2019-11-02 21:32:58 +07:00
|
|
|
package suites
|
|
|
|
|
|
|
|
import (
|
2019-11-25 03:27:59 +07:00
|
|
|
"context"
|
|
|
|
"fmt"
|
2019-11-02 21:32:58 +07:00
|
|
|
"testing"
|
2019-11-25 03:27:59 +07:00
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/stretchr/testify/suite"
|
2019-11-02 21:32:58 +07:00
|
|
|
)
|
|
|
|
|
|
|
|
type NetworkACLSuite struct {
|
2019-11-25 03:27:59 +07:00
|
|
|
suite.Suite
|
2019-11-02 21:32:58 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
func NewNetworkACLSuite() *NetworkACLSuite {
|
2019-11-30 23:49:52 +07:00
|
|
|
return &NetworkACLSuite{}
|
2019-11-25 03:27:59 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon2FA() {
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
|
|
defer cancel()
|
|
|
|
|
2019-11-30 23:49:52 +07:00
|
|
|
wds, err := StartWebDriver()
|
|
|
|
s.Require().NoError(err)
|
2020-05-06 02:35:32 +07:00
|
|
|
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-10 06:03:05 +07:00
|
|
|
defer func() {
|
|
|
|
err = wds.Stop()
|
|
|
|
s.Require().NoError(err)
|
|
|
|
}()
|
2019-11-25 03:27:59 +07:00
|
|
|
|
2019-11-30 23:49:52 +07:00
|
|
|
targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)
|
|
|
|
wds.doVisit(s.T(), targetURL)
|
|
|
|
wds.verifyIsFirstFactorPage(ctx, s.T())
|
2019-11-25 03:27:59 +07:00
|
|
|
|
2019-11-30 23:49:52 +07:00
|
|
|
wds.doRegisterAndLogin2FA(ctx, s.T(), "john", "password", false, targetURL)
|
|
|
|
wds.verifySecretAuthorized(ctx, s.T())
|
2019-11-25 03:27:59 +07:00
|
|
|
}
|
|
|
|
|
2020-05-02 12:06:39 +07:00
|
|
|
// from network 192.168.240.201/32.
|
2019-11-25 03:27:59 +07:00
|
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon1FA() {
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
|
|
defer cancel()
|
|
|
|
|
2020-11-28 07:06:42 +07:00
|
|
|
wds, err := StartWebDriverWithProxy("http://proxy-client1.example.com:3128", GetWebDriverPort())
|
2019-11-30 23:49:52 +07:00
|
|
|
s.Require().NoError(err)
|
2020-05-06 02:35:32 +07:00
|
|
|
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-10 06:03:05 +07:00
|
|
|
defer func() {
|
|
|
|
err = wds.Stop()
|
|
|
|
s.Require().NoError(err)
|
|
|
|
}()
|
2019-11-30 23:49:52 +07:00
|
|
|
|
2019-11-25 03:27:59 +07:00
|
|
|
targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)
|
2019-11-30 23:49:52 +07:00
|
|
|
wds.doVisit(s.T(), targetURL)
|
|
|
|
wds.verifyIsFirstFactorPage(ctx, s.T())
|
2019-11-25 03:27:59 +07:00
|
|
|
|
2019-11-30 23:49:52 +07:00
|
|
|
wds.doLoginOneFactor(ctx, s.T(), "john", "password",
|
2019-11-25 03:27:59 +07:00
|
|
|
false, fmt.Sprintf("%s/secret.html", SecureBaseURL))
|
2019-11-30 23:49:52 +07:00
|
|
|
wds.verifySecretAuthorized(ctx, s.T())
|
2019-11-25 03:27:59 +07:00
|
|
|
}
|
|
|
|
|
2020-05-02 12:06:39 +07:00
|
|
|
// from network 192.168.240.202/32.
|
2019-11-25 03:27:59 +07:00
|
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon0FA() {
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
|
|
defer cancel()
|
|
|
|
|
2020-11-28 07:06:42 +07:00
|
|
|
wds, err := StartWebDriverWithProxy("http://proxy-client2.example.com:3128", GetWebDriverPort())
|
2019-11-30 23:49:52 +07:00
|
|
|
s.Require().NoError(err)
|
2020-05-06 02:35:32 +07:00
|
|
|
|
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-10 06:03:05 +07:00
|
|
|
defer func() {
|
|
|
|
err = wds.Stop()
|
|
|
|
s.Require().NoError(err)
|
|
|
|
}()
|
2019-11-30 23:49:52 +07:00
|
|
|
|
|
|
|
wds.doVisit(s.T(), fmt.Sprintf("%s/secret.html", SecureBaseURL))
|
|
|
|
wds.verifySecretAuthorized(ctx, s.T())
|
2019-11-02 21:32:58 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestNetworkACLSuite(t *testing.T) {
|
2021-03-14 14:08:26 +07:00
|
|
|
if testing.Short() {
|
|
|
|
t.Skip("skipping suite test in short mode")
|
|
|
|
}
|
|
|
|
|
2019-11-25 03:27:59 +07:00
|
|
|
suite.Run(t, NewNetworkACLSuite())
|
2019-11-02 21:32:58 +07:00
|
|
|
}
|