From 7cd7ae2dd9306b7fdf4a35df6b1713bf219a7b37 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Mon, 12 May 2025 21:22:46 +0200 Subject: [PATCH 1/6] add e2e test for SFE login Signed-off-by: Jens Langhammer --- tests/e2e/test_flows_login_sfe.py | 51 +++++++++++++++++++++++++++++++ tests/e2e/utils.py | 2 +- 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 tests/e2e/test_flows_login_sfe.py diff --git a/tests/e2e/test_flows_login_sfe.py b/tests/e2e/test_flows_login_sfe.py new file mode 100644 index 000000000000..2200a57aa388 --- /dev/null +++ b/tests/e2e/test_flows_login_sfe.py @@ -0,0 +1,51 @@ +"""test default login (using SFE interface) flow""" + +from time import sleep + +from selenium.webdriver.common.by import By +from selenium.webdriver.common.keys import Keys + +from authentik.blueprints.tests import apply_blueprint +from tests.e2e.utils import SeleniumTestCase, retry + + +class TestFlowsLoginSFE(SeleniumTestCase): + """test default login flow""" + + def login(self): + """Do entire login flow adjusted for SFE""" + flow_executor = self.driver.find_element(By.ID, "flow-sfe-container") + identification_stage = flow_executor.find_element(By.ID, "ident-form") + + identification_stage.find_element(By.CSS_SELECTOR, "input[name=uid_field]").click() + identification_stage.find_element(By.CSS_SELECTOR, "input[name=uid_field]").send_keys( + self.user.username + ) + identification_stage.find_element(By.CSS_SELECTOR, "input[name=uid_field]").send_keys( + Keys.ENTER + ) + + password_stage = flow_executor.find_element(By.ID, "password-form") + password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys( + self.user.username + ) + password_stage.find_element(By.CSS_SELECTOR, "input[name=password]").send_keys(Keys.ENTER) + sleep(1) + + @retry() + @apply_blueprint( + "default/flow-default-authentication-flow.yaml", + "default/flow-default-invalidation-flow.yaml", + ) + def test_login(self): + """test default login flow""" + self.driver.get( + self.url( + "authentik_core:if-flow", + flow_slug="default-authentication-flow", + query={"sfe": True}, + ) + ) + self.login() + self.wait_for_url(self.if_user_url("/library")) + self.assert_user(self.user) diff --git a/tests/e2e/utils.py b/tests/e2e/utils.py index 88d9ec867d99..ce5c3480c8b3 100644 --- a/tests/e2e/utils.py +++ b/tests/e2e/utils.py @@ -241,7 +241,7 @@ def get_shadow_root( return element def login(self): - """Do entire login flow and check user afterwards""" + """Do entire login flow""" flow_executor = self.get_shadow_root("ak-flow-executor") identification_stage = self.get_shadow_root("ak-stage-identification", flow_executor) From d959bddaeea46167a2ef8a08a71a826bdc0ddc82 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Mon, 12 May 2025 21:22:57 +0200 Subject: [PATCH 2/6] add helper text in SFE on password stage Signed-off-by: Jens Langhammer --- web/packages/sfe/src/index.ts | 3 +++ 1 file changed, 3 insertions(+) diff --git a/web/packages/sfe/src/index.ts b/web/packages/sfe/src/index.ts index a4cc79b62f1f..6d6372fe1188 100644 --- a/web/packages/sfe/src/index.ts +++ b/web/packages/sfe/src/index.ts @@ -210,6 +210,9 @@ class PasswordStage extends Stage {

${this.challenge?.flowInfo?.title}

+
+ +
0 ? IS_INVALID : ""}" name="password" placeholder="Password"> ${this.renderInputError("password")} From a58e1f251eaad227259051cae686c52e8732e8ce Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Mon, 12 May 2025 21:46:42 +0200 Subject: [PATCH 3/6] build sfe for e2e Signed-off-by: Jens Langhammer --- .github/workflows/ci-main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml index 9f1f006f2627..d33fc041f943 100644 --- a/.github/workflows/ci-main.yml +++ b/.github/workflows/ci-main.yml @@ -207,7 +207,7 @@ jobs: run: | npm ci make -C .. gen-client-ts - npm run build + npm run build build:sfe - name: run e2e run: | uv run coverage run manage.py test ${{ matrix.job.glob }} From 2eae4657fc1e33c5107016cba7ff1269046653e1 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 13 May 2025 01:37:33 +0200 Subject: [PATCH 4/6] fix ci e2e cache key not considering sfe Signed-off-by: Jens Langhammer --- .github/workflows/ci-main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml index d33fc041f943..56005fcf5885 100644 --- a/.github/workflows/ci-main.yml +++ b/.github/workflows/ci-main.yml @@ -200,7 +200,7 @@ jobs: uses: actions/cache@v4 with: path: web/dist - key: ${{ runner.os }}-web-${{ hashFiles('web/package-lock.json', 'web/src/**') }} + key: ${{ runner.os }}-web-${{ hashFiles('web/package-lock.json', 'web/src/**', 'web/packages/sfe/src/**') }} - name: prepare web ui if: steps.cache-web.outputs.cache-hit != 'true' working-directory: web From de27aae77e2f1dc63450d86bbd773d0ed757067c Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 13 May 2025 01:37:44 +0200 Subject: [PATCH 5/6] fix sfe missing from docker build Signed-off-by: Jens Langhammer --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 6000e0b0904a..ac7bb76708b7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -40,7 +40,7 @@ COPY ./web /work/web/ COPY ./website /work/website/ COPY ./gen-ts-api /work/web/node_modules/@goauthentik/api -RUN npm run build +RUN npm run build build:sfe # Stage 3: Build go proxy FROM --platform=${BUILDPLATFORM} docker.io/library/golang:1.24-bookworm AS go-builder From 4337f6d195ae87c57cda27cb639a075513f0ae57 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 13 May 2025 01:46:21 +0200 Subject: [PATCH 6/6] sigh I forgot npm Signed-off-by: Jens Langhammer --- .github/workflows/ci-main.yml | 5 +++-- Dockerfile | 3 ++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml index 56005fcf5885..4f9ea169da3d 100644 --- a/.github/workflows/ci-main.yml +++ b/.github/workflows/ci-main.yml @@ -200,14 +200,15 @@ jobs: uses: actions/cache@v4 with: path: web/dist - key: ${{ runner.os }}-web-${{ hashFiles('web/package-lock.json', 'web/src/**', 'web/packages/sfe/src/**') }} + key: ${{ runner.os }}-web-${{ hashFiles('web/package-lock.json', 'web/src/**', 'web/packages/sfe/src/**') }}-b - name: prepare web ui if: steps.cache-web.outputs.cache-hit != 'true' working-directory: web run: | npm ci make -C .. gen-client-ts - npm run build build:sfe + npm run build + npm run build:sfe - name: run e2e run: | uv run coverage run manage.py test ${{ matrix.job.glob }} diff --git a/Dockerfile b/Dockerfile index ac7bb76708b7..f32cae33876d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -40,7 +40,8 @@ COPY ./web /work/web/ COPY ./website /work/website/ COPY ./gen-ts-api /work/web/node_modules/@goauthentik/api -RUN npm run build build:sfe +RUN npm run build && \ + npm run build:sfe # Stage 3: Build go proxy FROM --platform=${BUILDPLATFORM} docker.io/library/golang:1.24-bookworm AS go-builder