authelia/internal/suites/scenario_reset_password_tes...

package suites

import (
	"context"
	"log"
	"testing"
	"time"

	"github.com/stretchr/testify/suite"
)

type ResetPasswordScenario struct {
	*RodSuite
}

func NewResetPasswordScenario() *ResetPasswordScenario {
	return &ResetPasswordScenario{RodSuite: NewRodSuite("")}
}

func (s *ResetPasswordScenario) SetupSuite() {
	browser, err := StartRod()

	if err != nil {
		log.Fatal(err)
	}

	s.RodSession = browser
}

func (s *ResetPasswordScenario) TearDownSuite() {
	err := s.RodSession.Stop()

	if err != nil {
		log.Fatal(err)
	}
}

func (s *ResetPasswordScenario) SetupTest() {
	s.Page = s.doCreateTab(s.T(), HomeBaseURL)
	s.verifyIsHome(s.T(), s.Page)
}

func (s *ResetPasswordScenario) TearDownTest() {
	s.collectCoverage(s.Page)
	s.MustClose()
}

func (s *ResetPasswordScenario) TestShouldResetPassword() {
	ctx, cancel := context.WithTimeout(context.Background(), 45*time.Second)
	defer func() {
		cancel()
		s.collectScreenshot(ctx.Err(), s.Page)
	}()

	s.doVisit(s.T(), s.Context(ctx), GetLoginBaseURL(BaseDomain))
	s.verifyIsFirstFactorPage(s.T(), s.Context(ctx))

	// Reset the password to abc.
	s.doResetPassword(s.T(), s.Context(ctx), "john", "abc", "abc", false)

	// Try to login with the old password.
	s.doLoginOneFactor(s.T(), s.Context(ctx), "john", "password", false, BaseDomain, "")
	s.verifyNotificationDisplayed(s.T(), s.Context(ctx), "Incorrect username or password.")

	// Try to login with the new password.
	s.doLoginOneFactor(s.T(), s.Context(ctx), "john", "abc", false, BaseDomain, "")

	// Logout.
	s.doLogout(s.T(), s.Context(ctx))

	// Reset the original password.
	s.doResetPassword(s.T(), s.Context(ctx), "john", "password", "password", false)
}

func (s *ResetPasswordScenario) TestShouldMakeAttackerThinkPasswordResetIsInitiated() {
	ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
	defer func() {
		cancel()
		s.collectScreenshot(ctx.Err(), s.Page)
	}()

	s.doVisit(s.T(), s.Context(ctx), GetLoginBaseURL(BaseDomain))
	s.verifyIsFirstFactorPage(s.T(), s.Context(ctx))

	// Try to initiate a password reset of an nonexistent user.
	s.doInitiatePasswordReset(s.T(), s.Context(ctx), "i_dont_exist")

	// Check that the notification make the attacker thinks the process is initiated.
	s.verifyMailNotificationDisplayed(s.T(), s.Context(ctx))
}

func (s *ResetPasswordScenario) TestShouldLetUserNoticeThereIsAPasswordMismatch() {
	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
	defer func() {
		cancel()
		s.collectScreenshot(ctx.Err(), s.Page)
	}()

	s.doVisit(s.T(), s.Context(ctx), GetLoginBaseURL(BaseDomain))
	s.verifyIsFirstFactorPage(s.T(), s.Context(ctx))

	s.doInitiatePasswordReset(s.T(), s.Context(ctx), "john")
	s.verifyMailNotificationDisplayed(s.T(), s.Context(ctx))

	s.doCompletePasswordReset(s.T(), s.Context(ctx), "password", "another_password")
	s.verifyNotificationDisplayed(s.T(), s.Context(ctx), "Passwords do not match.")
}

func TestRunResetPasswordScenario(t *testing.T) {
	if testing.Short() {
		t.Skip("skipping suite test in short mode")
	}

	suite.Run(t, NewResetPasswordScenario())
}
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`package suites`

			`import (`
			`"context"`
			`"log"`
			`"testing"`
			`"time"`

			`"github.com/stretchr/testify/suite"`
			`)`

			`type ResetPasswordScenario struct {`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`*RodSuite`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`}`

			`func NewResetPasswordScenario() *ResetPasswordScenario {`
test(suites): load environment into suites (#4762) * test(suites): load environment into suites * test(suites): default setup suite * test(suites): create base suite * test(suites): fix nil ptr * test(suites): add logging * test: fix missing devworkflow path * refactor: apply suggestions * refactor: log * fix: dev workflow requires env file to trigger vite hmr * fix(suites): fix dynamic configuration in dev workflow for all proxies * refactor: apply final suggestions * fix: pass log level to suites * fix(suites): include pathprefix to prevent react router basename issues * fix: missing setup logging calls * fix: gate suite setup funcs * test: fix lint * test: fix tmp dir * fix(suites): fix gitignore of .env.development with vite hmr Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2023-01-25 04:11:05 +00:00			`return &ResetPasswordScenario{RodSuite: NewRodSuite("")}`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`}`

			`func (s *ResetPasswordScenario) SetupSuite() {`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`browser, err := StartRod()`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
			`if err != nil {`
			`log.Fatal(err)`
			`}`

refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.RodSession = browser`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`}`

			`func (s *ResetPasswordScenario) TearDownSuite() {`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`err := s.RodSession.Stop()`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
			`if err != nil {`
			`log.Fatal(err)`
			`}`
			`}`

			`func (s *ResetPasswordScenario) SetupTest() {`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.Page = s.doCreateTab(s.T(), HomeBaseURL)`
			`s.verifyIsHome(s.T(), s.Page)`
			`}`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`func (s *ResetPasswordScenario) TearDownTest() {`
			`s.collectCoverage(s.Page)`
			`s.MustClose()`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`}`

			`func (s *ResetPasswordScenario) TestShouldResetPassword() {`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`ctx, cancel := context.WithTimeout(context.Background(), 45*time.Second)`
			`defer func() {`
			`cancel()`
			`s.collectScreenshot(ctx.Err(), s.Page)`
			`}()`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2023-01-12 10:57:44 +00:00			`s.doVisit(s.T(), s.Context(ctx), GetLoginBaseURL(BaseDomain))`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.verifyIsFirstFactorPage(s.T(), s.Context(ctx))`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
refactor: apply godot recommendations (#2839) 2022-01-31 05:25:15 +00:00			`// Reset the password to abc.`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.doResetPassword(s.T(), s.Context(ctx), "john", "abc", "abc", false)`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
refactor: apply godot recommendations (#2839) 2022-01-31 05:25:15 +00:00			`// Try to login with the old password.`
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2023-01-12 10:57:44 +00:00			`s.doLoginOneFactor(s.T(), s.Context(ctx), "john", "password", false, BaseDomain, "")`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.verifyNotificationDisplayed(s.T(), s.Context(ctx), "Incorrect username or password.")`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
refactor: apply godot recommendations (#2839) 2022-01-31 05:25:15 +00:00			`// Try to login with the new password.`
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2023-01-12 10:57:44 +00:00			`s.doLoginOneFactor(s.T(), s.Context(ctx), "john", "abc", false, BaseDomain, "")`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
refactor: apply godot recommendations (#2839) 2022-01-31 05:25:15 +00:00			`// Logout.`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.doLogout(s.T(), s.Context(ctx))`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
refactor: apply godot recommendations (#2839) 2022-01-31 05:25:15 +00:00			`// Reset the original password.`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.doResetPassword(s.T(), s.Context(ctx), "john", "password", "password", false)`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`}`

			`func (s *ResetPasswordScenario) TestShouldMakeAttackerThinkPasswordResetIsInitiated() {`
			`ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`defer func() {`
			`cancel()`
			`s.collectScreenshot(ctx.Err(), s.Page)`
			`}()`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2023-01-12 10:57:44 +00:00			`s.doVisit(s.T(), s.Context(ctx), GetLoginBaseURL(BaseDomain))`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.verifyIsFirstFactorPage(s.T(), s.Context(ctx))`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
Misc Spelling Corrections - Mostly changes to spelling of comments/docs/displayed text - A few changes to test function names 2020-01-21 00:10:00 +00:00			`// Try to initiate a password reset of an nonexistent user.`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.doInitiatePasswordReset(s.T(), s.Context(ctx), "i_dont_exist")`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
refactor: apply godot recommendations (#2839) 2022-01-31 05:25:15 +00:00			`// Check that the notification make the attacker thinks the process is initiated.`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.verifyMailNotificationDisplayed(s.T(), s.Context(ctx))`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`}`

			`func (s *ResetPasswordScenario) TestShouldLetUserNoticeThereIsAPasswordMismatch() {`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)`
			`defer func() {`
			`cancel()`
			`s.collectScreenshot(ctx.Err(), s.Page)`
			`}()`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
feat(session): multiple session cookie domains (#3754) This adds support to configure multiple session cookie domains. Closes #1198 Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com> Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2023-01-12 10:57:44 +00:00			`s.doVisit(s.T(), s.Context(ctx), GetLoginBaseURL(BaseDomain))`
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.verifyIsFirstFactorPage(s.T(), s.Context(ctx))`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.doInitiatePasswordReset(s.T(), s.Context(ctx), "john")`
			`s.verifyMailNotificationDisplayed(s.T(), s.Context(ctx))`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00
refactor(suites): replace selenium with go-rod (#2534) * refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives. 2021-11-05 13:14:42 +00:00			`s.doCompletePasswordReset(s.T(), s.Context(ctx), "password", "another_password")`
			`s.verifyNotificationDisplayed(s.T(), s.Context(ctx), "Passwords do not match.")`
Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`}`

			`func TestRunResetPasswordScenario(t *testing.T) {`
test(suites): short mode skip suites testing (#1823) This PR changes the suites tests so if go test -short is used, they are skipped per go standards and a message is displayed. Additionally removed some redundant types from suite_high_availability_test.go and adjusted a warning about a nil req var. 2021-03-14 07:08:26 +00:00			`if testing.Short() {`
			`t.Skip("skipping suite test in short mode")`
			`}`

Rewrite and fix remaining suites in Go. 2019-11-24 20:27:59 +00:00			`suite.Run(t, NewResetPasswordScenario())`
			`}`