tests/e2e: fix more test, add requirements for crypto

This commit is contained in:
Jens Langhammer 2021-02-27 23:33:15 +01:00
parent 088e0e736a
commit 3c8a0081bc
6 changed files with 97 additions and 26 deletions

View file

@ -39,7 +39,6 @@ class TestFlowsEnroll(SeleniumTestCase):
@retry()
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
# pylint: disable=too-many-locals
def test_enroll_2_step(self):
"""Test 2-step enroll flow"""
# First stage fields
@ -228,7 +227,11 @@ class TestFlowsEnroll(SeleniumTestCase):
# Second prompt stage
flow_executor = self.get_shadow_root("ak-flow-executor")
prompt_stage = self.get_shadow_root("ak-stage-prompt", flow_executor)
wait = WebDriverWait(prompt_stage, self.wait_timeout)
wait.until(
ec.presence_of_element_located((By.CSS_SELECTOR, "input[name=name]"))
)
prompt_stage.find_element(By.CSS_SELECTOR, "input[name=name]").send_keys(
"some name"
)

View file

@ -64,6 +64,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_authorization_consent_implied(self):
"""test OAuth Provider flow (default authorization flow with implied consent)"""
# Bootstrap all needed objects
@ -117,6 +118,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_authorization_consent_explicit(self):
"""test OAuth Provider flow (default authorization flow with explicit consent)"""
# Bootstrap all needed objects
@ -142,7 +144,9 @@ class TestProviderOAuth2Github(SeleniumTestCase):
self.login()
sleep(3)
self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor")))
self.wait.until(
ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
)
flow_executor = self.get_shadow_root("ak-flow-executor")
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
@ -153,7 +157,9 @@ class TestProviderOAuth2Github(SeleniumTestCase):
)
self.assertEqual(
"GitHub Compatibility: Access you Email addresses",
consent_stage.find_element(By.CSS_SELECTOR, "[data-permission-code='user:email']").text,
consent_stage.find_element(
By.CSS_SELECTOR, "[data-permission-code='user:email']"
).text,
)
consent_stage.find_element(
By.CSS_SELECTOR,
@ -189,6 +195,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_denied(self):
"""test OAuth Provider flow (default authorization flow, denied)"""
# Bootstrap all needed objects

View file

@ -24,7 +24,13 @@ from authentik.providers.oauth2.generators import (
generate_client_secret,
)
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry
from tests.e2e.utils import (
USER,
SeleniumTestCase,
apply_migration,
object_manager,
retry,
)
LOGGER = get_logger()
APPLICATION_SLUG = "grafana"
@ -78,6 +84,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_redirect_uri_error(self):
"""test OpenID Provider flow (invalid redirect URI, check error message)"""
sleep(1)
@ -118,6 +125,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
def test_authorization_consent_implied(self):
"""test OpenID Provider flow (default authorization flow with implied consent)"""
sleep(1)
@ -178,6 +187,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
def test_authorization_logout(self):
"""test OpenID Provider flow with logout"""
sleep(1)
@ -246,6 +257,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
def test_authorization_consent_explicit(self):
"""test OpenID Provider flow (default authorization flow with explicit consent)"""
sleep(1)
@ -278,15 +291,22 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
self.driver.find_element(By.CLASS_NAME, "btn-service--oauth").click()
self.login()
self.assertEqual(
app.name,
self.driver.find_element(By.ID, "application-name").text,
)
self.wait.until(
ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]"))
ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
)
sleep(1)
self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click()
flow_executor = self.get_shadow_root("ak-flow-executor")
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
self.assertIn(
app.name,
consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
)
consent_stage.find_element(
By.CSS_SELECTOR,
("[type=submit]"),
).click()
self.wait_for_url("http://localhost:3000/?orgId=1")
self.driver.get("http://localhost:3000/profile")
@ -318,6 +338,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_authorization_denied(self):
"""test OpenID Provider flow (default authorization with access deny)"""
sleep(1)

View file

@ -26,7 +26,13 @@ from authentik.providers.oauth2.generators import (
generate_client_secret,
)
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry
from tests.e2e.utils import (
USER,
SeleniumTestCase,
apply_migration,
object_manager,
retry,
)
LOGGER = get_logger()
@ -73,6 +79,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_redirect_uri_error(self):
"""test OpenID Provider flow (invalid redirect URI, check error message)"""
sleep(1)
@ -113,6 +120,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
def test_authorization_consent_implied(self):
"""test OpenID Provider flow (default authorization flow with implied consent)"""
sleep(1)
@ -160,6 +169,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
@object_manager
def test_authorization_consent_explicit(self):
"""test OpenID Provider flow (default authorization flow with explicit consent)"""
sleep(1)
@ -192,17 +203,21 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
self.driver.get("http://localhost:9009")
self.login()
sleep(9999999)
self.assertEqual(
app.name,
self.driver.find_element(By.ID, "application-name").text,
)
self.wait.until(
ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]"))
ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
)
sleep(1)
self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click()
flow_executor = self.get_shadow_root("ak-flow-executor")
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
self.assertIn(
app.name,
consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
)
consent_stage.find_element(
By.CSS_SELECTOR,
("[type=submit]"),
).click()
self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "pre")))
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
@ -220,6 +235,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
@apply_migration("authentik_core", "0003_default_user")
@apply_migration("authentik_flows", "0008_default_flows")
@apply_migration("authentik_flows", "0010_provider_flows")
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
def test_authorization_denied(self):
"""test OpenID Provider flow (default authorization with access deny)"""
sleep(1)

View file

@ -149,12 +149,23 @@ class TestProviderSAML(SeleniumTestCase):
self.container = self.setup_client(provider)
self.driver.get("http://localhost:9009")
self.login()
self.assertEqual(
app.name,
self.driver.find_element(By.ID, "application-name").text,
self.wait.until(
ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
)
sleep(1)
self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click()
flow_executor = self.get_shadow_root("ak-flow-executor")
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
self.assertIn(
app.name,
consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
)
consent_stage.find_element(
By.CSS_SELECTOR,
("[type=submit]"),
).click()
self.wait_for_url("http://localhost:9009/")
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)

View file

@ -30,6 +30,7 @@ from structlog.stdlib import get_logger
from authentik.core.api.users import UserSerializer
from authentik.core.models import User
from authentik.managed.manager import ObjectManager
# pylint: disable=invalid-name
@ -149,6 +150,7 @@ class SeleniumTestCase(StaticLiveServerTestCase):
password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys(
Keys.ENTER
)
sleep(1)
def assert_user(self, expected_user: User):
"""Check users/me API and assert it matches expected_user"""
@ -189,7 +191,18 @@ def apply_migration(app_name: str, migration_name: str):
return wrapper_outter
def retry(max_retires=3, exceptions=None):
def object_manager(func: Callable):
"""Run objectmanager before a test function"""
@wraps(func)
def wrapper(*args, **kwargs):
"""Run objectmanager before a test function"""
ObjectManager().run()
return func(*args, **kwargs)
return wrapper
"""Retry test multiple times. Default to catching Selenium Timeout Exception"""
if not exceptions: