techies/authelia
1
0
Fork 0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
Code Issues Projects Releases Wiki Activity
8bab8d47ef
authelia/internal/suites/scenario_reset_password_test.go
Amir Zarrinkafsh aa64d0c4e5
[FEATURE] Support MSAD password reset via unicodePwd attribute (#1460) 
* Added `ActiveDirectory` suite for integration tests with Samba AD
* Updated documentation
* Minor styling refactor to suites
* Clean up LDAP user provisioning
* Fix Authelia home splash to reference correct link for webmail
* Add notification message for password complexity errors
* Add password complexity integration test
* Rename implementation default from rfc to custom
* add specific defaults for LDAP (activedirectory implementation)
* add docs to show the new defaults
* add docs explaining the importance of users filter
* add tests
* update instances of LDAP implementation names to use the new consts where applicable
* made the 'custom' case in the UpdatePassword method for the implementation switch the default case instead
* update config examples due to the new defaults
* apply changes from code review
* replace schema default name from MSAD to ActiveDirectory for consistency
* fix missing default for username_attribute
* replace test raising on empty username attribute with not raising on empty

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-11-27 20:59:22 +11:00

102 lines
2.5 KiB
Go
Raw Blame History

package suites
import (
"context"
"log"
"testing"
"time"
"github.com/stretchr/testify/suite"
)
type ResetPasswordScenario struct {
*SeleniumSuite
}
func NewResetPasswordScenario() *ResetPasswordScenario {
return &ResetPasswordScenario{SeleniumSuite: new(SeleniumSuite)}
}
func (s *ResetPasswordScenario) SetupSuite() {
wds, err := StartWebDriver()
if err != nil {
log.Fatal(err)
}
s.WebDriverSession = wds
}
func (s *ResetPasswordScenario) TearDownSuite() {
err := s.WebDriverSession.Stop()
if err != nil {
log.Fatal(err)
}
}
func (s *ResetPasswordScenario) SetupTest() {
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
s.doLogout(ctx, s.T())
s.doVisit(s.T(), HomeBaseURL)
s.verifyIsHome(ctx, s.T())
}
func (s *ResetPasswordScenario) TestShouldResetPassword() {
ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
defer cancel()
s.doVisit(s.T(), GetLoginBaseURL())
s.verifyIsFirstFactorPage(ctx, s.T())
// Reset the password to abc
s.doResetPassword(ctx, s.T(), "john", "abc", "abc", false)
// Try to login with the old password
s.doLoginOneFactor(ctx, s.T(), "john", "password", false, "")
s.verifyNotificationDisplayed(ctx, s.T(), "Incorrect username or password.")
// Try to login with the new password
s.doLoginOneFactor(ctx, s.T(), "john", "abc", false, "")
// Logout
s.doLogout(ctx, s.T())
// Reset the original password
s.doResetPassword(ctx, s.T(), "john", "password", "password", false)
}
func (s *ResetPasswordScenario) TestShouldMakeAttackerThinkPasswordResetIsInitiated() {
ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
defer cancel()
s.doVisit(s.T(), GetLoginBaseURL())
s.verifyIsFirstFactorPage(ctx, s.T())
// Try to initiate a password reset of an nonexistent user.
s.doInitiatePasswordReset(ctx, s.T(), "i_dont_exist")
// Check that the notification make the attacker thinks the process is initiated
s.verifyMailNotificationDisplayed(ctx, s.T())
}
func (s *ResetPasswordScenario) TestShouldLetUserNoticeThereIsAPasswordMismatch() {
ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
defer cancel()
s.doVisit(s.T(), GetLoginBaseURL())
s.verifyIsFirstFactorPage(ctx, s.T())
s.doInitiatePasswordReset(ctx, s.T(), "john")
s.verifyMailNotificationDisplayed(ctx, s.T())
s.doCompletePasswordReset(ctx, s.T(), "password", "another_password")
s.verifyNotificationDisplayed(ctx, s.T(), "Passwords do not match.")
}
func TestRunResetPasswordScenario(t *testing.T) {
suite.Run(t, NewResetPasswordScenario())
}
Reference in New Issue View Git Blame Copy Permalink