tests/e2e: fix more test, add requirements for crypto
This commit is contained in:
parent
088e0e736a
commit
3c8a0081bc
|
@ -39,7 +39,6 @@ class TestFlowsEnroll(SeleniumTestCase):
|
|||
@retry()
|
||||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
# pylint: disable=too-many-locals
|
||||
def test_enroll_2_step(self):
|
||||
"""Test 2-step enroll flow"""
|
||||
# First stage fields
|
||||
|
@ -228,7 +227,11 @@ class TestFlowsEnroll(SeleniumTestCase):
|
|||
# Second prompt stage
|
||||
flow_executor = self.get_shadow_root("ak-flow-executor")
|
||||
prompt_stage = self.get_shadow_root("ak-stage-prompt", flow_executor)
|
||||
wait = WebDriverWait(prompt_stage, self.wait_timeout)
|
||||
|
||||
wait.until(
|
||||
ec.presence_of_element_located((By.CSS_SELECTOR, "input[name=name]"))
|
||||
)
|
||||
prompt_stage.find_element(By.CSS_SELECTOR, "input[name=name]").send_keys(
|
||||
"some name"
|
||||
)
|
||||
|
|
|
@ -64,6 +64,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
def test_authorization_consent_implied(self):
|
||||
"""test OAuth Provider flow (default authorization flow with implied consent)"""
|
||||
# Bootstrap all needed objects
|
||||
|
@ -117,6 +118,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
def test_authorization_consent_explicit(self):
|
||||
"""test OAuth Provider flow (default authorization flow with explicit consent)"""
|
||||
# Bootstrap all needed objects
|
||||
|
@ -142,7 +144,9 @@ class TestProviderOAuth2Github(SeleniumTestCase):
|
|||
self.login()
|
||||
|
||||
sleep(3)
|
||||
self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor")))
|
||||
self.wait.until(
|
||||
ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
|
||||
)
|
||||
|
||||
flow_executor = self.get_shadow_root("ak-flow-executor")
|
||||
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
|
||||
|
@ -153,7 +157,9 @@ class TestProviderOAuth2Github(SeleniumTestCase):
|
|||
)
|
||||
self.assertEqual(
|
||||
"GitHub Compatibility: Access you Email addresses",
|
||||
consent_stage.find_element(By.CSS_SELECTOR, "[data-permission-code='user:email']").text,
|
||||
consent_stage.find_element(
|
||||
By.CSS_SELECTOR, "[data-permission-code='user:email']"
|
||||
).text,
|
||||
)
|
||||
consent_stage.find_element(
|
||||
By.CSS_SELECTOR,
|
||||
|
@ -189,6 +195,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
def test_denied(self):
|
||||
"""test OAuth Provider flow (default authorization flow, denied)"""
|
||||
# Bootstrap all needed objects
|
||||
|
|
|
@ -24,7 +24,13 @@ from authentik.providers.oauth2.generators import (
|
|||
generate_client_secret,
|
||||
)
|
||||
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry
|
||||
from tests.e2e.utils import (
|
||||
USER,
|
||||
SeleniumTestCase,
|
||||
apply_migration,
|
||||
object_manager,
|
||||
retry,
|
||||
)
|
||||
|
||||
LOGGER = get_logger()
|
||||
APPLICATION_SLUG = "grafana"
|
||||
|
@ -78,6 +84,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
def test_redirect_uri_error(self):
|
||||
"""test OpenID Provider flow (invalid redirect URI, check error message)"""
|
||||
sleep(1)
|
||||
|
@ -118,6 +125,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
def test_authorization_consent_implied(self):
|
||||
"""test OpenID Provider flow (default authorization flow with implied consent)"""
|
||||
sleep(1)
|
||||
|
@ -178,6 +187,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
def test_authorization_logout(self):
|
||||
"""test OpenID Provider flow with logout"""
|
||||
sleep(1)
|
||||
|
@ -246,6 +257,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
def test_authorization_consent_explicit(self):
|
||||
"""test OpenID Provider flow (default authorization flow with explicit consent)"""
|
||||
sleep(1)
|
||||
|
@ -278,15 +291,22 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
|||
self.driver.find_element(By.CLASS_NAME, "btn-service--oauth").click()
|
||||
self.login()
|
||||
|
||||
self.assertEqual(
|
||||
app.name,
|
||||
self.driver.find_element(By.ID, "application-name").text,
|
||||
)
|
||||
self.wait.until(
|
||||
ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]"))
|
||||
ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
|
||||
)
|
||||
sleep(1)
|
||||
self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click()
|
||||
|
||||
flow_executor = self.get_shadow_root("ak-flow-executor")
|
||||
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
|
||||
|
||||
self.assertIn(
|
||||
app.name,
|
||||
consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
|
||||
)
|
||||
consent_stage.find_element(
|
||||
By.CSS_SELECTOR,
|
||||
("[type=submit]"),
|
||||
).click()
|
||||
|
||||
self.wait_for_url("http://localhost:3000/?orgId=1")
|
||||
self.driver.get("http://localhost:3000/profile")
|
||||
|
@ -318,6 +338,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
def test_authorization_denied(self):
|
||||
"""test OpenID Provider flow (default authorization with access deny)"""
|
||||
sleep(1)
|
||||
|
|
|
@ -26,7 +26,13 @@ from authentik.providers.oauth2.generators import (
|
|||
generate_client_secret,
|
||||
)
|
||||
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
|
||||
from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry
|
||||
from tests.e2e.utils import (
|
||||
USER,
|
||||
SeleniumTestCase,
|
||||
apply_migration,
|
||||
object_manager,
|
||||
retry,
|
||||
)
|
||||
|
||||
LOGGER = get_logger()
|
||||
|
||||
|
@ -73,6 +79,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
def test_redirect_uri_error(self):
|
||||
"""test OpenID Provider flow (invalid redirect URI, check error message)"""
|
||||
sleep(1)
|
||||
|
@ -113,6 +120,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
def test_authorization_consent_implied(self):
|
||||
"""test OpenID Provider flow (default authorization flow with implied consent)"""
|
||||
sleep(1)
|
||||
|
@ -160,6 +169,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
def test_authorization_consent_explicit(self):
|
||||
"""test OpenID Provider flow (default authorization flow with explicit consent)"""
|
||||
sleep(1)
|
||||
|
@ -192,17 +203,21 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
|
|||
self.driver.get("http://localhost:9009")
|
||||
self.login()
|
||||
|
||||
sleep(9999999)
|
||||
|
||||
self.assertEqual(
|
||||
app.name,
|
||||
self.driver.find_element(By.ID, "application-name").text,
|
||||
)
|
||||
self.wait.until(
|
||||
ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]"))
|
||||
ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
|
||||
)
|
||||
sleep(1)
|
||||
self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click()
|
||||
|
||||
flow_executor = self.get_shadow_root("ak-flow-executor")
|
||||
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
|
||||
|
||||
self.assertIn(
|
||||
app.name,
|
||||
consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
|
||||
)
|
||||
consent_stage.find_element(
|
||||
By.CSS_SELECTOR,
|
||||
("[type=submit]"),
|
||||
).click()
|
||||
|
||||
self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "pre")))
|
||||
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
|
||||
|
@ -220,6 +235,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
|
|||
@apply_migration("authentik_core", "0003_default_user")
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
def test_authorization_denied(self):
|
||||
"""test OpenID Provider flow (default authorization with access deny)"""
|
||||
sleep(1)
|
||||
|
|
|
@ -149,12 +149,23 @@ class TestProviderSAML(SeleniumTestCase):
|
|||
self.container = self.setup_client(provider)
|
||||
self.driver.get("http://localhost:9009")
|
||||
self.login()
|
||||
self.assertEqual(
|
||||
app.name,
|
||||
self.driver.find_element(By.ID, "application-name").text,
|
||||
|
||||
self.wait.until(
|
||||
ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
|
||||
)
|
||||
sleep(1)
|
||||
self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click()
|
||||
|
||||
flow_executor = self.get_shadow_root("ak-flow-executor")
|
||||
consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
|
||||
|
||||
self.assertIn(
|
||||
app.name,
|
||||
consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
|
||||
)
|
||||
consent_stage.find_element(
|
||||
By.CSS_SELECTOR,
|
||||
("[type=submit]"),
|
||||
).click()
|
||||
|
||||
self.wait_for_url("http://localhost:9009/")
|
||||
|
||||
body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
|
||||
|
|
|
@ -30,6 +30,7 @@ from structlog.stdlib import get_logger
|
|||
|
||||
from authentik.core.api.users import UserSerializer
|
||||
from authentik.core.models import User
|
||||
from authentik.managed.manager import ObjectManager
|
||||
|
||||
|
||||
# pylint: disable=invalid-name
|
||||
|
@ -149,6 +150,7 @@ class SeleniumTestCase(StaticLiveServerTestCase):
|
|||
password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys(
|
||||
Keys.ENTER
|
||||
)
|
||||
sleep(1)
|
||||
|
||||
def assert_user(self, expected_user: User):
|
||||
"""Check users/me API and assert it matches expected_user"""
|
||||
|
@ -189,7 +191,18 @@ def apply_migration(app_name: str, migration_name: str):
|
|||
return wrapper_outter
|
||||
|
||||
|
||||
def retry(max_retires=3, exceptions=None):
|
||||
def object_manager(func: Callable):
|
||||
"""Run objectmanager before a test function"""
|
||||
|
||||
@wraps(func)
|
||||
def wrapper(*args, **kwargs):
|
||||
"""Run objectmanager before a test function"""
|
||||
ObjectManager().run()
|
||||
return func(*args, **kwargs)
|
||||
|
||||
return wrapper
|
||||
|
||||
|
||||
"""Retry test multiple times. Default to catching Selenium Timeout Exception"""
|
||||
|
||||
if not exceptions:
|
||||
|
|
Reference in a new issue