mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
469daedd36
* adaptively delay 1FA by the actual execution time of authentication * should grow and shrink over time as successful attempts are made * uses the average of the last 10 successful attempts to calculate * starts at an average of 1000ms * minimum is 250ms * a random delay is added to the largest of avg or minimum * the random delay is between 0ms and 85ms * bump LDAP suite to 80s timeout * bump regulation scenario to 45s * add mutex locking * amend logging * add docs * add tests Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
81 lines
2.5 KiB
Go
81 lines
2.5 KiB
Go
package suites
|
|
|
|
import (
|
|
"context"
|
|
"log"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/suite"
|
|
)
|
|
|
|
type RegulationScenario struct {
|
|
*SeleniumSuite
|
|
}
|
|
|
|
func NewRegulationScenario() *RegulationScenario {
|
|
return &RegulationScenario{
|
|
SeleniumSuite: new(SeleniumSuite),
|
|
}
|
|
}
|
|
|
|
func (s *RegulationScenario) SetupSuite() {
|
|
wds, err := StartWebDriver()
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
s.WebDriverSession = wds
|
|
}
|
|
|
|
func (s *RegulationScenario) TearDownSuite() {
|
|
err := s.WebDriverSession.Stop()
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
}
|
|
|
|
func (s *RegulationScenario) SetupTest() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
|
defer cancel()
|
|
|
|
s.doLogout(ctx, s.T())
|
|
s.doVisit(s.T(), HomeBaseURL)
|
|
s.verifyIsHome(ctx, s.T())
|
|
}
|
|
|
|
func (s *RegulationScenario) TestShouldBanUserAfterTooManyAttempt() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 45*time.Second)
|
|
defer cancel()
|
|
|
|
s.doVisitLoginPage(ctx, s.T(), "")
|
|
s.doFillLoginPageAndClick(ctx, s.T(), "john", "bad-password", false)
|
|
s.verifyNotificationDisplayed(ctx, s.T(), "Incorrect username or password.")
|
|
|
|
for i := 0; i < 3; i++ {
|
|
s.WaitElementLocatedByID(ctx, s.T(), "password-textfield").SendKeys("bad-password") //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
s.WaitElementLocatedByID(ctx, s.T(), "sign-in-button").Click() //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
time.Sleep(1 * time.Second)
|
|
}
|
|
|
|
// Enter the correct password and test the regulation lock out
|
|
s.WaitElementLocatedByID(ctx, s.T(), "password-textfield").SendKeys("password") //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
s.WaitElementLocatedByID(ctx, s.T(), "sign-in-button").Click() //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
s.verifyNotificationDisplayed(ctx, s.T(), "Incorrect username or password.")
|
|
|
|
time.Sleep(1 * time.Second)
|
|
s.verifyIsFirstFactorPage(ctx, s.T())
|
|
time.Sleep(9 * time.Second)
|
|
|
|
// Enter the correct password and test a successful login
|
|
s.WaitElementLocatedByID(ctx, s.T(), "password-textfield").SendKeys("password") //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
s.WaitElementLocatedByID(ctx, s.T(), "sign-in-button").Click() //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
s.verifyIsSecondFactorPage(ctx, s.T())
|
|
}
|
|
|
|
func TestBlacklistingScenario(t *testing.T) {
|
|
suite.Run(t, NewRegulationScenario())
|
|
}
|