root: Random tests (#1825)

* root: add pytest-randomly to randomise tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: generate flows for testing instead of relying on existing ones

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: generate users for testing instead of relying on existing ones

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: use generated certificate

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: keep containers

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: use websockets test case

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens L 2021-11-22 22:56:02 +01:00 committed by GitHub
parent 666cf77b04
commit 9bb0d04aeb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
48 changed files with 343 additions and 271 deletions

View file

@ -89,8 +89,8 @@ jobs:
# Copy current, latest config to local # Copy current, latest config to local
cp authentik/lib/default.yml local.env.yml cp authentik/lib/default.yml local.env.yml
git checkout $(git describe --abbrev=0 --match 'version/*') git checkout $(git describe --abbrev=0 --match 'version/*')
git checkout ${{ steps.ev.outputs.branchName }} -- .github git checkout $GITHUB_HEAD_REF -- .github
git checkout ${{ steps.ev.outputs.branchName }} -- scripts git checkout $GITHUB_HEAD_REF -- scripts
- name: prepare - name: prepare
env: env:
INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }} INSTALL: ${{ steps.cache-pipenv.outputs.cache-hit }}
@ -104,7 +104,7 @@ jobs:
run: | run: |
set -x set -x
git fetch git fetch
git checkout ${{ steps.ev.outputs.branchName }} git checkout $GITHUB_HEAD_REF
pipenv sync --dev pipenv sync --dev
- name: prepare - name: prepare
env: env:

15
Pipfile
View file

@ -8,7 +8,10 @@ boto3 = "*"
celery = "*" celery = "*"
channels = "*" channels = "*"
channels-redis = "*" channels-redis = "*"
codespell = "*"
colorama = "*"
dacite = "*" dacite = "*"
deepmerge = "*"
defusedxml = "*" defusedxml = "*"
django = "*" django = "*"
django-dbbackup = { git = 'https://github.com/django-dbbackup/django-dbbackup.git', ref = '9d1909c30a3271c8c9c8450add30d6e0b996e145' } django-dbbackup = { git = 'https://github.com/django-dbbackup/django-dbbackup.git', ref = '9d1909c30a3271c8c9c8450add30d6e0b996e145' }
@ -23,6 +26,7 @@ djangorestframework = "*"
djangorestframework-guardian = "*" djangorestframework-guardian = "*"
docker = "*" docker = "*"
drf-spectacular = "*" drf-spectacular = "*"
duo-client = "*"
facebook-sdk = "*" facebook-sdk = "*"
geoip2 = "*" geoip2 = "*"
gunicorn = "*" gunicorn = "*"
@ -40,19 +44,15 @@ service_identity = "*"
structlog = "*" structlog = "*"
swagger-spec-validator = "*" swagger-spec-validator = "*"
twisted = "==21.7.0" twisted = "==21.7.0"
ua-parser = "*"
urllib3 = {extras = ["secure"],version = "*"} urllib3 = {extras = ["secure"],version = "*"}
uvicorn = {extras = ["standard"],version = "*"} uvicorn = {extras = ["standard"],version = "*"}
webauthn = "*" webauthn = "*"
xmlsec = "*" xmlsec = "*"
duo-client = "*"
ua-parser = "*"
deepmerge = "*"
colorama = "*"
codespell = "*"
[dev-packages] [dev-packages]
bandit = "*" bandit = "*"
black = "==21.9b0" black = "==21.11b1"
bump2version = "*" bump2version = "*"
colorama = "*" colorama = "*"
coverage = {extras = ["toml"],version = "*"} coverage = {extras = ["toml"],version = "*"}
@ -60,5 +60,6 @@ pylint = "*"
pylint-django = "*" pylint-django = "*"
pytest = "*" pytest = "*"
pytest-django = "*" pytest-django = "*"
selenium = "*" pytest-randomly = "*"
requests-mock = "*" requests-mock = "*"
selenium = "*"

80
Pipfile.lock generated
View file

@ -1,7 +1,7 @@
{ {
"_meta": { "_meta": {
"hash": { "hash": {
"sha256": "2955828c31ceb0f8266987b5a34cb31d2718d856997a384e7c0a92374ddfaa10" "sha256": "a5f447dcd7be11f8f36de5a849b89cca40d21bdc8d0098f34d6112c58e0a2236"
}, },
"pipfile-spec": 6, "pipfile-spec": 6,
"requires": {}, "requires": {},
@ -301,7 +301,7 @@
"sha256:e019de665e2bcf9c2b64e2e5aa025fa991da8720daa3c1138cadd2fd1856aed0", "sha256:e019de665e2bcf9c2b64e2e5aa025fa991da8720daa3c1138cadd2fd1856aed0",
"sha256:f7af805c321bfa1ce6714c51f254e0d5bb5e5834039bc17db7ebe3a4cec9492b" "sha256:f7af805c321bfa1ce6714c51f254e0d5bb5e5834039bc17db7ebe3a4cec9492b"
], ],
"markers": "python_version >= '3'", "markers": "python_full_version >= '3.5.0'",
"version": "==2.0.7" "version": "==2.0.7"
}, },
"click": { "click": {
@ -317,7 +317,7 @@
"sha256:a0713dc7a1de3f06bc0df5a9567ad19ead2d3d5689b434768a6145bff77c0667", "sha256:a0713dc7a1de3f06bc0df5a9567ad19ead2d3d5689b434768a6145bff77c0667",
"sha256:f184f0d851d96b6d29297354ed981b7dd71df7ff500d82fa6d11f0856bee8035" "sha256:f184f0d851d96b6d29297354ed981b7dd71df7ff500d82fa6d11f0856bee8035"
], ],
"markers": "python_full_version >= '3.6.2' and python_full_version < '4.0.0'", "markers": "python_version < '4' and python_full_version >= '3.6.2'",
"version": "==0.3.0" "version": "==0.3.0"
}, },
"click-plugins": { "click-plugins": {
@ -370,6 +370,7 @@
"sha256:684993ff6f67000a56454b41bdc7e015429732d65a52d06385b6e9de6181c71e", "sha256:684993ff6f67000a56454b41bdc7e015429732d65a52d06385b6e9de6181c71e",
"sha256:6fbbbb8aab4053fa018984bb0e95a16faeb051dd8cca15add2a27e267ba02b58", "sha256:6fbbbb8aab4053fa018984bb0e95a16faeb051dd8cca15add2a27e267ba02b58",
"sha256:8982c19bb90a4fa2aad3d635c6d71814e38b643649b4000a8419f8691f20ac44", "sha256:8982c19bb90a4fa2aad3d635c6d71814e38b643649b4000a8419f8691f20ac44",
"sha256:9511416e85e449fe1de73f7f99b21b3aa04fba4c4d335d30c486ba3756e3a2a6",
"sha256:97199a13b772e74cdcdb03760c32109c808aff7cd49c29e9cf4b7754bb725d1d", "sha256:97199a13b772e74cdcdb03760c32109c808aff7cd49c29e9cf4b7754bb725d1d",
"sha256:a776bae1629c8d7198396fd93ec0265f8dd2341c553dc32b976168aaf0e6a636", "sha256:a776bae1629c8d7198396fd93ec0265f8dd2341c553dc32b976168aaf0e6a636",
"sha256:aa94d617a4cd4cdf4af9b5af65100c036bce22280ebb15d8b5262e8273ebc6ba", "sha256:aa94d617a4cd4cdf4af9b5af65100c036bce22280ebb15d8b5262e8273ebc6ba",
@ -380,6 +381,7 @@
"sha256:f6a5a85beb33e57998dc605b9dbe7deaa806385fdf5c4810fb849fcd04640c81", "sha256:f6a5a85beb33e57998dc605b9dbe7deaa806385fdf5c4810fb849fcd04640c81",
"sha256:f92556f94e476c1b616e6daec5f7ddded2c082efa7cee7f31c7aeda615906ed8" "sha256:f92556f94e476c1b616e6daec5f7ddded2c082efa7cee7f31c7aeda615906ed8"
], ],
"markers": "python_version >= '3.6'",
"version": "==36.0.0" "version": "==36.0.0"
}, },
"dacite": { "dacite": {
@ -741,7 +743,7 @@
"sha256:1a29730d366e996aaacffb2f1f1cb9593dc38e2ddd30c91250c6dde09ea9b417", "sha256:1a29730d366e996aaacffb2f1f1cb9593dc38e2ddd30c91250c6dde09ea9b417",
"sha256:f38b2b640938a4f35ade69ac3d053042959b62a0f1076a5bbaa1b9526605a8a2" "sha256:f38b2b640938a4f35ade69ac3d053042959b62a0f1076a5bbaa1b9526605a8a2"
], ],
"markers": "python_version >= '3.5'", "markers": "python_full_version >= '3.5.0'",
"version": "==0.5.1" "version": "==0.5.1"
}, },
"jmespath": { "jmespath": {
@ -774,7 +776,7 @@
"sha256:52312adda60d92ba45b325f2c1505924656389222005f7e089718e1ad03bc07f" "sha256:52312adda60d92ba45b325f2c1505924656389222005f7e089718e1ad03bc07f"
], ],
"index": "pypi", "index": "pypi",
"version": "==19.15.0" "version": "==v19.15.0"
}, },
"ldap3": { "ldap3": {
"hashes": [ "hashes": [
@ -1266,11 +1268,11 @@
}, },
"redis": { "redis": {
"hashes": [ "hashes": [
"sha256:bc6832367d60e1a5f94d75314fc46e8ce6f07fee8e532ee1bfafaf4887f8b4bb", "sha256:c8481cf414474e3497ec7971a1ba9b998c8efad0f0d289a009a5bbef040894f9",
"sha256:cc642f70e0ebddce960818ba35776af6a18487cc38f66deace68d55b97e6e3cf" "sha256:ccf692811f2c1fc7a92b466aa2599e4a6d2d73d5f736a2c70be600657c0da34a"
], ],
"markers": "python_version >= '3.6'", "markers": "python_version >= '3.6'",
"version": "==4.0.1" "version": "==4.0.2"
}, },
"requests": { "requests": {
"hashes": [ "hashes": [
@ -1321,6 +1323,14 @@
"index": "pypi", "index": "pypi",
"version": "==21.1.0" "version": "==21.1.0"
}, },
"setuptools": {
"hashes": [
"sha256:157d21de9d055ab9e8ea3186d91e7f4f865e11f42deafa952d90842671fc2576",
"sha256:4adde3d1e1c89bde1c643c64d89cdd94cbfd8c75252ee459d4500bccb9c7d05d"
],
"markers": "python_version >= '3.6'",
"version": "==59.2.0"
},
"six": { "six": {
"hashes": [ "hashes": [
"sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926", "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926",
@ -1334,7 +1344,7 @@
"sha256:0c00730c74263a94e5a9919ade150dfc3b19c574389985446148402998287dae", "sha256:0c00730c74263a94e5a9919ade150dfc3b19c574389985446148402998287dae",
"sha256:48719e356bb8b42991bdbb1e8b83223757b93789c00910a616a071910ca4a64d" "sha256:48719e356bb8b42991bdbb1e8b83223757b93789c00910a616a071910ca4a64d"
], ],
"markers": "python_version >= '3.5'", "markers": "python_full_version >= '3.5.0'",
"version": "==0.4.2" "version": "==0.4.2"
}, },
"structlog": { "structlog": {
@ -1354,9 +1364,7 @@
"version": "==2.7.4" "version": "==2.7.4"
}, },
"twisted": { "twisted": {
"extras": [ "extras": [],
"tls"
],
"hashes": [ "hashes": [
"sha256:13c1d1d2421ae556d91e81e66cf0d4f4e4e1e4a36a0486933bee4305c6a4fb9b", "sha256:13c1d1d2421ae556d91e81e66cf0d4f4e4e1e4a36a0486933bee4305c6a4fb9b",
"sha256:2cd652542463277378b0d349f47c62f20d9306e57d1247baabd6d1d38a109006" "sha256:2cd652542463277378b0d349f47c62f20d9306e57d1247baabd6d1d38a109006"
@ -1775,11 +1783,11 @@
}, },
"black": { "black": {
"hashes": [ "hashes": [
"sha256:380f1b5da05e5a1429225676655dddb96f5ae8c75bdf91e53d798871b902a115", "sha256:802c6c30b637b28645b7fde282ed2569c0cd777dbe493a41b6a03c1d903f99ac",
"sha256:7de4cfc7eb6b710de325712d40125689101d21d25283eed7e9998722cf10eb91" "sha256:a042adbb18b3262faad5aff4e834ff186bb893f95ba3a8013f09de1e5569def2"
], ],
"index": "pypi", "index": "pypi",
"version": "==21.9b0" "version": "==21.11b1"
}, },
"bump2version": { "bump2version": {
"hashes": [ "hashes": [
@ -1856,7 +1864,7 @@
"sha256:e019de665e2bcf9c2b64e2e5aa025fa991da8720daa3c1138cadd2fd1856aed0", "sha256:e019de665e2bcf9c2b64e2e5aa025fa991da8720daa3c1138cadd2fd1856aed0",
"sha256:f7af805c321bfa1ce6714c51f254e0d5bb5e5834039bc17db7ebe3a4cec9492b" "sha256:f7af805c321bfa1ce6714c51f254e0d5bb5e5834039bc17db7ebe3a4cec9492b"
], ],
"markers": "python_version >= '3'", "markers": "python_full_version >= '3.5.0'",
"version": "==2.0.7" "version": "==2.0.7"
}, },
"click": { "click": {
@ -1944,6 +1952,7 @@
"sha256:684993ff6f67000a56454b41bdc7e015429732d65a52d06385b6e9de6181c71e", "sha256:684993ff6f67000a56454b41bdc7e015429732d65a52d06385b6e9de6181c71e",
"sha256:6fbbbb8aab4053fa018984bb0e95a16faeb051dd8cca15add2a27e267ba02b58", "sha256:6fbbbb8aab4053fa018984bb0e95a16faeb051dd8cca15add2a27e267ba02b58",
"sha256:8982c19bb90a4fa2aad3d635c6d71814e38b643649b4000a8419f8691f20ac44", "sha256:8982c19bb90a4fa2aad3d635c6d71814e38b643649b4000a8419f8691f20ac44",
"sha256:9511416e85e449fe1de73f7f99b21b3aa04fba4c4d335d30c486ba3756e3a2a6",
"sha256:97199a13b772e74cdcdb03760c32109c808aff7cd49c29e9cf4b7754bb725d1d", "sha256:97199a13b772e74cdcdb03760c32109c808aff7cd49c29e9cf4b7754bb725d1d",
"sha256:a776bae1629c8d7198396fd93ec0265f8dd2341c553dc32b976168aaf0e6a636", "sha256:a776bae1629c8d7198396fd93ec0265f8dd2341c553dc32b976168aaf0e6a636",
"sha256:aa94d617a4cd4cdf4af9b5af65100c036bce22280ebb15d8b5262e8273ebc6ba", "sha256:aa94d617a4cd4cdf4af9b5af65100c036bce22280ebb15d8b5262e8273ebc6ba",
@ -1954,6 +1963,7 @@
"sha256:f6a5a85beb33e57998dc605b9dbe7deaa806385fdf5c4810fb849fcd04640c81", "sha256:f6a5a85beb33e57998dc605b9dbe7deaa806385fdf5c4810fb849fcd04640c81",
"sha256:f92556f94e476c1b616e6daec5f7ddded2c082efa7cee7f31c7aeda615906ed8" "sha256:f92556f94e476c1b616e6daec5f7ddded2c082efa7cee7f31c7aeda615906ed8"
], ],
"markers": "python_version >= '3.6'",
"version": "==36.0.0" "version": "==36.0.0"
}, },
"gitdb": { "gitdb": {
@ -1987,6 +1997,14 @@
], ],
"version": "==3.3" "version": "==3.3"
}, },
"importlib-metadata": {
"hashes": [
"sha256:53ccfd5c134223e497627b9815d5030edf77d2ed573922f7a0b8f8bb81a1c100",
"sha256:75bdec14c397f528724c1bfd9709d660b33a4d2e77387a3358f20b848bb5e5fb"
],
"markers": "python_version < '3.10'",
"version": "==4.8.2"
},
"iniconfig": { "iniconfig": {
"hashes": [ "hashes": [
"sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3", "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3",
@ -1999,7 +2017,7 @@
"sha256:6f62d78e2f89b4500b080fe3a81690850cd254227f27f75c3a0c491a1f351ba7", "sha256:6f62d78e2f89b4500b080fe3a81690850cd254227f27f75c3a0c491a1f351ba7",
"sha256:e8443a5e7a020e9d7f97f1d7d9cd17c88bcb3bc7e218bf9cf5095fe550be2951" "sha256:e8443a5e7a020e9d7f97f1d7d9cd17c88bcb3bc7e218bf9cf5095fe550be2951"
], ],
"markers": "python_version < '4.0' and python_full_version >= '3.6.1'", "markers": "python_version < '4' and python_full_version >= '3.6.1'",
"version": "==5.10.1" "version": "==5.10.1"
}, },
"lazy-object-proxy": { "lazy-object-proxy": {
@ -2161,6 +2179,14 @@
"index": "pypi", "index": "pypi",
"version": "==4.4.0" "version": "==4.4.0"
}, },
"pytest-randomly": {
"hashes": [
"sha256:2c0a332c4b124e372e2473803bcc91ec87797664f4955afef2b844c0021662b1",
"sha256:cbd5c50b7c41491c202c71a3df33a75619d610a4f5c34aa2bd02ac30fce7cd43"
],
"index": "pypi",
"version": "==3.10.2"
},
"pyyaml": { "pyyaml": {
"hashes": [ "hashes": [
"sha256:0283c35a6a9fbf047493e3a0ce8d79ef5030852c51e9d911a27badfde0605293", "sha256:0283c35a6a9fbf047493e3a0ce8d79ef5030852c51e9d911a27badfde0605293",
@ -2272,10 +2298,18 @@
}, },
"selenium": { "selenium": {
"hashes": [ "hashes": [
"sha256:c942b166a21ce9c9065ad249b54059e926d39f9000167b5ca0fa4950d2ef9a82" "sha256:27e7b64df961d609f3d57237caa0df123abbbe22d038f2ec9e332fb90ec1a939"
], ],
"index": "pypi", "index": "pypi",
"version": "==4.0.0" "version": "==4.1.0"
},
"setuptools": {
"hashes": [
"sha256:157d21de9d055ab9e8ea3186d91e7f4f865e11f42deafa952d90842671fc2576",
"sha256:4adde3d1e1c89bde1c643c64d89cdd94cbfd8c75252ee459d4500bccb9c7d05d"
],
"markers": "python_version >= '3.6'",
"version": "==59.2.0"
}, },
"six": { "six": {
"hashes": [ "hashes": [
@ -2431,6 +2465,14 @@
], ],
"markers": "python_full_version >= '3.6.1'", "markers": "python_full_version >= '3.6.1'",
"version": "==1.0.0" "version": "==1.0.0"
},
"zipp": {
"hashes": [
"sha256:71c644c5369f4a6e07636f0aa966270449561fcea2e3d6747b8d23efaa9d7832",
"sha256:9fe5ea21568a0a70e50f273397638d39b03353731e6cbbb3fd8502a33fec40bc"
],
"markers": "python_version >= '3.6'",
"version": "==3.6.0"
} }
} }
} }

View file

@ -3,7 +3,8 @@ from django.urls import reverse
from django.utils.encoding import force_str from django.utils.encoding import force_str
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import Application, User from authentik.core.models import Application
from authentik.core.tests.utils import create_test_admin_user
from authentik.policies.dummy.models import DummyPolicy from authentik.policies.dummy.models import DummyPolicy
from authentik.policies.models import PolicyBinding from authentik.policies.models import PolicyBinding
@ -12,7 +13,7 @@ class TestApplicationsAPI(APITestCase):
"""Test applications API""" """Test applications API"""
def setUp(self) -> None: def setUp(self) -> None:
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.allowed = Application.objects.create(name="allowed", slug="allowed") self.allowed = Application.objects.create(name="allowed", slug="allowed")
self.denied = Application.objects.create(name="denied", slug="denied") self.denied = Application.objects.create(name="denied", slug="denied")
PolicyBinding.objects.create( PolicyBinding.objects.create(

View file

@ -6,6 +6,7 @@ from django.utils.encoding import force_str
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import User from authentik.core.models import User
from authentik.core.tests.utils import create_test_admin_user
class TestAuthenticatedSessionsAPI(APITestCase): class TestAuthenticatedSessionsAPI(APITestCase):
@ -13,7 +14,7 @@ class TestAuthenticatedSessionsAPI(APITestCase):
def setUp(self) -> None: def setUp(self) -> None:
super().setUp() super().setUp()
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.other_user = User.objects.create(username="normal-user") self.other_user = User.objects.create(username="normal-user")
def test_list(self): def test_list(self):

View file

@ -5,6 +5,7 @@ from django.test.testcases import TestCase
from django.urls import reverse from django.urls import reverse
from authentik.core.models import User from authentik.core.models import User
from authentik.core.tests.utils import create_test_admin_user
class TestImpersonation(TestCase): class TestImpersonation(TestCase):
@ -13,14 +14,14 @@ class TestImpersonation(TestCase):
def setUp(self) -> None: def setUp(self) -> None:
super().setUp() super().setUp()
self.other_user = User.objects.create(username="to-impersonate") self.other_user = User.objects.create(username="to-impersonate")
self.akadmin = User.objects.get(username="akadmin") self.user = create_test_admin_user()
def test_impersonate_simple(self): def test_impersonate_simple(self):
"""test simple impersonation and un-impersonation""" """test simple impersonation and un-impersonation"""
# test with an inactive user to ensure that still works # test with an inactive user to ensure that still works
self.other_user.is_active = False self.other_user.is_active = False
self.other_user.save() self.other_user.save()
self.client.force_login(self.akadmin) self.client.force_login(self.user)
self.client.get( self.client.get(
reverse( reverse(
@ -32,13 +33,13 @@ class TestImpersonation(TestCase):
response = self.client.get(reverse("authentik_api:user-me")) response = self.client.get(reverse("authentik_api:user-me"))
response_body = loads(response.content.decode()) response_body = loads(response.content.decode())
self.assertEqual(response_body["user"]["username"], self.other_user.username) self.assertEqual(response_body["user"]["username"], self.other_user.username)
self.assertEqual(response_body["original"]["username"], self.akadmin.username) self.assertEqual(response_body["original"]["username"], self.user.username)
self.client.get(reverse("authentik_core:impersonate-end")) self.client.get(reverse("authentik_core:impersonate-end"))
response = self.client.get(reverse("authentik_api:user-me")) response = self.client.get(reverse("authentik_api:user-me"))
response_body = loads(response.content.decode()) response_body = loads(response.content.decode())
self.assertEqual(response_body["user"]["username"], self.akadmin.username) self.assertEqual(response_body["user"]["username"], self.user.username)
self.assertNotIn("original", response_body) self.assertNotIn("original", response_body)
def test_impersonate_denied(self): def test_impersonate_denied(self):
@ -46,7 +47,7 @@ class TestImpersonation(TestCase):
self.client.force_login(self.other_user) self.client.force_login(self.other_user)
self.client.get( self.client.get(
reverse("authentik_core:impersonate-init", kwargs={"user_id": self.akadmin.pk}) reverse("authentik_core:impersonate-init", kwargs={"user_id": self.user.pk})
) )
response = self.client.get(reverse("authentik_api:user-me")) response = self.client.get(reverse("authentik_api:user-me"))

View file

@ -6,7 +6,8 @@ from rest_framework.serializers import ValidationError
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.api.propertymappings import PropertyMappingSerializer from authentik.core.api.propertymappings import PropertyMappingSerializer
from authentik.core.models import PropertyMapping, User from authentik.core.models import PropertyMapping
from authentik.core.tests.utils import create_test_admin_user
class TestPropertyMappingAPI(APITestCase): class TestPropertyMappingAPI(APITestCase):
@ -17,7 +18,7 @@ class TestPropertyMappingAPI(APITestCase):
self.mapping = PropertyMapping.objects.create( self.mapping = PropertyMapping.objects.create(
name="dummy", expression="""return {'foo': 'bar'}""" name="dummy", expression="""return {'foo': 'bar'}"""
) )
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.client.force_login(self.user) self.client.force_login(self.user)
def test_test_call(self): def test_test_call(self):

View file

@ -2,7 +2,8 @@
from django.urls import reverse from django.urls import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import PropertyMapping, User from authentik.core.models import PropertyMapping
from authentik.core.tests.utils import create_test_admin_user
class TestProvidersAPI(APITestCase): class TestProvidersAPI(APITestCase):
@ -13,7 +14,7 @@ class TestProvidersAPI(APITestCase):
self.mapping = PropertyMapping.objects.create( self.mapping = PropertyMapping.objects.create(
name="dummy", expression="""return {'foo': 'bar'}""" name="dummy", expression="""return {'foo': 'bar'}"""
) )
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.client.force_login(self.user) self.client.force_login(self.user)
def test_types(self): def test_types(self):

View file

@ -8,6 +8,7 @@ from rest_framework.test import APITestCase
from authentik.core.models import USER_ATTRIBUTE_TOKEN_EXPIRING, Token, TokenIntents, User from authentik.core.models import USER_ATTRIBUTE_TOKEN_EXPIRING, Token, TokenIntents, User
from authentik.core.tasks import clean_expired_models from authentik.core.tasks import clean_expired_models
from authentik.core.tests.utils import create_test_admin_user
class TestTokenAPI(APITestCase): class TestTokenAPI(APITestCase):
@ -16,7 +17,7 @@ class TestTokenAPI(APITestCase):
def setUp(self) -> None: def setUp(self) -> None:
super().setUp() super().setUp()
self.user = User.objects.create(username="testuser") self.user = User.objects.create(username="testuser")
self.admin = User.objects.get(username="akadmin") self.admin = create_test_admin_user()
self.client.force_login(self.user) self.client.force_login(self.user)
def test_token_create(self): def test_token_create(self):

View file

@ -3,7 +3,8 @@ from django.urls.base import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import USER_ATTRIBUTE_CHANGE_EMAIL, USER_ATTRIBUTE_CHANGE_USERNAME, User from authentik.core.models import USER_ATTRIBUTE_CHANGE_EMAIL, USER_ATTRIBUTE_CHANGE_USERNAME, User
from authentik.flows.models import Flow, FlowDesignation from authentik.core.tests.utils import create_test_admin_user, create_test_flow, create_test_tenant
from authentik.flows.models import FlowDesignation
from authentik.stages.email.models import EmailStage from authentik.stages.email.models import EmailStage
from authentik.tenants.models import Tenant from authentik.tenants.models import Tenant
@ -12,7 +13,7 @@ class TestUsersAPI(APITestCase):
"""Test Users API""" """Test Users API"""
def setUp(self) -> None: def setUp(self) -> None:
self.admin = User.objects.get(username="akadmin") self.admin = create_test_admin_user()
self.user = User.objects.create(username="test-user") self.user = User.objects.create(username="test-user")
def test_update_self(self): def test_update_self(self):
@ -69,10 +70,8 @@ class TestUsersAPI(APITestCase):
def test_recovery(self): def test_recovery(self):
"""Test user recovery link (no recovery flow set)""" """Test user recovery link (no recovery flow set)"""
flow = Flow.objects.create( flow = create_test_flow(FlowDesignation.RECOVERY)
name="test", title="test", slug="test", designation=FlowDesignation.RECOVERY tenant: Tenant = create_test_tenant()
)
tenant: Tenant = Tenant.objects.first()
tenant.flow_recovery = flow tenant.flow_recovery = flow
tenant.save() tenant.save()
self.client.force_login(self.admin) self.client.force_login(self.admin)
@ -99,10 +98,8 @@ class TestUsersAPI(APITestCase):
"""Test user recovery link (no email stage)""" """Test user recovery link (no email stage)"""
self.user.email = "foo@bar.baz" self.user.email = "foo@bar.baz"
self.user.save() self.user.save()
flow = Flow.objects.create( flow = create_test_flow(designation=FlowDesignation.RECOVERY)
name="test", title="test", slug="test", designation=FlowDesignation.RECOVERY tenant: Tenant = create_test_tenant()
)
tenant: Tenant = Tenant.objects.first()
tenant.flow_recovery = flow tenant.flow_recovery = flow
tenant.save() tenant.save()
self.client.force_login(self.admin) self.client.force_login(self.admin)
@ -115,10 +112,8 @@ class TestUsersAPI(APITestCase):
"""Test user recovery link""" """Test user recovery link"""
self.user.email = "foo@bar.baz" self.user.email = "foo@bar.baz"
self.user.save() self.user.save()
flow = Flow.objects.create( flow = create_test_flow(FlowDesignation.RECOVERY)
name="test", title="test", slug="test", designation=FlowDesignation.RECOVERY tenant: Tenant = create_test_tenant()
)
tenant: Tenant = Tenant.objects.first()
tenant.flow_recovery = flow tenant.flow_recovery = flow
tenant.save() tenant.save()

View file

@ -0,0 +1,55 @@
"""Test Utils"""
from typing import Optional
from django.utils.text import slugify
from authentik.core.models import Group, User
from authentik.crypto.builder import CertificateBuilder
from authentik.crypto.models import CertificateKeyPair
from authentik.flows.models import Flow, FlowDesignation
from authentik.lib.generators import generate_id
from authentik.tenants.models import Tenant
def create_test_flow(designation: FlowDesignation = FlowDesignation.STAGE_CONFIGURATION) -> Flow:
"""Generate a flow that can be used for testing"""
uid = generate_id(10)
return Flow.objects.create(
name=uid,
title=uid,
slug=slugify(uid),
designation=designation,
)
def create_test_admin_user(name: Optional[str] = None) -> User:
"""Generate a test-admin user"""
uid = generate_id(20) if not name else name
group = Group.objects.create(name=uid, is_superuser=True)
user = User.objects.create(
username=uid,
name=uid,
email=f"{uid}@goauthentik.io",
)
group.users.add(user)
return user
def create_test_tenant() -> Tenant:
"""Generate a test tenant, removing all other tenants to make sure this one
matches."""
uid = generate_id(20)
Tenant.objects.all().delete()
return Tenant.objects.create(domain=uid, default=True)
def create_test_cert() -> CertificateKeyPair:
"""Generate a certificate for testing"""
CertificateKeyPair.objects.filter(name="goauthentik.io").delete()
builder = CertificateBuilder()
builder.common_name = "goauthentik.io"
builder.build(
subject_alt_names=["goauthentik.io"],
validity_days=360,
)
return builder.save()

View file

@ -5,11 +5,10 @@ from django.urls import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.api.used_by import DeleteAction from authentik.core.api.used_by import DeleteAction
from authentik.core.models import User from authentik.core.tests.utils import create_test_admin_user, create_test_cert, create_test_flow
from authentik.crypto.api import CertificateKeyPairSerializer from authentik.crypto.api import CertificateKeyPairSerializer
from authentik.crypto.builder import CertificateBuilder from authentik.crypto.builder import CertificateBuilder
from authentik.crypto.models import CertificateKeyPair from authentik.crypto.models import CertificateKeyPair
from authentik.flows.models import Flow
from authentik.lib.generators import generate_key from authentik.lib.generators import generate_key
from authentik.providers.oauth2.models import OAuth2Provider from authentik.providers.oauth2.models import OAuth2Provider
@ -28,7 +27,7 @@ class TestCrypto(APITestCase):
def test_serializer(self): def test_serializer(self):
"""Test API Validation""" """Test API Validation"""
keypair = CertificateKeyPair.objects.first() keypair = create_test_cert()
self.assertTrue( self.assertTrue(
CertificateKeyPairSerializer( CertificateKeyPairSerializer(
data={ data={
@ -65,7 +64,7 @@ class TestCrypto(APITestCase):
def test_builder_api(self): def test_builder_api(self):
"""Test Builder (via API)""" """Test Builder (via API)"""
self.client.force_login(User.objects.get(username="akadmin")) self.client.force_login(create_test_admin_user())
self.client.post( self.client.post(
reverse("authentik_api:certificatekeypair-generate"), reverse("authentik_api:certificatekeypair-generate"),
data={"common_name": "foo", "subject_alt_name": "bar,baz", "validity_days": 3}, data={"common_name": "foo", "subject_alt_name": "bar,baz", "validity_days": 3},
@ -74,7 +73,7 @@ class TestCrypto(APITestCase):
def test_builder_api_invalid(self): def test_builder_api_invalid(self):
"""Test Builder (via API) (invalid)""" """Test Builder (via API) (invalid)"""
self.client.force_login(User.objects.get(username="akadmin")) self.client.force_login(create_test_admin_user())
response = self.client.post( response = self.client.post(
reverse("authentik_api:certificatekeypair-generate"), reverse("authentik_api:certificatekeypair-generate"),
data={}, data={},
@ -83,7 +82,7 @@ class TestCrypto(APITestCase):
def test_list(self): def test_list(self):
"""Test API List""" """Test API List"""
self.client.force_login(User.objects.get(username="akadmin")) self.client.force_login(create_test_admin_user())
response = self.client.get( response = self.client.get(
reverse( reverse(
"authentik_api:certificatekeypair-list", "authentik_api:certificatekeypair-list",
@ -93,8 +92,8 @@ class TestCrypto(APITestCase):
def test_certificate_download(self): def test_certificate_download(self):
"""Test certificate export (download)""" """Test certificate export (download)"""
self.client.force_login(User.objects.get(username="akadmin")) self.client.force_login(create_test_admin_user())
keypair = CertificateKeyPair.objects.first() keypair = create_test_cert()
response = self.client.get( response = self.client.get(
reverse( reverse(
"authentik_api:certificatekeypair-view-certificate", "authentik_api:certificatekeypair-view-certificate",
@ -114,8 +113,8 @@ class TestCrypto(APITestCase):
def test_private_key_download(self): def test_private_key_download(self):
"""Test private_key export (download)""" """Test private_key export (download)"""
self.client.force_login(User.objects.get(username="akadmin")) self.client.force_login(create_test_admin_user())
keypair = CertificateKeyPair.objects.first() keypair = create_test_cert()
response = self.client.get( response = self.client.get(
reverse( reverse(
"authentik_api:certificatekeypair-view-private-key", "authentik_api:certificatekeypair-view-private-key",
@ -135,15 +134,15 @@ class TestCrypto(APITestCase):
def test_used_by(self): def test_used_by(self):
"""Test used_by endpoint""" """Test used_by endpoint"""
self.client.force_login(User.objects.get(username="akadmin")) self.client.force_login(create_test_admin_user())
keypair = CertificateKeyPair.objects.first() keypair = create_test_cert()
provider = OAuth2Provider.objects.create( provider = OAuth2Provider.objects.create(
name="test", name="test",
client_id="test", client_id="test",
client_secret=generate_key(), client_secret=generate_key(),
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://localhost", redirect_uris="http://localhost",
rsa_key=CertificateKeyPair.objects.first(), rsa_key=keypair,
) )
response = self.client.get( response = self.client.get(
reverse( reverse(

View file

@ -3,7 +3,7 @@
from django.urls import reverse from django.urls import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import User from authentik.core.tests.utils import create_test_admin_user
from authentik.events.models import ( from authentik.events.models import (
Event, Event,
EventAction, EventAction,
@ -17,7 +17,7 @@ class TestEventsAPI(APITestCase):
"""Test Event API""" """Test Event API"""
def setUp(self) -> None: def setUp(self) -> None:
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.client.force_login(self.user) self.client.force_login(self.user)
def test_top_n(self): def test_top_n(self):

View file

@ -3,7 +3,8 @@
from django.urls import reverse from django.urls import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import Application, User from authentik.core.models import Application
from authentik.core.tests.utils import create_test_admin_user
from authentik.events.models import Event, EventAction from authentik.events.models import Event, EventAction
@ -12,7 +13,7 @@ class TestEventsMiddleware(APITestCase):
def setUp(self) -> None: def setUp(self) -> None:
super().setUp() super().setUp()
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.client.force_login(self.user) self.client.force_login(self.user)
def test_create(self): def test_create(self):

View file

@ -10,7 +10,7 @@ from django.test import RequestFactory
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
from authentik import __version__ from authentik import __version__
from authentik.core.models import User from authentik.core.tests.utils import create_test_admin_user
from authentik.flows.models import Flow from authentik.flows.models import Flow
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlanner from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlanner
@ -68,7 +68,7 @@ class Command(BaseCommand): # pragma: no cover
def benchmark_flows(self, proc_count): def benchmark_flows(self, proc_count):
"""Get full recovery link""" """Get full recovery link"""
flow = Flow.objects.get(slug="default-authentication-flow") flow = Flow.objects.get(slug="default-authentication-flow")
user = User.objects.get(username="akadmin") user = create_test_admin_user()
manager = Manager() manager = Manager()
return_dict = manager.dict() return_dict = manager.dict()

View file

@ -2,7 +2,7 @@
from django.urls import reverse from django.urls import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import User from authentik.core.tests.utils import create_test_admin_user
from authentik.flows.api.stages import StageSerializer, StageViewSet from authentik.flows.api.stages import StageSerializer, StageViewSet
from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding, Stage from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding, Stage
from authentik.policies.dummy.models import DummyPolicy from authentik.policies.dummy.models import DummyPolicy
@ -47,7 +47,7 @@ class TestFlowsAPI(APITestCase):
def test_api_diagram(self): def test_api_diagram(self):
"""Test flow diagram.""" """Test flow diagram."""
user = User.objects.get(username="akadmin") user = create_test_admin_user()
self.client.force_login(user) self.client.force_login(user)
flow = Flow.objects.create( flow = Flow.objects.create(
@ -77,7 +77,7 @@ class TestFlowsAPI(APITestCase):
def test_api_diagram_no_stages(self): def test_api_diagram_no_stages(self):
"""Test flow diagram with no stages.""" """Test flow diagram with no stages."""
user = User.objects.get(username="akadmin") user = create_test_admin_user()
self.client.force_login(user) self.client.force_login(user)
flow = Flow.objects.create( flow = Flow.objects.create(
@ -93,7 +93,7 @@ class TestFlowsAPI(APITestCase):
def test_types(self): def test_types(self):
"""Test Stage's types endpoint""" """Test Stage's types endpoint"""
user = User.objects.get(username="akadmin") user = create_test_admin_user()
self.client.force_login(user) self.client.force_login(user)
response = self.client.get( response = self.client.get(

View file

@ -6,7 +6,7 @@ from django.test.client import RequestFactory
from django.urls.base import reverse from django.urls.base import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import User from authentik.core.tests.utils import create_test_admin_user
from authentik.flows.challenge import ChallengeTypes from authentik.flows.challenge import ChallengeTypes
from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding, InvalidResponseAction from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding, InvalidResponseAction
from authentik.stages.dummy.models import DummyStage from authentik.stages.dummy.models import DummyStage
@ -18,7 +18,7 @@ class TestFlowInspector(APITestCase):
def setUp(self): def setUp(self):
self.request_factory = RequestFactory() self.request_factory = RequestFactory()
self.admin = User.objects.get(username="akadmin") self.admin = create_test_admin_user()
self.client.force_login(self.admin) self.client.force_login(self.admin)
def test(self): def test(self):
@ -77,7 +77,7 @@ class TestFlowInspector(APITestCase):
self.client.post( self.client.post(
reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug}), reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug}),
{"uid_field": "akadmin"}, {"uid_field": self.admin.username},
follow=True, follow=True,
) )
@ -89,5 +89,5 @@ class TestFlowInspector(APITestCase):
self.assertEqual(content["plans"][0]["current_stage"]["stage_obj"]["name"], "ident") self.assertEqual(content["plans"][0]["current_stage"]["stage_obj"]["name"], "ident")
self.assertEqual(content["current_plan"]["current_stage"]["stage_obj"]["name"], "dummy2") self.assertEqual(content["current_plan"]["current_stage"]["stage_obj"]["name"], "dummy2")
self.assertEqual( self.assertEqual(
content["current_plan"]["plan_context"]["pending_user"]["username"], "akadmin" content["current_plan"]["plan_context"]["pending_user"]["username"], self.admin.username
) )

View file

@ -2,6 +2,7 @@
from django.test import TestCase from django.test import TestCase
from django.urls import reverse from django.urls import reverse
from authentik.core.tests.utils import create_test_flow
from authentik.flows.models import Flow, FlowDesignation from authentik.flows.models import Flow, FlowDesignation
from authentik.flows.planner import FlowPlan from authentik.flows.planner import FlowPlan
from authentik.flows.views.executor import SESSION_KEY_PLAN from authentik.flows.views.executor import SESSION_KEY_PLAN
@ -12,9 +13,8 @@ class TestHelperView(TestCase):
def test_default_view(self): def test_default_view(self):
"""Test that ToDefaultFlow returns the expected URL""" """Test that ToDefaultFlow returns the expected URL"""
flow = Flow.objects.filter( Flow.objects.filter(designation=FlowDesignation.INVALIDATION).delete()
designation=FlowDesignation.INVALIDATION, flow = create_test_flow(FlowDesignation.INVALIDATION)
).first()
response = self.client.get( response = self.client.get(
reverse("authentik_flows:default-invalidation"), reverse("authentik_flows:default-invalidation"),
) )
@ -24,9 +24,8 @@ class TestHelperView(TestCase):
def test_default_view_invalid_plan(self): def test_default_view_invalid_plan(self):
"""Test that ToDefaultFlow returns the expected URL (with an invalid plan)""" """Test that ToDefaultFlow returns the expected URL (with an invalid plan)"""
flow = Flow.objects.filter( Flow.objects.filter(designation=FlowDesignation.INVALIDATION).delete()
designation=FlowDesignation.INVALIDATION, flow = create_test_flow(FlowDesignation.INVALIDATION)
).first()
plan = FlowPlan(flow_pk=flow.pk.hex + "aa") plan = FlowPlan(flow_pk=flow.pk.hex + "aa")
session = self.client.session session = self.client.session
session[SESSION_KEY_PLAN] = plan session[SESSION_KEY_PLAN] = plan

View file

@ -1,7 +1,7 @@
"""Test Evaluator base functions""" """Test Evaluator base functions"""
from django.test import TestCase from django.test import TestCase
from authentik.core.models import User from authentik.core.tests.utils import create_test_admin_user
from authentik.lib.expression.evaluator import BaseEvaluator from authentik.lib.expression.evaluator import BaseEvaluator
@ -19,12 +19,11 @@ class TestEvaluator(TestCase):
def test_user_by(self): def test_user_by(self):
"""Test expr_user_by""" """Test expr_user_by"""
self.assertIsNotNone(BaseEvaluator.expr_user_by(username="akadmin")) user = create_test_admin_user()
self.assertIsNotNone(BaseEvaluator.expr_user_by(username=user.username))
self.assertIsNone(BaseEvaluator.expr_user_by(username="bar")) self.assertIsNone(BaseEvaluator.expr_user_by(username="bar"))
self.assertIsNone(BaseEvaluator.expr_user_by(foo="bar")) self.assertIsNone(BaseEvaluator.expr_user_by(foo="bar"))
def test_is_group_member(self): def test_is_group_member(self):
"""Test expr_is_group_member""" """Test expr_is_group_member"""
self.assertFalse( self.assertFalse(BaseEvaluator.expr_is_group_member(create_test_admin_user(), name="test"))
BaseEvaluator.expr_is_group_member(User.objects.get(username="akadmin"), name="test")
)

View file

@ -1,7 +1,8 @@
"""Test HTTP Helpers""" """Test HTTP Helpers"""
from django.test import RequestFactory, TestCase from django.test import RequestFactory, TestCase
from authentik.core.models import USER_ATTRIBUTE_CAN_OVERRIDE_IP, Token, TokenIntents, User from authentik.core.models import USER_ATTRIBUTE_CAN_OVERRIDE_IP, Token, TokenIntents
from authentik.core.tests.utils import create_test_admin_user
from authentik.lib.utils.http import OUTPOST_REMOTE_IP_HEADER, OUTPOST_TOKEN_HEADER, get_client_ip from authentik.lib.utils.http import OUTPOST_REMOTE_IP_HEADER, OUTPOST_TOKEN_HEADER, get_client_ip
from authentik.lib.views import bad_request_message from authentik.lib.views import bad_request_message
@ -10,7 +11,7 @@ class TestHTTP(TestCase):
"""Test HTTP Helpers""" """Test HTTP Helpers"""
def setUp(self) -> None: def setUp(self) -> None:
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.factory = RequestFactory() self.factory = RequestFactory()
def test_bad_request_message(self): def test_bad_request_message(self):

View file

@ -2,8 +2,8 @@
from django.urls import reverse from django.urls import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import PropertyMapping, User from authentik.core.models import PropertyMapping
from authentik.flows.models import Flow from authentik.core.tests.utils import create_test_admin_user, create_test_flow
from authentik.outposts.api.outposts import OutpostSerializer from authentik.outposts.api.outposts import OutpostSerializer
from authentik.outposts.models import OutpostType, default_outpost_config from authentik.outposts.models import OutpostType, default_outpost_config
from authentik.providers.ldap.models import LDAPProvider from authentik.providers.ldap.models import LDAPProvider
@ -18,7 +18,7 @@ class TestOutpostServiceConnectionsAPI(APITestCase):
self.mapping = PropertyMapping.objects.create( self.mapping = PropertyMapping.objects.create(
name="dummy", expression="""return {'foo': 'bar'}""" name="dummy", expression="""return {'foo': 'bar'}"""
) )
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.client.force_login(self.user) self.client.force_login(self.user)
def test_outpost_validaton(self): def test_outpost_validaton(self):
@ -30,7 +30,7 @@ class TestOutpostServiceConnectionsAPI(APITestCase):
"config": default_outpost_config(), "config": default_outpost_config(),
"providers": [ "providers": [
ProxyProvider.objects.create( ProxyProvider.objects.create(
name="test", authorization_flow=Flow.objects.first() name="test", authorization_flow=create_test_flow()
).pk ).pk
], ],
} }
@ -43,7 +43,7 @@ class TestOutpostServiceConnectionsAPI(APITestCase):
"config": default_outpost_config(), "config": default_outpost_config(),
"providers": [ "providers": [
LDAPProvider.objects.create( LDAPProvider.objects.create(
name="test", authorization_flow=Flow.objects.first() name="test", authorization_flow=create_test_flow()
).pk ).pk
], ],
} }
@ -60,9 +60,7 @@ class TestOutpostServiceConnectionsAPI(APITestCase):
def test_outpost_config(self): def test_outpost_config(self):
"""Test Outpost's config field""" """Test Outpost's config field"""
provider = ProxyProvider.objects.create( provider = ProxyProvider.objects.create(name="test", authorization_flow=create_test_flow())
name="test", authorization_flow=Flow.objects.first()
)
invalid = OutpostSerializer(data={"name": "foo", "providers": [provider.pk], "config": ""}) invalid = OutpostSerializer(data={"name": "foo", "providers": [provider.pk], "config": ""})
self.assertFalse(invalid.is_valid()) self.assertFalse(invalid.is_valid())
self.assertIn("config", invalid.errors) self.assertIn("config", invalid.errors)

View file

@ -4,8 +4,7 @@ from django.contrib.auth.management import create_permissions
from django.test import TestCase from django.test import TestCase
from guardian.models import UserObjectPermission from guardian.models import UserObjectPermission
from authentik.crypto.models import CertificateKeyPair from authentik.core.tests.utils import create_test_cert, create_test_flow
from authentik.flows.models import Flow
from authentik.outposts.models import Outpost, OutpostType from authentik.outposts.models import Outpost, OutpostType
from authentik.providers.proxy.models import ProxyProvider from authentik.providers.proxy.models import ProxyProvider
@ -23,7 +22,7 @@ class OutpostTests(TestCase):
name="test", name="test",
internal_host="http://localhost", internal_host="http://localhost",
external_host="http://localhost", external_host="http://localhost",
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
) )
outpost: Outpost = Outpost.objects.create( outpost: Outpost = Outpost.objects.create(
name="test", name="test",
@ -45,7 +44,7 @@ class OutpostTests(TestCase):
self.assertEqual(permissions[1].object_pk, str(provider.pk)) self.assertEqual(permissions[1].object_pk, str(provider.pk))
# Provider requires a certificate-key-pair, user should have permissions for it # Provider requires a certificate-key-pair, user should have permissions for it
keypair = CertificateKeyPair.objects.first() keypair = create_test_cert()
provider.certificate = keypair provider.certificate = keypair
provider.save() provider.save()
permissions = UserObjectPermission.objects.filter(user=outpost.user).order_by( permissions = UserObjectPermission.objects.filter(user=outpost.user).order_by(

View file

@ -2,7 +2,7 @@
from django.urls import reverse from django.urls import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import Group, User from authentik.core.tests.utils import create_test_admin_user
from authentik.policies.models import PolicyBindingModel from authentik.policies.models import PolicyBindingModel
@ -12,8 +12,8 @@ class TestBindingsAPI(APITestCase):
def setUp(self) -> None: def setUp(self) -> None:
super().setUp() super().setUp()
self.pbm = PolicyBindingModel.objects.create() self.pbm = PolicyBindingModel.objects.create()
self.group = Group.objects.first() self.user = create_test_admin_user()
self.user = User.objects.get(username="akadmin") self.group = self.user.ak_groups.first()
self.client.force_login(self.user) self.client.force_login(self.user)
def test_valid_binding(self): def test_valid_binding(self):

View file

@ -2,7 +2,7 @@
from django.urls import reverse from django.urls import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import User from authentik.core.tests.utils import create_test_admin_user
from authentik.policies.dummy.models import DummyPolicy from authentik.policies.dummy.models import DummyPolicy
@ -12,7 +12,7 @@ class TestPoliciesAPI(APITestCase):
def setUp(self) -> None: def setUp(self) -> None:
super().setUp() super().setUp()
self.policy = DummyPolicy.objects.create(name="dummy", result=True) self.policy = DummyPolicy.objects.create(name="dummy", result=True)
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.client.force_login(self.user) self.client.force_login(self.user)
def test_test_call(self): def test_test_call(self):

View file

@ -2,8 +2,7 @@
from django.urls import reverse from django.urls import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import User from authentik.core.tests.utils import create_test_admin_user, create_test_flow
from authentik.flows.models import Flow, FlowDesignation
from authentik.providers.oauth2.models import JWTAlgorithms from authentik.providers.oauth2.models import JWTAlgorithms
@ -12,7 +11,7 @@ class TestOAuth2ProviderAPI(APITestCase):
def setUp(self) -> None: def setUp(self) -> None:
super().setUp() super().setUp()
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.client.force_login(self.user) self.client.force_login(self.user)
def test_validate(self): def test_validate(self):
@ -24,9 +23,7 @@ class TestOAuth2ProviderAPI(APITestCase):
data={ data={
"name": "test", "name": "test",
"jwt_alg": str(JWTAlgorithms.RS256), "jwt_alg": str(JWTAlgorithms.RS256),
"authorization_flow": Flow.objects.filter(designation=FlowDesignation.AUTHORIZATION) "authorization_flow": create_test_flow().pk,
.first()
.pk,
}, },
) )
self.assertJSONEqual( self.assertJSONEqual(

View file

@ -3,8 +3,8 @@ from django.test import RequestFactory
from django.urls import reverse from django.urls import reverse
from django.utils.encoding import force_str from django.utils.encoding import force_str
from authentik.core.models import Application, User from authentik.core.models import Application
from authentik.crypto.models import CertificateKeyPair from authentik.core.tests.utils import create_test_admin_user, create_test_cert, create_test_flow
from authentik.flows.challenge import ChallengeTypes from authentik.flows.challenge import ChallengeTypes
from authentik.flows.models import Flow from authentik.flows.models import Flow
from authentik.lib.generators import generate_id, generate_key from authentik.lib.generators import generate_id, generate_key
@ -43,7 +43,7 @@ class TestAuthorize(OAuthTestCase):
OAuth2Provider.objects.create( OAuth2Provider.objects.create(
name="test", name="test",
client_id="test", client_id="test",
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://local.invalid", redirect_uris="http://local.invalid",
) )
with self.assertRaises(AuthorizeError): with self.assertRaises(AuthorizeError):
@ -63,7 +63,7 @@ class TestAuthorize(OAuthTestCase):
OAuth2Provider.objects.create( OAuth2Provider.objects.create(
name="test", name="test",
client_id="test", client_id="test",
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://local.invalid", redirect_uris="http://local.invalid",
) )
with self.assertRaises(RedirectUriError): with self.assertRaises(RedirectUriError):
@ -85,7 +85,7 @@ class TestAuthorize(OAuthTestCase):
OAuth2Provider.objects.create( OAuth2Provider.objects.create(
name="test", name="test",
client_id="test", client_id="test",
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
) )
with self.assertRaises(RedirectUriError): with self.assertRaises(RedirectUriError):
request = self.factory.get("/", data={"response_type": "code", "client_id": "test"}) request = self.factory.get("/", data={"response_type": "code", "client_id": "test"})
@ -105,7 +105,7 @@ class TestAuthorize(OAuthTestCase):
OAuth2Provider.objects.create( OAuth2Provider.objects.create(
name="test", name="test",
client_id="test", client_id="test",
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://local.invalid", redirect_uris="http://local.invalid",
) )
request = self.factory.get( request = self.factory.get(
@ -184,7 +184,7 @@ class TestAuthorize(OAuthTestCase):
) )
Application.objects.create(name="app", slug="app", provider=provider) Application.objects.create(name="app", slug="app", provider=provider)
state = generate_id() state = generate_id()
user = User.objects.get(username="akadmin") user = create_test_admin_user()
self.client.force_login(user) self.client.force_login(user)
# Step 1, initiate params and get redirect to flow # Step 1, initiate params and get redirect to flow
self.client.get( self.client.get(
@ -218,11 +218,11 @@ class TestAuthorize(OAuthTestCase):
client_secret=generate_key(), client_secret=generate_key(),
authorization_flow=flow, authorization_flow=flow,
redirect_uris="http://localhost", redirect_uris="http://localhost",
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
) )
Application.objects.create(name="app", slug="app", provider=provider) Application.objects.create(name="app", slug="app", provider=provider)
state = generate_id() state = generate_id()
user = User.objects.get(username="akadmin") user = create_test_admin_user()
self.client.force_login(user) self.client.force_login(user)
# Step 1, initiate params and get redirect to flow # Step 1, initiate params and get redirect to flow
self.client.get( self.client.get(

View file

@ -6,8 +6,7 @@ from django.urls.base import reverse
from django.utils.encoding import force_str from django.utils.encoding import force_str
from authentik.core.models import Application from authentik.core.models import Application
from authentik.crypto.models import CertificateKeyPair from authentik.core.tests.utils import create_test_cert, create_test_flow
from authentik.flows.models import Flow
from authentik.providers.oauth2.models import OAuth2Provider from authentik.providers.oauth2.models import OAuth2Provider
from authentik.providers.oauth2.tests.utils import OAuthTestCase from authentik.providers.oauth2.tests.utils import OAuthTestCase
@ -24,9 +23,9 @@ class TestJWKS(OAuthTestCase):
provider = OAuth2Provider.objects.create( provider = OAuth2Provider.objects.create(
name="test", name="test",
client_id="test", client_id="test",
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://local.invalid", redirect_uris="http://local.invalid",
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
) )
app = Application.objects.create(name="test", slug="test", provider=provider) app = Application.objects.create(name="test", slug="test", provider=provider)
response = self.client.get( response = self.client.get(
@ -40,7 +39,7 @@ class TestJWKS(OAuthTestCase):
provider = OAuth2Provider.objects.create( provider = OAuth2Provider.objects.create(
name="test", name="test",
client_id="test", client_id="test",
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://local.invalid", redirect_uris="http://local.invalid",
) )
app = Application.objects.create(name="test", slug="test", provider=provider) app = Application.objects.create(name="test", slug="test", provider=provider)

View file

@ -5,10 +5,9 @@ from django.test import RequestFactory
from django.urls import reverse from django.urls import reverse
from django.utils.encoding import force_str from django.utils.encoding import force_str
from authentik.core.models import Application, User from authentik.core.models import Application
from authentik.crypto.models import CertificateKeyPair from authentik.core.tests.utils import create_test_admin_user, create_test_cert, create_test_flow
from authentik.events.models import Event, EventAction from authentik.events.models import Event, EventAction
from authentik.flows.models import Flow
from authentik.lib.generators import generate_id, generate_key from authentik.lib.generators import generate_id, generate_key
from authentik.providers.oauth2.constants import ( from authentik.providers.oauth2.constants import (
GRANT_TYPE_AUTHORIZATION_CODE, GRANT_TYPE_AUTHORIZATION_CODE,
@ -34,12 +33,12 @@ class TestToken(OAuthTestCase):
name="test", name="test",
client_id=generate_id(), client_id=generate_id(),
client_secret=generate_key(), client_secret=generate_key(),
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://testserver", redirect_uris="http://testserver",
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
) )
header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode() header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode()
user = User.objects.get(username="akadmin") user = create_test_admin_user()
code = AuthorizationCode.objects.create(code="foobar", provider=provider, user=user) code = AuthorizationCode.objects.create(code="foobar", provider=provider, user=user)
request = self.factory.post( request = self.factory.post(
"/", "/",
@ -61,9 +60,9 @@ class TestToken(OAuthTestCase):
name="test", name="test",
client_id=generate_id(), client_id=generate_id(),
client_secret=generate_key(), client_secret=generate_key(),
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://testserver", redirect_uris="http://testserver",
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
) )
header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode() header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode()
request = self.factory.post( request = self.factory.post(
@ -84,12 +83,12 @@ class TestToken(OAuthTestCase):
name="test", name="test",
client_id=generate_id(), client_id=generate_id(),
client_secret=generate_key(), client_secret=generate_key(),
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://local.invalid", redirect_uris="http://local.invalid",
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
) )
header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode() header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode()
user = User.objects.get(username="akadmin") user = create_test_admin_user()
token: RefreshToken = RefreshToken.objects.create( token: RefreshToken = RefreshToken.objects.create(
provider=provider, provider=provider,
user=user, user=user,
@ -113,15 +112,15 @@ class TestToken(OAuthTestCase):
name="test", name="test",
client_id=generate_id(), client_id=generate_id(),
client_secret=generate_key(), client_secret=generate_key(),
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://local.invalid", redirect_uris="http://local.invalid",
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
) )
# Needs to be assigned to an application for iss to be set # Needs to be assigned to an application for iss to be set
self.app.provider = provider self.app.provider = provider
self.app.save() self.app.save()
header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode() header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode()
user = User.objects.get(username="akadmin") user = create_test_admin_user()
code = AuthorizationCode.objects.create( code = AuthorizationCode.objects.create(
code="foobar", provider=provider, user=user, is_open_id=True code="foobar", provider=provider, user=user, is_open_id=True
) )
@ -155,15 +154,15 @@ class TestToken(OAuthTestCase):
name="test", name="test",
client_id=generate_id(), client_id=generate_id(),
client_secret=generate_key(), client_secret=generate_key(),
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://local.invalid", redirect_uris="http://local.invalid",
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
) )
# Needs to be assigned to an application for iss to be set # Needs to be assigned to an application for iss to be set
self.app.provider = provider self.app.provider = provider
self.app.save() self.app.save()
header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode() header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode()
user = User.objects.get(username="akadmin") user = create_test_admin_user()
token: RefreshToken = RefreshToken.objects.create( token: RefreshToken = RefreshToken.objects.create(
provider=provider, provider=provider,
user=user, user=user,
@ -204,12 +203,12 @@ class TestToken(OAuthTestCase):
name="test", name="test",
client_id=generate_id(), client_id=generate_id(),
client_secret=generate_key(), client_secret=generate_key(),
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://local.invalid", redirect_uris="http://local.invalid",
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
) )
header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode() header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode()
user = User.objects.get(username="akadmin") user = create_test_admin_user()
token: RefreshToken = RefreshToken.objects.create( token: RefreshToken = RefreshToken.objects.create(
provider=provider, provider=provider,
user=user, user=user,
@ -249,15 +248,15 @@ class TestToken(OAuthTestCase):
name="test", name="test",
client_id=generate_id(), client_id=generate_id(),
client_secret=generate_key(), client_secret=generate_key(),
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="http://testserver", redirect_uris="http://testserver",
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
) )
# Needs to be assigned to an application for iss to be set # Needs to be assigned to an application for iss to be set
self.app.provider = provider self.app.provider = provider
self.app.save() self.app.save()
header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode() header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode()
user = User.objects.get(username="akadmin") user = create_test_admin_user()
token: RefreshToken = RefreshToken.objects.create( token: RefreshToken = RefreshToken.objects.create(
provider=provider, provider=provider,
user=user, user=user,

View file

@ -5,10 +5,9 @@ from dataclasses import asdict
from django.urls import reverse from django.urls import reverse
from django.utils.encoding import force_str from django.utils.encoding import force_str
from authentik.core.models import Application, User from authentik.core.models import Application
from authentik.crypto.models import CertificateKeyPair from authentik.core.tests.utils import create_test_admin_user, create_test_cert, create_test_flow
from authentik.events.models import Event, EventAction from authentik.events.models import Event, EventAction
from authentik.flows.models import Flow
from authentik.lib.generators import generate_id, generate_key from authentik.lib.generators import generate_id, generate_key
from authentik.managed.manager import ObjectManager from authentik.managed.manager import ObjectManager
from authentik.providers.oauth2.models import IDToken, OAuth2Provider, RefreshToken, ScopeMapping from authentik.providers.oauth2.models import IDToken, OAuth2Provider, RefreshToken, ScopeMapping
@ -26,15 +25,15 @@ class TestUserinfo(OAuthTestCase):
name="test", name="test",
client_id=generate_id(), client_id=generate_id(),
client_secret=generate_key(), client_secret=generate_key(),
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
redirect_uris="", redirect_uris="",
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
) )
self.provider.property_mappings.set(ScopeMapping.objects.all()) self.provider.property_mappings.set(ScopeMapping.objects.all())
# Needs to be assigned to an application for iss to be set # Needs to be assigned to an application for iss to be set
self.app.provider = self.provider self.app.provider = self.provider
self.app.save() self.app.save()
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.token: RefreshToken = RefreshToken.objects.create( self.token: RefreshToken = RefreshToken.objects.create(
provider=self.provider, provider=self.provider,
user=self.user, user=self.user,
@ -57,12 +56,12 @@ class TestUserinfo(OAuthTestCase):
self.assertJSONEqual( self.assertJSONEqual(
force_str(res.content), force_str(res.content),
{ {
"name": "authentik Default Admin", "name": self.user.name,
"given_name": "authentik Default Admin", "given_name": self.user.name,
"family_name": "", "family_name": "",
"preferred_username": "akadmin", "preferred_username": self.user.name,
"nickname": "akadmin", "nickname": self.user.name,
"groups": ["authentik Admins"], "groups": [group.name for group in self.user.ak_groups.all()],
"sub": "bar", "sub": "bar",
}, },
) )
@ -80,12 +79,12 @@ class TestUserinfo(OAuthTestCase):
self.assertJSONEqual( self.assertJSONEqual(
force_str(res.content), force_str(res.content),
{ {
"name": "authentik Default Admin", "name": self.user.name,
"given_name": "authentik Default Admin", "given_name": self.user.name,
"family_name": "", "family_name": "",
"preferred_username": "akadmin", "preferred_username": self.user.name,
"nickname": "akadmin", "nickname": self.user.name,
"groups": ["authentik Admins"], "groups": [group.name for group in self.user.ak_groups.all()],
"sub": "bar", "sub": "bar",
}, },
) )

View file

@ -4,8 +4,9 @@ from tempfile import TemporaryFile
from django.urls import reverse from django.urls import reverse
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import Application, User from authentik.core.models import Application
from authentik.flows.models import Flow, FlowDesignation from authentik.core.tests.utils import create_test_admin_user, create_test_flow
from authentik.flows.models import FlowDesignation
from authentik.providers.saml.models import SAMLProvider from authentik.providers.saml.models import SAMLProvider
from authentik.providers.saml.tests.test_metadata import METADATA_SIMPLE from authentik.providers.saml.tests.test_metadata import METADATA_SIMPLE
@ -15,7 +16,7 @@ class TestSAMLProviderAPI(APITestCase):
def setUp(self) -> None: def setUp(self) -> None:
super().setUp() super().setUp()
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.client.force_login(self.user) self.client.force_login(self.user)
def test_metadata(self): def test_metadata(self):
@ -23,9 +24,7 @@ class TestSAMLProviderAPI(APITestCase):
self.client.logout() self.client.logout()
provider = SAMLProvider.objects.create( provider = SAMLProvider.objects.create(
name="test", name="test",
authorization_flow=Flow.objects.get( authorization_flow=create_test_flow(),
slug="default-provider-authorization-implicit-consent"
),
) )
Application.objects.create(name="test", provider=provider, slug="test") Application.objects.create(name="test", provider=provider, slug="test")
response = self.client.get( response = self.client.get(
@ -38,9 +37,7 @@ class TestSAMLProviderAPI(APITestCase):
self.client.logout() self.client.logout()
provider = SAMLProvider.objects.create( provider = SAMLProvider.objects.create(
name="test", name="test",
authorization_flow=Flow.objects.get( authorization_flow=create_test_flow(),
slug="default-provider-authorization-implicit-consent"
),
) )
Application.objects.create(name="test", provider=provider, slug="test") Application.objects.create(name="test", provider=provider, slug="test")
response = self.client.get( response = self.client.get(
@ -56,9 +53,7 @@ class TestSAMLProviderAPI(APITestCase):
# Provider without application # Provider without application
provider = SAMLProvider.objects.create( provider = SAMLProvider.objects.create(
name="test", name="test",
authorization_flow=Flow.objects.get( authorization_flow=create_test_flow(),
slug="default-provider-authorization-implicit-consent"
),
) )
response = self.client.get( response = self.client.get(
reverse("authentik_api:samlprovider-metadata", kwargs={"pk": provider.pk}), reverse("authentik_api:samlprovider-metadata", kwargs={"pk": provider.pk}),
@ -79,11 +74,7 @@ class TestSAMLProviderAPI(APITestCase):
{ {
"file": metadata, "file": metadata,
"name": "test", "name": "test",
"authorization_flow": Flow.objects.filter( "authorization_flow": create_test_flow(FlowDesignation.AUTHORIZATION).slug,
designation=FlowDesignation.AUTHORIZATION
)
.first()
.slug,
}, },
format="multipart", format="multipart",
) )
@ -100,11 +91,7 @@ class TestSAMLProviderAPI(APITestCase):
{ {
"file": metadata, "file": metadata,
"name": "test", "name": "test",
"authorization_flow": Flow.objects.filter( "authorization_flow": create_test_flow().slug,
designation=FlowDesignation.AUTHORIZATION
)
.first()
.slug,
}, },
format="multipart", format="multipart",
) )

View file

@ -4,10 +4,9 @@ from base64 import b64encode
from django.http.request import QueryDict from django.http.request import QueryDict
from django.test import RequestFactory, TestCase from django.test import RequestFactory, TestCase
from authentik.core.models import User from authentik.core.tests.utils import create_test_admin_user, create_test_cert, create_test_flow
from authentik.crypto.models import CertificateKeyPair from authentik.crypto.models import CertificateKeyPair
from authentik.events.models import Event, EventAction from authentik.events.models import Event, EventAction
from authentik.flows.models import Flow
from authentik.lib.tests.utils import get_request from authentik.lib.tests.utils import get_request
from authentik.managed.manager import ObjectManager from authentik.managed.manager import ObjectManager
from authentik.providers.saml.models import SAMLPropertyMapping, SAMLProvider from authentik.providers.saml.models import SAMLPropertyMapping, SAMLProvider
@ -76,11 +75,9 @@ class TestAuthNRequest(TestCase):
def setUp(self): def setUp(self):
ObjectManager().run() ObjectManager().run()
cert = CertificateKeyPair.objects.first() cert = create_test_cert()
self.provider: SAMLProvider = SAMLProvider.objects.create( self.provider: SAMLProvider = SAMLProvider.objects.create(
authorization_flow=Flow.objects.get( authorization_flow=create_test_flow(),
slug="default-provider-authorization-implicit-consent"
),
acs_url="http://testserver/source/saml/provider/acs/", acs_url="http://testserver/source/saml/provider/acs/",
signing_kp=cert, signing_kp=cert,
verification_kp=cert, verification_kp=cert,
@ -90,7 +87,7 @@ class TestAuthNRequest(TestCase):
self.source = SAMLSource.objects.create( self.source = SAMLSource.objects.create(
slug="provider", slug="provider",
issuer="authentik", issuer="authentik",
pre_authentication_flow=Flow.objects.get(slug="default-source-pre-authentication"), pre_authentication_flow=create_test_flow(),
signing_kp=cert, signing_kp=cert,
) )
self.factory = RequestFactory() self.factory = RequestFactory()
@ -186,9 +183,7 @@ class TestAuthNRequest(TestCase):
) )
provider = SAMLProvider( provider = SAMLProvider(
name="samltool", name="samltool",
authorization_flow=Flow.objects.get( authorization_flow=create_test_flow(),
slug="default-provider-authorization-implicit-consent"
),
acs_url="https://10.120.20.200/saml-sp/SAML2/POST", acs_url="https://10.120.20.200/saml-sp/SAML2/POST",
audience="https://10.120.20.200/saml-sp/SAML2/POST", audience="https://10.120.20.200/saml-sp/SAML2/POST",
issuer="https://10.120.20.200/saml-sp/SAML2/POST", issuer="https://10.120.20.200/saml-sp/SAML2/POST",
@ -206,16 +201,14 @@ class TestAuthNRequest(TestCase):
"""Test post request with static request""" """Test post request with static request"""
provider = SAMLProvider( provider = SAMLProvider(
name="aws", name="aws",
authorization_flow=Flow.objects.get( authorization_flow=create_test_flow(),
slug="default-provider-authorization-implicit-consent"
),
acs_url=( acs_url=(
"https://eu-central-1.signin.aws.amazon.com/platform/" "https://eu-central-1.signin.aws.amazon.com/platform/"
"saml/acs/2d737f96-55fb-4035-953e-5e24134eb778" "saml/acs/2d737f96-55fb-4035-953e-5e24134eb778"
), ),
audience="https://10.120.20.200/saml-sp/SAML2/POST", audience="https://10.120.20.200/saml-sp/SAML2/POST",
issuer="https://10.120.20.200/saml-sp/SAML2/POST", issuer="https://10.120.20.200/saml-sp/SAML2/POST",
signing_kp=CertificateKeyPair.objects.first(), signing_kp=create_test_cert(),
) )
parsed_request = AuthNRequestParser(provider).parse(POST_REQUEST) parsed_request = AuthNRequestParser(provider).parse(POST_REQUEST)
self.assertEqual(parsed_request.id, "aws_LDxLGeubpc5lx12gxCgS6uPbix1yd5re") self.assertEqual(parsed_request.id, "aws_LDxLGeubpc5lx12gxCgS6uPbix1yd5re")
@ -223,7 +216,8 @@ class TestAuthNRequest(TestCase):
def test_request_attributes(self): def test_request_attributes(self):
"""Test full SAML Request/Response flow, fully signed""" """Test full SAML Request/Response flow, fully signed"""
http_request = get_request("/", user=User.objects.get(username="akadmin")) user = create_test_admin_user()
http_request = get_request("/", user=user)
# First create an AuthNRequest # First create an AuthNRequest
request_proc = RequestProcessor(self.source, http_request, "test_state") request_proc = RequestProcessor(self.source, http_request, "test_state")
@ -235,11 +229,12 @@ class TestAuthNRequest(TestCase):
) )
# Now create a response and convert it to string (provider) # Now create a response and convert it to string (provider)
response_proc = AssertionProcessor(self.provider, http_request, parsed_request) response_proc = AssertionProcessor(self.provider, http_request, parsed_request)
self.assertIn("akadmin", response_proc.build_response()) self.assertIn(user.username, response_proc.build_response())
def test_request_attributes_invalid(self): def test_request_attributes_invalid(self):
"""Test full SAML Request/Response flow, fully signed""" """Test full SAML Request/Response flow, fully signed"""
http_request = get_request("/", user=User.objects.get(username="akadmin")) user = create_test_admin_user()
http_request = get_request("/", user=user)
# First create an AuthNRequest # First create an AuthNRequest
request_proc = RequestProcessor(self.source, http_request, "test_state") request_proc = RequestProcessor(self.source, http_request, "test_state")
@ -255,7 +250,7 @@ class TestAuthNRequest(TestCase):
) )
# Now create a response and convert it to string (provider) # Now create a response and convert it to string (provider)
response_proc = AssertionProcessor(self.provider, http_request, parsed_request) response_proc = AssertionProcessor(self.provider, http_request, parsed_request)
self.assertIn("akadmin", response_proc.build_response()) self.assertIn(user.username, response_proc.build_response())
events = Event.objects.filter( events = Event.objects.filter(
action=EventAction.CONFIGURATION_ERROR, action=EventAction.CONFIGURATION_ERROR,

View file

@ -3,7 +3,7 @@
from django.test import TestCase from django.test import TestCase
from authentik.flows.models import Flow from authentik.core.tests.utils import create_test_cert, create_test_flow
from authentik.providers.saml.models import SAMLBindings, SAMLPropertyMapping from authentik.providers.saml.models import SAMLBindings, SAMLPropertyMapping
from authentik.providers.saml.processors.metadata_parser import ServiceProviderMetadataParser from authentik.providers.saml.processors.metadata_parser import ServiceProviderMetadataParser
@ -65,7 +65,7 @@ class TestServiceProviderMetadataParser(TestCase):
"""Test ServiceProviderMetadataParser parsing and creation of SAML Provider""" """Test ServiceProviderMetadataParser parsing and creation of SAML Provider"""
def setUp(self) -> None: def setUp(self) -> None:
self.flow = Flow.objects.first() self.flow = create_test_flow()
def test_simple(self): def test_simple(self):
"""Test simple metadata without Singing""" """Test simple metadata without Singing"""
@ -81,6 +81,7 @@ class TestServiceProviderMetadataParser(TestCase):
def test_with_signing_cert(self): def test_with_signing_cert(self):
"""Test Metadata with signing cert""" """Test Metadata with signing cert"""
create_test_cert()
metadata = ServiceProviderMetadataParser().parse(METADATA_CERT) metadata = ServiceProviderMetadataParser().parse(METADATA_CERT)
provider = metadata.to_provider("test", self.flow) provider = metadata.to_provider("test", self.flow)
self.assertEqual(provider.acs_url, "http://localhost:8080/apps/user_saml/saml/acs") self.assertEqual(provider.acs_url, "http://localhost:8080/apps/user_saml/saml/acs")

View file

@ -4,8 +4,7 @@ from base64 import b64encode
from django.test import RequestFactory, TestCase from django.test import RequestFactory, TestCase
from lxml import etree # nosec from lxml import etree # nosec
from authentik.crypto.models import CertificateKeyPair from authentik.core.tests.utils import create_test_cert, create_test_flow
from authentik.flows.models import Flow
from authentik.lib.tests.utils import get_request from authentik.lib.tests.utils import get_request
from authentik.managed.manager import ObjectManager from authentik.managed.manager import ObjectManager
from authentik.providers.saml.models import SAMLPropertyMapping, SAMLProvider from authentik.providers.saml.models import SAMLPropertyMapping, SAMLProvider
@ -20,11 +19,9 @@ class TestSchema(TestCase):
def setUp(self): def setUp(self):
ObjectManager().run() ObjectManager().run()
cert = CertificateKeyPair.objects.first() cert = create_test_cert()
self.provider: SAMLProvider = SAMLProvider.objects.create( self.provider: SAMLProvider = SAMLProvider.objects.create(
authorization_flow=Flow.objects.get( authorization_flow=create_test_flow(),
slug="default-provider-authorization-implicit-consent"
),
acs_url="http://testserver/source/saml/provider/acs/", acs_url="http://testserver/source/saml/provider/acs/",
signing_kp=cert, signing_kp=cert,
verification_kp=cert, verification_kp=cert,
@ -35,7 +32,7 @@ class TestSchema(TestCase):
slug="provider", slug="provider",
issuer="authentik", issuer="authentik",
signing_kp=cert, signing_kp=cert,
pre_authentication_flow=Flow.objects.get(slug="default-source-pre-authentication"), pre_authentication_flow=create_test_flow(),
) )
self.factory = RequestFactory() self.factory = RequestFactory()

View file

@ -3,8 +3,7 @@ from defusedxml import ElementTree
from django.test import RequestFactory, TestCase from django.test import RequestFactory, TestCase
from lxml import etree # nosec from lxml import etree # nosec
from authentik.crypto.models import CertificateKeyPair from authentik.core.tests.utils import create_test_cert, create_test_flow
from authentik.flows.models import Flow
from authentik.sources.saml.models import SAMLSource from authentik.sources.saml.models import SAMLSource
from authentik.sources.saml.processors.metadata import MetadataProcessor from authentik.sources.saml.processors.metadata import MetadataProcessor
@ -20,8 +19,8 @@ class TestMetadataProcessor(TestCase):
source = SAMLSource.objects.create( source = SAMLSource.objects.create(
slug="provider", slug="provider",
issuer="authentik", issuer="authentik",
signing_kp=CertificateKeyPair.objects.first(), signing_kp=create_test_cert(),
pre_authentication_flow=Flow.objects.get(slug="default-source-pre-authentication"), pre_authentication_flow=create_test_flow(),
) )
request = self.factory.get("/") request = self.factory.get("/")
xml = MetadataProcessor(source, request).build_entity_descriptor() xml = MetadataProcessor(source, request).build_entity_descriptor()
@ -35,8 +34,8 @@ class TestMetadataProcessor(TestCase):
source = SAMLSource.objects.create( source = SAMLSource.objects.create(
slug="provider", slug="provider",
issuer="authentik", issuer="authentik",
signing_kp=CertificateKeyPair.objects.first(), signing_kp=create_test_cert(),
pre_authentication_flow=Flow.objects.get(slug="default-source-pre-authentication"), pre_authentication_flow=create_test_flow(),
) )
request = self.factory.get("/") request = self.factory.get("/")
xml = MetadataProcessor(source, request).build_entity_descriptor() xml = MetadataProcessor(source, request).build_entity_descriptor()
@ -48,7 +47,7 @@ class TestMetadataProcessor(TestCase):
source = SAMLSource.objects.create( source = SAMLSource.objects.create(
slug="provider", slug="provider",
issuer="authentik", issuer="authentik",
pre_authentication_flow=Flow.objects.get(slug="default-source-pre-authentication"), pre_authentication_flow=create_test_flow(),
) )
request = self.factory.get("/") request = self.factory.get("/")
xml = MetadataProcessor(source, request).build_entity_descriptor() xml = MetadataProcessor(source, request).build_entity_descriptor()

View file

@ -9,7 +9,7 @@ from rest_framework.exceptions import ValidationError
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from webauthn.helpers import bytes_to_base64url from webauthn.helpers import bytes_to_base64url
from authentik.core.models import User from authentik.core.tests.utils import create_test_admin_user
from authentik.flows.challenge import ChallengeTypes from authentik.flows.challenge import ChallengeTypes
from authentik.flows.models import Flow, FlowStageBinding, NotConfiguredAction from authentik.flows.models import Flow, FlowStageBinding, NotConfiguredAction
from authentik.lib.generators import generate_id, generate_key from authentik.lib.generators import generate_id, generate_key
@ -31,7 +31,7 @@ class AuthenticatorValidateStageTests(APITestCase):
"""Test validator stage""" """Test validator stage"""
def setUp(self) -> None: def setUp(self) -> None:
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.request_factory = RequestFactory() self.request_factory = RequestFactory()
def test_not_configured_action(self): def test_not_configured_action(self):
@ -53,7 +53,7 @@ class AuthenticatorValidateStageTests(APITestCase):
response = self.client.post( response = self.client.post(
reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug}), reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug}),
{"uid_field": "akadmin"}, {"uid_field": self.user.username},
) )
self.assertEqual(response.status_code, 302) self.assertEqual(response.status_code, 302)
response = self.client.get( response = self.client.get(

View file

@ -3,7 +3,7 @@ from django.urls import reverse
from rest_framework.serializers import ValidationError from rest_framework.serializers import ValidationError
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import User from authentik.core.tests.utils import create_test_admin_user
from authentik.stages.email.api import EmailStageSerializer from authentik.stages.email.api import EmailStageSerializer
from authentik.stages.email.models import EmailTemplates from authentik.stages.email.models import EmailTemplates
@ -13,8 +13,8 @@ class TestEmailStageAPI(APITestCase):
def setUp(self): def setUp(self):
super().setUp() super().setUp()
self.akadmin = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.client.force_login(self.akadmin) self.client.force_login(self.user)
def test_templates(self): def test_templates(self):
"""Test template list""" """Test template list"""

View file

@ -8,6 +8,7 @@ from guardian.shortcuts import get_anonymous_user
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import User from authentik.core.models import User
from authentik.core.tests.utils import create_test_admin_user
from authentik.flows.challenge import ChallengeTypes from authentik.flows.challenge import ChallengeTypes
from authentik.flows.markers import StageMarker from authentik.flows.markers import StageMarker
from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding
@ -167,7 +168,7 @@ class TestInvitationsAPI(APITestCase):
def setUp(self) -> None: def setUp(self) -> None:
super().setUp() super().setUp()
self.user = User.objects.get(username="akadmin") self.user = create_test_admin_user()
self.client.force_login(self.user) self.client.force_login(self.user)
def test_invite_create(self): def test_invite_create(self):

View file

@ -7,6 +7,7 @@ from rest_framework.exceptions import ErrorDetail
from rest_framework.test import APITestCase from rest_framework.test import APITestCase
from authentik.core.models import User from authentik.core.models import User
from authentik.core.tests.utils import create_test_admin_user
from authentik.flows.challenge import ChallengeTypes from authentik.flows.challenge import ChallengeTypes
from authentik.flows.markers import StageMarker from authentik.flows.markers import StageMarker
from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding
@ -202,8 +203,9 @@ class TestPromptStage(APITestCase):
def test_invalid_username(self): def test_invalid_username(self):
"""Test challenge_response validation""" """Test challenge_response validation"""
user = create_test_admin_user()
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()]) plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
self.prompt_data["username_prompt"] = "akadmin" self.prompt_data["username_prompt"] = user.username
challenge_response = PromptChallengeResponse( challenge_response = PromptChallengeResponse(
None, stage=self.stage, plan=plan, data=self.prompt_data None, stage=self.stage, plan=plan, data=self.prompt_data
) )

View file

@ -9,6 +9,7 @@ from rest_framework.test import APITestCase
from authentik.core.models import USER_ATTRIBUTE_SOURCES, Group, Source, User, UserSourceConnection from authentik.core.models import USER_ATTRIBUTE_SOURCES, Group, Source, User, UserSourceConnection
from authentik.core.sources.stage import PLAN_CONTEXT_SOURCES_CONNECTION from authentik.core.sources.stage import PLAN_CONTEXT_SOURCES_CONNECTION
from authentik.core.tests.utils import create_test_admin_user
from authentik.flows.challenge import ChallengeTypes from authentik.flows.challenge import ChallengeTypes
from authentik.flows.markers import StageMarker from authentik.flows.markers import StageMarker
from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding
@ -182,10 +183,11 @@ class TestUserWriteStage(APITestCase):
) )
def test_duplicate_data(self): def test_duplicate_data(self):
"""Test with duplicate data, should trigger error""" """Test with duplicate data, should trigger error"""
user = create_test_admin_user()
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()]) plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
session = self.client.session session = self.client.session
plan.context[PLAN_CONTEXT_PROMPT] = { plan.context[PLAN_CONTEXT_PROMPT] = {
"username": "akadmin", "username": user.username,
"attribute_some-custom-attribute": "test", "attribute_some-custom-attribute": "test",
"some_ignored_attribute": "bar", "some_ignored_attribute": "bar",
} }

View file

@ -4,6 +4,7 @@ from django.test.client import RequestFactory
from django.urls import reverse from django.urls import reverse
from django.utils.encoding import force_str from django.utils.encoding import force_str
from authentik.core.tests.utils import create_test_tenant
from authentik.events.models import Event, EventAction from authentik.events.models import Event, EventAction
from authentik.lib.config import CONFIG from authentik.lib.config import CONFIG
from authentik.lib.utils.time import timedelta_from_string from authentik.lib.utils.time import timedelta_from_string
@ -15,16 +16,15 @@ class TestTenants(TestCase):
def test_current_tenant(self): def test_current_tenant(self):
"""Test Current tenant API""" """Test Current tenant API"""
tenant = create_test_tenant()
self.assertJSONEqual( self.assertJSONEqual(
force_str(self.client.get(reverse("authentik_api:tenant-current")).content), force_str(self.client.get(reverse("authentik_api:tenant-current")).content),
{ {
"branding_logo": "/static/dist/assets/icons/icon_left_brand.svg", "branding_logo": "/static/dist/assets/icons/icon_left_brand.svg",
"branding_favicon": "/static/dist/assets/icons/icon.png", "branding_favicon": "/static/dist/assets/icons/icon.png",
"branding_title": "authentik", "branding_title": "authentik",
"matched_domain": "authentik-default", "matched_domain": tenant.domain,
"ui_footer_links": CONFIG.y("footer_links"), "ui_footer_links": CONFIG.y("footer_links"),
"flow_authentication": "default-authentication-flow",
"flow_invalidation": "default-invalidation-flow",
}, },
) )

View file

@ -10,7 +10,7 @@ from selenium.webdriver.support import expected_conditions as ec
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
from authentik.core.models import Application from authentik.core.models import Application
from authentik.crypto.models import CertificateKeyPair from authentik.core.tests.utils import create_test_cert
from authentik.flows.models import Flow from authentik.flows.models import Flow
from authentik.lib.generators import generate_id, generate_key from authentik.lib.generators import generate_id, generate_key
from authentik.policies.expression.models import ExpressionPolicy from authentik.policies.expression.models import ExpressionPolicy
@ -85,7 +85,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:3000/", redirect_uris="http://localhost:3000/",
authorization_flow=authorization_flow, authorization_flow=authorization_flow,
) )
@ -128,7 +128,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:3000/login/generic_oauth", redirect_uris="http://localhost:3000/login/generic_oauth",
authorization_flow=authorization_flow, authorization_flow=authorization_flow,
) )
@ -185,7 +185,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:3000/login/generic_oauth", redirect_uris="http://localhost:3000/login/generic_oauth",
authorization_flow=authorization_flow, authorization_flow=authorization_flow,
) )
@ -251,7 +251,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:3000/login/generic_oauth", redirect_uris="http://localhost:3000/login/generic_oauth",
) )
provider.property_mappings.set( provider.property_mappings.set(
@ -324,7 +324,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:3000/login/generic_oauth", redirect_uris="http://localhost:3000/login/generic_oauth",
) )
provider.property_mappings.set( provider.property_mappings.set(

View file

@ -12,7 +12,7 @@ from selenium.webdriver.support import expected_conditions as ec
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
from authentik.core.models import Application from authentik.core.models import Application
from authentik.crypto.models import CertificateKeyPair from authentik.core.tests.utils import create_test_cert
from authentik.flows.models import Flow from authentik.flows.models import Flow
from authentik.lib.generators import generate_id, generate_key from authentik.lib.generators import generate_id, generate_key
from authentik.policies.expression.models import ExpressionPolicy from authentik.policies.expression.models import ExpressionPolicy
@ -84,7 +84,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:9009/", redirect_uris="http://localhost:9009/",
authorization_flow=authorization_flow, authorization_flow=authorization_flow,
) )
@ -127,7 +127,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:9009/auth/callback", redirect_uris="http://localhost:9009/auth/callback",
authorization_flow=authorization_flow, authorization_flow=authorization_flow,
) )
@ -178,7 +178,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:9009/auth/callback", redirect_uris="http://localhost:9009/auth/callback",
) )
provider.property_mappings.set( provider.property_mappings.set(
@ -242,7 +242,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:9009/auth/callback", redirect_uris="http://localhost:9009/auth/callback",
) )
provider.property_mappings.set( provider.property_mappings.set(

View file

@ -12,7 +12,7 @@ from selenium.webdriver.support import expected_conditions as ec
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
from authentik.core.models import Application from authentik.core.models import Application
from authentik.crypto.models import CertificateKeyPair from authentik.core.tests.utils import create_test_cert
from authentik.flows.models import Flow from authentik.flows.models import Flow
from authentik.lib.generators import generate_id, generate_key from authentik.lib.generators import generate_id, generate_key
from authentik.policies.expression.models import ExpressionPolicy from authentik.policies.expression.models import ExpressionPolicy
@ -84,7 +84,7 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:9009/", redirect_uris="http://localhost:9009/",
authorization_flow=authorization_flow, authorization_flow=authorization_flow,
) )
@ -127,7 +127,7 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:9009/implicit/", redirect_uris="http://localhost:9009/implicit/",
authorization_flow=authorization_flow, authorization_flow=authorization_flow,
) )
@ -175,7 +175,7 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:9009/implicit/", redirect_uris="http://localhost:9009/implicit/",
) )
provider.property_mappings.set( provider.property_mappings.set(
@ -236,7 +236,7 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
client_type=ClientTypes.CONFIDENTIAL, client_type=ClientTypes.CONFIDENTIAL,
client_id=self.client_id, client_id=self.client_id,
client_secret=self.client_secret, client_secret=self.client_secret,
rsa_key=CertificateKeyPair.objects.first(), rsa_key=create_test_cert(),
redirect_uris="http://localhost:9009/implicit/", redirect_uris="http://localhost:9009/implicit/",
) )
provider.property_mappings.set( provider.property_mappings.set(

View file

@ -45,7 +45,6 @@ class TestProviderProxy(SeleniumTestCase):
image=self.get_container_image("goauthentik.io/dev-proxy"), image=self.get_container_image("goauthentik.io/dev-proxy"),
detach=True, detach=True,
network_mode="host", network_mode="host",
auto_remove=True,
environment={ environment={
"AUTHENTIK_HOST": self.live_server_url, "AUTHENTIK_HOST": self.live_server_url,
"AUTHENTIK_TOKEN": outpost.token.key, "AUTHENTIK_TOKEN": outpost.token.key,

View file

@ -12,7 +12,7 @@ from selenium.webdriver.support import expected_conditions as ec
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
from authentik.core.models import Application from authentik.core.models import Application
from authentik.crypto.models import CertificateKeyPair from authentik.core.tests.utils import create_test_cert
from authentik.flows.models import Flow from authentik.flows.models import Flow
from authentik.policies.expression.models import ExpressionPolicy from authentik.policies.expression.models import ExpressionPolicy
from authentik.policies.models import PolicyBinding from authentik.policies.models import PolicyBinding
@ -81,7 +81,7 @@ class TestProviderSAML(SeleniumTestCase):
issuer="authentik-e2e", issuer="authentik-e2e",
sp_binding=SAMLBindings.POST, sp_binding=SAMLBindings.POST,
authorization_flow=authorization_flow, authorization_flow=authorization_flow,
signing_kp=CertificateKeyPair.objects.first(), signing_kp=create_test_cert(),
) )
provider.property_mappings.set(SAMLPropertyMapping.objects.all()) provider.property_mappings.set(SAMLPropertyMapping.objects.all())
provider.save() provider.save()
@ -144,7 +144,7 @@ class TestProviderSAML(SeleniumTestCase):
issuer="authentik-e2e", issuer="authentik-e2e",
sp_binding=SAMLBindings.POST, sp_binding=SAMLBindings.POST,
authorization_flow=authorization_flow, authorization_flow=authorization_flow,
signing_kp=CertificateKeyPair.objects.first(), signing_kp=create_test_cert(),
) )
provider.property_mappings.set(SAMLPropertyMapping.objects.all()) provider.property_mappings.set(SAMLPropertyMapping.objects.all())
provider.save() provider.save()
@ -222,7 +222,7 @@ class TestProviderSAML(SeleniumTestCase):
issuer="authentik-e2e", issuer="authentik-e2e",
sp_binding=SAMLBindings.POST, sp_binding=SAMLBindings.POST,
authorization_flow=authorization_flow, authorization_flow=authorization_flow,
signing_kp=CertificateKeyPair.objects.first(), signing_kp=create_test_cert(),
) )
provider.property_mappings.set(SAMLPropertyMapping.objects.all()) provider.property_mappings.set(SAMLPropertyMapping.objects.all())
provider.save() provider.save()
@ -294,7 +294,7 @@ class TestProviderSAML(SeleniumTestCase):
issuer="authentik-e2e", issuer="authentik-e2e",
sp_binding=SAMLBindings.POST, sp_binding=SAMLBindings.POST,
authorization_flow=authorization_flow, authorization_flow=authorization_flow,
signing_kp=CertificateKeyPair.objects.first(), signing_kp=create_test_cert(),
) )
provider.property_mappings.set(SAMLPropertyMapping.objects.all()) provider.property_mappings.set(SAMLPropertyMapping.objects.all())
provider.save() provider.save()

View file

@ -6,8 +6,8 @@ from os import environ, makedirs
from time import sleep, time from time import sleep, time
from typing import Any, Callable, Optional from typing import Any, Callable, Optional
from channels.testing import ChannelsLiveServerTestCase
from django.apps import apps from django.apps import apps
from django.contrib.staticfiles.testing import StaticLiveServerTestCase
from django.db import connection from django.db import connection
from django.db.migrations.loader import MigrationLoader from django.db.migrations.loader import MigrationLoader
from django.db.migrations.operations.special import RunPython from django.db.migrations.operations.special import RunPython
@ -48,7 +48,7 @@ def get_docker_tag() -> str:
return f"gh-{branch_name}" return f"gh-{branch_name}"
class SeleniumTestCase(StaticLiveServerTestCase): class SeleniumTestCase(ChannelsLiveServerTestCase):
"""StaticLiveServerTestCase which automatically creates a Webdriver instance""" """StaticLiveServerTestCase which automatically creates a Webdriver instance"""
container: Optional[Container] = None container: Optional[Container] = None

View file

@ -1,7 +1,7 @@
"""outpost tests""" """outpost tests"""
from django.test import TestCase from django.test import TestCase
from authentik.flows.models import Flow from authentik.core.tests.utils import create_test_flow
from authentik.lib.config import CONFIG from authentik.lib.config import CONFIG
from authentik.outposts.controllers.k8s.deployment import DeploymentReconciler from authentik.outposts.controllers.k8s.deployment import DeploymentReconciler
from authentik.outposts.controllers.k8s.triggers import NeedsUpdate from authentik.outposts.controllers.k8s.triggers import NeedsUpdate
@ -22,7 +22,7 @@ class OutpostKubernetesTests(TestCase):
name="test", name="test",
internal_host="http://localhost", internal_host="http://localhost",
external_host="http://localhost", external_host="http://localhost",
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
) )
self.service_connection = KubernetesServiceConnection.objects.first() self.service_connection = KubernetesServiceConnection.objects.first()
self.outpost: Outpost = Outpost.objects.create( self.outpost: Outpost = Outpost.objects.create(

View file

@ -5,7 +5,7 @@ import yaml
from django.test import TestCase from django.test import TestCase
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
from authentik.flows.models import Flow from authentik.core.tests.utils import create_test_flow
from authentik.outposts.controllers.kubernetes import KubernetesController from authentik.outposts.controllers.kubernetes import KubernetesController
from authentik.outposts.models import KubernetesServiceConnection, Outpost, OutpostType from authentik.outposts.models import KubernetesServiceConnection, Outpost, OutpostType
from authentik.outposts.tasks import outpost_local_connection from authentik.outposts.tasks import outpost_local_connection
@ -38,7 +38,7 @@ class TestProxyKubernetes(TestCase):
name="test", name="test",
internal_host="http://localhost", internal_host="http://localhost",
external_host="http://localhost", external_host="http://localhost",
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
) )
service_connection = KubernetesServiceConnection.objects.first() service_connection = KubernetesServiceConnection.objects.first()
outpost: Outpost = Outpost.objects.create( outpost: Outpost = Outpost.objects.create(
@ -59,14 +59,14 @@ class TestProxyKubernetes(TestCase):
name="test", name="test",
internal_host="http://localhost", internal_host="http://localhost",
external_host="https://localhost", external_host="https://localhost",
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
) )
provider2: ProxyProvider = ProxyProvider.objects.create( provider2: ProxyProvider = ProxyProvider.objects.create(
name="test2", name="test2",
internal_host="http://otherhost", internal_host="http://otherhost",
external_host="https://otherhost", external_host="https://otherhost",
mode=ProxyMode.FORWARD_SINGLE, mode=ProxyMode.FORWARD_SINGLE,
authorization_flow=Flow.objects.first(), authorization_flow=create_test_flow(),
) )
service_connection = KubernetesServiceConnection.objects.first() service_connection = KubernetesServiceConnection.objects.first()