Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add OAuth2redirectTest #1310

Open
wants to merge 29 commits into
base: master
Choose a base branch
from
Open

Add OAuth2redirectTest #1310

wants to merge 29 commits into from

Conversation

christiangoerdes
Copy link
Collaborator

No description provided.

@membrane-ci-server
Copy link

This pull request needs "/ok-to-test" from an authorized committer.

@christiangoerdes christiangoerdes marked this pull request as draft October 17, 2024 12:33
christiangoerdes and others added 9 commits October 17, 2024 15:24
@christiangoerdes
implemented simple test (WIP!).
7e27c12 
TODO Configure OAuth2
@christiangoerdes
test extension (WIP)
cbd9013
@t-burch
Add OAuth2 redirect test cases and update dependencies
7ae6c3c 
- Introduce new tests for GET and POST requests to validate OAuth2 redirection process.
- Add `ReturnInterceptor` to handle HTTP responses.
- Update the configuration for `MembraneAuthorizationService`.
- Initialize `MockAuthorizationServer` with login/logout simulation.
- Refactor setup and teardown methods for better resource management.
@christiangoerdes
Add URL decoding and response validation in OAuth2RedirectTest
354e296 
Implement URL decoding for state parameters in the OAuth2RedirectTest. Add tests to validate redirection status codes (307) during authentication flow and ensure headers contain correct locations. Introduce a new ConditionalInterceptor method for easier interceptor creation. Update B2CTestConfig to include clientPort configuration.
@christiangoerdes
Merge branch 'master' into OAuth2redirectTest
de57f31
@t-burch
Improve OAuth2 redirect test functionality and enhance code clarity
ed0ee30 
- Add UTF-8 charset import for decoding in URLParamUtil.
- Introduce CLIENT_URL and AUTH_SERVER_URL constants for maintainability.
- Ensure cookies are included in GET requests to follow redirections properly.
- Clean up unused code and comments for better readability.
@t-burch
Merge remote-tracking branch 'origin/OAuth2redirectTest' into OAuth2r…
7b42879 
…edirectTest
@christiangoerdes
Implement OAuth2 flow enhancements and logging configuration
4cbea77 
- Add null check for token endpoint in MembraneAuthorizationService.
- Refactor LogHelper methods to include conditional logging.
- Configure OAuth2 authorization server with user data, clients, and claims in OAuth2RedirectTest.
- Introduce azureRouter to handle OAuth2 requests and responses with appropriate interceptors.
- Add logging configuration to manage access and application logs.
- WIP!
@christiangoerdes
WIP:
a9ff3bd 
Refactor OAuth2RedirectTest for clarity and update authentication simulation steps

- Remove unused imports to clean up the code.
- Set location and consent file paths in the OAuth2AuthorizationServerInterceptor.
- Add detailed steps for user authentication simulation at the auth server.
- Implement checks and assertions for redirect responses and session cookies.
@rrayst
Copy link
Contributor

rrayst commented Oct 25, 2024

/ok-to-test

@christiangoerdes christiangoerdes marked this pull request as ready for review October 30, 2024 14:40
rrayst
rrayst previously approved these changes Oct 31, 2024
View reviewed changes
@t-burch t-burch requested a review from rrayst November 4, 2024 10:42
rrayst
rrayst previously approved these changes Nov 7, 2024
View reviewed changes
@rrayst
Copy link
Contributor

rrayst commented Nov 7, 2024

OK, so far. But this introduces adds a failing test to the suite.

Either remove it from the suite or fix the underlying problem.

@t-burch
Add redirect handling in OAuth2CallbackRequestHandler and update OAut…
55dbc3a 
…h2AuthFlowClient test

- Implement redirect logic in `doRedirect` method using HttpClient to handle GET requests.
- Capture original request exchange and print destination for debugging.
- Update test case to follow POST redirection in `OAuth2AuthFlowClient`.
@t-burch
Implement OAuth2 redirect handling in the doRedirect method
62d9808 
- Add logic to manage GET and non-GET requests differently
- Utilize a HttpClient to carry out the redirect process
- Generate a unique redirect key and store it in the session for non-GET requests
- Update the original request URI with the generated redirect parameter for proper redirection
@t-burch t-burch requested a review from rrayst November 11, 2024 08:40
t-burch and others added 4 commits November 11, 2024 09:40
@t-burch
Merge branch 'master' into OAuth2redirectTest
e68f5c7
@t-burch
Call the handler in OAuth2CallbackRequestHandler to process redirecti…
afcf054 
…on response
@t-burch
Refactor OAuth2 redirect test to streamline steps for GET and POST re…
998fa57 
…quests

- Consolidate test steps into methods for better readability and maintainability.
- Introduce separate handling for GET and POST requests in OAuth2AuthFlowClient.
- Implement a session mechanism to store redirected responses.
- Ensure assertions validate that the expected URLs are retained after redirection.
@t-burch
Add assertion to verify URL encoding in OAuth2RedirectTest
e71e139 
- Import `assertTrue` for testing.
- Update `OAuth2RedirectTest` to assert that the target URL starts with the expected format, ensuring proper handling of the `oa2redirect` parameter.
@t-burch
Copy link
Collaborator

t-burch commented Nov 11, 2024

/ok-to-test

@t-burch t-burch self-requested a review November 11, 2024 10:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@predic8 predic8 Awaiting requested review from predic8

@rrayst rrayst Awaiting requested review from rrayst

@t-burch t-burch Awaiting requested review from t-burch

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@christiangoerdes @rrayst @t-burch @predic8