forked from Github-Mirrors/canaille
refactor: all domains used in the unit test suite are now .test
this ensures they will never be valid, and will never generate real world requests
This commit is contained in:
Éloi Rivard
parent
0af36824cb
commit
77667c6f52
43 changed files with 446 additions and 441 deletions
|
|
@ -126,6 +126,7 @@ def email_validator(form, field):
|
|||
except ImportError:
|
||||
pass
|
||||
|
||||
email_validator.TEST_ENVIRONMENT = current_app.config.get("TESTING", False)
|
||||
wtforms.validators.Email()(form, field)
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -18,9 +18,9 @@ def test_create(testclient, backend, foo_group):
|
|||
"--formatted-name",
|
||||
"Johnny",
|
||||
"--emails",
|
||||
"foo@example.org",
|
||||
"foo@example.test",
|
||||
"--emails",
|
||||
"bar@example.org",
|
||||
"bar@example.test",
|
||||
"--given-name",
|
||||
"John",
|
||||
"--family-name",
|
||||
|
|
@ -40,8 +40,8 @@ def test_create(testclient, backend, foo_group):
|
|||
"created": mock.ANY,
|
||||
"last_modified": mock.ANY,
|
||||
"emails": [
|
||||
"foo@example.org",
|
||||
"bar@example.org",
|
||||
"foo@example.test",
|
||||
"bar@example.test",
|
||||
],
|
||||
"family_name": "Doe",
|
||||
"given_name": "John",
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ def test_delete_by_id(testclient, backend):
|
|||
user = models.User(
|
||||
formatted_name="Foo bar",
|
||||
family_name="Bar",
|
||||
emails=["foobar@example.org"],
|
||||
emails=["foobar@example.test"],
|
||||
user_name="foobar",
|
||||
)
|
||||
backend.save(user)
|
||||
|
|
@ -24,7 +24,7 @@ def test_delete_by_identifier(testclient, backend):
|
|||
user = models.User(
|
||||
formatted_name="Foo bar",
|
||||
family_name="Bar",
|
||||
emails=["foobar@example.org"],
|
||||
emails=["foobar@example.test"],
|
||||
user_name="foobar",
|
||||
)
|
||||
backend.save(user)
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ def test_get(testclient, backend, user):
|
|||
"created": mock.ANY,
|
||||
"display_name": "Johnny",
|
||||
"emails": [
|
||||
"john@doe.com",
|
||||
"john@doe.test",
|
||||
],
|
||||
"family_name": "Doe",
|
||||
"formatted_address": "1235, somewhere",
|
||||
|
|
@ -39,7 +39,7 @@ def test_get(testclient, backend, user):
|
|||
"555-000-000",
|
||||
],
|
||||
"preferred_language": "en",
|
||||
"profile_url": "https://john.example",
|
||||
"profile_url": "https://john.test",
|
||||
"user_name": "user",
|
||||
},
|
||||
]
|
||||
|
|
@ -56,7 +56,7 @@ def test_get_model_filter(testclient, backend, user, admin, foo_group):
|
|||
"created": mock.ANY,
|
||||
"display_name": "Johnny",
|
||||
"emails": [
|
||||
"john@doe.com",
|
||||
"john@doe.test",
|
||||
],
|
||||
"family_name": "Doe",
|
||||
"formatted_address": "1235, somewhere",
|
||||
|
|
@ -69,7 +69,7 @@ def test_get_model_filter(testclient, backend, user, admin, foo_group):
|
|||
"555-000-000",
|
||||
],
|
||||
"preferred_language": "en",
|
||||
"profile_url": "https://john.example",
|
||||
"profile_url": "https://john.test",
|
||||
"user_name": "user",
|
||||
"groups": [foo_group.id],
|
||||
},
|
||||
|
|
@ -87,7 +87,7 @@ def test_get_datetime_filter(testclient, backend, user):
|
|||
"created": mock.ANY,
|
||||
"display_name": "Johnny",
|
||||
"emails": [
|
||||
"john@doe.com",
|
||||
"john@doe.test",
|
||||
],
|
||||
"family_name": "Doe",
|
||||
"formatted_address": "1235, somewhere",
|
||||
|
|
@ -100,7 +100,7 @@ def test_get_datetime_filter(testclient, backend, user):
|
|||
"555-000-000",
|
||||
],
|
||||
"preferred_language": "en",
|
||||
"profile_url": "https://john.example",
|
||||
"profile_url": "https://john.test",
|
||||
"user_name": "user",
|
||||
},
|
||||
]
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ def test_set_string_by_id(testclient, backend, user):
|
|||
"created": mock.ANY,
|
||||
"display_name": "Johnny",
|
||||
"emails": [
|
||||
"john@doe.com",
|
||||
"john@doe.test",
|
||||
],
|
||||
"family_name": "Doe",
|
||||
"formatted_address": "1235, somewhere",
|
||||
|
|
@ -27,7 +27,7 @@ def test_set_string_by_id(testclient, backend, user):
|
|||
"555-000-000",
|
||||
],
|
||||
"preferred_language": "en",
|
||||
"profile_url": "https://john.example",
|
||||
"profile_url": "https://john.test",
|
||||
"user_name": "user",
|
||||
}
|
||||
backend.reload(user)
|
||||
|
|
@ -44,7 +44,7 @@ def test_set_string_by_identifier(testclient, backend, user):
|
|||
"created": mock.ANY,
|
||||
"display_name": "Johnny",
|
||||
"emails": [
|
||||
"john@doe.com",
|
||||
"john@doe.test",
|
||||
],
|
||||
"family_name": "Doe",
|
||||
"formatted_address": "1235, somewhere",
|
||||
|
|
@ -57,7 +57,7 @@ def test_set_string_by_identifier(testclient, backend, user):
|
|||
"555-000-000",
|
||||
],
|
||||
"preferred_language": "en",
|
||||
"profile_url": "https://john.example",
|
||||
"profile_url": "https://john.test",
|
||||
"user_name": "user",
|
||||
}
|
||||
backend.reload(user)
|
||||
|
|
@ -75,9 +75,9 @@ def test_set_multiple(testclient, backend, user):
|
|||
"user",
|
||||
user.id,
|
||||
"--emails",
|
||||
"foo@example.org",
|
||||
"foo@example.test",
|
||||
"--emails",
|
||||
"bar@example.org",
|
||||
"bar@example.test",
|
||||
],
|
||||
)
|
||||
assert res.exit_code == 0, res.stdout
|
||||
|
|
@ -85,8 +85,8 @@ def test_set_multiple(testclient, backend, user):
|
|||
"created": mock.ANY,
|
||||
"display_name": "Johnny",
|
||||
"emails": [
|
||||
"foo@example.org",
|
||||
"bar@example.org",
|
||||
"foo@example.test",
|
||||
"bar@example.test",
|
||||
],
|
||||
"family_name": "Doe",
|
||||
"formatted_address": "1235, somewhere",
|
||||
|
|
@ -99,13 +99,13 @@ def test_set_multiple(testclient, backend, user):
|
|||
"555-000-000",
|
||||
],
|
||||
"preferred_language": "en",
|
||||
"profile_url": "https://john.example",
|
||||
"profile_url": "https://john.test",
|
||||
"user_name": "user",
|
||||
}
|
||||
backend.reload(user)
|
||||
assert user.emails == [
|
||||
"foo@example.org",
|
||||
"bar@example.org",
|
||||
"foo@example.test",
|
||||
"bar@example.test",
|
||||
]
|
||||
|
||||
|
||||
|
|
@ -129,7 +129,7 @@ def test_set_remove_simple_attribute(testclient, backend, user, admin):
|
|||
"created": mock.ANY,
|
||||
"display_name": "Johnny",
|
||||
"emails": [
|
||||
"john@doe.com",
|
||||
"john@doe.test",
|
||||
],
|
||||
"family_name": "Doe",
|
||||
"formatted_name": "John (johnny) Doe",
|
||||
|
|
@ -141,7 +141,7 @@ def test_set_remove_simple_attribute(testclient, backend, user, admin):
|
|||
"555-000-000",
|
||||
],
|
||||
"preferred_language": "en",
|
||||
"profile_url": "https://john.example",
|
||||
"profile_url": "https://john.test",
|
||||
"user_name": "user",
|
||||
}
|
||||
backend.reload(user)
|
||||
|
|
@ -161,7 +161,7 @@ def test_set_remove_multiple_attribute(testclient, backend, user, admin, foo_gro
|
|||
"created": mock.ANY,
|
||||
"display_name": "Johnny",
|
||||
"emails": [
|
||||
"john@doe.com",
|
||||
"john@doe.test",
|
||||
],
|
||||
"family_name": "Doe",
|
||||
"formatted_name": "John (johnny) Doe",
|
||||
|
|
@ -174,7 +174,7 @@ def test_set_remove_multiple_attribute(testclient, backend, user, admin, foo_gro
|
|||
"555-000-000",
|
||||
],
|
||||
"preferred_language": "en",
|
||||
"profile_url": "https://john.example",
|
||||
"profile_url": "https://john.test",
|
||||
"user_name": "user",
|
||||
}
|
||||
backend.reload(user)
|
||||
|
|
|
|||
|
|
@ -2,8 +2,8 @@ from canaille.app import validate_uri
|
|||
|
||||
|
||||
def test_validate_uri():
|
||||
assert validate_uri("https://canaille.tld")
|
||||
assert validate_uri("scheme.with.dots://canaille.tld")
|
||||
assert validate_uri("https://canaille.test")
|
||||
assert validate_uri("scheme.with.dots://canaille.test")
|
||||
assert validate_uri("scheme.with.dots://localhost")
|
||||
assert validate_uri("scheme.with.dots://oauth")
|
||||
assert not validate_uri("invalid")
|
||||
|
|
|
|||
|
|
@ -43,17 +43,17 @@ def test_configuration_nestedsecrets_directory(tmp_path, backend, configuration)
|
|||
def test_configuration_from_environment_vars():
|
||||
"""Canaille should read configuration from environment vars."""
|
||||
os.environ["SECRET_KEY"] = "very-very-secret"
|
||||
os.environ["CANAILLE__SMTP__FROM_ADDR"] = "user@mydomain.tld"
|
||||
os.environ["CANAILLE__SMTP__FROM_ADDR"] = "user@mydomain.test"
|
||||
os.environ["CANAILLE_SQL__DATABASE_URI"] = "sqlite:///anything.db"
|
||||
|
||||
conf = settings_factory({"TIMEZONE": "UTC"})
|
||||
assert conf.SECRET_KEY == "very-very-secret"
|
||||
assert conf.CANAILLE.SMTP.FROM_ADDR == "user@mydomain.tld"
|
||||
assert conf.CANAILLE.SMTP.FROM_ADDR == "user@mydomain.test"
|
||||
assert conf.CANAILLE_SQL.DATABASE_URI == "sqlite:///anything.db"
|
||||
|
||||
app = create_app({"TIMEZONE": "UTC"})
|
||||
assert app.config["SECRET_KEY"] == "very-very-secret"
|
||||
assert app.config["CANAILLE"]["SMTP"]["FROM_ADDR"] == "user@mydomain.tld"
|
||||
assert app.config["CANAILLE"]["SMTP"]["FROM_ADDR"] == "user@mydomain.test"
|
||||
assert app.config["CANAILLE_SQL"]["DATABASE_URI"] == "sqlite:///anything.db"
|
||||
|
||||
del os.environ["SECRET_KEY"]
|
||||
|
|
@ -65,14 +65,14 @@ def test_disable_env_var_loading(tmp_path, configuration):
|
|||
"""Canaille should not read configuration from environment vars when
|
||||
env_prefix is False."""
|
||||
del configuration["SERVER_NAME"]
|
||||
os.environ["SERVER_NAME"] = "example.com"
|
||||
os.environ["FOOBAR_SERVER_NAME"] = "foobar.example.com"
|
||||
os.environ["SERVER_NAME"] = "example.test"
|
||||
os.environ["FOOBAR_SERVER_NAME"] = "foobar.example.test"
|
||||
|
||||
app = create_app(configuration, env_prefix="")
|
||||
assert app.config["SERVER_NAME"] == "example.com"
|
||||
assert app.config["SERVER_NAME"] == "example.test"
|
||||
|
||||
app = create_app(configuration, env_prefix="FOOBAR_")
|
||||
assert app.config["SERVER_NAME"] == "foobar.example.com"
|
||||
assert app.config["SERVER_NAME"] == "foobar.example.test"
|
||||
|
||||
del os.environ["SERVER_NAME"]
|
||||
|
||||
|
|
@ -215,7 +215,7 @@ def test_enable_password_compromission_check_with_and_without_admin_email(
|
|||
validate(config_dict, validate_remote=False)
|
||||
|
||||
configuration["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||
configuration["CANAILLE"]["ADMIN_EMAIL"] = "admin_default_mail@mymail.com"
|
||||
configuration["CANAILLE"]["ADMIN_EMAIL"] = "admin_default_mail@mydomain.test"
|
||||
config_obj = settings_factory(configuration)
|
||||
config_dict = config_obj.model_dump()
|
||||
validate(config_dict, validate_remote=False)
|
||||
|
|
|
|||
|
|
@ -8,18 +8,18 @@ from canaille.app.flask import set_parameter_in_url_query
|
|||
|
||||
def test_set_parameter_in_url_query():
|
||||
assert (
|
||||
set_parameter_in_url_query("https://auth.mydomain.tld", foo="bar")
|
||||
== "https://auth.mydomain.tld?foo=bar"
|
||||
set_parameter_in_url_query("https://auth.mydomain.test", foo="bar")
|
||||
== "https://auth.mydomain.test?foo=bar"
|
||||
)
|
||||
|
||||
assert (
|
||||
set_parameter_in_url_query("https://auth.mydomain.tld?foo=baz", foo="bar")
|
||||
== "https://auth.mydomain.tld?foo=bar"
|
||||
set_parameter_in_url_query("https://auth.mydomain.test?foo=baz", foo="bar")
|
||||
== "https://auth.mydomain.test?foo=bar"
|
||||
)
|
||||
|
||||
assert (
|
||||
set_parameter_in_url_query("https://auth.mydomain.tld?foo=baz", hello="world")
|
||||
== "https://auth.mydomain.tld?foo=baz&hello=world"
|
||||
set_parameter_in_url_query("https://auth.mydomain.test?foo=baz", hello="world")
|
||||
== "https://auth.mydomain.test?foo=baz&hello=world"
|
||||
)
|
||||
|
||||
|
||||
|
|
@ -30,7 +30,7 @@ def test_environment_configuration(configuration, tmp_path):
|
|||
|
||||
os.environ["CONFIG"] = config_path
|
||||
app = create_app()
|
||||
assert app.config["CANAILLE"]["SMTP"]["FROM_ADDR"] == "admin@mydomain.tld"
|
||||
assert app.config["CANAILLE"]["SMTP"]["FROM_ADDR"] == "admin@mydomain.test"
|
||||
|
||||
del os.environ["CONFIG"]
|
||||
os.remove(config_path)
|
||||
|
|
|
|||
|
|
@ -239,7 +239,7 @@ def test_inline_validation_invalid_field(testclient, logged_admin, user):
|
|||
"/profile",
|
||||
{
|
||||
"csrf_token": res.form["csrf_token"].value,
|
||||
"email": "john@doe.com",
|
||||
"email": "john@doe.test",
|
||||
},
|
||||
headers={
|
||||
"HX-Request": "true",
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@ format=[%(asctime)s] %(levelname)s in %(module)s: %(message)s
|
|||
|
||||
|
||||
def test_file_log_config(configuration, backend, tmp_path, smtpd, admin):
|
||||
configuration["TESTING"] = True
|
||||
assert len(smtpd.messages) == 0
|
||||
log_path = os.path.join(tmp_path, "canaille-by-file.log")
|
||||
|
||||
|
|
@ -49,7 +50,7 @@ def test_file_log_config(configuration, backend, tmp_path, smtpd, admin):
|
|||
sess["user_id"] = [admin.id]
|
||||
|
||||
res = testclient.get("/admin/mail")
|
||||
res.form["email"] = "test@test.com"
|
||||
res.form["email"] = "test@test.test"
|
||||
res = res.form.submit()
|
||||
|
||||
assert len(smtpd.messages) == 1
|
||||
|
|
@ -58,10 +59,11 @@ def test_file_log_config(configuration, backend, tmp_path, smtpd, admin):
|
|||
with open(log_path) as fd:
|
||||
log_content = fd.read()
|
||||
|
||||
assert "Sending a mail to test@test.com: Test email from" in log_content
|
||||
assert "Sending a mail to test@test.test: Test email from" in log_content
|
||||
|
||||
|
||||
def test_dict_log_config(configuration, backend, tmp_path, smtpd, admin):
|
||||
configuration["TESTING"] = True
|
||||
assert len(smtpd.messages) == 0
|
||||
log_path = os.path.join(tmp_path, "canaille-by-dict.log")
|
||||
configuration["CANAILLE"]["LOGGING"] = {
|
||||
|
|
@ -91,7 +93,7 @@ def test_dict_log_config(configuration, backend, tmp_path, smtpd, admin):
|
|||
sess["user_id"] = [admin.id]
|
||||
|
||||
res = testclient.get("/admin/mail")
|
||||
res.form["email"] = "test@test.com"
|
||||
res.form["email"] = "test@test.test"
|
||||
res = res.form.submit()
|
||||
|
||||
assert len(smtpd.messages) == 1
|
||||
|
|
@ -100,7 +102,7 @@ def test_dict_log_config(configuration, backend, tmp_path, smtpd, admin):
|
|||
with open(log_path) as fd:
|
||||
log_content = fd.read()
|
||||
|
||||
assert "Sending a mail to test@test.com: Test email from" in log_content
|
||||
assert "Sending a mail to test@test.test: Test email from" in log_content
|
||||
|
||||
|
||||
def test_custom_root_logger(caplog):
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ def test_send_test_email(testclient, logged_admin, smtpd):
|
|||
assert len(smtpd.messages) == 0
|
||||
|
||||
res = testclient.get("/admin/mail")
|
||||
res.form["email"] = "test@test.com"
|
||||
res.form["email"] = "test@test.test"
|
||||
res = res.form.submit()
|
||||
assert (
|
||||
"success",
|
||||
|
|
@ -42,7 +42,7 @@ def test_send_test_email_ssl(testclient, logged_admin, smtpd):
|
|||
assert len(smtpd.messages) == 0
|
||||
|
||||
res = testclient.get("/admin/mail")
|
||||
res.form["email"] = "test@test.com"
|
||||
res.form["email"] = "test@test.test"
|
||||
res = res.form.submit()
|
||||
assert (
|
||||
"success",
|
||||
|
|
@ -59,7 +59,7 @@ def test_send_test_email_without_credentials(testclient, logged_admin, smtpd):
|
|||
assert len(smtpd.messages) == 0
|
||||
|
||||
res = testclient.get("/admin/mail")
|
||||
res.form["email"] = "test@test.com"
|
||||
res.form["email"] = "test@test.test"
|
||||
res = res.form.submit()
|
||||
assert (
|
||||
"success",
|
||||
|
|
@ -72,12 +72,12 @@ def test_send_test_email_without_credentials(testclient, logged_admin, smtpd):
|
|||
@mock.patch("smtplib.SMTP")
|
||||
def test_send_test_email_recipient_refused(SMTP, testclient, logged_admin, smtpd):
|
||||
SMTP.side_effect = mock.Mock(
|
||||
side_effect=smtplib.SMTPRecipientsRefused("test@test.com")
|
||||
side_effect=smtplib.SMTPRecipientsRefused("test@test.test")
|
||||
)
|
||||
assert len(smtpd.messages) == 0
|
||||
|
||||
res = testclient.get("/admin/mail")
|
||||
res.form["email"] = "test@test.com"
|
||||
res.form["email"] = "test@test.test"
|
||||
res = res.form.submit()
|
||||
assert (
|
||||
"success",
|
||||
|
|
@ -90,7 +90,7 @@ def test_send_test_email_recipient_refused(SMTP, testclient, logged_admin, smtpd
|
|||
def test_send_test_email_failed(testclient, logged_admin):
|
||||
testclient.app.config["CANAILLE"]["SMTP"]["TLS"] = False
|
||||
res = testclient.get("/admin/mail")
|
||||
res.form["email"] = "test@test.com"
|
||||
res.form["email"] = "test@test.test"
|
||||
with warnings.catch_warnings(record=True):
|
||||
res = res.form.submit(expect_errors=True)
|
||||
assert (
|
||||
|
|
@ -104,7 +104,7 @@ def test_mail_with_default_no_logo(testclient, logged_admin, smtpd):
|
|||
assert len(smtpd.messages) == 0
|
||||
|
||||
res = testclient.get("/admin/mail")
|
||||
res.form["email"] = "test@test.com"
|
||||
res.form["email"] = "test@test.test"
|
||||
res = res.form.submit()
|
||||
assert (
|
||||
"success",
|
||||
|
|
@ -126,7 +126,7 @@ def test_mail_with_default_logo(testclient, logged_admin, smtpd, httpserver):
|
|||
assert len(smtpd.messages) == 0
|
||||
|
||||
res = testclient.get(f"http://{httpserver.host}:{httpserver.port}/admin/mail")
|
||||
res.form["email"] = "test@test.com"
|
||||
res.form["email"] = "test@test.test"
|
||||
res = res.form.submit()
|
||||
assert (
|
||||
"success",
|
||||
|
|
@ -154,7 +154,7 @@ def test_mail_with_logo_in_http(testclient, logged_admin, smtpd, httpserver):
|
|||
assert len(smtpd.messages) == 0
|
||||
|
||||
res = testclient.get("/admin/mail")
|
||||
res.form["email"] = "test@test.com"
|
||||
res.form["email"] = "test@test.test"
|
||||
res = res.form.submit()
|
||||
assert (
|
||||
"success",
|
||||
|
|
@ -189,8 +189,8 @@ def test_custom_from_addr(testclient, user, smtpd):
|
|||
res = testclient.get("/reset", status=200)
|
||||
res.form["login"] = "user"
|
||||
res = res.form.submit(status=200)
|
||||
assert smtpd.messages[0]["X-MailFrom"] == "admin@mydomain.tld"
|
||||
assert smtpd.messages[0]["From"] == '"My Canaille" <admin@mydomain.tld>'
|
||||
assert smtpd.messages[0]["X-MailFrom"] == "admin@mydomain.test"
|
||||
assert smtpd.messages[0]["From"] == '"My Canaille" <admin@mydomain.test>'
|
||||
|
||||
|
||||
def test_default_from_addr(testclient, user, smtpd):
|
||||
|
|
|
|||
|
|
@ -9,4 +9,4 @@ def configuration(ldap_configuration):
|
|||
|
||||
def test_user_different_rdn(testclient, slapd_server, user):
|
||||
output = slapd_server.slapcat().stdout.decode()
|
||||
assert "dn: mail=john@doe.com,ou=users,dc=mydomain,dc=tld" in output
|
||||
assert "dn: mail=john@doe.test,ou=users,dc=mydomain,dc=tld" in output
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ def test_object_creation(app, backend):
|
|||
formatted_name="Doe", # leading space
|
||||
family_name="Doe",
|
||||
user_name="user",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
)
|
||||
assert not user.exists
|
||||
backend.save(user)
|
||||
|
|
@ -43,7 +43,7 @@ def test_dn_when_leading_space_in_id_attribute(testclient, backend):
|
|||
formatted_name=" Doe", # leading space
|
||||
family_name=" Doe",
|
||||
user_name=" user",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
)
|
||||
backend.save(user)
|
||||
|
||||
|
|
@ -64,7 +64,7 @@ def test_special_chars_in_rdn(testclient, backend):
|
|||
formatted_name="#Doe",
|
||||
family_name="#Doe",
|
||||
user_name="#user", # special char
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
)
|
||||
backend.save(user)
|
||||
|
||||
|
|
@ -261,10 +261,10 @@ def test_login_placeholder(testclient):
|
|||
|
||||
testclient.app.config["CANAILLE_LDAP"]["USER_FILTER"] = "(mail={{ login }})"
|
||||
placeholder = testclient.get("/login").form["login"].attrs["placeholder"]
|
||||
assert placeholder == "john@doe.com"
|
||||
assert placeholder == "john@doe.test"
|
||||
|
||||
testclient.app.config["CANAILLE_LDAP"]["USER_FILTER"] = (
|
||||
"(|(uid={{ login }})(mail={{ login }}))"
|
||||
)
|
||||
placeholder = testclient.get("/login").form["login"].attrs["placeholder"]
|
||||
assert placeholder == "jdoe or john@doe.com"
|
||||
assert placeholder == "jdoe or john@doe.test"
|
||||
|
|
|
|||
|
|
@ -70,29 +70,29 @@ def test_model_attribute_edition(testclient, backend):
|
|||
family_name="family_name",
|
||||
formatted_name="formatted_name",
|
||||
display_name="display_name",
|
||||
emails=["email1@user.com", "email2@user.com"],
|
||||
emails=["email1@user.test", "email2@user.test"],
|
||||
)
|
||||
backend.save(user)
|
||||
|
||||
assert user.user_name == "user_name"
|
||||
assert user.family_name == "family_name"
|
||||
assert user.emails == ["email1@user.com", "email2@user.com"]
|
||||
assert user.emails == ["email1@user.test", "email2@user.test"]
|
||||
|
||||
user = backend.get(models.User, id=user.id)
|
||||
assert user.user_name == "user_name"
|
||||
assert user.family_name == "family_name"
|
||||
assert user.emails == ["email1@user.com", "email2@user.com"]
|
||||
assert user.emails == ["email1@user.test", "email2@user.test"]
|
||||
|
||||
user.family_name = "new_family_name"
|
||||
user.emails = ["email1@user.com"]
|
||||
user.emails = ["email1@user.test"]
|
||||
backend.save(user)
|
||||
|
||||
assert user.family_name == "new_family_name"
|
||||
assert user.emails == ["email1@user.com"]
|
||||
assert user.emails == ["email1@user.test"]
|
||||
|
||||
user = backend.get(models.User, id=user.id)
|
||||
assert user.family_name == "new_family_name"
|
||||
assert user.emails == ["email1@user.com"]
|
||||
assert user.emails == ["email1@user.test"]
|
||||
|
||||
user.display_name = ""
|
||||
assert not user.display_name
|
||||
|
|
@ -108,38 +108,38 @@ def test_model_indexation(testclient, backend):
|
|||
user_name="user_name",
|
||||
family_name="family_name",
|
||||
formatted_name="formatted_name",
|
||||
emails=["email1@user.com", "email2@user.com"],
|
||||
emails=["email1@user.test", "email2@user.test"],
|
||||
)
|
||||
backend.save(user)
|
||||
|
||||
assert backend.get(models.User, family_name="family_name") == user
|
||||
assert not backend.get(models.User, family_name="new_family_name")
|
||||
assert backend.get(models.User, emails=["email1@user.com"]) == user
|
||||
assert backend.get(models.User, emails=["email2@user.com"]) == user
|
||||
assert not backend.get(models.User, emails=["email3@user.com"])
|
||||
assert backend.get(models.User, emails=["email1@user.test"]) == user
|
||||
assert backend.get(models.User, emails=["email2@user.test"]) == user
|
||||
assert not backend.get(models.User, emails=["email3@user.test"])
|
||||
|
||||
user.family_name = "new_family_name"
|
||||
user.emails = ["email2@user.com"]
|
||||
user.emails = ["email2@user.test"]
|
||||
|
||||
assert backend.get(models.User, family_name="family_name") != user
|
||||
assert backend.get(models.User, emails=["email1@user.com"]) != user
|
||||
assert not backend.get(models.User, emails=["email3@user.com"])
|
||||
assert backend.get(models.User, emails=["email1@user.test"]) != user
|
||||
assert not backend.get(models.User, emails=["email3@user.test"])
|
||||
|
||||
backend.save(user)
|
||||
|
||||
assert not backend.get(models.User, family_name="family_name")
|
||||
assert backend.get(models.User, family_name="new_family_name") == user
|
||||
assert not backend.get(models.User, emails=["email1@user.com"])
|
||||
assert backend.get(models.User, emails=["email2@user.com"]) == user
|
||||
assert not backend.get(models.User, emails=["email3@user.com"])
|
||||
assert not backend.get(models.User, emails=["email1@user.test"])
|
||||
assert backend.get(models.User, emails=["email2@user.test"]) == user
|
||||
assert not backend.get(models.User, emails=["email3@user.test"])
|
||||
|
||||
backend.delete(user)
|
||||
|
||||
assert not backend.get(models.User, family_name="family_name")
|
||||
assert not backend.get(models.User, family_name="new_family_name")
|
||||
assert not backend.get(models.User, emails=["email1@user.com"])
|
||||
assert not backend.get(models.User, emails=["email2@user.com"])
|
||||
assert not backend.get(models.User, emails=["email3@user.com"])
|
||||
assert not backend.get(models.User, emails=["email1@user.test"])
|
||||
assert not backend.get(models.User, emails=["email2@user.test"])
|
||||
assert not backend.get(models.User, emails=["email3@user.test"])
|
||||
|
||||
|
||||
def test_fuzzy_unique_attribute(user, moderator, admin, backend):
|
||||
|
|
@ -158,14 +158,14 @@ def test_fuzzy_unique_attribute(user, moderator, admin, backend):
|
|||
|
||||
def test_fuzzy_multiple_attribute(user, moderator, admin, backend):
|
||||
assert set(backend.query(models.User)) == {user, moderator, admin}
|
||||
assert set(backend.fuzzy(models.User, "jack@doe.com")) == {moderator}
|
||||
assert set(backend.fuzzy(models.User, "jack@doe.com", ["emails"])) == {moderator}
|
||||
assert set(backend.fuzzy(models.User, "jack@doe.com", ["formatted_name"])) == set()
|
||||
assert set(backend.fuzzy(models.User, "jack@doe.test")) == {moderator}
|
||||
assert set(backend.fuzzy(models.User, "jack@doe.test", ["emails"])) == {moderator}
|
||||
assert set(backend.fuzzy(models.User, "jack@doe.test", ["formatted_name"])) == set()
|
||||
assert set(
|
||||
backend.fuzzy(models.User, "jack@doe.com", ["emails", "formatted_name"])
|
||||
backend.fuzzy(models.User, "jack@doe.test", ["emails", "formatted_name"])
|
||||
) == {moderator}
|
||||
assert set(backend.fuzzy(models.User, "ack@doe.co")) == {moderator}
|
||||
assert set(backend.fuzzy(models.User, "doe.com")) == {user, moderator, admin}
|
||||
assert set(backend.fuzzy(models.User, "ack@doe.te")) == {moderator}
|
||||
assert set(backend.fuzzy(models.User, "doe.test")) == {user, moderator, admin}
|
||||
|
||||
|
||||
def test_model_references(testclient, user, foo_group, admin, bar_group, backend):
|
||||
|
|
|
|||
|
|
@ -129,7 +129,7 @@ def configuration(smtpd):
|
|||
"SSL": smtpd.config.use_ssl,
|
||||
"LOGIN": smtpd.config.login_username,
|
||||
"PASSWORD": smtpd.config.login_password,
|
||||
"FROM_ADDR": "admin@mydomain.tld",
|
||||
"FROM_ADDR": "admin@mydomain.test",
|
||||
},
|
||||
"LOGGING": {
|
||||
"version": 1,
|
||||
|
|
@ -151,7 +151,7 @@ def configuration(smtpd):
|
|||
},
|
||||
"disable_existing_loggers": False,
|
||||
},
|
||||
"ADMIN_EMAIL": "admin_default_mail@mymail.com",
|
||||
"ADMIN_EMAIL": "admin_default_mail@mydomain.test",
|
||||
"API_URL_HIBP": "https://api.pwnedpasswords.test/range/",
|
||||
},
|
||||
}
|
||||
|
|
@ -186,12 +186,12 @@ def user(app, backend):
|
|||
given_name="John",
|
||||
family_name="Doe",
|
||||
user_name="user",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
password="correct horse battery staple",
|
||||
display_name="Johnny",
|
||||
preferred_language="en",
|
||||
phone_numbers=["555-000-000"],
|
||||
profile_url="https://john.example",
|
||||
profile_url="https://john.test",
|
||||
formatted_address="1235, somewhere",
|
||||
)
|
||||
backend.save(u)
|
||||
|
|
@ -205,7 +205,7 @@ def admin(app, backend):
|
|||
formatted_name="Jane Doe",
|
||||
family_name="Doe",
|
||||
user_name="admin",
|
||||
emails=["jane@doe.com"],
|
||||
emails=["jane@doe.test"],
|
||||
password="admin",
|
||||
)
|
||||
backend.save(u)
|
||||
|
|
@ -219,7 +219,7 @@ def moderator(app, backend):
|
|||
formatted_name="Jack Doe",
|
||||
family_name="Doe",
|
||||
user_name="moderator",
|
||||
emails=["jack@doe.com"],
|
||||
emails=["jack@doe.test"],
|
||||
password="moderator",
|
||||
)
|
||||
backend.save(u)
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ def test_user_deleted_in_session(testclient, backend):
|
|||
formatted_name="Jake Doe",
|
||||
family_name="Jake",
|
||||
user_name="jake",
|
||||
emails=["jake@doe.com"],
|
||||
emails=["jake@doe.test"],
|
||||
password="correct horse battery staple",
|
||||
)
|
||||
backend.save(u)
|
||||
|
|
@ -63,7 +63,7 @@ def test_admin_self_deletion(testclient, backend):
|
|||
formatted_name="Temp admin",
|
||||
family_name="admin",
|
||||
user_name="temp",
|
||||
emails=["temp@temp.com"],
|
||||
emails=["temp@temp.test"],
|
||||
password="admin",
|
||||
)
|
||||
backend.save(admin)
|
||||
|
|
@ -89,7 +89,7 @@ def test_user_self_deletion(testclient, backend):
|
|||
formatted_name="Temp user",
|
||||
family_name="user",
|
||||
user_name="temp",
|
||||
emails=["temp@temp.com"],
|
||||
emails=["temp@temp.test"],
|
||||
password="correct horse battery staple",
|
||||
)
|
||||
backend.save(user)
|
||||
|
|
|
|||
|
|
@ -18,8 +18,8 @@ def test_confirmation_disabled_email_editable(testclient, backend, logged_user):
|
|||
assert not any(field.id == "add_email" for field in res.form.fields["action"])
|
||||
|
||||
res = res.form.submit(name="fieldlist_add", value="emails-0")
|
||||
res.form["emails-0"] = "email1@mydomain.tld"
|
||||
res.form["emails-1"] = "email2@mydomain.tld"
|
||||
res.form["emails-0"] = "email1@mydomain.test"
|
||||
res.form["emails-1"] = "email2@mydomain.test"
|
||||
|
||||
res = res.form.submit(name="action", value="edit-profile")
|
||||
assert res.flashes == [("success", "Profile updated successfully.")]
|
||||
|
|
@ -27,7 +27,7 @@ def test_confirmation_disabled_email_editable(testclient, backend, logged_user):
|
|||
|
||||
backend.reload(logged_user)
|
||||
|
||||
assert logged_user.emails == ["email1@mydomain.tld", "email2@mydomain.tld"]
|
||||
assert logged_user.emails == ["email1@mydomain.test", "email2@mydomain.test"]
|
||||
|
||||
|
||||
def test_confirmation_unset_smtp_disabled_email_editable(
|
||||
|
|
@ -44,15 +44,15 @@ def test_confirmation_unset_smtp_disabled_email_editable(
|
|||
assert not any(field.id == "add_email" for field in res.form.fields["action"])
|
||||
|
||||
res = res.form.submit(name="fieldlist_add", value="emails-0")
|
||||
res.form["emails-0"] = "email1@mydomain.tld"
|
||||
res.form["emails-1"] = "email2@mydomain.tld"
|
||||
res.form["emails-0"] = "email1@mydomain.test"
|
||||
res.form["emails-1"] = "email2@mydomain.test"
|
||||
|
||||
res = res.form.submit(name="action", value="edit-profile")
|
||||
assert res.flashes == [("success", "Profile updated successfully.")]
|
||||
res = res.follow()
|
||||
|
||||
backend.reload(user)
|
||||
assert user.emails == ["email1@mydomain.tld", "email2@mydomain.tld"]
|
||||
assert user.emails == ["email1@mydomain.test", "email2@mydomain.test"]
|
||||
|
||||
|
||||
def test_confirmation_enabled_smtp_disabled_readonly(testclient, backend, logged_user):
|
||||
|
|
@ -68,7 +68,7 @@ def test_confirmation_enabled_smtp_disabled_readonly(testclient, backend, logged
|
|||
assert "readonly" in res.forms["emailconfirmationform"]["old_emails-0"].attrs
|
||||
assert "emails-0" not in res.forms["baseform"].fields
|
||||
|
||||
res.forms["emailconfirmationform"]["old_emails-0"] = "email1@mydomain.tld"
|
||||
res.forms["emailconfirmationform"]["old_emails-0"] = "email1@mydomain.test"
|
||||
assert "action" not in res.forms["emailconfirmationform"].fields
|
||||
|
||||
|
||||
|
|
@ -84,15 +84,15 @@ def test_confirmation_unset_smtp_enabled_email_admin_editable(
|
|||
assert not any(field.id == "add_email" for field in res.form.fields["action"])
|
||||
|
||||
res = res.form.submit(name="fieldlist_add", value="emails-0")
|
||||
res.form["emails-0"] = "email1@mydomain.tld"
|
||||
res.form["emails-1"] = "email2@mydomain.tld"
|
||||
res.form["emails-0"] = "email1@mydomain.test"
|
||||
res.form["emails-1"] = "email2@mydomain.test"
|
||||
|
||||
res = res.form.submit(name="action", value="edit-profile")
|
||||
assert res.flashes == [("success", "Profile updated successfully.")]
|
||||
res = res.follow()
|
||||
|
||||
backend.reload(user)
|
||||
assert user.emails == ["email1@mydomain.tld", "email2@mydomain.tld"]
|
||||
assert user.emails == ["email1@mydomain.test", "email2@mydomain.test"]
|
||||
|
||||
|
||||
def test_confirmation_enabled_smtp_disabled_admin_editable(
|
||||
|
|
@ -108,15 +108,15 @@ def test_confirmation_enabled_smtp_disabled_admin_editable(
|
|||
assert not any(field.id == "add_email" for field in res.form.fields["action"])
|
||||
|
||||
res = res.form.submit(name="fieldlist_add", value="emails-0")
|
||||
res.form["emails-0"] = "email1@mydomain.tld"
|
||||
res.form["emails-1"] = "email2@mydomain.tld"
|
||||
res.form["emails-0"] = "email1@mydomain.test"
|
||||
res.form["emails-1"] = "email2@mydomain.test"
|
||||
|
||||
res = res.form.submit(name="action", value="edit-profile")
|
||||
assert res.flashes == [("success", "Profile updated successfully.")]
|
||||
res = res.follow()
|
||||
|
||||
backend.reload(user)
|
||||
assert user.emails == ["email1@mydomain.tld", "email2@mydomain.tld"]
|
||||
assert user.emails == ["email1@mydomain.test", "email2@mydomain.test"]
|
||||
|
||||
|
||||
def test_confirmation_unset_smtp_enabled_email_user_validation(
|
||||
|
|
@ -139,7 +139,7 @@ def test_confirmation_unset_smtp_enabled_email_user_validation(
|
|||
assert "readonly" in res.forms["emailconfirmationform"]["old_emails-0"].attrs
|
||||
|
||||
with time_machine.travel("2020-01-01 02:00:00+00:00", tick=False):
|
||||
res.forms["emailconfirmationform"]["new_email"] = "new_email@mydomain.tld"
|
||||
res.forms["emailconfirmationform"]["new_email"] = "new_email@mydomain.test"
|
||||
res = res.forms["emailconfirmationform"].submit(
|
||||
name="action", value="add_email"
|
||||
)
|
||||
|
|
@ -155,7 +155,7 @@ def test_confirmation_unset_smtp_enabled_email_user_validation(
|
|||
email_confirmation = EmailConfirmationPayload(
|
||||
"2020-01-01T02:00:00+00:00",
|
||||
"user",
|
||||
"new_email@mydomain.tld",
|
||||
"new_email@mydomain.test",
|
||||
)
|
||||
email_confirmation_url = url_for(
|
||||
"core.account.email_confirmation",
|
||||
|
|
@ -165,7 +165,9 @@ def test_confirmation_unset_smtp_enabled_email_user_validation(
|
|||
)
|
||||
|
||||
assert len(smtpd.messages) == 1
|
||||
email_content = str(smtpd.messages[0].get_payload()[0]).replace("=\n", "")
|
||||
email_content = (
|
||||
str(smtpd.messages[0].get_payload()[0]).replace("=\n", "").replace("=3D", "=")
|
||||
)
|
||||
assert email_confirmation_url in email_content
|
||||
|
||||
with time_machine.travel("2020-01-01 03:00:00+00:00", tick=False):
|
||||
|
|
@ -173,7 +175,7 @@ def test_confirmation_unset_smtp_enabled_email_user_validation(
|
|||
|
||||
assert ("success", "Your email address have been confirmed.") in res.flashes
|
||||
backend.reload(user)
|
||||
assert "new_email@mydomain.tld" in user.emails
|
||||
assert "new_email@mydomain.test" in user.emails
|
||||
|
||||
|
||||
def test_confirmation_invalid_link(testclient, backend, user):
|
||||
|
|
@ -207,7 +209,7 @@ def test_confirmation_mail_form_failed(testclient, backend, user):
|
|||
|
||||
assert res.flashes == [("error", "Email addition failed.")]
|
||||
backend.reload(user)
|
||||
assert user.emails == ["john@doe.com"]
|
||||
assert user.emails == ["john@doe.test"]
|
||||
|
||||
|
||||
@mock.patch("smtplib.SMTP")
|
||||
|
|
@ -227,14 +229,14 @@ def test_confirmation_mail_send_failed(SMTP, smtpd, testclient, backend, user):
|
|||
assert "readonly" in res.forms["emailconfirmationform"]["old_emails-0"].attrs
|
||||
|
||||
with time_machine.travel("2020-01-01 02:00:00+00:00", tick=False):
|
||||
res.forms["emailconfirmationform"]["new_email"] = "new_email@mydomain.tld"
|
||||
res.forms["emailconfirmationform"]["new_email"] = "new_email@mydomain.test"
|
||||
res = res.forms["emailconfirmationform"].submit(
|
||||
name="action", value="add_email", expect_errors=True
|
||||
)
|
||||
|
||||
assert res.flashes == [("error", "Could not send the verification email")]
|
||||
backend.reload(user)
|
||||
assert user.emails == ["john@doe.com"]
|
||||
assert user.emails == ["john@doe.test"]
|
||||
|
||||
|
||||
def test_confirmation_expired_link(testclient, backend, user):
|
||||
|
|
@ -242,7 +244,7 @@ def test_confirmation_expired_link(testclient, backend, user):
|
|||
email_confirmation = EmailConfirmationPayload(
|
||||
"2020-01-01T01:00:00+00:00",
|
||||
"user",
|
||||
"new_email@mydomain.tld",
|
||||
"new_email@mydomain.test",
|
||||
)
|
||||
email_confirmation_url = url_for(
|
||||
"core.account.email_confirmation",
|
||||
|
|
@ -259,7 +261,7 @@ def test_confirmation_expired_link(testclient, backend, user):
|
|||
"The email confirmation link that brought you here has expired.",
|
||||
) in res.flashes
|
||||
backend.reload(user)
|
||||
assert "new_email@mydomain.tld" not in user.emails
|
||||
assert "new_email@mydomain.test" not in user.emails
|
||||
|
||||
|
||||
def test_confirmation_invalid_hash_link(testclient, backend, user):
|
||||
|
|
@ -267,7 +269,7 @@ def test_confirmation_invalid_hash_link(testclient, backend, user):
|
|||
email_confirmation = EmailConfirmationPayload(
|
||||
"2020-01-01T01:00:00+00:00",
|
||||
"user",
|
||||
"new_email@mydomain.tld",
|
||||
"new_email@mydomain.test",
|
||||
)
|
||||
email_confirmation_url = url_for(
|
||||
"core.account.email_confirmation",
|
||||
|
|
@ -284,7 +286,7 @@ def test_confirmation_invalid_hash_link(testclient, backend, user):
|
|||
"The invitation link that brought you here was invalid.",
|
||||
) in res.flashes
|
||||
backend.reload(user)
|
||||
assert "new_email@mydomain.tld" not in user.emails
|
||||
assert "new_email@mydomain.test" not in user.emails
|
||||
|
||||
|
||||
def test_confirmation_invalid_user_link(testclient, backend, user):
|
||||
|
|
@ -296,7 +298,7 @@ def test_confirmation_invalid_user_link(testclient, backend, user):
|
|||
email_confirmation = EmailConfirmationPayload(
|
||||
"2020-01-01T01:00:00+00:00",
|
||||
"invalid-user",
|
||||
"new_email@mydomain.tld",
|
||||
"new_email@mydomain.test",
|
||||
)
|
||||
email_confirmation_url = url_for(
|
||||
"core.account.email_confirmation",
|
||||
|
|
@ -313,7 +315,7 @@ def test_confirmation_invalid_user_link(testclient, backend, user):
|
|||
"The email confirmation link that brought you here is invalid.",
|
||||
) in res.flashes
|
||||
backend.reload(user)
|
||||
assert "new_email@mydomain.tld" not in user.emails
|
||||
assert "new_email@mydomain.test" not in user.emails
|
||||
|
||||
|
||||
def test_confirmation_email_already_confirmed_link(testclient, backend, user, admin):
|
||||
|
|
@ -321,7 +323,7 @@ def test_confirmation_email_already_confirmed_link(testclient, backend, user, ad
|
|||
email_confirmation = EmailConfirmationPayload(
|
||||
"2020-01-01T01:00:00+00:00",
|
||||
"user",
|
||||
"john@doe.com",
|
||||
"john@doe.test",
|
||||
)
|
||||
email_confirmation_url = url_for(
|
||||
"core.account.email_confirmation",
|
||||
|
|
@ -338,7 +340,7 @@ def test_confirmation_email_already_confirmed_link(testclient, backend, user, ad
|
|||
"This address email have already been confirmed.",
|
||||
) in res.flashes
|
||||
backend.reload(user)
|
||||
assert "new_email@mydomain.tld" not in user.emails
|
||||
assert "new_email@mydomain.test" not in user.emails
|
||||
|
||||
|
||||
def test_confirmation_email_already_used_link(testclient, backend, user, admin):
|
||||
|
|
@ -351,7 +353,7 @@ def test_confirmation_email_already_used_link(testclient, backend, user, admin):
|
|||
email_confirmation = EmailConfirmationPayload(
|
||||
"2020-01-01T01:00:00+00:00",
|
||||
"user",
|
||||
"jane@doe.com",
|
||||
"jane@doe.test",
|
||||
)
|
||||
email_confirmation_url = url_for(
|
||||
"core.account.email_confirmation",
|
||||
|
|
@ -368,7 +370,7 @@ def test_confirmation_email_already_used_link(testclient, backend, user, admin):
|
|||
"This address email is already associated with another account.",
|
||||
) in res.flashes
|
||||
backend.reload(user)
|
||||
assert "new_email@mydomain.tld" not in user.emails
|
||||
assert "new_email@mydomain.test" not in user.emails
|
||||
|
||||
|
||||
def test_delete_email(testclient, logged_user, backend):
|
||||
|
|
@ -377,60 +379,60 @@ def test_delete_email(testclient, logged_user, backend):
|
|||
res = testclient.get("/profile/user")
|
||||
assert "email_remove" not in res.forms["emailconfirmationform"].fields
|
||||
|
||||
logged_user.emails = logged_user.emails + ["new@email.com"]
|
||||
logged_user.emails = logged_user.emails + ["new@email.test"]
|
||||
backend.save(logged_user)
|
||||
res = testclient.get("/profile/user")
|
||||
assert "email_remove" in res.forms["emailconfirmationform"].fields
|
||||
|
||||
res = res.forms["emailconfirmationform"].submit(
|
||||
name="email_remove", value="new@email.com"
|
||||
name="email_remove", value="new@email.test"
|
||||
)
|
||||
assert res.flashes == [("success", "The email have been successfully deleted.")]
|
||||
|
||||
backend.reload(logged_user)
|
||||
assert logged_user.emails == ["john@doe.com"]
|
||||
assert logged_user.emails == ["john@doe.test"]
|
||||
|
||||
|
||||
def test_delete_wrong_email(testclient, logged_user, backend):
|
||||
"""Tests that removing an already removed email do not produce anything."""
|
||||
logged_user.emails = logged_user.emails + ["new@email.com"]
|
||||
logged_user.emails = logged_user.emails + ["new@email.test"]
|
||||
backend.save(logged_user)
|
||||
|
||||
res = testclient.get("/profile/user")
|
||||
|
||||
res1 = res.forms["emailconfirmationform"].submit(
|
||||
name="email_remove", value="new@email.com"
|
||||
name="email_remove", value="new@email.test"
|
||||
)
|
||||
assert res1.flashes == [("success", "The email have been successfully deleted.")]
|
||||
|
||||
res2 = res.forms["emailconfirmationform"].submit(
|
||||
name="email_remove", value="new@email.com"
|
||||
name="email_remove", value="new@email.test"
|
||||
)
|
||||
assert res2.flashes == [("error", "Email deletion failed.")]
|
||||
|
||||
backend.reload(logged_user)
|
||||
assert logged_user.emails == ["john@doe.com"]
|
||||
assert logged_user.emails == ["john@doe.test"]
|
||||
|
||||
|
||||
def test_delete_last_email(testclient, logged_user, backend):
|
||||
"""Tests that users cannot remove their last email address."""
|
||||
logged_user.emails = logged_user.emails + ["new@email.com"]
|
||||
logged_user.emails = logged_user.emails + ["new@email.test"]
|
||||
backend.save(logged_user)
|
||||
|
||||
res = testclient.get("/profile/user")
|
||||
|
||||
res1 = res.forms["emailconfirmationform"].submit(
|
||||
name="email_remove", value="new@email.com"
|
||||
name="email_remove", value="new@email.test"
|
||||
)
|
||||
assert res1.flashes == [("success", "The email have been successfully deleted.")]
|
||||
|
||||
res2 = res.forms["emailconfirmationform"].submit(
|
||||
name="email_remove", value="john@doe.com"
|
||||
name="email_remove", value="john@doe.test"
|
||||
)
|
||||
assert res2.flashes == [("error", "Email deletion failed.")]
|
||||
|
||||
backend.reload(logged_user)
|
||||
assert logged_user.emails == ["john@doe.com"]
|
||||
assert logged_user.emails == ["john@doe.test"]
|
||||
|
||||
|
||||
def test_edition_forced_mail(testclient, logged_user, backend):
|
||||
|
|
@ -442,13 +444,13 @@ def test_edition_forced_mail(testclient, logged_user, backend):
|
|||
"/profile/user",
|
||||
{
|
||||
"csrf_token": form["csrf_token"].value,
|
||||
"emails-0": "new@email.com",
|
||||
"emails-0": "new@email.test",
|
||||
"action": "edit-profile",
|
||||
},
|
||||
)
|
||||
|
||||
backend.reload(logged_user)
|
||||
assert logged_user.emails == ["john@doe.com"]
|
||||
assert logged_user.emails == ["john@doe.test"]
|
||||
|
||||
|
||||
def test_invitation_form_mail_field_readonly(testclient):
|
||||
|
|
@ -460,7 +462,7 @@ def test_invitation_form_mail_field_readonly(testclient):
|
|||
datetime.datetime.now(datetime.timezone.utc).isoformat(),
|
||||
"someoneelse",
|
||||
False,
|
||||
"someone@mydomain.tld",
|
||||
"someone@mydomain.test",
|
||||
[],
|
||||
)
|
||||
hash = payload.build_hash()
|
||||
|
|
@ -479,7 +481,7 @@ def test_invitation_form_mail_field_writable(testclient):
|
|||
datetime.datetime.now(datetime.timezone.utc).isoformat(),
|
||||
"someoneelse",
|
||||
False,
|
||||
"someone@mydomain.tld",
|
||||
"someone@mydomain.test",
|
||||
[],
|
||||
)
|
||||
hash = payload.build_hash()
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ def test_user_without_password_first_login(testclient, backend, smtpd):
|
|||
formatted_name="Temp User",
|
||||
family_name="Temp",
|
||||
user_name="temp",
|
||||
emails=["john@doe.com", "johhny@doe.com"],
|
||||
emails=["john@doe.test", "johhny@doe.test"],
|
||||
)
|
||||
backend.save(u)
|
||||
|
||||
|
|
@ -44,7 +44,7 @@ def test_first_login_account_initialization_mail_sending_failed(
|
|||
formatted_name="Temp User",
|
||||
family_name="Temp",
|
||||
user_name="temp",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
)
|
||||
backend.save(u)
|
||||
|
||||
|
|
@ -66,7 +66,7 @@ def test_first_login_form_error(testclient, backend, smtpd):
|
|||
formatted_name="Temp User",
|
||||
family_name="Temp",
|
||||
user_name="temp",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
)
|
||||
backend.save(u)
|
||||
|
||||
|
|
@ -90,7 +90,7 @@ def test_user_password_deleted_during_login(testclient, backend):
|
|||
formatted_name="Temp User",
|
||||
family_name="Temp",
|
||||
user_name="temp",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
password="correct horse battery staple",
|
||||
)
|
||||
backend.save(u)
|
||||
|
|
@ -117,7 +117,7 @@ def test_smtp_disabled(testclient, backend, smtpd):
|
|||
formatted_name="Temp User",
|
||||
family_name="Temp",
|
||||
user_name="temp",
|
||||
emails=["john@doe.com", "johhny@doe.com"],
|
||||
emails=["john@doe.test", "johhny@doe.test"],
|
||||
)
|
||||
backend.save(u)
|
||||
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ def test_password_forgotten(smtpd, testclient, user, caplog):
|
|||
assert (
|
||||
"canaille",
|
||||
logging.SECURITY,
|
||||
"Sending a reset password mail to john@doe.com for user from unknown IP",
|
||||
"Sending a reset password mail to john@doe.test for user from unknown IP",
|
||||
) in caplog.record_tuples
|
||||
res.mustcontain("Send again")
|
||||
|
||||
|
|
@ -33,7 +33,7 @@ def test_password_forgotten(smtpd, testclient, user, caplog):
|
|||
|
||||
|
||||
def test_password_forgotten_multiple_mails(smtpd, testclient, user, backend, caplog):
|
||||
user.emails = ["foo@bar.com", "foo@baz.com", "foo@foo.com"]
|
||||
user.emails = ["foo@bar.test", "foo@baz.test", "foo@foo.com"]
|
||||
backend.save(user)
|
||||
|
||||
res = testclient.get("/reset", status=200)
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ def test_group_deletion(testclient, backend):
|
|||
formatted_name="foobar",
|
||||
family_name="foobar",
|
||||
user_name="foobar",
|
||||
emails=["foo@bar.com"],
|
||||
emails=["foo@bar.test"],
|
||||
)
|
||||
backend.save(user)
|
||||
|
||||
|
|
@ -120,7 +120,7 @@ def test_set_groups_with_leading_space_in_user_id_attribute(app, foo_group, back
|
|||
formatted_name=" Doe", # leading space in id attribute
|
||||
family_name="Doe",
|
||||
user_name="user2",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
)
|
||||
backend.save(user)
|
||||
|
||||
|
|
@ -368,7 +368,7 @@ def test_remove_member_already_deleted(
|
|||
formatted_name="Foo bar",
|
||||
family_name="Bar",
|
||||
user_name="foobar",
|
||||
emails=["foobar@example.org"],
|
||||
emails=["foobar@example.test"],
|
||||
)
|
||||
backend.save(user)
|
||||
foo_group.members = [user, moderator]
|
||||
|
|
@ -391,7 +391,7 @@ def test_confirm_remove_member_already_deleted(
|
|||
user = models.User(
|
||||
formatted_name="Foo bar",
|
||||
family_name="Bar",
|
||||
emails=["foobar@example.org"],
|
||||
emails=["foobar@example.test"],
|
||||
user_name="foobar",
|
||||
)
|
||||
backend.save(user)
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ def test_invitation(testclient, logged_admin, foo_group, smtpd, backend):
|
|||
|
||||
res.form["user_name"] = "someone"
|
||||
res.form["user_name_editable"] = False
|
||||
res.form["email"] = "someone@domain.tld"
|
||||
res.form["email"] = "someone@domain.test"
|
||||
res.form["groups"] = [foo_group.id]
|
||||
res = res.form.submit(name="action", value="send", status=200)
|
||||
assert len(smtpd.messages) == 1
|
||||
|
|
@ -33,7 +33,7 @@ def test_invitation(testclient, logged_admin, foo_group, smtpd, backend):
|
|||
assert "readonly" in res.form["groups"].attrs
|
||||
|
||||
assert res.form["user_name"].value == "someone"
|
||||
assert res.form["emails-0"].value == "someone@domain.tld"
|
||||
assert res.form["emails-0"].value == "someone@domain.test"
|
||||
assert res.form["groups"].value == [foo_group.id]
|
||||
|
||||
res.form["password1"] = "i'm a little pea"
|
||||
|
|
@ -69,7 +69,7 @@ def test_invitation_editable_user_name(
|
|||
|
||||
res.form["user_name"] = "jackyjack"
|
||||
res.form["user_name_editable"] = True
|
||||
res.form["email"] = "jackyjack@domain.tld"
|
||||
res.form["email"] = "jackyjack@domain.test"
|
||||
res.form["groups"] = [foo_group.id]
|
||||
res = res.form.submit(name="action", value="send", status=200)
|
||||
assert len(smtpd.messages) == 1
|
||||
|
|
@ -88,7 +88,7 @@ def test_invitation_editable_user_name(
|
|||
assert "readonly" in res.form["groups"].attrs
|
||||
|
||||
assert res.form["user_name"].value == "jackyjack"
|
||||
assert res.form["emails-0"].value == "jackyjack@domain.tld"
|
||||
assert res.form["emails-0"].value == "jackyjack@domain.test"
|
||||
assert res.form["groups"].value == [foo_group.id]
|
||||
|
||||
res.form["user_name"] = "djorje"
|
||||
|
|
@ -119,7 +119,7 @@ def test_generate_link(testclient, logged_admin, foo_group, smtpd, backend):
|
|||
res = testclient.get("/invite", status=200)
|
||||
|
||||
res.form["user_name"] = "sometwo"
|
||||
res.form["email"] = "sometwo@domain.tld"
|
||||
res.form["email"] = "sometwo@domain.test"
|
||||
res.form["groups"] = [foo_group.id]
|
||||
res = res.form.submit(name="action", value="generate", status=200)
|
||||
assert len(smtpd.messages) == 0
|
||||
|
|
@ -138,7 +138,7 @@ def test_generate_link(testclient, logged_admin, foo_group, smtpd, backend):
|
|||
assert "readonly" in res.form["groups"].attrs
|
||||
|
||||
assert res.form["user_name"].value == "sometwo"
|
||||
assert res.form["emails-0"].value == "sometwo@domain.tld"
|
||||
assert res.form["emails-0"].value == "sometwo@domain.test"
|
||||
assert res.form["groups"].value == [foo_group.id]
|
||||
|
||||
res.form["password1"] = "i'm a little pea"
|
||||
|
|
@ -170,7 +170,7 @@ def test_invitation_login_already_taken(testclient, logged_admin):
|
|||
res = res.form.submit(name="action", value="send", status=200)
|
||||
|
||||
res.mustcontain("The user name 'admin' already exists")
|
||||
res.mustcontain("The email 'jane@doe.com' is already used")
|
||||
res.mustcontain("The email 'jane@doe.test' is already used")
|
||||
|
||||
|
||||
def test_registration(testclient, foo_group):
|
||||
|
|
@ -178,7 +178,7 @@ def test_registration(testclient, foo_group):
|
|||
datetime.datetime.now(datetime.timezone.utc).isoformat(),
|
||||
"someoneelse",
|
||||
False,
|
||||
"someone@mydomain.tld",
|
||||
"someone@mydomain.test",
|
||||
[foo_group.id],
|
||||
)
|
||||
b64 = payload.b64()
|
||||
|
|
@ -192,7 +192,7 @@ def test_registration_formcontrol(testclient):
|
|||
datetime.datetime.now(datetime.timezone.utc).isoformat(),
|
||||
"someoneelse",
|
||||
False,
|
||||
"someone@mydomain.tld",
|
||||
"someone@mydomain.test",
|
||||
[],
|
||||
)
|
||||
b64 = payload.b64()
|
||||
|
|
@ -208,7 +208,7 @@ def test_registration_formcontrol(testclient):
|
|||
def test_registration_invalid_hash(testclient, foo_group):
|
||||
now = datetime.datetime.now(datetime.timezone.utc).isoformat()
|
||||
payload = RegistrationPayload(
|
||||
now, "anything", False, "someone@mydomain.tld", [foo_group.id]
|
||||
now, "anything", False, "someone@mydomain.test", [foo_group.id]
|
||||
)
|
||||
b64 = payload.b64()
|
||||
|
||||
|
|
@ -220,7 +220,7 @@ def test_registration_invalid_data(testclient, foo_group):
|
|||
datetime.datetime.now(datetime.timezone.utc).isoformat(),
|
||||
"someoneelse",
|
||||
False,
|
||||
"someone@mydomain.tld",
|
||||
"someone@mydomain.test",
|
||||
[foo_group.id],
|
||||
)
|
||||
hash = payload.build_hash()
|
||||
|
|
@ -236,7 +236,7 @@ def test_registration_more_than_48_hours_after_invitation(testclient, foo_group)
|
|||
two_days_ago.isoformat(),
|
||||
"someoneelse",
|
||||
False,
|
||||
"someone@mydomain.tld",
|
||||
"someone@mydomain.test",
|
||||
[foo_group.id],
|
||||
)
|
||||
hash = payload.build_hash()
|
||||
|
|
@ -250,7 +250,7 @@ def test_registration_no_password(testclient, foo_group, backend):
|
|||
datetime.datetime.now(datetime.timezone.utc).isoformat(),
|
||||
"someoneelse",
|
||||
False,
|
||||
"someone@mydomain.tld",
|
||||
"someone@mydomain.test",
|
||||
[foo_group.id],
|
||||
)
|
||||
hash = payload.build_hash()
|
||||
|
|
@ -275,7 +275,7 @@ def test_no_registration_if_logged_in(testclient, logged_user, foo_group):
|
|||
datetime.datetime.now(datetime.timezone.utc).isoformat(),
|
||||
"someoneelse",
|
||||
False,
|
||||
"someone@mydomain.tld",
|
||||
"someone@mydomain.test",
|
||||
[foo_group.id],
|
||||
)
|
||||
hash = payload.build_hash()
|
||||
|
|
@ -312,7 +312,7 @@ def test_groups_are_saved_even_when_user_does_not_have_read_permission(
|
|||
datetime.datetime.now(datetime.timezone.utc).isoformat(),
|
||||
"someoneelse",
|
||||
False,
|
||||
"someone@mydomain.tld",
|
||||
"someone@mydomain.test",
|
||||
[foo_group.id],
|
||||
)
|
||||
b64 = payload.b64()
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ def test_user_has_password(testclient, backend):
|
|||
formatted_name="Temp User",
|
||||
family_name="Temp",
|
||||
user_name="temp",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
)
|
||||
backend.save(user)
|
||||
|
||||
|
|
|
|||
|
|
@ -24,11 +24,11 @@ def test_password_reset(testclient, user, backend):
|
|||
|
||||
|
||||
def test_password_reset_multiple_emails(testclient, user, backend):
|
||||
user.emails = ["foo@bar.com", "foo@baz.com"]
|
||||
user.emails = ["foo@bar.test", "foo@baz.test"]
|
||||
backend.save(user)
|
||||
|
||||
assert not backend.check_user_password(user, "foobarbaz")[0]
|
||||
hash = build_hash("user", "foo@baz.com", user.password)
|
||||
hash = build_hash("user", "foo@baz.test", user.password)
|
||||
|
||||
res = testclient.get("/reset/user/" + hash, status=200)
|
||||
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ def test_user_creation_edition_and_deletion(
|
|||
res.form["user_name"] = "george"
|
||||
res.form["given_name"] = "George"
|
||||
res.form["family_name"] = "Abitbol"
|
||||
res.form["emails-0"] = "george@abitbol.com"
|
||||
res.form["emails-0"] = "george@abitbol.test"
|
||||
res.form["phone_numbers-0"] = "555-666-888"
|
||||
res.form["groups"] = [foo_group.id]
|
||||
res.form["password1"] = "totoyolo"
|
||||
|
|
@ -72,21 +72,21 @@ def test_profile_creation_dynamic_validation(testclient, logged_admin, user):
|
|||
"/profile",
|
||||
{
|
||||
"csrf_token": res.form["csrf_token"].value,
|
||||
"emails-0": "john@doe.com",
|
||||
"emails-0": "john@doe.test",
|
||||
},
|
||||
headers={
|
||||
"HX-Request": "true",
|
||||
"HX-Trigger-Name": "emails-0",
|
||||
},
|
||||
)
|
||||
res.mustcontain("The email 'john@doe.com' is already used")
|
||||
res.mustcontain("The email 'john@doe.test' is already used")
|
||||
|
||||
|
||||
def test_user_creation_without_password(testclient, logged_moderator, backend):
|
||||
res = testclient.get("/profile", status=200)
|
||||
res.form["user_name"] = "george"
|
||||
res.form["family_name"] = "Abitbol"
|
||||
res.form["emails-0"] = "george@abitbol.com"
|
||||
res.form["emails-0"] = "george@abitbol.test"
|
||||
|
||||
res = res.form.submit(name="action", value="create-profile", status=302)
|
||||
assert ("success", "User account creation succeed.") in res.flashes
|
||||
|
|
@ -117,7 +117,7 @@ def test_username_already_taken(
|
|||
res = testclient.get("/profile", status=200)
|
||||
res.form["user_name"] = "user"
|
||||
res.form["family_name"] = "foo"
|
||||
res.form["emails-0"] = "any@thing.com"
|
||||
res.form["emails-0"] = "any@thing.test"
|
||||
res = res.form.submit(name="action", value="create-profile")
|
||||
assert ("error", "User account creation failed.") in res.flashes
|
||||
res.mustcontain("The user name 'user' already exists")
|
||||
|
|
@ -127,10 +127,10 @@ def test_email_already_taken(testclient, logged_moderator, user, foo_group, bar_
|
|||
res = testclient.get("/profile", status=200)
|
||||
res.form["user_name"] = "user2"
|
||||
res.form["family_name"] = "foo"
|
||||
res.form["emails-0"] = "john@doe.com"
|
||||
res.form["emails-0"] = "john@doe.test"
|
||||
res = res.form.submit(name="action", value="create-profile")
|
||||
assert ("error", "User account creation failed.") in res.flashes
|
||||
res.mustcontain("The email 'john@doe.com' is already used")
|
||||
res.mustcontain("The email 'john@doe.test' is already used")
|
||||
|
||||
|
||||
def test_cn_setting_with_given_name_and_surname(testclient, logged_moderator, backend):
|
||||
|
|
@ -138,7 +138,7 @@ def test_cn_setting_with_given_name_and_surname(testclient, logged_moderator, ba
|
|||
res.form["user_name"] = "george"
|
||||
res.form["given_name"] = "George"
|
||||
res.form["family_name"] = "Abitbol"
|
||||
res.form["emails-0"] = "george@abitbol.com"
|
||||
res.form["emails-0"] = "george@abitbol.test"
|
||||
|
||||
res = res.form.submit(name="action", value="create-profile", status=302).follow(
|
||||
status=200
|
||||
|
|
@ -153,7 +153,7 @@ def test_cn_setting_with_surname_only(testclient, logged_moderator, backend):
|
|||
res = testclient.get("/profile", status=200)
|
||||
res.form["user_name"] = "george"
|
||||
res.form["family_name"] = "Abitbol"
|
||||
res.form["emails-0"] = "george@abitbol.com"
|
||||
res.form["emails-0"] = "george@abitbol.test"
|
||||
|
||||
res = res.form.submit(name="action", value="create-profile", status=302).follow(
|
||||
status=200
|
||||
|
|
|
|||
|
|
@ -109,7 +109,7 @@ def test_edition(testclient, logged_user, admin, jpeg_photo, backend, caplog):
|
|||
form["given_name"] = "given_name"
|
||||
form["family_name"] = "family_name"
|
||||
form["display_name"] = "display_name"
|
||||
form["emails-0"] = "email@mydomain.tld"
|
||||
form["emails-0"] = "email@mydomain.test"
|
||||
form["phone_numbers-0"] = "555-666-777"
|
||||
form["formatted_address"] = "formatted_address"
|
||||
form["street"] = "street"
|
||||
|
|
@ -139,7 +139,7 @@ def test_edition(testclient, logged_user, admin, jpeg_photo, backend, caplog):
|
|||
assert logged_user.given_name == "given_name"
|
||||
assert logged_user.family_name == "family_name"
|
||||
assert logged_user.display_name == "display_name"
|
||||
assert logged_user.emails == ["email@mydomain.tld"]
|
||||
assert logged_user.emails == ["email@mydomain.test"]
|
||||
assert logged_user.phone_numbers == ["555-666-777"]
|
||||
assert logged_user.formatted_address == "formatted_address"
|
||||
assert logged_user.street == "street"
|
||||
|
|
@ -155,7 +155,7 @@ def test_edition(testclient, logged_user, admin, jpeg_photo, backend, caplog):
|
|||
|
||||
logged_user.formatted_name = "John (johnny) Doe"
|
||||
logged_user.family_name = "Doe"
|
||||
logged_user.emails = ["john@doe.com"]
|
||||
logged_user.emails = ["john@doe.test"]
|
||||
logged_user.given_name = None
|
||||
logged_user.photo = None
|
||||
backend.save(logged_user)
|
||||
|
|
@ -183,7 +183,7 @@ def test_edition_remove_fields(
|
|||
|
||||
logged_user.formatted_name = "John (johnny) Doe"
|
||||
logged_user.family_name = "Doe"
|
||||
logged_user.emails = ["john@doe.com"]
|
||||
logged_user.emails = ["john@doe.test"]
|
||||
logged_user.given_name = None
|
||||
logged_user.photo = None
|
||||
backend.save(logged_user)
|
||||
|
|
@ -301,11 +301,11 @@ def test_bad_email(testclient, logged_user, backend):
|
|||
res = testclient.get("/profile/user", status=200)
|
||||
form = res.forms["baseform"]
|
||||
|
||||
form["emails-0"] = "john@doe.com"
|
||||
form["emails-0"] = "john@doe.test"
|
||||
|
||||
res = form.submit(name="action", value="edit-profile").follow()
|
||||
|
||||
assert ["john@doe.com"] == logged_user.emails
|
||||
assert ["john@doe.test"] == logged_user.emails
|
||||
|
||||
res = testclient.get("/profile/user", status=200)
|
||||
form = res.forms["baseform"]
|
||||
|
|
@ -316,7 +316,7 @@ def test_bad_email(testclient, logged_user, backend):
|
|||
|
||||
backend.reload(logged_user)
|
||||
|
||||
assert ["john@doe.com"] == logged_user.emails
|
||||
assert ["john@doe.test"] == logged_user.emails
|
||||
|
||||
|
||||
def test_surname_is_mandatory(testclient, logged_user, backend):
|
||||
|
|
@ -371,7 +371,7 @@ def test_inline_validation(testclient, logged_admin, user):
|
|||
"/profile/admin",
|
||||
{
|
||||
"csrf_token": form["csrf_token"].value,
|
||||
"emails-0": "john@doe.com",
|
||||
"emails-0": "john@doe.test",
|
||||
"action": "edit-profile",
|
||||
},
|
||||
headers={
|
||||
|
|
@ -379,7 +379,7 @@ def test_inline_validation(testclient, logged_admin, user):
|
|||
"HX-Trigger-Name": "emails-0",
|
||||
},
|
||||
)
|
||||
res.mustcontain("The email 'john@doe.com' is already used")
|
||||
res.mustcontain("The email 'john@doe.test' is already used")
|
||||
|
||||
|
||||
def test_inline_validation_keep_indicators(testclient, logged_admin, user, backend):
|
||||
|
|
|
|||
|
|
@ -115,7 +115,7 @@ def test_photo_on_profile_creation(testclient, jpeg_photo, logged_admin, backend
|
|||
form["photo"] = Upload("logo.jpg", jpeg_photo)
|
||||
form["user_name"] = "foobar"
|
||||
form["family_name"] = "Abitbol"
|
||||
form["emails-0"] = "george@abitbol.com"
|
||||
form["emails-0"] = "george@abitbol.test"
|
||||
res = form.submit(name="action", value="edit-profile", status=302).follow(
|
||||
status=200
|
||||
)
|
||||
|
|
@ -138,7 +138,7 @@ def test_photo_deleted_on_profile_creation(
|
|||
form["photo_delete"] = True
|
||||
form["user_name"] = "foobar"
|
||||
form["family_name"] = "Abitbol"
|
||||
form["emails-0"] = "george@abitbol.com"
|
||||
form["emails-0"] = "george@abitbol.test"
|
||||
res = form.submit(name="action", value="edit-profile", status=302).follow(
|
||||
status=200
|
||||
)
|
||||
|
|
|
|||
|
|
@ -406,7 +406,7 @@ def test_password_initialization_mail(smtpd, testclient, backend, logged_admin):
|
|||
formatted_name="Temp User",
|
||||
family_name="Temp",
|
||||
user_name="temp",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
)
|
||||
backend.save(u)
|
||||
|
||||
|
|
@ -421,7 +421,7 @@ def test_password_initialization_mail(smtpd, testclient, backend, logged_admin):
|
|||
"It should be received within a few minutes.",
|
||||
) in res.flashes
|
||||
assert len(smtpd.messages) == 1
|
||||
assert smtpd.messages[0]["X-RcptTo"] == "john@doe.com"
|
||||
assert smtpd.messages[0]["X-RcptTo"] == "john@doe.test"
|
||||
|
||||
backend.reload(u)
|
||||
u.password = "correct horse battery staple"
|
||||
|
|
@ -442,7 +442,7 @@ def test_password_initialization_mail_send_fail(
|
|||
formatted_name="Temp User",
|
||||
family_name="Temp",
|
||||
user_name="temp",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
)
|
||||
backend.save(u)
|
||||
|
||||
|
|
@ -529,7 +529,7 @@ def test_password_reset_email(smtpd, testclient, backend, logged_admin):
|
|||
formatted_name="Temp User",
|
||||
family_name="Temp",
|
||||
user_name="temp",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
password="correct horse battery staple",
|
||||
)
|
||||
backend.save(u)
|
||||
|
|
@ -545,7 +545,7 @@ def test_password_reset_email(smtpd, testclient, backend, logged_admin):
|
|||
"It should be received within a few minutes.",
|
||||
) in res.flashes
|
||||
assert len(smtpd.messages) == 1
|
||||
assert smtpd.messages[0]["X-RcptTo"] == "john@doe.com"
|
||||
assert smtpd.messages[0]["X-RcptTo"] == "john@doe.test"
|
||||
|
||||
backend.delete(u)
|
||||
|
||||
|
|
@ -557,7 +557,7 @@ def test_password_reset_email_failed(SMTP, smtpd, testclient, backend, logged_ad
|
|||
formatted_name="Temp User",
|
||||
family_name="Temp",
|
||||
user_name="temp",
|
||||
emails=["john@doe.com"],
|
||||
emails=["john@doe.test"],
|
||||
password="correct horse battery staple",
|
||||
)
|
||||
backend.save(u)
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ def test_registration_without_email_validation(testclient, backend, foo_group):
|
|||
res.form["password1"] = "i'm a little pea"
|
||||
res.form["password2"] = "i'm a little pea"
|
||||
res.form["family_name"] = "newuser"
|
||||
res.form["emails-0"] = "newuser@example.com"
|
||||
res.form["emails-0"] = "newuser@example.test"
|
||||
res = res.form.submit()
|
||||
assert ("success", "Your account has been created successfully.") in res.flashes
|
||||
|
||||
|
|
@ -35,7 +35,7 @@ def test_registration_with_email_validation(testclient, backend, smtpd, foo_grou
|
|||
|
||||
with time_machine.travel("2020-01-01 02:00:00+00:00", tick=False):
|
||||
res = testclient.get(url_for("core.account.join"))
|
||||
res.form["email"] = "foo@bar.com"
|
||||
res.form["email"] = "foo@bar.test"
|
||||
res = res.form.submit()
|
||||
|
||||
assert res.flashes == [
|
||||
|
|
@ -50,7 +50,7 @@ def test_registration_with_email_validation(testclient, backend, smtpd, foo_grou
|
|||
creation_date_isoformat="2020-01-01T02:00:00+00:00",
|
||||
user_name="",
|
||||
user_name_editable=True,
|
||||
email="foo@bar.com",
|
||||
email="foo@bar.test",
|
||||
groups=[],
|
||||
)
|
||||
registration_url = url_for(
|
||||
|
|
@ -88,7 +88,7 @@ def test_registration_with_email_already_taken(
|
|||
|
||||
testclient.app.config["CANAILLE"]["HIDE_INVALID_LOGINS"] = True
|
||||
res = testclient.get(url_for("core.account.join"))
|
||||
res.form["email"] = "john@doe.com"
|
||||
res.form["email"] = "john@doe.test"
|
||||
res = res.form.submit()
|
||||
assert res.flashes == [
|
||||
(
|
||||
|
|
@ -99,10 +99,10 @@ def test_registration_with_email_already_taken(
|
|||
|
||||
testclient.app.config["CANAILLE"]["HIDE_INVALID_LOGINS"] = False
|
||||
res = testclient.get(url_for("core.account.join"))
|
||||
res.form["email"] = "john@doe.com"
|
||||
res.form["email"] = "john@doe.test"
|
||||
res = res.form.submit()
|
||||
assert res.flashes == []
|
||||
res.mustcontain("The email 'john@doe.com' is already used")
|
||||
res.mustcontain("The email 'john@doe.test' is already used")
|
||||
|
||||
|
||||
def test_registration_with_email_validation_needs_a_valid_link(
|
||||
|
|
@ -140,7 +140,7 @@ def test_registration_mail_error(SMTP, testclient, backend, smtpd, foo_group):
|
|||
testclient.app.config["CANAILLE"]["ENABLE_REGISTRATION"] = True
|
||||
SMTP.side_effect = mock.Mock(side_effect=OSError("unit test mail error"))
|
||||
res = testclient.get(url_for("core.account.join"))
|
||||
res.form["email"] = "foo@bar.com"
|
||||
res.form["email"] = "foo@bar.test"
|
||||
res = res.form.submit(expect_errors=True)
|
||||
|
||||
assert res.flashes == [
|
||||
|
|
@ -173,7 +173,7 @@ def test_registration_with_compromised_password(api_get, testclient, backend):
|
|||
res.form["password1"] = "987654321"
|
||||
res.form["password2"] = "987654321"
|
||||
res.form["family_name"] = "newuser"
|
||||
res.form["emails-0"] = "newuser@example.com"
|
||||
res.form["emails-0"] = "newuser@example.test"
|
||||
res = res.form.submit()
|
||||
res.mustcontain(
|
||||
"This password appears on public compromission databases and is not secure."
|
||||
|
|
@ -199,7 +199,7 @@ def test_registration_with_compromised_password_request_api_failed_but_account_c
|
|||
res.form["password1"] = "123456789"
|
||||
res.form["password2"] = "123456789"
|
||||
res.form["family_name"] = "newuser"
|
||||
res.form["emails-0"] = "newuser@example.com"
|
||||
res.form["emails-0"] = "newuser@example.test"
|
||||
|
||||
res = res.form.submit()
|
||||
|
||||
|
|
@ -235,7 +235,7 @@ def test_compromised_password_validator_with_failure_of_api_request_and_success_
|
|||
res.form["password1"] = "123456789"
|
||||
res.form["password2"] = "123456789"
|
||||
res.form["family_name"] = "newuser"
|
||||
res.form["emails-0"] = "newuser@example.com"
|
||||
res.form["emails-0"] = "newuser@example.test"
|
||||
|
||||
res = res.form.submit()
|
||||
|
||||
|
|
@ -277,7 +277,7 @@ def test_compromised_password_validator_with_failure_of_api_request_and_fail_to_
|
|||
res.form["password1"] = "123456789"
|
||||
res.form["password2"] = "123456789"
|
||||
res.form["family_name"] = "newuser"
|
||||
res.form["emails-0"] = "newuser@example.com"
|
||||
res.form["emails-0"] = "newuser@example.test"
|
||||
|
||||
res = res.form.submit()
|
||||
|
||||
|
|
@ -321,7 +321,7 @@ def test_compromised_password_validator_with_failure_of_api_request_without_smtp
|
|||
res.form["password1"] = "123456789"
|
||||
res.form["password2"] = "123456789"
|
||||
res.form["family_name"] = "newuser"
|
||||
res.form["emails-0"] = "newuser@example.com"
|
||||
res.form["emails-0"] = "newuser@example.test"
|
||||
|
||||
res = res.form.submit()
|
||||
|
||||
|
|
@ -358,7 +358,7 @@ def test_compromised_password_validator_with_failure_of_api_request_without_admi
|
|||
res.form["password1"] = "123456789"
|
||||
res.form["password2"] = "123456789"
|
||||
res.form["family_name"] = "newuser"
|
||||
res.form["emails-0"] = "newuser@example.com"
|
||||
res.form["emails-0"] = "newuser@example.test"
|
||||
|
||||
res = res.form.submit()
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ def test_clean_command(testclient, backend, client, user):
|
|||
code="my-valid-code",
|
||||
client=client,
|
||||
subject=user,
|
||||
redirect_uri="https://foo.bar/callback",
|
||||
redirect_uri="https://foobar.test/callback",
|
||||
response_type="code",
|
||||
scope=["openid", "profile"],
|
||||
nonce="nonce",
|
||||
|
|
@ -27,7 +27,7 @@ def test_clean_command(testclient, backend, client, user):
|
|||
code="my-expired-code",
|
||||
client=client,
|
||||
subject=user,
|
||||
redirect_uri="https://foo.bar/callback",
|
||||
redirect_uri="https://foobar.test/callback",
|
||||
response_type="code",
|
||||
scope=["openid", "profile"],
|
||||
nonce="nonce",
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ def configuration(configuration, keypair):
|
|||
"JWT": {
|
||||
"PUBLIC_KEY": public_key,
|
||||
"PRIVATE_KEY": private_key,
|
||||
"ISS": "https://auth.mydomain.tld",
|
||||
"ISS": "https://auth.mydomain.test",
|
||||
}
|
||||
}
|
||||
return configuration
|
||||
|
|
@ -43,13 +43,13 @@ def client(testclient, trusted_client, backend):
|
|||
c = models.Client(
|
||||
client_id=gen_salt(24),
|
||||
client_name="Some client",
|
||||
contacts=["contact@mydomain.tld"],
|
||||
client_uri="https://mydomain.tld",
|
||||
contacts=["contact@mydomain.test"],
|
||||
client_uri="https://mydomain.test",
|
||||
redirect_uris=[
|
||||
"https://mydomain.tld/redirect1",
|
||||
"https://mydomain.tld/redirect2",
|
||||
"https://mydomain.test/redirect1",
|
||||
"https://mydomain.test/redirect2",
|
||||
],
|
||||
logo_uri="https://mydomain.tld/logo.webp",
|
||||
logo_uri="https://mydomain.test/logo.webp",
|
||||
client_id_issued_at=datetime.datetime.now(datetime.timezone.utc),
|
||||
client_secret=gen_salt(48),
|
||||
grant_types=[
|
||||
|
|
@ -61,11 +61,11 @@ def client(testclient, trusted_client, backend):
|
|||
],
|
||||
response_types=["code", "token", "id_token"],
|
||||
scope=["openid", "email", "profile", "groups", "address", "phone"],
|
||||
tos_uri="https://mydomain.tld/tos",
|
||||
policy_uri="https://mydomain.tld/policy",
|
||||
jwks_uri="https://mydomain.tld/jwk",
|
||||
tos_uri="https://mydomain.test/tos",
|
||||
policy_uri="https://mydomain.test/policy",
|
||||
jwks_uri="https://mydomain.test/jwk",
|
||||
token_endpoint_auth_method="client_secret_basic",
|
||||
post_logout_redirect_uris=["https://mydomain.tld/disconnected"],
|
||||
post_logout_redirect_uris=["https://mydomain.test/disconnected"],
|
||||
)
|
||||
backend.save(c)
|
||||
c.audience = [c, trusted_client]
|
||||
|
|
@ -80,13 +80,13 @@ def trusted_client(testclient, backend):
|
|||
c = models.Client(
|
||||
client_id=gen_salt(24),
|
||||
client_name="Some other client",
|
||||
contacts=["contact@myotherdomain.tld"],
|
||||
client_uri="https://myotherdomain.tld",
|
||||
contacts=["contact@myotherdomain.test"],
|
||||
client_uri="https://myotherdomain.test",
|
||||
redirect_uris=[
|
||||
"https://myotherdomain.tld/redirect1",
|
||||
"https://myotherdomain.tld/redirect2",
|
||||
"https://myotherdomain.test/redirect1",
|
||||
"https://myotherdomain.test/redirect2",
|
||||
],
|
||||
logo_uri="https://myotherdomain.tld/logo.webp",
|
||||
logo_uri="https://myotherdomain.test/logo.webp",
|
||||
client_id_issued_at=datetime.datetime.now(datetime.timezone.utc),
|
||||
client_secret=gen_salt(48),
|
||||
grant_types=[
|
||||
|
|
@ -98,11 +98,11 @@ def trusted_client(testclient, backend):
|
|||
],
|
||||
response_types=["code", "token", "id_token"],
|
||||
scope=["openid", "profile", "groups"],
|
||||
tos_uri="https://myotherdomain.tld/tos",
|
||||
policy_uri="https://myotherdomain.tld/policy",
|
||||
jwks_uri="https://myotherdomain.tld/jwk",
|
||||
tos_uri="https://myotherdomain.test/tos",
|
||||
policy_uri="https://myotherdomain.test/policy",
|
||||
jwks_uri="https://myotherdomain.test/jwk",
|
||||
token_endpoint_auth_method="client_secret_basic",
|
||||
post_logout_redirect_uris=["https://myotherdomain.tld/disconnected"],
|
||||
post_logout_redirect_uris=["https://myotherdomain.test/disconnected"],
|
||||
preconsent=True,
|
||||
)
|
||||
backend.save(c)
|
||||
|
|
@ -120,7 +120,7 @@ def authorization(testclient, user, client, backend):
|
|||
code="my-code",
|
||||
client=client,
|
||||
subject=user,
|
||||
redirect_uri="https://foo.bar/callback",
|
||||
redirect_uri="https://foobar.test/callback",
|
||||
response_type="code",
|
||||
scope=["openid", "profile"],
|
||||
nonce="nonce",
|
||||
|
|
|
|||
|
|
@ -687,7 +687,7 @@ def test_code_with_invalid_user(testclient, admin, client, backend):
|
|||
formatted_name="John Doe",
|
||||
family_name="Doe",
|
||||
user_name="temp",
|
||||
emails=["temp@temp.com"],
|
||||
emails=["temp@temp.test"],
|
||||
password="correct horse battery staple",
|
||||
)
|
||||
backend.save(user)
|
||||
|
|
|
|||
|
|
@ -179,7 +179,7 @@ def test_prompt_create_not_logged(testclient, trusted_client, smtpd):
|
|||
|
||||
# Display the registration form
|
||||
res = res.follow()
|
||||
res.form["email"] = "foo@bar.com"
|
||||
res.form["email"] = "foo@bar.test"
|
||||
res = res.form.submit()
|
||||
|
||||
# Checks the registration mail is sent
|
||||
|
|
@ -192,7 +192,7 @@ def test_prompt_create_not_logged(testclient, trusted_client, smtpd):
|
|||
).isoformat(),
|
||||
user_name="",
|
||||
user_name_editable=True,
|
||||
email="foo@bar.com",
|
||||
email="foo@bar.test",
|
||||
groups=[],
|
||||
)
|
||||
registration_url = url_for(
|
||||
|
|
|
|||
|
|
@ -89,23 +89,23 @@ def test_client_add(testclient, logged_admin, backend):
|
|||
res = testclient.get("/admin/client/add")
|
||||
data = {
|
||||
"client_name": "foobar",
|
||||
"contacts-0": "foo@bar.com",
|
||||
"client_uri": "https://foo.bar",
|
||||
"redirect_uris-0": "https://foo.bar/callback",
|
||||
"contacts-0": "foo@bar.test",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "https://foobar.test/callback",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"scope": "openid profile",
|
||||
"response_types": ["code", "token"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
"logo_uri": "https://foo.bar/logo.webp",
|
||||
"tos_uri": "https://foo.bar/tos",
|
||||
"policy_uri": "https://foo.bar/policy",
|
||||
"logo_uri": "https://foobar.test/logo.webp",
|
||||
"tos_uri": "https://foobar.test/tos",
|
||||
"policy_uri": "https://foobar.test/policy",
|
||||
"software_id": "software",
|
||||
"software_version": "1",
|
||||
"jwk": "jwk",
|
||||
"jwks_uri": "https://foo.bar/jwks.json",
|
||||
"jwks_uri": "https://foobar.test/jwks.json",
|
||||
"audience": [],
|
||||
"preconsent": False,
|
||||
"post_logout_redirect_uris-0": "https://foo.bar/disconnected",
|
||||
"post_logout_redirect_uris-0": "https://foobar.test/disconnected",
|
||||
}
|
||||
for k, v in data.items():
|
||||
res.form[k].force_value(v)
|
||||
|
|
@ -117,23 +117,23 @@ def test_client_add(testclient, logged_admin, backend):
|
|||
client = backend.get(models.Client, client_id=client_id)
|
||||
|
||||
assert client.client_name == "foobar"
|
||||
assert client.contacts == ["foo@bar.com"]
|
||||
assert client.client_uri == "https://foo.bar"
|
||||
assert client.redirect_uris == ["https://foo.bar/callback"]
|
||||
assert client.contacts == ["foo@bar.test"]
|
||||
assert client.client_uri == "https://foobar.test"
|
||||
assert client.redirect_uris == ["https://foobar.test/callback"]
|
||||
assert client.grant_types == ["password", "authorization_code"]
|
||||
assert client.scope == ["openid", "profile"]
|
||||
assert client.response_types == ["code", "token"]
|
||||
assert client.token_endpoint_auth_method == "none"
|
||||
assert client.logo_uri == "https://foo.bar/logo.webp"
|
||||
assert client.tos_uri == "https://foo.bar/tos"
|
||||
assert client.policy_uri == "https://foo.bar/policy"
|
||||
assert client.logo_uri == "https://foobar.test/logo.webp"
|
||||
assert client.tos_uri == "https://foobar.test/tos"
|
||||
assert client.policy_uri == "https://foobar.test/policy"
|
||||
assert client.software_id == "software"
|
||||
assert client.software_version == "1"
|
||||
assert client.jwk == "jwk"
|
||||
assert client.jwks_uri == "https://foo.bar/jwks.json"
|
||||
assert client.jwks_uri == "https://foobar.test/jwks.json"
|
||||
assert client.audience == [client]
|
||||
assert not client.preconsent
|
||||
assert client.post_logout_redirect_uris == ["https://foo.bar/disconnected"]
|
||||
assert client.post_logout_redirect_uris == ["https://foobar.test/disconnected"]
|
||||
|
||||
backend.delete(client)
|
||||
|
||||
|
|
@ -151,23 +151,23 @@ def test_client_edit(testclient, client, logged_admin, trusted_client, backend):
|
|||
res = testclient.get("/admin/client/edit/" + client.client_id)
|
||||
data = {
|
||||
"client_name": "foobar",
|
||||
"contacts-0": "foo@bar.com",
|
||||
"client_uri": "https://foo.bar",
|
||||
"redirect_uris-0": "https://foo.bar/callback",
|
||||
"contacts-0": "foo@bar.test",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "https://foobar.test/callback",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"scope": "openid profile",
|
||||
"response_types": ["code", "token"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
"logo_uri": "https://foo.bar/logo.webp",
|
||||
"tos_uri": "https://foo.bar/tos",
|
||||
"policy_uri": "https://foo.bar/policy",
|
||||
"logo_uri": "https://foobar.test/logo.webp",
|
||||
"tos_uri": "https://foobar.test/tos",
|
||||
"policy_uri": "https://foobar.test/policy",
|
||||
"software_id": "software",
|
||||
"software_version": "1",
|
||||
"jwk": "jwk",
|
||||
"jwks_uri": "https://foo.bar/jwks.json",
|
||||
"jwks_uri": "https://foobar.test/jwks.json",
|
||||
"audience": [client.id, trusted_client.id],
|
||||
"preconsent": True,
|
||||
"post_logout_redirect_uris-0": "https://foo.bar/disconnected",
|
||||
"post_logout_redirect_uris-0": "https://foobar.test/disconnected",
|
||||
}
|
||||
for k, v in data.items():
|
||||
res.forms["clientaddform"][k].force_value(v)
|
||||
|
|
@ -182,26 +182,26 @@ def test_client_edit(testclient, client, logged_admin, trusted_client, backend):
|
|||
backend.reload(client)
|
||||
|
||||
assert client.client_name == "foobar"
|
||||
assert client.contacts == ["foo@bar.com"]
|
||||
assert client.client_uri == "https://foo.bar"
|
||||
assert client.contacts == ["foo@bar.test"]
|
||||
assert client.client_uri == "https://foobar.test"
|
||||
assert client.redirect_uris == [
|
||||
"https://foo.bar/callback",
|
||||
"https://mydomain.tld/redirect2",
|
||||
"https://foobar.test/callback",
|
||||
"https://mydomain.test/redirect2",
|
||||
]
|
||||
assert client.grant_types == ["password", "authorization_code"]
|
||||
assert client.scope == ["openid", "profile"]
|
||||
assert client.response_types == ["code", "token"]
|
||||
assert client.token_endpoint_auth_method == "none"
|
||||
assert client.logo_uri == "https://foo.bar/logo.webp"
|
||||
assert client.tos_uri == "https://foo.bar/tos"
|
||||
assert client.policy_uri == "https://foo.bar/policy"
|
||||
assert client.logo_uri == "https://foobar.test/logo.webp"
|
||||
assert client.tos_uri == "https://foobar.test/tos"
|
||||
assert client.policy_uri == "https://foobar.test/policy"
|
||||
assert client.software_id == "software"
|
||||
assert client.software_version == "1"
|
||||
assert client.jwk == "jwk"
|
||||
assert client.jwks_uri == "https://foo.bar/jwks.json"
|
||||
assert client.jwks_uri == "https://foobar.test/jwks.json"
|
||||
assert client.audience == [client, trusted_client]
|
||||
assert not client.preconsent
|
||||
assert client.post_logout_redirect_uris == ["https://foo.bar/disconnected"]
|
||||
assert client.post_logout_redirect_uris == ["https://foobar.test/disconnected"]
|
||||
|
||||
|
||||
def test_client_edit_missing_fields(
|
||||
|
|
|
|||
|
|
@ -11,15 +11,15 @@ from canaille.oidc.oauth import get_issuer
|
|||
def test_issuer(testclient):
|
||||
with warnings.catch_warnings(record=True):
|
||||
testclient.app.config["CANAILLE_OIDC"]["JWT"]["ISS"] = (
|
||||
"https://anyauth.mydomain.tld"
|
||||
"https://anyauth.mydomain.test"
|
||||
)
|
||||
testclient.app.config["SERVER_NAME"] = "https://otherauth.mydomain.tld"
|
||||
testclient.app.config["SERVER_NAME"] = "https://otherauth.mydomain.test"
|
||||
with testclient.app.test_request_context("/"):
|
||||
assert get_issuer() == "https://anyauth.mydomain.tld"
|
||||
assert get_issuer() == "https://anyauth.mydomain.test"
|
||||
|
||||
testclient.app.config["CANAILLE_OIDC"]["JWT"]["ISS"] = None
|
||||
with testclient.app.test_request_context("/"):
|
||||
assert get_issuer() == "https://otherauth.mydomain.tld"
|
||||
assert get_issuer() == "https://otherauth.mydomain.test"
|
||||
|
||||
testclient.app.config["SERVER_NAME"] = None
|
||||
with testclient.app.test_request_context("/"):
|
||||
|
|
|
|||
|
|
@ -17,16 +17,16 @@ def test_client_registration_with_authentication_static_token(
|
|||
|
||||
payload = {
|
||||
"redirect_uris": [
|
||||
"https://client.example.org/callback",
|
||||
"https://client.example.org/callback2",
|
||||
"https://client.example.test/callback",
|
||||
"https://client.example.test/callback2",
|
||||
],
|
||||
"post_logout_redirect_uris": [
|
||||
"https://client.example.org/logout_callback",
|
||||
"https://client.example.test/logout_callback",
|
||||
],
|
||||
"client_name": "My Example Client",
|
||||
"token_endpoint_auth_method": "client_secret_basic",
|
||||
"logo_uri": "https://client.example.org/logo.webp",
|
||||
"jwks_uri": "https://client.example.org/my_public_keys.jwks",
|
||||
"logo_uri": "https://client.example.test/logo.webp",
|
||||
"jwks_uri": "https://client.example.test/my_public_keys.jwks",
|
||||
"grant_types": ["authorization_code"],
|
||||
"response_types": ["code"],
|
||||
}
|
||||
|
|
@ -41,11 +41,11 @@ def test_client_registration_with_authentication_static_token(
|
|||
"client_id_issued_at": mock.ANY,
|
||||
"client_name": "My Example Client",
|
||||
"client_secret_expires_at": 0,
|
||||
"jwks_uri": "https://client.example.org/my_public_keys.jwks",
|
||||
"logo_uri": "https://client.example.org/logo.webp",
|
||||
"jwks_uri": "https://client.example.test/my_public_keys.jwks",
|
||||
"logo_uri": "https://client.example.test/logo.webp",
|
||||
"redirect_uris": [
|
||||
"https://client.example.org/callback",
|
||||
"https://client.example.org/callback2",
|
||||
"https://client.example.test/callback",
|
||||
"https://client.example.test/callback2",
|
||||
],
|
||||
"token_endpoint_auth_method": "client_secret_basic",
|
||||
"grant_types": ["authorization_code"],
|
||||
|
|
@ -54,15 +54,15 @@ def test_client_registration_with_authentication_static_token(
|
|||
|
||||
assert client.client_name == "My Example Client"
|
||||
assert client.redirect_uris == [
|
||||
"https://client.example.org/callback",
|
||||
"https://client.example.org/callback2",
|
||||
"https://client.example.test/callback",
|
||||
"https://client.example.test/callback2",
|
||||
]
|
||||
assert client.post_logout_redirect_uris == [
|
||||
"https://client.example.org/logout_callback",
|
||||
"https://client.example.test/logout_callback",
|
||||
]
|
||||
assert client.token_endpoint_auth_method == "client_secret_basic"
|
||||
assert client.logo_uri == "https://client.example.org/logo.webp"
|
||||
assert client.jwks_uri == "https://client.example.org/my_public_keys.jwks"
|
||||
assert client.logo_uri == "https://client.example.test/logo.webp"
|
||||
assert client.jwks_uri == "https://client.example.test/my_public_keys.jwks"
|
||||
assert client in client.audience
|
||||
backend.delete(client)
|
||||
|
||||
|
|
@ -76,13 +76,13 @@ def test_client_registration_with_authentication_no_token(
|
|||
|
||||
payload = {
|
||||
"redirect_uris": [
|
||||
"https://client.example.org/callback",
|
||||
"https://client.example.org/callback2",
|
||||
"https://client.example.test/callback",
|
||||
"https://client.example.test/callback2",
|
||||
],
|
||||
"client_name": "My Example Client",
|
||||
"token_endpoint_auth_method": "client_secret_basic",
|
||||
"logo_uri": "https://client.example.org/logo.webp",
|
||||
"jwks_uri": "https://client.example.org/my_public_keys.jwks",
|
||||
"logo_uri": "https://client.example.test/logo.webp",
|
||||
"jwks_uri": "https://client.example.test/my_public_keys.jwks",
|
||||
"grant_types": ["authorization_code"],
|
||||
"response_types": ["code"],
|
||||
}
|
||||
|
|
@ -110,13 +110,13 @@ def test_client_registration_with_authentication_invalid_token(
|
|||
|
||||
payload = {
|
||||
"redirect_uris": [
|
||||
"https://client.example.org/callback",
|
||||
"https://client.example.org/callback2",
|
||||
"https://client.example.test/callback",
|
||||
"https://client.example.test/callback2",
|
||||
],
|
||||
"client_name": "My Example Client",
|
||||
"token_endpoint_auth_method": "client_secret_basic",
|
||||
"logo_uri": "https://client.example.org/logo.webp",
|
||||
"jwks_uri": "https://client.example.org/my_public_keys.jwks",
|
||||
"logo_uri": "https://client.example.test/logo.webp",
|
||||
"jwks_uri": "https://client.example.test/my_public_keys.jwks",
|
||||
"grant_types": ["authorization_code"],
|
||||
"response_types": ["code"],
|
||||
}
|
||||
|
|
@ -135,7 +135,7 @@ def test_client_registration_with_software_statement(testclient, backend, keypai
|
|||
software_statement_payload = {
|
||||
"software_id": "4NRB1-0XZABZI9E6-5SM3R",
|
||||
"client_name": "Example Statement-based Client",
|
||||
"client_uri": "https://client.example.net/",
|
||||
"client_uri": "https://client.example.test/",
|
||||
"response_types": ["code"],
|
||||
"grant_types": ["authorization_code"],
|
||||
}
|
||||
|
|
@ -146,8 +146,8 @@ def test_client_registration_with_software_statement(testclient, backend, keypai
|
|||
|
||||
payload = {
|
||||
"redirect_uris": [
|
||||
"https://client.example.org/callback",
|
||||
"https://client.example.org/callback2",
|
||||
"https://client.example.test/callback",
|
||||
"https://client.example.test/callback2",
|
||||
],
|
||||
"software_statement": software_statement,
|
||||
"scope": "openid profile",
|
||||
|
|
@ -161,20 +161,20 @@ def test_client_registration_with_software_statement(testclient, backend, keypai
|
|||
"client_id_issued_at": mock.ANY,
|
||||
"client_secret_expires_at": 0,
|
||||
"redirect_uris": [
|
||||
"https://client.example.org/callback",
|
||||
"https://client.example.org/callback2",
|
||||
"https://client.example.test/callback",
|
||||
"https://client.example.test/callback2",
|
||||
],
|
||||
"grant_types": ["authorization_code"],
|
||||
"response_types": ["code"],
|
||||
"scope": "openid profile",
|
||||
"token_endpoint_auth_method": "client_secret_basic",
|
||||
"client_name": "Example Statement-based Client",
|
||||
"client_uri": "https://client.example.net/",
|
||||
"client_uri": "https://client.example.test/",
|
||||
"software_id": "4NRB1-0XZABZI9E6-5SM3R",
|
||||
}
|
||||
assert client.redirect_uris == [
|
||||
"https://client.example.org/callback",
|
||||
"https://client.example.org/callback2",
|
||||
"https://client.example.test/callback",
|
||||
"https://client.example.test/callback2",
|
||||
]
|
||||
assert client.token_endpoint_auth_method == "client_secret_basic"
|
||||
backend.delete(client)
|
||||
|
|
@ -185,20 +185,20 @@ def test_client_registration_without_authentication_ok(testclient, backend):
|
|||
|
||||
payload = {
|
||||
"redirect_uris": [
|
||||
"https://client.example.org/callback",
|
||||
"https://client.example.org/callback2",
|
||||
"https://client.example.test/callback",
|
||||
"https://client.example.test/callback2",
|
||||
],
|
||||
"client_name": "My Example Client",
|
||||
"client_uri": "https://example.com",
|
||||
"client_uri": "https://example.test",
|
||||
"token_endpoint_auth_method": "client_secret_basic",
|
||||
"logo_uri": "https://client.example.org/logo.webp",
|
||||
"jwks_uri": "https://client.example.org/my_public_keys.jwks",
|
||||
"logo_uri": "https://client.example.test/logo.webp",
|
||||
"jwks_uri": "https://client.example.test/my_public_keys.jwks",
|
||||
"grant_types": ["authorization_code", "implicit"],
|
||||
"response_types": ["code", "token"],
|
||||
"scope": "openid profile",
|
||||
"contacts": ["contact@example.com"],
|
||||
"tos_uri": "https://example.com/uri",
|
||||
"policy_uri": "https://example.com/policy",
|
||||
"contacts": ["contact@example.test"],
|
||||
"tos_uri": "https://example.test/uri",
|
||||
"policy_uri": "https://example.test/policy",
|
||||
"software_id": "example",
|
||||
"software_version": "x.y.z",
|
||||
}
|
||||
|
|
@ -211,39 +211,39 @@ def test_client_registration_without_authentication_ok(testclient, backend):
|
|||
"client_secret": mock.ANY,
|
||||
"client_id_issued_at": mock.ANY,
|
||||
"client_name": "My Example Client",
|
||||
"client_uri": "https://example.com",
|
||||
"client_uri": "https://example.test",
|
||||
"client_secret_expires_at": 0,
|
||||
"jwks_uri": "https://client.example.org/my_public_keys.jwks",
|
||||
"logo_uri": "https://client.example.org/logo.webp",
|
||||
"jwks_uri": "https://client.example.test/my_public_keys.jwks",
|
||||
"logo_uri": "https://client.example.test/logo.webp",
|
||||
"redirect_uris": [
|
||||
"https://client.example.org/callback",
|
||||
"https://client.example.org/callback2",
|
||||
"https://client.example.test/callback",
|
||||
"https://client.example.test/callback2",
|
||||
],
|
||||
"token_endpoint_auth_method": "client_secret_basic",
|
||||
"grant_types": ["authorization_code", "implicit"],
|
||||
"response_types": ["code", "token"],
|
||||
"scope": "openid profile",
|
||||
"contacts": ["contact@example.com"],
|
||||
"tos_uri": "https://example.com/uri",
|
||||
"policy_uri": "https://example.com/policy",
|
||||
"contacts": ["contact@example.test"],
|
||||
"tos_uri": "https://example.test/uri",
|
||||
"policy_uri": "https://example.test/policy",
|
||||
"software_id": "example",
|
||||
"software_version": "x.y.z",
|
||||
}
|
||||
assert client.client_name == "My Example Client"
|
||||
assert client.client_uri == "https://example.com"
|
||||
assert client.client_uri == "https://example.test"
|
||||
assert client.redirect_uris == [
|
||||
"https://client.example.org/callback",
|
||||
"https://client.example.org/callback2",
|
||||
"https://client.example.test/callback",
|
||||
"https://client.example.test/callback2",
|
||||
]
|
||||
assert client.token_endpoint_auth_method == "client_secret_basic"
|
||||
assert client.logo_uri == "https://client.example.org/logo.webp"
|
||||
assert client.jwks_uri == "https://client.example.org/my_public_keys.jwks"
|
||||
assert client.logo_uri == "https://client.example.test/logo.webp"
|
||||
assert client.jwks_uri == "https://client.example.test/my_public_keys.jwks"
|
||||
assert client.grant_types == ["authorization_code", "implicit"]
|
||||
assert client.response_types == ["code", "token"]
|
||||
assert client.scope == ["openid", "profile"]
|
||||
assert client.contacts == ["contact@example.com"]
|
||||
assert client.tos_uri == "https://example.com/uri"
|
||||
assert client.policy_uri == "https://example.com/policy"
|
||||
assert client.contacts == ["contact@example.test"]
|
||||
assert client.tos_uri == "https://example.test/uri"
|
||||
assert client.policy_uri == "https://example.test/policy"
|
||||
assert client.software_id == "example"
|
||||
assert client.software_version == "x.y.z"
|
||||
backend.delete(client)
|
||||
|
|
|
|||
|
|
@ -22,8 +22,8 @@ def test_get(testclient, backend, client, user):
|
|||
"client_id_issued_at": int(datetime.timestamp(client.client_id_issued_at)),
|
||||
"client_secret_expires_at": 0,
|
||||
"redirect_uris": [
|
||||
"https://mydomain.tld/redirect1",
|
||||
"https://mydomain.tld/redirect2",
|
||||
"https://mydomain.test/redirect1",
|
||||
"https://mydomain.test/redirect2",
|
||||
],
|
||||
"registration_access_token": "static-token",
|
||||
"registration_client_uri": f"http://canaille.test/oauth/register/{client.client_id}",
|
||||
|
|
@ -37,14 +37,14 @@ def test_get(testclient, backend, client, user):
|
|||
],
|
||||
"response_types": ["code", "token", "id_token"],
|
||||
"client_name": "Some client",
|
||||
"client_uri": "https://mydomain.tld",
|
||||
"logo_uri": "https://mydomain.tld/logo.webp",
|
||||
"client_uri": "https://mydomain.test",
|
||||
"logo_uri": "https://mydomain.test/logo.webp",
|
||||
"scope": "openid email profile groups address phone",
|
||||
"contacts": ["contact@mydomain.tld"],
|
||||
"tos_uri": "https://mydomain.tld/tos",
|
||||
"policy_uri": "https://mydomain.tld/policy",
|
||||
"contacts": ["contact@mydomain.test"],
|
||||
"tos_uri": "https://mydomain.test/tos",
|
||||
"policy_uri": "https://mydomain.test/policy",
|
||||
"jwk": None,
|
||||
"jwks_uri": "https://mydomain.tld/jwk",
|
||||
"jwks_uri": "https://mydomain.test/jwk",
|
||||
"software_id": None,
|
||||
"software_version": None,
|
||||
}
|
||||
|
|
@ -58,35 +58,35 @@ def test_update(testclient, backend, client, user):
|
|||
"static-token"
|
||||
]
|
||||
|
||||
assert client.redirect_uris != ["https://newname.example.org/callback"]
|
||||
assert client.redirect_uris != ["https://newname.example.test/callback"]
|
||||
assert client.token_endpoint_auth_method != "none"
|
||||
assert client.grant_types != ["refresh_token"]
|
||||
assert client.response_types != ["code", "token"]
|
||||
assert client.client_name != "new name"
|
||||
assert client.client_uri != "https://newname.example.org"
|
||||
assert client.logo_uri != "https://newname.example.org/logo.webp"
|
||||
assert client.client_uri != "https://newname.example.test"
|
||||
assert client.logo_uri != "https://newname.example.test/logo.webp"
|
||||
assert client.scope != ["openid", "profile", "email"]
|
||||
assert client.contacts != ["newcontact@example.org"]
|
||||
assert client.tos_uri != "https://newname.example.org/tos"
|
||||
assert client.policy_uri != "https://newname.example.org/policy"
|
||||
assert client.jwks_uri != "https://newname.example.org/my_public_keys.jwks"
|
||||
assert client.contacts != ["newcontact@example.test"]
|
||||
assert client.tos_uri != "https://newname.example.test/tos"
|
||||
assert client.policy_uri != "https://newname.example.test/policy"
|
||||
assert client.jwks_uri != "https://newname.example.test/my_public_keys.jwks"
|
||||
assert client.software_id != "new_software_id"
|
||||
assert client.software_version != "3.14"
|
||||
|
||||
payload = {
|
||||
"client_id": client.client_id,
|
||||
"redirect_uris": ["https://newname.example.org/callback"],
|
||||
"redirect_uris": ["https://newname.example.test/callback"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
"grant_types": ["refresh_token"],
|
||||
"response_types": ["code", "token"],
|
||||
"client_name": "new name",
|
||||
"client_uri": "https://newname.example.org",
|
||||
"logo_uri": "https://newname.example.org/logo.webp",
|
||||
"client_uri": "https://newname.example.test",
|
||||
"logo_uri": "https://newname.example.test/logo.webp",
|
||||
"scope": "openid profile email",
|
||||
"contacts": ["newcontact@example.org"],
|
||||
"tos_uri": "https://newname.example.org/tos",
|
||||
"policy_uri": "https://newname.example.org/policy",
|
||||
"jwks_uri": "https://newname.example.org/my_public_keys.jwks",
|
||||
"contacts": ["newcontact@example.test"],
|
||||
"tos_uri": "https://newname.example.test/tos",
|
||||
"policy_uri": "https://newname.example.test/policy",
|
||||
"jwks_uri": "https://newname.example.test/my_public_keys.jwks",
|
||||
"software_id": "new_software_id",
|
||||
"software_version": "3.14",
|
||||
}
|
||||
|
|
@ -102,37 +102,37 @@ def test_update(testclient, backend, client, user):
|
|||
"client_secret": client.client_secret,
|
||||
"client_id_issued_at": int(datetime.timestamp(client.client_id_issued_at)),
|
||||
"client_secret_expires_at": 0,
|
||||
"redirect_uris": ["https://newname.example.org/callback"],
|
||||
"redirect_uris": ["https://newname.example.test/callback"],
|
||||
"registration_access_token": "static-token",
|
||||
"registration_client_uri": f"http://canaille.test/oauth/register/{client.client_id}",
|
||||
"token_endpoint_auth_method": "none",
|
||||
"grant_types": ["refresh_token"],
|
||||
"response_types": ["code", "token"],
|
||||
"client_name": "new name",
|
||||
"client_uri": "https://newname.example.org",
|
||||
"logo_uri": "https://newname.example.org/logo.webp",
|
||||
"client_uri": "https://newname.example.test",
|
||||
"logo_uri": "https://newname.example.test/logo.webp",
|
||||
"scope": "openid profile email",
|
||||
"contacts": ["newcontact@example.org"],
|
||||
"tos_uri": "https://newname.example.org/tos",
|
||||
"policy_uri": "https://newname.example.org/policy",
|
||||
"contacts": ["newcontact@example.test"],
|
||||
"tos_uri": "https://newname.example.test/tos",
|
||||
"policy_uri": "https://newname.example.test/policy",
|
||||
"jwk": None,
|
||||
"jwks_uri": "https://newname.example.org/my_public_keys.jwks",
|
||||
"jwks_uri": "https://newname.example.test/my_public_keys.jwks",
|
||||
"software_id": "new_software_id",
|
||||
"software_version": "3.14",
|
||||
}
|
||||
|
||||
assert client.redirect_uris == ["https://newname.example.org/callback"]
|
||||
assert client.redirect_uris == ["https://newname.example.test/callback"]
|
||||
assert client.token_endpoint_auth_method == "none"
|
||||
assert client.grant_types == ["refresh_token"]
|
||||
assert client.response_types == ["code", "token"]
|
||||
assert client.client_name == "new name"
|
||||
assert client.client_uri == "https://newname.example.org"
|
||||
assert client.logo_uri == "https://newname.example.org/logo.webp"
|
||||
assert client.client_uri == "https://newname.example.test"
|
||||
assert client.logo_uri == "https://newname.example.test/logo.webp"
|
||||
assert client.scope == ["openid", "profile", "email"]
|
||||
assert client.contacts == ["newcontact@example.org"]
|
||||
assert client.tos_uri == "https://newname.example.org/tos"
|
||||
assert client.policy_uri == "https://newname.example.org/policy"
|
||||
assert client.jwks_uri == "https://newname.example.org/my_public_keys.jwks"
|
||||
assert client.contacts == ["newcontact@example.test"]
|
||||
assert client.tos_uri == "https://newname.example.test/tos"
|
||||
assert client.policy_uri == "https://newname.example.test/policy"
|
||||
assert client.jwks_uri == "https://newname.example.test/my_public_keys.jwks"
|
||||
assert client.software_id == "new_software_id"
|
||||
assert client.software_version == "3.14"
|
||||
|
||||
|
|
@ -166,7 +166,7 @@ def test_invalid_client(testclient, backend, user):
|
|||
|
||||
payload = {
|
||||
"client_id": "invalid-client-id",
|
||||
"redirect_uris": ["https://newname.example.org/callback"],
|
||||
"redirect_uris": ["https://newname.example.test/callback"],
|
||||
}
|
||||
|
||||
headers = {"Authorization": "Bearer static-token"}
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ from canaille.oidc.oauth import get_jwt_config
|
|||
def test_end_session(testclient, backend, logged_user, client, id_token):
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -31,7 +31,7 @@ def test_end_session(testclient, backend, logged_user, client, id_token):
|
|||
def test_end_session_no_client_id(testclient, backend, logged_user, client, id_token):
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -80,7 +80,7 @@ def test_bad_redirect_uri_no_redirect(
|
|||
):
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/invalid-uri"
|
||||
post_logout_redirect_url = "https://mydomain.test/invalid-uri"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -104,7 +104,7 @@ def test_bad_redirect_uri_no_redirect(
|
|||
def test_no_client_hint_no_redirect(testclient, backend, logged_user, client, id_token):
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -128,7 +128,7 @@ def test_no_client_hint_no_redirect(testclient, backend, logged_user, client, id
|
|||
def test_end_session_invalid_client_id(testclient, backend, logged_user, client):
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -161,7 +161,7 @@ def test_client_hint_invalid(testclient, backend, logged_user, client):
|
|||
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -184,7 +184,7 @@ def test_client_hint_invalid(testclient, backend, logged_user, client):
|
|||
def test_no_jwt_logout(testclient, backend, logged_user, client):
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -210,7 +210,7 @@ def test_no_jwt_logout(testclient, backend, logged_user, client):
|
|||
def test_no_jwt_no_logout(testclient, backend, logged_user, client):
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -233,11 +233,11 @@ def test_no_jwt_no_logout(testclient, backend, logged_user, client):
|
|||
|
||||
|
||||
def test_jwt_not_issued_here(testclient, backend, logged_user, client, id_token):
|
||||
testclient.app.config["CANAILLE_OIDC"]["JWT"]["ISS"] = "https://foo.bar"
|
||||
testclient.app.config["CANAILLE_OIDC"]["JWT"]["ISS"] = "https://foobar.test"
|
||||
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -266,7 +266,7 @@ def test_client_hint_mismatch(testclient, backend, logged_user, client):
|
|||
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -286,7 +286,7 @@ def test_client_hint_mismatch(testclient, backend, logged_user, client):
|
|||
|
||||
|
||||
def test_end_session_bad_id_token(testclient, backend, logged_user, client, id_token):
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -311,7 +311,7 @@ def test_bad_user_id_token_mismatch(testclient, backend, logged_user, client, ad
|
|||
**get_jwt_config(None),
|
||||
)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -338,7 +338,7 @@ def test_bad_user_id_token_mismatch(testclient, backend, logged_user, client, ad
|
|||
def test_bad_user_hint(testclient, backend, logged_user, client, id_token, admin):
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -365,7 +365,7 @@ def test_bad_user_hint(testclient, backend, logged_user, client, id_token, admin
|
|||
def test_no_jwt_bad_csrf(testclient, backend, logged_user, client):
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -383,7 +383,7 @@ def test_no_jwt_bad_csrf(testclient, backend, logged_user, client):
|
|||
|
||||
|
||||
def test_end_session_already_disconnected(testclient, backend, user, client, id_token):
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
@ -402,7 +402,7 @@ def test_end_session_already_disconnected(testclient, backend, user, client, id_
|
|||
def test_end_session_no_state(testclient, backend, logged_user, client, id_token):
|
||||
testclient.get(f"/profile/{logged_user.user_name}", status=200)
|
||||
|
||||
post_logout_redirect_url = "https://mydomain.tld/disconnected"
|
||||
post_logout_redirect_url = "https://mydomain.test/disconnected"
|
||||
res = testclient.get(
|
||||
"/oauth/end_session",
|
||||
params={
|
||||
|
|
|
|||
|
|
@ -13,8 +13,8 @@ def test_fieldlist_add(testclient, logged_admin, backend):
|
|||
|
||||
data = {
|
||||
"client_name": "foobar",
|
||||
"client_uri": "https://foo.bar",
|
||||
"redirect_uris-0": "https://foo.bar/callback",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "https://foobar.test/callback",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"response_types": ["code", "token"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
|
|
@ -25,7 +25,7 @@ def test_fieldlist_add(testclient, logged_admin, backend):
|
|||
res = res.form.submit(status=200, name="fieldlist_add", value="redirect_uris-0")
|
||||
assert not backend.query(models.Client)
|
||||
|
||||
data["redirect_uris-1"] = "https://foo.bar/callback2"
|
||||
data["redirect_uris-1"] = "https://foobar.test/callback2"
|
||||
for k, v in data.items():
|
||||
res.form[k].force_value(v)
|
||||
|
||||
|
|
@ -36,8 +36,8 @@ def test_fieldlist_add(testclient, logged_admin, backend):
|
|||
client = backend.get(models.Client, client_id=client_id)
|
||||
|
||||
assert client.redirect_uris == [
|
||||
"https://foo.bar/callback",
|
||||
"https://foo.bar/callback2",
|
||||
"https://foobar.test/callback",
|
||||
"https://foobar.test/callback2",
|
||||
]
|
||||
|
||||
backend.delete(client)
|
||||
|
|
@ -49,8 +49,8 @@ def test_fieldlist_delete(testclient, logged_admin, backend):
|
|||
|
||||
data = {
|
||||
"client_name": "foobar",
|
||||
"client_uri": "https://foo.bar",
|
||||
"redirect_uris-0": "https://foo.bar/callback1",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "https://foobar.test/callback1",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"response_types": ["code", "token"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
|
|
@ -59,7 +59,7 @@ def test_fieldlist_delete(testclient, logged_admin, backend):
|
|||
res.form[k].force_value(v)
|
||||
res = res.form.submit(status=200, name="fieldlist_add", value="redirect_uris-0")
|
||||
|
||||
res.form["redirect_uris-1"] = "https://foo.bar/callback2"
|
||||
res.form["redirect_uris-1"] = "https://foobar.test/callback2"
|
||||
res = res.form.submit(status=200, name="fieldlist_remove", value="redirect_uris-1")
|
||||
assert not backend.query(models.Client)
|
||||
assert "redirect_uris-1" not in res.form.fields
|
||||
|
|
@ -71,7 +71,7 @@ def test_fieldlist_delete(testclient, logged_admin, backend):
|
|||
client = backend.get(models.Client, client_id=client_id)
|
||||
|
||||
assert client.redirect_uris == [
|
||||
"https://foo.bar/callback1",
|
||||
"https://foobar.test/callback1",
|
||||
]
|
||||
|
||||
backend.delete(client)
|
||||
|
|
@ -82,8 +82,8 @@ def test_fieldlist_add_invalid_field(testclient, logged_admin):
|
|||
data = {
|
||||
"csrf_token": res.form["csrf_token"].value,
|
||||
"client_name": "foobar",
|
||||
"client_uri": "https://foo.bar",
|
||||
"redirect_uris-0": "https://foo.bar/callback",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "https://foobar.test/callback",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"response_types": ["code", "token"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
|
|
@ -99,9 +99,9 @@ def test_fieldlist_delete_invalid_field(testclient, logged_admin, backend):
|
|||
data = {
|
||||
"csrf_token": res.form["csrf_token"].value,
|
||||
"client_name": "foobar",
|
||||
"client_uri": "https://foo.bar",
|
||||
"redirect_uris-0": "https://foo.bar/callback1",
|
||||
"redirect_uris-1": "https://foo.bar/callback2",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "https://foobar.test/callback1",
|
||||
"redirect_uris-1": "https://foobar.test/callback2",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"response_types": ["code", "token"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
|
|
@ -114,8 +114,8 @@ def test_fieldlist_duplicate_value(testclient, logged_admin, client):
|
|||
res = testclient.get("/admin/client/add")
|
||||
data = {
|
||||
"client_name": "foobar",
|
||||
"client_uri": "https://foo.bar",
|
||||
"redirect_uris-0": "https://foo.bar/samecallback",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "https://foobar.test/samecallback",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"response_types": ["code", "token"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
|
|
@ -123,7 +123,7 @@ def test_fieldlist_duplicate_value(testclient, logged_admin, client):
|
|||
for k, v in data.items():
|
||||
res.form[k].force_value(v)
|
||||
res = res.form.submit(status=200, name="fieldlist_add", value="redirect_uris-0")
|
||||
res.form["redirect_uris-1"] = "https://foo.bar/samecallback"
|
||||
res.form["redirect_uris-1"] = "https://foobar.test/samecallback"
|
||||
res = res.form.submit(status=200, name="action", value="edit")
|
||||
res.mustcontain("This value is a duplicate")
|
||||
|
||||
|
|
@ -132,9 +132,9 @@ def test_fieldlist_empty_value(testclient, logged_admin, backend):
|
|||
res = testclient.get("/admin/client/add")
|
||||
data = {
|
||||
"client_name": "foobar",
|
||||
"client_uri": "https://foo.bar",
|
||||
"redirect_uris-0": "https://foo.bar/samecallback",
|
||||
"post_logout_redirect_uris-0": "https://foo.bar/callback1",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "https://foobar.test/samecallback",
|
||||
"post_logout_redirect_uris-0": "https://foobar.test/callback1",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"response_types": ["code", "token"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
|
|
@ -154,8 +154,8 @@ def test_fieldlist_add_field_htmx(testclient, logged_admin):
|
|||
data = {
|
||||
"csrf_token": res.form["csrf_token"].value,
|
||||
"client_name": "foobar",
|
||||
"client_uri": "https://foo.bar",
|
||||
"redirect_uris-0": "https://foo.bar/callback",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "https://foobar.test/callback",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"response_types": ["code", "token"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
|
|
@ -178,7 +178,7 @@ def test_fieldlist_add_field_htmx_validation(testclient, logged_admin):
|
|||
data = {
|
||||
"csrf_token": res.form["csrf_token"].value,
|
||||
"client_name": "foobar",
|
||||
"client_uri": "https://foo.bar",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "not-a-valid-uri",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"response_types": ["code", "token"],
|
||||
|
|
@ -203,9 +203,9 @@ def test_fieldlist_remove_field_htmx(testclient, logged_admin):
|
|||
data = {
|
||||
"csrf_token": res.form["csrf_token"].value,
|
||||
"client_name": "foobar",
|
||||
"client_uri": "https://foo.bar",
|
||||
"redirect_uris-0": "https://foo.bar/callback1",
|
||||
"redirect_uris-1": "https://foo.bar/callback2",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "https://foobar.test/callback1",
|
||||
"redirect_uris-1": "https://foobar.test/callback2",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"response_types": ["code", "token"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
|
|
@ -228,9 +228,9 @@ def test_fieldlist_inline_validation(testclient, logged_admin):
|
|||
data = {
|
||||
"csrf_token": res.form["csrf_token"].value,
|
||||
"client_name": "foobar",
|
||||
"client_uri": "https://foo.bar",
|
||||
"client_uri": "https://foobar.test",
|
||||
"redirect_uris-0": "invalid-url",
|
||||
"redirect_uris-1": "https://foo.bar/callback2",
|
||||
"redirect_uris-1": "https://foobar.test/callback2",
|
||||
"grant_types": ["password", "authorization_code"],
|
||||
"response_types": ["code", "token"],
|
||||
"token_endpoint_auth_method": "none",
|
||||
|
|
|
|||
|
|
@ -84,7 +84,7 @@ def test_refresh_token_with_invalid_user(testclient, client, backend):
|
|||
formatted_name="John Doe",
|
||||
family_name="Doe",
|
||||
user_name="temp",
|
||||
emails=["temp@temp.com"],
|
||||
emails=["temp@temp.test"],
|
||||
password="correct horse battery staple",
|
||||
)
|
||||
backend.save(user)
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ def test_access_token_introspection(testclient, user, client, token):
|
|||
"scope": token.get_scope(),
|
||||
"sub": user.user_name,
|
||||
"aud": [client.client_id],
|
||||
"iss": "https://auth.mydomain.tld",
|
||||
"iss": "https://auth.mydomain.test",
|
||||
"exp": token.get_expires_at(),
|
||||
"iat": token.get_issued_at(),
|
||||
} == res.json
|
||||
|
|
@ -42,7 +42,7 @@ def test_refresh_token_introspection(testclient, user, client, token):
|
|||
"scope": token.get_scope(),
|
||||
"sub": user.user_name,
|
||||
"aud": [client.client_id],
|
||||
"iss": "https://auth.mydomain.tld",
|
||||
"iss": "https://auth.mydomain.test",
|
||||
"exp": token.get_expires_at(),
|
||||
"iat": token.get_issued_at(),
|
||||
} == res.json
|
||||
|
|
@ -110,6 +110,6 @@ def test_full_flow(testclient, logged_user, client, user, trusted_client, backen
|
|||
assert res.json["username"] == user.formatted_name
|
||||
assert res.json["scope"] == token.get_scope()
|
||||
assert res.json["sub"] == user.user_name
|
||||
assert res.json["iss"] == "https://auth.mydomain.tld"
|
||||
assert res.json["iss"] == "https://auth.mydomain.test"
|
||||
assert res.json["exp"] == token.get_expires_at()
|
||||
assert res.json["iat"] == token.get_issued_at()
|
||||
|
|
|
|||
|
|
@ -102,7 +102,7 @@ def test_generate_user_claims(user, foo_group):
|
|||
"family_name": "Doe",
|
||||
"preferred_username": "Johnny",
|
||||
"locale": "en",
|
||||
"website": "https://john.example",
|
||||
"website": "https://john.test",
|
||||
}
|
||||
assert generate_user_claims(user, claims_from_scope("openid profile email")) == {
|
||||
"sub": "user",
|
||||
|
|
@ -111,8 +111,8 @@ def test_generate_user_claims(user, foo_group):
|
|||
"family_name": "Doe",
|
||||
"preferred_username": "Johnny",
|
||||
"locale": "en",
|
||||
"website": "https://john.example",
|
||||
"email": "john@doe.com",
|
||||
"website": "https://john.test",
|
||||
"email": "john@doe.test",
|
||||
}
|
||||
assert generate_user_claims(user, claims_from_scope("openid profile address")) == {
|
||||
"sub": "user",
|
||||
|
|
@ -121,7 +121,7 @@ def test_generate_user_claims(user, foo_group):
|
|||
"family_name": "Doe",
|
||||
"preferred_username": "Johnny",
|
||||
"locale": "en",
|
||||
"website": "https://john.example",
|
||||
"website": "https://john.test",
|
||||
"address": "1235, somewhere",
|
||||
}
|
||||
assert generate_user_claims(user, claims_from_scope("openid profile phone")) == {
|
||||
|
|
@ -131,7 +131,7 @@ def test_generate_user_claims(user, foo_group):
|
|||
"family_name": "Doe",
|
||||
"preferred_username": "Johnny",
|
||||
"locale": "en",
|
||||
"website": "https://john.example",
|
||||
"website": "https://john.test",
|
||||
"phone_number": "555-000-000",
|
||||
}
|
||||
assert generate_user_claims(user, claims_from_scope("openid profile groups")) == {
|
||||
|
|
@ -141,7 +141,7 @@ def test_generate_user_claims(user, foo_group):
|
|||
"family_name": "Doe",
|
||||
"preferred_username": "Johnny",
|
||||
"locale": "en",
|
||||
"website": "https://john.example",
|
||||
"website": "https://john.test",
|
||||
"groups": ["foo"],
|
||||
}
|
||||
|
||||
|
|
@ -168,7 +168,7 @@ def test_userinfo(testclient, token, user, foo_group, backend):
|
|||
"name": "John (johnny) Doe",
|
||||
"preferred_username": "Johnny",
|
||||
"locale": "en",
|
||||
"website": "https://john.example",
|
||||
"website": "https://john.test",
|
||||
}
|
||||
|
||||
token.scope = ["openid", "profile", "email"]
|
||||
|
|
@ -184,8 +184,8 @@ def test_userinfo(testclient, token, user, foo_group, backend):
|
|||
"name": "John (johnny) Doe",
|
||||
"preferred_username": "Johnny",
|
||||
"locale": "en",
|
||||
"website": "https://john.example",
|
||||
"email": "john@doe.com",
|
||||
"website": "https://john.test",
|
||||
"email": "john@doe.test",
|
||||
}
|
||||
|
||||
token.scope = ["openid", "profile", "address"]
|
||||
|
|
@ -201,7 +201,7 @@ def test_userinfo(testclient, token, user, foo_group, backend):
|
|||
"name": "John (johnny) Doe",
|
||||
"preferred_username": "Johnny",
|
||||
"locale": "en",
|
||||
"website": "https://john.example",
|
||||
"website": "https://john.test",
|
||||
"address": "1235, somewhere",
|
||||
}
|
||||
|
||||
|
|
@ -218,7 +218,7 @@ def test_userinfo(testclient, token, user, foo_group, backend):
|
|||
"name": "John (johnny) Doe",
|
||||
"preferred_username": "Johnny",
|
||||
"locale": "en",
|
||||
"website": "https://john.example",
|
||||
"website": "https://john.test",
|
||||
"phone_number": "555-000-000",
|
||||
}
|
||||
|
||||
|
|
@ -235,7 +235,7 @@ def test_userinfo(testclient, token, user, foo_group, backend):
|
|||
"name": "John (johnny) Doe",
|
||||
"preferred_username": "Johnny",
|
||||
"locale": "en",
|
||||
"website": "https://john.example",
|
||||
"website": "https://john.test",
|
||||
"groups": ["foo"],
|
||||
}
|
||||
|
||||
|
|
@ -276,20 +276,20 @@ def test_generate_user_standard_claims_with_default_config(testclient, backend,
|
|||
"name": "John (johnny) Doe",
|
||||
"family_name": "Doe",
|
||||
"preferred_username": "Johnny",
|
||||
"email": "john@doe.com",
|
||||
"email": "john@doe.test",
|
||||
"locale": "fr",
|
||||
"phone_number": "555-000-000",
|
||||
"website": "https://john.example",
|
||||
"website": "https://john.test",
|
||||
}
|
||||
|
||||
|
||||
def test_custom_config_format_claim_is_well_formated(testclient, backend, user):
|
||||
jwt_mapping_config = JWTSettings().model_dump()
|
||||
jwt_mapping_config["EMAIL"] = "{{ user.user_name }}@mydomain.tld"
|
||||
jwt_mapping_config["EMAIL"] = "{{ user.user_name }}@mydomain.test"
|
||||
|
||||
data = generate_user_claims(user, STANDARD_CLAIMS, jwt_mapping_config)
|
||||
|
||||
assert data["email"] == "user@mydomain.tld"
|
||||
assert data["email"] == "user@mydomain.test"
|
||||
|
||||
|
||||
def test_claim_is_omitted_if_empty(testclient, backend, user):
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
def test_issuer(testclient, user):
|
||||
res = testclient.get(
|
||||
"/.well-known/webfinger?resource=acct%3Auser%40mydomain.tld&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer"
|
||||
"/.well-known/webfinger?resource=acct%3Auser%40mydomain.test&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer"
|
||||
)
|
||||
assert res.json == {
|
||||
"subject": "acct:user@mydomain.tld",
|
||||
"subject": "acct:user@mydomain.test",
|
||||
"links": [
|
||||
{
|
||||
"rel": "http://openid.net/specs/connect/1.0/issuer",
|
||||
"href": "https://auth.mydomain.tld",
|
||||
"href": "https://auth.mydomain.test",
|
||||
}
|
||||
],
|
||||
}
|
||||
|
|
@ -15,14 +15,14 @@ def test_issuer(testclient, user):
|
|||
|
||||
def test_resource_unknown(testclient):
|
||||
res = testclient.get(
|
||||
"/.well-known/webfinger?resource=acct%3Ainvalid%40mydomain.tld&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer",
|
||||
"/.well-known/webfinger?resource=acct%3Ainvalid%40mydomain.test&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer",
|
||||
)
|
||||
assert res.json == {
|
||||
"subject": "acct:invalid@mydomain.tld",
|
||||
"subject": "acct:invalid@mydomain.test",
|
||||
"links": [
|
||||
{
|
||||
"rel": "http://openid.net/specs/connect/1.0/issuer",
|
||||
"href": "https://auth.mydomain.tld",
|
||||
"href": "https://auth.mydomain.test",
|
||||
}
|
||||
],
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,12 +3,12 @@ from flask import g
|
|||
|
||||
def test_oauth_authorization_server(testclient):
|
||||
res = testclient.get("/.well-known/oauth-authorization-server", status=200).json
|
||||
assert "https://auth.mydomain.tld" == res["issuer"]
|
||||
assert "https://auth.mydomain.test" == res["issuer"]
|
||||
assert res == {
|
||||
"authorization_endpoint": "http://canaille.test/oauth/authorize",
|
||||
"code_challenge_methods_supported": ["plain", "S256"],
|
||||
"introspection_endpoint": "http://canaille.test/oauth/introspect",
|
||||
"issuer": "https://auth.mydomain.tld",
|
||||
"issuer": "https://auth.mydomain.test",
|
||||
"jwks_uri": "http://canaille.test/oauth/jwks.json",
|
||||
"registration_endpoint": "http://canaille.test/oauth/register",
|
||||
"response_types_supported": [
|
||||
|
|
@ -42,7 +42,7 @@ def test_oauth_authorization_server(testclient):
|
|||
|
||||
def test_openid_configuration(testclient):
|
||||
res = testclient.get("/.well-known/openid-configuration", status=200).json
|
||||
assert "https://auth.mydomain.tld" == res["issuer"]
|
||||
assert "https://auth.mydomain.test" == res["issuer"]
|
||||
assert res == {
|
||||
"authorization_endpoint": "http://canaille.test/oauth/authorize",
|
||||
"claims_supported": [
|
||||
|
|
@ -68,7 +68,7 @@ def test_openid_configuration(testclient):
|
|||
"end_session_endpoint": "http://canaille.test/oauth/end_session",
|
||||
"id_token_signing_alg_values_supported": ["RS256", "ES256", "HS256"],
|
||||
"introspection_endpoint": "http://canaille.test/oauth/introspect",
|
||||
"issuer": "https://auth.mydomain.tld",
|
||||
"issuer": "https://auth.mydomain.test",
|
||||
"jwks_uri": "http://canaille.test/oauth/jwks.json",
|
||||
"registration_endpoint": "http://canaille.test/oauth/register",
|
||||
"response_types_supported": [
|
||||
|
|
|
|||
Loading…
Reference in a new issue