✅(oidc) add IdP e2e test for login

This is a simple test to assert a user can login via people when setup
as an identity provider.

env.d/development/common.e2e.dist

@@ -1,3 +1,6 @@
 # For the CI job test-e2e
 SUSTAINED_THROTTLE_RATES="200/hour"
 BURST_THROTTLE_RATES="200/minute"
+
+OAUTH2_PROVIDER_OIDC_ENABLED = True
+OAUTH2_PROVIDER_VALIDATOR_CLASS: "mailbox_oauth2.validators.ProConnectValidator"

src/backend/demo/management/commands/create_demo.py

@@ -9,6 +9,7 @@ from uuid import uuid4
 
 from django import db
 from django.conf import settings
+from django.contrib.auth.hashers import make_password
 from django.core.management.base import BaseCommand, CommandError
 from django.utils.text import slugify
 
@@ -20,7 +21,7 @@ from core import models
 
 from demo import defaults
 from mailbox_manager import models as mailbox_models
-from mailbox_manager.enums import MailDomainStatusChoices
+from mailbox_manager.enums import MailboxStatusChoices, MailDomainStatusChoices
 
 fake = Faker()
 
@@ -153,6 +154,29 @@ def create_oidc_people_idp_client():
         application.save()
 
 
+def create_oidc_people_idp_client_user():
+    """Provide a user for the People Identity Provider OIDC client."""
+    organization, _created = models.Organization.objects.get_or_create(
+        name="13002526500013",
+        registration_id_list=["13002526500013"],
+    )
+    mail_domain, _created = mailbox_models.MailDomain.objects.get_or_create(
+        name="example.com",
+        organization=organization,
+        status=MailDomainStatusChoices.ENABLED,
+        support_email="support@example.com",
+    )
+    _mailbox, _created = mailbox_models.Mailbox.objects.get_or_create(
+        first_name="IdP User",
+        last_name="E2E",
+        domain=mail_domain,
+        local_part="user-e2e",
+        status=MailboxStatusChoices.ENABLED,
+        password=make_password("password-user-e2e"),
+        secondary_email="not-used@example.com",
+    )
+
+
 def create_demo(stdout):  # pylint: disable=too-many-locals
     """
     Create a database with demo data for developers to work in a realistic environment.
@@ -337,7 +361,9 @@ def create_demo(stdout):  # pylint: disable=too-many-locals
 
     # OIDC configuration
     if settings.OAUTH2_PROVIDER.get("OIDC_ENABLED", False):
+        stdout.write("Creating OIDC client for People Identity Provider")
         create_oidc_people_idp_client()
+        create_oidc_people_idp_client_user()
 
 
 class Command(BaseCommand):

src/frontend/apps/e2e/__tests__/app-desk/oidc-identity-provider.spec.ts

@@ -0,0 +1,30 @@
+import { expect, test } from '@playwright/test';
+
+test.describe('Login to people as Identity Provider', () => {
+  test('checks a user with mailbox can login via people', async ({ page }) => {
+    // go to people index page, wait for the redirection to keycloak
+    await page.goto('/');
+    await page.locator('h1').first().textContent({
+      timeout: 5000,
+    });
+
+    // keycloak - click on the login button
+    await page.click('a[id=social-oidc-people-local]');
+
+    // wait for the people login page to load and fill email/password
+    await page.fill('input.c__input[type="email"]', 'user-e2e@example.com');
+
+    await page.fill('input.c__input[type="password"]', 'password-user-e2e', {
+      timeout: 10000,
+    });
+
+    await page.click('button.c__button[type="submit"]');
+
+    // wait for URL to be localhost:3000 and the page to be loaded
+    await expect(page).toHaveURL('http://localhost:3000/', { timeout: 10000 });
+
+    // check the user is logged in
+    await expect(page.getByText('Groups')).toBeVisible();
+    await expect(page.getByText('0 group to display.')).toBeVisible();
+  });
+});