
self.token2 = Token.objects.create(
|
||||||
|
user=self.user,
|
||||||
|
identifier=generate_id(),
|
||||||
|
intent=TokenIntents.INTENT_API,
|
||||||
|
)
|
||||||
|
self.token3 = Token.objects.create(
|
||||||
|
user=self.user,
|
||||||
|
identifier=generate_id(),
|
||||||
|
intent=TokenIntents.INTENT_API,
|
||||||
|
)
|
||||||
|
self.source = SCIMSource.objects.create(
|
||||||
|
name=generate_id(), slug=generate_id(), token=self.token
|
||||||
|
)
|
||||||
|
self.source2 = SCIMSource.objects.create(
|
||||||
|
name=generate_id(), slug=generate_id(), token=self.token2
|
||||||
|
)
|
||||||
|
|
||||||
|
def test_auth_ok(self):
|
||||||
|
"""Test successful auth"""
|
||||||
|
response = self.client.get(
|
||||||
|
reverse(
|
||||||
|
"authentik_sources_scim:v2-schema",
|
||||||
|
kwargs={
|
||||||
|
"source_slug": self.source.slug,
|
||||||
|
},
|
||||||
|
),
|
||||||
|
HTTP_AUTHORIZATION=f"Bearer {self.token.key}",
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 200)
|
||||||
|
|
||||||
|
def test_auth_missing(self):
|
||||||
|
"""Test without header"""
|
||||||
|
response = self.client.get(
|
||||||
|
reverse(
|
||||||
|
"authentik_sources_scim:v2-schema",
|
||||||
|
kwargs={
|
||||||
|
"source_slug": self.source.slug,
|
||||||
|
},
|
||||||
|
),
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 403)
|
||||||
|
|
||||||
|
def test_auth_wrong_token(self):
|
||||||
|
"""Test with wrong token"""
|
||||||
|
# Token for wrong source
|
||||||
|
response = self.client.get(
|
||||||
|
reverse(
|
||||||
|
"authentik_sources_scim:v2-schema",
|
||||||
|
kwargs={
|
||||||
|
"source_slug": self.source.slug,
|
||||||
|
},
|
||||||
|
),
|
||||||
|
HTTP_AUTHORIZATION=f"Bearer {self.token2.key}",
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 403)
|
||||||
|
# Token for no source
|
||||||
|
response = self.client.get(
|
||||||
|
reverse(
|
||||||
|
"authentik_sources_scim:v2-schema",
|
||||||
|
kwargs={
|
||||||
|
"source_slug": self.source.slug,
|
||||||
|
},
|
||||||
|
),
|
||||||
|
HTTP_AUTHORIZATION=f"Bearer {self.token3.key}",
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 403)
|
64
authentik/sources/scim/tests/test_resource_types.py
Normal file
64
authentik/sources/scim/tests/test_resource_types.py
Normal file
|
@ -0,0 +1,64 @@
|
||||||
|
"""Test SCIM ResourceTypes"""
|
||||||
|
from django.urls import reverse
|
||||||
|
from rest_framework.test import APITestCase
|
||||||
|
|
||||||
|
from authentik.core.models import Token, TokenIntents
|
||||||
|
from authentik.core.tests.utils import create_test_admin_user
|
||||||
|
from authentik.lib.generators import generate_id
|
||||||
|
from authentik.sources.scim.models import SCIMSource
|
||||||
|
|
||||||
|
|
||||||
|
class TestSCIMResourceTypes(APITestCase):
|
||||||
|
"""Test SCIM ResourceTypes view"""
|
||||||
|
|
||||||
|
def setUp(self) -> None:
|
||||||
|
self.user = create_test_admin_user()
|
||||||
|
self.token = Token.objects.create(
|
||||||
|
user=self.user,
|
||||||
|
identifier=generate_id(),
|
||||||
|
intent=TokenIntents.INTENT_API,
|
||||||
|
)
|
||||||
|
self.source = SCIMSource.objects.create(
|
||||||
|
name=generate_id(), slug=generate_id(), token=self.token
|
||||||
|
)
|
||||||
|
|
||||||
|
def test_resource_type(self):
|
||||||
|
"""Test full resource type view"""
|
||||||
|
response = self.client.get(
|
||||||
|
reverse(
|
||||||
|
"authentik_sources_scim:v2-resource-types",
|
||||||
|
kwargs={
|
||||||
|
"source_slug": self.source.slug,
|
||||||
|
},
|
||||||
|
),
|
||||||
|
HTTP_AUTHORIZATION=f"Bearer {self.token.key}",
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 200)
|
||||||
|
|
||||||
|
def test_resource_type_single(self):
|
||||||
|
"""Test single resource type"""
|
||||||
|
response = self.client.get(
|
||||||
|
reverse(
|
||||||
|
"authentik_sources_scim:v2-resource-types",
|
||||||
|
kwargs={
|
||||||
|
"source_slug": self.source.slug,
|
||||||
|
"resource_type": "ServiceProviderConfig",
|
||||||
|
},
|
||||||
|
),
|
||||||
|
HTTP_AUTHORIZATION=f"Bearer {self.token.key}",
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 200)
|
||||||
|
|
||||||
|
def test_resource_type_single_404(self):
|
||||||
|
"""Test single resource type (404"""
|
||||||
|
response = self.client.get(
|
||||||
|
reverse(
|
||||||
|
"authentik_sources_scim:v2-resource-types",
|
||||||
|
kwargs={
|
||||||
|
"source_slug": self.source.slug,
|
||||||
|
"resource_type": "foo",
|
||||||
|
},
|
||||||
|
),
|
||||||
|
HTTP_AUTHORIZATION=f"Bearer {self.token.key}",
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 404)
|
64
authentik/sources/scim/tests/test_schemas.py
Normal file
64
authentik/sources/scim/tests/test_schemas.py
Normal file
|
@ -0,0 +1,64 @@
|
||||||
|
"""Test SCIM Schema"""
|
||||||
|
from django.urls import reverse
|
||||||
|
from rest_framework.test import APITestCase
|
||||||
|
|
||||||
|
from authentik.core.models import Token, TokenIntents
|
||||||
|
from authentik.core.tests.utils import create_test_admin_user
|
||||||
|
from authentik.lib.generators import generate_id
|
||||||
|
from authentik.sources.scim.models import SCIMSource
|
||||||
|
|
||||||
|
|
||||||
|
class TestSCIMSchemas(APITestCase):
|
||||||
|
"""Test SCIM Schema view"""
|
||||||
|
|
||||||
|
def setUp(self) -> None:
|
||||||
|
self.user = create_test_admin_user()
|
||||||
|
self.token = Token.objects.create(
|
||||||
|
user=self.user,
|
||||||
|
identifier=generate_id(),
|
||||||
|
intent=TokenIntents.INTENT_API,
|
||||||
|
)
|
||||||
|
self.source = SCIMSource.objects.create(
|
||||||
|
name=generate_id(), slug=generate_id(), token=self.token
|
||||||
|
)
|
||||||
|
|
||||||
|
def test_schema(self):
|
||||||
|
"""Test full schema view"""
|
||||||
|
response = self.client.get(
|
||||||
|
reverse(
|
||||||
|
"authentik_sources_scim:v2-schema",
|
||||||
|
kwargs={
|
||||||
|
"source_slug": self.source.slug,
|
||||||
|
},
|
||||||
|
),
|
||||||
|
HTTP_AUTHORIZATION=f"Bearer {self.token.key}",
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 200)
|
||||||
|
|
||||||
|
def test_schema_single(self):
|
||||||
|
"""Test single schema"""
|
||||||
|
response = self.client.get(
|
||||||
|
reverse(
|
||||||
|
"authentik_sources_scim:v2-schema",
|
||||||
|
kwargs={
|
||||||
|
"source_slug": self.source.slug,
|
||||||
|
"schema_uri": "urn:ietf:params:scim:schemas:core:2.0:Meta",
|
||||||
|
},
|
||||||
|
),
|
||||||
|
HTTP_AUTHORIZATION=f"Bearer {self.token.key}",
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 200)
|
||||||
|
|
||||||
|
def test_schema_single_404(self):
|
||||||
|
"""Test single schema (404"""
|
||||||
|
response = self.client.get(
|
||||||
|
reverse(
|
||||||
|
"authentik_sources_scim:v2-schema",
|
||||||
|
kwargs={
|
||||||
|
"source_slug": self.source.slug,
|
||||||
|
"schema_uri": "foo",
|
||||||
|
},
|
||||||
|
),
|
||||||
|
HTTP_AUTHORIZATION=f"Bearer {self.token.key}",
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 404)
|
36
authentik/sources/scim/tests/test_service_provider_config.py
Normal file
36
authentik/sources/scim/tests/test_service_provider_config.py
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
"""Test SCIM ServiceProviderConfig"""
|
||||||
|
from django.urls import reverse
|
||||||
|
from rest_framework.test import APITestCase
|
||||||
|
|
||||||
|
from authentik.core.models import Token, TokenIntents
|
||||||
|
from authentik.core.tests.utils import create_test_admin_user
|
||||||
|
from authentik.lib.generators import generate_id
|
||||||
|
from authentik.sources.scim.models import SCIMSource
|
||||||
|
|
||||||
|
|
||||||
|
class TestSCIMServiceProviderConfig(APITestCase):
|
||||||
|
"""Test SCIM ServiceProviderConfig view"""
|
||||||
|
|
||||||
|
def setUp(self) -> None:
|
||||||
|
self.user = create_test_admin_user()
|
||||||
|
self.token = Token.objects.create(
|
||||||
|
user=self.user,
|
||||||
|
identifier=generate_id(),
|
||||||
|
intent=TokenIntents.INTENT_API,
|
||||||
|
)
|
||||||
|
self.source = SCIMSource.objects.create(
|
||||||
|
name=generate_id(), slug=generate_id(), token=self.token
|
||||||
|
)
|
||||||
|
|
||||||
|
def test_config(self):
|
||||||
|
"""Test full config view"""
|
||||||
|
response = self.client.get(
|
||||||
|
reverse(
|
||||||
|
"authentik_sources_scim:v2-service-provider-config",
|
||||||
|
kwargs={
|
||||||
|
"source_slug": self.source.slug,
|
||||||
|
},
|
||||||
|
),
|
||||||
|
HTTP_AUTHORIZATION=f"Bearer {self.token.key}",
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 200)
|
|
@ -38,4 +38,6 @@ class SCIMTokenAuth(BaseAuthentication):
|
||||||
if auth_type != "Bearer":
|
if auth_type != "Bearer":
|
||||||
return self.legacy(key, source_slug)
|
return self.legacy(key, source_slug)
|
||||||
token = self.check_token(key, source_slug)
|
token = self.check_token(key, source_slug)
|
||||||
|
if not token:
|
||||||
|
return None
|
||||||
return (token.user, token)
|
return (token.user, token)
|
||||||
|
|
Reference in a new issue