RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/internal/suites/scenario_multiple_cookie_do...

148 lines
4.3 KiB
Go
Raw Permalink Normal View History

feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
package suites
import (
"context"
"fmt"
"log"
feat(server): customizable authz endpoints (#4296) This allows users to customize the authz endpoints. Closes #2753, Fixes #3716 Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 09:36:40 +00:00
"strings"
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
"time"
)
// MultiCookieDomainScenario represents a set of tests for multi cookie domain suite.
type MultiCookieDomainScenario struct {
*RodSuite
domain, nextDomain string
feat(server): customizable authz endpoints (#4296) This allows users to customize the authz endpoints. Closes #2753, Fixes #3716 Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 09:36:40 +00:00
cookieNames []string
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
remember bool
}
// NewMultiCookieDomainScenario returns a new Multi Cookie Domain Test Scenario.
feat(server): customizable authz endpoints (#4296) This allows users to customize the authz endpoints. Closes #2753, Fixes #3716 Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 09:36:40 +00:00
func NewMultiCookieDomainScenario(domain, nextDomain string, cookieNames []string, remember bool) *MultiCookieDomainScenario {
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
return &MultiCookieDomainScenario{
feat(server): customizable authz endpoints (#4296) This allows users to customize the authz endpoints. Closes #2753, Fixes #3716 Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 09:36:40 +00:00
RodSuite: NewRodSuite(""),
domain: domain,
nextDomain: nextDomain,
cookieNames: cookieNames,
remember: remember,
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
}
}
func (s *MultiCookieDomainScenario) SetupSuite() {
browser, err := StartRod()
if err != nil {
log.Fatal(err)
}
s.RodSession = browser
err = updateDevEnvFileForDomain(s.domain, false)
s.Require().NoError(err)
}
func (s *MultiCookieDomainScenario) TearDownSuite() {
err := s.RodSession.Stop()
if err != nil {
log.Fatal(err)
}
}
func (s *MultiCookieDomainScenario) SetupTest() {
s.Page = s.doCreateTab(s.T(), HomeBaseURL)
s.verifyIsHome(s.T(), s.Page)
}
func (s *MultiCookieDomainScenario) TearDownTest() {
s.collectCoverage(s.Page)
s.MustClose()
}
feat(server): customizable authz endpoints (#4296) This allows users to customize the authz endpoints. Closes #2753, Fixes #3716 Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 09:36:40 +00:00
func (s *MultiCookieDomainScenario) TestCookieName() {
ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second)
defer func() {
cancel()
s.collectScreenshot(ctx.Err(), s.Page)
}()
s.doLoginOneFactor(s.T(), s.Context(ctx), "john", "password", s.remember, s.domain, "")
s.WaitElementLocatedByID(s.T(), s.Context(ctx), "logout-button")
cookieNames := s.GetCookieNames()
s.Assert().Equalf(s.cookieNames, cookieNames, "cookie names should include '%s' (only and all of) but includes '%s'", strings.Join(s.cookieNames, ","), strings.Join(cookieNames, ","))
}
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
func (s *MultiCookieDomainScenario) TestRememberMe() {
ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second)
defer func() {
cancel()
s.collectScreenshot(ctx.Err(), s.Page)
}()
s.doVisitLoginPage(s.T(), s.Page, s.domain, "")
s.WaitElementLocatedByID(s.T(), s.Context(ctx), "username-textfield")
has := s.CheckElementExistsLocatedByID(s.T(), s.Context(ctx), "remember-checkbox")
s.Assert().Equal(s.remember, has)
}
func (s *MultiCookieDomainScenario) TestShouldAuthorizeSecret() {
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer func() {
cancel()
s.collectScreenshot(ctx.Err(), s.Page)
}()
targetURL := fmt.Sprintf("%s/secret.html", SingleFactorBaseURLFmt(s.domain))
s.doLoginOneFactor(s.T(), s.Context(ctx), "john", "password", s.remember, s.domain, targetURL)
s.verifySecretAuthorized(s.T(), s.Page)
}
func (s *MultiCookieDomainScenario) TestShouldRequestLoginOnNextDomainAfterLoginOnFirstDomain() {
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer func() {
cancel()
s.collectScreenshot(ctx.Err(), s.Page)
}()
firstDomainTargetURL := fmt.Sprintf("%s/secret.html", SingleFactorBaseURLFmt(s.domain))
nextDomainTargetURL := fmt.Sprintf("%s/secret.html", SingleFactorBaseURLFmt(s.nextDomain))
s.doLoginOneFactor(s.T(), s.Context(ctx), "john", "password", s.remember, s.domain, firstDomainTargetURL)
s.verifySecretAuthorized(s.T(), s.Page)
s.doVisit(s.T(), s.Page, nextDomainTargetURL)
s.verifyIsFirstFactorPage(s.T(), s.Page)
}
func (s *MultiCookieDomainScenario) TestShouldStayLoggedInOnNextDomainWhenLoggedOffOnFirstDomain() {
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer func() {
cancel()
s.collectScreenshot(ctx.Err(), s.Page)
}()
firstDomainTargetURL := fmt.Sprintf("%s/secret.html", SingleFactorBaseURLFmt(s.domain))
nextDomainTargetURL := fmt.Sprintf("%s/secret.html", SingleFactorBaseURLFmt(s.nextDomain))
s.doLoginOneFactor(s.T(), s.Context(ctx), "john", "password", s.remember, s.domain, firstDomainTargetURL)
s.verifySecretAuthorized(s.T(), s.Page)
err := updateDevEnvFileForDomain(s.nextDomain, false)
s.Require().NoError(err)
s.doLoginOneFactor(s.T(), s.Context(ctx), "john", "password", !s.remember, s.nextDomain, nextDomainTargetURL)
s.verifySecretAuthorized(s.T(), s.Page)
s.doVisit(s.T(), s.Page, fmt.Sprintf("%s%s", GetLoginBaseURL(s.domain), "/logout"))
s.verifyIsFirstFactorPage(s.T(), s.Page)
s.doVisit(s.T(), s.Page, nextDomainTargetURL)
s.verifySecretAuthorized(s.T(), s.Page)
}