WIP: integration tests

3 months ago · b01a8a8e77
parent c8f7e2a451
commit b01a8a8e77
5 changed files with 1877 additions and 22 deletions
--- a/.github/workflows/import_keycloak/grist-realm.json
+++ b/.github/workflows/import_keycloak/grist-realm.json
--- a/.github/workflows/import_keycloak/grist-users-0.json
+++ b/.github/workflows/import_keycloak/grist-users-0.json
@ -0,0 +1,27 @@
+{
+  "realm" : "grist",
+  "users" : [ {
+    "id" : "1564f73d-c385-4269-84da-34b40f494dea",
+    "createdTimestamp" : 1710254868534,
+    "username" : "keycloakuser",
+    "enabled" : true,
+    "totp" : false,
+    "emailVerified" : true,
+    "firstName" : "Keycloak",
+    "lastName" : "User",
+    "email" : "keycloakuser@example.com",
+    "credentials" : [ {
+      "id" : "3ceee294-209a-4187-aede-1dcfa2dac006",
+      "type" : "password",
+      "userLabel" : "Password: keycloakpassword",
+      "createdDate" : 1710254893700,
+      "secretData" : "{\"value\":\"kZZMgT2g89C+LFfigQt/qu5H9vs188wWgVK1KqnO12Q=\",\"salt\":\"ffAeQSmuJ7cGFE8rzN+f/g==\",\"additionalParameters\":{}}",
+      "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
+    } ],
+    "disableableCredentialTypes" : [ ],
+    "requiredActions" : [ ],
+    "realmRoles" : [ "default-roles-grist" ],
+    "notBefore" : 0,
+    "groups" : [ ]
+  } ]
+}
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -92,7 +92,16 @@ jobs:
        if: contains(matrix.tests, ':common:')
        run: yarn run test:common

-      - name: Run server tests with minio and redis
+      - name: Setup Keycloak realm and client
+        if: contains(matrix.tests, ':server-')
+        server: http://localhost:8080/auth
+        username: admin
+        password: admin
+        kcadm: |
+          create realms -f ${{ github.workspace }}/.github/workflows/import_keycloak/grist-realms.json
+          create users -f ${{ github.workspace }}/.github/workflows/import_keycloak/grist-users-0.json
+
+      - name: Run server tests with minio, keycloak and redis
        if: contains(matrix.tests, ':server-')
        run: |
          export TEST_SPLITS=$(echo $TESTS | sed "s/.*:server-\([^:]*\).*/\1/")
@ -161,6 +170,14 @@ jobs:
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
+      keycloak:
+        # image: fflorent/keycloak-with-import-realm:latest # Image with overridden entrypoint.
+        image: quay.io/keycloak/keycloak
+        port: 8080:8080
+        env:
+          KEYCLOAK_ADMIN: admin
+          KEYCLOAK_ADMIN_PASSWORD: admin
+        volume: ${{ github.workspace }}/.github/workflows/import_keycloak:/opt/keycloak/data/import

  candidate:
    needs: build_and_test
--- a/app/server/lib/FlexServer.ts
+++ b/app/server/lib/FlexServer.ts
@ -2370,7 +2370,7 @@ function configServer<T extends https.Server|http.Server>(server: T): T {

 // Returns true if environment is configured to allow unauthenticated test logins.
 function allowTestLogin() {
-  return Boolean(process.env.GRIST_TEST_LOGIN);
+  return isAffirmative(process.env.GRIST_TEST_LOGIN);
 }

 // Check OPTIONS requests for allowed origins, and return heads to allow the browser to proceed
--- a/test/nbrowser/LoginWithOIDC.ts
+++ b/test/nbrowser/LoginWithOIDC.ts
@ -1,23 +1,47 @@
-// import {assert, driver} from 'mocha-webdriver';
-// import * as gu from 'test/nbrowser/gristUtils';
-// import {setupTestSuite} from 'test/nbrowser/testUtils';
-// import express from 'express';
+import {driver} from 'mocha-webdriver';
+import * as gu from 'test/nbrowser/gristUtils';
+import {server, setupTestSuite} from 'test/nbrowser/testUtils';

-export {};
+describe('LoginWithOIDC', function () {
+  this.timeout(60000);
+  setupTestSuite();
+  gu.withEnvironmentSnapshot({
+    get 'GRIST_OIDC_SP_HOST' () { return server.getHost(); },
+    'GRIST_OIDC_IDP_ISSUER': 'http://localhost:8081/realms/grist',
+    'GRIST_OIDC_IDP_CLIENT_ID': 'keycloak_clientid',
+    'GRIST_OIDC_IDP_CLIENT_SECRET': 'keycloak_secret',
+    'GRIST_OIDC_IDP_SCOPES': 'openid email profile',
+    'GRIST_TEST_LOGIN': 0,
+  });

-// describe('LoginWithOIDC', function () {
-//   this.timeout(60000);
-//   setupTestSuite();
-//   before(async () => {
-//     const app = express();
-//     app.get('/.well-known/openid-configuration', (req, res) => {
-//       res.json({
-//       });
-//     });
-//     app.listen(gu.
-//   });
-//   gu.withEnvironmentSnapshot({
-//     'GRIST_OIDC_IDP_ISSUER': 'https://accounts.google.com',
-//   })
-// });
+  it('should login using OIDC', async () => {
+    console.log("HERE");
+    await driver.get(`${server.getHost()}/o/docs/login`);
+    await driver.findWait('#kc-form-login', 10_000);
+    await driver.find('#username').sendKeys('keycloackuser');
+    await driver.find('#password').sendKeys('keycloakpassword');
+    await driver.find('#kc-login').click();
+
+    // await driver.wait(
+    //   async () => {
+    //     const url = await driver.getCurrentUrl();
+    //     return url.startsWith(server.getHost());
+    //   },
+    //   20_000
+    // );
+    // await driver.find('.weasel-popup-open').click();
+    // await gu.openAccountMenu();
+    // assert.equal(await driver.find('.test-usermenu-name').getText(), 'keycloackuser');
+    // assert.equal(await driver.find('.test-usermenu-email').getText(), 'keycloakuser@example.com');
+    // await driver.find('.test-dm-log-out').click();
+    // await driver.wait(
+    //   async () => {
+    //     const url = await driver.getCurrentUrl();
+    //     return url.startsWith(`${server.getHost()}/o/docs/signed-out`);
+    //   },
+    //   20_000
+    // );
+    // assert.equal(await driver.find('.test-error-header').getText(), 'Signed out');
+  });
+});