RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/internal/suites/suite_standalone_test.go

373 lines
12 KiB
Go
Raw Permalink Normal View History

Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own.
2019-11-02 14:32:58 +00:00
package suites
import (
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
"context"
"fmt"
refactor: remove ioutil (#2635) Was deprecated in 1.16 and has more performant options available.
2021-12-01 13:14:15 +00:00
"io"
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
"log"
"net/http"
Encode URL set to rd parameter. (#559) * Encode URL set to rd parameter. URL encoding that parameter solves PR #476. Some URL parameters set during redirection were magically disappearing after the redirection due to the authentication process. By using URL encoding, those parameters should not be stripped anymore. * Fix integration tests.
2020-01-18 14:57:42 +00:00
"net/url"
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own.
2019-11-02 14:32:58 +00:00
"testing"
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
"time"
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own.
2019-11-02 14:32:58 +00:00
Allow administrator to provide a Google Analytics tracking ID. Providing a GA tracking ID allows administrators to analyze how the portal is used by their users in large environments, i.e., with many users. This will make even more sense when we have users and admins management interfaces.
2019-12-07 16:40:42 +00:00
"github.com/stretchr/testify/require"
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own.
2019-11-02 14:32:58 +00:00
"github.com/stretchr/testify/suite"
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
"github.com/valyala/fasthttp"
[MISC] Update durations to notation format and housekeeping (#824) * added regulation validator * made regulations find_time and ban_time values duration notation strings * added DefaultRegulationConfiguration for the validator * made session expiration and inactivity values duration notation strings * TOTP period does not need to be converted because adjustment should be discouraged * moved TOTP defaults to DefaultTOTPConfiguration and removed the consts * arranged the root config validator in configuration file order * adjusted tests for the changes * moved duration notation docs to root of configuration * added references to duration notation where applicable * project wide gofmt and goimports: * run gofmt * run goimports -local github.com/authelia/authelia -w on all files * Make jwt_secret error uniform and add tests * now at 100% coverage for internal/configuration/validator/configuration.go
2020-04-05 12:37:21 +00:00
fix: include major in go.mod module directive (#2278) * build: include major in go.mod module directive * fix: xflags * revert: cobra changes * fix: mock doc
2021-08-11 01:04:35 +00:00
"github.com/authelia/authelia/v4/internal/storage"
"github.com/authelia/authelia/v4/internal/utils"
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own.
2019-11-02 14:32:58 +00:00
)
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
type StandaloneWebDriverSuite struct {
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
*RodSuite
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own.
2019-11-02 14:32:58 +00:00
}
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
func NewStandaloneWebDriverSuite() *StandaloneWebDriverSuite {
test(suites): load environment into suites (#4762) * test(suites): load environment into suites * test(suites): default setup suite * test(suites): create base suite * test(suites): fix nil ptr * test(suites): add logging * test: fix missing devworkflow path * refactor: apply suggestions * refactor: log * fix: dev workflow requires env file to trigger vite hmr * fix(suites): fix dynamic configuration in dev workflow for all proxies * refactor: apply final suggestions * fix: pass log level to suites * fix(suites): include pathprefix to prevent react router basename issues * fix: missing setup logging calls * fix: gate suite setup funcs * test: fix lint * test: fix tmp dir * fix(suites): fix gitignore of .env.development with vite hmr Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 04:11:05 +00:00
return &StandaloneWebDriverSuite{
RodSuite: NewRodSuite(""),
}
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
}
func (s *StandaloneWebDriverSuite) SetupSuite() {
test(suites): load environment into suites (#4762) * test(suites): load environment into suites * test(suites): default setup suite * test(suites): create base suite * test(suites): fix nil ptr * test(suites): add logging * test: fix missing devworkflow path * refactor: apply suggestions * refactor: log * fix: dev workflow requires env file to trigger vite hmr * fix(suites): fix dynamic configuration in dev workflow for all proxies * refactor: apply final suggestions * fix: pass log level to suites * fix(suites): include pathprefix to prevent react router basename issues * fix: missing setup logging calls * fix: gate suite setup funcs * test: fix lint * test: fix tmp dir * fix(suites): fix gitignore of .env.development with vite hmr Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 04:11:05 +00:00
s.BaseSuite.SetupSuite()
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
browser, err := StartRod()
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
if err != nil {
log.Fatal(err)
}
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
s.RodSession = browser
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
}
func (s *StandaloneWebDriverSuite) TearDownSuite() {
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
err := s.RodSession.Stop()
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
if err != nil {
log.Fatal(err)
}
}
func (s *StandaloneWebDriverSuite) SetupTest() {
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
s.Page = s.doCreateTab(s.T(), HomeBaseURL)
s.verifyIsHome(s.T(), s.Page)
}
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
func (s *StandaloneWebDriverSuite) TearDownTest() {
s.collectCoverage(s.Page)
s.MustClose()
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
}
func (s *StandaloneWebDriverSuite) TestShouldLetUserKnowHeIsAlreadyAuthenticated() {
ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
defer func() {
cancel()
s.collectScreenshot(ctx.Err(), s.Page)
}()
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
_ = s.doRegisterAndLogin2FA(s.T(), s.Context(ctx), "john", "password", false, "")
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
[CI] Add godot linter (#958) * [CI] Add godot linter * Implement godot recommendations
2020-05-02 05:06:39 +00:00
// Visit home page to change context.
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
s.doVisit(s.T(), s.Context(ctx), HomeBaseURL)
s.verifyIsHome(s.T(), s.Context(ctx))
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
[CI] Add godot linter (#958) * [CI] Add godot linter * Implement godot recommendations
2020-05-02 05:06:39 +00:00
// Visit the login page and wait for redirection to 2FA page with success icon displayed.
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
s.doVisit(s.T(), s.Context(ctx), GetLoginBaseURL(BaseDomain))
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
s.verifyIsAuthenticatedPage(s.T(), s.Context(ctx))
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
}
feat(web): auto-redirect on appropriate authentication state changes (#3187) This PR checks the authentication state of the Authelia portal on either a focus event or 1-second timer and if a state change has occurred will redirect accordingly. Closes #3000. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-19 12:43:19 +00:00
func (s *StandaloneWebDriverSuite) TestShouldRedirectAfterOneFactorOnAnotherTab() {
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
targetURL := fmt.Sprintf("%s/secret.html", SingleFactorBaseURL)
page2 := s.Browser().MustPage(targetURL)
defer func() {
cancel()
s.collectScreenshot(ctx.Err(), s.Page)
s.collectScreenshot(ctx.Err(), page2)
page2.MustClose()
}()
// Open second tab with secret page.
page2.MustWaitLoad()
// Switch to first, visit the login page and wait for redirection to secret page with secret displayed.
s.Page.MustActivate()
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
s.doLoginOneFactor(s.T(), s.Context(ctx), "john", "password", false, BaseDomain, targetURL)
feat(web): auto-redirect on appropriate authentication state changes (#3187) This PR checks the authentication state of the Authelia portal on either a focus event or 1-second timer and if a state change has occurred will redirect accordingly. Closes #3000. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-19 12:43:19 +00:00
s.verifySecretAuthorized(s.T(), s.Page)
// Switch to second tab and wait for redirection to secret page with secret displayed.
page2.MustActivate()
s.verifySecretAuthorized(s.T(), page2.Context(ctx))
}
fix: user is now redirected when authenticated (#2082) * fix(handlers,web): user is now redirected when authenticated Fix: #1788 * remove dead code and fix ci issues * fix infinite loop in frontend * fix issue with integration tests * handle bot recommendation * fix integration test & add dot to comment * fix last integration test * Update api/openapi.yml Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update api/openapi.yml * Update openapi.yml * refactor: valid -> safe * refactor: adjust merge conflicts * Apply suggestions from code review Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * fix: adjust test return messaging Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-02 06:15:38 +00:00
func (s *StandaloneWebDriverSuite) TestShouldRedirectAlreadyAuthenticatedUser() {
ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
defer func() {
cancel()
s.collectScreenshot(ctx.Err(), s.Page)
}()
fix: user is now redirected when authenticated (#2082) * fix(handlers,web): user is now redirected when authenticated Fix: #1788 * remove dead code and fix ci issues * fix infinite loop in frontend * fix issue with integration tests * handle bot recommendation * fix integration test & add dot to comment * fix last integration test * Update api/openapi.yml Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update api/openapi.yml * Update openapi.yml * refactor: valid -> safe * refactor: adjust merge conflicts * Apply suggestions from code review Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * fix: adjust test return messaging Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-02 06:15:38 +00:00
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
_ = s.doRegisterAndLogin2FA(s.T(), s.Context(ctx), "john", "password", false, "")
fix: user is now redirected when authenticated (#2082) * fix(handlers,web): user is now redirected when authenticated Fix: #1788 * remove dead code and fix ci issues * fix infinite loop in frontend * fix issue with integration tests * handle bot recommendation * fix integration test & add dot to comment * fix last integration test * Update api/openapi.yml Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update api/openapi.yml * Update openapi.yml * refactor: valid -> safe * refactor: adjust merge conflicts * Apply suggestions from code review Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * fix: adjust test return messaging Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-02 06:15:38 +00:00
// Visit home page to change context.
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
s.doVisit(s.T(), s.Context(ctx), HomeBaseURL)
s.verifyIsHome(s.T(), s.Context(ctx))
fix: user is now redirected when authenticated (#2082) * fix(handlers,web): user is now redirected when authenticated Fix: #1788 * remove dead code and fix ci issues * fix infinite loop in frontend * fix issue with integration tests * handle bot recommendation * fix integration test & add dot to comment * fix last integration test * Update api/openapi.yml Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update api/openapi.yml * Update openapi.yml * refactor: valid -> safe * refactor: adjust merge conflicts * Apply suggestions from code review Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * fix: adjust test return messaging Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-02 06:15:38 +00:00
// Visit the login page and wait for redirection to 2FA page with success icon displayed.
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
s.doVisit(s.T(), s.Context(ctx), fmt.Sprintf("%s?rd=https://secure.example.com:8080", GetLoginBaseURL(BaseDomain)))
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
_, err := s.Page.ElementR("h1", "Public resource")
require.NoError(s.T(), err)
s.verifyURLIs(s.T(), s.Context(ctx), "https://secure.example.com:8080/")
fix: user is now redirected when authenticated (#2082) * fix(handlers,web): user is now redirected when authenticated Fix: #1788 * remove dead code and fix ci issues * fix infinite loop in frontend * fix issue with integration tests * handle bot recommendation * fix integration test & add dot to comment * fix last integration test * Update api/openapi.yml Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update api/openapi.yml * Update openapi.yml * refactor: valid -> safe * refactor: adjust merge conflicts * Apply suggestions from code review Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * fix: adjust test return messaging Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-02 06:15:38 +00:00
}
func (s *StandaloneWebDriverSuite) TestShouldNotRedirectAlreadyAuthenticatedUserToUnsafeURL() {
ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
defer func() {
cancel()
s.collectScreenshot(ctx.Err(), s.Page)
}()
fix: user is now redirected when authenticated (#2082) * fix(handlers,web): user is now redirected when authenticated Fix: #1788 * remove dead code and fix ci issues * fix infinite loop in frontend * fix issue with integration tests * handle bot recommendation * fix integration test & add dot to comment * fix last integration test * Update api/openapi.yml Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update api/openapi.yml * Update openapi.yml * refactor: valid -> safe * refactor: adjust merge conflicts * Apply suggestions from code review Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * fix: adjust test return messaging Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-02 06:15:38 +00:00
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
_ = s.doRegisterAndLogin2FA(s.T(), s.Context(ctx), "john", "password", false, "")
fix: user is now redirected when authenticated (#2082) * fix(handlers,web): user is now redirected when authenticated Fix: #1788 * remove dead code and fix ci issues * fix infinite loop in frontend * fix issue with integration tests * handle bot recommendation * fix integration test & add dot to comment * fix last integration test * Update api/openapi.yml Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update api/openapi.yml * Update openapi.yml * refactor: valid -> safe * refactor: adjust merge conflicts * Apply suggestions from code review Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * fix: adjust test return messaging Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-02 06:15:38 +00:00
// Visit home page to change context.
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
s.doVisit(s.T(), s.Context(ctx), HomeBaseURL)
s.verifyIsHome(s.T(), s.Context(ctx))
fix: user is now redirected when authenticated (#2082) * fix(handlers,web): user is now redirected when authenticated Fix: #1788 * remove dead code and fix ci issues * fix infinite loop in frontend * fix issue with integration tests * handle bot recommendation * fix integration test & add dot to comment * fix last integration test * Update api/openapi.yml Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update api/openapi.yml * Update openapi.yml * refactor: valid -> safe * refactor: adjust merge conflicts * Apply suggestions from code review Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * fix: adjust test return messaging Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-02 06:15:38 +00:00
// Visit the login page and wait for redirection to 2FA page with success icon displayed.
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
s.doVisit(s.T(), s.Context(ctx), fmt.Sprintf("%s?rd=https://secure.example.local:8080", GetLoginBaseURL(BaseDomain)))
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
s.verifyNotificationDisplayed(s.T(), s.Context(ctx), "Redirection was determined to be unsafe and aborted. Ensure the redirection URL is correct.")
fix: user is now redirected when authenticated (#2082) * fix(handlers,web): user is now redirected when authenticated Fix: #1788 * remove dead code and fix ci issues * fix infinite loop in frontend * fix issue with integration tests * handle bot recommendation * fix integration test & add dot to comment * fix last integration test * Update api/openapi.yml Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update web/src/services/SafeRedirection.ts Co-authored-by: Amir Zarrinkafsh <nightah@me.com> * Update api/openapi.yml * Update openapi.yml * refactor: valid -> safe * refactor: adjust merge conflicts * Apply suggestions from code review Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> * fix: adjust test return messaging Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-02 06:15:38 +00:00
}
Allow administrator to provide a Google Analytics tracking ID. Providing a GA tracking ID allows administrators to analyze how the portal is used by their users in large environments, i.e., with many users. This will make even more sense when we have users and admins management interfaces.
2019-12-07 16:40:42 +00:00
func (s *StandaloneWebDriverSuite) TestShouldCheckUserIsAskedToRegisterDevice() {
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer func() {
cancel()
s.collectScreenshot(ctx.Err(), s.Page)
}()
Allow administrator to provide a Google Analytics tracking ID. Providing a GA tracking ID allows administrators to analyze how the portal is used by their users in large environments, i.e., with many users. This will make even more sense when we have users and admins management interfaces.
2019-12-07 16:40:42 +00:00
username := "john"
password := "password"
[CI] Add godot linter (#958) * [CI] Add godot linter * Implement godot recommendations
2020-05-02 05:06:39 +00:00
// Clean up any TOTP secret already in DB.
feat(totp): algorithm and digits config (#2634) Allow users to configure the TOTP Algorithm and Digits. This should be used with caution as many TOTP applications do not support it. Some will also fail to notify the user that there is an issue. i.e. if the algorithm in the QR code is sha512, they continue to generate one time passwords with sha1. In addition this drastically refactors TOTP in general to be more user friendly by not forcing them to register a new device if the administrator changes the period (or algorithm). Fixes #1226.
2021-12-01 12:11:29 +00:00
provider := storage.NewSQLiteProvider(&storageLocalTmpConfig)
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
require.NoError(s.T(), provider.DeleteTOTPConfiguration(ctx, username))
Allow administrator to provide a Google Analytics tracking ID. Providing a GA tracking ID allows administrators to analyze how the portal is used by their users in large environments, i.e., with many users. This will make even more sense when we have users and admins management interfaces.
2019-12-07 16:40:42 +00:00
[CI] Add godot linter (#958) * [CI] Add godot linter * Implement godot recommendations
2020-05-02 05:06:39 +00:00
// Login one factor.
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
s.doLoginOneFactor(s.T(), s.Context(ctx), username, password, false, BaseDomain, "")
Allow administrator to provide a Google Analytics tracking ID. Providing a GA tracking ID allows administrators to analyze how the portal is used by their users in large environments, i.e., with many users. This will make even more sense when we have users and admins management interfaces.
2019-12-07 16:40:42 +00:00
[CI] Add godot linter (#958) * [CI] Add godot linter * Implement godot recommendations
2020-05-02 05:06:39 +00:00
// Check the user is asked to register a new device.
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
s.WaitElementLocatedByClassName(s.T(), s.Context(ctx), "state-not-registered")
Allow administrator to provide a Google Analytics tracking ID. Providing a GA tracking ID allows administrators to analyze how the portal is used by their users in large environments, i.e., with many users. This will make even more sense when we have users and admins management interfaces.
2019-12-07 16:40:42 +00:00
[CI] Add godot linter (#958) * [CI] Add godot linter * Implement godot recommendations
2020-05-02 05:06:39 +00:00
// Then register the TOTP factor.
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
s.doRegisterTOTP(s.T(), s.Context(ctx))
[CI] Add godot linter (#958) * [CI] Add godot linter * Implement godot recommendations
2020-05-02 05:06:39 +00:00
// And logout.
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
s.doLogout(s.T(), s.Context(ctx))
Allow administrator to provide a Google Analytics tracking ID. Providing a GA tracking ID allows administrators to analyze how the portal is used by their users in large environments, i.e., with many users. This will make even more sense when we have users and admins management interfaces.
2019-12-07 16:40:42 +00:00
[CI] Add godot linter (#958) * [CI] Add godot linter * Implement godot recommendations
2020-05-02 05:06:39 +00:00
// Login one factor again.
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
s.doLoginOneFactor(s.T(), s.Context(ctx), username, password, false, BaseDomain, "")
Allow administrator to provide a Google Analytics tracking ID. Providing a GA tracking ID allows administrators to analyze how the portal is used by their users in large environments, i.e., with many users. This will make even more sense when we have users and admins management interfaces.
2019-12-07 16:40:42 +00:00
refactor: apply godot recommendations (#2839)
2022-01-31 05:25:15 +00:00
// now the user should be asked to perform 2FA.
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
2021-11-05 13:14:42 +00:00
s.WaitElementLocatedByClassName(s.T(), s.Context(ctx), "state-method")
Allow administrator to provide a Google Analytics tracking ID. Providing a GA tracking ID allows administrators to analyze how the portal is used by their users in large environments, i.e., with many users. This will make even more sense when we have users and admins management interfaces.
2019-12-07 16:40:42 +00:00
}
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
type StandaloneSuite struct {
test(suites): load environment into suites (#4762) * test(suites): load environment into suites * test(suites): default setup suite * test(suites): create base suite * test(suites): fix nil ptr * test(suites): add logging * test: fix missing devworkflow path * refactor: apply suggestions * refactor: log * fix: dev workflow requires env file to trigger vite hmr * fix(suites): fix dynamic configuration in dev workflow for all proxies * refactor: apply final suggestions * fix: pass log level to suites * fix(suites): include pathprefix to prevent react router basename issues * fix: missing setup logging calls * fix: gate suite setup funcs * test: fix lint * test: fix tmp dir * fix(suites): fix gitignore of .env.development with vite hmr Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 04:11:05 +00:00
*BaseSuite
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
}
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own.
2019-11-02 14:32:58 +00:00
func NewStandaloneSuite() *StandaloneSuite {
test(suites): load environment into suites (#4762) * test(suites): load environment into suites * test(suites): default setup suite * test(suites): create base suite * test(suites): fix nil ptr * test(suites): add logging * test: fix missing devworkflow path * refactor: apply suggestions * refactor: log * fix: dev workflow requires env file to trigger vite hmr * fix(suites): fix dynamic configuration in dev workflow for all proxies * refactor: apply final suggestions * fix: pass log level to suites * fix(suites): include pathprefix to prevent react router basename issues * fix: missing setup logging calls * fix: gate suite setup funcs * test: fix lint * test: fix tmp dir * fix(suites): fix gitignore of .env.development with vite hmr Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 04:11:05 +00:00
return &StandaloneSuite{
BaseSuite: &BaseSuite{
Name: standaloneSuiteName,
},
}
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
}
perf(authorizer): preload access control lists (#1640) * adjust session refresh to always occur (for disabled users) * feat: adds filtering option for Request Method in ACL's * simplify flow of internal/authorization/authorizer.go's methods * implement query string checking * utilize authorizer.Object fully * make matchers uniform * add tests * add missing request methods * add frontend enhancements to handle request method * add request method to 1FA Handler Suite * add internal ACL representations (preparsing) * expand on access_control next * add docs * remove unnecessary slice for network names and instead just use a plain string * add warning for ineffectual bypass policy (due to subjects) * add user/group wildcard support * fix(authorization): allow subject rules to match anonymous users * feat(api): add new params * docs(api): wording adjustments * test: add request method into testing and proxy docs * test: add several checks and refactor schema validation for ACL * test: add integration test for methods acl * refactor: apply suggestions from code review * docs(authorization): update description
2021-03-05 04:18:31 +00:00
func (s *StandaloneSuite) TestShouldRespectMethodsACL() {
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req, err := http.NewRequest(fasthttp.MethodGet, fmt.Sprintf("%s/api/verify?rd=%s", AutheliaBaseURL, GetLoginBaseURL(BaseDomain)), nil)
perf(authorizer): preload access control lists (#1640) * adjust session refresh to always occur (for disabled users) * feat: adds filtering option for Request Method in ACL's * simplify flow of internal/authorization/authorizer.go's methods * implement query string checking * utilize authorizer.Object fully * make matchers uniform * add tests * add missing request methods * add frontend enhancements to handle request method * add request method to 1FA Handler Suite * add internal ACL representations (preparsing) * expand on access_control next * add docs * remove unnecessary slice for network names and instead just use a plain string * add warning for ineffectual bypass policy (due to subjects) * add user/group wildcard support * fix(authorization): allow subject rules to match anonymous users * feat(api): add new params * docs(api): wording adjustments * test: add request method into testing and proxy docs * test: add several checks and refactor schema validation for ACL * test: add integration test for methods acl * refactor: apply suggestions from code review * docs(authorization): update description
2021-03-05 04:18:31 +00:00
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set("X-Forwarded-Method", fasthttp.MethodGet)
req.Header.Set(fasthttp.HeaderXForwardedProto, "https")
req.Header.Set(fasthttp.HeaderXForwardedHost, fmt.Sprintf("secure.%s", BaseDomain))
perf(authorizer): preload access control lists (#1640) * adjust session refresh to always occur (for disabled users) * feat: adds filtering option for Request Method in ACL's * simplify flow of internal/authorization/authorizer.go's methods * implement query string checking * utilize authorizer.Object fully * make matchers uniform * add tests * add missing request methods * add frontend enhancements to handle request method * add request method to 1FA Handler Suite * add internal ACL representations (preparsing) * expand on access_control next * add docs * remove unnecessary slice for network names and instead just use a plain string * add warning for ineffectual bypass policy (due to subjects) * add user/group wildcard support * fix(authorization): allow subject rules to match anonymous users * feat(api): add new params * docs(api): wording adjustments * test: add request method into testing and proxy docs * test: add several checks and refactor schema validation for ACL * test: add integration test for methods acl * refactor: apply suggestions from code review * docs(authorization): update description
2021-03-05 04:18:31 +00:00
req.Header.Set("X-Forwarded-URI", "/")
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set(fasthttp.HeaderAccept, "text/html; charset=utf8")
perf(authorizer): preload access control lists (#1640) * adjust session refresh to always occur (for disabled users) * feat: adds filtering option for Request Method in ACL's * simplify flow of internal/authorization/authorizer.go's methods * implement query string checking * utilize authorizer.Object fully * make matchers uniform * add tests * add missing request methods * add frontend enhancements to handle request method * add request method to 1FA Handler Suite * add internal ACL representations (preparsing) * expand on access_control next * add docs * remove unnecessary slice for network names and instead just use a plain string * add warning for ineffectual bypass policy (due to subjects) * add user/group wildcard support * fix(authorization): allow subject rules to match anonymous users * feat(api): add new params * docs(api): wording adjustments * test: add request method into testing and proxy docs * test: add several checks and refactor schema validation for ACL * test: add integration test for methods acl * refactor: apply suggestions from code review * docs(authorization): update description
2021-03-05 04:18:31 +00:00
client := NewHTTPClient()
res, err := client.Do(req)
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
s.Assert().Equal(fasthttp.StatusFound, res.StatusCode)
refactor: remove ioutil (#2635) Was deprecated in 1.16 and has more performant options available.
2021-12-01 13:14:15 +00:00
body, err := io.ReadAll(res.Body)
perf(authorizer): preload access control lists (#1640) * adjust session refresh to always occur (for disabled users) * feat: adds filtering option for Request Method in ACL's * simplify flow of internal/authorization/authorizer.go's methods * implement query string checking * utilize authorizer.Object fully * make matchers uniform * add tests * add missing request methods * add frontend enhancements to handle request method * add request method to 1FA Handler Suite * add internal ACL representations (preparsing) * expand on access_control next * add docs * remove unnecessary slice for network names and instead just use a plain string * add warning for ineffectual bypass policy (due to subjects) * add user/group wildcard support * fix(authorization): allow subject rules to match anonymous users * feat(api): add new params * docs(api): wording adjustments * test: add request method into testing and proxy docs * test: add several checks and refactor schema validation for ACL * test: add integration test for methods acl * refactor: apply suggestions from code review * docs(authorization): update description
2021-03-05 04:18:31 +00:00
s.Assert().NoError(err)
urlEncodedAdminURL := url.QueryEscape(SecureBaseURL + "/")
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
s.Assert().Equal(fmt.Sprintf("<a href=\"%s\">302 Found</a>", utils.StringHTMLEscape(fmt.Sprintf("%s/?rd=%s&rm=GET", GetLoginBaseURL(BaseDomain), urlEncodedAdminURL))), string(body))
perf(authorizer): preload access control lists (#1640) * adjust session refresh to always occur (for disabled users) * feat: adds filtering option for Request Method in ACL's * simplify flow of internal/authorization/authorizer.go's methods * implement query string checking * utilize authorizer.Object fully * make matchers uniform * add tests * add missing request methods * add frontend enhancements to handle request method * add request method to 1FA Handler Suite * add internal ACL representations (preparsing) * expand on access_control next * add docs * remove unnecessary slice for network names and instead just use a plain string * add warning for ineffectual bypass policy (due to subjects) * add user/group wildcard support * fix(authorization): allow subject rules to match anonymous users * feat(api): add new params * docs(api): wording adjustments * test: add request method into testing and proxy docs * test: add several checks and refactor schema validation for ACL * test: add integration test for methods acl * refactor: apply suggestions from code review * docs(authorization): update description
2021-03-05 04:18:31 +00:00
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set("X-Forwarded-Method", fasthttp.MethodOptions)
perf(authorizer): preload access control lists (#1640) * adjust session refresh to always occur (for disabled users) * feat: adds filtering option for Request Method in ACL's * simplify flow of internal/authorization/authorizer.go's methods * implement query string checking * utilize authorizer.Object fully * make matchers uniform * add tests * add missing request methods * add frontend enhancements to handle request method * add request method to 1FA Handler Suite * add internal ACL representations (preparsing) * expand on access_control next * add docs * remove unnecessary slice for network names and instead just use a plain string * add warning for ineffectual bypass policy (due to subjects) * add user/group wildcard support * fix(authorization): allow subject rules to match anonymous users * feat(api): add new params * docs(api): wording adjustments * test: add request method into testing and proxy docs * test: add several checks and refactor schema validation for ACL * test: add integration test for methods acl * refactor: apply suggestions from code review * docs(authorization): update description
2021-03-05 04:18:31 +00:00
res, err = client.Do(req)
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
s.Assert().Equal(fasthttp.StatusOK, res.StatusCode)
perf(authorizer): preload access control lists (#1640) * adjust session refresh to always occur (for disabled users) * feat: adds filtering option for Request Method in ACL's * simplify flow of internal/authorization/authorizer.go's methods * implement query string checking * utilize authorizer.Object fully * make matchers uniform * add tests * add missing request methods * add frontend enhancements to handle request method * add request method to 1FA Handler Suite * add internal ACL representations (preparsing) * expand on access_control next * add docs * remove unnecessary slice for network names and instead just use a plain string * add warning for ineffectual bypass policy (due to subjects) * add user/group wildcard support * fix(authorization): allow subject rules to match anonymous users * feat(api): add new params * docs(api): wording adjustments * test: add request method into testing and proxy docs * test: add several checks and refactor schema validation for ACL * test: add integration test for methods acl * refactor: apply suggestions from code review * docs(authorization): update description
2021-03-05 04:18:31 +00:00
}
fix(handlers): send status 303 auth requests that are not get/head (#2184) When a request occurs, if the browser is not performing a HTTP GET/HEAD request, the 302 status code is not valid. This commit resolves this. MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302.
2021-07-16 03:43:48 +00:00
func (s *StandaloneSuite) TestShouldRespondWithCorrectStatusCode() {
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req, err := http.NewRequest(fasthttp.MethodGet, fmt.Sprintf("%s/api/verify?rd=%s", AutheliaBaseURL, GetLoginBaseURL(BaseDomain)), nil)
fix(handlers): send status 303 auth requests that are not get/head (#2184) When a request occurs, if the browser is not performing a HTTP GET/HEAD request, the 302 status code is not valid. This commit resolves this. MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302.
2021-07-16 03:43:48 +00:00
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set("X-Forwarded-Method", fasthttp.MethodGet)
req.Header.Set(fasthttp.HeaderXForwardedProto, "https")
req.Header.Set(fasthttp.HeaderXForwardedHost, fmt.Sprintf("secure.%s", BaseDomain))
fix(handlers): send status 303 auth requests that are not get/head (#2184) When a request occurs, if the browser is not performing a HTTP GET/HEAD request, the 302 status code is not valid. This commit resolves this. MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302.
2021-07-16 03:43:48 +00:00
req.Header.Set("X-Forwarded-URI", "/")
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set(fasthttp.HeaderAccept, "text/html; charset=utf8")
fix(handlers): send status 303 auth requests that are not get/head (#2184) When a request occurs, if the browser is not performing a HTTP GET/HEAD request, the 302 status code is not valid. This commit resolves this. MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302.
2021-07-16 03:43:48 +00:00
client := NewHTTPClient()
res, err := client.Do(req)
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
s.Assert().Equal(fasthttp.StatusFound, res.StatusCode)
refactor: remove ioutil (#2635) Was deprecated in 1.16 and has more performant options available.
2021-12-01 13:14:15 +00:00
body, err := io.ReadAll(res.Body)
fix(handlers): send status 303 auth requests that are not get/head (#2184) When a request occurs, if the browser is not performing a HTTP GET/HEAD request, the 302 status code is not valid. This commit resolves this. MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302.
2021-07-16 03:43:48 +00:00
s.Assert().NoError(err)
urlEncodedAdminURL := url.QueryEscape(SecureBaseURL + "/")
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
s.Assert().Equal(fmt.Sprintf("<a href=\"%s\">302 Found</a>", utils.StringHTMLEscape(fmt.Sprintf("%s/?rd=%s&rm=GET", GetLoginBaseURL(BaseDomain), urlEncodedAdminURL))), string(body))
fix(handlers): send status 303 auth requests that are not get/head (#2184) When a request occurs, if the browser is not performing a HTTP GET/HEAD request, the 302 status code is not valid. This commit resolves this. MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302.
2021-07-16 03:43:48 +00:00
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set("X-Forwarded-Method", fasthttp.MethodPost)
fix(handlers): send status 303 auth requests that are not get/head (#2184) When a request occurs, if the browser is not performing a HTTP GET/HEAD request, the 302 status code is not valid. This commit resolves this. MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302.
2021-07-16 03:43:48 +00:00
res, err = client.Do(req)
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
s.Assert().Equal(fasthttp.StatusSeeOther, res.StatusCode)
refactor: remove ioutil (#2635) Was deprecated in 1.16 and has more performant options available.
2021-12-01 13:14:15 +00:00
body, err = io.ReadAll(res.Body)
fix(handlers): send status 303 auth requests that are not get/head (#2184) When a request occurs, if the browser is not performing a HTTP GET/HEAD request, the 302 status code is not valid. This commit resolves this. MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302.
2021-07-16 03:43:48 +00:00
s.Assert().NoError(err)
urlEncodedAdminURL = url.QueryEscape(SecureBaseURL + "/")
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 10:57:44 +00:00
s.Assert().Equal(fmt.Sprintf("<a href=\"%s\">303 See Other</a>", utils.StringHTMLEscape(fmt.Sprintf("%s/?rd=%s&rm=POST", GetLoginBaseURL(BaseDomain), urlEncodedAdminURL))), string(body))
fix(handlers): send status 303 auth requests that are not get/head (#2184) When a request occurs, if the browser is not performing a HTTP GET/HEAD request, the 302 status code is not valid. This commit resolves this. MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302.
2021-07-16 03:43:48 +00:00
}
[CI] Add godot linter (#958) * [CI] Add godot linter * Implement godot recommendations
2020-05-02 05:06:39 +00:00
// Standard case using nginx.
fix(handlers): handle xhr requests to /api/verify with 401 (#2189) This changes the way XML HTTP requests are handled on the verify endpoint so that they are redirected using a 401 instead of a 302/303.
2021-07-22 03:52:37 +00:00
func (s *StandaloneSuite) TestShouldVerifyAPIVerifyUnauthorized() {
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req, err := http.NewRequest(fasthttp.MethodGet, fmt.Sprintf("%s/api/verify", AutheliaBaseURL), nil)
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set(fasthttp.HeaderXForwardedProto, "https")
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
req.Header.Set("X-Original-URL", AdminBaseURL)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set(fasthttp.HeaderAccept, "text/html; charset=utf8")
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
client := NewHTTPClient()
res, err := client.Do(req)
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
s.Assert().Equal(fasthttp.StatusUnauthorized, res.StatusCode)
refactor: remove ioutil (#2635) Was deprecated in 1.16 and has more performant options available.
2021-12-01 13:14:15 +00:00
body, err := io.ReadAll(res.Body)
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
s.Assert().NoError(err)
refactor(middlewares): factorize responses (#3628)
2022-07-08 12:18:52 +00:00
s.Assert().Equal("401 Unauthorized", string(body))
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
}
[CI] Add godot linter (#958) * [CI] Add godot linter * Implement godot recommendations
2020-05-02 05:06:39 +00:00
// Standard case using Kubernetes.
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
func (s *StandaloneSuite) TestShouldVerifyAPIVerifyRedirectFromXOriginalURL() {
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req, err := http.NewRequest(fasthttp.MethodGet, fmt.Sprintf("%s/api/verify?rd=%s", AutheliaBaseURL, GetLoginBaseURL(BaseDomain)), nil)
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set(fasthttp.HeaderXForwardedProto, "https")
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
req.Header.Set("X-Original-URL", AdminBaseURL)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set(fasthttp.HeaderAccept, "text/html; charset=utf8")
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
client := NewHTTPClient()
res, err := client.Do(req)
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
s.Assert().Equal(fasthttp.StatusFound, res.StatusCode)
refactor: remove ioutil (#2635) Was deprecated in 1.16 and has more performant options available.
2021-12-01 13:14:15 +00:00
body, err := io.ReadAll(res.Body)
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
s.Assert().NoError(err)
Encode URL set to rd parameter. (#559) * Encode URL set to rd parameter. URL encoding that parameter solves PR #476. Some URL parameters set during redirection were magically disappearing after the redirection due to the authentication process. By using URL encoding, those parameters should not be stripped anymore. * Fix integration tests.
2020-01-18 14:57:42 +00:00
urlEncodedAdminURL := url.QueryEscape(AdminBaseURL)
feat(server): customizable authz endpoints (#4296) This allows users to customize the authz endpoints. Closes #2753, Fixes #3716 Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 09:36:40 +00:00
s.Assert().Equal(fmt.Sprintf("<a href=\"%s\">302 Found</a>", utils.StringHTMLEscape(fmt.Sprintf("%s/?rd=%s&rm=GET", GetLoginBaseURL(BaseDomain), urlEncodedAdminURL))), string(body))
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
}
func (s *StandaloneSuite) TestShouldVerifyAPIVerifyRedirectFromXOriginalHostURI() {
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req, err := http.NewRequest(fasthttp.MethodGet, fmt.Sprintf("%s/api/verify?rd=%s", AutheliaBaseURL, GetLoginBaseURL(BaseDomain)), nil)
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set(fasthttp.HeaderXForwardedProto, "https")
req.Header.Set(fasthttp.HeaderXForwardedHost, "secure.example.com:8080")
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
req.Header.Set("X-Forwarded-URI", "/")
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req.Header.Set(fasthttp.HeaderAccept, "text/html; charset=utf8")
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
client := NewHTTPClient()
res, err := client.Do(req)
s.Assert().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
s.Assert().Equal(fasthttp.StatusFound, res.StatusCode)
refactor: remove ioutil (#2635) Was deprecated in 1.16 and has more performant options available.
2021-12-01 13:14:15 +00:00
body, err := io.ReadAll(res.Body)
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
s.Assert().NoError(err)
Encode URL set to rd parameter. (#559) * Encode URL set to rd parameter. URL encoding that parameter solves PR #476. Some URL parameters set during redirection were magically disappearing after the redirection due to the authentication process. By using URL encoding, those parameters should not be stripped anymore. * Fix integration tests.
2020-01-18 14:57:42 +00:00
urlEncodedAdminURL := url.QueryEscape(SecureBaseURL + "/")
feat(server): customizable authz endpoints (#4296) This allows users to customize the authz endpoints. Closes #2753, Fixes #3716 Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 09:36:40 +00:00
s.Assert().Equal(fmt.Sprintf("<a href=\"%s\">302 Found</a>", utils.StringHTMLEscape(fmt.Sprintf("%s/?rd=%s&rm=GET", GetLoginBaseURL(BaseDomain), urlEncodedAdminURL))), string(body))
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
}
feat(metrics): implement prometheus metrics (#3234) Adds ability to record metrics and gather them for Prometheus.
2022-06-14 07:20:13 +00:00
func (s *StandaloneSuite) TestShouldRecordMetrics() {
client := NewHTTPClient()
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req, err := http.NewRequest(fasthttp.MethodGet, fmt.Sprintf("%s/api/health", LoginBaseURL), nil)
feat(metrics): implement prometheus metrics (#3234) Adds ability to record metrics and gather them for Prometheus.
2022-06-14 07:20:13 +00:00
s.Require().NoError(err)
res, err := client.Do(req)
s.Require().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
s.Assert().Equal(fasthttp.StatusOK, fasthttp.StatusOK, res.StatusCode)
feat(metrics): implement prometheus metrics (#3234) Adds ability to record metrics and gather them for Prometheus.
2022-06-14 07:20:13 +00:00
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
req, err = http.NewRequest(fasthttp.MethodGet, fmt.Sprintf("%s/metrics", LoginBaseURL), nil)
feat(metrics): implement prometheus metrics (#3234) Adds ability to record metrics and gather them for Prometheus.
2022-06-14 07:20:13 +00:00
s.Require().NoError(err)
res, err = client.Do(req)
s.Require().NoError(err)
refactor: http verbs etc (#5248) Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 05:03:14 +00:00
s.Assert().Equal(fasthttp.StatusOK, res.StatusCode)
feat(metrics): implement prometheus metrics (#3234) Adds ability to record metrics and gather them for Prometheus.
2022-06-14 07:20:13 +00:00
body, err := io.ReadAll(res.Body)
s.Require().NoError(err)
metrics := string(body)
refactor(metrics): simplify names (#3515)
2022-06-14 11:51:33 +00:00
s.Assert().Contains(metrics, "authelia_request_duration_bucket{")
s.Assert().Contains(metrics, "authelia_request_duration_sum{")
feat(metrics): implement prometheus metrics (#3234) Adds ability to record metrics and gather them for Prometheus.
2022-06-14 07:20:13 +00:00
}
Be able to run scenarii in isolation for each suite.
2019-12-05 21:35:03 +00:00
func (s *StandaloneSuite) TestStandaloneWebDriverScenario() {
suite.Run(s.T(), NewStandaloneWebDriverSuite())
}
test: add redis restart test back to traefik2 suite (#3298) * test: add redis restart test back to traefik2 suite * refactor(suites): mustpress -> mustinput for totp * refactor(suites): rename suites for test ordering
2022-05-04 01:01:36 +00:00
func (s *StandaloneSuite) Test1FAScenario() {
suite.Run(s.T(), New1FAScenario())
Be able to run scenarii in isolation for each suite.
2019-12-05 21:35:03 +00:00
}
test: add redis restart test back to traefik2 suite (#3298) * test: add redis restart test back to traefik2 suite * refactor(suites): mustpress -> mustinput for totp * refactor(suites): rename suites for test ordering
2022-05-04 01:01:36 +00:00
func (s *StandaloneSuite) Test2FAScenario() {
suite.Run(s.T(), New2FAScenario())
Be able to run scenarii in isolation for each suite.
2019-12-05 21:35:03 +00:00
}
func (s *StandaloneSuite) TestBypassPolicyScenario() {
suite.Run(s.T(), NewBypassPolicyScenario())
}
func (s *StandaloneSuite) TestBackendProtectionScenario() {
suite.Run(s.T(), NewBackendProtectionScenario())
}
func (s *StandaloneSuite) TestResetPasswordScenario() {
suite.Run(s.T(), NewResetPasswordScenario())
}
feat(server): handle head method (#5003) This implements some HEAD method handlers for various static resources and the /api/health endpoint.
2023-02-28 09:01:09 +00:00
func (s *StandaloneSuite) TestRequestMethodScenario() {
suite.Run(s.T(), NewRequestMethodScenario())
}
Be able to run scenarii in isolation for each suite.
2019-12-05 21:35:03 +00:00
func (s *StandaloneSuite) TestAvailableMethodsScenario() {
feat: webauthn (#2707) This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless.
2022-03-03 11:20:43 +00:00
suite.Run(s.T(), NewAvailableMethodsScenario([]string{"TIME-BASED ONE-TIME PASSWORD", "SECURITY KEY - WEBAUTHN"}))
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own.
2019-11-02 14:32:58 +00:00
}
Encode URL set to rd parameter. (#559) * Encode URL set to rd parameter. URL encoding that parameter solves PR #476. Some URL parameters set during redirection were magically disappearing after the redirection due to the authentication process. By using URL encoding, those parameters should not be stripped anymore. * Fix integration tests.
2020-01-18 14:57:42 +00:00
func (s *StandaloneSuite) TestRedirectionURLScenario() {
suite.Run(s.T(), NewRedirectionURLScenario())
}
fix(handlers): logout redirection validation (#1908)
2021-04-13 08:38:12 +00:00
func (s *StandaloneSuite) TestRedirectionCheckScenario() {
suite.Run(s.T(), NewRedirectionCheckScenario())
}
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own.
2019-11-02 14:32:58 +00:00
func TestStandaloneSuite(t *testing.T) {
test(suites): short mode skip suites testing (#1823) This PR changes the suites tests so if go test -short is used, they are skipped per go standards and a message is displayed. Additionally removed some redundant types from suite_high_availability_test.go and adjusted a warning about a nil req var.
2021-03-14 07:08:26 +00:00
if testing.Short() {
t.Skip("skipping suite test in short mode")
}
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
suite.Run(t, NewStandaloneSuite())
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own.
2019-11-02 14:32:58 +00:00
}