From 160ce92e54a45b4a2aacb5149c4cea5fd72324c4 Mon Sep 17 00:00:00 2001 From: Quentin BEY Date: Wed, 12 Feb 2025 13:39:08 +0100 Subject: [PATCH] =?UTF-8?q?=E2=9C=85(oidc)=20add=20IdP=20e2e=20test=20for?= =?UTF-8?q?=20login?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is a simple test to assert a user can login via people when setup as an identity provider. --- env.d/development/common.e2e.dist | 3 ++ .../demo/management/commands/create_demo.py | 28 ++++++++++++++++- .../app-desk/oidc-identity-provider.spec.ts | 30 +++++++++++++++++++ 3 files changed, 60 insertions(+), 1 deletion(-) create mode 100644 src/frontend/apps/e2e/__tests__/app-desk/oidc-identity-provider.spec.ts diff --git a/env.d/development/common.e2e.dist b/env.d/development/common.e2e.dist index b0faa27..a4375a6 100644 --- a/env.d/development/common.e2e.dist +++ b/env.d/development/common.e2e.dist @@ -1,3 +1,6 @@ # For the CI job test-e2e SUSTAINED_THROTTLE_RATES="200/hour" BURST_THROTTLE_RATES="200/minute" + +OAUTH2_PROVIDER_OIDC_ENABLED = True +OAUTH2_PROVIDER_VALIDATOR_CLASS: "mailbox_oauth2.validators.ProConnectValidator" diff --git a/src/backend/demo/management/commands/create_demo.py b/src/backend/demo/management/commands/create_demo.py index 5db565a..cf1962c 100755 --- a/src/backend/demo/management/commands/create_demo.py +++ b/src/backend/demo/management/commands/create_demo.py @@ -9,6 +9,7 @@ from uuid import uuid4 from django import db from django.conf import settings +from django.contrib.auth.hashers import make_password from django.core.management.base import BaseCommand, CommandError from django.utils.text import slugify @@ -20,7 +21,7 @@ from core import models from demo import defaults from mailbox_manager import models as mailbox_models -from mailbox_manager.enums import MailDomainStatusChoices +from mailbox_manager.enums import MailboxStatusChoices, MailDomainStatusChoices fake = Faker() @@ -153,6 +154,29 @@ def create_oidc_people_idp_client(): application.save() +def create_oidc_people_idp_client_user(): + """Provide a user for the People Identity Provider OIDC client.""" + organization, _created = models.Organization.objects.get_or_create( + name="13002526500013", + registration_id_list=["13002526500013"], + ) + mail_domain, _created = mailbox_models.MailDomain.objects.get_or_create( + name="example.com", + organization=organization, + status=MailDomainStatusChoices.ENABLED, + support_email="support@example.com", + ) + _mailbox, _created = mailbox_models.Mailbox.objects.get_or_create( + first_name="IdP User", + last_name="E2E", + domain=mail_domain, + local_part="user-e2e", + status=MailboxStatusChoices.ENABLED, + password=make_password("password-user-e2e"), + secondary_email="not-used@example.com", + ) + + def create_demo(stdout): # pylint: disable=too-many-locals """ Create a database with demo data for developers to work in a realistic environment. @@ -337,7 +361,9 @@ def create_demo(stdout): # pylint: disable=too-many-locals # OIDC configuration if settings.OAUTH2_PROVIDER.get("OIDC_ENABLED", False): + stdout.write("Creating OIDC client for People Identity Provider") create_oidc_people_idp_client() + create_oidc_people_idp_client_user() class Command(BaseCommand): diff --git a/src/frontend/apps/e2e/__tests__/app-desk/oidc-identity-provider.spec.ts b/src/frontend/apps/e2e/__tests__/app-desk/oidc-identity-provider.spec.ts new file mode 100644 index 0000000..da1ef10 --- /dev/null +++ b/src/frontend/apps/e2e/__tests__/app-desk/oidc-identity-provider.spec.ts @@ -0,0 +1,30 @@ +import { expect, test } from '@playwright/test'; + +test.describe('Login to people as Identity Provider', () => { + test('checks a user with mailbox can login via people', async ({ page }) => { + // go to people index page, wait for the redirection to keycloak + await page.goto('/'); + await page.locator('h1').first().textContent({ + timeout: 5000, + }); + + // keycloak - click on the login button + await page.click('a[id=social-oidc-people-local]'); + + // wait for the people login page to load and fill email/password + await page.fill('input.c__input[type="email"]', 'user-e2e@example.com'); + + await page.fill('input.c__input[type="password"]', 'password-user-e2e', { + timeout: 10000, + }); + + await page.click('button.c__button[type="submit"]'); + + // wait for URL to be localhost:3000 and the page to be loaded + await expect(page).toHaveURL('http://localhost:3000/', { timeout: 10000 }); + + // check the user is logged in + await expect(page.getByText('Groups')).toBeVisible(); + await expect(page.getByText('0 group to display.')).toBeVisible(); + }); +});