IDP OIDC settings tab testing (#3601)

2022-10-26 10:43:52 +01:00 · 2022-10-26 10:43:52 +01:00 · e463f99d40
commit e463f99d40
parent 19bb209899
3 changed files with 221 additions and 4 deletions
--- a/apps/admin-ui/cypress/e2e/identity_providers_oidc_test.spec.ts
+++ b/apps/admin-ui/cypress/e2e/identity_providers_oidc_test.spec.ts
@ -6,6 +6,11 @@ import ListingPage from "../support/pages/admin_console/ListingPage";
 import CreateProviderPage from "../support/pages/admin_console/manage/identity_providers/CreateProviderPage";
 import ModalUtils from "../support/util/ModalUtils";
 import AddMapperPage from "../support/pages/admin_console/manage/identity_providers/AddMapperPage";
+import ProviderBaseGeneralSettingsPage from "../support/pages/admin_console/manage/identity_providers/ProviderBaseGeneralSettingsPage";
+import ProviderBaseAdvancedSettingsPage, {
+  ClientAuthentication,
+  PromptSelect,
+} from "../support/pages/admin_console/manage/identity_providers/ProviderBaseAdvancedSettingsPage";

 describe("OIDC identity provider test", () => {
  const loginPage = new LoginPage();
@ -51,6 +56,53 @@ describe("OIDC identity provider test", () => {
      createProviderPage.shouldHaveAuthorizationUrl(authorizationUrl);
    });

+    it("should test all settings", () => {
+      const providerBaseGeneralSettingsPage =
+        new ProviderBaseGeneralSettingsPage();
+      const providerBaseAdvancedSettingsPage =
+        new ProviderBaseAdvancedSettingsPage();
+
+      sidebarPage.goToIdentityProviders();
+      listingPage.goToItemDetails(oidcProviderName);
+      //general settings
+      cy.findByTestId("displayName").click().type("OIDC");
+      cy.findByTestId("jump-link-general-settings").click();
+      providerBaseGeneralSettingsPage.typeDisplayOrder("1");
+      createProviderPage.clickSave();
+      masthead.checkNotificationMessage("Provider successfully updated", true);
+
+      //OIDC Settings and save/revert buttons
+      providerBaseAdvancedSettingsPage.assertOIDCUrl("authorization");
+      providerBaseAdvancedSettingsPage.assertOIDCUrl("token");
+      //OIDC Switches
+      providerBaseAdvancedSettingsPage.assertOIDCSignatureSwitch();
+      providerBaseAdvancedSettingsPage.assertOIDCPKCESwitch();
+      //Client Authentication
+      providerBaseAdvancedSettingsPage.assertOIDCClientAuthentication(
+        ClientAuthentication.basicAuth
+      );
+      providerBaseAdvancedSettingsPage.assertOIDCClientAuthentication(
+        ClientAuthentication.jwt
+      );
+      providerBaseAdvancedSettingsPage.assertOIDCClientAuthentication(
+        ClientAuthentication.jwtPrivKey
+      );
+      providerBaseAdvancedSettingsPage.assertOIDCClientAuthentication(
+        ClientAuthentication.post
+      );
+      //OIDC Advanced Settings
+      providerBaseAdvancedSettingsPage.assertOIDCSettingsAdvancedSwitches();
+      providerBaseAdvancedSettingsPage.selectPromptOption(PromptSelect.none);
+      providerBaseAdvancedSettingsPage.selectPromptOption(PromptSelect.consent);
+      providerBaseAdvancedSettingsPage.selectPromptOption(PromptSelect.login);
+      providerBaseAdvancedSettingsPage.selectPromptOption(PromptSelect.select);
+      providerBaseAdvancedSettingsPage.selectPromptOption(
+        PromptSelect.unspecified
+      );
+      //Advanced Settings
+      providerBaseAdvancedSettingsPage.assertAdvancedSettings();
+    });
+
    it("should add OIDC mapper of type Attribute Importer", () => {
      sidebarPage.goToIdentityProviders();
      listingPage.goToItemDetails(oidcProviderName);
--- a/apps/admin-ui/cypress/support/pages/admin_console/manage/identity_providers/ProviderBaseAdvancedSettingsPage.ts
+++ b/apps/admin-ui/cypress/support/pages/admin_console/manage/identity_providers/ProviderBaseAdvancedSettingsPage.ts
@ -1,4 +1,7 @@
 import PageObject from "../../components/PageObject";
+import Masthead from "../../Masthead";
+
+const masthead = new Masthead();

 export enum LoginFlowOption {
  none = "None",
@ -17,11 +20,32 @@ export enum SyncModeOption {
  force = "Force",
 }

+export enum PromptSelect {
+  unspecified = "Unspecified",
+  none = "None",
+  consent = "Consent",
+  login = "Login",
+  select = "Select account",
+}
+
+export enum ClientAuthentication {
+  post = "Client secret sent as basic auth",
+  basicAuth = "Client secret as jwt",
+  jwt = "JWT signed with private key",
+  jwtPrivKey = "Client secret sent as post",
+}
+
 export default class ProviderBaseGeneralSettingsPage extends PageObject {
  private scopesInput = "#scopes";
  private storeTokensSwitch = "#storeTokens";
  private storedTokensReadable = "#storedTokensReadable";
  private acceptsPromptNoneForwardFromClientSwitch = "#acceptsPromptNone";
+  private advancedSettingsToggle = ".pf-c-expandable-section__toggle";
+  private passLoginHintSwitch = "#passLoginHint";
+  private passMaxAgeSwitch = "#passMaxAge";
+  private passCurrentLocaleSwitch = "#passCurrentLocale";
+  private backchannelLogoutSwitch = "#backchannelLogout";
+  private promptSelect = "#prompt";
  private disableUserInfoSwitch = "#disableUserInfo";
  private trustEmailSwitch = "#trustEmail";
  private accountLinkingOnlySwitch = "#accountLinkingOnly";
@ -30,6 +54,23 @@ export default class ProviderBaseGeneralSettingsPage extends PageObject {
  private postLoginFlowSelect = "#postBrokerLoginFlowAlias";
  private syncModeSelect = "#syncMode";
  private addBtn = "createProvider";
+  private saveBtn = "save";
+  private revertBtn = "revert";
+
+  private validateSignature = "#validateSignature";
+  private JwksSwitch = "#useJwksUrl";
+  private jwksUrl = "jwksUrl";
+  private pkceSwitch = "#pkceEnabled";
+  private pkceMethod = "#pkceMethod";
+  private clientAuth = "#clientAuthentication";
+
+  public clickSaveBtn() {
+    cy.findByTestId(this.saveBtn).click();
+  }
+
+  public clickRevertBtn() {
+    cy.findByTestId(this.revertBtn).click();
+  }

  public typeScopesInput(text: string) {
    cy.get(this.scopesInput).type(text).blur();
@ -75,7 +116,7 @@ export default class ProviderBaseGeneralSettingsPage extends PageObject {
    cy.get(this.firstLoginFlowSelect).click();
    super.clickSelectMenuItem(
      loginFlowOption,
-      cy.get(this.firstLoginFlowSelect).parent()
+      cy.get(".pf-c-select__menu-item").contains(loginFlowOption)
    );
    return this;
  }
@ -84,7 +125,7 @@ export default class ProviderBaseGeneralSettingsPage extends PageObject {
    cy.get(this.postLoginFlowSelect).click();
    super.clickSelectMenuItem(
      loginFlowOption,
-      cy.get(this.postLoginFlowSelect).parent()
+      cy.get(".pf-c-select__menu-item").contains(loginFlowOption)
    );
    return this;
  }
@ -93,7 +134,16 @@ export default class ProviderBaseGeneralSettingsPage extends PageObject {
    cy.get(this.syncModeSelect).click();
    super.clickSelectMenuItem(
      syncModeOption,
-      cy.get(this.syncModeSelect).parent()
+      cy.get(".pf-c-select__menu-item").contains(syncModeOption)
+    );
+    return this;
+  }
+
+  public selectPromptOption(promptOption: PromptSelect) {
+    cy.get(this.promptSelect).click();
+    super.clickSelectMenuItem(
+      promptOption,
+      cy.get(".pf-c-select__menu-item").contains(promptOption).parent()
    );
    return this;
  }
@ -167,7 +217,120 @@ export default class ProviderBaseGeneralSettingsPage extends PageObject {
  }

  public assertSyncModeSelectOptionEqual(syncModeOption: SyncModeOption) {
-    cy.get(this.postLoginFlowSelect).should("have.text", syncModeOption);
+    cy.get(this.syncModeSelect).should("have.text", syncModeOption);
+    return this;
+  }
+
+  public assertOIDCUrl(url: string) {
+    cy.findByTestId("jump-link-openid-connect-settings").click();
+    cy.findByTestId(url + "Url")
+      .clear()
+      .type("invalidUrl");
+    this.clickSaveBtn();
+    masthead.checkNotificationMessage(
+      "Could not update the provider The url [" + url + "_url] is malformed",
+      true
+    );
+    this.clickRevertBtn();
+    //cy.findByTestId(url + "Url").contains
+    //("http://localhost:8180/realms/master/protocol/openid-connect/" + url)
+    return this;
+  }
+
+  public assertOIDCSignatureSwitch() {
+    cy.findByTestId("jump-link-openid-connect-settings").click();
+    cy.findByTestId(this.jwksUrl).should("exist");
+    super.assertSwitchStateOn(cy.get(this.JwksSwitch));
+
+    cy.get(this.JwksSwitch).parent().click();
+    cy.findByTestId(this.jwksUrl).should("not.exist");
+    super.assertSwitchStateOff(cy.get(this.JwksSwitch));
+
+    cy.get(this.validateSignature).parent().click();
+    cy.findByTestId(this.jwksUrl).should("not.exist");
+    super.assertSwitchStateOff(cy.get(this.validateSignature));
+
+    this.clickRevertBtn();
+    cy.findByTestId(this.jwksUrl).should("exist");
+    return this;
+  }
+
+  public assertOIDCPKCESwitch() {
+    cy.findByTestId("jump-link-openid-connect-settings").click();
+    super.assertSwitchStateOff(cy.get(this.pkceSwitch));
+    cy.get(this.pkceMethod).should("not.exist");
+    cy.get(this.pkceSwitch).parent().click();
+
+    super.assertSwitchStateOn(cy.get(this.pkceSwitch));
+    cy.get(this.pkceMethod).should("exist");
+    return this;
+  }
+
+  public assertOIDCClientAuthentication(option: ClientAuthentication) {
+    cy.findByTestId("jump-link-openid-connect-settings").click();
+    cy.get(this.clientAuth)
+      .click()
+      .get(".pf-c-select__menu-item")
+      .contains(option)
+      .click();
+    return this;
+  }
+
+  public assertOIDCSettingsAdvancedSwitches() {
+    cy.get(this.advancedSettingsToggle).scrollIntoView().click();
+
+    cy.get(this.passLoginHintSwitch).parent().click();
+    super.assertSwitchStateOn(cy.get(this.passLoginHintSwitch));
+
+    cy.get(this.passMaxAgeSwitch).parent().click();
+    super.assertSwitchStateOn(cy.get(this.passMaxAgeSwitch));
+
+    cy.get(this.passCurrentLocaleSwitch).parent().click();
+    super.assertSwitchStateOn(cy.get(this.passCurrentLocaleSwitch));
+
+    cy.get(this.backchannelLogoutSwitch).parent().click();
+    super.assertSwitchStateOn(cy.get(this.backchannelLogoutSwitch));
+
+    cy.get(this.disableUserInfoSwitch).parent().click();
+    super.assertSwitchStateOn(cy.get(this.disableUserInfoSwitch));
+
+    this.clickAcceptsPromptNoneForwardFromClientSwitch();
+    super.assertSwitchStateOn(
+      cy.get(this.acceptsPromptNoneForwardFromClientSwitch)
+    );
+    return this;
+  }
+
+  public assertAdvancedSettings() {
+    cy.findByTestId("jump-link-advanced-settings").click();
+
+    this.clickStoreTokensSwitch();
+    this.assertStoreTokensSwitchTurnedOn(true);
+    this.clickStoredTokensReadableSwitch();
+    this.assertStoredTokensReadableTurnedOn(true);
+    this.clickTrustEmailSwitch();
+    this.assertTrustEmailSwitchTurnedOn(true);
+    this.clickAccountLinkingOnlySwitch();
+    this.assertAccountLinkingOnlySwitchTurnedOn(true);
+    this.clickHideOnLoginPageSwitch();
+    this.assertHideOnLoginPageSwitchTurnedOn(true);
+
+    this.selectFirstLoginFlowOption(LoginFlowOption.browser);
+    this.selectPostLoginFlowOption(LoginFlowOption.directGrant);
+    this.selectSyncModeOption(SyncModeOption.legacy);
+
+    this.clickRevertBtn();
+    this.assertStoreTokensSwitchTurnedOn(false);
+    this.assertStoredTokensReadableTurnedOn(false);
+    this.assertTrustEmailSwitchTurnedOn(false);
+    this.assertAccountLinkingOnlySwitchTurnedOn(false);
+    this.assertHideOnLoginPageSwitchTurnedOn(false);
+
+    this.assertFirstLoginFlowSelectOptionEqual(
+      LoginFlowOption.firstBrokerLogin
+    );
+    this.assertPostLoginFlowSelectOptionEqual(LoginFlowOption.none);
+    this.assertSyncModeSelectOptionEqual(SyncModeOption.import);
    return this;
  }
 }
--- a/apps/admin-ui/src/identity-providers/add/DiscoverySettings.tsx
+++ b/apps/admin-ui/src/identity-providers/add/DiscoverySettings.tsx
@ -87,6 +87,7 @@ const Fields = ({ readOnly }: DiscoverySettingsProps) => {
        <KeycloakTextInput
          type="text"
          id="tokenUrl"
+          data-testid="tokenUrl"
          name="config.tokenUrl"
          ref={register({ required: true })}
          validated={
@ -118,6 +119,7 @@ const Fields = ({ readOnly }: DiscoverySettingsProps) => {
          <SwitchField
            field="config.useJwksUrl"
            label="useJwksUrl"
+            data-testid="useJwksUrl"
            isReadOnly={readOnly}
          />
          {useJwks === "true" && (