tests/e2e: fix more test, add requirements for crypto

This commit is contained in:
Jens Langhammer 2021-02-27 23:33:15 +01:00
parent 088e0e736a
commit 3c8a0081bc
6 changed files with 97 additions and 26 deletions

View file

@ -39,7 +39,6 @@ class TestFlowsEnroll(SeleniumTestCase):
@retry() @retry()
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
# pylint: disable=too-many-locals
def test_enroll_2_step(self): def test_enroll_2_step(self):
"""Test 2-step enroll flow""" """Test 2-step enroll flow"""
# First stage fields # First stage fields
@ -228,7 +227,11 @@ class TestFlowsEnroll(SeleniumTestCase):
# Second prompt stage # Second prompt stage
flow_executor = self.get_shadow_root("ak-flow-executor") flow_executor = self.get_shadow_root("ak-flow-executor")
prompt_stage = self.get_shadow_root("ak-stage-prompt", flow_executor) prompt_stage = self.get_shadow_root("ak-stage-prompt", flow_executor)
wait = WebDriverWait(prompt_stage, self.wait_timeout)
wait.until(
ec.presence_of_element_located((By.CSS_SELECTOR, "input[name=name]"))
)
prompt_stage.find_element(By.CSS_SELECTOR, "input[name=name]").send_keys( prompt_stage.find_element(By.CSS_SELECTOR, "input[name=name]").send_keys(
"some name" "some name"
) )

View file

@ -64,6 +64,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_authorization_consent_implied(self): def test_authorization_consent_implied(self):
"""test OAuth Provider flow (default authorization flow with implied consent)""" """test OAuth Provider flow (default authorization flow with implied consent)"""
# Bootstrap all needed objects # Bootstrap all needed objects
@ -117,6 +118,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_authorization_consent_explicit(self): def test_authorization_consent_explicit(self):
"""test OAuth Provider flow (default authorization flow with explicit consent)""" """test OAuth Provider flow (default authorization flow with explicit consent)"""
# Bootstrap all needed objects # Bootstrap all needed objects
@ -142,7 +144,9 @@ class TestProviderOAuth2Github(SeleniumTestCase):
self.login() self.login()
sleep(3) sleep(3)
self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))) self.wait.until(
ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
)
flow_executor = self.get_shadow_root("ak-flow-executor") flow_executor = self.get_shadow_root("ak-flow-executor")
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor) consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
@ -153,7 +157,9 @@ class TestProviderOAuth2Github(SeleniumTestCase):
) )
self.assertEqual( self.assertEqual(
"GitHub Compatibility: Access you Email addresses", "GitHub Compatibility: Access you Email addresses",
consent_stage.find_element(By.CSS_SELECTOR, "[data-permission-code='user:email']").text, consent_stage.find_element(
By.CSS_SELECTOR, "[data-permission-code='user:email']"
).text,
) )
consent_stage.find_element( consent_stage.find_element(
By.CSS_SELECTOR, By.CSS_SELECTOR,
@ -189,6 +195,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_denied(self): def test_denied(self):
"""test OAuth Provider flow (default authorization flow, denied)""" """test OAuth Provider flow (default authorization flow, denied)"""
# Bootstrap all needed objects # Bootstrap all needed objects

View file

@ -24,7 +24,13 @@ from authentik.providers.oauth2.generators import (
generate_client_secret, generate_client_secret,
) )
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry from tests.e2e.utils import (
USER,
SeleniumTestCase,
apply_migration,
object_manager,
retry,
)
LOGGER = get_logger() LOGGER = get_logger()
APPLICATION_SLUG = "grafana" APPLICATION_SLUG = "grafana"
@ -78,6 +84,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_redirect_uri_error(self): def test_redirect_uri_error(self):
"""test OpenID Provider flow (invalid redirect URI, check error message)""" """test OpenID Provider flow (invalid redirect URI, check error message)"""
sleep(1) sleep(1)
@ -118,6 +125,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
def test_authorization_consent_implied(self): def test_authorization_consent_implied(self):
"""test OpenID Provider flow (default authorization flow with implied consent)""" """test OpenID Provider flow (default authorization flow with implied consent)"""
sleep(1) sleep(1)
@ -178,6 +187,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
def test_authorization_logout(self): def test_authorization_logout(self):
"""test OpenID Provider flow with logout""" """test OpenID Provider flow with logout"""
sleep(1) sleep(1)
@ -246,6 +257,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
def test_authorization_consent_explicit(self): def test_authorization_consent_explicit(self):
"""test OpenID Provider flow (default authorization flow with explicit consent)""" """test OpenID Provider flow (default authorization flow with explicit consent)"""
sleep(1) sleep(1)
@ -278,15 +291,22 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
self.driver.find_element(By.CLASS_NAME, "btn-service--oauth").click() self.driver.find_element(By.CLASS_NAME, "btn-service--oauth").click()
self.login() self.login()
self.assertEqual(
app.name,
self.driver.find_element(By.ID, "application-name").text,
)
self.wait.until( self.wait.until(
ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]")) ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
) )
sleep(1) sleep(1)
self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click()
flow_executor = self.get_shadow_root("ak-flow-executor")
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
self.assertIn(
app.name,
consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
)
consent_stage.find_element(
By.CSS_SELECTOR,
("[type=submit]"),
).click()
self.wait_for_url("http://localhost:3000/?orgId=1") self.wait_for_url("http://localhost:3000/?orgId=1")
self.driver.get("http://localhost:3000/profile") self.driver.get("http://localhost:3000/profile")
@ -318,6 +338,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_authorization_denied(self): def test_authorization_denied(self):
"""test OpenID Provider flow (default authorization with access deny)""" """test OpenID Provider flow (default authorization with access deny)"""
sleep(1) sleep(1)

View file

@ -26,7 +26,13 @@ from authentik.providers.oauth2.generators import (
generate_client_secret, generate_client_secret,
) )
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry from tests.e2e.utils import (
USER,
SeleniumTestCase,
apply_migration,
object_manager,
retry,
)
LOGGER = get_logger() LOGGER = get_logger()
@ -73,6 +79,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_redirect_uri_error(self): def test_redirect_uri_error(self):
"""test OpenID Provider flow (invalid redirect URI, check error message)""" """test OpenID Provider flow (invalid redirect URI, check error message)"""
sleep(1) sleep(1)
@ -113,6 +120,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
def test_authorization_consent_implied(self): def test_authorization_consent_implied(self):
"""test OpenID Provider flow (default authorization flow with implied consent)""" """test OpenID Provider flow (default authorization flow with implied consent)"""
sleep(1) sleep(1)
@ -160,6 +169,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
def test_authorization_consent_explicit(self): def test_authorization_consent_explicit(self):
"""test OpenID Provider flow (default authorization flow with explicit consent)""" """test OpenID Provider flow (default authorization flow with explicit consent)"""
sleep(1) sleep(1)
@ -192,17 +203,21 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
self.driver.get("http://localhost:9009") self.driver.get("http://localhost:9009")
self.login() self.login()
sleep(9999999)
self.assertEqual(
app.name,
self.driver.find_element(By.ID, "application-name").text,
)
self.wait.until( self.wait.until(
ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]")) ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
) )
sleep(1)
self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click() flow_executor = self.get_shadow_root("ak-flow-executor")
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
self.assertIn(
app.name,
consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
)
consent_stage.find_element(
By.CSS_SELECTOR,
("[type=submit]"),
).click()
self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "pre"))) self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "pre")))
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text) body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
@ -220,6 +235,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows") @apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_authorization_denied(self): def test_authorization_denied(self):
"""test OpenID Provider flow (default authorization with access deny)""" """test OpenID Provider flow (default authorization with access deny)"""
sleep(1) sleep(1)

View file

@ -149,12 +149,23 @@ class TestProviderSAML(SeleniumTestCase):
self.container = self.setup_client(provider) self.container = self.setup_client(provider)
self.driver.get("http://localhost:9009") self.driver.get("http://localhost:9009")
self.login() self.login()
self.assertEqual(
app.name, self.wait.until(
self.driver.find_element(By.ID, "application-name").text, ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
) )
sleep(1)
self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click() flow_executor = self.get_shadow_root("ak-flow-executor")
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
self.assertIn(
app.name,
consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
)
consent_stage.find_element(
By.CSS_SELECTOR,
("[type=submit]"),
).click()
self.wait_for_url("http://localhost:9009/") self.wait_for_url("http://localhost:9009/")
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text) body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)

View file

@ -30,6 +30,7 @@ from structlog.stdlib import get_logger
from authentik.core.api.users import UserSerializer from authentik.core.api.users import UserSerializer
from authentik.core.models import User from authentik.core.models import User
from authentik.managed.manager import ObjectManager
# pylint: disable=invalid-name # pylint: disable=invalid-name
@ -149,6 +150,7 @@ class SeleniumTestCase(StaticLiveServerTestCase):
password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys( password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys(
Keys.ENTER Keys.ENTER
) )
sleep(1)
def assert_user(self, expected_user: User): def assert_user(self, expected_user: User):
"""Check users/me API and assert it matches expected_user""" """Check users/me API and assert it matches expected_user"""
@ -189,7 +191,18 @@ def apply_migration(app_name: str, migration_name: str):
return wrapper_outter return wrapper_outter
def retry(max_retires=3, exceptions=None): def object_manager(func: Callable):
"""Run objectmanager before a test function"""
@wraps(func)
def wrapper(*args, **kwargs):
"""Run objectmanager before a test function"""
ObjectManager().run()
return func(*args, **kwargs)
return wrapper
"""Retry test multiple times. Default to catching Selenium Timeout Exception""" """Retry test multiple times. Default to catching Selenium Timeout Exception"""
if not exceptions: if not exceptions: