tests/e2e: add forward auth e2e test (#11374)

* add nginx forward_auth e2e tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add envoy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove even more duplicate code Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add traefik static config Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more cleanup, don't generate dex config cause they support env variables Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use default dex entrypoint to use templating Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove options that are always set as default Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix compose flag Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add caddy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * merge python files Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use whoami api to check better Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix envoy config Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set invalidation flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix logout checks Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-10-16 18:01:59 +02:00
parent c4caef4c38
commit 89f251d559
24 changed files with 678 additions and 302 deletions
--- a/tests/e2e/test_source_oauth_oauth2.py
+++ b/tests/e2e/test_source_oauth_oauth2.py
@ -3,15 +3,12 @@
 from json import loads
 from pathlib import Path
 from time import sleep
-from typing import Any

-from docker.models.containers import Container
 from docker.types import Healthcheck
 from selenium.webdriver.common.by import By
 from selenium.webdriver.common.keys import Keys
 from selenium.webdriver.support import expected_conditions as ec
 from selenium.webdriver.support.wait import WebDriverWait
-from yaml import safe_dump

 from authentik.blueprints.tests import apply_blueprint
 from authentik.core.models import User
@ -21,69 +18,35 @@ from authentik.sources.oauth.models import OAuthSource
 from authentik.stages.identification.models import IdentificationStage
 from tests.e2e.utils import SeleniumTestCase, retry

-CONFIG_PATH = "/tmp/dex.yml"  # nosec
-

 class TestSourceOAuth2(SeleniumTestCase):
    """test OAuth Source flow"""

-    container: Container
-
    def setUp(self):
        self.client_secret = generate_key()
        self.slug = generate_id()
-        self.prepare_dex_config()
        super().setUp()
-
-    def prepare_dex_config(self):
-        """Since Dex does not document which environment
-        variables can be used to configure clients"""
-        config = {
-            "enablePasswordDB": True,
-            "issuer": "http://127.0.0.1:5556/dex",
-            "logger": {"level": "debug"},
-            "staticClients": [
-                {
-                    "id": "example-app",
-                    "name": "Example App",
-                    "redirectURIs": [
-                        self.url(
-                            "authentik_sources_oauth:oauth-client-callback",
-                            source_slug=self.slug,
-                        )
-                    ],
-                    "secret": self.client_secret,
-                }
-            ],
-            "staticPasswords": [
-                {
-                    "email": "admin@example.com",
-                    # hash for password
-                    "hash": "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W",
-                    "userID": "08a8684b-db88-4b73-90a9-3cd1661f5466",
-                    "username": "admin",
-                }
-            ],
-            "storage": {"config": {"file": "/tmp/dex.db"}, "type": "sqlite3"},  # nosec
-            "web": {"http": "0.0.0.0:5556"},
-        }
-        with open(CONFIG_PATH, "w+", encoding="utf8") as _file:
-            safe_dump(config, _file)
-
-    def get_container_specs(self) -> dict[str, Any] | None:
-        return {
-            "image": "ghcr.io/dexidp/dex:v2.28.1",
-            "detach": True,
-            "ports": {"5556": "5556"},
-            "auto_remove": True,
-            "command": "dex serve /config.yml",
-            "healthcheck": Healthcheck(
+        self.run_container(
+            image="ghcr.io/dexidp/dex:v2.28.1",
+            ports={"5556": "5556"},
+            healthcheck=Healthcheck(
                test=["CMD", "wget", "--spider", "http://localhost:5556/dex/healthz"],
                interval=5 * 1_000 * 1_000_000,
                start_period=1 * 1_000 * 1_000_000,
            ),
-            "volumes": {str(Path(CONFIG_PATH).absolute()): {"bind": "/config.yml", "mode": "ro"}},
-        }
+            environment={
+                "AK_REDIRECT_URL": self.url(
+                    "authentik_sources_oauth:oauth-client-callback",
+                    source_slug=self.slug,
+                ),
+                "AK_CLIENT_SECRET": self.client_secret,
+            },
+            volumes={
+                f"{Path(__file__).parent / "sources_oauth2_dex" / "dex.yaml"}": {
+                    "bind": "/etc/dex/config.docker.yaml",
+                }
+            },
+        )

    def create_objects(self):
        """Create required objects"""