2019-11-24 20:27:59 +00:00
|
|
|
package suites
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2019-11-30 16:49:52 +00:00
|
|
|
"encoding/json"
|
2019-11-24 20:27:59 +00:00
|
|
|
"fmt"
|
|
|
|
"log"
|
2019-11-30 16:49:52 +00:00
|
|
|
"strings"
|
2019-11-24 20:27:59 +00:00
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
2023-01-03 13:36:28 +00:00
|
|
|
mapset "github.com/deckarep/golang-set/v2"
|
2019-11-24 20:27:59 +00:00
|
|
|
"github.com/stretchr/testify/suite"
|
|
|
|
)
|
|
|
|
|
|
|
|
type CustomHeadersScenario struct {
|
2021-11-05 13:14:42 +00:00
|
|
|
*RodSuite
|
2019-11-24 20:27:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func NewCustomHeadersScenario() *CustomHeadersScenario {
|
|
|
|
return &CustomHeadersScenario{
|
2021-11-05 13:14:42 +00:00
|
|
|
RodSuite: new(RodSuite),
|
2019-11-24 20:27:59 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *CustomHeadersScenario) SetupSuite() {
|
2021-11-05 13:14:42 +00:00
|
|
|
browser, err := StartRod()
|
2019-11-24 20:27:59 +00:00
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
|
2021-11-05 13:14:42 +00:00
|
|
|
s.RodSession = browser
|
2019-11-24 20:27:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *CustomHeadersScenario) TearDownSuite() {
|
2021-11-05 13:14:42 +00:00
|
|
|
err := s.RodSession.Stop()
|
2019-11-24 20:27:59 +00:00
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *CustomHeadersScenario) SetupTest() {
|
2021-11-05 13:14:42 +00:00
|
|
|
s.Page = s.doCreateTab(s.T(), HomeBaseURL)
|
|
|
|
s.verifyIsHome(s.T(), s.Page)
|
|
|
|
}
|
2019-11-24 20:27:59 +00:00
|
|
|
|
2021-11-05 13:14:42 +00:00
|
|
|
func (s *CustomHeadersScenario) TearDownTest() {
|
|
|
|
s.collectCoverage(s.Page)
|
|
|
|
s.MustClose()
|
2019-11-24 20:27:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *CustomHeadersScenario) TestShouldNotForwardCustomHeaderForUnauthenticatedUser() {
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
2021-11-05 13:14:42 +00:00
|
|
|
defer func() {
|
|
|
|
cancel()
|
|
|
|
s.collectScreenshot(ctx.Err(), s.Page)
|
|
|
|
}()
|
2019-11-24 20:27:59 +00:00
|
|
|
|
2021-11-05 13:14:42 +00:00
|
|
|
s.doVisit(s.T(), s.Context(ctx), fmt.Sprintf("%s/headers", PublicBaseURL))
|
2019-11-24 20:27:59 +00:00
|
|
|
|
2021-11-05 13:14:42 +00:00
|
|
|
body, err := s.Context(ctx).Element("body")
|
2019-11-24 20:27:59 +00:00
|
|
|
s.Assert().NoError(err)
|
2020-05-06 01:50:37 +00:00
|
|
|
|
|
|
|
b, err := body.Text()
|
|
|
|
s.Assert().NoError(err)
|
|
|
|
s.Assert().NotContains(b, "john")
|
|
|
|
s.Assert().NotContains(b, "admins")
|
2020-10-26 11:38:08 +00:00
|
|
|
s.Assert().NotContains(b, "John Doe")
|
|
|
|
s.Assert().NotContains(b, "john.doe@authelia.com")
|
2019-11-24 20:27:59 +00:00
|
|
|
}
|
|
|
|
|
2019-11-30 16:49:52 +00:00
|
|
|
type Headers struct {
|
2020-10-26 11:38:08 +00:00
|
|
|
ForwardedEmail string `json:"Remote-Email"`
|
2020-05-06 01:50:37 +00:00
|
|
|
ForwardedGroups string `json:"Remote-Groups"`
|
2020-10-26 11:38:08 +00:00
|
|
|
ForwardedName string `json:"Remote-Name"`
|
2020-05-06 01:50:37 +00:00
|
|
|
ForwardedUser string `json:"Remote-User"`
|
2019-11-30 16:49:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type HeadersPayload struct {
|
|
|
|
Headers Headers `json:"headers"`
|
|
|
|
}
|
|
|
|
|
2019-11-24 20:27:59 +00:00
|
|
|
func (s *CustomHeadersScenario) TestShouldForwardCustomHeaderForAuthenticatedUser() {
|
2021-11-05 13:14:42 +00:00
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
|
|
defer func() {
|
|
|
|
cancel()
|
|
|
|
s.collectScreenshot(ctx.Err(), s.Page)
|
|
|
|
}()
|
2019-11-24 20:27:59 +00:00
|
|
|
|
2023-01-03 13:36:28 +00:00
|
|
|
expectedGroups := mapset.NewSet("dev", "admins")
|
2019-11-30 16:49:52 +00:00
|
|
|
|
2019-11-24 20:27:59 +00:00
|
|
|
targetURL := fmt.Sprintf("%s/headers", PublicBaseURL)
|
2023-01-12 10:57:44 +00:00
|
|
|
s.doLoginOneFactor(s.T(), s.Context(ctx), "john", "password", false, BaseDomain, targetURL)
|
2021-11-05 13:14:42 +00:00
|
|
|
s.verifyIsPublic(s.T(), s.Context(ctx))
|
|
|
|
|
|
|
|
body, err := s.Context(ctx).Element("body")
|
|
|
|
s.Assert().NoError(err)
|
|
|
|
s.Assert().NotNil(body)
|
|
|
|
|
|
|
|
content, err := body.Text()
|
|
|
|
s.Assert().NoError(err)
|
|
|
|
s.Assert().NotNil(content)
|
|
|
|
|
|
|
|
payload := HeadersPayload{}
|
|
|
|
if err := json.Unmarshal([]byte(content), &payload); err != nil {
|
|
|
|
log.Panic(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
groups := strings.Split(payload.Headers.ForwardedGroups, ",")
|
2023-01-03 13:36:28 +00:00
|
|
|
actualGroups := mapset.NewSet[string]()
|
2021-11-05 13:14:42 +00:00
|
|
|
|
|
|
|
for _, group := range groups {
|
|
|
|
actualGroups.Add(group)
|
|
|
|
}
|
|
|
|
|
|
|
|
if strings.Contains(payload.Headers.ForwardedUser, "john") && expectedGroups.Equal(actualGroups) &&
|
|
|
|
strings.Contains(payload.Headers.ForwardedName, "John Doe") && strings.Contains(payload.Headers.ForwardedEmail, "john.doe@authelia.com") {
|
|
|
|
err = nil
|
|
|
|
} else {
|
|
|
|
err = fmt.Errorf("headers do not include user information")
|
|
|
|
}
|
|
|
|
|
|
|
|
s.Require().NoError(err)
|
2019-11-24 20:27:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestCustomHeadersScenario(t *testing.T) {
|
2021-03-14 07:08:26 +00:00
|
|
|
if testing.Short() {
|
|
|
|
t.Skip("skipping suite test in short mode")
|
|
|
|
}
|
|
|
|
|
2019-11-24 20:27:59 +00:00
|
|
|
suite.Run(t, NewCustomHeadersScenario())
|
|
|
|
}
|