From 060f19ce06e5211247185b24bce38c0b27ec4187 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 23 Nov 2021 21:30:02 +0100 Subject: [PATCH] tests/e2e: ensure akadmin is not used Signed-off-by: Jens Langhammer --- tests/e2e/test_flows_authenticators.py | 17 ++--- tests/e2e/test_flows_enroll.py | 6 +- tests/e2e/test_flows_login.py | 4 +- tests/e2e/test_flows_stage_setup.py | 6 +- tests/e2e/test_provider_ldap.py | 74 +++++++++---------- tests/e2e/test_provider_oauth2_github.py | 18 ++--- tests/e2e/test_provider_oauth2_grafana.py | 26 +++---- tests/e2e/test_provider_oauth2_oidc.py | 26 +++---- .../e2e/test_provider_oauth2_oidc_implicit.py | 14 ++-- tests/e2e/test_provider_proxy.py | 7 +- tests/e2e/test_provider_saml.py | 38 +++++----- tests/e2e/utils.py | 12 ++- 12 files changed, 122 insertions(+), 126 deletions(-) diff --git a/tests/e2e/test_flows_authenticators.py b/tests/e2e/test_flows_authenticators.py index 82aa05c85..c5b38f27b 100644 --- a/tests/e2e/test_flows_authenticators.py +++ b/tests/e2e/test_flows_authenticators.py @@ -17,7 +17,7 @@ from authentik.flows.models import Flow, FlowStageBinding from authentik.stages.authenticator_static.models import AuthenticatorStaticStage from authentik.stages.authenticator_totp.models import AuthenticatorTOTPStage from authentik.stages.authenticator_validate.models import AuthenticatorValidateStage -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry +from tests.e2e.utils import SeleniumTestCase, apply_migration, retry @skipUnless(platform.startswith("linux"), "requires local docker") @@ -32,8 +32,7 @@ class TestFlowsAuthenticator(SeleniumTestCase): """test flow with otp stages""" sleep(1) # Setup TOTP Device - user = USER() - device = TOTPDevice.objects.create(user=user, confirmed=True, digits=6) + device = TOTPDevice.objects.create(user=self.user, confirmed=True, digits=6) flow: Flow = Flow.objects.get(slug="default-authentication-flow") FlowStageBinding.objects.create( @@ -53,7 +52,7 @@ class TestFlowsAuthenticator(SeleniumTestCase): code_stage.find_element(By.CSS_SELECTOR, "input[name=code]").send_keys(totp.token()) code_stage.find_element(By.CSS_SELECTOR, "input[name=code]").send_keys(Keys.ENTER) self.wait_for_url(self.if_user_url("/library")) - self.assert_user(USER()) + self.assert_user(self.user) @retry() @apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp") @@ -68,7 +67,7 @@ class TestFlowsAuthenticator(SeleniumTestCase): self.login() self.wait_for_url(self.if_user_url("/library")) - self.assert_user(USER()) + self.assert_user(self.user) self.driver.get( self.url( @@ -98,7 +97,7 @@ class TestFlowsAuthenticator(SeleniumTestCase): totp_stage.find_element(By.CSS_SELECTOR, "input[name=code]").send_keys(Keys.ENTER) sleep(3) - self.assertTrue(TOTPDevice.objects.filter(user=USER(), confirmed=True).exists()) + self.assertTrue(TOTPDevice.objects.filter(user=self.user, confirmed=True).exists()) @retry() @apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp") @@ -113,7 +112,7 @@ class TestFlowsAuthenticator(SeleniumTestCase): self.login() self.wait_for_url(self.if_user_url("/library")) - self.assert_user(USER()) + self.assert_user(self.user) self.driver.get( self.url( @@ -134,6 +133,6 @@ class TestFlowsAuthenticator(SeleniumTestCase): self.wait_for_url(destination_url) sleep(1) - self.assertTrue(StaticDevice.objects.filter(user=USER(), confirmed=True).exists()) - device = StaticDevice.objects.filter(user=USER(), confirmed=True).first() + self.assertTrue(StaticDevice.objects.filter(user=self.user, confirmed=True).exists()) + device = StaticDevice.objects.filter(user=self.user, confirmed=True).first() self.assertTrue(StaticToken.objects.filter(token=token, device=device).exists()) diff --git a/tests/e2e/test_flows_enroll.py b/tests/e2e/test_flows_enroll.py index da6d2af72..7bedba8b2 100644 --- a/tests/e2e/test_flows_enroll.py +++ b/tests/e2e/test_flows_enroll.py @@ -16,7 +16,7 @@ from authentik.stages.identification.models import IdentificationStage from authentik.stages.prompt.models import FieldTypes, Prompt, PromptStage from authentik.stages.user_login.models import UserLoginStage from authentik.stages.user_write.models import UserWriteStage -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry +from tests.e2e.utils import SeleniumTestCase, apply_migration, retry @skipUnless(platform.startswith("linux"), "requires local docker") @@ -218,10 +218,10 @@ class TestFlowsEnroll(SeleniumTestCase): wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "input[name=username]"))) prompt_stage.find_element(By.CSS_SELECTOR, "input[name=username]").send_keys("foo") prompt_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys( - USER().username + self.user.username ) prompt_stage.find_element(By.CSS_SELECTOR, "input[name=password_repeat]").send_keys( - USER().username + self.user.username ) prompt_stage.find_element(By.CSS_SELECTOR, ".pf-c-button").click() diff --git a/tests/e2e/test_flows_login.py b/tests/e2e/test_flows_login.py index c9b1a6deb..956f44831 100644 --- a/tests/e2e/test_flows_login.py +++ b/tests/e2e/test_flows_login.py @@ -2,7 +2,7 @@ from sys import platform from unittest.case import skipUnless -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry +from tests.e2e.utils import SeleniumTestCase, apply_migration, retry @skipUnless(platform.startswith("linux"), "requires local docker") @@ -23,4 +23,4 @@ class TestFlowsLogin(SeleniumTestCase): ) self.login() self.wait_for_url(self.if_user_url("/library")) - self.assert_user(USER()) + self.assert_user(self.user) diff --git a/tests/e2e/test_flows_stage_setup.py b/tests/e2e/test_flows_stage_setup.py index ccb70a227..23cd3eca0 100644 --- a/tests/e2e/test_flows_stage_setup.py +++ b/tests/e2e/test_flows_stage_setup.py @@ -9,7 +9,7 @@ from authentik.core.models import User from authentik.flows.models import Flow, FlowDesignation from authentik.lib.generators import generate_key from authentik.stages.password.models import PasswordStage -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry +from tests.e2e.utils import SeleniumTestCase, apply_migration, retry @skipUnless(platform.startswith("linux"), "requires local docker") @@ -63,6 +63,6 @@ class TestFlowsStageSetup(SeleniumTestCase): ) self.wait_for_url(self.if_user_url("/library")) - # Because USER() is cached, we need to get the user manually here - user = User.objects.get(username=USER().username) + # Because self.user is cached, we need to get the user manually here + user = User.objects.get(username=self.user.username) self.assertTrue(user.check_password(new_password)) diff --git a/tests/e2e/test_provider_ldap.py b/tests/e2e/test_provider_ldap.py index 59868507c..97717f7d1 100644 --- a/tests/e2e/test_provider_ldap.py +++ b/tests/e2e/test_provider_ldap.py @@ -11,7 +11,6 @@ from ldap3 import ALL, ALL_ATTRIBUTES, ALL_OPERATIONAL_ATTRIBUTES, SUBTREE, Conn from ldap3.core.exceptions import LDAPInvalidCredentialsResult from authentik.core.models import Application, User -from authentik.core.tests.utils import create_test_admin_user from authentik.events.models import Event, EventAction from authentik.flows.models import Flow from authentik.outposts.managed import MANAGED_OUTPOST @@ -49,14 +48,13 @@ class TestProviderLDAP(SeleniumTestCase): def _prepare(self) -> User: """prepare user, provider, app and container""" # set additionalHeaders to test later - user = create_test_admin_user(set_password=True) - user.attributes["extraAttribute"] = "bar" - user.save() + self.user.attributes["extraAttribute"] = "bar" + self.user.save() ldap: LDAPProvider = LDAPProvider.objects.create( name="ldap_provider", authorization_flow=Flow.objects.get(slug="default-authentication-flow"), - search_group=user.ak_groups.first(), + search_group=self.user.ak_groups.first(), search_mode=SearchModes.CACHED, ) # we need to create an application to actually access the ldap @@ -80,7 +78,7 @@ class TestProviderLDAP(SeleniumTestCase): healthcheck_retries += 1 sleep(0.5) sleep(5) - return user, outpost + return outpost @retry() @apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp") @@ -88,22 +86,22 @@ class TestProviderLDAP(SeleniumTestCase): @object_manager def test_ldap_bind_success(self): """Test simple bind""" - user, _ = self._prepare() + self._prepare() server = Server("ldap://localhost:3389", get_info=ALL) _connection = Connection( server, raise_exceptions=True, - user=f"cn={user.username},ou=users,DC=ldap,DC=goauthentik,DC=io", - password=user.username, + user=f"cn={self.user.username},ou=users,DC=ldap,DC=goauthentik,DC=io", + password=self.user.username, ) _connection.bind() self.assertTrue( Event.objects.filter( action=EventAction.LOGIN, user={ - "pk": user.pk, - "email": user.email, - "username": user.username, + "pk": self.user.pk, + "email": self.user.email, + "username": self.user.username, }, ) ) @@ -114,22 +112,22 @@ class TestProviderLDAP(SeleniumTestCase): @object_manager def test_ldap_bind_success_ssl(self): """Test simple bind with ssl""" - user, _ = self._prepare() + self._prepare() server = Server("ldaps://localhost:6636", get_info=ALL) _connection = Connection( server, raise_exceptions=True, - user=f"cn={user.username},ou=users,DC=ldap,DC=goauthentik,DC=io", - password=user.username, + user=f"cn={self.user.username},ou=users,DC=ldap,DC=goauthentik,DC=io", + password=self.user.username, ) _connection.bind() self.assertTrue( Event.objects.filter( action=EventAction.LOGIN, user={ - "pk": user.pk, - "email": user.email, - "username": user.username, + "pk": self.user.pk, + "email": self.user.email, + "username": self.user.username, }, ) ) @@ -140,13 +138,13 @@ class TestProviderLDAP(SeleniumTestCase): @object_manager def test_ldap_bind_fail(self): """Test simple bind (failed)""" - user, _ = self._prepare() + self._prepare() server = Server("ldap://localhost:3389", get_info=ALL) _connection = Connection( server, raise_exceptions=True, - user=f"cn={user.username},ou=users,DC=ldap,DC=goauthentik,DC=io", - password=user.username + "fqwerwqer", + user=f"cn={self.user.username},ou=users,DC=ldap,DC=goauthentik,DC=io", + password=self.user.username + "fqwerwqer", ) with self.assertRaises(LDAPInvalidCredentialsResult): _connection.bind() @@ -164,27 +162,29 @@ class TestProviderLDAP(SeleniumTestCase): @object_manager def test_ldap_bind_search(self): """Test simple bind + search""" - user, outpost = self._prepare() + outpost = self._prepare() server = Server("ldap://localhost:3389", get_info=ALL) _connection = Connection( server, raise_exceptions=True, - user=f"cn={user.username},ou=users,dc=ldap,dc=goauthentik,dc=io", - password=user.username, + user=f"cn={self.user.username},ou=users,dc=ldap,dc=goauthentik,dc=io", + password=self.user.username, ) _connection.bind() self.assertTrue( Event.objects.filter( action=EventAction.LOGIN, user={ - "pk": user.pk, - "email": user.email, - "username": user.username, + "pk": self.user.pk, + "email": self.user.email, + "username": self.user.username, }, ) ) embedded_account = Outpost.objects.filter(managed=MANAGED_OUTPOST).first().user + # Remove akadmin to ensure list is correct + User.objects.filter(username="akadmin").delete() _connection.search( "ou=users,dc=ldap,dc=goauthentik,dc=io", @@ -256,25 +256,25 @@ class TestProviderLDAP(SeleniumTestCase): "type": "searchResEntry", }, { - "dn": f"cn={user.username},ou=users,dc=ldap,dc=goauthentik,dc=io", + "dn": f"cn={self.user.username},ou=users,dc=ldap,dc=goauthentik,dc=io", "attributes": { - "cn": [user.username], - "sAMAccountName": [user.username], - "uid": [user.uid], - "name": [user.name], - "displayName": [user.name], - "mail": [user.email], + "cn": [self.user.username], + "sAMAccountName": [self.user.username], + "uid": [self.user.uid], + "name": [self.user.name], + "displayName": [self.user.name], + "mail": [self.user.email], "objectClass": [ "user", "organizationalPerson", "inetOrgPerson", "goauthentik.io/ldap/user", ], - "uidNumber": [str(2000 + user.pk)], - "gidNumber": [str(2000 + user.pk)], + "uidNumber": [str(2000 + self.user.pk)], + "gidNumber": [str(2000 + self.user.pk)], "memberOf": [ f"cn={group.name},ou=groups,dc=ldap,dc=goauthentik,dc=io" - for group in user.ak_groups.all() + for group in self.user.ak_groups.all() ], "accountStatus": ["true"], "superuser": ["true"], diff --git a/tests/e2e/test_provider_oauth2_github.py b/tests/e2e/test_provider_oauth2_github.py index 85cd22f5a..922466ec0 100644 --- a/tests/e2e/test_provider_oauth2_github.py +++ b/tests/e2e/test_provider_oauth2_github.py @@ -14,7 +14,7 @@ from authentik.lib.generators import generate_id, generate_key from authentik.policies.expression.models import ExpressionPolicy from authentik.policies.models import PolicyBinding from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, retry +from tests.e2e.utils import SeleniumTestCase, apply_migration, retry @skipUnless(platform.startswith("linux"), "requires local docker") @@ -89,19 +89,19 @@ class TestProviderOAuth2Github(SeleniumTestCase): self.driver.get("http://localhost:3000/profile") self.assertEqual( self.driver.find_element(By.CLASS_NAME, "page-header__title").text, - USER().username, + self.user.username, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute("value"), - USER().username, + self.user.username, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=email]").get_attribute("value"), - USER().email, + self.user.email, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=login]").get_attribute("value"), - USER().username, + self.user.username, ) @retry() @@ -157,19 +157,19 @@ class TestProviderOAuth2Github(SeleniumTestCase): self.driver.get("http://localhost:3000/profile") self.assertEqual( self.driver.find_element(By.CLASS_NAME, "page-header__title").text, - USER().username, + self.user.username, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute("value"), - USER().username, + self.user.username, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=email]").get_attribute("value"), - USER().email, + self.user.email, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=login]").get_attribute("value"), - USER().username, + self.user.username, ) @retry() diff --git a/tests/e2e/test_provider_oauth2_grafana.py b/tests/e2e/test_provider_oauth2_grafana.py index 6037921af..e8ca46dea 100644 --- a/tests/e2e/test_provider_oauth2_grafana.py +++ b/tests/e2e/test_provider_oauth2_grafana.py @@ -20,7 +20,7 @@ from authentik.providers.oauth2.constants import ( SCOPE_OPENID_PROFILE, ) from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, object_manager, retry +from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry @skipUnless(platform.startswith("linux"), "requires local docker") @@ -147,19 +147,19 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): self.driver.get("http://localhost:3000/profile") self.assertEqual( self.driver.find_element(By.CLASS_NAME, "page-header__title").text, - USER().name, + self.user.name, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute("value"), - USER().name, + self.user.name, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=email]").get_attribute("value"), - USER().email, + self.user.email, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=login]").get_attribute("value"), - USER().email, + self.user.email, ) @retry() @@ -204,19 +204,19 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): self.driver.get("http://localhost:3000/profile") self.assertEqual( self.driver.find_element(By.CLASS_NAME, "page-header__title").text, - USER().name, + self.user.name, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute("value"), - USER().name, + self.user.name, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=email]").get_attribute("value"), - USER().email, + self.user.email, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=login]").get_attribute("value"), - USER().email, + self.user.email, ) self.driver.get("http://localhost:3000/logout") self.wait_for_url( @@ -286,19 +286,19 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): self.assertEqual( self.driver.find_element(By.CLASS_NAME, "page-header__title").text, - USER().name, + self.user.name, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=name]").get_attribute("value"), - USER().name, + self.user.name, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=email]").get_attribute("value"), - USER().email, + self.user.email, ) self.assertEqual( self.driver.find_element(By.CSS_SELECTOR, "input[name=login]").get_attribute("value"), - USER().email, + self.user.email, ) @retry() diff --git a/tests/e2e/test_provider_oauth2_oidc.py b/tests/e2e/test_provider_oauth2_oidc.py index 35eca332f..e0e7f99a9 100644 --- a/tests/e2e/test_provider_oauth2_oidc.py +++ b/tests/e2e/test_provider_oauth2_oidc.py @@ -22,7 +22,7 @@ from authentik.providers.oauth2.constants import ( SCOPE_OPENID_PROFILE, ) from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, object_manager, retry +from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry @skipUnless(platform.startswith("linux"), "requires local docker") @@ -146,14 +146,14 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "pre"))) body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text) - self.assertEqual(body["IDTokenClaims"]["nickname"], USER().username) - self.assertEqual(body["UserInfo"]["nickname"], USER().username) + self.assertEqual(body["IDTokenClaims"]["nickname"], self.user.username) + self.assertEqual(body["UserInfo"]["nickname"], self.user.username) - self.assertEqual(body["IDTokenClaims"]["name"], USER().name) - self.assertEqual(body["UserInfo"]["name"], USER().name) + self.assertEqual(body["IDTokenClaims"]["name"], self.user.name) + self.assertEqual(body["UserInfo"]["name"], self.user.name) - self.assertEqual(body["IDTokenClaims"]["email"], USER().email) - self.assertEqual(body["UserInfo"]["email"], USER().email) + self.assertEqual(body["IDTokenClaims"]["email"], self.user.email) + self.assertEqual(body["UserInfo"]["email"], self.user.email) @retry() @apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp") @@ -211,14 +211,14 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "pre"))) body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text) - self.assertEqual(body["IDTokenClaims"]["nickname"], USER().username) - self.assertEqual(body["UserInfo"]["nickname"], USER().username) + self.assertEqual(body["IDTokenClaims"]["nickname"], self.user.username) + self.assertEqual(body["UserInfo"]["nickname"], self.user.username) - self.assertEqual(body["IDTokenClaims"]["name"], USER().name) - self.assertEqual(body["UserInfo"]["name"], USER().name) + self.assertEqual(body["IDTokenClaims"]["name"], self.user.name) + self.assertEqual(body["UserInfo"]["name"], self.user.name) - self.assertEqual(body["IDTokenClaims"]["email"], USER().email) - self.assertEqual(body["UserInfo"]["email"], USER().email) + self.assertEqual(body["IDTokenClaims"]["email"], self.user.email) + self.assertEqual(body["UserInfo"]["email"], self.user.email) @retry() @apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp") diff --git a/tests/e2e/test_provider_oauth2_oidc_implicit.py b/tests/e2e/test_provider_oauth2_oidc_implicit.py index 0d1b42ad1..516d04bb5 100644 --- a/tests/e2e/test_provider_oauth2_oidc_implicit.py +++ b/tests/e2e/test_provider_oauth2_oidc_implicit.py @@ -22,7 +22,7 @@ from authentik.providers.oauth2.constants import ( SCOPE_OPENID_PROFILE, ) from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, object_manager, retry +from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry @skipUnless(platform.startswith("linux"), "requires local docker") @@ -148,9 +148,9 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase): sleep(1) body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text) print(body) - self.assertEqual(body["profile"]["nickname"], USER().username) - self.assertEqual(body["profile"]["name"], USER().name) - self.assertEqual(body["profile"]["email"], USER().email) + self.assertEqual(body["profile"]["nickname"], self.user.username) + self.assertEqual(body["profile"]["name"], self.user.name) + self.assertEqual(body["profile"]["email"], self.user.email) @retry() @apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp") @@ -210,9 +210,9 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase): sleep(1) body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text) - self.assertEqual(body["profile"]["nickname"], USER().username) - self.assertEqual(body["profile"]["name"], USER().name) - self.assertEqual(body["profile"]["email"], USER().email) + self.assertEqual(body["profile"]["nickname"], self.user.username) + self.assertEqual(body["profile"]["name"], self.user.name) + self.assertEqual(body["profile"]["email"], self.user.email) @retry() @apply_migration("authentik_core", "0002_auto_20200523_1133_squashed_0011_provider_name_temp") diff --git a/tests/e2e/test_provider_proxy.py b/tests/e2e/test_provider_proxy.py index 75c37c78f..ffca254fb 100644 --- a/tests/e2e/test_provider_proxy.py +++ b/tests/e2e/test_provider_proxy.py @@ -16,7 +16,7 @@ from authentik.flows.models import Flow from authentik.outposts.models import DockerServiceConnection, Outpost, OutpostConfig, OutpostType from authentik.outposts.tasks import outpost_local_connection from authentik.providers.proxy.models import ProxyProvider -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, object_manager, retry +from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry @skipUnless(platform.startswith("linux"), "requires local docker") @@ -62,9 +62,8 @@ class TestProviderProxy(SeleniumTestCase): def test_proxy_simple(self): """Test simple outpost setup with single provider""" # set additionalHeaders to test later - user = USER() - user.attributes["additionalHeaders"] = {"X-Foo": "bar"} - user.save() + self.user.attributes["additionalHeaders"] = {"X-Foo": "bar"} + self.user.save() proxy: ProxyProvider = ProxyProvider.objects.create( name="proxy_provider", diff --git a/tests/e2e/test_provider_saml.py b/tests/e2e/test_provider_saml.py index b4b5a9c26..eee3ee61e 100644 --- a/tests/e2e/test_provider_saml.py +++ b/tests/e2e/test_provider_saml.py @@ -16,7 +16,7 @@ from authentik.flows.models import Flow from authentik.policies.expression.models import ExpressionPolicy from authentik.policies.models import PolicyBinding from authentik.providers.saml.models import SAMLBindings, SAMLPropertyMapping, SAMLProvider -from tests.e2e.utils import USER, SeleniumTestCase, apply_migration, object_manager, retry +from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry @skipUnless(platform.startswith("linux"), "requires local docker") @@ -96,29 +96,29 @@ class TestProviderSAML(SeleniumTestCase): self.assertEqual( body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"], - [USER().name], + [self.user.name], ) self.assertEqual( body["attr"][ "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" ], - [USER().username], + [self.user.username], ) self.assertEqual( body["attr"]["http://schemas.goauthentik.io/2021/02/saml/username"], - [USER().username], + [self.user.username], ) self.assertEqual( body["attr"]["http://schemas.goauthentik.io/2021/02/saml/uid"], - [str(USER().pk)], + [str(self.user.pk)], ) self.assertEqual( body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"], - [USER().email], + [self.user.email], ) self.assertEqual( body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"], - [USER().email], + [self.user.email], ) @retry() @@ -174,29 +174,29 @@ class TestProviderSAML(SeleniumTestCase): self.assertEqual( body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"], - [USER().name], + [self.user.name], ) self.assertEqual( body["attr"][ "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" ], - [USER().username], + [self.user.username], ) self.assertEqual( body["attr"]["http://schemas.goauthentik.io/2021/02/saml/username"], - [USER().username], + [self.user.username], ) self.assertEqual( body["attr"]["http://schemas.goauthentik.io/2021/02/saml/uid"], - [str(USER().pk)], + [str(self.user.pk)], ) self.assertEqual( body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"], - [USER().email], + [self.user.email], ) self.assertEqual( body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"], - [USER().email], + [self.user.email], ) @retry() @@ -243,29 +243,29 @@ class TestProviderSAML(SeleniumTestCase): self.assertEqual( body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"], - [USER().name], + [self.user.name], ) self.assertEqual( body["attr"][ "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" ], - [USER().username], + [self.user.username], ) self.assertEqual( body["attr"]["http://schemas.goauthentik.io/2021/02/saml/username"], - [USER().username], + [self.user.username], ) self.assertEqual( body["attr"]["http://schemas.goauthentik.io/2021/02/saml/uid"], - [str(USER().pk)], + [str(self.user.pk)], ) self.assertEqual( body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"], - [USER().email], + [self.user.email], ) self.assertEqual( body["attr"]["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"], - [USER().email], + [self.user.email], ) @retry() diff --git a/tests/e2e/utils.py b/tests/e2e/utils.py index 5db09ccb0..8eecef7eb 100644 --- a/tests/e2e/utils.py +++ b/tests/e2e/utils.py @@ -27,15 +27,11 @@ from structlog.stdlib import get_logger from authentik.core.api.users import UserSerializer from authentik.core.models import User +from authentik.core.tests.utils import create_test_admin_user from authentik.managed.manager import ObjectManager RETRIES = int(environ.get("RETRIES", "3")) -# pylint: disable=invalid-name -def USER() -> User: # noqa - """Cached function that always returns akadmin""" - return User.objects.get(username="akadmin") - def get_docker_tag() -> str: """Get docker-tag based off of CI variables""" @@ -53,6 +49,7 @@ class SeleniumTestCase(ChannelsLiveServerTestCase): container: Optional[Container] = None wait_timeout: int + user: User def setUp(self): super().setUp() @@ -63,6 +60,7 @@ class SeleniumTestCase(ChannelsLiveServerTestCase): self.driver.implicitly_wait(30) self.wait = WebDriverWait(self.driver, self.wait_timeout) self.logger = get_logger() + self.user = create_test_admin_user(set_password=True) if specs := self.get_container_specs(): self.container = self._start_container(specs) @@ -162,7 +160,7 @@ class SeleniumTestCase(ChannelsLiveServerTestCase): identification_stage.find_element(By.CSS_SELECTOR, "input[name=uidField]").click() identification_stage.find_element(By.CSS_SELECTOR, "input[name=uidField]").send_keys( - USER().username + self.user.username ) identification_stage.find_element(By.CSS_SELECTOR, "input[name=uidField]").send_keys( Keys.ENTER @@ -171,7 +169,7 @@ class SeleniumTestCase(ChannelsLiveServerTestCase): flow_executor = self.get_shadow_root("ak-flow-executor") password_stage = self.get_shadow_root("ak-stage-password", flow_executor) password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys( - USER().username + self.user.username ) password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys(Keys.ENTER) sleep(1)