mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
54694c4fca
* [MISC] Ignore errcheck recommendations for legacy code Some of this is likely intended to stay how it is, some could use refactoring, for now we will mark is and ignore it from the linter to be potentially addressed in the future. * [MISC] Ensure files are gofmt-ed
70 lines
2.0 KiB
Go
70 lines
2.0 KiB
Go
package suites
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/suite"
|
|
)
|
|
|
|
type NetworkACLSuite struct {
|
|
suite.Suite
|
|
}
|
|
|
|
func NewNetworkACLSuite() *NetworkACLSuite {
|
|
return &NetworkACLSuite{}
|
|
}
|
|
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon2FA() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
defer cancel()
|
|
|
|
wds, err := StartWebDriver()
|
|
s.Require().NoError(err)
|
|
defer wds.Stop() //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
|
|
targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)
|
|
wds.doVisit(s.T(), targetURL)
|
|
wds.verifyIsFirstFactorPage(ctx, s.T())
|
|
|
|
wds.doRegisterAndLogin2FA(ctx, s.T(), "john", "password", false, targetURL)
|
|
wds.verifySecretAuthorized(ctx, s.T())
|
|
}
|
|
|
|
// from network 192.168.240.201/32
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon1FA() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
defer cancel()
|
|
|
|
wds, err := StartWebDriverWithProxy("http://proxy-client1.example.com:3128", 4444)
|
|
s.Require().NoError(err)
|
|
defer wds.Stop() //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
|
|
targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)
|
|
wds.doVisit(s.T(), targetURL)
|
|
wds.verifyIsFirstFactorPage(ctx, s.T())
|
|
|
|
wds.doLoginOneFactor(ctx, s.T(), "john", "password",
|
|
false, fmt.Sprintf("%s/secret.html", SecureBaseURL))
|
|
wds.verifySecretAuthorized(ctx, s.T())
|
|
}
|
|
|
|
// from network 192.168.240.202/32
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon0FA() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
defer cancel()
|
|
|
|
wds, err := StartWebDriverWithProxy("http://proxy-client2.example.com:3128", 4444)
|
|
s.Require().NoError(err)
|
|
defer wds.Stop() //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
|
|
|
wds.doVisit(s.T(), fmt.Sprintf("%s/secret.html", SecureBaseURL))
|
|
wds.verifySecretAuthorized(ctx, s.T())
|
|
}
|
|
|
|
func TestNetworkACLSuite(t *testing.T) {
|
|
suite.Run(t, NewNetworkACLSuite())
|
|
}
|