authelia/internal/suites/suite_network_acl_test.go

package suites

import (
	"context"
	"fmt"
	"log"
	"testing"
	"time"

	"github.com/stretchr/testify/suite"
)

type NetworkACLSuite struct {
	suite.Suite

	clients []*WebDriverSession
}

func NewNetworkACLSuite() *NetworkACLSuite {
	return &NetworkACLSuite{clients: make([]*WebDriverSession, 3)}
}

func (s *NetworkACLSuite) createClient(idx int) {
	wds, err := StartWebDriverWithProxy(fmt.Sprintf("http://proxy-client%d.example.com:3128", idx), 4444+idx)

	if err != nil {
		log.Fatal(err)
	}

	s.clients[idx] = wds
}

func (s *NetworkACLSuite) teardownClient(idx int) {
	if err := s.clients[idx].Stop(); err != nil {
		log.Fatal(err)
	}
}

func (s *NetworkACLSuite) SetupSuite() {
	wds, err := StartWebDriver()
	if err != nil {
		log.Fatal(err)
	}
	s.clients[0] = wds

	for i := 1; i <= 2; i++ {
		s.createClient(i)
	}
}

func (s *NetworkACLSuite) TearDownSuite() {
	if err := s.clients[0].Stop(); err != nil {
		log.Fatal(err)
	}
	for i := 1; i <= 2; i++ {
		s.teardownClient(i)
	}
}

func (s *NetworkACLSuite) TestShouldAccessSecretUpon2FA() {
	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
	defer cancel()

	targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)
	secret := s.clients[0].doRegisterThenLogout(ctx, s.T(), "john", "password")

	s.clients[0].doVisit(s.T(), targetURL)
	s.clients[0].verifyIsFirstFactorPage(ctx, s.T())

	s.clients[0].doLoginOneFactor(ctx, s.T(), "john", "password", false, targetURL)
	s.clients[0].verifyIsSecondFactorPage(ctx, s.T())
	s.clients[0].doValidateTOTP(ctx, s.T(), secret)

	s.clients[0].verifySecretAuthorized(ctx, s.T())
}

// from network 192.168.240.201/32
func (s *NetworkACLSuite) TestShouldAccessSecretUpon1FA() {
	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
	defer cancel()

	targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)
	s.clients[1].doVisit(s.T(), targetURL)
	s.clients[1].verifyIsFirstFactorPage(ctx, s.T())

	s.clients[1].doLoginOneFactor(ctx, s.T(), "john", "password",
		false, fmt.Sprintf("%s/secret.html", SecureBaseURL))
	s.clients[1].verifySecretAuthorized(ctx, s.T())
}

// from network 192.168.240.202/32
func (s *NetworkACLSuite) TestShouldAccessSecretUpon0FA() {
	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
	defer cancel()

	s.clients[2].doVisit(s.T(), fmt.Sprintf("%s/secret.html", SecureBaseURL))
	s.clients[2].verifySecretAuthorized(ctx, s.T())
}

func TestNetworkACLSuite(t *testing.T) {
	suite.Run(t, NewNetworkACLSuite())
}
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own. 2019-11-02 14:32:58 +00:00			`package suites`

			`import (`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`"context"`
			`"fmt"`
			`"log"`
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own. 2019-11-02 14:32:58 +00:00			`"testing"`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`"time"`

			`"github.com/stretchr/testify/suite"`
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own. 2019-11-02 14:32:58 +00:00			`)`

			`type NetworkACLSuite struct {`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`suite.Suite`

			`clients []*WebDriverSession`
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own. 2019-11-02 14:32:58 +00:00			`}`

			`func NewNetworkACLSuite() *NetworkACLSuite {`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`return &NetworkACLSuite{clients: make([]*WebDriverSession, 3)}`
			`}`

			`func (s *NetworkACLSuite) createClient(idx int) {`
			`wds, err := StartWebDriverWithProxy(fmt.Sprintf("http://proxy-client%d.example.com:3128", idx), 4444+idx)`

			`if err != nil {`
			`log.Fatal(err)`
			`}`

			`s.clients[idx] = wds`
			`}`

			`func (s *NetworkACLSuite) teardownClient(idx int) {`
			`if err := s.clients[idx].Stop(); err != nil {`
			`log.Fatal(err)`
			`}`
			`}`

			`func (s *NetworkACLSuite) SetupSuite() {`
			`wds, err := StartWebDriver()`
			`if err != nil {`
			`log.Fatal(err)`
			`}`
			`s.clients[0] = wds`

			`for i := 1; i <= 2; i++ {`
			`s.createClient(i)`
			`}`
			`}`

			`func (s *NetworkACLSuite) TearDownSuite() {`
			`if err := s.clients[0].Stop(); err != nil {`
			`log.Fatal(err)`
			`}`
			`for i := 1; i <= 2; i++ {`
			`s.teardownClient(i)`
			`}`
			`}`

			`func (s *NetworkACLSuite) TestShouldAccessSecretUpon2FA() {`
			`ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)`
			`defer cancel()`

			`targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)`
			`secret := s.clients[0].doRegisterThenLogout(ctx, s.T(), "john", "password")`

			`s.clients[0].doVisit(s.T(), targetURL)`
			`s.clients[0].verifyIsFirstFactorPage(ctx, s.T())`

			`s.clients[0].doLoginOneFactor(ctx, s.T(), "john", "password", false, targetURL)`
			`s.clients[0].verifyIsSecondFactorPage(ctx, s.T())`
			`s.clients[0].doValidateTOTP(ctx, s.T(), secret)`

			`s.clients[0].verifySecretAuthorized(ctx, s.T())`
			`}`

			`// from network 192.168.240.201/32`
			`func (s *NetworkACLSuite) TestShouldAccessSecretUpon1FA() {`
			`ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)`
			`defer cancel()`

			`targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)`
			`s.clients[1].doVisit(s.T(), targetURL)`
			`s.clients[1].verifyIsFirstFactorPage(ctx, s.T())`

			`s.clients[1].doLoginOneFactor(ctx, s.T(), "john", "password",`
			`false, fmt.Sprintf("%s/secret.html", SecureBaseURL))`
			`s.clients[1].verifySecretAuthorized(ctx, s.T())`
			`}`

			`// from network 192.168.240.202/32`
			`func (s *NetworkACLSuite) TestShouldAccessSecretUpon0FA() {`
			`ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)`
			`defer cancel()`

			`s.clients[2].doVisit(s.T(), fmt.Sprintf("%s/secret.html", SecureBaseURL))`
			`s.clients[2].verifySecretAuthorized(ctx, s.T())`
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own. 2019-11-02 14:32:58 +00:00			`}`

			`func TestNetworkACLSuite(t *testing.T) {`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`suite.Run(t, NewNetworkACLSuite())`
Declare suites as Go structs and bootstrap e2e test framework in Go. Some tests are not fully rewritten in Go, a typescript wrapper is called instead until we remove the remaining TS tests and dependencies. Also, dockerize every components (mainly Authelia backend, frontend and kind) so that the project does not interfere with user host anymore (open ports for instance). The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts. It will soon be avoided using authelia.com domain that I own. 2019-11-02 14:32:58 +00:00			`}`