2023-06-20 12:21:49 +00:00
|
|
|
import { v4 as uuid } from "uuid";
|
2022-03-09 16:42:51 +00:00
|
|
|
import { keycloakBefore } from "../support/util/keycloak_hooks";
|
2022-02-24 10:31:46 +00:00
|
|
|
import adminClient from "../support/util/AdminClient";
|
2022-01-12 16:01:54 +00:00
|
|
|
import LoginPage from "../support/pages/LoginPage";
|
2022-12-07 15:28:28 +00:00
|
|
|
import ListingPage from "../support/pages/admin-ui/ListingPage";
|
|
|
|
import Masthead from "../support/pages/admin-ui/Masthead";
|
|
|
|
import SidebarPage from "../support/pages/admin-ui/SidebarPage";
|
|
|
|
import AuthorizationTab from "../support/pages/admin-ui/manage/clients/client_details/tabs/AuthorizationTab";
|
2022-01-21 14:10:36 +00:00
|
|
|
import ModalUtils from "../support/util/ModalUtils";
|
2022-12-07 15:28:28 +00:00
|
|
|
import ClientDetailsPage from "../support/pages/admin-ui/manage/clients/client_details/ClientDetailsPage";
|
|
|
|
import PoliciesTab from "../support/pages/admin-ui/manage/clients/client_details/tabs/authorization_subtabs/PoliciesTab";
|
|
|
|
import PermissionsTab from "../support/pages/admin-ui/manage/clients/client_details/tabs/authorization_subtabs/PermissionsTab";
|
2023-02-02 14:35:01 +00:00
|
|
|
import CreateResourcePage from "../support/pages/admin-ui/manage/clients/client_details/CreateResourcePage";
|
2022-01-12 16:01:54 +00:00
|
|
|
|
2022-04-08 08:56:20 +00:00
|
|
|
describe("Client authentication subtab", () => {
|
2022-01-12 16:01:54 +00:00
|
|
|
const loginPage = new LoginPage();
|
|
|
|
const listingPage = new ListingPage();
|
|
|
|
const masthead = new Masthead();
|
|
|
|
const sidebarPage = new SidebarPage();
|
|
|
|
const authenticationTab = new AuthorizationTab();
|
2022-04-19 12:25:57 +00:00
|
|
|
const clientDetailsPage = new ClientDetailsPage();
|
|
|
|
const policiesSubTab = new PoliciesTab();
|
|
|
|
const permissionsSubTab = new PermissionsTab();
|
2023-06-20 12:21:49 +00:00
|
|
|
const clientId = "client-authentication-" + uuid();
|
2022-01-12 16:01:54 +00:00
|
|
|
|
2023-02-10 10:10:35 +00:00
|
|
|
before(() =>
|
|
|
|
adminClient.createClient({
|
|
|
|
protocol: "openid-connect",
|
|
|
|
clientId,
|
|
|
|
publicClient: false,
|
|
|
|
authorizationServicesEnabled: true,
|
|
|
|
serviceAccountsEnabled: true,
|
|
|
|
standardFlowEnabled: true,
|
2023-07-11 14:03:21 +00:00
|
|
|
}),
|
2023-02-10 10:10:35 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
after(() => {
|
|
|
|
adminClient.deleteClient(clientId);
|
|
|
|
});
|
|
|
|
|
|
|
|
beforeEach(() => {
|
2022-01-12 16:01:54 +00:00
|
|
|
loginPage.logIn();
|
2023-02-10 10:10:35 +00:00
|
|
|
keycloakBefore();
|
2022-01-21 14:10:36 +00:00
|
|
|
sidebarPage.goToClients();
|
|
|
|
listingPage.searchItem(clientId).goToItemDetails(clientId);
|
2022-04-19 12:25:57 +00:00
|
|
|
clientDetailsPage.goToAuthorizationTab();
|
2022-01-12 16:01:54 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
it("Should update the resource server settings", () => {
|
2022-04-19 12:25:57 +00:00
|
|
|
policiesSubTab.setPolicy("DISABLED").formUtils().save();
|
2022-03-15 09:45:02 +00:00
|
|
|
masthead.checkNotificationMessage("Resource successfully updated", true);
|
2022-01-12 16:01:54 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
it("Should create a resource", () => {
|
2022-04-19 12:25:57 +00:00
|
|
|
const resourcesSubtab = authenticationTab.goToResourcesSubTab();
|
|
|
|
listingPage.assertDefaultResource();
|
|
|
|
resourcesSubtab
|
|
|
|
.createResource()
|
2022-01-12 16:01:54 +00:00
|
|
|
.fillResourceForm({
|
|
|
|
name: "Resource",
|
|
|
|
displayName: "The display name",
|
|
|
|
type: "type",
|
|
|
|
uris: ["one", "two"],
|
|
|
|
})
|
2022-04-19 12:25:57 +00:00
|
|
|
.formUtils()
|
2022-01-12 16:01:54 +00:00
|
|
|
.save();
|
2022-03-15 09:45:02 +00:00
|
|
|
masthead.checkNotificationMessage("Resource created successfully", true);
|
2022-04-08 08:56:20 +00:00
|
|
|
sidebarPage.waitForPageLoad();
|
2022-04-19 12:25:57 +00:00
|
|
|
authenticationTab.formUtils().cancel();
|
2022-01-12 16:01:54 +00:00
|
|
|
});
|
|
|
|
|
2023-02-02 14:35:01 +00:00
|
|
|
it("Edit a resource", () => {
|
|
|
|
authenticationTab.goToResourcesSubTab();
|
|
|
|
listingPage.goToItemDetails("Resource");
|
|
|
|
|
|
|
|
new CreateResourcePage()
|
|
|
|
.fillResourceForm({
|
|
|
|
displayName: "updated",
|
|
|
|
})
|
|
|
|
.formUtils()
|
|
|
|
.save();
|
|
|
|
|
|
|
|
masthead.checkNotificationMessage("Resource successfully updated");
|
|
|
|
sidebarPage.waitForPageLoad();
|
|
|
|
authenticationTab.formUtils().cancel();
|
|
|
|
});
|
|
|
|
|
2022-01-12 16:01:54 +00:00
|
|
|
it("Should create a scope", () => {
|
|
|
|
authenticationTab
|
2022-04-19 12:25:57 +00:00
|
|
|
.goToScopesSubTab()
|
|
|
|
.createAuthorizationScope()
|
2022-01-12 16:01:54 +00:00
|
|
|
.fillScopeForm({
|
|
|
|
name: "The scope",
|
|
|
|
displayName: "Display something",
|
|
|
|
iconUri: "res://something",
|
|
|
|
})
|
2022-04-19 12:25:57 +00:00
|
|
|
.formUtils()
|
2022-01-12 16:01:54 +00:00
|
|
|
.save();
|
|
|
|
|
|
|
|
masthead.checkNotificationMessage(
|
2022-03-15 09:45:02 +00:00
|
|
|
"Authorization scope created successfully",
|
2023-07-11 14:03:21 +00:00
|
|
|
true,
|
2022-01-12 16:01:54 +00:00
|
|
|
);
|
2022-04-19 12:25:57 +00:00
|
|
|
authenticationTab.goToScopesSubTab();
|
2022-01-12 16:01:54 +00:00
|
|
|
listingPage.itemExist("The scope");
|
|
|
|
});
|
|
|
|
|
2022-03-15 09:45:02 +00:00
|
|
|
it("Should create a policy", () => {
|
2022-04-19 12:25:57 +00:00
|
|
|
authenticationTab.goToPoliciesSubTab();
|
2022-01-21 14:10:36 +00:00
|
|
|
cy.intercept(
|
|
|
|
"GET",
|
2023-07-11 14:03:21 +00:00
|
|
|
"/admin/realms/master/clients/*/authz/resource-server/policy/regex/*",
|
2022-01-21 14:10:36 +00:00
|
|
|
).as("get");
|
2022-04-19 12:25:57 +00:00
|
|
|
policiesSubTab
|
|
|
|
.createPolicy("regex")
|
2022-01-21 14:10:36 +00:00
|
|
|
.fillBasePolicyForm({
|
|
|
|
name: "Regex policy",
|
|
|
|
description: "Policy for regex",
|
|
|
|
targetClaim: "I don't know",
|
2024-03-06 09:26:25 +00:00
|
|
|
pattern: ".*?",
|
2022-01-21 14:10:36 +00:00
|
|
|
})
|
2022-04-19 12:25:57 +00:00
|
|
|
.formUtils()
|
2022-01-21 14:10:36 +00:00
|
|
|
.save();
|
|
|
|
|
|
|
|
cy.wait(["@get"]);
|
2022-03-15 09:45:02 +00:00
|
|
|
masthead.checkNotificationMessage("Successfully created the policy", true);
|
2022-04-19 12:25:57 +00:00
|
|
|
|
2022-04-08 08:56:20 +00:00
|
|
|
sidebarPage.waitForPageLoad();
|
2022-04-19 12:25:57 +00:00
|
|
|
authenticationTab.formUtils().cancel();
|
2022-01-21 14:10:36 +00:00
|
|
|
});
|
|
|
|
|
2022-03-15 09:45:02 +00:00
|
|
|
it("Should delete a policy", () => {
|
2022-04-19 12:25:57 +00:00
|
|
|
authenticationTab.goToPoliciesSubTab();
|
2022-01-21 14:10:36 +00:00
|
|
|
listingPage.deleteItem("Regex policy");
|
|
|
|
new ModalUtils().confirmModal();
|
|
|
|
|
2022-03-15 09:45:02 +00:00
|
|
|
masthead.checkNotificationMessage("The Policy successfully deleted", true);
|
2022-01-21 14:10:36 +00:00
|
|
|
});
|
|
|
|
|
2022-03-15 09:45:02 +00:00
|
|
|
it("Should create a client policy", () => {
|
2022-04-19 12:25:57 +00:00
|
|
|
authenticationTab.goToPoliciesSubTab();
|
2022-01-21 14:10:36 +00:00
|
|
|
cy.intercept(
|
|
|
|
"GET",
|
2023-07-11 14:03:21 +00:00
|
|
|
"/admin/realms/master/clients/*/authz/resource-server/policy/client/*",
|
2022-01-21 14:10:36 +00:00
|
|
|
).as("get");
|
2022-04-19 12:25:57 +00:00
|
|
|
policiesSubTab
|
|
|
|
.createPolicy("client")
|
2022-01-21 14:10:36 +00:00
|
|
|
.fillBasePolicyForm({
|
|
|
|
name: "Client policy",
|
|
|
|
description: "Extra client field",
|
|
|
|
})
|
|
|
|
.inputClient("master-realm")
|
2022-04-19 12:25:57 +00:00
|
|
|
.formUtils()
|
2022-01-21 14:10:36 +00:00
|
|
|
.save();
|
|
|
|
cy.wait(["@get"]);
|
2022-03-15 09:45:02 +00:00
|
|
|
masthead.checkNotificationMessage("Successfully created the policy", true);
|
2022-04-19 12:25:57 +00:00
|
|
|
|
2022-04-08 08:56:20 +00:00
|
|
|
sidebarPage.waitForPageLoad();
|
2022-04-19 12:25:57 +00:00
|
|
|
authenticationTab.formUtils().cancel();
|
2022-01-21 14:10:36 +00:00
|
|
|
});
|
|
|
|
|
2022-04-21 09:26:58 +00:00
|
|
|
it("Should create a permission", () => {
|
2022-01-12 16:01:54 +00:00
|
|
|
authenticationTab.goToPermissionsSubTab();
|
|
|
|
|
2022-04-19 12:25:57 +00:00
|
|
|
permissionsSubTab.createPermission("resource").fillPermissionForm({
|
|
|
|
name: "Permission name",
|
|
|
|
description: "Something describing this permission",
|
|
|
|
});
|
|
|
|
permissionsSubTab.selectResource("Default Resource").formUtils().save();
|
2022-03-15 09:45:02 +00:00
|
|
|
cy.intercept(
|
2023-07-11 14:03:21 +00:00
|
|
|
"/admin/realms/master/clients/*/authz/resource-server/resource?first=0&max=10&permission=false",
|
2022-03-15 09:45:02 +00:00
|
|
|
).as("load");
|
|
|
|
masthead.checkNotificationMessage(
|
|
|
|
"Successfully created the permission",
|
2023-07-11 14:03:21 +00:00
|
|
|
true,
|
2022-03-15 09:45:02 +00:00
|
|
|
);
|
2022-04-19 12:25:57 +00:00
|
|
|
authenticationTab.formUtils().cancel();
|
2022-02-09 22:37:31 +00:00
|
|
|
});
|
|
|
|
|
2022-04-08 08:56:20 +00:00
|
|
|
it.skip("Should copy auth details", () => {
|
2022-04-19 12:25:57 +00:00
|
|
|
const exportTab = authenticationTab.goToExportSubTab();
|
2022-04-08 08:56:20 +00:00
|
|
|
sidebarPage.waitForPageLoad();
|
2022-04-19 12:25:57 +00:00
|
|
|
exportTab.copy();
|
2022-03-15 09:45:02 +00:00
|
|
|
masthead.checkNotificationMessage("Authorization details copied.", true);
|
2022-02-09 22:37:31 +00:00
|
|
|
});
|
|
|
|
|
2022-03-15 09:45:02 +00:00
|
|
|
it("Should export auth details", () => {
|
2022-04-19 12:25:57 +00:00
|
|
|
const exportTab = authenticationTab.goToExportSubTab();
|
2022-04-08 08:56:20 +00:00
|
|
|
sidebarPage.waitForPageLoad();
|
2022-04-19 12:25:57 +00:00
|
|
|
exportTab.export();
|
2022-02-09 22:37:31 +00:00
|
|
|
|
|
|
|
masthead.checkNotificationMessage(
|
2022-03-15 09:45:02 +00:00
|
|
|
"Successfully exported authorization details.",
|
2023-07-11 14:03:21 +00:00
|
|
|
true,
|
2022-02-09 22:37:31 +00:00
|
|
|
);
|
2022-01-12 16:01:54 +00:00
|
|
|
});
|
2023-03-22 16:14:53 +00:00
|
|
|
|
2023-11-28 13:07:11 +00:00
|
|
|
describe("Client authorization tab access for view-realm-authorization", () => {
|
|
|
|
const clientId = "realm-view-authz-client-" + uuid();
|
|
|
|
|
|
|
|
beforeEach(async () => {
|
|
|
|
const [, testUser] = await Promise.all([
|
|
|
|
adminClient.createRealm("realm-view-authz"),
|
|
|
|
adminClient.createUser({
|
|
|
|
// Create user in master realm
|
|
|
|
username: "test-view-authz-user",
|
|
|
|
enabled: true,
|
|
|
|
credentials: [{ type: "password", value: "password" }],
|
|
|
|
}),
|
|
|
|
]);
|
|
|
|
|
|
|
|
await Promise.all([
|
|
|
|
adminClient.addClientRoleToUser(
|
|
|
|
testUser.id!,
|
|
|
|
"realm-view-authz-realm",
|
|
|
|
["view-realm", "view-users", "view-authorization", "view-clients"],
|
|
|
|
),
|
|
|
|
adminClient.createClient({
|
|
|
|
realm: "realm-view-authz",
|
|
|
|
clientId,
|
|
|
|
authorizationServicesEnabled: true,
|
|
|
|
serviceAccountsEnabled: true,
|
|
|
|
standardFlowEnabled: true,
|
|
|
|
}),
|
|
|
|
]);
|
|
|
|
});
|
|
|
|
|
|
|
|
after(() =>
|
|
|
|
Promise.all([
|
|
|
|
adminClient.deleteClient(clientId),
|
|
|
|
adminClient.deleteUser("test-view-authz-user"),
|
|
|
|
adminClient.deleteRealm("realm-view-authz"),
|
|
|
|
]),
|
|
|
|
);
|
|
|
|
|
|
|
|
it("Should view autorization tab", () => {
|
|
|
|
sidebarPage.waitForPageLoad();
|
|
|
|
masthead.signOut();
|
|
|
|
|
|
|
|
sidebarPage.waitForPageLoad();
|
|
|
|
loginPage.logIn("test-view-authz-user", "password");
|
|
|
|
keycloakBefore();
|
|
|
|
|
|
|
|
sidebarPage
|
|
|
|
.waitForPageLoad()
|
|
|
|
.goToRealm("realm-view-authz")
|
|
|
|
.waitForPageLoad()
|
|
|
|
.goToClients();
|
|
|
|
|
|
|
|
listingPage
|
|
|
|
.searchItem(clientId, true, "realm-view-authz")
|
|
|
|
.goToItemDetails(clientId);
|
|
|
|
clientDetailsPage.goToAuthorizationTab();
|
|
|
|
|
|
|
|
authenticationTab.goToResourcesSubTab();
|
|
|
|
sidebarPage.waitForPageLoad();
|
|
|
|
listingPage.goToItemDetails("Resource");
|
|
|
|
sidebarPage.waitForPageLoad();
|
|
|
|
cy.go("back");
|
|
|
|
|
|
|
|
authenticationTab.goToScopesSubTab();
|
|
|
|
sidebarPage.waitForPageLoad();
|
|
|
|
authenticationTab.goToPoliciesSubTab();
|
|
|
|
sidebarPage.waitForPageLoad();
|
|
|
|
authenticationTab.goToPermissionsSubTab();
|
|
|
|
sidebarPage.waitForPageLoad();
|
|
|
|
authenticationTab.goToEvaluateSubTab();
|
|
|
|
sidebarPage.waitForPageLoad();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
2023-03-22 16:14:53 +00:00
|
|
|
describe("Accessibility tests for client authorization", () => {
|
|
|
|
beforeEach(() => {
|
|
|
|
loginPage.logIn();
|
|
|
|
keycloakBefore();
|
|
|
|
sidebarPage.goToClients();
|
|
|
|
listingPage.searchItem(clientId).goToItemDetails(clientId);
|
|
|
|
clientDetailsPage.goToAuthorizationTab();
|
|
|
|
cy.injectAxe();
|
|
|
|
});
|
|
|
|
|
|
|
|
it("Check a11y violations on load/ client authorization", () => {
|
|
|
|
cy.checkA11y();
|
|
|
|
});
|
|
|
|
});
|
2022-01-12 16:01:54 +00:00
|
|
|
});
|