-
Notifications
You must be signed in to change notification settings - Fork 138
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add OAuth2redirectTest #1310
Draft
christiangoerdes
wants to merge
36
commits into
master
Choose a base branch
from
OAuth2redirectTest
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Draft
Add OAuth2redirectTest #1310
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This pull request needs "/ok-to-test" from an authorized committer. |
TODO Configure OAuth2
- Introduce new tests for GET and POST requests to validate OAuth2 redirection process. - Add `ReturnInterceptor` to handle HTTP responses. - Update the configuration for `MembraneAuthorizationService`. - Initialize `MockAuthorizationServer` with login/logout simulation. - Refactor setup and teardown methods for better resource management.
Implement URL decoding for state parameters in the OAuth2RedirectTest. Add tests to validate redirection status codes (307) during authentication flow and ensure headers contain correct locations. Introduce a new ConditionalInterceptor method for easier interceptor creation. Update B2CTestConfig to include clientPort configuration.
- Add UTF-8 charset import for decoding in URLParamUtil. - Introduce CLIENT_URL and AUTH_SERVER_URL constants for maintainability. - Ensure cookies are included in GET requests to follow redirections properly. - Clean up unused code and comments for better readability.
- Add null check for token endpoint in MembraneAuthorizationService. - Refactor LogHelper methods to include conditional logging. - Configure OAuth2 authorization server with user data, clients, and claims in OAuth2RedirectTest. - Introduce azureRouter to handle OAuth2 requests and responses with appropriate interceptors. - Add logging configuration to manage access and application logs. - WIP!
Refactor OAuth2RedirectTest for clarity and update authentication simulation steps - Remove unused imports to clean up the code. - Set location and consent file paths in the OAuth2AuthorizationServerInterceptor. - Add detailed steps for user authentication simulation at the auth server. - Implement checks and assertions for redirect responses and session cookies.
/ok-to-test |
rrayst
requested changes
Oct 25, 2024
core/src/main/java/com/predic8/membrane/core/interceptor/oauth2client/rf/LogHelper.java
Outdated
Show resolved
Hide resolved
rrayst
reviewed
Oct 25, 2024
core/src/main/java/com/predic8/membrane/core/interceptor/oauth2client/rf/StateManager.java
Show resolved
Hide resolved
predic8
reviewed
Oct 30, 2024
core/src/test/java/com/predic8/membrane/core/OAuth2RedirectTest.java
Outdated
Show resolved
Hide resolved
predic8
reviewed
Oct 30, 2024
core/src/test/java/com/predic8/membrane/core/OAuth2RedirectTest.java
Outdated
Show resolved
Hide resolved
predic8
reviewed
Oct 30, 2024
core/src/test/java/com/predic8/membrane/core/OAuth2RedirectTest.java
Outdated
Show resolved
Hide resolved
rrayst
previously approved these changes
Oct 31, 2024
rrayst
reviewed
Nov 7, 2024
rrayst
previously approved these changes
Nov 7, 2024
OK, so far. But this introduces adds a failing test to the suite. Either remove it from the suite or fix the underlying problem. |
…h2AuthFlowClient test - Implement redirect logic in `doRedirect` method using HttpClient to handle GET requests. - Capture original request exchange and print destination for debugging. - Update test case to follow POST redirection in `OAuth2AuthFlowClient`.
- Add logic to manage GET and non-GET requests differently - Utilize a HttpClient to carry out the redirect process - Generate a unique redirect key and store it in the session for non-GET requests - Update the original request URI with the generated redirect parameter for proper redirection
…quests - Consolidate test steps into methods for better readability and maintainability. - Introduce separate handling for GET and POST requests in OAuth2AuthFlowClient. - Implement a session mechanism to store redirected responses. - Ensure assertions validate that the expected URLs are retained after redirection.
- Import `assertTrue` for testing. - Update `OAuth2RedirectTest` to assert that the target URL starts with the expected format, ensuring proper handling of the `oa2redirect` parameter.
/ok-to-test |
rrayst
requested changes
Dec 9, 2024
...java/com/predic8/membrane/core/interceptor/oauth2client/rf/OAuth2CallbackRequestHandler.java
Outdated
Show resolved
Hide resolved
NOT MERGE READY |
- Rename `doRedirect` to `continueOriginalExchange` for clarity. - Improve the handling of original requests in the OAuth2 callback process. - Update `OAuth2RedirectTest` to verify that the interceptor chain continues correctly after the OAuth2 flow. - Remove redundant `@AfterAll` method and replace with `@AfterEach` for proper resource cleanup.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.