authelia/test/suites/HighAvailability/scenarii/AuthenticationRegulation.ts
Clement Michaud a991379a74 Declare suites as Go structs and bootstrap e2e test framework in Go.
Some tests are not fully rewritten in Go, a typescript wrapper is called
instead until we remove the remaining TS tests and dependencies.

Also, dockerize every components (mainly Authelia backend, frontend and kind)
so that the project does not interfere with user host anymore (open ports for instance).
The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts.
It will soon be avoided using authelia.com domain that I own.
2019-11-15 20:23:06 +01:00

43 lines
2.1 KiB
TypeScript

import { StartDriver, StopDriver } from "../../../helpers/context/WithDriver";
import LoginAs from "../../../helpers/LoginAs";
import VerifyNotificationDisplayed from "../../../helpers/assertions/VerifyNotificationDisplayed";
import VerifyIsSecondFactorStage from "../../../helpers/assertions/VerifyIsSecondFactorStage";
import ClearFieldById from "../../../helpers/behaviors/ClearFieldById";
import {WebDriver} from "selenium-webdriver";
async function ClearAndLoginAgain(driver: WebDriver, username: string, password: string) {
await ClearFieldById(driver, "username");
await LoginAs(driver, username, password);
}
export default function() {
describe('Authelia regulates authentications when a hacker is brute forcing', function() {
this.timeout(30000);
beforeEach(async function() {
this.driver = await StartDriver();
});
afterEach(async function() {
await StopDriver(this.driver);
});
it("should return an error message when providing correct credentials the 4th time.", async function() {
await LoginAs(this.driver, "blackhat", "bad-password");
await VerifyNotificationDisplayed(this.driver, "Authentication failed. Check your credentials.");
await ClearAndLoginAgain(this.driver, "blackhat", "bad-password");
await VerifyNotificationDisplayed(this.driver, "Authentication failed. Check your credentials.");
await ClearAndLoginAgain(this.driver, "blackhat", "bad-password");
await VerifyNotificationDisplayed(this.driver, "Authentication failed. Check your credentials.");
// when providing good credentials, the hacker is regulated and see same message as previously.
await ClearAndLoginAgain(this.driver, "blackhat", "bad-password");
await VerifyNotificationDisplayed(this.driver, "Authentication failed. Check your credentials.");
// Wait the regulation ban time before retrying with correct credentials.
// It should authenticate normally.
await this.driver.sleep(12000);
await ClearAndLoginAgain(this.driver, "blackhat", "password");
await VerifyIsSecondFactorStage(this.driver);
});
});
}