Extract browsertest.LoginToUpstreamLDAP() integration test helper

This commit is contained in:
Ryan Richard 2022-05-09 15:43:36 -07:00
parent 4c44f583e9
commit a4e32d8f3d
5 changed files with 38 additions and 24 deletions

View File

@ -338,7 +338,7 @@ func runPinnipedLoginOIDC(
require.NoError(t, page.Navigate(loginURL))
// Expect to be redirected to the upstream provider and log in.
browsertest.LoginToUpstream(t, page, env.CLIUpstreamOIDC)
browsertest.LoginToUpstreamOIDC(t, page, env.CLIUpstreamOIDC)
// Expect to be redirected to the localhost callback.
t.Logf("waiting for redirect to callback")

View File

@ -245,7 +245,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // nolint:gocyclo
require.NoError(t, page.Navigate(loginURL))
// Expect to be redirected to the upstream provider and log in.
browsertest.LoginToUpstream(t, page, env.SupervisorUpstreamOIDC)
browsertest.LoginToUpstreamOIDC(t, page, env.SupervisorUpstreamOIDC)
// Expect to be redirected to the downstream callback which is serving the form_post HTML.
t.Logf("waiting for response page %s", downstream.Spec.Issuer)
@ -358,7 +358,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // nolint:gocyclo
require.NoError(t, page.Navigate(loginURL))
// Expect to be redirected to the upstream provider and log in.
browsertest.LoginToUpstream(t, page, env.SupervisorUpstreamOIDC)
browsertest.LoginToUpstreamOIDC(t, page, env.SupervisorUpstreamOIDC)
// Expect to be redirected to the downstream callback which is serving the form_post HTML.
t.Logf("waiting for response page %s", downstream.Spec.Issuer)
@ -486,7 +486,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // nolint:gocyclo
require.NoError(t, page.Navigate(loginURL))
// Expect to be redirected to the upstream provider and log in.
browsertest.LoginToUpstream(t, page, env.SupervisorUpstreamOIDC)
browsertest.LoginToUpstreamOIDC(t, page, env.SupervisorUpstreamOIDC)
// Expect to be redirected to the downstream callback which is serving the form_post HTML.
t.Logf("waiting for response page %s", downstream.Spec.Issuer)
@ -965,7 +965,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // nolint:gocyclo
)
})
// Add an OIDC upstream IDP and try using it to authenticate during kubectl commands.
// Add an LDAP upstream IDP and try using it to authenticate during kubectl commands.
t.Run("with Supervisor LDAP upstream IDP and browser flow", func(t *testing.T) {
testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
t.Cleanup(cancel)
@ -1075,21 +1075,9 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // nolint:gocyclo
t.Logf("navigating to login page: %q", loginURL)
require.NoError(t, page.Navigate(loginURL))
// Expect to be redirected to the supervisor's ldap login page.
t.Logf("waiting for redirect to supervisor ldap login page")
regex := regexp.MustCompile(`\A` + downstream.Spec.Issuer + `/login.+`)
browsertest.WaitForURL(t, page, regex)
usernameSelector := "#username"
passwordSelector := "#password"
loginButtonSelector := "#submit"
browsertest.WaitForVisibleElements(t, page, usernameSelector, passwordSelector, loginButtonSelector)
// Fill in the username and password and click "submit".
t.Logf("logging into ldap")
require.NoError(t, page.First(usernameSelector).Fill(expectedUsername))
require.NoError(t, page.First(passwordSelector).Fill(env.SupervisorUpstreamLDAP.TestUserPassword))
require.NoError(t, page.First(loginButtonSelector).Click())
// Confirm that we got to the login page, fill out the form, and submit the form.
browsertest.LoginToUpstreamLDAP(t, page, downstream.Spec.Issuer,
expectedUsername, env.SupervisorUpstreamLDAP.TestUserPassword)
formpostExpectSuccessState(t, page)

View File

@ -2005,7 +2005,7 @@ func requestAuthorizationUsingBrowserAuthcodeFlow(t *testing.T, downstreamAuthor
require.NoError(t, page.Navigate(downstreamAuthorizeURL))
// Expect to be redirected to the upstream provider and log in.
browsertest.LoginToUpstream(t, page, env.SupervisorUpstreamOIDC)
browsertest.LoginToUpstreamOIDC(t, page, env.SupervisorUpstreamOIDC)
// Wait for the login to happen and us be redirected back to a localhost callback.
t.Logf("waiting for redirect to callback")

View File

@ -448,7 +448,7 @@ func TestSupervisorWarnings_Browser(t *testing.T) {
require.NoError(t, page.Navigate(loginURL))
// Expect to be redirected to the upstream provider and log in.
browsertest.LoginToUpstream(t, page, env.SupervisorUpstreamOIDC)
browsertest.LoginToUpstreamOIDC(t, page, env.SupervisorUpstreamOIDC)
// Expect to be redirected to the downstream callback which is serving the form_post HTML.
t.Logf("waiting for response page %s", downstream.Spec.Issuer)

View File

@ -125,9 +125,9 @@ func WaitForURL(t *testing.T, page *agouti.Page, pat *regexp.Regexp) {
)
}
// LoginToUpstream expects the page to be redirected to one of several known upstream IDPs.
// LoginToUpstreamOIDC expects the page to be redirected to one of several known upstream IDPs.
// It knows how to enter the test username/password and submit the upstream login form.
func LoginToUpstream(t *testing.T, page *agouti.Page, upstream testlib.TestOIDCUpstream) {
func LoginToUpstreamOIDC(t *testing.T, page *agouti.Page, upstream testlib.TestOIDCUpstream) {
t.Helper()
type config struct {
@ -182,3 +182,29 @@ func LoginToUpstream(t *testing.T, page *agouti.Page, upstream testlib.TestOIDCU
require.NoError(t, page.First(cfg.PasswordSelector).Fill(upstream.Password))
require.NoError(t, page.First(cfg.LoginButtonSelector).Click())
}
// LoginToUpstreamLDAP expects the page to be redirected to the Supervisor's login UI for an LDAP/AD IDP.
// It knows how to enter the test username/password and submit the upstream login form.
func LoginToUpstreamLDAP(t *testing.T, page *agouti.Page, issuer, username, password string) {
t.Helper()
usernameSelector := "#username"
passwordSelector := "#password"
loginButtonSelector := "#submit"
loginURLRegexp, err := regexp.Compile(`\A` + regexp.QuoteMeta(issuer+"/login") + `.+\z`)
require.NoError(t, err)
// Expect to be redirected to the login page.
t.Logf("waiting for redirect to %s/login page", issuer)
WaitForURL(t, page, loginURLRegexp)
// Wait for the login page to be rendered.
WaitForVisibleElements(t, page, usernameSelector, passwordSelector, loginButtonSelector)
// Fill in the username and password and click "submit".
t.Logf("logging in via Supervisor's upstream LDAP/AD login UI page")
require.NoError(t, page.First(usernameSelector).Fill(username))
require.NoError(t, page.First(passwordSelector).Fill(password))
require.NoError(t, page.First(loginButtonSelector).Click())
}