d3c930cac6
- Introduced new endpoints for managing identity providers, including retrieval of redirect URIs and testing/syncing providers. - Enhanced organization settings to include identity provider configurations, allowing for self-enrollment and domain restrictions. - Implemented caching for access policies and added validation for identity provider secrets. - Added integration tests to ensure proper functionality of identity provider management and policy enforcement.
47 lines
1.2 KiB
Go
47 lines
1.2 KiB
Go
package authentik
|
|
|
|
import "testing"
|
|
|
|
func TestOAuthPresetForGoogle(t *testing.T) {
|
|
preset := OAuthPresetFor("google")
|
|
if preset.ProviderType != "google" {
|
|
t.Fatalf("provider type = %q", preset.ProviderType)
|
|
}
|
|
if preset.AuthorizationURL == "" || preset.AccessTokenURL == "" {
|
|
t.Fatal("expected google oauth endpoints")
|
|
}
|
|
}
|
|
|
|
func TestOAuthRedirectURI(t *testing.T) {
|
|
got := OAuthRedirectURI("http://localhost/auth", "google-workspace")
|
|
want := "http://localhost/auth/source/oauth/callback/google-workspace/"
|
|
if got != want {
|
|
t.Fatalf("redirect uri = %q, want %q", got, want)
|
|
}
|
|
}
|
|
|
|
func TestRemovedIdentityProviders(t *testing.T) {
|
|
before := map[string]any{
|
|
"identity_providers": map[string]any{
|
|
"providers": []any{
|
|
map[string]any{"id": "a", "authentik_pk": 1, "type": "oauth"},
|
|
map[string]any{"id": "b", "authentik_pk": 2, "type": "saml"},
|
|
},
|
|
},
|
|
}
|
|
after := map[string]any{
|
|
"identity_providers": map[string]any{
|
|
"providers": []any{
|
|
map[string]any{"id": "a", "authentik_pk": 1, "type": "oauth"},
|
|
},
|
|
},
|
|
}
|
|
removed := RemovedIdentityProviders(before, after)
|
|
if len(removed) != 1 {
|
|
t.Fatalf("removed count = %d, want 1", len(removed))
|
|
}
|
|
if id, _ := removed[0]["id"].(string); id != "b" {
|
|
t.Fatalf("removed id = %q", id)
|
|
}
|
|
}
|