tests/e2e: fix more test, add requirements for crypto

2021-02-27 23:33:15 +01:00
parent 088e0e736a
commit 3c8a0081bc
6 changed files with 97 additions and 26 deletions
--- a/tests/e2e/test_flows_enroll.py
+++ b/tests/e2e/test_flows_enroll.py
@ -39,7 +39,6 @@ class TestFlowsEnroll(SeleniumTestCase):
    @retry()
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
-    # pylint: disable=too-many-locals
    def test_enroll_2_step(self):
        """Test 2-step enroll flow"""
        # First stage fields
@ -228,7 +227,11 @@ class TestFlowsEnroll(SeleniumTestCase):
        # Second prompt stage
        flow_executor = self.get_shadow_root("ak-flow-executor")
        prompt_stage = self.get_shadow_root("ak-stage-prompt", flow_executor)
+        wait = WebDriverWait(prompt_stage, self.wait_timeout)

+        wait.until(
+            ec.presence_of_element_located((By.CSS_SELECTOR, "input[name=name]"))
+        )
        prompt_stage.find_element(By.CSS_SELECTOR, "input[name=name]").send_keys(
            "some name"
        )
--- a/tests/e2e/test_provider_oauth2_github.py
+++ b/tests/e2e/test_provider_oauth2_github.py
@ -64,6 +64,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
    def test_authorization_consent_implied(self):
        """test OAuth Provider flow (default authorization flow with implied consent)"""
        # Bootstrap all needed objects
@ -117,6 +118,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
    def test_authorization_consent_explicit(self):
        """test OAuth Provider flow (default authorization flow with explicit consent)"""
        # Bootstrap all needed objects
@ -142,7 +144,9 @@ class TestProviderOAuth2Github(SeleniumTestCase):
        self.login()

        sleep(3)
-        self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor")))
+        self.wait.until(
+            ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
+        )

        flow_executor = self.get_shadow_root("ak-flow-executor")
        consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
@ -153,7 +157,9 @@ class TestProviderOAuth2Github(SeleniumTestCase):
        )
        self.assertEqual(
            "GitHub Compatibility: Access you Email addresses",
-            consent_stage.find_element(By.CSS_SELECTOR, "[data-permission-code='user:email']").text,
+            consent_stage.find_element(
+                By.CSS_SELECTOR, "[data-permission-code='user:email']"
+            ).text,
        )
        consent_stage.find_element(
            By.CSS_SELECTOR,
@ -189,6 +195,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
    def test_denied(self):
        """test OAuth Provider flow (default authorization flow, denied)"""
        # Bootstrap all needed objects
--- a/tests/e2e/test_provider_oauth2_grafana.py
+++ b/tests/e2e/test_provider_oauth2_grafana.py
@ -24,7 +24,13 @@ from authentik.providers.oauth2.generators import (
    generate_client_secret,
 )
 from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
-from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry
+from tests.e2e.utils import (
+    USER,
+    SeleniumTestCase,
+    apply_migration,
+    object_manager,
+    retry,
+)

 LOGGER = get_logger()
 APPLICATION_SLUG = "grafana"
@ -78,6 +84,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
    def test_redirect_uri_error(self):
        """test OpenID Provider flow (invalid redirect URI, check error message)"""
        sleep(1)
@ -118,6 +125,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
+    @object_manager
    def test_authorization_consent_implied(self):
        """test OpenID Provider flow (default authorization flow with implied consent)"""
        sleep(1)
@ -178,6 +187,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
+    @object_manager
    def test_authorization_logout(self):
        """test OpenID Provider flow with logout"""
        sleep(1)
@ -246,6 +257,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
+    @object_manager
    def test_authorization_consent_explicit(self):
        """test OpenID Provider flow (default authorization flow with explicit consent)"""
        sleep(1)
@ -278,15 +291,22 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
        self.driver.find_element(By.CLASS_NAME, "btn-service--oauth").click()
        self.login()

-        self.assertEqual(
-            app.name,
-            self.driver.find_element(By.ID, "application-name").text,
-        )
        self.wait.until(
-            ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]"))
+            ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
        )
        sleep(1)
-        self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click()
+
+        flow_executor = self.get_shadow_root("ak-flow-executor")
+        consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
+
+        self.assertIn(
+            app.name,
+            consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
+        )
+        consent_stage.find_element(
+            By.CSS_SELECTOR,
+            ("[type=submit]"),
+        ).click()

        self.wait_for_url("http://localhost:3000/?orgId=1")
        self.driver.get("http://localhost:3000/profile")
@ -318,6 +338,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
    def test_authorization_denied(self):
        """test OpenID Provider flow (default authorization with access deny)"""
        sleep(1)
--- a/tests/e2e/test_provider_oauth2_oidc.py
+++ b/tests/e2e/test_provider_oauth2_oidc.py
@ -26,7 +26,13 @@ from authentik.providers.oauth2.generators import (
    generate_client_secret,
 )
 from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
-from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry
+from tests.e2e.utils import (
+    USER,
+    SeleniumTestCase,
+    apply_migration,
+    object_manager,
+    retry,
+)

 LOGGER = get_logger()

@ -73,6 +79,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
    def test_redirect_uri_error(self):
        """test OpenID Provider flow (invalid redirect URI, check error message)"""
        sleep(1)
@ -113,6 +120,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
+    @object_manager
    def test_authorization_consent_implied(self):
        """test OpenID Provider flow (default authorization flow with implied consent)"""
        sleep(1)
@ -160,6 +169,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
+    @object_manager
    def test_authorization_consent_explicit(self):
        """test OpenID Provider flow (default authorization flow with explicit consent)"""
        sleep(1)
@ -192,17 +203,21 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
        self.driver.get("http://localhost:9009")
        self.login()

-        sleep(9999999)
-
-        self.assertEqual(
-            app.name,
-            self.driver.find_element(By.ID, "application-name").text,
-        )
        self.wait.until(
-            ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]"))
+            ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
        )
-        sleep(1)
-        self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click()
+
+        flow_executor = self.get_shadow_root("ak-flow-executor")
+        consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
+
+        self.assertIn(
+            app.name,
+            consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
+        )
+        consent_stage.find_element(
+            By.CSS_SELECTOR,
+            ("[type=submit]"),
+        ).click()

        self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "pre")))
        body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
@ -220,6 +235,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
    @apply_migration("authentik_core", "0003_default_user")
    @apply_migration("authentik_flows", "0008_default_flows")
    @apply_migration("authentik_flows", "0010_provider_flows")
+    @apply_migration("authentik_crypto", "0002_create_self_signed_kp")
    def test_authorization_denied(self):
        """test OpenID Provider flow (default authorization with access deny)"""
        sleep(1)
--- a/tests/e2e/test_provider_saml.py
+++ b/tests/e2e/test_provider_saml.py
@ -149,12 +149,23 @@ class TestProviderSAML(SeleniumTestCase):
        self.container = self.setup_client(provider)
        self.driver.get("http://localhost:9009")
        self.login()
-        self.assertEqual(
-            app.name,
-            self.driver.find_element(By.ID, "application-name").text,
+
+        self.wait.until(
+            ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor"))
        )
-        sleep(1)
-        self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click()
+
+        flow_executor = self.get_shadow_root("ak-flow-executor")
+        consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
+
+        self.assertIn(
+            app.name,
+            consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
+        )
+        consent_stage.find_element(
+            By.CSS_SELECTOR,
+            ("[type=submit]"),
+        ).click()
+
        self.wait_for_url("http://localhost:9009/")

        body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
--- a/tests/e2e/utils.py
+++ b/tests/e2e/utils.py
@ -30,6 +30,7 @@ from structlog.stdlib import get_logger

 from authentik.core.api.users import UserSerializer
 from authentik.core.models import User
+from authentik.managed.manager import ObjectManager


 # pylint: disable=invalid-name
@ -149,6 +150,7 @@ class SeleniumTestCase(StaticLiveServerTestCase):
        password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys(
            Keys.ENTER
        )
+        sleep(1)

    def assert_user(self, expected_user: User):
        """Check users/me API and assert it matches expected_user"""
@ -189,7 +191,18 @@ def apply_migration(app_name: str, migration_name: str):
    return wrapper_outter


-def retry(max_retires=3, exceptions=None):
+def object_manager(func: Callable):
+    """Run objectmanager before a test function"""
+
+    @wraps(func)
+    def wrapper(*args, **kwargs):
+        """Run objectmanager before a test function"""
+        ObjectManager().run()
+        return func(*args, **kwargs)
+
+    return wrapper
+
+
    """Retry test multiple times. Default to catching Selenium Timeout Exception"""

    if not exceptions: