Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve IdP Integration Tests #22002

Merged
merged 10 commits into from
Dec 18, 2024
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,10 @@ public class IdPSuccessTest extends IdPTestBase {
private static final String OIDC_SCOPES_PLACEHOLDER = "\"<OIDC_SCOPES>\"";
private static final String AUTHENTICATOR_PROPERTIES_PLACEHOLDER = "\"<AUTHENTICATOR_PROPERTIES>\"";
private static final String FEDERATED_AUTHENTICATOR_ID = "Y3VzdG9tQXV0aGVudGljYXRvcg";
private static final String OIDC_AUTHENTICATOR_ID = "T3BlbklEQ29ubmVjdEF1dGhlbnRpY2F0b3I";
private static final String SAML_AUTHENTICATOR_ID = "U0FNTFNTT0F1dGhlbnRpY2F0b3I";
private static final String CUSTOM_IDP_NAME = "Custom Auth IDP";
private static final String SAML_IDP_NAME = "SAML IdP";
private static final String ENDPOINT_URI = "https://abc.com/authenticate";
private static final String UPDATED_ENDPOINT_URI = "https://xyz.com/authenticate";
private static final String USERNAME = "username";
Expand All @@ -76,6 +79,7 @@ public class IdPSuccessTest extends IdPTestBase {
private static final String TRUSTED_TOKEN_ISS_IDP_NAME = "Trusted Token Issuer IdP";
private static final String AUTHENTICATOR_NAME = "GoogleOIDCAuthenticator";
private static final String DEFINED_BY_SYSTEM = "SYSTEM";
private static final String DEFINED_BY_USER = "USER";
private UserDefinedAuthenticatorPayload userDefinedAuthenticatorPayload;
private String idpCreatePayload;
private String idPId;
Expand Down Expand Up @@ -339,17 +343,27 @@ public void testGetMetaOutboundConnector() throws IOException {
@Test
public void testAddIdPWithUserDefinedAuthenticator() throws IOException {

String baseIdentifier = "federatedAuthenticators.authenticators.find { it.authenticatorId == '" +
FEDERATED_AUTHENTICATOR_ID + "' }.";

String body = idpCreatePayload.replace(FEDERATED_AUTHENTICATOR_ID_PLACEHOLDER,
userDefinedAuthenticatorPayload.getAuthenticatorId());
body = body.replace(FEDERATED_AUTHENTICATOR_PLACEHOLDER,
userDefinedAuthenticatorPayload.convertToJasonPayload());
body = body.replace(IDP_NAME_PLACEHOLDER, CUSTOM_IDP_NAME);

Response response = getResponseOfPost(IDP_API_BASE_PATH, body);
response.then()
.log().ifValidationFails()
.assertThat()
.statusCode(HttpStatus.SC_CREATED)
.header(HttpHeaders.LOCATION, notNullValue());
.header(HttpHeaders.LOCATION, notNullValue())
.body("name", equalTo(CUSTOM_IDP_NAME))
.body(baseIdentifier + "authenticatorId", equalTo(FEDERATED_AUTHENTICATOR_ID))
.body(baseIdentifier + "name", equalTo(new String(Base64.getDecoder().decode(FEDERATED_AUTHENTICATOR_ID))))
.body(baseIdentifier + "isEnabled", equalTo(true))
.body(baseIdentifier + "definedBy", equalTo(DEFINED_BY_USER))
.body(baseIdentifier + "tags", Matchers.hasItems("Custom"));

Shenali-SJ marked this conversation as resolved.
Show resolved Hide resolved
String location = response.getHeader(HttpHeaders.LOCATION);
assertNotNull(location);
Expand All @@ -360,6 +374,7 @@ public void testAddIdPWithUserDefinedAuthenticator() throws IOException {
@Test(dependsOnMethods = "testAddIdPWithUserDefinedAuthenticator")
public void testGetUserDefinedAuthenticatorsOfIdP() throws XPathExpressionException {

String baseIdentifier = "authenticators.find { it.authenticatorId == '" + FEDERATED_AUTHENTICATOR_ID + "' }.";
Response response = getResponseOfGet(IDP_API_BASE_PATH + PATH_SEPARATOR + customIdPId +
PATH_SEPARATOR + IDP_FEDERATED_AUTHENTICATORS_PATH);

Expand All @@ -368,14 +383,14 @@ public void testGetUserDefinedAuthenticatorsOfIdP() throws XPathExpressionExcept
.assertThat()
.statusCode(HttpStatus.SC_OK)
.body("defaultAuthenticatorId", equalTo(FEDERATED_AUTHENTICATOR_ID))
.body("authenticators.find { it.authenticatorId == '" + FEDERATED_AUTHENTICATOR_ID + "' }.name",
equalTo(new String(Base64.getDecoder().decode(FEDERATED_AUTHENTICATOR_ID))))
.body("authenticators.find { it.authenticatorId == '" + FEDERATED_AUTHENTICATOR_ID + "' }.isEnabled",
equalTo(true))
.body("authenticators.find { it.authenticatorId == '" + FEDERATED_AUTHENTICATOR_ID + "' }.self",
equalTo(getTenantedRelativePath("/api/server/v1/identity-providers/" +
customIdPId + "/federated-authenticators/" + FEDERATED_AUTHENTICATOR_ID,
context.getContextTenant().getDomain())));
.body(baseIdentifier + "name", equalTo(new String(Base64.getDecoder().decode(FEDERATED_AUTHENTICATOR_ID))))
.body(baseIdentifier + "isEnabled", equalTo(true))
.body(baseIdentifier + "definedBy", equalTo(DEFINED_BY_USER))
.body(baseIdentifier + "tags", Matchers.hasItems("Custom"))
.body(baseIdentifier + "self", equalTo(getTenantedRelativePath(
"/api/server/v1/identity-providers/" + customIdPId +
"/federated-authenticators/" + FEDERATED_AUTHENTICATOR_ID,
context.getContextTenant().getDomain())));
}

@Test(dependsOnMethods = "testGetUserDefinedAuthenticatorsOfIdP")
Expand All @@ -392,7 +407,9 @@ public void testUpdateUserDefinedAuthenticatorOfIdP() throws JsonProcessingExcep
.statusCode(HttpStatus.SC_OK)
.body("authenticatorId", equalTo(FEDERATED_AUTHENTICATOR_ID))
.body("name", equalTo(new String(Base64.getDecoder().decode(FEDERATED_AUTHENTICATOR_ID))))
.body("definedBy", equalTo("USER"))
.body("isEnabled", equalTo(true))
.body("definedBy", equalTo(DEFINED_BY_USER))
.body( "tags", Matchers.hasItems("Custom"))
.body("endpoint.uri", equalTo(UPDATED_ENDPOINT_URI))
.body("endpoint.authentication.type", equalTo(AuthenticationType.TypeEnum.BEARER.value()));
}
Expand Down Expand Up @@ -421,6 +438,9 @@ public void testDeleteIdPWithUserDefinedAuthenticator() {
@Test(dependsOnMethods = {"testGetMetaOutboundConnector"})
public void testAddIdP() throws IOException {

String baseIdentifier = "federatedAuthenticators.authenticators.find { it.authenticatorId == '" +
SAMPLE_FEDERATED_AUTHENTICATOR_ID + "' }.";

String addIdpPayload = readResource("add-idp.json");
String properties = convertDuplicatedPropertiesToJson(
createAuthenticatorProperties("username","admin"), null);
Expand All @@ -431,7 +451,13 @@ public void testAddIdP() throws IOException {
.log().ifValidationFails()
.assertThat()
.statusCode(HttpStatus.SC_CREATED)
.header(HttpHeaders.LOCATION, notNullValue());
.header(HttpHeaders.LOCATION, notNullValue())
.body("name", equalTo(IDP_NAME))
.body(baseIdentifier + "name", equalTo(new String(Base64.getDecoder().
decode(SAMPLE_FEDERATED_AUTHENTICATOR_ID))))
.body(baseIdentifier + "isEnabled", equalTo(true))
.body(baseIdentifier + "definedBy", equalTo(DEFINED_BY_SYSTEM))
.body(baseIdentifier + "tags", Matchers.hasItems("Social-Login", "APIAuth"));

Shenali-SJ marked this conversation as resolved.
Show resolved Hide resolved
String location = response.getHeader(HttpHeaders.LOCATION);
assertNotNull(location);
Expand Down Expand Up @@ -467,6 +493,9 @@ public void addIdPWithoutAuthenticator() throws IOException {
@Test
public void addIdPWithDuplicatedOIDCScopes() throws IOException {

String baseIdentifier = "federatedAuthenticators.authenticators.find { it.authenticatorId == '" +
OIDC_AUTHENTICATOR_ID + "' }.";

String oidcIdpPayload = readResource("add-oidc-idp.json");
String oidcScopesProperties = convertDuplicatedPropertiesToJson(
createAuthenticatorProperties("Scopes","openid country profile"),
Expand All @@ -479,7 +508,13 @@ public void addIdPWithDuplicatedOIDCScopes() throws IOException {
.log().ifValidationFails()
.assertThat()
.statusCode(HttpStatus.SC_CREATED)
.header(HttpHeaders.LOCATION, notNullValue());
.header(HttpHeaders.LOCATION, notNullValue())
.body("name", equalTo("OIDC-IdP-1"))
.body(baseIdentifier + "authenticatorId", equalTo(OIDC_AUTHENTICATOR_ID))
.body(baseIdentifier + "name", equalTo(new String(Base64.getDecoder().decode(OIDC_AUTHENTICATOR_ID))))
.body(baseIdentifier + "isEnabled", equalTo(true))
.body(baseIdentifier + "definedBy", equalTo(DEFINED_BY_SYSTEM))
.body(baseIdentifier + "tags", Matchers.hasItems("OIDC", "APIAuth"));

String location = response.getHeader(HttpHeaders.LOCATION);
assertNotNull(location);
Expand All @@ -496,6 +531,9 @@ public void addIdPWithDuplicatedOIDCScopes() throws IOException {
@Test(dependsOnMethods = "addIdPWithDuplicatedOIDCScopes")
public void addOIDCIdPWithoutOpenidScope() throws IOException {

String baseIdentifier = "federatedAuthenticators.authenticators.find { it.authenticatorId == '" +
OIDC_AUTHENTICATOR_ID + "' }.";

String oidcIdpPayload = readResource("add-oidc-idp.json");
String oidcScopesProperties = convertDuplicatedPropertiesToJson(
createAuthenticatorProperties("Scopes","country profile"), null);
Expand All @@ -507,7 +545,13 @@ public void addOIDCIdPWithoutOpenidScope() throws IOException {
.log().ifValidationFails()
.assertThat()
.statusCode(HttpStatus.SC_CREATED)
.header(HttpHeaders.LOCATION, notNullValue());
.header(HttpHeaders.LOCATION, notNullValue())
.body("name", equalTo("OIDC-IdP-2"))
.body(baseIdentifier + "authenticatorId", equalTo(OIDC_AUTHENTICATOR_ID))
.body(baseIdentifier + "name", equalTo(new String(Base64.getDecoder().decode(OIDC_AUTHENTICATOR_ID))))
.body(baseIdentifier + "isEnabled", equalTo(true))
.body(baseIdentifier + "definedBy", equalTo(DEFINED_BY_SYSTEM))
.body(baseIdentifier + "tags", Matchers.hasItems("OIDC", "APIAuth"));

String location = response.getHeader(HttpHeaders.LOCATION);
assertNotNull(location);
Expand All @@ -518,7 +562,10 @@ public void addOIDCIdPWithoutOpenidScope() throws IOException {
}

@Test
public void addSAMLStandardBasedIdP() throws IOException {
public void addSAMLStandardBasedIdP() throws IOException, XPathExpressionException {

String baseIdentifier = "federatedAuthenticators.authenticators.find { it.authenticatorId == '" +
SAML_AUTHENTICATOR_ID + "' }.";

String samlIdpPayload = readResource("add-saml-idp.json");
String body = samlIdpPayload.replace(METADATA_SAML_PLACEHOLDER, loadMetadataSamlFile(
Expand All @@ -529,7 +576,14 @@ public void addSAMLStandardBasedIdP() throws IOException {
.log().ifValidationFails()
.assertThat()
.statusCode(HttpStatus.SC_CREATED)
.header(HttpHeaders.LOCATION, notNullValue());
.header(HttpHeaders.LOCATION, notNullValue())
.body("name", equalTo(SAML_IDP_NAME))
.body(baseIdentifier + "authenticatorId", equalTo(SAML_AUTHENTICATOR_ID))
.body(baseIdentifier + "name", equalTo(new String(Base64.getDecoder().decode(SAML_AUTHENTICATOR_ID))))
.body(baseIdentifier + "isEnabled", equalTo(true))
.body(baseIdentifier + "definedBy", equalTo(DEFINED_BY_SYSTEM))
.body(baseIdentifier + "tags", Matchers.hasItems("SAML"))
.body(baseIdentifier + "self", Matchers.notNullValue());

String location = response.getHeader(HttpHeaders.LOCATION);
assertNotNull(location);
Expand All @@ -540,7 +594,10 @@ public void addSAMLStandardBasedIdP() throws IOException {
}

@Test(dependsOnMethods = {"testAddIdP"})
public void testGetIdP() throws IOException {
public void testGetIdP() throws IOException, XPathExpressionException {

String baseIdentifier = "federatedAuthenticators.authenticators.find { it.authenticatorId == '" +
SAMPLE_FEDERATED_AUTHENTICATOR_ID + "' }.";

Response response = getResponseOfGet(IDP_API_BASE_PATH + PATH_SEPARATOR + idPId);
response.then()
Expand All @@ -552,8 +609,14 @@ public void testGetIdP() throws IOException {
.body("description", equalTo("IDP for Google Federation"))
.body("isEnabled", equalTo(true))
.body("isPrimary", equalTo(false))
.body("federatedAuthenticators.authenticators.find { it.authenticatorId == '" +
SAMPLE_FEDERATED_AUTHENTICATOR_ID + "' }.definedBy", equalTo("SYSTEM"))
.body(baseIdentifier + "name", equalTo(new String(Base64.getDecoder().
decode(SAMPLE_FEDERATED_AUTHENTICATOR_ID))))
.body(baseIdentifier + "isEnabled", equalTo(true))
.body(baseIdentifier + "definedBy", equalTo(DEFINED_BY_SYSTEM))
.body(baseIdentifier + "tags", Matchers.hasItems("Social-Login", "APIAuth"))
Shenali-SJ marked this conversation as resolved.
Show resolved Hide resolved
.body(baseIdentifier + "self", equalTo(getTenantedRelativePath(
"/api/server/v1/identity-providers/" + idPId + "/federated-authenticators/"
+ SAMPLE_FEDERATED_AUTHENTICATOR_ID, context.getContextTenant().getDomain())))
.body("image", equalTo("google-logo-url"))
.body("isFederationHub", equalTo(false))
.body("homeRealmIdentifier", equalTo("localhost"))
Expand Down Expand Up @@ -646,7 +709,9 @@ public void testGetIdPFederatedAuthenticators() throws Exception {
.log().ifValidationFails()
.assertThat()
.statusCode(HttpStatus.SC_OK)
.body(baseIdentifier + "authenticatorId", equalTo(SAMPLE_FEDERATED_AUTHENTICATOR_ID))
.body(baseIdentifier + "name", equalTo("GoogleOIDCAuthenticator"))
Shenali-SJ marked this conversation as resolved.
Show resolved Hide resolved
.body(baseIdentifier + "tags", Matchers.hasItems("Social-Login", "APIAuth"))
.body(baseIdentifier + "isEnabled", equalTo(true))
.body(baseIdentifier + "self", equalTo(getTenantedRelativePath(
"/api/server/v1/identity-providers/" + idPId + "/federated-authenticators/" +
Expand Down