Change basicauth.test.local into single_factor.test.local

pull/175/head
Clement Michaud 2017-10-19 22:33:10 +02:00
parent 969561f4ad
commit 22d56b1faa
9 changed files with 16 additions and 15 deletions

View File

@ -17,7 +17,7 @@ addons:
hosts:
- admin.test.local
- auth.test.local
- basicauth.test.local
- single_factor.test.local
- dev.test.local
- home.test.local
- mx1.mail.test.local

View File

@ -101,6 +101,7 @@ Add the following lines to your **/etc/hosts** to alias multiple subdomains so t
127.0.0.1 admin.test.local
127.0.0.1 mx1.mail.test.local
127.0.0.1 mx2.mail.test.local
127.0.0.1 single_factor.test.local
127.0.0.1 auth.test.local
### Run it!

View File

@ -74,7 +74,7 @@ ldap:
authentication_methods:
default_method: two_factor
per_subdomain_methods:
basicauth.test.local: single_factor
single_factor.test.local: single_factor
# Access Control
#

View File

@ -52,7 +52,7 @@
mx2.main.test.local <a href="https://mx2.mail.test.local:8080/secret.html"> / secret.html</a>
</li>
<li>
basicauth.test.local <a href="https://basicauth.test.local:8080/secret.html"> / secret.html</a>
single_factor.test.local <a href="https://single_factor.test.local:8080/secret.html"> / secret.html</a>
</li>
</ul>

View File

@ -244,9 +244,9 @@ http {
server {
listen 443 ssl;
root /usr/share/nginx/html/basicauth.test.local;
root /usr/share/nginx/html/single_factor.test.local;
server_name basicauth.test.local;
server_name single_factor.test.local;
ssl on;
ssl_certificate /etc/ssl/server.crt;

View File

@ -17,7 +17,7 @@ Feature: User has access restricted access to domains
| https://dev.test.local:8080/users/bob/secret.html |
| https://admin.test.local:8080/secret.html |
| https://mx1.mail.test.local:8080/secret.html |
| https://basicauth.test.local:8080/secret.html |
| https://single_factor.test.local:8080/secret.html |
And I have no access to:
| url |
| https://mx2.mail.test.local:8080/secret.html |
@ -42,7 +42,7 @@ Feature: User has access restricted access to domains
| https://admin.test.local:8080/secret.html |
| https://dev.test.local:8080/users/john/secret.html |
| https://dev.test.local:8080/users/harry/secret.html |
| https://basicauth.test.local:8080/secret.html |
| https://single_factor.test.local:8080/secret.html |
@need-registered-user-harry
Scenario: User harry has restricted access
@ -64,4 +64,4 @@ Feature: User has access restricted access to domains
| https://dev.test.local:8080/users/john/secret.html |
| https://mx1.mail.test.local:8080/secret.html |
| https://mx2.mail.test.local:8080/secret.html |
| https://basicauth.test.local:8080/secret.html |
| https://single_factor.test.local:8080/secret.html |

View File

@ -2,10 +2,10 @@ Feature: User is redirected when factors are already validated
@need-registered-user-john
Scenario: User has validated first factor and tries to access service protected by second factor. He is then redirect to second factor step.
When I visit "https://basicauth.test.local:8080/secret.html"
And I'm redirected to "https://auth.test.local:8080/?redirect=https%3A%2F%2Fbasicauth.test.local%3A8080%2Fsecret.html"
When I visit "https://single_factor.test.local:8080/secret.html"
And I'm redirected to "https://auth.test.local:8080/?redirect=https%3A%2F%2Fsingle_factor.test.local%3A8080%2Fsecret.html"
And I login with user "john" and password "password"
And I'm redirected to "https://basicauth.test.local:8080/secret.html"
And I'm redirected to "https://single_factor.test.local:8080/secret.html"
And I visit "https://public.test.local:8080/secret.html"
Then I'm redirected to "https://auth.test.local:8080/secondfactor?redirect=https%3A%2F%2Fpublic.test.local%3A8080%2Fsecret.html"

View File

@ -2,9 +2,9 @@ Feature: User can access certain subdomains with single factor
@need-registered-user-john
Scenario: User is redirected to service after first factor if allowed
When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fbasicauth.test.local%3A8080%2Fsecret.html"
When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fsingle_factor.test.local%3A8080%2Fsecret.html"
And I login with user "john" and password "password"
Then I'm redirected to "https://basicauth.test.local:8080/secret.html"
Then I'm redirected to "https://single_factor.test.local:8080/secret.html"
@need-registered-user-john
Scenario: Redirection after first factor fails if single_factor not allowed. It redirects user to first factor.