Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce New Integration Tests to Validate Functionality of IdPs #21913

Original file line number Diff line number Diff line change
Expand Up @@ -674,6 +674,27 @@ protected Response getResponseOfPut(String endpointUri, String body) {
.put(endpointUri);
}

/**
* Invoke given endpointUri for PUT with given body and Basic authentication, authentication credential being the
* authenticatingUserName and authenticatingCredential
* This implementation does not incorporate any additional filters.
*
* @param endpointUri endpoint to be invoked
* @param body payload
* @return response
*/
protected Response getResponseOfPutWithNoFilter(String endpointUri, String body) {

return given().auth().preemptive().basic(authenticatingUserName, authenticatingCredential)
.contentType(ContentType.JSON)
.header(HttpHeaders.ACCEPT, ContentType.JSON)
.body(body)
.log().ifValidationFails()
.when()
.log().ifValidationFails()
.put(endpointUri);
}

/**
* Invoke given endpointUri for PUT with given body and Basic authentication, authentication credential being the
* authenticatingUserName and authenticatingCredential
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
package org.wso2.identity.integration.test.rest.api.server.idp.v1;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.restassured.RestAssured;
import io.restassured.response.Response;
import org.apache.commons.lang.StringUtils;
Expand Down Expand Up @@ -56,6 +57,8 @@ public class IdPFailureTest extends IdPTestBase {
private static final String FEDERATED_AUTHENTICATOR_PLACEHOLDER_1 = "\"<FEDERATED_AUTHENTICATOR_1>\"";
private static final String FEDERATED_AUTHENTICATOR_PLACEHOLDER_2 = "\"<FEDERATED_AUTHENTICATOR_2>\"";
private static final String IDP_NAME_PLACEHOLDER = "<IDP_NAME>";
private static final String METADATA_SAML_PLACEHOLDER = "<METADATA_SAML>";
private static final String OIDC_SCOPES_PLACEHOLDER = "\"<OIDC_SCOPES>\"";
private static final String CUSTOM_IDP_NAME = "CustomAuthIDP";
private static final String USER_DEFINED_AUTHENTICATOR_ID_1 = "Y3VzdG9tQXV0aGVudGljYXRvcjE=";
private static final String USER_DEFINED_AUTHENTICATOR_ID_2 = "Y3VzdG9tQXV0aGVudGljYXRvcg==";
Expand Down Expand Up @@ -140,6 +143,19 @@ public void addIdPWithDuplicateProperties() throws IOException {
validateErrorResponse(response, HttpStatus.SC_BAD_REQUEST, "IDP-60025");
}

@Test
public void testAddIdPWithDuplicatedPropertyKeys() throws IOException {
Shenali-SJ marked this conversation as resolved.
Show resolved Hide resolved

String body = readResource("add-idp-with-duplicated-property-keys.json");
Shenali-SJ marked this conversation as resolved.
Show resolved Hide resolved
Response response = getResponseOfPost(IDP_API_BASE_PATH, body);
response.then()
.log().ifValidationFails()
.assertThat()
.statusCode(HttpStatus.SC_BAD_REQUEST)
.body("message", equalTo("Invalid input."))
.body("description", equalTo("One of the given inputs is invalid. Duplicate properties are " +
"found in the request."));
}

@Test(dependsOnMethods = {"addIdPConflict"})
public void testGetIdPFederatedAuthenticatorWithInvalidAuthId() {
Expand Down Expand Up @@ -547,8 +563,12 @@ private Response createUserDefAuthenticator(String idpName, UserDefinedAuthentic
@Test
public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException {

String body = readResource("add-idp-oidc-standard-based.json");
Response response = getResponseOfPost(IDP_API_BASE_PATH, body);
String oidcIdpPayload = readResource("add-oidc-idp.json");
String oidcScopesProperties = convertToJasonPayload(
createAuthenticatorProperties("Scopes","openid country profile"), null);
String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties);

Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body);
response.then()
.log().ifValidationFails()
.assertThat()
Expand All @@ -561,8 +581,13 @@ public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException {
assertNotNull(oidcIdPId);

// update the OIDC IDP with duplicated scopes
String updateBody = readResource("update-idp-oidc-standard-based-duplicated-scopes.json");
Response updateResponse = getResponseOfPut(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId +
String updateOidcIdpPayload = readResource("update-oidc-idp.json");
String updateOidcScopesProperties = convertToJasonPayload(
createAuthenticatorProperties("Scopes","openid country profile"),
createAuthenticatorProperties("commonAuthQueryParams","scope=openid country profile"));
String updateBody = updateOidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, updateOidcScopesProperties);

Response updateResponse = getResponseOfPutWithNoFilter(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId +
PATH_SEPARATOR + IDP_FEDERATED_AUTHENTICATORS_PATH + PATH_SEPARATOR + OIDC_IDP_ID, updateBody);
updateResponse.then()
.log().ifValidationFails()
Expand All @@ -575,6 +600,59 @@ public void testUpdateIdPWithDuplicateOIDCScopes() throws IOException {
deleteCreatedIdP(oidcIdPId);
}

@Test
public void testUpdateOIDCIdPWithoutOpenidScope() throws IOException {

String oidcIdpPayload = readResource("add-oidc-idp.json");
String oidcScopesProperties = convertToJasonPayload(
createAuthenticatorProperties("Scopes","openid country profile"), null);
String body = oidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, oidcScopesProperties);

Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body);
response.then()
.log().ifValidationFails()
.assertThat()
.statusCode(HttpStatus.SC_CREATED)
.header(HttpHeaders.LOCATION, notNullValue());

String location = response.getHeader(HttpHeaders.LOCATION);
assertNotNull(location);
String oidcIdPId = location.substring(location.lastIndexOf("/") + 1);
assertNotNull(oidcIdPId);

// update the OIDC IdP without openid scope
String updateOidcIdpPayload = readResource("update-oidc-idp.json");
String updateOidcScopesProperties = convertToJasonPayload(
createAuthenticatorProperties("Scopes","country profile"), null);
String updateBody = updateOidcIdpPayload.replace(OIDC_SCOPES_PLACEHOLDER, updateOidcScopesProperties);

Response updateResponse = getResponseOfPutWithNoFilter(IDP_API_BASE_PATH + PATH_SEPARATOR + oidcIdPId +
PATH_SEPARATOR + IDP_FEDERATED_AUTHENTICATORS_PATH + PATH_SEPARATOR + OIDC_IDP_ID, updateBody);
updateResponse.then()
.log().ifValidationFails()
.assertThat()
.statusCode(HttpStatus.SC_BAD_REQUEST)
.body("message", equalTo("Invalid OIDC Scopes."))
.body("description", equalTo("Scopes must contain 'openid'."));

deleteCreatedIdP(oidcIdPId);
}

@Test
public void addSamlIdPWithoutMetadata() throws IOException {

String samlIdpPayload = readResource("add-saml-idp.json");
String body = samlIdpPayload.replace(METADATA_SAML_PLACEHOLDER, "");

Response response = getResponseOfPostNoFilter(IDP_API_BASE_PATH, body);
response.then()
.log().ifValidationFails()
.assertThat()
.statusCode(HttpStatus.SC_BAD_REQUEST)
.body("message", equalTo("Invalid SAML metadata."))
.body("description", equalTo("SAML metadata is invalid/empty."));
}

/**
* Deletes an Identity Provider by its ID and verifies the deletion.
*
Expand All @@ -597,4 +675,23 @@ private void deleteCreatedIdP(String idPId) {
.body("description", equalTo("Unable to find a resource matching the provided identity " +
"provider identifier " + idPId + "."));
}

private Map<String, String> createAuthenticatorProperties(String key, String value) {

Map<String, String> authenticatorProps = new HashMap<>();
authenticatorProps.put("key", key);
authenticatorProps.put("value", value);
return authenticatorProps;
}

public String convertToJasonPayload(Map<String, String> scopes, Map<String, String> commonAuthQueryParams)
throws JsonProcessingException {

ObjectMapper objectMapper = new ObjectMapper();
if (commonAuthQueryParams != null) {
return objectMapper.writeValueAsString(scopes) + "," +
objectMapper.writeValueAsString(commonAuthQueryParams);
}
return objectMapper.writeValueAsString(scopes);
}
}
Loading