mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
8e32a4b65f
The development workflow expects chromedriver to be run on the host on port 4444. There is currently no mechanism to modify this behaviour at runtime, so if another service is running on 4444 tests will just fail silently. This change introduces the `CHROMEDRIVER_PORT` environment variable which can be utilised to set a custom port.
87 lines
2.3 KiB
Go
87 lines
2.3 KiB
Go
package suites
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"os"
|
|
"strconv"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/suite"
|
|
)
|
|
|
|
type NetworkACLSuite struct {
|
|
suite.Suite
|
|
}
|
|
|
|
func NewNetworkACLSuite() *NetworkACLSuite {
|
|
return &NetworkACLSuite{}
|
|
}
|
|
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon2FA() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
defer cancel()
|
|
|
|
wds, err := StartWebDriver()
|
|
s.Require().NoError(err)
|
|
|
|
defer wds.Stop() //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
|
|
targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)
|
|
wds.doVisit(s.T(), targetURL)
|
|
wds.verifyIsFirstFactorPage(ctx, s.T())
|
|
|
|
wds.doRegisterAndLogin2FA(ctx, s.T(), "john", "password", false, targetURL)
|
|
wds.verifySecretAuthorized(ctx, s.T())
|
|
}
|
|
|
|
// from network 192.168.240.201/32.
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon1FA() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
defer cancel()
|
|
|
|
driverPort := os.Getenv("CHROMEDRIVER_PORT")
|
|
if driverPort == "" {
|
|
driverPort = defaultChromeDriverPort
|
|
}
|
|
|
|
p, _ := strconv.Atoi(driverPort)
|
|
wds, err := StartWebDriverWithProxy("http://proxy-client1.example.com:3128", p)
|
|
s.Require().NoError(err)
|
|
|
|
defer wds.Stop() //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
|
|
targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)
|
|
wds.doVisit(s.T(), targetURL)
|
|
wds.verifyIsFirstFactorPage(ctx, s.T())
|
|
|
|
wds.doLoginOneFactor(ctx, s.T(), "john", "password",
|
|
false, fmt.Sprintf("%s/secret.html", SecureBaseURL))
|
|
wds.verifySecretAuthorized(ctx, s.T())
|
|
}
|
|
|
|
// from network 192.168.240.202/32.
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon0FA() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
defer cancel()
|
|
|
|
driverPort := os.Getenv("CHROMEDRIVER_PORT")
|
|
if driverPort == "" {
|
|
driverPort = defaultChromeDriverPort
|
|
}
|
|
|
|
p, _ := strconv.Atoi(driverPort)
|
|
wds, err := StartWebDriverWithProxy("http://proxy-client2.example.com:3128", p)
|
|
s.Require().NoError(err)
|
|
|
|
defer wds.Stop() //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
|
|
wds.doVisit(s.T(), fmt.Sprintf("%s/secret.html", SecureBaseURL))
|
|
wds.verifySecretAuthorized(ctx, s.T())
|
|
}
|
|
|
|
func TestNetworkACLSuite(t *testing.T) {
|
|
suite.Run(t, NewNetworkACLSuite())
|
|
}
|