Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -11,5 +11,5 @@ kiwitcms-trackers-integration==1.4.0
psycopg-pool==3.3.1
python3-saml==1.16.0
sentry-sdk[django]==2.64.0
social-auth-app-django==5.9.0
social-auth-app-django==6.0.0
social-auth-kerberos==0.3.2
10 changes: 7 additions & 3 deletions tcms_enterprise/templates/registration/custom_login.html
Original file line number Diff line number Diff line change
Expand Up @@ -28,11 +28,15 @@
</p>

{% for backend in backends.backends %}
<a href='{% tenant_url request "public" %}{% url "social:begin" backend|lower %}?next={% next_url request %}'>
<form
class="inline-display"
method="post"
action='{% tenant_url request "public" %}{% url "social:begin" backend|lower %}?next={% next_url request %}'>
{% csrf_token %}
{% with "images/social_auth/backends/"|add:backend|lower|add:".png" as image_path %}
<img src='{% static image_path %}' alt="{{ backend|title }} login" title="{{ backend|title }} login">
<input type="image" src='{% static image_path %}' alt="{{ backend|title }} login" id="{{ backend|lower }}-login">
{% endwith %}
</a>
</form>
&nbsp;
{% endfor %}
</div>
Expand Down
7 changes: 5 additions & 2 deletions testing/keycloak.robot
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Copyright (c) 2021 Alexander Todorov <atodorov@otb.bg>
# Copyright (c) 2021-2026 Alexander Todorov <atodorov@otb.bg>
#
# Licensed under GNU Affero General Public License v3 or later (AGPLv3+)
# https://www.gnu.org/licenses/agpl-3.0.html
Expand All @@ -10,7 +10,7 @@ Library SeleniumLibrary
${SERVER} https://testing.example.bg
${BROWSER} Headless Firefox
${DELAY} 0
${LOGIN_URL} ${SERVER}/login/keycloak
${LOGIN_URL} ${SERVER}/accounts/login/
${DASHBOARD_URL} ${SERVER}/


Expand All @@ -19,6 +19,9 @@ Login via Keycloak
Open Browser ${LOGIN_URL} ${BROWSER}
Maximize Browser Window
Set Selenium Speed ${DELAY}
Title Should Be Kiwi TCMS - Login

Click Element id:keycloak-login
Title Should Be Sign in to kiwi

Input Text username kc_atodorov
Expand Down
11 changes: 3 additions & 8 deletions testing/test_docker.sh
Original file line number Diff line number Diff line change
Expand Up @@ -134,24 +134,21 @@ rlJournalStart
# template override for social icons
rlAssertGrep "Continue with" page.html

# social backends are listed
# for ICON in tcms_enterprise/static/images/social_auth/backends/*.png; do
# BACKEND=`basename $ICON | sed 's/.png//'`
# check only the backends enabled in test_settings.py b/c the directory above
# contains more images than backends which can be enabled during testing
for BACKEND in kerberos keycloak gitlab github github-app fedora; do
rlAssertGrep "/login/$BACKEND/" page.html
rlAssertGrep "<img src='/static/images/social_auth/backends/$BACKEND.*.png'" page.html
rlAssertGrep "<input type=\"image\" src='/static/images/social_auth/backends/$BACKEND.*.png'" page.html
done

# social icons are present
for URL in `cat page.html | grep "/static/images/social_auth/backends/" | cut -d= -f2 | cut -d"'" -f2`; do
for URL in `cat page.html | grep "/static/images/social_auth/backends/" | cut -d= -f3 | cut -d"'" -f2`; do
rlLogInfo "Verify image $URL is present"
rlRun -t -c "curl -k -f -o /dev/null $HTTPS/$URL"
done

# social icons point to correct backend login URL, even with port
for BACKEND in `cat page.html | grep "/static/images/social_auth/backends/" | cut -d= -f2 | cut -d"'" -f2 | cut -f6 -d/ | cut -f1 -d.`; do
for BACKEND in `cat page.html | grep "/static/images/social_auth/backends/" | cut -d= -f3 | cut -d"'" -f2 | cut -f6 -d/ | cut -f1 -d.`; do
rlLogInfo "Verify $BACKEND login is present"
rlAssertGrep "https://testing.example.bg/login/$BACKEND/?next=/" page.html
done
Expand Down Expand Up @@ -234,10 +231,8 @@ rlJournalStart
# NOTE: we can't exercise the POST request against login & password reset pages b/c they also require cookies and/or
# CSRF tokens which are delivered via GET request/HTML form rendering
rlPhaseStartTest "NO LOGIN - /accounts/login/ does not display username/password form"
rlRun -t -c "curl -k -D- -o- --referer no_login_login_page https://no-login.example.bg:8443/accounts/login/ | grep '<form '" 1
rlRun -t -c "curl -k -D- -o- --referer no_login_login_page https://no-login.example.bg:8443/accounts/login/ | grep 'inputUsername'" 1
rlRun -t -c "curl -k -D- -o- --referer no_login_login_page https://no-login.example.bg:8443/accounts/login/ | grep 'inputPassword'" 1
rlRun -t -c "curl -k -D- -o- --referer no_login_login_page https://no-login.example.bg:8443/accounts/login/ | grep 'csrfmiddlewaretoken'" 1
rlPhaseEnd

rlPhaseStartTest "Sanity test - Keycloak login"
Expand Down