stages/*: add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
6f9ed001a1
commit
4b8b800648
|
@ -59,6 +59,6 @@ def provider_tester_factory(test_model: Type[Stage]) -> Callable:
|
||||||
|
|
||||||
|
|
||||||
for model in all_subclasses(Source):
|
for model in all_subclasses(Source):
|
||||||
setattr(TestModels, f"test_model_{model.__name__}", source_tester_factory(model))
|
setattr(TestModels, f"test_source_{model.__name__}", source_tester_factory(model))
|
||||||
for model in all_subclasses(Provider):
|
for model in all_subclasses(Provider):
|
||||||
setattr(TestModels, f"test_model_{model.__name__}", provider_tester_factory(model))
|
setattr(TestModels, f"test_provider_{model.__name__}", provider_tester_factory(model))
|
||||||
|
|
|
@ -66,13 +66,9 @@ class TestCrypto(APITestCase):
|
||||||
def test_builder_api(self):
|
def test_builder_api(self):
|
||||||
"""Test Builder (via API)"""
|
"""Test Builder (via API)"""
|
||||||
self.client.force_login(User.objects.get(username="akadmin"))
|
self.client.force_login(User.objects.get(username="akadmin"))
|
||||||
response = self.client.post(
|
self.client.post(
|
||||||
reverse("authentik_api:certificatekeypair-generate"),
|
reverse("authentik_api:certificatekeypair-generate"),
|
||||||
data={
|
data={"common_name": "foo", "subject_alt_name": "bar,baz", "validity_days": 3},
|
||||||
"common_name": "foo",
|
|
||||||
"subject_alt_name": "bar,baz",
|
|
||||||
"validity_days": 3
|
|
||||||
},
|
|
||||||
)
|
)
|
||||||
self.assertTrue(CertificateKeyPair.objects.filter(name="foo").exists())
|
self.assertTrue(CertificateKeyPair.objects.filter(name="foo").exists())
|
||||||
|
|
||||||
|
|
|
@ -87,6 +87,10 @@ class AuthenticatorValidateStageTests(APITestCase):
|
||||||
)
|
)
|
||||||
self.assertFalse(serializer.is_valid())
|
self.assertFalse(serializer.is_valid())
|
||||||
self.assertIn("not_configured_action", serializer.errors)
|
self.assertIn("not_configured_action", serializer.errors)
|
||||||
|
serializer = AuthenticatorValidateStageSerializer(
|
||||||
|
data={"name": "foo", "not_configured_action": NotConfiguredAction.DENY}
|
||||||
|
)
|
||||||
|
self.assertTrue(serializer.is_valid())
|
||||||
|
|
||||||
def test_device_challenge_totp(self):
|
def test_device_challenge_totp(self):
|
||||||
"""Test device challenge"""
|
"""Test device challenge"""
|
||||||
|
|
|
@ -27,7 +27,7 @@ class TestUserDenyStage(APITestCase):
|
||||||
self.stage = DenyStage.objects.create(name="logout")
|
self.stage = DenyStage.objects.create(name="logout")
|
||||||
self.binding = FlowStageBinding.objects.create(target=self.flow, stage=self.stage, order=2)
|
self.binding = FlowStageBinding.objects.create(target=self.flow, stage=self.stage, order=2)
|
||||||
|
|
||||||
def test_valid_password(self):
|
def test_valid_get(self):
|
||||||
"""Test with a valid pending user and backend"""
|
"""Test with a valid pending user and backend"""
|
||||||
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
||||||
session = self.client.session
|
session = self.client.session
|
||||||
|
@ -52,3 +52,29 @@ class TestUserDenyStage(APITestCase):
|
||||||
"type": ChallengeTypes.NATIVE.value,
|
"type": ChallengeTypes.NATIVE.value,
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def test_valid_post(self):
|
||||||
|
"""Test with a valid pending user and backend"""
|
||||||
|
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
||||||
|
session = self.client.session
|
||||||
|
session[SESSION_KEY_PLAN] = plan
|
||||||
|
session.save()
|
||||||
|
|
||||||
|
response = self.client.post(
|
||||||
|
reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug})
|
||||||
|
)
|
||||||
|
|
||||||
|
self.assertEqual(response.status_code, 200)
|
||||||
|
self.assertJSONEqual(
|
||||||
|
force_str(response.content),
|
||||||
|
{
|
||||||
|
"component": "ak-stage-access-denied",
|
||||||
|
"error_message": None,
|
||||||
|
"flow_info": {
|
||||||
|
"background": self.flow.background_url,
|
||||||
|
"cancel_url": reverse("authentik_flows:cancel"),
|
||||||
|
"title": "",
|
||||||
|
},
|
||||||
|
"type": ChallengeTypes.NATIVE.value,
|
||||||
|
},
|
||||||
|
)
|
||||||
|
|
|
@ -216,6 +216,7 @@ class TestPromptStage(APITestCase):
|
||||||
def test_static_hidden_overwrite(self):
|
def test_static_hidden_overwrite(self):
|
||||||
"""Test that static and hidden fields ignore any value sent to them"""
|
"""Test that static and hidden fields ignore any value sent to them"""
|
||||||
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
||||||
|
plan.context[PLAN_CONTEXT_PROMPT] = {"hidden_prompt": "hidden"}
|
||||||
self.prompt_data["hidden_prompt"] = "foo"
|
self.prompt_data["hidden_prompt"] = "foo"
|
||||||
self.prompt_data["static_prompt"] = "foo"
|
self.prompt_data["static_prompt"] = "foo"
|
||||||
challenge_response = PromptChallengeResponse(
|
challenge_response = PromptChallengeResponse(
|
||||||
|
@ -223,4 +224,5 @@ class TestPromptStage(APITestCase):
|
||||||
)
|
)
|
||||||
self.assertEqual(challenge_response.is_valid(), True)
|
self.assertEqual(challenge_response.is_valid(), True)
|
||||||
self.assertNotEqual(challenge_response.validated_data["hidden_prompt"], "foo")
|
self.assertNotEqual(challenge_response.validated_data["hidden_prompt"], "foo")
|
||||||
|
self.assertEqual(challenge_response.validated_data["hidden_prompt"], "hidden")
|
||||||
self.assertNotEqual(challenge_response.validated_data["static_prompt"], "foo")
|
self.assertNotEqual(challenge_response.validated_data["static_prompt"], "foo")
|
||||||
|
|
|
@ -82,3 +82,26 @@ class TestUserDeleteStage(APITestCase):
|
||||||
)
|
)
|
||||||
|
|
||||||
self.assertFalse(User.objects.filter(username=self.username).exists())
|
self.assertFalse(User.objects.filter(username=self.username).exists())
|
||||||
|
|
||||||
|
def test_user_delete_post(self):
|
||||||
|
"""Test Form render"""
|
||||||
|
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
||||||
|
plan.context[PLAN_CONTEXT_PENDING_USER] = self.user
|
||||||
|
session = self.client.session
|
||||||
|
session[SESSION_KEY_PLAN] = plan
|
||||||
|
session.save()
|
||||||
|
|
||||||
|
response = self.client.post(
|
||||||
|
reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug})
|
||||||
|
)
|
||||||
|
self.assertEqual(response.status_code, 200)
|
||||||
|
self.assertJSONEqual(
|
||||||
|
force_str(response.content),
|
||||||
|
{
|
||||||
|
"component": "xak-flow-redirect",
|
||||||
|
"to": reverse("authentik_core:root-redirect"),
|
||||||
|
"type": ChallengeTypes.REDIRECT.value,
|
||||||
|
},
|
||||||
|
)
|
||||||
|
|
||||||
|
self.assertFalse(User.objects.filter(username=self.username).exists())
|
||||||
|
|
|
@ -31,7 +31,7 @@ class TestUserLoginStage(APITestCase):
|
||||||
self.stage = UserLoginStage.objects.create(name="login")
|
self.stage = UserLoginStage.objects.create(name="login")
|
||||||
self.binding = FlowStageBinding.objects.create(target=self.flow, stage=self.stage, order=2)
|
self.binding = FlowStageBinding.objects.create(target=self.flow, stage=self.stage, order=2)
|
||||||
|
|
||||||
def test_valid_password(self):
|
def test_valid_get(self):
|
||||||
"""Test with a valid pending user and backend"""
|
"""Test with a valid pending user and backend"""
|
||||||
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
||||||
plan.context[PLAN_CONTEXT_PENDING_USER] = self.user
|
plan.context[PLAN_CONTEXT_PENDING_USER] = self.user
|
||||||
|
@ -53,6 +53,28 @@ class TestUserLoginStage(APITestCase):
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def test_valid_post(self):
|
||||||
|
"""Test with a valid pending user and backend"""
|
||||||
|
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
||||||
|
plan.context[PLAN_CONTEXT_PENDING_USER] = self.user
|
||||||
|
session = self.client.session
|
||||||
|
session[SESSION_KEY_PLAN] = plan
|
||||||
|
session.save()
|
||||||
|
|
||||||
|
response = self.client.post(
|
||||||
|
reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug})
|
||||||
|
)
|
||||||
|
|
||||||
|
self.assertEqual(response.status_code, 200)
|
||||||
|
self.assertJSONEqual(
|
||||||
|
force_str(response.content),
|
||||||
|
{
|
||||||
|
"component": "xak-flow-redirect",
|
||||||
|
"to": reverse("authentik_core:root-redirect"),
|
||||||
|
"type": ChallengeTypes.REDIRECT.value,
|
||||||
|
},
|
||||||
|
)
|
||||||
|
|
||||||
def test_expiry(self):
|
def test_expiry(self):
|
||||||
"""Test with expiry"""
|
"""Test with expiry"""
|
||||||
self.stage.session_duration = "seconds=2"
|
self.stage.session_duration = "seconds=2"
|
||||||
|
|
|
@ -29,7 +29,7 @@ class TestUserLogoutStage(APITestCase):
|
||||||
self.stage = UserLogoutStage.objects.create(name="logout")
|
self.stage = UserLogoutStage.objects.create(name="logout")
|
||||||
self.binding = FlowStageBinding.objects.create(target=self.flow, stage=self.stage, order=2)
|
self.binding = FlowStageBinding.objects.create(target=self.flow, stage=self.stage, order=2)
|
||||||
|
|
||||||
def test_valid_password(self):
|
def test_valid_get(self):
|
||||||
"""Test with a valid pending user and backend"""
|
"""Test with a valid pending user and backend"""
|
||||||
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
||||||
plan.context[PLAN_CONTEXT_PENDING_USER] = self.user
|
plan.context[PLAN_CONTEXT_PENDING_USER] = self.user
|
||||||
|
@ -53,3 +53,28 @@ class TestUserLogoutStage(APITestCase):
|
||||||
"type": ChallengeTypes.REDIRECT.value,
|
"type": ChallengeTypes.REDIRECT.value,
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def test_valid_post(self):
|
||||||
|
"""Test with a valid pending user and backend"""
|
||||||
|
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
||||||
|
plan.context[PLAN_CONTEXT_PENDING_USER] = self.user
|
||||||
|
plan.context[PLAN_CONTEXT_AUTHENTICATION_BACKEND] = BACKEND_INBUILT
|
||||||
|
session = self.client.session
|
||||||
|
session[SESSION_KEY_PLAN] = plan
|
||||||
|
session.save()
|
||||||
|
|
||||||
|
response = self.client.post(
|
||||||
|
reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug})
|
||||||
|
)
|
||||||
|
|
||||||
|
# pylint: disable=no-member
|
||||||
|
self.assertEqual(response.status_code, 200)
|
||||||
|
self.assertJSONEqual(
|
||||||
|
# pylint: disable=no-member
|
||||||
|
force_str(response.content),
|
||||||
|
{
|
||||||
|
"component": "xak-flow-redirect",
|
||||||
|
"to": reverse("authentik_core:root-redirect"),
|
||||||
|
"type": ChallengeTypes.REDIRECT.value,
|
||||||
|
},
|
||||||
|
)
|
||||||
|
|
Reference in New Issue