initial prototype based on nat-as-server
Some checks failed
PHPUnit / test (push) Has been cancelled
Some checks failed
PHPUnit / test (push) Has been cancelled
This commit is contained in:
68
tests/Integration/AuthTest.php
Normal file
68
tests/Integration/AuthTest.php
Normal file
@ -0,0 +1,68 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace Tests\Integration;
|
||||
|
||||
use Tests\Support\DatabaseSeeder;
|
||||
use Tests\Support\QdbTestCase;
|
||||
|
||||
final class AuthTest extends QdbTestCase
|
||||
{
|
||||
public function testAdminLoginSuccess(): void
|
||||
{
|
||||
$res = $this->api()->loginWeb(DatabaseSeeder::ADMIN_USERNAME, DatabaseSeeder::PASSWORD);
|
||||
$this->assertApiOk($res);
|
||||
$this->assertNotEmpty($res['data']['token']);
|
||||
$this->assertSame('admin', $res['data']['role']);
|
||||
}
|
||||
|
||||
public function testInvalidCredentials(): void
|
||||
{
|
||||
$res = $this->api()->loginWeb(DatabaseSeeder::ADMIN_USERNAME, 'wrong');
|
||||
$this->assertApiError($res, 'INVALID_CREDENTIALS', 401);
|
||||
}
|
||||
|
||||
public function testCoachBlockedOnWebClient(): void
|
||||
{
|
||||
$res = $this->api()->loginWeb(DatabaseSeeder::COACH_USERNAME, DatabaseSeeder::PASSWORD);
|
||||
$this->assertApiError($res, 'FORBIDDEN', 403);
|
||||
}
|
||||
|
||||
public function testRateLimitAfterFailures(): void
|
||||
{
|
||||
require_once dirname(__DIR__, 2) . '/lib/settings.php';
|
||||
[$pdo, $tmpDb, $lockFp] = qdb_open(true);
|
||||
qdb_settings_save_on_pdo($pdo, qdb_settings_validate_and_merge([
|
||||
'login_max_attempts' => 2,
|
||||
'login_window_seconds' => 600,
|
||||
'login_lockout_seconds' => 600,
|
||||
], qdb_settings_get_on_pdo($pdo)));
|
||||
qdb_save($tmpDb, $lockFp);
|
||||
|
||||
$this->api()->loginWeb('rate_user', 'bad1');
|
||||
$this->api()->loginWeb('rate_user', 'bad2');
|
||||
$res = $this->api()->loginWeb('rate_user', 'bad3');
|
||||
$this->assertApiError($res, 'RATE_LIMITED', 429);
|
||||
}
|
||||
|
||||
public function testMissingFields(): void
|
||||
{
|
||||
$res = $this->api()->request('POST', 'auth/login', ['username' => '']);
|
||||
$this->assertApiError($res, 'MISSING_FIELDS', 400);
|
||||
}
|
||||
|
||||
public function testKeycloakConfigDisabledByDefault(): void
|
||||
{
|
||||
$res = $this->api()->request('GET', 'auth/keycloak-config');
|
||||
$this->assertApiOk($res);
|
||||
$this->assertFalse($res['data']['enabled']);
|
||||
$this->assertSame('', $res['data']['loginUrl']);
|
||||
}
|
||||
|
||||
public function testKeycloakLoginRequiresConfiguration(): void
|
||||
{
|
||||
$res = $this->api()->request('GET', 'auth/keycloak-login');
|
||||
$this->assertApiError($res, 'KEYCLOAK_NOT_CONFIGURED', 503);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user