From 3c8a0081bcdaa7ead58328107a1bfbb708bc1ff9 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 27 Feb 2021 23:33:15 +0100 Subject: [PATCH] tests/e2e: fix more test, add requirements for crypto --- tests/e2e/test_flows_enroll.py | 5 +++- tests/e2e/test_provider_oauth2_github.py | 11 +++++-- tests/e2e/test_provider_oauth2_grafana.py | 35 +++++++++++++++++----- tests/e2e/test_provider_oauth2_oidc.py | 36 ++++++++++++++++------- tests/e2e/test_provider_saml.py | 21 +++++++++---- tests/e2e/utils.py | 15 +++++++++- 6 files changed, 97 insertions(+), 26 deletions(-) diff --git a/tests/e2e/test_flows_enroll.py b/tests/e2e/test_flows_enroll.py index 3c43af9f5..6f09f642d 100644 --- a/tests/e2e/test_flows_enroll.py +++ b/tests/e2e/test_flows_enroll.py @@ -39,7 +39,6 @@ class TestFlowsEnroll(SeleniumTestCase): @retry() @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") - # pylint: disable=too-many-locals def test_enroll_2_step(self): """Test 2-step enroll flow""" # First stage fields @@ -228,7 +227,11 @@ class TestFlowsEnroll(SeleniumTestCase): # Second prompt stage flow_executor = self.get_shadow_root("ak-flow-executor") prompt_stage = self.get_shadow_root("ak-stage-prompt", flow_executor) + wait = WebDriverWait(prompt_stage, self.wait_timeout) + wait.until( + ec.presence_of_element_located((By.CSS_SELECTOR, "input[name=name]")) + ) prompt_stage.find_element(By.CSS_SELECTOR, "input[name=name]").send_keys( "some name" ) diff --git a/tests/e2e/test_provider_oauth2_github.py b/tests/e2e/test_provider_oauth2_github.py index 783744bd9..827395b9c 100644 --- a/tests/e2e/test_provider_oauth2_github.py +++ b/tests/e2e/test_provider_oauth2_github.py @@ -64,6 +64,7 @@ class TestProviderOAuth2Github(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") def test_authorization_consent_implied(self): """test OAuth Provider flow (default authorization flow with implied consent)""" # Bootstrap all needed objects @@ -117,6 +118,7 @@ class TestProviderOAuth2Github(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") def test_authorization_consent_explicit(self): """test OAuth Provider flow (default authorization flow with explicit consent)""" # Bootstrap all needed objects @@ -142,7 +144,9 @@ class TestProviderOAuth2Github(SeleniumTestCase): self.login() sleep(3) - self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))) + self.wait.until( + ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor")) + ) flow_executor = self.get_shadow_root("ak-flow-executor") consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor) @@ -153,7 +157,9 @@ class TestProviderOAuth2Github(SeleniumTestCase): ) self.assertEqual( "GitHub Compatibility: Access you Email addresses", - consent_stage.find_element(By.CSS_SELECTOR, "[data-permission-code='user:email']").text, + consent_stage.find_element( + By.CSS_SELECTOR, "[data-permission-code='user:email']" + ).text, ) consent_stage.find_element( By.CSS_SELECTOR, @@ -189,6 +195,7 @@ class TestProviderOAuth2Github(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") def test_denied(self): """test OAuth Provider flow (default authorization flow, denied)""" # Bootstrap all needed objects diff --git a/tests/e2e/test_provider_oauth2_grafana.py b/tests/e2e/test_provider_oauth2_grafana.py index 85c036c36..ee6a0af0b 100644 --- a/tests/e2e/test_provider_oauth2_grafana.py +++ b/tests/e2e/test_provider_oauth2_grafana.py @@ -24,7 +24,13 @@ from authentik.providers.oauth2.generators import ( generate_client_secret, ) from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry +from tests.e2e.utils import ( + USER, + SeleniumTestCase, + apply_migration, + object_manager, + retry, +) LOGGER = get_logger() APPLICATION_SLUG = "grafana" @@ -78,6 +84,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") def test_redirect_uri_error(self): """test OpenID Provider flow (invalid redirect URI, check error message)""" sleep(1) @@ -118,6 +125,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") + @object_manager def test_authorization_consent_implied(self): """test OpenID Provider flow (default authorization flow with implied consent)""" sleep(1) @@ -178,6 +187,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") + @object_manager def test_authorization_logout(self): """test OpenID Provider flow with logout""" sleep(1) @@ -246,6 +257,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") + @object_manager def test_authorization_consent_explicit(self): """test OpenID Provider flow (default authorization flow with explicit consent)""" sleep(1) @@ -278,15 +291,22 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): self.driver.find_element(By.CLASS_NAME, "btn-service--oauth").click() self.login() - self.assertEqual( - app.name, - self.driver.find_element(By.ID, "application-name").text, - ) self.wait.until( - ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]")) + ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor")) ) sleep(1) - self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click() + + flow_executor = self.get_shadow_root("ak-flow-executor") + consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor) + + self.assertIn( + app.name, + consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text, + ) + consent_stage.find_element( + By.CSS_SELECTOR, + ("[type=submit]"), + ).click() self.wait_for_url("http://localhost:3000/?orgId=1") self.driver.get("http://localhost:3000/profile") @@ -318,6 +338,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") def test_authorization_denied(self): """test OpenID Provider flow (default authorization with access deny)""" sleep(1) diff --git a/tests/e2e/test_provider_oauth2_oidc.py b/tests/e2e/test_provider_oauth2_oidc.py index f580316f6..5aa5f9845 100644 --- a/tests/e2e/test_provider_oauth2_oidc.py +++ b/tests/e2e/test_provider_oauth2_oidc.py @@ -26,7 +26,13 @@ from authentik.providers.oauth2.generators import ( generate_client_secret, ) from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry +from tests.e2e.utils import ( + USER, + SeleniumTestCase, + apply_migration, + object_manager, + retry, +) LOGGER = get_logger() @@ -73,6 +79,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") def test_redirect_uri_error(self): """test OpenID Provider flow (invalid redirect URI, check error message)""" sleep(1) @@ -113,6 +120,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") + @object_manager def test_authorization_consent_implied(self): """test OpenID Provider flow (default authorization flow with implied consent)""" sleep(1) @@ -160,6 +169,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") + @object_manager def test_authorization_consent_explicit(self): """test OpenID Provider flow (default authorization flow with explicit consent)""" sleep(1) @@ -192,17 +203,21 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): self.driver.get("http://localhost:9009") self.login() - sleep(9999999) - - self.assertEqual( - app.name, - self.driver.find_element(By.ID, "application-name").text, - ) self.wait.until( - ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]")) + ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor")) ) - sleep(1) - self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click() + + flow_executor = self.get_shadow_root("ak-flow-executor") + consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor) + + self.assertIn( + app.name, + consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text, + ) + consent_stage.find_element( + By.CSS_SELECTOR, + ("[type=submit]"), + ).click() self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "pre"))) body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text) @@ -220,6 +235,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): @apply_migration("authentik_core", "0003_default_user") @apply_migration("authentik_flows", "0008_default_flows") @apply_migration("authentik_flows", "0010_provider_flows") + @apply_migration("authentik_crypto", "0002_create_self_signed_kp") def test_authorization_denied(self): """test OpenID Provider flow (default authorization with access deny)""" sleep(1) diff --git a/tests/e2e/test_provider_saml.py b/tests/e2e/test_provider_saml.py index 80bc2bae6..40b23ef0b 100644 --- a/tests/e2e/test_provider_saml.py +++ b/tests/e2e/test_provider_saml.py @@ -149,12 +149,23 @@ class TestProviderSAML(SeleniumTestCase): self.container = self.setup_client(provider) self.driver.get("http://localhost:9009") self.login() - self.assertEqual( - app.name, - self.driver.find_element(By.ID, "application-name").text, + + self.wait.until( + ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor")) ) - sleep(1) - self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click() + + flow_executor = self.get_shadow_root("ak-flow-executor") + consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor) + + self.assertIn( + app.name, + consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text, + ) + consent_stage.find_element( + By.CSS_SELECTOR, + ("[type=submit]"), + ).click() + self.wait_for_url("http://localhost:9009/") body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text) diff --git a/tests/e2e/utils.py b/tests/e2e/utils.py index 3e9287453..de0d3864f 100644 --- a/tests/e2e/utils.py +++ b/tests/e2e/utils.py @@ -30,6 +30,7 @@ from structlog.stdlib import get_logger from authentik.core.api.users import UserSerializer from authentik.core.models import User +from authentik.managed.manager import ObjectManager # pylint: disable=invalid-name @@ -149,6 +150,7 @@ class SeleniumTestCase(StaticLiveServerTestCase): password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys( Keys.ENTER ) + sleep(1) def assert_user(self, expected_user: User): """Check users/me API and assert it matches expected_user""" @@ -189,7 +191,18 @@ def apply_migration(app_name: str, migration_name: str): return wrapper_outter -def retry(max_retires=3, exceptions=None): +def object_manager(func: Callable): + """Run objectmanager before a test function""" + + @wraps(func) + def wrapper(*args, **kwargs): + """Run objectmanager before a test function""" + ObjectManager().run() + return func(*args, **kwargs) + + return wrapper + + """Retry test multiple times. Default to catching Selenium Timeout Exception""" if not exceptions: