mirror of https://github.com/ory/kratos
chore: remove asserts on ory.sh
GitOrigin-RevId: 60b1132d0ad8235f7f225d4a3befba96c82e4025
This commit is contained in:
Jonas Hungershausen
ory-bot
parent
ab6d023cf1
commit
9c337a59b1
|
|
@ -53,8 +53,9 @@ func TestFlowLifecycle(t *testing.T) {
|
|||
ts, _ := testhelpers.NewKratosServerWithRouters(t, reg, router, x.NewRouterAdmin(reg))
|
||||
loginTS := testhelpers.NewLoginUIFlowEchoServer(t, reg)
|
||||
|
||||
returnToTS := testhelpers.NewRedirTS(t, "return_to", conf)
|
||||
errorTS := testhelpers.NewErrorTestServer(t, reg)
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, "https://www.ory.sh")
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, returnToTS.URL)
|
||||
|
||||
conf.MustSet(ctx, config.ViperKeyIdentitySchemas, config.Schemas{
|
||||
{ID: "default", URL: "file://./stub/password.schema.json"},
|
||||
|
|
@ -209,7 +210,7 @@ func TestFlowLifecycle(t *testing.T) {
|
|||
t.Run("case=reset the session when refresh is true but identity is different", func(t *testing.T) {
|
||||
testhelpers.NewRedirSessionEchoTS(t, reg)
|
||||
t.Cleanup(func() {
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, "https://www.ory.sh")
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, returnToTS.URL)
|
||||
})
|
||||
|
||||
run := func(t *testing.T, tt flow.Type) (string, string) {
|
||||
|
|
@ -270,7 +271,7 @@ func TestFlowLifecycle(t *testing.T) {
|
|||
|
||||
t.Run("case=changed kratos session identifiers when refresh is true", func(t *testing.T) {
|
||||
t.Cleanup(func() {
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, "https://www.ory.sh")
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, returnToTS.URL)
|
||||
})
|
||||
|
||||
t.Run("type=browser", func(t *testing.T) {
|
||||
|
|
@ -360,7 +361,7 @@ func TestFlowLifecycle(t *testing.T) {
|
|||
|
||||
t.Run("type=browser", func(t *testing.T) {
|
||||
_, res := run(t, flow.TypeBrowser, url.Values{"method": {"password"}})
|
||||
assert.Contains(t, res.Request.URL.String(), "https://www.ory.sh")
|
||||
assert.Contains(t, res.Request.URL.String(), returnToTS.URL)
|
||||
})
|
||||
})
|
||||
|
||||
|
|
@ -420,7 +421,7 @@ func TestFlowLifecycle(t *testing.T) {
|
|||
conf.MustSet(ctx, config.ViperKeySelfServiceSettingsRequiredAAL, config.HighestAvailableAAL)
|
||||
conf.MustSet(ctx, config.ViperKeySessionWhoAmIAAL, config.HighestAvailableAAL)
|
||||
testhelpers.StrategyEnable(t, conf, identity.CredentialsTypeTOTP.String(), true)
|
||||
conf.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{"https://www.ory.sh/"})
|
||||
conf.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{returnToTS.URL})
|
||||
|
||||
t.Cleanup(func() {
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceSettingsRequiredAAL, string(identity.AuthenticatorAssuranceLevel1))
|
||||
|
|
@ -467,7 +468,7 @@ func TestFlowLifecycle(t *testing.T) {
|
|||
|
||||
testhelpers.MockHydrateCookieClient(t, client, ts.URL+"/mock-session")
|
||||
|
||||
settingsURL := ts.URL + settings.RouteInitBrowserFlow + "?return_to=https://www.ory.sh"
|
||||
settingsURL := ts.URL + settings.RouteInitBrowserFlow + "?return_to=" + url.QueryEscape(returnToTS.URL)
|
||||
req, err := http.NewRequest("GET", settingsURL, nil)
|
||||
require.NoError(t, err)
|
||||
|
||||
|
|
@ -592,7 +593,7 @@ func TestFlowLifecycle(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("case=returns session exchange code with any truthy value", func(t *testing.T) {
|
||||
conf.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{"https://www.ory.sh", "https://example.com"})
|
||||
conf.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{returnToTS.URL, "https://example.com"})
|
||||
parameters := []string{"true", "True", "1"}
|
||||
|
||||
for _, param := range parameters {
|
||||
|
|
@ -705,7 +706,7 @@ func TestFlowLifecycle(t *testing.T) {
|
|||
|
||||
t.Run("case=redirects if aal2 is requested and set up already without refresh", func(t *testing.T) {
|
||||
res, _ := initAuthenticatedFlow(t, url.Values{"aal": {"aal2"}, "set_aal": {"aal2"}}, false)
|
||||
assert.Contains(t, res.Request.URL.String(), "https://www.ory.sh")
|
||||
assert.Contains(t, res.Request.URL.String(), returnToTS.URL)
|
||||
})
|
||||
|
||||
t.Run("case=can not request aal2 on unauthenticated request", func(t *testing.T) {
|
||||
|
|
@ -716,7 +717,7 @@ func TestFlowLifecycle(t *testing.T) {
|
|||
|
||||
t.Run("case=ignores aal1 if session has aal1 already", func(t *testing.T) {
|
||||
res, _ := initAuthenticatedFlow(t, url.Values{"aal": {"aal1"}}, false)
|
||||
assert.Contains(t, res.Request.URL.String(), "https://www.ory.sh")
|
||||
assert.Contains(t, res.Request.URL.String(), returnToTS.URL)
|
||||
})
|
||||
|
||||
t.Run("case=aal0 is not a valid value", func(t *testing.T) {
|
||||
|
|
@ -745,12 +746,12 @@ func TestFlowLifecycle(t *testing.T) {
|
|||
|
||||
t.Run("case=does not set forced flag on authenticated request without refresh=true", func(t *testing.T) {
|
||||
res, _ := initAuthenticatedFlow(t, url.Values{}, false)
|
||||
assert.Contains(t, res.Request.URL.String(), "https://www.ory.sh")
|
||||
assert.Contains(t, res.Request.URL.String(), returnToTS.URL)
|
||||
})
|
||||
|
||||
t.Run("case=does not set forced flag on authenticated request with refresh=false", func(t *testing.T) {
|
||||
res, _ := initAuthenticatedFlow(t, url.Values{"refresh": {"false"}}, false)
|
||||
assert.Contains(t, res.Request.URL.String(), "https://www.ory.sh")
|
||||
assert.Contains(t, res.Request.URL.String(), returnToTS.URL)
|
||||
})
|
||||
|
||||
t.Run("case=does set forced flag on authenticated request with refresh=true", func(t *testing.T) {
|
||||
|
|
@ -851,7 +852,7 @@ func TestGetFlow(t *testing.T) {
|
|||
conf, reg := internal.NewFastRegistryWithMocks(t)
|
||||
public, _ := testhelpers.NewKratosServerWithCSRF(t, reg)
|
||||
_ = testhelpers.NewErrorTestServer(t, reg)
|
||||
_ = testhelpers.NewRedirTS(t, "", conf)
|
||||
returnToTS := testhelpers.NewRedirTS(t, "", conf)
|
||||
|
||||
testhelpers.SetDefaultIdentitySchema(conf, "file://./stub/password.schema.json")
|
||||
conf.MustSet(ctx, config.ViperKeyIdentitySchemas, config.Schemas{
|
||||
|
|
@ -868,7 +869,7 @@ func TestGetFlow(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
}))
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceLoginUI, ts.URL)
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, "https://www.ory.sh")
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, returnToTS.URL)
|
||||
t.Cleanup(ts.Close)
|
||||
return ts
|
||||
}
|
||||
|
|
@ -916,7 +917,7 @@ func TestGetFlow(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("case=expired with return_to and schema_id", func(t *testing.T) {
|
||||
returnTo := "https://www.ory.sh"
|
||||
returnTo := returnToTS.URL
|
||||
conf.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{returnTo})
|
||||
|
||||
client := testhelpers.NewClientWithCookies(t)
|
||||
|
|
|
|||
|
|
@ -75,8 +75,9 @@ func TestInitFlow(t *testing.T) {
|
|||
router := x.NewRouterPublic(reg)
|
||||
publicTS, _ := testhelpers.NewKratosServerWithRouters(t, reg, router, x.NewRouterAdmin(reg))
|
||||
recoveryTS := testhelpers.NewRecoveryUIFlowEchoServer(t, reg)
|
||||
returnToTS := testhelpers.NewRedirTS(t, "", conf)
|
||||
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, "https://www.ory.sh")
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, returnToTS.URL)
|
||||
testhelpers.SetDefaultIdentitySchema(conf, "file://./stub/identity.schema.json")
|
||||
|
||||
assertion := func(body []byte, isForced, isApi bool) {
|
||||
|
|
@ -169,7 +170,7 @@ func TestInitFlow(t *testing.T) {
|
|||
|
||||
t.Run("case=fails on authenticated request", func(t *testing.T) {
|
||||
res, _ := initAuthenticatedFlow(t, false, false)
|
||||
assert.Contains(t, res.Request.URL.String(), "https://www.ory.sh")
|
||||
assert.Contains(t, res.Request.URL.String(), returnToTS.URL)
|
||||
})
|
||||
|
||||
t.Run("case=relative redirect when self-service recovery ui is a relative URL", func(t *testing.T) {
|
||||
|
|
@ -211,6 +212,7 @@ func TestGetFlow(t *testing.T) {
|
|||
map[string]interface{}{"enabled": true})
|
||||
testhelpers.SetDefaultIdentitySchema(conf, "file://./stub/identity.schema.json")
|
||||
|
||||
returnToTS := testhelpers.NewRedirTS(t, "", conf)
|
||||
public, _ := testhelpers.NewKratosServerWithCSRF(t, reg)
|
||||
_ = testhelpers.NewErrorTestServer(t, reg)
|
||||
_ = testhelpers.NewRedirTS(t, "", conf)
|
||||
|
|
@ -261,7 +263,7 @@ func TestGetFlow(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("case=expired with return_to", func(t *testing.T) {
|
||||
returnTo := "https://www.ory.sh"
|
||||
returnTo := returnToTS.URL
|
||||
conf.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{returnTo})
|
||||
client := testhelpers.NewClientWithCookies(t)
|
||||
setupRecoveryTS(t, client)
|
||||
|
|
|
|||
|
|
@ -116,9 +116,10 @@ func TestInitFlow(t *testing.T) {
|
|||
router := x.NewRouterPublic(reg)
|
||||
publicTS, _ := testhelpers.NewKratosServerWithRouters(t, reg, router, x.NewRouterAdmin(reg))
|
||||
registrationTS := testhelpers.NewRegistrationUIFlowEchoServer(t, reg)
|
||||
returnToTS := testhelpers.NewRedirTS(t, "return_to", conf)
|
||||
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceRegistrationEnabled, true)
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, "https://www.ory.sh")
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, returnToTS.URL)
|
||||
|
||||
conf.MustSet(ctx, config.ViperKeyIdentitySchemas, config.Schemas{
|
||||
{ID: "default", URL: "file://./stub/registration.schema.json"},
|
||||
|
|
@ -277,12 +278,12 @@ func TestInitFlow(t *testing.T) {
|
|||
|
||||
t.Run("case=redirects when already authenticated", func(t *testing.T) {
|
||||
res, _ := initAuthenticatedFlow(t, false, false)
|
||||
assert.Contains(t, res.Request.URL.String(), "https://www.ory.sh")
|
||||
assert.Contains(t, res.Request.URL.String(), returnToTS.URL)
|
||||
})
|
||||
|
||||
t.Run("case=responds with error if already authenticated and SPA", func(t *testing.T) {
|
||||
res, body := initAuthenticatedFlow(t, false, true)
|
||||
assert.NotContains(t, res.Request.URL.String(), "https://www.ory.sh")
|
||||
assert.NotContains(t, res.Request.URL.String(), returnToTS.URL)
|
||||
assert.Equal(t, http.StatusBadRequest, res.StatusCode)
|
||||
assertx.EqualAsJSON(t, registration.ErrAlreadyLoggedIn, json.RawMessage(gjson.GetBytes(body, "error").Raw), "%s", body)
|
||||
})
|
||||
|
|
@ -378,6 +379,7 @@ func TestGetFlow(t *testing.T) {
|
|||
ctx := context.Background()
|
||||
conf, reg := internal.NewFastRegistryWithMocks(t)
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceRegistrationEnabled, true)
|
||||
returnToTS := testhelpers.NewRedirTS(t, "return_to", conf)
|
||||
|
||||
conf.MustSet(ctx, config.ViperKeyIdentitySchemas, config.Schemas{
|
||||
{ID: "email", URL: "file://./stub/registration.schema.json", SelfserviceSelectable: true},
|
||||
|
|
@ -440,7 +442,7 @@ func TestGetFlow(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("case=expired with return_to and identity_schema", func(t *testing.T) {
|
||||
returnTo := "https://www.ory.sh"
|
||||
returnTo := returnToTS.URL
|
||||
conf.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{returnTo})
|
||||
|
||||
client := testhelpers.NewClientWithCookies(t)
|
||||
|
|
|
|||
|
|
@ -22,8 +22,8 @@ import (
|
|||
|
||||
func initViper(t *testing.T, ctx context.Context, c *config.Config) {
|
||||
testhelpers.SetDefaultIdentitySchema(c, "file://./stub/default.schema.json")
|
||||
c.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, "https://www.ory.sh")
|
||||
c.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{"https://www.ory.sh"})
|
||||
c.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, "https://www.ory.com")
|
||||
c.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{"https://www.ory.com"})
|
||||
c.MustSet(ctx, config.ViperKeySelfServiceStrategyConfig+"."+identity.CredentialsTypePassword.String()+".enabled", true)
|
||||
c.MustSet(ctx, config.ViperKeySelfServiceStrategyConfig+"."+string(recovery.RecoveryStrategyCode)+".enabled", true)
|
||||
c.MustSet(ctx, config.ViperKeySelfServiceRecoveryEnabled, true)
|
||||
|
|
|
|||
|
|
@ -17,8 +17,8 @@ import (
|
|||
func initViper(t *testing.T, c *config.Config) {
|
||||
ctx := context.Background()
|
||||
testhelpers.SetDefaultIdentitySchema(c, "file://./stub/default.schema.json")
|
||||
c.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, "https://www.ory.sh")
|
||||
c.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{"https://www.ory.sh"})
|
||||
c.MustSet(ctx, config.ViperKeySelfServiceBrowserDefaultReturnTo, "https://www.ory.com")
|
||||
c.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{"https://www.ory.com"})
|
||||
c.MustSet(ctx, config.ViperKeySelfServiceStrategyConfig+"."+identity.CredentialsTypePassword.String()+".enabled", true)
|
||||
c.MustSet(ctx, config.ViperKeySelfServiceStrategyConfig+"."+string(recovery.RecoveryStrategyLink)+".enabled", true)
|
||||
c.MustSet(ctx, config.ViperKeySelfServiceRecoveryUse, "link")
|
||||
|
|
|
|||
|
|
@ -92,14 +92,14 @@ func TestCompleteLogin(t *testing.T) {
|
|||
conf, reg := internal.NewFastRegistryWithMocks(t)
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceStrategyConfig+"."+string(identity.CredentialsTypePassword), map[string]interface{}{"enabled": true})
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceStrategyConfig+"."+string(identity.CredentialsTypeTOTP), map[string]interface{}{"enabled": true})
|
||||
conf.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{"https://www.ory.sh"})
|
||||
redirTS := testhelpers.NewRedirSessionEchoTS(t, reg)
|
||||
conf.MustSet(ctx, config.ViperKeyURLsAllowedReturnToDomains, []string{redirTS.URL + "/return-to-wherever"})
|
||||
|
||||
router := x.NewRouterPublic(reg)
|
||||
publicTS, _ := testhelpers.NewKratosServerWithRouters(t, reg, router, x.NewRouterAdmin(reg))
|
||||
|
||||
errTS := testhelpers.NewErrorTestServer(t, reg)
|
||||
uiTS := testhelpers.NewLoginUIFlowEchoServer(t, reg)
|
||||
redirTS := testhelpers.NewRedirSessionEchoTS(t, reg)
|
||||
|
||||
// Overwrite these two to make it more explicit when tests fail
|
||||
conf.MustSet(ctx, config.ViperKeySelfServiceErrorUI, errTS.URL+"/error-ts")
|
||||
|
|
@ -347,7 +347,7 @@ func TestCompleteLogin(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("type=browser set return_to", func(t *testing.T) {
|
||||
returnTo := "https://www.ory.sh"
|
||||
returnTo := redirTS.URL + "/return-to-wherever"
|
||||
body, res := doBrowserFlow(t, false, payload, id, returnTo)
|
||||
t.Log(res.Request.URL.String())
|
||||
assert.Contains(t, res.Request.URL.String(), returnTo)
|
||||
|
|
@ -362,7 +362,7 @@ func TestCompleteLogin(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("type=spa set return_to", func(t *testing.T) {
|
||||
returnTo := "https://www.ory.sh"
|
||||
returnTo := redirTS.URL + "/return-to-wherever"
|
||||
body, res := doBrowserFlow(t, true, payload, id, returnTo)
|
||||
check(t, false, body, res)
|
||||
assert.EqualValues(t, flow.ContinueWithActionRedirectBrowserToString, gjson.Get(body, "continue_with.0.action").String(), "%s", body)
|
||||
|
|
@ -430,7 +430,7 @@ func TestCompleteLogin(t *testing.T) {
|
|||
id, pwd, _ := createIdentity(t, reg)
|
||||
|
||||
t.Run("type=browser", func(t *testing.T) {
|
||||
returnTo := "https://www.ory.sh"
|
||||
returnTo := redirTS.URL + "/return-to-wherever"
|
||||
browserClient := testhelpers.NewClientWithCookies(t)
|
||||
f := testhelpers.InitializeLoginFlowViaBrowser(t, browserClient, publicTS, false, false, false, false, testhelpers.InitFlowWithReturnTo(returnTo))
|
||||
|
||||
|
|
|
|||
|
|
@ -16,3 +16,5 @@ func MustEncodeJSON(t *testing.T, in interface{}) string {
|
|||
require.NoError(t, json.NewEncoder(&b).Encode(in))
|
||||
return b.String()
|
||||
}
|
||||
|
||||
const HostedHttpBin = "https://ory-network-httpbin-ijakee5waq-ez.a.run.app"
|
||||
|
|
|
|||
Loading…
Reference in New Issue