Merge pull request #17149 from wso2/revert-17088-revert-16925-thamind…

…u-config Re: "Add integration tests for inbound auth config APIs"
wso2 · Oct 24, 2023 · 8d8741f · 8d8741f
2 parents 562b998 + d246d80
commit 8d8741f
Show file tree

Hide file tree

Showing 6 changed files with 122 additions and 0 deletions.
diff --git a/...java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigFailureTest.java b/...java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigFailureTest.java
@@ -120,4 +120,13 @@ public void testPatchCORSConfigsWithInvalidOperation() throws Exception {
  Response response = getResponseOfPatch(CORS_CONFIGS_API_BASE_PATH, body);
  validateErrorResponse(response, HttpStatus.SC_BAD_REQUEST, "CNF-60003", "Unsupported patch operation");
  }
+
+ @Test
+ public void testUpdateSAMLInboundAuthConfigsWithEmptyDestinationUrls() throws IOException {
+
+ String body = readResource("update-saml-inbound-auth-configs-invalid.json");
+ Response response = getResponseOfPatch(SAML_INBOUND_AUTH_CONFIG_API_PATH, body);
+ validateErrorResponse(response, HttpStatus.SC_BAD_REQUEST, "CNF-60003",
+ "One of the given inputs is invalid. Should contain at least one destination URL.");
+ }
 }
diff --git a/...java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java b/...java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java
@@ -20,6 +20,7 @@
 import io.restassured.response.Response;
 import org.apache.commons.lang.StringUtils;
 import org.apache.http.HttpStatus;
+import org.junit.Assert;
 import org.testng.annotations.AfterClass;
 import org.testng.annotations.AfterMethod;
 import org.testng.annotations.BeforeClass;
@@ -28,9 +29,13 @@
 import org.testng.annotations.Factory;
 import org.testng.annotations.Test;
 import org.wso2.carbon.automation.engine.context.TestUserMode;
+import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
 import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
 
 import java.io.IOException;
+import java.util.Arrays;
+
+import javax.xml.xpath.XPathExpressionException;
 
 import static org.hamcrest.CoreMatchers.containsString;
 import static org.hamcrest.CoreMatchers.equalTo;
@@ -259,4 +264,88 @@ public void testPatchCORSConfigs() throws Exception {
  .body("supportsCredentials", equalTo(false))
  .body("maxAge", equalTo(3600));
  }
+
+ @Test
+ public void testGetSAMLInboundAuthConfigs() throws XPathExpressionException {
+
+ Response response = getResponseOfGet(SAML_INBOUND_AUTH_CONFIG_API_PATH);
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_OK)
+ .body("destinationURLs", notNullValue())
+ .body("metadataValidityPeriod", equalTo(60))
+ .body("enableMetadataSigning", equalTo(false))
+ .body("metadataEndpoint",
+ MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(context.getContextTenant().getDomain())
+ ? equalTo(SAML_METADATA_ENDPOINT_SUPER_TENANT)
+ : equalTo(SAML_METADATA_ENDPOINT_TENANT));
+
+ String[] destinationUrls = response.jsonPath().getString("destinationURLs")
+ .replace("[", "").replace("]", "").split(",");
+ if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(context.getContextTenant().getDomain())) {
+ Assert.assertArrayEquals(new String[]{SAML_SSO_URL_SUPER_TENANT}, destinationUrls);
+ } else {
+ Assert.assertArrayEquals(new String[]{SAML_SSO_URL_TENANT}, destinationUrls);
+ }
+ }
+
+ @Test(dependsOnMethods = {"testGetSAMLInboundAuthConfigs"})
+ public void testUpdateSAMLInboundAuthConfigs() throws IOException {
+
+ String body = readResource("update-saml-inbound-auth-configs.json");
+ Response response = getResponseOfPatch(SAML_INBOUND_AUTH_CONFIG_API_PATH, body);
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_OK);
+
+ response = getResponseOfGet(SAML_INBOUND_AUTH_CONFIG_API_PATH);
+
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_OK)
+ .body("destinationURLs", notNullValue())
+ .body("metadataValidityPeriod", equalTo(120))
+ .body("enableMetadataSigning", equalTo(true));
+
+ String[] destinationUrls = response.jsonPath().getString("destinationURLs")
+ .replace("[", "").replace("]", "").replace(" ", "").split(",");
+ Assert.assertEquals(2, destinationUrls.length);
+ Assert.assertTrue(Arrays.asList(destinationUrls).contains("https://localhost:9853/test/updated"));
+ }
+
+ @Test
+ public void testGetPassiveSTSInboundAuthConfigs() throws XPathExpressionException {
+
+ Response response = getResponseOfGet(PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH);
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_OK)
+ .body("enableRequestSigning", equalTo(false))
+ .body("passiveSTSUrl",
+ MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(context.getContextTenant().getDomain())
+ ? equalTo(PASSIVE_STS_URL_SUPER_TENANT)
+ : equalTo(PASSIVE_STS_URL_TENANT));
+ }
+
+ @Test(dependsOnMethods = {"testGetPassiveSTSInboundAuthConfigs"})
+ public void testUpdatePassiveSTSInboundAuthConfigs() throws IOException {
+
+ String body = readResource("update-passive-sts-inbound-auth-configs.json");
+ Response response = getResponseOfPatch(PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH, body);
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_OK);
+
+ response = getResponseOfGet(PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH);
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_OK)
+ .body("enableRequestSigning", equalTo(true));
+ }
 }
diff --git a/...st/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java b/...st/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java
@@ -40,6 +40,15 @@ public class ConfigTestBase extends RESTAPIServerTestBase {
  public static final String CONFIGS_INBOUND_SCIM_API_BASE_PATH = "/configs/provisioning/inbound/scim";
  public static final String CORS_CONFIGS_API_BASE_PATH = "/configs/cors";
  public static final String HOME_REALM_IDENTIFIERS_API_BASE_PATH = "/configs/home-realm-identifiers";
+ public static final String SAML_INBOUND_AUTH_CONFIG_API_PATH = "/configs/authentication/inbound/saml2";
+ public static final String PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH = "/configs/authentication/inbound/passivests";
+ public static final String SAML_METADATA_ENDPOINT_SUPER_TENANT = "https://localhost:9853/identity/metadata/saml2";
+ public static final String SAML_METADATA_ENDPOINT_TENANT =
+ "https://localhost:9853/t/wso2.com/identity/metadata/saml2";
+ public static final String SAML_SSO_URL_SUPER_TENANT = "https://localhost:9853/samlsso";
+ public static final String SAML_SSO_URL_TENANT = "https://localhost:9853/t/wso2.com/samlsso";
+ public static final String PASSIVE_STS_URL_SUPER_TENANT = "https://localhost:9853/passivests";
+ public static final String PASSIVE_STS_URL_TENANT = "https://localhost:9853/t/wso2.com/passivests";
 
  public static final String PATH_SEPARATOR = "/";
  public static final String SAMPLE_AUTHENTICATOR_ID = "QmFzaWNBdXRoZW50aWNhdG9y";

diff --git a/.../integration/test/rest/api/server/configs/v1/update-passive-sts-inbound-auth-configs.json b/.../integration/test/rest/api/server/configs/v1/update-passive-sts-inbound-auth-configs.json
@@ -0,0 +1,3 @@
+{
+ "enableRequestSigning": true
+}
diff --git a/...integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs-invalid.json b/...integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs-invalid.json
@@ -0,0 +1,5 @@
+{
+ "destinationURLs": [],
+ "metadataValidityPeriod": 120,
+ "enableMetadataSigning": true
+}
diff --git a/...dentity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs.json b/...dentity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs.json
@@ -0,0 +1,7 @@
+{
+ "destinationURLs": [
+ "https://localhost:9853/test/updated"
+ ],
+ "metadataValidityPeriod": 120,
+ "enableMetadataSigning": true
+}