blueprints: migrate from managed (#3338)
* test all bundled blueprints Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix empty title Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix default blueprints Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add script to generate dev config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate managed to blueprints Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add more to blueprint instance Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrated away from ObjectManager Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix lint errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate things Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix some tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix a bit more Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix more tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * whops Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix missing name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *sigh* Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix more tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tasks Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * scheduled Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * run discovery on start Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * oops this test should stay Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens L
@ -13,11 +13,11 @@ from selenium.webdriver.common.keys import Keys
|
||||
from selenium.webdriver.support import expected_conditions as ec
|
||||
from selenium.webdriver.support.wait import WebDriverWait
|
||||
|
||||
from authentik.flows.models import Flow, FlowStageBinding
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.flows.models import Flow
|
||||
from authentik.stages.authenticator_static.models import AuthenticatorStaticStage
|
||||
from authentik.stages.authenticator_totp.models import AuthenticatorTOTPStage
|
||||
from authentik.stages.authenticator_validate.models import AuthenticatorValidateStage
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
@ -25,18 +25,16 @@ class TestFlowsAuthenticator(SeleniumTestCase):
|
||||
"""test flow with otp stages"""
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
def test_totp_validate(self):
|
||||
"""test flow with otp stages"""
|
||||
sleep(1)
|
||||
# Setup TOTP Device
|
||||
device = TOTPDevice.objects.create(user=self.user, confirmed=True, digits=6)
|
||||
|
||||
flow: Flow = Flow.objects.get(slug="default-authentication-flow")
|
||||
FlowStageBinding.objects.create(
|
||||
target=flow, order=30, stage=AuthenticatorValidateStage.objects.create()
|
||||
)
|
||||
|
||||
self.driver.get(self.url("authentik_core:if-flow", flow_slug=flow.slug))
|
||||
self.login()
|
||||
@ -47,16 +45,17 @@ class TestFlowsAuthenticator(SeleniumTestCase):
|
||||
flow_executor = self.get_shadow_root("ak-flow-executor")
|
||||
validation_stage = self.get_shadow_root("ak-stage-authenticator-validate", flow_executor)
|
||||
code_stage = self.get_shadow_root("ak-stage-authenticator-validate-code", validation_stage)
|
||||
|
||||
code_stage.find_element(By.CSS_SELECTOR, "input[name=code]").send_keys(totp.token())
|
||||
code_stage.find_element(By.CSS_SELECTOR, "input[name=code]").send_keys(Keys.ENTER)
|
||||
self.wait_for_url(self.if_user_url("/library"))
|
||||
self.assert_user(self.user)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_stages_authenticator_totp", "0006_default_setup_flow")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint("blueprints/default/20-flow-default-authenticator-totp-setup.yaml")
|
||||
def test_totp_setup(self):
|
||||
"""test TOTP Setup stage"""
|
||||
flow: Flow = Flow.objects.get(slug="default-authentication-flow")
|
||||
@ -98,9 +97,11 @@ class TestFlowsAuthenticator(SeleniumTestCase):
|
||||
self.assertTrue(TOTPDevice.objects.filter(user=self.user, confirmed=True).exists())
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_stages_authenticator_static", "0005_default_setup_flow")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint("blueprints/default/20-flow-default-authenticator-static-setup.yaml")
|
||||
def test_static_setup(self):
|
||||
"""test Static OTP Setup stage"""
|
||||
flow: Flow = Flow.objects.get(slug="default-authentication-flow")
|
||||
|
||||
@ -9,6 +9,7 @@ from selenium.webdriver.common.by import By
|
||||
from selenium.webdriver.support import expected_conditions as ec
|
||||
from selenium.webdriver.support.wait import WebDriverWait
|
||||
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.core.models import User
|
||||
from authentik.core.tests.utils import create_test_flow
|
||||
from authentik.flows.models import FlowDesignation, FlowStageBinding
|
||||
@ -18,7 +19,7 @@ from authentik.stages.identification.models import IdentificationStage
|
||||
from authentik.stages.prompt.models import FieldTypes, Prompt, PromptStage
|
||||
from authentik.stages.user_login.models import UserLoginStage
|
||||
from authentik.stages.user_write.models import UserWriteStage
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
@ -39,8 +40,10 @@ class TestFlowsEnroll(SeleniumTestCase):
|
||||
}
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
def test_enroll_2_step(self):
|
||||
"""Test 2-step enroll flow"""
|
||||
# First stage fields
|
||||
@ -103,8 +106,10 @@ class TestFlowsEnroll(SeleniumTestCase):
|
||||
self.assertEqual(user.email, "foo@bar.baz")
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
def test_enroll_email(self):
|
||||
"""Test enroll with Email verification"""
|
||||
# First stage fields
|
||||
|
||||
@ -2,7 +2,8 @@
|
||||
from sys import platform
|
||||
from unittest.case import skipUnless
|
||||
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, retry
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from tests.e2e.utils import SeleniumTestCase, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
@ -10,8 +11,10 @@ class TestFlowsLogin(SeleniumTestCase):
|
||||
"""test default login flow"""
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
def test_login(self):
|
||||
"""test default login flow"""
|
||||
self.driver.get(
|
||||
|
||||
@ -5,11 +5,12 @@ from unittest.case import skipUnless
|
||||
from selenium.webdriver.common.by import By
|
||||
from selenium.webdriver.common.keys import Keys
|
||||
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.core.models import User
|
||||
from authentik.flows.models import Flow, FlowDesignation
|
||||
from authentik.lib.generators import generate_key
|
||||
from authentik.stages.password.models import PasswordStage
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
@ -17,9 +18,11 @@ class TestFlowsStageSetup(SeleniumTestCase):
|
||||
"""test stage setup flows"""
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_stages_password", "0002_passwordstage_change_flow")
|
||||
@apply_blueprint("blueprints/default/0-flow-password-change.yaml")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
def test_password_change(self):
|
||||
"""test password change flow"""
|
||||
# Ensure that password stage has change_flow set
|
||||
|
||||
@ -10,13 +10,14 @@ from guardian.shortcuts import get_anonymous_user
|
||||
from ldap3 import ALL, ALL_ATTRIBUTES, ALL_OPERATIONAL_ATTRIBUTES, SUBTREE, Connection, Server
|
||||
from ldap3.core.exceptions import LDAPInvalidCredentialsResult
|
||||
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.core.models import Application, User
|
||||
from authentik.events.models import Event, EventAction
|
||||
from authentik.flows.models import Flow
|
||||
from authentik.outposts.managed import MANAGED_OUTPOST
|
||||
from authentik.outposts.apps import MANAGED_OUTPOST
|
||||
from authentik.outposts.models import Outpost, OutpostConfig, OutpostType
|
||||
from authentik.providers.ldap.models import APIAccessMode, LDAPProvider
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, reconcile_app, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
@ -81,8 +82,10 @@ class TestProviderLDAP(SeleniumTestCase):
|
||||
return outpost
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
def test_ldap_bind_success(self):
|
||||
"""Test simple bind"""
|
||||
self._prepare()
|
||||
@ -106,8 +109,10 @@ class TestProviderLDAP(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
def test_ldap_bind_success_ssl(self):
|
||||
"""Test simple bind with ssl"""
|
||||
self._prepare()
|
||||
@ -131,8 +136,10 @@ class TestProviderLDAP(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
def test_ldap_bind_fail(self):
|
||||
"""Test simple bind (failed)"""
|
||||
self._prepare()
|
||||
@ -154,8 +161,11 @@ class TestProviderLDAP(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_outposts")
|
||||
def test_ldap_bind_search(self):
|
||||
"""Test simple bind + search"""
|
||||
outpost = self._prepare()
|
||||
|
||||
@ -8,13 +8,14 @@ from docker.types import Healthcheck
|
||||
from selenium.webdriver.common.by import By
|
||||
from selenium.webdriver.support import expected_conditions as ec
|
||||
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.core.models import Application
|
||||
from authentik.flows.models import Flow
|
||||
from authentik.lib.generators import generate_id, generate_key
|
||||
from authentik.policies.expression.models import ExpressionPolicy
|
||||
from authentik.policies.models import PolicyBinding
|
||||
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, reconcile_app, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
@ -56,10 +57,18 @@ class TestProviderOAuth2Github(SeleniumTestCase):
|
||||
}
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-oauth2.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_authorization_consent_implied(self):
|
||||
"""test OAuth Provider flow (default authorization flow with implied consent)"""
|
||||
# Bootstrap all needed objects
|
||||
@ -104,10 +113,18 @@ class TestProviderOAuth2Github(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-oauth2.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_authorization_consent_explicit(self):
|
||||
"""test OAuth Provider flow (default authorization flow with explicit consent)"""
|
||||
# Bootstrap all needed objects
|
||||
@ -171,10 +188,15 @@ class TestProviderOAuth2Github(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_denied(self):
|
||||
"""test OAuth Provider flow (default authorization flow, denied)"""
|
||||
# Bootstrap all needed objects
|
||||
|
||||
@ -8,6 +8,7 @@ from docker.types import Healthcheck
|
||||
from selenium.webdriver.common.by import By
|
||||
from selenium.webdriver.support import expected_conditions as ec
|
||||
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.core.models import Application
|
||||
from authentik.core.tests.utils import create_test_cert
|
||||
from authentik.flows.models import Flow
|
||||
@ -20,7 +21,7 @@ from authentik.providers.oauth2.constants import (
|
||||
SCOPE_OPENID_PROFILE,
|
||||
)
|
||||
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, reconcile_app, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
@ -65,10 +66,18 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
||||
}
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-oauth2.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_redirect_uri_error(self):
|
||||
"""test OpenID Provider flow (invalid redirect URI, check error message)"""
|
||||
sleep(1)
|
||||
@ -106,11 +115,18 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-oauth2.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_authorization_consent_implied(self):
|
||||
"""test OpenID Provider flow (default authorization flow with implied consent)"""
|
||||
sleep(1)
|
||||
@ -161,11 +177,18 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-oauth2.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_authorization_logout(self):
|
||||
"""test OpenID Provider flow with logout"""
|
||||
sleep(1)
|
||||
@ -225,11 +248,18 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
||||
self.driver.find_element(By.ID, "logout").click()
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-oauth2.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_authorization_consent_explicit(self):
|
||||
"""test OpenID Provider flow (default authorization flow with explicit consent)"""
|
||||
sleep(1)
|
||||
@ -298,10 +328,18 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-oauth2.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_authorization_denied(self):
|
||||
"""test OpenID Provider flow (default authorization with access deny)"""
|
||||
sleep(1)
|
||||
|
||||
@ -10,6 +10,7 @@ from docker.types import Healthcheck
|
||||
from selenium.webdriver.common.by import By
|
||||
from selenium.webdriver.support import expected_conditions as ec
|
||||
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.core.models import Application
|
||||
from authentik.core.tests.utils import create_test_cert
|
||||
from authentik.flows.models import Flow
|
||||
@ -22,7 +23,7 @@ from authentik.providers.oauth2.constants import (
|
||||
SCOPE_OPENID_PROFILE,
|
||||
)
|
||||
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, reconcile_app, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
@ -64,10 +65,15 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
|
||||
sleep(1)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_redirect_uri_error(self):
|
||||
"""test OpenID Provider flow (invalid redirect URI, check error message)"""
|
||||
sleep(1)
|
||||
@ -105,11 +111,16 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
@apply_blueprint("blueprints/system/providers-oauth2.yaml")
|
||||
def test_authorization_consent_implied(self):
|
||||
"""test OpenID Provider flow (default authorization flow with implied consent)"""
|
||||
sleep(1)
|
||||
@ -155,11 +166,16 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
|
||||
self.assertEqual(body["UserInfo"]["email"], self.user.email)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
@apply_blueprint("blueprints/system/providers-oauth2.yaml")
|
||||
def test_authorization_consent_explicit(self):
|
||||
"""test OpenID Provider flow (default authorization flow with explicit consent)"""
|
||||
sleep(1)
|
||||
@ -220,10 +236,15 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
|
||||
self.assertEqual(body["UserInfo"]["email"], self.user.email)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_authorization_denied(self):
|
||||
"""test OpenID Provider flow (default authorization with access deny)"""
|
||||
sleep(1)
|
||||
|
||||
@ -10,6 +10,7 @@ from docker.types import Healthcheck
|
||||
from selenium.webdriver.common.by import By
|
||||
from selenium.webdriver.support import expected_conditions as ec
|
||||
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.core.models import Application
|
||||
from authentik.core.tests.utils import create_test_cert
|
||||
from authentik.flows.models import Flow
|
||||
@ -22,7 +23,7 @@ from authentik.providers.oauth2.constants import (
|
||||
SCOPE_OPENID_PROFILE,
|
||||
)
|
||||
from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, reconcile_app, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
@ -64,10 +65,15 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
|
||||
sleep(1)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_redirect_uri_error(self):
|
||||
"""test OpenID Provider flow (invalid redirect URI, check error message)"""
|
||||
sleep(1)
|
||||
@ -105,11 +111,16 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
@apply_blueprint("blueprints/system/providers-oauth2.yaml")
|
||||
def test_authorization_consent_implied(self):
|
||||
"""test OpenID Provider flow (default authorization flow with implied consent)"""
|
||||
sleep(1)
|
||||
@ -150,11 +161,16 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
|
||||
self.assertEqual(body["profile"]["email"], self.user.email)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
@apply_blueprint("blueprints/system/providers-oauth2.yaml")
|
||||
def test_authorization_consent_explicit(self):
|
||||
"""test OpenID Provider flow (default authorization flow with explicit consent)"""
|
||||
sleep(1)
|
||||
@ -211,10 +227,15 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
|
||||
self.assertEqual(body["profile"]["email"], self.user.email)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_authorization_denied(self):
|
||||
"""test OpenID Provider flow (default authorization with access deny)"""
|
||||
sleep(1)
|
||||
|
||||
@ -11,12 +11,13 @@ from docker.models.containers import Container
|
||||
from selenium.webdriver.common.by import By
|
||||
|
||||
from authentik import __version__
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.core.models import Application
|
||||
from authentik.flows.models import Flow
|
||||
from authentik.outposts.models import DockerServiceConnection, Outpost, OutpostConfig, OutpostType
|
||||
from authentik.outposts.tasks import outpost_local_connection
|
||||
from authentik.providers.proxy.models import ProxyProvider
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, reconcile_app, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
@ -53,11 +54,19 @@ class TestProviderProxy(SeleniumTestCase):
|
||||
return container
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-oauth2.yaml",
|
||||
"blueprints/system/providers-proxy.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_proxy_simple(self):
|
||||
"""Test simple outpost setup with single provider"""
|
||||
# set additionalHeaders to test later
|
||||
@ -116,11 +125,15 @@ class TestProviderProxyConnect(ChannelsLiveServerTestCase):
|
||||
"""Test Proxy connectivity over websockets"""
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_proxy_connectivity(self):
|
||||
"""Test proxy connectivity over websocket"""
|
||||
outpost_local_connection()
|
||||
|
||||
@ -10,6 +10,7 @@ from docker.types import Healthcheck
|
||||
from selenium.webdriver.common.by import By
|
||||
from selenium.webdriver.support import expected_conditions as ec
|
||||
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.core.models import Application
|
||||
from authentik.core.tests.utils import create_test_cert
|
||||
from authentik.flows.models import Flow
|
||||
@ -17,7 +18,7 @@ from authentik.policies.expression.models import ExpressionPolicy
|
||||
from authentik.policies.models import PolicyBinding
|
||||
from authentik.providers.saml.models import SAMLBindings, SAMLPropertyMapping, SAMLProvider
|
||||
from authentik.sources.saml.processors.constants import SAML_BINDING_POST
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, reconcile_app, retry
|
||||
|
||||
|
||||
@skipUnless(platform.startswith("linux"), "requires local docker")
|
||||
@ -63,11 +64,18 @@ class TestProviderSAML(SeleniumTestCase):
|
||||
sleep(1)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-saml.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_sp_initiated_implicit(self):
|
||||
"""test SAML Provider flow SP-initiated flow (implicit consent)"""
|
||||
# Bootstrap all needed objects
|
||||
@ -125,11 +133,18 @@ class TestProviderSAML(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-saml.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_sp_initiated_explicit(self):
|
||||
"""test SAML Provider flow SP-initiated flow (explicit consent)"""
|
||||
# Bootstrap all needed objects
|
||||
@ -202,11 +217,18 @@ class TestProviderSAML(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-saml.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_sp_initiated_explicit_post(self):
|
||||
"""test SAML Provider flow SP-initiated flow (explicit consent) (POST binding)"""
|
||||
# Bootstrap all needed objects
|
||||
@ -279,11 +301,18 @@ class TestProviderSAML(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-saml.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_idp_initiated_implicit(self):
|
||||
"""test SAML Provider flow IdP-initiated flow (implicit consent)"""
|
||||
# Bootstrap all needed objects
|
||||
@ -347,11 +376,18 @@ class TestProviderSAML(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0010_provider_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/system/providers-saml.yaml",
|
||||
)
|
||||
@reconcile_app("authentik_crypto")
|
||||
def test_sp_initiated_denied(self):
|
||||
"""test SAML Provider flow SP-initiated flow (Policy denies access)"""
|
||||
# Bootstrap all needed objects
|
||||
|
||||
@ -13,6 +13,7 @@ from selenium.webdriver.support import expected_conditions as ec
|
||||
from selenium.webdriver.support.wait import WebDriverWait
|
||||
from yaml import safe_dump
|
||||
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.core.models import User
|
||||
from authentik.flows.models import Flow
|
||||
from authentik.lib.generators import generate_id, generate_key
|
||||
@ -20,7 +21,7 @@ from authentik.sources.oauth.models import OAuthSource
|
||||
from authentik.sources.oauth.types.manager import MANAGER, SourceType
|
||||
from authentik.sources.oauth.views.callback import OAuthCallback
|
||||
from authentik.stages.identification.models import IdentificationStage
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, retry
|
||||
|
||||
CONFIG_PATH = "/tmp/dex.yml" # nosec
|
||||
|
||||
@ -141,11 +142,19 @@ class TestSourceOAuth2(SeleniumTestCase):
|
||||
ident_stage.save()
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0009_source_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-source-authentication.yaml",
|
||||
"blueprints/default/20-flow-default-source-enrollment.yaml",
|
||||
"blueprints/default/20-flow-default-source-pre-authentication.yaml",
|
||||
)
|
||||
def test_oauth_enroll(self):
|
||||
"""test OAuth Source With With OIDC"""
|
||||
self.create_objects()
|
||||
@ -190,11 +199,14 @@ class TestSourceOAuth2(SeleniumTestCase):
|
||||
self.assert_user(User(username="foo", name="admin", email="admin@example.com"))
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0009_source_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-provider-authorization-explicit-consent.yaml",
|
||||
"blueprints/default/20-flow-default-provider-authorization-implicit-consent.yaml",
|
||||
)
|
||||
def test_oauth_enroll_auth(self):
|
||||
"""test OAuth Source With With OIDC (enroll and authenticate again)"""
|
||||
self.test_oauth_enroll()
|
||||
@ -279,11 +291,15 @@ class TestSourceOAuth1(SeleniumTestCase):
|
||||
ident_stage.save()
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0009_source_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-source-authentication.yaml",
|
||||
"blueprints/default/20-flow-default-source-enrollment.yaml",
|
||||
"blueprints/default/20-flow-default-source-pre-authentication.yaml",
|
||||
)
|
||||
def test_oauth_enroll(self):
|
||||
"""test OAuth Source With With OIDC"""
|
||||
self.create_objects()
|
||||
|
||||
@ -11,12 +11,13 @@ from selenium.webdriver.common.keys import Keys
|
||||
from selenium.webdriver.support import expected_conditions as ec
|
||||
from selenium.webdriver.support.wait import WebDriverWait
|
||||
|
||||
from authentik.blueprints import apply_blueprint
|
||||
from authentik.core.models import User
|
||||
from authentik.crypto.models import CertificateKeyPair
|
||||
from authentik.flows.models import Flow
|
||||
from authentik.sources.saml.models import SAMLBindingTypes, SAMLSource
|
||||
from authentik.stages.identification.models import IdentificationStage
|
||||
from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry
|
||||
from tests.e2e.utils import SeleniumTestCase, retry
|
||||
|
||||
IDP_CERT = """-----BEGIN CERTIFICATE-----
|
||||
MIIDXTCCAkWgAwIBAgIJALmVVuDWu4NYMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
|
||||
@ -94,12 +95,15 @@ class TestSourceSAML(SeleniumTestCase):
|
||||
}
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0009_source_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_migration("authentik_sources_saml", "0010_samlsource_pre_authentication_flow")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-source-authentication.yaml",
|
||||
"blueprints/default/20-flow-default-source-enrollment.yaml",
|
||||
"blueprints/default/20-flow-default-source-pre-authentication.yaml",
|
||||
)
|
||||
def test_idp_redirect(self):
|
||||
"""test SAML Source With redirect binding"""
|
||||
# Bootstrap all needed objects
|
||||
@ -161,12 +165,15 @@ class TestSourceSAML(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0009_source_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_migration("authentik_sources_saml", "0010_samlsource_pre_authentication_flow")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-source-authentication.yaml",
|
||||
"blueprints/default/20-flow-default-source-enrollment.yaml",
|
||||
"blueprints/default/20-flow-default-source-pre-authentication.yaml",
|
||||
)
|
||||
def test_idp_post(self):
|
||||
"""test SAML Source With post binding"""
|
||||
# Bootstrap all needed objects
|
||||
@ -241,12 +248,15 @@ class TestSourceSAML(SeleniumTestCase):
|
||||
)
|
||||
|
||||
@retry()
|
||||
@apply_migration("authentik_flows", "0008_default_flows")
|
||||
@apply_migration("authentik_flows", "0011_flow_title")
|
||||
@apply_migration("authentik_flows", "0009_source_flows")
|
||||
@apply_migration("authentik_crypto", "0002_create_self_signed_kp")
|
||||
@apply_migration("authentik_sources_saml", "0010_samlsource_pre_authentication_flow")
|
||||
@object_manager
|
||||
@apply_blueprint(
|
||||
"blueprints/default/10-flow-default-authentication-flow.yaml",
|
||||
"blueprints/default/10-flow-default-invalidation-flow.yaml",
|
||||
)
|
||||
@apply_blueprint(
|
||||
"blueprints/default/20-flow-default-source-authentication.yaml",
|
||||
"blueprints/default/20-flow-default-source-enrollment.yaml",
|
||||
"blueprints/default/20-flow-default-source-pre-authentication.yaml",
|
||||
)
|
||||
def test_idp_post_auto(self):
|
||||
"""test SAML Source With post binding (auto redirect)"""
|
||||
# Bootstrap all needed objects
|
||||
|
||||
@ -10,7 +10,6 @@ from django.apps import apps
|
||||
from django.contrib.staticfiles.testing import StaticLiveServerTestCase
|
||||
from django.db import connection
|
||||
from django.db.migrations.loader import MigrationLoader
|
||||
from django.db.migrations.operations.special import RunPython
|
||||
from django.test.testcases import TransactionTestCase
|
||||
from django.urls import reverse
|
||||
from docker import DockerClient, from_env
|
||||
@ -25,7 +24,7 @@ from selenium.webdriver.remote.webelement import WebElement
|
||||
from selenium.webdriver.support.ui import WebDriverWait
|
||||
from structlog.stdlib import get_logger
|
||||
|
||||
from authentik.blueprints.manager import ObjectManager
|
||||
from authentik.blueprints.manager import ManagedAppConfig
|
||||
from authentik.core.api.users import UserSerializer
|
||||
from authentik.core.models import User
|
||||
from authentik.core.tests.utils import create_test_admin_user
|
||||
@ -193,37 +192,22 @@ def get_loader():
|
||||
return MigrationLoader(connection)
|
||||
|
||||
|
||||
def apply_migration(app_name: str, migration_name: str):
|
||||
"""Re-apply migrations that create objects using RunPython before test cases"""
|
||||
def reconcile_app(app_name: str):
|
||||
"""Re-reconcile AppConfig methods"""
|
||||
|
||||
def wrapper_outter(func: Callable):
|
||||
"""Retry test multiple times"""
|
||||
def wrapper_outer(func: Callable):
|
||||
"""Re-reconcile AppConfig methods"""
|
||||
|
||||
@wraps(func)
|
||||
def wrapper(self: TransactionTestCase, *args, **kwargs):
|
||||
migration = get_loader().get_migration(app_name, migration_name)
|
||||
with connection.schema_editor() as schema_editor:
|
||||
for operation in migration.operations:
|
||||
if not isinstance(operation, RunPython):
|
||||
continue
|
||||
operation.code(apps, schema_editor)
|
||||
config = apps.get_app_config(app_name)
|
||||
if isinstance(config, ManagedAppConfig):
|
||||
config.reconcile()
|
||||
return func(self, *args, **kwargs)
|
||||
|
||||
return wrapper
|
||||
|
||||
return wrapper_outter
|
||||
|
||||
|
||||
def object_manager(func: Callable):
|
||||
"""Run objectmanager before a test function"""
|
||||
|
||||
@wraps(func)
|
||||
def wrapper(*args, **kwargs):
|
||||
"""Run objectmanager before a test function"""
|
||||
ObjectManager().run()
|
||||
return func(*args, **kwargs)
|
||||
|
||||
return wrapper
|
||||
return wrapper_outer
|
||||
|
||||
|
||||
def retry(max_retires=RETRIES, exceptions=None):
|
||||
|
||||
Reference in New Issue
Block a user