SSO Integration Test (#1742)

This commit is contained in:
Cesar Celis Hernandez
2022-03-24 23:11:42 -04:00
committed by GitHub
parent b658301725
commit d22f345d4a
6 changed files with 2741 additions and 1 deletions

File diff suppressed because it is too large Load Diff

165
sso-integration/logssorun2.sh Executable file
View File

@@ -0,0 +1,165 @@
#!/bin/bash
result=`curl 'http://localhost:9001/api/v1/login' \
-H 'Connection: keep-alive' \
-H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99"' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36' \
-H 'sec-ch-ua-platform: "macOS"' \
-H 'Accept: */*' \
-H 'Sec-Fetch-Site: same-origin' \
-H 'Sec-Fetch-Mode: cors' \
-H 'Sec-Fetch-Dest: empty' \
-H 'Referer: http://localhost:9001/login' \
-H 'Accept-Language: en-CA,en;q=0.9' \
--compressed`
echo $result | jq '.redirect' > redirect.txt
redirect=`cat redirect.txt | tr -d '"'`
curl -i "$redirect" \
-H 'Connection: keep-alive' \
-H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99"' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'sec-ch-ua-platform: "macOS"' \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36' \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
-H 'Sec-Fetch-Site: same-site' \
-H 'Sec-Fetch-Mode: navigate' \
-H 'Sec-Fetch-User: ?1' \
-H 'Sec-Fetch-Dest: document' \
-H 'Referer: http://localhost:9001/' \
-H 'Accept-Language: en-CA,en;q=0.9' \
--compressed > form-cookies.txt
cat form-cookies.txt | grep Set-Cookie > first-cookies.txt
cat first-cookies.txt | grep 'AUTH_SESSION_ID=' > AUTH_SESSION_ID.txt
cat AUTH_SESSION_ID.txt | awk '{print $2}' > AUTH_SESSION_ID_2.txt
sed 's/AUTH_SESSION_ID=//' AUTH_SESSION_ID_2.txt > AUTH_SESSION_ID_3.txt
sed 's/;//' AUTH_SESSION_ID_3.txt > AUTH_SESSION_ID_4.txt
AUTH_SESSION_ID=`cat AUTH_SESSION_ID_4.txt`
AUTH_SESSION_ID_LEGACY=$AUTH_SESSION_ID
cat first-cookies.txt | grep 'KC_RESTART=' > KC_RESTART.txt
cat KC_RESTART.txt | awk '{print $2}' > KC_RESTART_2.txt
sed 's/KC_RESTART=//' KC_RESTART_2.txt > KC_RESTART_3.txt
sed 's/;//' KC_RESTART_3.txt > KC_RESTART_4.txt
KC_RESTART=`cat KC_RESTART_4.txt`
cat form-cookies.txt | grep form | grep "kc-form-login" > form-in-file-saved.txt
cat form-in-file-saved.txt | awk '{print $8}' > form-action-only.txt
sed 's/action="//' form-action-only.txt > form-action-only-2.txt
sed 's/"//' form-action-only-2.txt > form-action-only-3.txt
sed 's/amp;//' form-action-only-3.txt > form-action-only-4.txt
sed 's/amp;//' form-action-only-4.txt > form-action-only-5.txt
sed 's/amp;//' form-action-only-5.txt > form-action-only-6.txt
action=`cat form-action-only-6.txt`
cookies=`echo "Cookie: AUTH_SESSION_ID=${AUTH_SESSION_ID}; AUTH_SESSION_ID_LEGACY=${AUTH_SESSION_ID_LEGACY}; KC_RESTART=${KC_RESTART}" | tr -d '"'`
curl -i "$action" \
-X POST \
-H 'Connection: keep-alive' \
-H 'Cache-Control: max-age=0' \
-H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99"' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'sec-ch-ua-platform: "macOS"' \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'Origin: null' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36' \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
-H 'Sec-Fetch-Site: same-origin' \
-H 'Sec-Fetch-Mode: navigate' \
-H 'Sec-Fetch-User: ?1' \
-H 'Sec-Fetch-Dest: document' \
-H 'Accept-Language: en-CA,en;q=0.9' \
-H "$cookies" \
--data-raw 'username=minio&password=minio123&credentialId=' \
--compressed > referer-code-state.txt
cat referer-code-state.txt | grep Location > location.txt
cat location.txt | awk '{print $2}' > location-2.txt
location=`cat location-2.txt`
IFS='&'
read -ra ADDR <<< "$location"
echo ${ADDR[0]} > state.txt
echo ${ADDR[2]} > code.txt
sed 's/code=//' code.txt > code-1.txt
code=`cat code-1.txt`
echo $code
echo $code > /tmp/code
IFS='?'
state=`cat state.txt`
read -ra ADDR22 <<< "$state"
echo ${ADDR22[1]} > state-22.txt
sed 's/%3D/=/' state-22.txt > state-22-1.txt
sed 's/%3D/=/' state-22-1.txt > state-22-2.txt
sed 's/state=//' state-22-2.txt > state-22-3.txt
state=`cat state-22-3.txt`
echo $state
echo $state > /tmp/state

9
sso-integration/set-sso.sh Executable file
View File

@@ -0,0 +1,9 @@
#!/bin/sh
echo "127.0.0.1 keycloak-container" | sudo tee -a /etc/hosts
echo " "
echo " "
echo "/etc/hosts:"
cat /etc/hosts
echo " "
echo " "

168
sso-integration/sso_test.go Normal file
View File

@@ -0,0 +1,168 @@
// This file is part of MinIO Console Server
// Copyright (c) 2021 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package ssointegration
import (
"bytes"
"encoding/json"
"fmt"
"log"
"net/http"
"os/exec"
"strconv"
"strings"
"testing"
"time"
"github.com/go-openapi/loads"
"github.com/minio/console/restapi"
"github.com/minio/console/restapi/operations"
"github.com/stretchr/testify/assert"
)
var token string
func initConsoleServer() (*restapi.Server, error) {
//os.Setenv("CONSOLE_MINIO_SERVER", "localhost:9000")
swaggerSpec, err := loads.Embedded(restapi.SwaggerJSON, restapi.FlatSwaggerJSON)
if err != nil {
return nil, err
}
noLog := func(string, ...interface{}) {
// nothing to log
}
// Initialize MinIO loggers
restapi.LogInfo = noLog
restapi.LogError = noLog
api := operations.NewConsoleAPI(swaggerSpec)
api.Logger = noLog
server := restapi.NewServer(api)
// register all APIs
server.ConfigureAPI()
consolePort, _ := strconv.Atoi("9090")
server.Host = "0.0.0.0"
server.Port = consolePort
restapi.Port = "9090"
restapi.Hostname = "0.0.0.0"
return server, nil
}
func TestMain(t *testing.T) {
assert := assert.New(t)
// start console server
go func() {
fmt.Println("start server")
srv, err := initConsoleServer()
if err != nil {
log.Println(err)
log.Println("init fail")
return
}
srv.Serve()
}()
fmt.Println("sleeping")
time.Sleep(2 * time.Second)
client := &http.Client{
Timeout: 2 * time.Second,
}
// execute bash script to get the code and state
cmd, err := exec.Command("./logssorun2.sh").Output()
if err != nil {
fmt.Printf("error %s", err)
}
output := string(cmd)
fmt.Println(" ")
fmt.Println(" ")
fmt.Println("output:")
fmt.Println(output)
fmt.Println(" ")
fmt.Println(" ")
temp := strings.Split(output, "\n")
fmt.Println(" ")
fmt.Println(" ")
fmt.Println("temp:")
fmt.Println(temp)
fmt.Println(" ")
fmt.Println(" ")
fmt.Println("index0")
fmt.Println(temp[0])
if int(len(temp)) >= 2 {
fmt.Println("index 1")
fmt.Println(temp[1])
} else {
assert.Fail("temp len is less than 2", len(temp))
return
}
// get login credentials
codeVarIable := string(strings.TrimSpace(temp[0]))
stateVarIabl := string(strings.TrimSpace(temp[1]))
requestData := map[string]string{
"code": codeVarIable,
"state": stateVarIabl,
}
requestDataJSON, _ := json.Marshal(requestData)
requestDataBody := bytes.NewReader(requestDataJSON)
request, _ := http.NewRequest(
"POST",
"http://localhost:9001/api/v1/login/oauth2/auth",
requestDataBody,
)
request.Header.Add("Content-Type", "application/json")
response, err := client.Do(request)
if err != nil {
log.Println(err)
}
if response != nil {
for _, cookie := range response.Cookies() {
if cookie.Name == "token" {
token = cookie.Value
break
}
}
}
fmt.Println(response.Status)
if token == "" {
assert.Fail("authentication token not found in cookies response")
} else {
fmt.Println(token)
}
}