mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
83488d52a6
* refactor(suites): replace selenium with go-rod This change replaces [tebeka/selenium](https://github.com/tebeka/selenium) with [go-rod](https://github.com/go-rod/rod). We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser. Rod [documents](https://go-rod.github.io/#/why-rod) benefits of choosing the library as opposed to the available alternatives.
90 lines
2.2 KiB
Go
90 lines
2.2 KiB
Go
package suites
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/suite"
|
|
)
|
|
|
|
type NetworkACLSuite struct {
|
|
suite.Suite
|
|
}
|
|
|
|
func NewNetworkACLSuite() *NetworkACLSuite {
|
|
return &NetworkACLSuite{}
|
|
}
|
|
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon2FA() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
defer cancel()
|
|
|
|
browser, err := StartRod()
|
|
s.Require().NoError(err)
|
|
|
|
defer func() {
|
|
err = browser.WebDriver.Close()
|
|
s.Require().NoError(err)
|
|
browser.Launcher.Cleanup()
|
|
}()
|
|
|
|
targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)
|
|
page := browser.doCreateTab(s.T(), targetURL).Context(ctx)
|
|
|
|
browser.verifyIsFirstFactorPage(s.T(), page)
|
|
browser.doRegisterAndLogin2FA(s.T(), page, "john", "password", false, targetURL)
|
|
browser.verifySecretAuthorized(s.T(), page)
|
|
}
|
|
|
|
// from network 192.168.240.201/32.
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon1FA() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
defer cancel()
|
|
|
|
browser, err := StartRodWithProxy("http://proxy-client1.example.com:3128")
|
|
s.Require().NoError(err)
|
|
|
|
defer func() {
|
|
err = browser.WebDriver.Close()
|
|
s.Require().NoError(err)
|
|
browser.Launcher.Cleanup()
|
|
}()
|
|
|
|
targetURL := fmt.Sprintf("%s/secret.html", SecureBaseURL)
|
|
page := browser.doCreateTab(s.T(), targetURL).Context(ctx)
|
|
|
|
browser.verifyIsFirstFactorPage(s.T(), page)
|
|
browser.doLoginOneFactor(s.T(), page, "john", "password",
|
|
false, fmt.Sprintf("%s/secret.html", SecureBaseURL))
|
|
browser.verifySecretAuthorized(s.T(), page)
|
|
}
|
|
|
|
// from network 192.168.240.202/32.
|
|
func (s *NetworkACLSuite) TestShouldAccessSecretUpon0FA() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
defer cancel()
|
|
|
|
browser, err := StartRodWithProxy("http://proxy-client2.example.com:3128")
|
|
s.Require().NoError(err)
|
|
|
|
defer func() {
|
|
err = browser.WebDriver.Close()
|
|
s.Require().NoError(err)
|
|
browser.Launcher.Cleanup()
|
|
}()
|
|
|
|
page := browser.doCreateTab(s.T(), fmt.Sprintf("%s/secret.html", SecureBaseURL)).Context(ctx)
|
|
|
|
browser.verifySecretAuthorized(s.T(), page)
|
|
}
|
|
|
|
func TestNetworkACLSuite(t *testing.T) {
|
|
if testing.Short() {
|
|
t.Skip("skipping suite test in short mode")
|
|
}
|
|
|
|
suite.Run(t, NewNetworkACLSuite())
|
|
}
|