2017-09-03 20:02:38 +07:00
|
|
|
Feature: User is correctly redirected
|
2017-07-27 04:45:26 +07:00
|
|
|
|
2017-08-03 05:30:41 +07:00
|
|
|
Scenario: User is redirected to authelia when he is not authenticated
|
2017-11-03 03:34:07 +07:00
|
|
|
When I visit "https://public.example.com:8080"
|
2018-04-25 14:30:21 +07:00
|
|
|
Then I'm redirected to "https://login.example.com:8080/?rd=https://public.example.com:8080/"
|
2017-07-27 04:45:26 +07:00
|
|
|
|
2017-09-22 03:07:34 +07:00
|
|
|
@need-registered-user-john
|
2017-08-03 05:30:41 +07:00
|
|
|
Scenario: User is redirected to home page after several authentication tries
|
2017-11-03 03:34:07 +07:00
|
|
|
When I visit "https://public.example.com:8080/secret.html"
|
2017-09-22 03:07:34 +07:00
|
|
|
And I login with user "john" and password "badpassword"
|
2017-10-08 21:28:10 +07:00
|
|
|
And I wait for notification to disappear
|
2017-08-03 05:30:41 +07:00
|
|
|
And I clear field "username"
|
2018-08-10 03:24:02 +07:00
|
|
|
And I clear field "password"
|
2017-08-03 05:30:41 +07:00
|
|
|
And I login with user "john" and password "password"
|
2017-09-22 03:07:34 +07:00
|
|
|
And I use "REGISTERED" as TOTP token handle
|
2017-10-22 06:23:26 +07:00
|
|
|
And I click on "Sign in"
|
2017-11-03 03:34:07 +07:00
|
|
|
Then I'm redirected to "https://public.example.com:8080/secret.html"
|
2017-08-03 05:30:41 +07:00
|
|
|
|
2017-09-03 20:22:09 +07:00
|
|
|
Scenario: User Harry does not have access to admin domain and thus he must get an error 403
|
2017-08-03 05:30:41 +07:00
|
|
|
When I register TOTP and login with user "harry" and password "password"
|
2017-11-03 03:34:07 +07:00
|
|
|
And I visit "https://admin.example.com:8080/secret.html"
|
2017-09-22 22:53:18 +07:00
|
|
|
Then I get an error 403
|
|
|
|
|
|
|
|
Scenario: Redirection URL is propagated from restricted page to first factor
|
2017-11-03 03:34:07 +07:00
|
|
|
When I visit "https://public.example.com:8080/secret.html"
|
2018-04-25 14:30:21 +07:00
|
|
|
Then I'm redirected to "https://login.example.com:8080/?rd=https://public.example.com:8080/secret.html"
|
2017-09-22 22:53:18 +07:00
|
|
|
|
|
|
|
Scenario: Redirection URL is propagated from first factor to second factor
|
2017-11-03 03:34:07 +07:00
|
|
|
Given I visit "https://login.example.com:8080/"
|
2017-09-22 22:53:18 +07:00
|
|
|
And I login with user "john" and password "password"
|
|
|
|
And I register a TOTP secret called "Sec0"
|
2017-11-03 03:34:07 +07:00
|
|
|
When I visit "https://public.example.com:8080/secret.html"
|
2017-09-22 22:53:18 +07:00
|
|
|
And I login with user "john" and password "password"
|
2018-04-25 14:30:21 +07:00
|
|
|
Then I'm redirected to "https://login.example.com:8080/secondfactor?rd=https://public.example.com:8080/secret.html"
|
2017-09-22 22:53:18 +07:00
|
|
|
|
|
|
|
Scenario: Redirection URL is used to send user from second factor to target page
|
2017-11-03 03:34:07 +07:00
|
|
|
Given I visit "https://login.example.com:8080/"
|
2017-09-22 22:53:18 +07:00
|
|
|
And I login with user "john" and password "password"
|
|
|
|
And I register a TOTP secret called "Sec0"
|
2017-11-03 03:34:07 +07:00
|
|
|
When I visit "https://public.example.com:8080/secret.html"
|
2017-09-22 22:53:18 +07:00
|
|
|
And I login with user "john" and password "password"
|
|
|
|
And I use "Sec0" as TOTP token handle
|
2017-10-22 06:23:26 +07:00
|
|
|
And I click on "Sign in"
|
2017-11-03 03:34:07 +07:00
|
|
|
Then I'm redirected to "https://public.example.com:8080/secret.html"
|
2017-10-18 04:24:02 +07:00
|
|
|
|
|
|
|
@need-registered-user-john
|
|
|
|
Scenario: User is redirected to default URL defined in configuration when authentication is successful
|
2017-11-03 03:34:07 +07:00
|
|
|
When I visit "https://login.example.com:8080"
|
2017-10-18 04:24:02 +07:00
|
|
|
And I login with user "john" and password "password"
|
|
|
|
And I use "REGISTERED" as TOTP token handle
|
2017-10-22 06:23:26 +07:00
|
|
|
And I click on "Sign in"
|
2017-11-03 03:34:07 +07:00
|
|
|
Then I'm redirected to "https://home.example.com:8080/"
|
2017-11-01 20:24:18 +07:00
|
|
|
|
|
|
|
|
|
|
|
Scenario: User is redirected when hitting an error 401
|
2017-11-03 03:34:07 +07:00
|
|
|
When I visit "https://login.example.com:8080/secondfactor/u2f/identity/finish"
|
|
|
|
Then I'm redirected to "https://login.example.com:8080/error/401"
|
2017-11-01 20:24:18 +07:00
|
|
|
And I sleep for 5 seconds
|
2017-11-03 03:34:07 +07:00
|
|
|
And I'm redirected to "https://home.example.com:8080/"
|
2017-11-01 20:24:18 +07:00
|
|
|
|
|
|
|
@need-registered-user-harry
|
|
|
|
Scenario: User is redirected when hitting an error 403
|
2017-11-03 03:34:07 +07:00
|
|
|
When I visit "https://login.example.com:8080"
|
2017-11-01 20:24:18 +07:00
|
|
|
And I login with user "harry" and password "password"
|
|
|
|
And I use "REGISTERED" as TOTP token handle
|
|
|
|
And I click on "Sign in"
|
2017-11-03 03:34:07 +07:00
|
|
|
And I'm redirected to "https://home.example.com:8080/"
|
|
|
|
When I visit "https://admin.example.com:8080/secret.html"
|
|
|
|
Then I'm redirected to "https://login.example.com:8080/error/403"
|
2017-11-01 20:24:18 +07:00
|
|
|
And I sleep for 5 seconds
|
2018-04-25 14:30:21 +07:00
|
|
|
And I'm redirected to "https://home.example.com:8080/"
|