From 63db27ac2636a404652cd67e41a55901b4aec11a Mon Sep 17 00:00:00 2001 From: Thamindu Dilshan Jayawickrama <35653110+ThaminduDilshan@users.noreply.github.com> Date: Mon, 23 Oct 2023 22:35:22 +0530 Subject: [PATCH 1/3] Revert "Revert "Add integration tests for inbound auth config APIs"" --- .../server/configs/v1/ConfigFailureTest.java | 9 ++ .../server/configs/v1/ConfigSuccessTest.java | 86 +++++++++++++++++++ .../api/server/configs/v1/ConfigTestBase.java | 8 ++ ...date-passive-sts-inbound-auth-configs.json | 3 + ...ate-saml-inbound-auth-configs-invalid.json | 5 ++ .../v1/update-saml-inbound-auth-configs.json | 7 ++ 6 files changed, 118 insertions(+) create mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-passive-sts-inbound-auth-configs.json create mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs-invalid.json create mode 100644 modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs.json diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigFailureTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigFailureTest.java index 3d1a831a6c8..5d7c314fd0b 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigFailureTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigFailureTest.java @@ -120,4 +120,13 @@ public void testPatchCORSConfigsWithInvalidOperation() throws Exception { Response response = getResponseOfPatch(CORS_CONFIGS_API_BASE_PATH, body); validateErrorResponse(response, HttpStatus.SC_BAD_REQUEST, "CNF-60003", "Unsupported patch operation"); } + + @Test + public void testUpdateSAMLInboundAuthConfigsWithEmptyDestinationUrls() throws IOException { + + String body = readResource("update-saml-inbound-auth-configs-invalid.json"); + Response response = getResponseOfPatch(SAML_INBOUND_AUTH_CONFIG_API_PATH, body); + validateErrorResponse(response, HttpStatus.SC_BAD_REQUEST, "CNF-60003", + "One of the given inputs is invalid. Should contain at least one destination URL."); + } } diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java index 383f6ac283e..fb7aca0ac7e 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java @@ -20,6 +20,7 @@ import io.restassured.response.Response; import org.apache.commons.lang.StringUtils; import org.apache.http.HttpStatus; +import org.junit.Assert; import org.testng.annotations.AfterClass; import org.testng.annotations.AfterMethod; import org.testng.annotations.BeforeClass; @@ -28,9 +29,13 @@ import org.testng.annotations.Factory; import org.testng.annotations.Test; import org.wso2.carbon.automation.engine.context.TestUserMode; +import org.wso2.carbon.utils.multitenancy.MultitenantConstants; import org.wso2.carbon.utils.multitenancy.MultitenantUtils; import java.io.IOException; +import java.util.Arrays; + +import javax.xml.xpath.XPathExpressionException; import static org.hamcrest.CoreMatchers.containsString; import static org.hamcrest.CoreMatchers.equalTo; @@ -259,4 +264,85 @@ public void testPatchCORSConfigs() throws Exception { .body("supportsCredentials", equalTo(false)) .body("maxAge", equalTo(3600)); } + + @Test + public void testGetSAMLInboundAuthConfigs() throws XPathExpressionException { + + Response response = getResponseOfGet(SAML_INBOUND_AUTH_CONFIG_API_PATH); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_OK) + .body("destinationURLs", notNullValue()) + .body("metadataValidityPeriod", equalTo(60)) + .body("enableMetadataSigning", equalTo(false)) + .body("metadataEndpoint", + MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(context.getContextTenant().getDomain()) + ? equalTo(SAML_METADATA_ENDPOINT_SUPER_TENANT) + : equalTo(SAML_METADATA_ENDPOINT_TENANT)); + + String[] destinationUrls = response.jsonPath().getString("destinationURLs") + .replace("[", "").replace("]", "").split(","); + if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(context.getContextTenant().getDomain())) { + Assert.assertArrayEquals(new String[]{SAML_SSO_URL_SUPER_TENANT}, destinationUrls); + } else { + Assert.assertArrayEquals(new String[]{SAML_SSO_URL_TENANT}, destinationUrls); + } + } + + @Test(dependsOnMethods = {"testGetSAMLInboundAuthConfigs"}) + public void testUpdateSAMLInboundAuthConfigs() throws IOException { + + String body = readResource("update-saml-inbound-auth-configs.json"); + Response response = getResponseOfPatch(SAML_INBOUND_AUTH_CONFIG_API_PATH, body); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_OK); + + response = getResponseOfGet(SAML_INBOUND_AUTH_CONFIG_API_PATH); + + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_OK) + .body("destinationURLs", notNullValue()) + .body("metadataValidityPeriod", equalTo(120)) + .body("enableMetadataSigning", equalTo(true)); + + String[] destinationUrls = response.jsonPath().getString("destinationURLs") + .replace("[", "").replace("]", "").replace(" ", "").split(","); + Assert.assertEquals(2, destinationUrls.length); + Assert.assertTrue(Arrays.asList(destinationUrls).contains("https://localhost:9853/test/updated")); + } + + @Test + public void testGetPassiveSTSInboundAuthConfigs() throws XPathExpressionException { + + Response response = getResponseOfGet(PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_OK) + .body("enableRequestSigning", equalTo(false)) + .body("passiveSTSUrl", equalTo(PASSIVE_STS_URL)); + } + + @Test(dependsOnMethods = {"testGetPassiveSTSInboundAuthConfigs"}) + public void testUpdatePassiveSTSInboundAuthConfigs() throws IOException { + + String body = readResource("update-passive-sts-inbound-auth-configs.json"); + Response response = getResponseOfPatch(PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH, body); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_OK); + + response = getResponseOfGet(PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH); + response.then() + .log().ifValidationFails() + .assertThat() + .statusCode(HttpStatus.SC_OK) + .body("enableRequestSigning", equalTo(true)); + } } diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java index f289c60a531..530e8e424e7 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java @@ -40,6 +40,14 @@ public class ConfigTestBase extends RESTAPIServerTestBase { public static final String CONFIGS_INBOUND_SCIM_API_BASE_PATH = "/configs/provisioning/inbound/scim"; public static final String CORS_CONFIGS_API_BASE_PATH = "/configs/cors"; public static final String HOME_REALM_IDENTIFIERS_API_BASE_PATH = "/configs/home-realm-identifiers"; + public static final String SAML_INBOUND_AUTH_CONFIG_API_PATH = "/configs/authentication/inbound/saml2"; + public static final String PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH = "/configs/authentication/inbound/passivests"; + public static final String SAML_METADATA_ENDPOINT_SUPER_TENANT = "https://localhost:9853/identity/metadata/saml2"; + public static final String SAML_METADATA_ENDPOINT_TENANT = + "https://localhost:9853/t/wso2.com/identity/metadata/saml2"; + public static final String SAML_SSO_URL_SUPER_TENANT = "https://localhost:9853/samlsso"; + public static final String SAML_SSO_URL_TENANT = "https://localhost:9853/samlsso?tenantDomain=wso2.com"; + public static final String PASSIVE_STS_URL = "https://localhost:9853/passivests"; public static final String PATH_SEPARATOR = "/"; public static final String SAMPLE_AUTHENTICATOR_ID = "QmFzaWNBdXRoZW50aWNhdG9y"; diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-passive-sts-inbound-auth-configs.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-passive-sts-inbound-auth-configs.json new file mode 100644 index 00000000000..84313fa32b5 --- /dev/null +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-passive-sts-inbound-auth-configs.json @@ -0,0 +1,3 @@ +{ + "enableRequestSigning": true +} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs-invalid.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs-invalid.json new file mode 100644 index 00000000000..ead3cff9f4e --- /dev/null +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs-invalid.json @@ -0,0 +1,5 @@ +{ + "destinationURLs": [], + "metadataValidityPeriod": 120, + "enableMetadataSigning": true +} diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs.json new file mode 100644 index 00000000000..1129e38f3c4 --- /dev/null +++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs.json @@ -0,0 +1,7 @@ +{ + "destinationURLs": [ + "https://localhost:9853/test/updated" + ], + "metadataValidityPeriod": 120, + "enableMetadataSigning": true +} From b072a6e312c899708878f2cb4273528e76af76dc Mon Sep 17 00:00:00 2001 From: Thamindu Dilshan Jayawickrama <35653110+ThaminduDilshan@users.noreply.github.com> Date: Mon, 23 Oct 2023 22:40:54 +0530 Subject: [PATCH 2/3] Update ConfigTestBase.java --- .../test/rest/api/server/configs/v1/ConfigTestBase.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java index 530e8e424e7..38925b05fc4 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java @@ -46,7 +46,7 @@ public class ConfigTestBase extends RESTAPIServerTestBase { public static final String SAML_METADATA_ENDPOINT_TENANT = "https://localhost:9853/t/wso2.com/identity/metadata/saml2"; public static final String SAML_SSO_URL_SUPER_TENANT = "https://localhost:9853/samlsso"; - public static final String SAML_SSO_URL_TENANT = "https://localhost:9853/samlsso?tenantDomain=wso2.com"; + public static final String SAML_SSO_URL_TENANT = "https://localhost:9853/t/wso2.com/samlsso"; public static final String PASSIVE_STS_URL = "https://localhost:9853/passivests"; public static final String PATH_SEPARATOR = "/"; From d246d80628d75d69859632766f5c88fdc9f305ef Mon Sep 17 00:00:00 2001 From: Thamindu Dilshan Jayawickrama <35653110+ThaminduDilshan@users.noreply.github.com> Date: Tue, 24 Oct 2023 01:12:21 +0530 Subject: [PATCH 3/3] changes for tenant qualified paths --- .../test/rest/api/server/configs/v1/ConfigSuccessTest.java | 5 ++++- .../test/rest/api/server/configs/v1/ConfigTestBase.java | 3 ++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java index fb7aca0ac7e..9b25a1df33d 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java @@ -325,7 +325,10 @@ public void testGetPassiveSTSInboundAuthConfigs() throws XPathExpressionExceptio .assertThat() .statusCode(HttpStatus.SC_OK) .body("enableRequestSigning", equalTo(false)) - .body("passiveSTSUrl", equalTo(PASSIVE_STS_URL)); + .body("passiveSTSUrl", + MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(context.getContextTenant().getDomain()) + ? equalTo(PASSIVE_STS_URL_SUPER_TENANT) + : equalTo(PASSIVE_STS_URL_TENANT)); } @Test(dependsOnMethods = {"testGetPassiveSTSInboundAuthConfigs"}) diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java index 38925b05fc4..89b0090a25c 100644 --- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java +++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java @@ -47,7 +47,8 @@ public class ConfigTestBase extends RESTAPIServerTestBase { "https://localhost:9853/t/wso2.com/identity/metadata/saml2"; public static final String SAML_SSO_URL_SUPER_TENANT = "https://localhost:9853/samlsso"; public static final String SAML_SSO_URL_TENANT = "https://localhost:9853/t/wso2.com/samlsso"; - public static final String PASSIVE_STS_URL = "https://localhost:9853/passivests"; + public static final String PASSIVE_STS_URL_SUPER_TENANT = "https://localhost:9853/passivests"; + public static final String PASSIVE_STS_URL_TENANT = "https://localhost:9853/t/wso2.com/passivests"; public static final String PATH_SEPARATOR = "/"; public static final String SAMPLE_AUTHENTICATOR_ID = "QmFzaWNBdXRoZW50aWNhdG9y";