authelia/internal/suites/suite_oidc_test.go

package suites

import (
	"testing"

	"github.com/stretchr/testify/suite"
)

type OIDCSuite struct {
	*RodSuite
}

func NewOIDCSuite() *OIDCSuite {
	return &OIDCSuite{
		RodSuite: NewRodSuite(oidcSuiteName),
	}
}

func (s *OIDCSuite) TestOIDCScenario() {
	suite.Run(s.T(), NewOIDCScenario())
}

func TestOIDCSuite(t *testing.T) {
	if testing.Short() {
		t.Skip("skipping suite test in short mode")
	}

	suite.Run(t, NewOIDCSuite())
}
feature(oidc): add support for OpenID Connect OpenID connect has become a standard when it comes to authentication and in order to fix a security concern around forwarding authentication and authorization information it has been decided to add support for it. This feature is in beta version and only enabled when there is a configuration for it. Before enabling it in production, please consider that it's in beta with potential bugs and that there are several production critical features still missing such as all OIDC related data is stored in configuration or memory. This means you are potentially going to experience issues with HA deployments, or when restarting a single instance specifically related to OIDC. We are still working on adding the remaining set of features before making it GA as soon as possible. Related to #189 Co-authored-by: Clement Michaud <clement.michaud34@gmail.com> 2021-05-04 22:06:05 +00:00			`package suites`

			`import (`
			`"testing"`

			`"github.com/stretchr/testify/suite"`
			`)`

			`type OIDCSuite struct {`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`*RodSuite`
feature(oidc): add support for OpenID Connect OpenID connect has become a standard when it comes to authentication and in order to fix a security concern around forwarding authentication and authorization information it has been decided to add support for it. This feature is in beta version and only enabled when there is a configuration for it. Before enabling it in production, please consider that it's in beta with potential bugs and that there are several production critical features still missing such as all OIDC related data is stored in configuration or memory. This means you are potentially going to experience issues with HA deployments, or when restarting a single instance specifically related to OIDC. We are still working on adding the remaining set of features before making it GA as soon as possible. Related to #189 Co-authored-by: Clement Michaud <clement.michaud34@gmail.com> 2021-05-04 22:06:05 +00:00			`}`

			`func NewOIDCSuite() *OIDCSuite {`
test(suites): load environment into suites (#4762) * test(suites): load environment into suites * test(suites): default setup suite * test(suites): create base suite * test(suites): fix nil ptr * test(suites): add logging * test: fix missing devworkflow path * refactor: apply suggestions * refactor: log * fix: dev workflow requires env file to trigger vite hmr * fix(suites): fix dynamic configuration in dev workflow for all proxies * refactor: apply final suggestions * fix: pass log level to suites * fix(suites): include pathprefix to prevent react router basename issues * fix: missing setup logging calls * fix: gate suite setup funcs * test: fix lint * test: fix tmp dir * fix(suites): fix gitignore of .env.development with vite hmr Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2023-01-25 04:11:05 +00:00			`return &OIDCSuite{`
			`RodSuite: NewRodSuite(oidcSuiteName),`
			`}`
feature(oidc): add support for OpenID Connect OpenID connect has become a standard when it comes to authentication and in order to fix a security concern around forwarding authentication and authorization information it has been decided to add support for it. This feature is in beta version and only enabled when there is a configuration for it. Before enabling it in production, please consider that it's in beta with potential bugs and that there are several production critical features still missing such as all OIDC related data is stored in configuration or memory. This means you are potentially going to experience issues with HA deployments, or when restarting a single instance specifically related to OIDC. We are still working on adding the remaining set of features before making it GA as soon as possible. Related to #189 Co-authored-by: Clement Michaud <clement.michaud34@gmail.com> 2021-05-04 22:06:05 +00:00			`}`

			`func (s *OIDCSuite) TestOIDCScenario() {`
			`suite.Run(s.T(), NewOIDCScenario())`
			`}`

			`func TestOIDCSuite(t *testing.T) {`
feat(oidc): add additional config options, accurate token times, and refactoring (#1991) * This gives admins more control over their OIDC installation exposing options that had defaults before. Things like lifespans for authorize codes, access tokens, id tokens, refresh tokens, a option to enable the debug client messages, minimum parameter entropy. It also allows admins to configure the response modes. * Additionally this records specific values about a users session indicating when they performed a specific authz factor so this is represented in the token accurately. * Lastly we also implemented a OIDC key manager which calculates the kid for jwk's using the SHA1 digest instead of being static, or more specifically the first 7 chars. As per https://datatracker.ietf.org/doc/html/draft-ietf-jose-json-web-key#section-8.1.1 the kid should not exceed 8 chars. While it's allowed to exceed 8 chars, it must only be done so with a compelling reason, which we do not have. 2021-07-03 23:44:30 +00:00			`if testing.Short() {`
			`t.Skip("skipping suite test in short mode")`
			`}`

feature(oidc): add support for OpenID Connect OpenID connect has become a standard when it comes to authentication and in order to fix a security concern around forwarding authentication and authorization information it has been decided to add support for it. This feature is in beta version and only enabled when there is a configuration for it. Before enabling it in production, please consider that it's in beta with potential bugs and that there are several production critical features still missing such as all OIDC related data is stored in configuration or memory. This means you are potentially going to experience issues with HA deployments, or when restarting a single instance specifically related to OIDC. We are still working on adding the remaining set of features before making it GA as soon as possible. Related to #189 Co-authored-by: Clement Michaud <clement.michaud34@gmail.com> 2021-05-04 22:06:05 +00:00			`suite.Run(t, NewOIDCSuite())`
			`}`