authelia/test/features/redirection.feature

Feature: User is correctly redirected 

  Scenario: User is redirected to authelia when he is not authenticated
    When I visit "https://public.test.local:8080"
    Then I'm redirected to "https://auth.test.local:8080/?redirect=https%3A%2F%2Fpublic.test.local%3A8080%2F"

  @need-registered-user-john
  Scenario: User is redirected to home page after several authentication tries
    When I visit "https://public.test.local:8080/secret.html"
    And I login with user "john" and password "badpassword"
    And I wait for notification to disappear
    And I clear field "username"
    And I login with user "john" and password "password" 
    And I use "REGISTERED" as TOTP token handle
    And I click on "TOTP"
    Then I'm redirected to "https://public.test.local:8080/secret.html"

  Scenario: User Harry does not have access to admin domain and thus he must get an error 403
    When I register TOTP and login with user "harry" and password "password"
    And I visit "https://admin.test.local:8080/secret.html"
    Then I get an error 403

  Scenario: Redirection URL is propagated from restricted page to first factor
    When I visit "https://public.test.local:8080/secret.html"
    Then I'm redirected to "https://auth.test.local:8080/?redirect=https%3A%2F%2Fpublic.test.local%3A8080%2Fsecret.html"

  Scenario: Redirection URL is propagated from first factor to second factor
    Given I visit "https://auth.test.local:8080/"
    And I login with user "john" and password "password"
    And I register a TOTP secret called "Sec0"
    When I visit "https://public.test.local:8080/secret.html"
    And I login with user "john" and password "password"
    Then I'm redirected to "https://auth.test.local:8080/secondfactor?redirect=https%3A%2F%2Fpublic.test.local%3A8080%2Fsecret.html"

  Scenario: Redirection URL is used to send user from second factor to target page
    Given I visit "https://auth.test.local:8080/"
    And I login with user "john" and password "password"
    And I register a TOTP secret called "Sec0"
    When I visit "https://public.test.local:8080/secret.html"
    And I login with user "john" and password "password"
    And I use "Sec0" as TOTP token handle
    And I click on "TOTP"
    Then I'm redirected to "https://public.test.local:8080/secret.html"
Wait for notifications to fade out before going forward in integration test steps. 2017-09-03 13:02:38 +00:00			`Feature: User is correctly redirected`
Replace mocha integration tests by cucumber tests 2017-07-26 21:45:26 +00:00
Fix redirection after authentication and error page when accessing restricted pages 2017-08-02 22:30:41 +00:00			`Scenario: User is redirected to authelia when he is not authenticated`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`When I visit "https://public.test.local:8080"`
Disable second factor for certain subdomain 2017-09-24 21:19:03 +00:00			`Then I'm redirected to "https://auth.test.local:8080/?redirect=https%3A%2F%2Fpublic.test.local%3A8080%2F"`
Replace mocha integration tests by cucumber tests 2017-07-26 21:45:26 +00:00
Add logs to detect redis connection issues earlier Before this fix, the application was simply crashing during execution when connection to redis was failing. Now, it is correctly handled with failing promises and logs have been enabled to clearly see the problem 2017-09-21 20:07:34 +00:00			`@need-registered-user-john`
Fix redirection after authentication and error page when accessing restricted pages 2017-08-02 22:30:41 +00:00			`Scenario: User is redirected to home page after several authentication tries`
Add logs to detect redis connection issues earlier Before this fix, the application was simply crashing during execution when connection to redis was failing. Now, it is correctly handled with failing promises and logs have been enabled to clearly see the problem 2017-09-21 20:07:34 +00:00			`When I visit "https://public.test.local:8080/secret.html"`
			`And I login with user "john" and password "badpassword"`
Fix randomness with integration tests The notification message pops up and hide after few seconds. Sometimes, chrome drivers tries to click on a button that moves due to the notification message animation and thus miss it. 2017-10-08 14:28:10 +00:00			`And I wait for notification to disappear`
Fix redirection after authentication and error page when accessing restricted pages 2017-08-02 22:30:41 +00:00			`And I clear field "username"`
			`And I login with user "john" and password "password"`
Add logs to detect redis connection issues earlier Before this fix, the application was simply crashing during execution when connection to redis was failing. Now, it is correctly handled with failing promises and logs have been enabled to clearly see the problem 2017-09-21 20:07:34 +00:00			`And I use "REGISTERED" as TOTP token handle`
Fix redirection after authentication and error page when accessing restricted pages 2017-08-02 22:30:41 +00:00			`And I click on "TOTP"`
			`Then I'm redirected to "https://public.test.local:8080/secret.html"`

Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`Scenario: User Harry does not have access to admin domain and thus he must get an error 403`
Fix redirection after authentication and error page when accessing restricted pages 2017-08-02 22:30:41 +00:00			`When I register TOTP and login with user "harry" and password "password"`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`And I visit "https://admin.test.local:8080/secret.html"`
Add redirection URL as a query parameter during authentication Before this fix, the redirection URL was stored in the user session, but this has a big drawback since user could open several pages in browser and thus override the redirection URL leading the user to be incorrectly redirected. 2017-09-22 15:53:18 +00:00			`Then I get an error 403`

			`Scenario: Redirection URL is propagated from restricted page to first factor`
			`When I visit "https://public.test.local:8080/secret.html"`
			`Then I'm redirected to "https://auth.test.local:8080/?redirect=https%3A%2F%2Fpublic.test.local%3A8080%2Fsecret.html"`

			`Scenario: Redirection URL is propagated from first factor to second factor`
			`Given I visit "https://auth.test.local:8080/"`
			`And I login with user "john" and password "password"`
			`And I register a TOTP secret called "Sec0"`
			`When I visit "https://public.test.local:8080/secret.html"`
			`And I login with user "john" and password "password"`
			`Then I'm redirected to "https://auth.test.local:8080/secondfactor?redirect=https%3A%2F%2Fpublic.test.local%3A8080%2Fsecret.html"`

			`Scenario: Redirection URL is used to send user from second factor to target page`
			`Given I visit "https://auth.test.local:8080/"`
			`And I login with user "john" and password "password"`
			`And I register a TOTP secret called "Sec0"`
			`When I visit "https://public.test.local:8080/secret.html"`
			`And I login with user "john" and password "password"`
			`And I use "Sec0" as TOTP token handle`
			`And I click on "TOTP"`
Add logs to detect redis connection issues earlier Before this fix, the application was simply crashing during execution when connection to redis was failing. Now, it is correctly handled with failing promises and logs have been enabled to clearly see the problem 2017-09-21 20:07:34 +00:00			`Then I'm redirected to "https://public.test.local:8080/secret.html"`