From fae403d15d75e00d5794003a67dbd66f75341158 Mon Sep 17 00:00:00 2001 From: Bas Date: Thu, 9 Jan 2025 10:17:33 +0100 Subject: [PATCH] Update Devconf installation and docs Use Devconf settings in the parameters.yml.dist, so devconf will work out-of-the-box for development. Also remove the old StepupDeploy VM parameters.yml. And update the readme to reflect the use of devconf. Also updated the hostnames and keys to be able to use the devconf Docker containers. --- .github/workflows/run-cypress.yml | 6 +- .github/workflows/test-integration.yml | 12 +- README.md | 18 +- app/AppKernel.php | 14 +- app/config/config_ci.yml | 4 +- app/config/functional_testing.yml.dist | 2 +- app/config/parameters.yml.dist | 65 ++-- app/config/parameters.yml.docker | 293 ------------------ .../files/engine.dev.openconext.local.crt | 22 ++ .../files/engine.dev.openconext.local.key | 28 ++ .../files/engine.vm.openconext.org.crt | 21 -- .../files/engine.vm.openconext.org.key | 28 -- composer.json | 3 +- composer.lock | 12 +- docker/Dockerfile.prod | 2 +- docker/{php-fpm => ci}/Dockerfile-php72 | 9 +- docker/ci/Dockerfile-php82 | 13 + docker/{php-fpm => ci}/apache2.conf | 9 +- docker/{php-fpm => ci}/app.ini | 0 docker/docker-compose-php72.yml | 4 +- docker/docker-compose-php82.yml | 4 +- docker/docker-compose.yml | 43 +-- docker/nginx/nginx.conf | 58 ---- docker/php-fpm/Dockerfile-php82 | 15 - .../Application/FunctionalTestDiContainer.php | 2 +- .../Application/TestDiContainer.php | 2 +- .../Controllers/ConsentController.php | 2 +- .../Features/AcsTinkering.feature | 2 +- .../Features/AttributeAggregation.feature | 2 +- .../Features/AttributeManipulation.feature | 6 +- .../AttributeManipulationException.feature | 2 +- ...nWithAllManipulationsBeforeConsent.feature | 2 +- .../Features/AttributeReleasePolicy.feature | 2 +- ...yWithAllManipulationsBeforeConsent.feature | 2 +- .../Features/AuthenticationLoop.feature | 2 +- .../Features/Bindings.feature | 2 +- .../Features/ClearErrorMessages.feature | 4 +- .../Features/Consent.feature | 2 +- .../Features/Debug.feature | 4 +- .../DisplayUnconnectedIdpsWayf.feature | 2 +- .../Features/EduPersonTargetedId.feature | 2 +- .../Features/Encryption.feature | 4 +- .../Features/FeedbackFooters.feature | 2 +- .../Features/FrontPage.feature | 2 +- .../Features/InternalCollabPersonId.feature | 2 +- .../Features/IsPassive.feature | 2 +- .../Features/LocaleSelection.feature | 2 +- .../Features/Logout.feature | 2 +- .../Features/Metadata.feature | 76 ++--- .../Features/MfaAuthnContextClassRef.feature | 2 +- .../Features/MultipleSingleSignOn.feature | 2 +- .../Features/NameIdFormat.feature | 2 +- .../Features/PolicyEnforcement.feature | 2 +- .../SignatureBypassVulnerability.feature | 2 +- .../Features/SingleSignOn.feature | 2 +- .../Features/SingleSignOnWithScoping.feature | 2 +- .../Features/SpProxy.feature | 4 +- .../Features/StatusCodes.feature | 2 +- .../Features/Stepup.feature | 44 +-- .../Features/StepupKeyRollover.feature | 9 +- .../Features/UnsolicitedSingleSignOn.feature | 2 +- .../UnsolicitedSingleSignOnDisabled.feature | 2 +- ...lTestingStepupGatewayMockConfiguration.php | 4 +- .../Fixtures/ServiceRegistryFixture.php | 2 +- .../Resources/config/services.yml | 4 +- tests/behat-ci.yml | 4 +- tests/behat.yml | 8 +- .../consent/consent.material.spec.js | 2 +- .../wayf/WayfMouseBehaviour.spec.js | 12 +- .../wayf/WayfShowsConnectedIdps.spec.js | 10 +- .../integration/shared/consent.a11y.spec.js | 2 +- .../shared/cookieRemoval.a11y.spec.js | 2 +- .../integration/shared/error.a11y.spec.js | 8 +- .../integration/shared/index.a11y.spec.js | 2 +- .../integration/shared/logout.a11y.spec.js | 4 +- .../integration/shared/wayf.a11y.spec.js | 2 +- .../skeune/consent/consent.general.spec.js | 4 +- .../skeune/consent/consent.keyboard.spec.js | 2 +- .../skeune/consent/consent.mouse.spec.js | 2 +- .../skeune/error/error.general.spec.js | 4 +- .../skeune/index/index.general.spec.js | 4 +- .../skeune/wayf/wayf.general.spec.js | 52 ++-- .../skeune/wayf/wayf.keyboard.spec.js | 26 +- .../skeune/wayf/wayf.mouse.spec.js | 12 +- tests/e2e/cypress/support/commands.js | 8 +- .../openconext/ConsentPage.spec.js | 2 +- .../openconext/ErrorPage.spec.js | 60 ++-- .../openconext/Footer.spec.js | 8 +- .../skeune/ConsentPage.spec.js | 2 +- .../skeune/ErrorPage.spec.js | 60 ++-- .../visual-regression/skeune/Footer.spec.js | 8 +- ...ttributeReleasePolicyControllerApiTest.php | 16 +- .../Api/ConnectionsControllerTest.php | 18 +- .../Controller/Api/ConsentControllerTest.php | 30 +- .../Api/DeprovisionControllerTest.php | 24 +- .../Api/HeartbeatControllerTest.php | 2 +- .../Assembler/PushMetadataAssemblerTest.php | 28 +- ...does_not_match_signature_reference_uri.xml | 8 +- .../resources/saml/responses/h01_response.xml | 10 +- .../multiple_assertions_response.xml | 14 +- .../multiple_signed_info_elements.xml | 8 +- .../signature_value_not_second_child.xml | 8 +- .../responses/signed_info_not_first_child.xml | 8 +- .../Metadata/LoaRepositoryTest.php | 10 +- .../EngineBlock/Metadata/LoaTest.php | 8 +- .../Metadata/MfaEntityCollectionTest.php | 18 +- theme/README.md | 18 +- 107 files changed, 537 insertions(+), 907 deletions(-) delete mode 100644 app/config/parameters.yml.docker create mode 100644 ci/qa-config/files/engine.dev.openconext.local.crt create mode 100644 ci/qa-config/files/engine.dev.openconext.local.key delete mode 100644 ci/qa-config/files/engine.vm.openconext.org.crt delete mode 100644 ci/qa-config/files/engine.vm.openconext.org.key rename docker/{php-fpm => ci}/Dockerfile-php72 (51%) create mode 100644 docker/ci/Dockerfile-php82 rename docker/{php-fpm => ci}/apache2.conf (82%) rename docker/{php-fpm => ci}/app.ini (100%) delete mode 100644 docker/nginx/nginx.conf delete mode 100644 docker/php-fpm/Dockerfile-php82 diff --git a/.github/workflows/run-cypress.yml b/.github/workflows/run-cypress.yml index bf801dd099..33f4efb7e2 100644 --- a/.github/workflows/run-cypress.yml +++ b/.github/workflows/run-cypress.yml @@ -29,7 +29,7 @@ jobs: run: | cd docker && ${DOCKER_COMPOSE} up -d --build && - docker compose exec -T --user www-data php-fpm.vm.openconext.org bash -c ' + docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' SYMFONY_ENV=ci composer install --prefer-dist -n -o --ignore-platform-reqs && \ ./app/console cache:clear --env=ci && \ cd theme && CYPRESS_INSTALL_BINARY=0 yarn install --frozen-lockfile && EB_THEME=skeune yarn build @@ -38,13 +38,13 @@ jobs: if: always() run: | cd docker && \ - docker compose exec -T --user www-data php-fpm.vm.openconext.org bash -c ' + docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' EB_THEME=skeune ./theme/scripts/prepare-test.js ' && \ docker compose exec -T cypress bash -c ' cd e2e && yarn install && cypress run --spec cypress/integration/skeune/**/*.spec.js,cypress/integration/shared/*.spec.js --browser=chrome --headless ' && \ - docker compose exec -T --user www-data php-fpm.vm.openconext.org bash -c ' + docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' EB_THEME=openconext ./theme/scripts/prepare-test.js ' && \ docker compose exec -T cypress bash -c ' diff --git a/.github/workflows/test-integration.yml b/.github/workflows/test-integration.yml index d6411f3930..fa790b6254 100644 --- a/.github/workflows/test-integration.yml +++ b/.github/workflows/test-integration.yml @@ -29,7 +29,7 @@ jobs: run: | cd docker && ${DOCKER_COMPOSE} up -d --build && - docker compose exec -T --user www-data php-fpm.vm.openconext.org bash -c ' + docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' SYMFONY_ENV=ci composer install --prefer-dist -n -o --ignore-platform-reqs && \ ./app/console cache:clear --env=ci && \ cd theme && CYPRESS_INSTALL_BINARY=0 yarn install --frozen-lockfile && EB_THEME=skeune yarn build @@ -37,7 +37,7 @@ jobs: - name: Run code quality tests if: always() run: | - cd docker && docker compose exec -T --user www-data php-fpm.vm.openconext.org bash -c ' + cd docker && docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' echo -e "\nPHP Mess Detector\n" && \ ./vendor/bin/phpmd src text ci/qa-config/phpmd.xml --exclude */Tests/* && \ echo -e "\nPHP CodeSniffer\n" && \ @@ -52,7 +52,7 @@ jobs: - name: Run unit tests if: always() run: | - cd docker && APP_ENV=ci docker compose exec -T --user www-data php-fpm.vm.openconext.org bash -c ' + cd docker && APP_ENV=ci SYMFONY_ENV=ci docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' echo -e "\nInstalling database fixtures...\n" && \ ./app/console doctrine:schema:drop --force --env=ci && \ ./app/console doctrine:schema:create --env=ci && \ @@ -70,7 +70,7 @@ jobs: - name: Run acceptance tests if: always() run: | - cd docker && docker compose exec -T --user www-data php-fpm.vm.openconext.org bash -c ' + cd docker && docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' echo -e "\nInstalling database fixtures...\n" && \ ./app/console doctrine:schema:drop --force --env=ci && \ ./app/console doctrine:schema:create --env=ci && \ @@ -86,7 +86,7 @@ jobs: - name: Run linting tests if: always() run: | - cd docker && docker compose exec -T --user www-data php-fpm.vm.openconext.org bash -c ' + cd docker && docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' echo -e "\nTwig lint\n" && \ app/console lint:twig theme/ && \ cd theme && \ @@ -98,7 +98,7 @@ jobs: - name: Show log on failure if: failure() run: | - cd docker && docker compose exec -T php-fpm.vm.openconext.org cat /opt/openconext/OpenConext-engineblock/app/logs/ci/ci.log + cd docker && docker compose exec -T engine.dev.openconext.local cat /var/www/html/app/logs/ci/ci.log - name: Send notification on production build nightly build failure uses: sonots/slack-notice-action@v3 with: diff --git a/README.md b/README.md index 27f9eec950..6604153e03 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ Finally, when not in an environment with the debug flag enabled, you need to cle $ php72 ./app/console cache:clear --env=prod ``` -To setup the required tooling on the VM, the following steps might be useful: +To setup the required tooling on the container, the following steps might be useful: cd /opt/openconext/OpenConext-engineblock/theme sudo curl --silent --location https://rpm.nodesource.com/setup_11.x | sudo bash - @@ -82,12 +82,12 @@ it is only regularly tested with RedHat Enterprise Linux and CentOS._ ## Installation -_**Note**: you are highly encouraged to use [OpenConext-Deploy][op-dep] to deploy OpenConext installations._ +_**Note**: you are highly encouraged to use [OpenConext-Devconf][op-dev] to deploy OpenConext installations._ If you are reading this then you've probably already installed a copy of EngineBlock somewhere on the destination server, if not, then that would be step 1 for the installation. -If you do not use [OpenConext-Deploy][op-dep] and have an installed copy and your server meets all the requirements +If you do not use [OpenConext-Devconf][op-dev] and have an installed copy and your server meets all the requirements above, then please follow the steps below to start your installation. ### First, create an empty database @@ -143,11 +143,11 @@ It should also serve both the `engine.yourdomain.example` and `engine-api.yourdo Make sure the `ENGINEBLOCK_ENV` is set, and that the `SYMFONY_ENV` is set, this can be mapped from `ENGINEBLOCK_ENV` as: | `ENGINEBLOCK_ENV` | `SYMFONY_ENV` | -| --- | --- | -| production | prod | -| acceptance | acc | -| test | test | -| vm | dev | +|-------------------| --- | +| production | prod | +| acceptance | acc | +| test | test | +| dev | dev | **EXAMPLE** @@ -254,7 +254,7 @@ Also, the following documentation can be found in the [docs][docs] directory: [notice]: NOTICE.txt [upgrading]: UPGRADING.md [comp]: https://getcomposer.org/ -[op-dep]: https://github.com/OpenConext/OpenConext-deploy +[op-dev]: https://github.com/OpenConext/OpenConext-devconf [manage]: https://github.com/OpenConext/OpenConext-manage [eb-wiki-theme-development]: https://github.com/OpenConext/OpenConext-engineblock/wiki/Development-Guidelines#theme-development [wiki]: https://github.com/OpenConext/OpenConext-engineblock/wiki diff --git a/app/AppKernel.php b/app/AppKernel.php index a499fa4103..f5c5af2297 100644 --- a/app/AppKernel.php +++ b/app/AppKernel.php @@ -60,12 +60,6 @@ public function registerContainerConfiguration(LoaderInterface $loader) public function getCacheDir() { - // In the dev & test environments use a folder outside the shared filesystem. This greatly improves cache clear - // and warmup time. - if ($this->getEnvironment() === 'dev' || $this->getEnvironment() === 'test') { - return sprintf('/tmp/engineblock/cache/%s', $this->getEnvironment()); - } - return $this->rootDir . '/cache/' . $this->environment; } @@ -73,4 +67,12 @@ public function getLogDir() { return $this->rootDir . '/logs/' . $this->environment; } + + public function getProjectDir() + { + // This is needed to define the project dir without composer.json + // @see: https://symfony.com/doc/current/reference/configuration/kernel.html#configuration-kernel-project-directory + return \dirname(__DIR__); + } + } diff --git a/app/config/config_ci.yml b/app/config/config_ci.yml index 1295836479..b956e9ce40 100644 --- a/app/config/config_ci.yml +++ b/app/config/config_ci.yml @@ -10,7 +10,7 @@ doctrine: driver: pdo_mysql # This must be PDO until all database interaction runs through doctrine server_version: 5.5 dbname: "%database.dbname%" - host: "db.vm.openconext.org" + host: "mariadb" port: "%database.port%" user: "%database.user%" password: "%database.password%" @@ -18,7 +18,7 @@ doctrine: driver: pdo_mysql # This must be PDO until all database interaction runs through doctrine server_version: 5.5 dbname: "%database.test.dbname%" - host: "db-test.vm.openconext.org" + host: "mariadb" port: "%database.test.port%" user: "%database.test.user%" password: "%database.test.password%" diff --git a/app/config/functional_testing.yml.dist b/app/config/functional_testing.yml.dist index c365ff0294..80530bfaac 100644 --- a/app/config/functional_testing.yml.dist +++ b/app/config/functional_testing.yml.dist @@ -5,4 +5,4 @@ parameters: # Where must we store the writable state of the Mock IdP and Mock SP? idp_fixture_file: '/tmp/eb-fixtures/db/idp.states.php.serialized' sp_fixture_file: '/tmp/eb-fixtures/db/sp.states.php.serialized' - stepup.sfo.override_engine_entityid: 'https://engine.vm.openconext.com/new/stepup/metadata' + stepup.sfo.override_engine_entityid: 'https://engine.dev.openconext.local/new/stepup/metadata' diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist index 9aeea9228d..7e6141f322 100644 --- a/app/config/parameters.yml.dist +++ b/app/config/parameters.yml.dist @@ -11,11 +11,11 @@ parameters: ## from the Host header will be used) or set to match the domain ## setting. For example: ## - ## domain = vm.openconext.org - ## hostname = engine.vm.openconext.org - domain: vm.openconext.org + ## domain = dev.openconext.local + ## hostname = engine.dev.openconext.local + domain: dev.openconext.local ## Set a fixed hostname for OpenConext EngineBlock to use. - hostname: engine.vm.openconext.org + hostname: engine.dev.openconext.local ## Configure trusted proxies to use their X-Forwarded-For header. trusted_proxies: @@ -43,8 +43,8 @@ parameters: ## or requests (when it acts as an SP) it uses these X.509 certs. encryption_keys: default: - publicFile: /etc/openconext/engineblock.crt - privateFile: /etc/openconext/engineblock.pem + publicFile: /config/engine/engineblock.crt + privateFile: /config/engine/engineblock.pem ## List of signature methods explicitly forbidden by EngineBlock. forbidden_signature_methods: { } @@ -73,7 +73,7 @@ parameters: ## EngineBlock API credentials ## The API user config, allows for configuration of multiple different users - api.users.metadataPush.username: serviceregistry + api.users.metadataPush.username: manage api.users.metadataPush.password: secret api.users.profile.username: profile api.users.profile.password: secret @@ -84,7 +84,7 @@ parameters: ## PDP SETTINGS ########################################################################################## ## Location of PDP - pdp.host: 'https://pdp.vm.openconext.org' + pdp.host: 'https://pdp.dev.openconext.local' ## PDP uses basic auth pdp.username: pdp_admin @@ -96,7 +96,7 @@ parameters: ## ATTRIBUTE AGGREGATION SETTINGS ########################################################################################## ## Location of AA - attribute_aggregation.base_url: 'https://aa.vm.openconext.org/aa/api/internal/attribute/aggregation' + attribute_aggregation.base_url: 'https://aa.dev.openconext.local/internal/attribute/aggregation' attribute_aggregation.username: eb attribute_aggregation.password: secret @@ -119,12 +119,12 @@ parameters: ########################################################################################## ## DATABASE SETTINGS ########################################################################################## - database.host: localhost + database.host: mariadb database.port: '3306' database.user: ebrw database.password: secret database.dbname: eb - database.test.host: localhost + database.test.host: mariadb database.test.port: '3306' database.test.user: eb_testrw database.test.password: secret @@ -138,13 +138,13 @@ parameters: ## Minimum execution time in milliseconds when a received response is deemed invalid (default: 5000 ms) minimum_execution_time_on_invalid_received_response: 5000 ## The value for guest qualifier. Can be overridden for specific environments - addgueststatus_guestqualifier: 'urn:collab:org:vm.openconext.org' + addgueststatus_guestqualifier: 'urn:collab:org:dev.openconext.local' ## Language cookie settings ## The value for the domain is also used for clearing SSO Notification cookies if the feature is enabled cookie.path: / cookie.secure: true - cookie.locale.domain: .vm.openconext.org + cookie.locale.domain: .dev.openconext.local cookie.locale.expiry: 5184000 cookie.locale.http_only: false cookie.locale.secure: true @@ -157,7 +157,7 @@ parameters: view_default_logo_height: 96 # when set, will show a ribbon top-right to visually distinguish this install from other # environments in your constellation (e.g. "test", "qa"), with the given ribbon color in - # env_ribbon_color. You can choose from colors: crimson,darkorchid,orange,hotpink,khaki. + # env_ribbon_color. You can choose from colors: crimson,orange,hotpink,khaki. env_name: "" env_ribbon_color: "" @@ -178,7 +178,7 @@ parameters: ## Toggle the default IdP quick link banner on the WAYF. wayf.display_default_idp_banner_on_wayf: true - wayf.default_idp_entity_id: https://default-idp.vm.openconext.org + wayf.default_idp_entity_id: https://default-idp.dev.openconext.local ## Toggle display & content of global site notice global.site_notice.show: false @@ -221,7 +221,7 @@ parameters: feature_api_metadata_api: true feature_api_deprovision: true feature_run_all_manipulations_prior_to_consent: false - feature_block_user_on_violation: true + feature_block_user_on_violation: false feature_enable_consent: true feature_stepup_sfo_override_engine_entityid: false feature_enable_idp_initiated_flow: true @@ -230,40 +230,42 @@ parameters: ## PROFILE SETTINGS ########################################################################################## ## Location of Profile - profile_base_url: 'https://profile.vm.openconext.org' + profile_base_url: 'https://profile.dev.openconext.local' ########################################################################################## ## SFO SETTINGS ########################################################################################## ## This PCRE regex is used to blacklist incoming AuthnContextClassRef attributes on. If an empty string is used ## the validation is skipped. The validator will throw an exception if the used regex is invalid. - stepup.authn_context_class_ref_blacklist_regex: '/http:\/\/vm\.openconext\.org\/assurance\/loa[1-3]/' + stepup.authn_context_class_ref_blacklist_regex: '/http:\/\/dev\.openconext\.local\/assurance\/loa[1-3]/' ## The loa mapping from the internal used LoA's to the Stepup Gateway LOA's. ## Specification of the mapping: stepup.loa.mapping.[int 1|2|3].[string engineblock|gateway] ## The integer after the mapping field indicates the LoA level (1, 2 or 3 are supported). ## The engineblock or gateway keys specify the LoAs identifier as will be carried in the AuthnContextClassRef of an assertion. stepup.loa.mapping: 10: - engineblock: 'http://vm.openconext.org/assurance/loa1' - gateway: 'http://stepup.vm.openconext.org/assurance/loa1' + engineblock: 'http://dev.openconext.local/assurance/loa1' + gateway: 'http://dev.openconext.local/assurance/loa1' 15: - engineblock: 'http://vm.openconext.org/assurance/loa1_5' - gateway: 'http://stepup.vm.openconext.org/assurance/loa1_5' + engineblock: 'http://dev.openconext.local/assurance/loa1_5' + gateway: 'http://dev.openconext.local/assurance/loa1_5' 20: - engineblock: 'http://vm.openconext.org/assurance/loa2' - gateway: 'http://stepup.vm.openconext.org/assurance/loa2' + engineblock: 'http://dev.openconext.local/assurance/loa2' + gateway: 'http://dev.openconext.local/assurance/loa2' 30: - engineblock: 'http://vm.openconext.org/assurance/loa3' - gateway: 'http://stepup.vm.openconext.org/assurance/loa3' + engineblock: 'http://dev.openconext.local/assurance/loa3' + gateway: 'http://dev.openconext.local/assurance/loa3' ## The fallback LoA to return when the Stepup authentication fails but is not required - stepup.loa.loa1: 'http://vm.openconext.org/assurance/loa1' + stepup.loa.loa1: 'http://dev.openconext.local/assurance/loa1' ## The EntityId (metadata URL) used in the callout to the SFO endpoint of the configured Stepup Gateway - stepup.gateway.sfo.entity_id: 'https://gateway.stepup.vm.openconext.org/second-factor-only/metadata' + stepup.gateway.sfo.entity_id: 'https://gateway.dev.openconext.local/second-factor-only/metadata' ## The single sign-on endpoint used for Stepup Gateway SFO callouts - stepup.gateway.sfo.sso_location: 'https://gateway.stepup.vm.openconext.org/second-factor-only/single-sign-on' + stepup.gateway.sfo.sso_location: 'https://gateway.dev.openconext.local/second-factor-only/single-sign-on' ## The public key from the Stepup Gateway IdP - stepup.gateway.sfo.key_file: /etc/openconext/engineblock.crt - stepup.sfo.override_engine_entityid: 'https://engine.vm.openconext.com/new/stepup/metadata' + stepup.gateway.sfo.key_file: /config/engine/engineblock.crt + ## You can override the default entityID used by Engineblock for its callout to stepup gateway. + ## You also need to enable the feature toggle feature_stepup_sfo_override_engine_entityid above. + stepup.sfo.override_engine_entityid: "https://engine.dev.openconext.local/new/stepup/metadata" ########################################################################################## ## THEME SETTINGS @@ -303,4 +305,3 @@ parameters: # used in the authentication log record. The attributeName will be searched in the response attributes and if present # the log data will be enriched. The values of the response attributes are the final values after ARP and Attribute Manipulation. auth.log.attributes: [] - diff --git a/app/config/parameters.yml.docker b/app/config/parameters.yml.docker deleted file mode 100644 index 100d58728a..0000000000 --- a/app/config/parameters.yml.docker +++ /dev/null @@ -1,293 +0,0 @@ -parameters: - ########################################################################################## - ## GLOBAL SETTINGS - ########################################################################################## - ## This is a string that should be unique to your application and it's commonly used to add more - ## entropy to security related operations. Its value should be a series of characters, numbers and - ## symbols chosen randomly and the recommended length is around 32 characters. - secret: secret - - ## Note: due to legacy reasons, hostname must be left empty (hostname - ## from the Host header will be used) or set to match the domain - ## setting. For example: - ## - ## domain = dev.openconext.local - ## hostname = engine.dev.openconext.local - domain: dev.openconext.local - ## Set a fixed hostname for OpenConext EngineBlock to use. - hostname: engine.dev.openconext.local - - ## Configure trusted proxies to use their X-Forwarded-For header. - trusted_proxies: - - 192.168.1.1 - - 10.0.0.1 - - ## The enabled languages, currently 'en', 'nl' and 'pt' are supported - enabled_languages: - - nl - - en - - ########################################################################################## - ## SAML2 SETTINGS - ########################################################################################## - ## Path to the attribute definition file. - ## Where EngineBlock can look for attribute definitions. - ## These determine: - ## * How attributes are displayed in Profile and Consent - ## * How attributes are Normalized and Denormalized - ## * How attributes are validated - attribute_definition_file_path: %kernel.project_dir%/application/configs/attributes.json - - ## The Signing / Encryption keys used for the SAML2 authentication and metadata - ## When EngineBlock signs responses (when it acts as an Idp) - ## or requests (when it acts as an SP) it uses these X.509 certs. - encryption_keys: - default: - publicFile: /config/engine/engineblock.crt - privateFile: /config/engine/engineblock.pem - - ## List of signature methods explicitly forbidden by EngineBlock. - forbidden_signature_methods: { } - - ## List of allowed ACS location URI schemes - allowed_acs_location_schemes: - - http - - https - - ## Add RequestedAttributes to the AttributeConsumingService of the SP Proxy metadata of Engineblock, default is all - ## Options are 'all' (optional and required attributes), 'required' (only required attributes) or 'none' - metadata_add_requested_attributes: all - - ########################################################################################## - ## PHP SETTINGS - ########################################################################################## - ## Ideally, PHP is configured using the regular PHP configuration in - ## /etc, but EngineBlock supports runtime modification of PHP - ## settings. - php_settings: - memory_limit: 256M - display_errors: '1' - error_reporting: '6135' - date.timezone: Europe/Amsterdam - sendmail_from: 'OpenConext EngineBlock ' - - ## EngineBlock API credentials - ## The API user config, allows for configuration of multiple different users - api.users.metadataPush.username: serviceregistry - api.users.metadataPush.password: secret - api.users.profile.username: profile - api.users.profile.password: secret - api.users.deprovision.username: lifecycle - api.users.deprovision.password: secret - - ########################################################################################## - ## PDP SETTINGS - ########################################################################################## - ## Location of PDP - pdp.host: 'https://pdp.dev.openconext.local' - - ## PDP uses basic auth - pdp.username: pdp_admin - pdp.password: secret - pdp.client_id: EngineBlock - pdp.policy_decision_point_path: /pdp/api/decide/policy - - ########################################################################################## - ## ATTRIBUTE AGGREGATION SETTINGS - ########################################################################################## - ## Location of AA - attribute_aggregation.base_url: 'https://aa.dev.openconext.local/aa/api/internal/attribute/aggregation' - attribute_aggregation.username: eb - attribute_aggregation.password: secret - - ## LOGGING / ERROR HANDLING - ## Note that we have the following priorities: - ## EMERGENCY: system is unusable - ## ALERT: action must be taken immediately - ## CRITICAL: critical conditions - ## ERROR: error conditions - ## WARNING: warning conditions - ## NOTICE: normal but significant condition - ## INFO: informational messages - ## DEBUG: debug messages - logger.channel: engineblock - logger.fingers_crossed.passthru_level: NOTICE - logger.fingers_crossed.action_level: ERROR - logger.syslog.ident: EBLOG - logger.line_format: '[%%datetime%%] %%channel%%.%%level_name%%: %%message%% %%extra%% %%context%%' - - ########################################################################################## - ## DATABASE SETTINGS - ########################################################################################## - database.host: localhost - database.port: '3306' - database.user: ebrw - database.password: secret - database.dbname: eb - database.test.host: localhost - database.test.port: '3306' - database.test.user: eb_testrw - database.test.password: secret - database.test.dbname: eb_test - - ########################################################################################## - ## MISCELLANEOUS SETTINGS - ########################################################################################## - ## The memory limit used for the metadata push this setting is overridden in the ConnectionsController - engineblock.metadata_push_memory_limit: 256M - ## Minimum execution time in milliseconds when a received response is deemed invalid (default: 5000 ms) - minimum_execution_time_on_invalid_received_response: 5000 - ## The value for guest qualifier. Can be overridden for specific environments - addgueststatus_guestqualifier: 'urn:collab:org:dev.openconext.local' - - ## Language cookie settings - ## The value for the domain is also used for clearing SSO Notification cookies if the feature is enabled - cookie.path: / - cookie.secure: true - cookie.locale.domain: .dev.openconext.local - cookie.locale.expiry: 5184000 - cookie.locale.http_only: false - cookie.locale.secure: true - - ## UI settings - view_default_title: OpenConext - view_default_header: OpenConext - view_default_logo: /images/logo.png - view_default_logo_width: 96 - view_default_logo_height: 96 - # when set, will show a ribbon top-right to visually distinguish this install from other - # environments in your constellation (e.g. "test", "qa"), with the given ribbon color in - # env_ribbon_color. You can choose from colors: crimson,orange,hotpink,khaki. - env_name: "" - env_ribbon_color: "" - - ui_return_to_sp_link: false - - ## The default email where IdP request access are send - email_request_access_address: help@example.org - - ## The query to be used to detect if healthy - monitor_database_health_check_query: 'SELECT uuid FROM user LIMIT 1;' - - ## Cutoff point for showing unfiltered IdPs on the WAYF. - ## Do not show unfiltered IdPs on the WAYF if there are more IdPs than the cutoff point. - wayf.cutoff_point_for_showing_unfiltered_idps: 50 - - ## Allow users to save their selected IdP and then auto-select it on returning visits. - wayf.remember_choice: false - - ## Toggle the default IdP quick link banner on the WAYF. - wayf.display_default_idp_banner_on_wayf: true - wayf.default_idp_entity_id: https://default-idp.dev.openconext.local - - ## Toggle display & content of global site notice - global.site_notice.show: false - global.site_notice.allowed.tags: '

    1. ' - - ## Settings for detecting whether the user is stuck in a authentication loop within his session - time_frame_for_authentication_loop_in_seconds: 60 - maximum_authentication_procedures_allowed: 5 - - ## Store attributes with their values, meaning that if an Idp suddenly - ## sends a new value (like a new e-mail address) consent has to be - ## given again. - consent_store_values: true - - ## Email configuration - email_idp_debugging: - from: - name: 'OpenConext EngineBlock' - address: no-reply@example.org - to: - address: coin-logs-dev@list.surfnet.nl - name: 'OpenConext Admin' - subject: 'IdP debug info from %%1$s' - - ## Swiftmailer configuration - mailer_transport: 'smtp' - mailer_host: 'localhost' - mailer_port: '25' - mailer_user: '' - mailer_password: '' - - ########################################################################################## - ## FEATURE SETTINGS - ########################################################################################## - feature_eb_encrypted_assertions: true - feature_eb_encrypted_assertions_require_outer_signature: true - feature_api_metadata_push: true - feature_api_consent_listing: true - feature_api_consent_remove: true - feature_api_metadata_api: true - feature_api_deprovision: true - feature_run_all_manipulations_prior_to_consent: false - feature_block_user_on_violation: false - feature_enable_consent: true - - ########################################################################################## - ## PROFILE SETTINGS - ########################################################################################## - ## Location of Profile - profile_base_url: 'https://profile.dev.openconext.local' - - ########################################################################################## - ## SFO SETTINGS - ########################################################################################## - ## This PCRE regex is used to blacklist incoming AuthnContextClassRef attributes on. If an empty string is used - ## the validation is skipped. The validator will throw an exception if the used regex is invalid. - stepup.authn_context_class_ref_blacklist_regex: '/http:\/\/vm\.openconext\.org\/assurance\/loa[1-3]/' - ## The loa mapping from the internal used LoA's to the Stepup Gateway LOA's. - ## Specification of the mapping: stepup.loa.mapping.[int 1|2|3].[string engineblock|gateway] - ## The integer after the mapping field indicates the LoA level (1, 2 or 3 are supported). - ## The engineblock or gateway keys specify the LoAs identifier as will be carried in the AuthnContextClassRef of an assertion. - stepup.loa.mapping: - 10: - engineblock: 'http://dev.openconext.local/assurance/loa1' - gateway: 'http://dev.openconext.local/assurance/loa1' - 15: - engineblock: 'http://dev.openconext.local/assurance/loa1_5' - gateway: 'http://dev.openconext.local/assurance/loa1_5' - 20: - engineblock: 'http://dev.openconext.local/assurance/loa2' - gateway: 'http://dev.openconext.local/assurance/loa2' - 30: - engineblock: 'http://dev.openconext.local/assurance/loa3' - gateway: 'http://dev.openconext.local/assurance/loa3' - ## The fallback LoA to return when the Stepup authentication fails but is not required - stepup.loa.loa1: 'http://dev.openconext.local/assurance/loa1' - ## The EntityId (metadata URL) used in the callout to the SFO endpoint of the configured Stepup Gateway - stepup.gateway.sfo.entity_id: 'https://gateway.dev.openconext.local/second-factor-only/metadata' - ## The single sign-on endpoint used for Stepup Gateway SFO callouts - stepup.gateway.sfo.sso_location: 'https://gateway.dev.openconext.local/second-factor-only/single-sign-on' - ## The public key from the Stepup Gateway IdP - stepup.gateway.sfo.key_file: /config/engine/engineblock.crt - - ########################################################################################## - ## THEME SETTINGS - ########################################################################################## - # When changing the default theme name, be aware that the CI build will no longer be able to select our default - # test suite for js e2e tests. This because a SED command is in place to rewrite the parameters.yml. - # See the SED command in Gitlab Actions runner: 'Run Cypress integration tests' - theme.name: skeune - - ########################################################################################## - ## SSO NOTIFICATION SETTINGS - ########################################################################################## - feature_enable_sso_notification: false - sso_notification_encryption_algorithm: AES-256-CBC - ## The encryption key used to decrypt the SSO notification - sso_notification_encryption_key: - ## The encryption key salt used to decrypt the SSO notification - sso_notification_encryption_key_salt: - - ########################################################################################## - ## SSO SESSION COOKIES SETTINGS - ########################################################################################## - # When the user is successfully authenticated by an Identity Provider, Engineblock stores an SSO session cookie in - # their browser. OpenConext's SSO query service is then able, if necessary, to verify whether this cookie exists and - # to return the correct answer to the requesting party based on this. - feature_enable_sso_session_cookie: false - # The time the cookie expires. This is a timestamp in number of seconds since the authentication. - # If set to 0 the cookie will expire at the end of the session (when the browser closes). - sso_session_cookie_max_age: 0 - diff --git a/ci/qa-config/files/engine.dev.openconext.local.crt b/ci/qa-config/files/engine.dev.openconext.local.crt new file mode 100644 index 0000000000..7046e76033 --- /dev/null +++ b/ci/qa-config/files/engine.dev.openconext.local.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNV +BAMTBkVuZ2luZTERMA8GA1UECxMIU2VydmljZXMxEzARBgNVBAoTCk9wZW5Db25l +eHQxCzAJBgNVBAYTAk5MMB4XDTE1MDQwMjE0MDE1NFoXDTI1MDQwMTE0MDE1NFow +RjEPMA0GA1UEAxMGRW5naW5lMREwDwYDVQQLEwhTZXJ2aWNlczETMBEGA1UEChMK +T3BlbkNvbmV4dDELMAkGA1UEBhMCTkwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQCeVodghQwFR0pItxGaJ3LXHA+ZLy1w/TMaGDcJaszAZRWRkL/6djwb +abR7TB45QN6dfKOFGzobQxG1Oksky3gz4Pki1BSzi/DwsjWCw+Yi40cYpYeg/XM0 +tvHKVorlsx/7Thm5WuC7rwytujr/lV7f6lavf/ApnLHnOORU2h0ZWctJiestapMa +C5mc40msruWWp04axmrYICmTmGhEy7w0qO4/HLKjXtWbJh71GWtJeLzG5Hj04X44 +wI+D9PUJs9U3SYh9SCFZwq0v+oYeqajiX0JPzB+8aVOPmOOM5WqoT8OCddOM/Tls +L/0PcxByGHsgJuWbWMI1PKlK3omR764PAgMBAAGjgagwgaUwHQYDVR0OBBYEFLow +msUCD2CrHU0lich1DMkNppmLMHYGA1UdIwRvMG2AFLowmsUCD2CrHU0lich1DMkN +ppmLoUqkSDBGMQ8wDQYDVQQDEwZFbmdpbmUxETAPBgNVBAsTCFNlcnZpY2VzMRMw +EQYDVQQKEwpPcGVuQ29uZXh0MQswCQYDVQQGEwJOTIIJAPdqJ9JQKN6vMAwGA1Ud +EwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAIF9tGG1C9HOSTQJA5qL13y5Ad8G +57bJjBfTjp/dw308zwagsdTeFQIgsP4tdQqPMwYmBImcTx6vUNdiwlIol7TBCPGu +qQAHD0lgTkChCzWezobIPxjitlkTUZGHqn4Kpq+mFelX9x4BElmxdLj0RQV3c3Bh +oW0VvJvBkqVKWkZ0HcUTQMlMrQEOq6D32jGh0LPCQN7Ke6ir0Ix5knb7oegND49f +bLSxpdo5vSuxQd+Zn6nI1/VLWtWpdeHMKhiw2+/ArR9YM3cY8UwFQOj9Y6wI6gPC +Gh/q1qv2HnngmnPrNzZik8XucGcf1Wm2zE4UIVYKW31T52mqRVDKRk8F3Eo= +-----END CERTIFICATE----- diff --git a/ci/qa-config/files/engine.dev.openconext.local.key b/ci/qa-config/files/engine.dev.openconext.local.key new file mode 100644 index 0000000000..80d48221fd --- /dev/null +++ b/ci/qa-config/files/engine.dev.openconext.local.key @@ -0,0 +1,28 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEAnlaHYIUMBUdKSLcRmidy1xwPmS8tcP0zGhg3CWrMwGUVkZC/ ++nY8G2m0e0weOUDenXyjhRs6G0MRtTpLJMt4M+D5ItQUs4vw8LI1gsPmIuNHGKWH +oP1zNLbxylaK5bMf+04ZuVrgu68Mrbo6/5Ve3+pWr3/wKZyx5zjkVNodGVnLSYnr +LWqTGguZnONJrK7llqdOGsZq2CApk5hoRMu8NKjuPxyyo17VmyYe9RlrSXi8xuR4 +9OF+OMCPg/T1CbPVN0mIfUghWcKtL/qGHqmo4l9CT8wfvGlTj5jjjOVqqE/DgnXT +jP05bC/9D3MQchh7ICblm1jCNTypSt6Jke+uDwIDAQABAoIBAQCCwSH6auSKV1zY +v5UhoAIN8XZQIc18yRsyKV0JwdBj8RXmp4ph4tGwMZKBX1J2JUOw+gRvHxTU/oXZ +CtKTCBOzg805Hboaqy3FFuVpnyylEtrbV5axM5u3pHv3g5AgL9PxS4Wis5FybBQk +Qu4FsewvLO148EX7lxKyxyCHkbcF/vxGLj+eNboka4hlah2vVz2cHO3Yp4QKOfIh +p02ij0Hvlwv9FVhvQghy8xFfCD9Nfh3QRUXpHhob1WPFLJWNTf14SVOtfCKbB5z4 +LyvJ+TqIwB7cMPEhHfvyH+26s43wRwmGzr5xAdaNVu04NiXDW/s/b4ebuD3BZbpk +yx8tUDrBAoGBANEf9ia9LKj4fya7H0TTyUxfUREZUDOALCcPfeiZEibQ3ZawaLOa +ci3W0jRl90NFpajDQQli5V1/DCmWFcvHarejInFYIG+QLWrKwCPNkrJ1Qccz4VLZ +TffzuhhMNd1KAUXuYPqvm/KSnwGf+rVxCVMojHpbJDQ9LgCovY4oANtrAoGBAMHU +TsEWV5uF/enj1co5LlhNMotP2D3+2F1bdGBd5iPU+X38NghSei9oA9KOtaJBN1fo ++7ELUxxm/Bw9L8BaOQUHC9NWk87kSfRAxEx6AsWGdOW6GNQknYKCf3iX+xTcow76 +GgtigZiENQOwZAtDpw9Q5ZPNR8Vv9ig5W0cOvKTtAoGBALMrFATKrTmzdZTkWvzo +Cp4hR95DdsA4/xsUHcarZq7U4hSZ3YqLN2nolD4KYldDk5PMfasiDOsWz3/Ns6zc +lKTy4q6DV37d4tuNDCNgnF/DMHEQFOubfD6ElZr9qGSIZCDbBEGjNRQV5J9Kxkyv +pNKXegvWjGUpSYGNEKJ7yYgzAoGBAJHyTdZ//zlgvB8X6cuaILZmck+JsHaF5N7u +1QMW0Qpb+/yMIxdDGzOE65Po1wU0e/qauKHHuC3jsaOFwuXgSZzqgFICl8sqBDGB +bw1ytZGLu4ubA8UBSQSTRG5Gac18kN7fHStDYfe4XL7JW5tLtogGzsbqxEb7FeuV +vJAVnZ/FAoGANJ+h6hUdN0t4IjHl6DRr+x2gniqYLCRS/DpkOi6fj2LVIqG7xWt/ +fg946ohBj8jA7wt8JNkgL6Bxn3uqdFFGvr0IudJHvpuPFOnKPeL0/Pa7U94d15L4 +aLEj+8OAOJ3LWJrvJQY1HuGBl7yc2Z+9UO8o41peMfqJXnJCAbPGqXg= +-----END RSA PRIVATE KEY----- + diff --git a/ci/qa-config/files/engine.vm.openconext.org.crt b/ci/qa-config/files/engine.vm.openconext.org.crt deleted file mode 100644 index 62258ab19b..0000000000 --- a/ci/qa-config/files/engine.vm.openconext.org.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIJAOduh/cAvDE0MA0GCSqGSIb3DQEBCwUAMFoxCzAJBgNV -BAYTAk5MMRMwEQYDVQQIDApTb21lLVN0YXRlMRMwEQYDVQQKDApPcGVuQ29uZXh0 -MSEwHwYDVQQDDBhlbmdpbmUudm0ub3BlbmNvbmV4dC5vcmcwHhcNMTYwMTI2MTEw -NDE3WhcNMTYwMjI1MTEwNDE3WjBaMQswCQYDVQQGEwJOTDETMBEGA1UECAwKU29t -ZS1TdGF0ZTETMBEGA1UECgwKT3BlbkNvbmV4dDEhMB8GA1UEAwwYZW5naW5lLnZt -Lm9wZW5jb25leHQub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -uRvIEbBCcd65FShcw1p3J5aKKHw8dZ36AjTCIX48GwJsmAArdwkSEJeuxVXtUOhK -R0z1oZLxRbN6NE4Ai8zmd5XIU86CpzXsAOD6NJCn4NqukR5l/xyKuMd6IrEZkiwq -r8BZ5y9kZLMzJ9iKXHPUmYPSTk0LZxFxOqGME9uonbJ33bOStGXpvxxyhiYVnWHs -GXisfKyVKd9G4nmgIoX8cYQNy2cJpn2fEGCEpd9xSpaJ8j869SaG53uywtI8aLVu -5xP7gzcnQ1puWpb3B5KmDLrzedUKO2S4dLDOrBz2N7X1fzQL/B6S8WpdtXNySISQ -IBnvlsfxr61b+d4xrYI6vQIDAQABo1AwTjAdBgNVHQ4EFgQUUPaD0QpeVmywgzZx -3yBmgD7qSgwwHwYDVR0jBBgwFoAUUPaD0QpeVmywgzZx3yBmgD7qSgwwDAYDVR0T -BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEASAVm2V60OSchHLCBgXqWVe6wGqb3 -sMhnIVU505iMs8iaOccHMeXcYiPCGStqjMN3EFoWPX3s1Wwryi1OHT6e3kq9CPy9 -X91UNUr3hic92vUZdMUJHgMUrQETNDWxNlrtgtzFG308WSal6mWOnUh93DMl4YJw -tuI5QDE9DzydLirnCMg81Ydq/vw5IIkXKP/Onqz/8lLEc7Ut4wJv3q6beWTXWKKr -cvhvHWbN3Z02Rc97hBcqdJswJNLxI9PNlNEISBAvmBHiZz2XvVJ67puwt4HIOaks -X9E7aALyeW2ZsS6RXUEB0ECIxPp1j0Nenf1s8Piz/XpIfLCEN10l9BLfYA== ------END CERTIFICATE----- diff --git a/ci/qa-config/files/engine.vm.openconext.org.key b/ci/qa-config/files/engine.vm.openconext.org.key deleted file mode 100644 index 90abe8d094..0000000000 --- a/ci/qa-config/files/engine.vm.openconext.org.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5G8gRsEJx3rkV -KFzDWncnlooofDx1nfoCNMIhfjwbAmyYACt3CRIQl67FVe1Q6EpHTPWhkvFFs3o0 -TgCLzOZ3lchTzoKnNewA4Po0kKfg2q6RHmX/HIq4x3oisRmSLCqvwFnnL2RkszMn -2Ipcc9SZg9JOTQtnEXE6oYwT26idsnfds5K0Zem/HHKGJhWdYewZeKx8rJUp30bi -eaAihfxxhA3LZwmmfZ8QYISl33FKlonyPzr1Jobne7LC0jxotW7nE/uDNydDWm5a -lvcHkqYMuvN51Qo7ZLh0sM6sHPY3tfV/NAv8HpLxal21c3JIhJAgGe+Wx/GvrVv5 -3jGtgjq9AgMBAAECggEAP94KBbBe/JLwIRCwEOchvZL/UECtS5eaLzCs2omHi3om -pbtJQ+TpSrhLIOMo4oWDO16eUYU1oeru+yT+oz2rNw+C8weJpM/CAfud2I0gn0BU -gtWOM5tRcbfBuD6KqBh9Ee64FkAPz37U46ae9o8wh1coNMP4bzNhce1TO3bKkr3u -ZLXG9T5ENvG8CSopP0MrZaeGch8fUZVz+ssG29w8YFWgPgM9FBzDo8Hg+ZKRjIYQ -n+GWEY1p+PvlqxRTBOt8zBAql2yyORZfGy0ATl1dje7Rs0dNaoFPANV0wZHy+GWZ -t6S6FMg/zm4BiYEoUtN4ImlgVjO/osnCRhppQzQuAQKBgQDqYoh+4OIwM6tSTt3x -d/anKPirO2iwVS59Rh7Hm4v19RoL7lW9FlpT5drnjiQDUK5UOI/hMbAe0BT5He8j -Pnnce4vgMtie+q8b61yMG9hAq1UZE4RNIzZGObsuxXDupmPaeOh3GtgCWjg/ODJe -grsq6yCfFJq7XJukz0Tn0uuZoQKBgQDKLeixQBiEXZc4/+r2ExLXbeiF7GHPuD4P -qjk5oeL45NH6CICfIE5/vKRDhhk56G5g3E2xT33iVettcJrYB7JWPY5H4TNyb5uy -PdH+pmB1pV4RcX1WUh3DlZ3Am70kNPoL1v1DWUGfO5uLaCp1f9KZoF/a/zWdUho3 -mSImJoQjnQKBgE2Pk6mg01iuEHhpPsqkLwv74+YN/8OyPHMaHB9jmromhJsEIH01 -A2kV/A16HPK35Shbm0ki/ywDIZ2aSUM5bmwGui/Tw5lATWgIx5RZtoMX704gBjzc -dR5iBk4g6hEfIJXwQsT/LhIBNvG8r/ZUfoliS2Y5FEcCC0NLj3rDclFhAoGBAIhb -yEnryd1UZg66hBTtLlL/vMi+cgWv5KOaEjhtl/B4G6qAG4e3OVprt3oXMmJdAjzv -uLKyw1toyX0pajXzkvMZVyHhoFo5LhBcI4qVWg9etgAbxAX5IjvsZ9Yk8788v7xG -hs/qnhiwEitG2QQgbsDQanYAlH+DhU0kSeTjK1H9AoGBAMQjQ77OkS2PLcDZZKv9 -KmNAZBBFGhzxlq/De6TNRoVEsAksgIX9/WwNe/A+BAwgkFGmXS56orjS3sCgaJfm -CRr69Fw7PVK2NvQyxbl9UHzuwCVO48vqs+jZTqgGF41qFLg5vvXA37quX2fxuFam -nakkL9p4aISjABwa+u6hgXwD ------END PRIVATE KEY----- diff --git a/composer.json b/composer.json index 87866fe4b8..f7abc88915 100644 --- a/composer.json +++ b/composer.json @@ -15,7 +15,7 @@ "source": "https://github.com/OpenConext/OpenConext-engineblock" }, "require": { - "php": "7.2", + "php": "~7.2", "ext-dom": "*", "ext-json": "*", "ext-mbstring": "*", @@ -43,6 +43,7 @@ "twig/twig": "^2.0" }, "require-dev": { + "ext-zlib": "*", "behat/behat": "~3.0", "behat/mink": "~1.7", "behat/mink-extension": "~2.0", diff --git a/composer.lock b/composer.lock index cbcd09d597..6a72564e21 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "71a37d02a121077e833a90ca029d301f", + "content-hash": "19453134707cf6f9b99eb15cc8f96173", "packages": [ { "name": "beberlei/assert", @@ -6975,12 +6975,12 @@ "version": "3.7.2", "source": { "type": "git", - "url": "https://github.com/squizlabs/PHP_CodeSniffer.git", + "url": "https://github.com/PHPCSStandards/PHP_CodeSniffer.git", "reference": "ed8e00df0a83aa96acf703f8c2979ff33341f879" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/ed8e00df0a83aa96acf703f8c2979ff33341f879", + "url": "https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/ed8e00df0a83aa96acf703f8c2979ff33341f879", "reference": "ed8e00df0a83aa96acf703f8c2979ff33341f879", "shasum": "" }, @@ -7145,17 +7145,17 @@ ], "aliases": [], "minimum-stability": "stable", - "stability-flags": [], + "stability-flags": {}, "prefer-stable": false, "prefer-lowest": false, "platform": { - "php": "7.2", + "php": "~7.2", "ext-dom": "*", "ext-json": "*", "ext-mbstring": "*", "ext-openssl": "*" }, - "platform-dev": [], + "platform-dev": {}, "platform-overrides": { "php": "7.2" }, diff --git a/docker/Dockerfile.prod b/docker/Dockerfile.prod index 0cc9bfce92..e97f4d7ab0 100644 --- a/docker/Dockerfile.prod +++ b/docker/Dockerfile.prod @@ -15,7 +15,7 @@ RUN rm -rf /etc/apache2/sites-enabled/* COPY ./docker/conf/engine.conf /etc/apache2/sites-enabled/engine.conf COPY ./docker/conf/logging.yml /var/www/html/app/config/logging.yml # Instantiate devconf config -RUN cp app/config/parameters.yml.docker app/config/parameters.yml +RUN cp app/config/parameters.yml.dist app/config/parameters.yml # Set the default workdir EXPOSE 80 diff --git a/docker/php-fpm/Dockerfile-php72 b/docker/ci/Dockerfile-php72 similarity index 51% rename from docker/php-fpm/Dockerfile-php72 rename to docker/ci/Dockerfile-php72 index 57bc5dbd7e..43af768db9 100644 --- a/docker/php-fpm/Dockerfile-php72 +++ b/docker/ci/Dockerfile-php72 @@ -1,15 +1,12 @@ FROM ghcr.io/openconext/openconext-basecontainers/php72-apache2-node16-composer2:latest - RUN a2enmod ssl # Copy phpfpm config -COPY docker/php-fpm/app.ini /usr/local/etc/php/conf.d/ +COPY docker/ci/app.ini /usr/local/etc/php/conf.d/ RUN rm -rf /etc/apache2/sites-enabled/* -COPY docker/php-fpm/apache2.conf /etc/apache2/sites-enabled/ +COPY docker/ci/apache2.conf /etc/apache2/sites-enabled/ RUN chown -R www-data: /var/www/ -WORKDIR /opt/openconext/OpenConext-engineblock +WORKDIR /var/www/html -# Copy keys and config -COPY ci/qa-config/files/ /etc/openconext EXPOSE 443 CMD ["apache2-foreground"] diff --git a/docker/ci/Dockerfile-php82 b/docker/ci/Dockerfile-php82 new file mode 100644 index 0000000000..498a95c247 --- /dev/null +++ b/docker/ci/Dockerfile-php82 @@ -0,0 +1,13 @@ +FROM ghcr.io/openconext/openconext-basecontainers/php82-apache2-node16-composer2:latest + +RUN a2enmod ssl + + +COPY docker/ci/app.ini /usr/local/etc/php/conf.d/ +COPY docker/ci/apache2.conf /etc/apache2/sites-enabled/ +RUN chown -R www-data: /var/www/ +WORKDIR /var/www/html + +EXPOSE 443 +CMD ["apache2-foreground"] + diff --git a/docker/php-fpm/apache2.conf b/docker/ci/apache2.conf similarity index 82% rename from docker/php-fpm/apache2.conf rename to docker/ci/apache2.conf index 51c48107b1..7a41dddf96 100644 --- a/docker/php-fpm/apache2.conf +++ b/docker/ci/apache2.conf @@ -1,9 +1,10 @@ - DocumentRoot /opt/openconext/OpenConext-engineblock/web - + DocumentRoot /var/www/html/web + Require all granted Options -MultiViews RewriteEngine On + RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ app.php [QSA,L] @@ -22,8 +23,8 @@ RewriteCond %{REQUEST_METHOD} !^(POST|GET)$ RewriteRule .* - [R=405,L] SSLEngine on - SSLCertificateFile /etc/apache2/ssl/engine.vm.openconext.org.crt - SSLCertificateKeyFile /etc/apache2/ssl/engine.vm.openconext.org.key + SSLCertificateFile /config/engine/engineblock.crt + SSLCertificateKeyFile /config/engine/engineblock.pem SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 SSLHonorCipherOrder on diff --git a/docker/php-fpm/app.ini b/docker/ci/app.ini similarity index 100% rename from docker/php-fpm/app.ini rename to docker/ci/app.ini diff --git a/docker/docker-compose-php72.yml b/docker/docker-compose-php72.yml index f0da915366..9257fdf3d1 100644 --- a/docker/docker-compose-php72.yml +++ b/docker/docker-compose-php72.yml @@ -1,6 +1,6 @@ version: '2.4' services: - php-fpm.vm.openconext.org: + engine.dev.openconext.local: build: - dockerfile: docker/php-fpm/Dockerfile-php72 + dockerfile: docker/ci/Dockerfile-php72 diff --git a/docker/docker-compose-php82.yml b/docker/docker-compose-php82.yml index f939712621..e5457a8d54 100644 --- a/docker/docker-compose-php82.yml +++ b/docker/docker-compose-php82.yml @@ -1,6 +1,6 @@ version: '2.4' services: - php-fpm.vm.openconext.org: + engine.dev.openconext.local: build: - dockerfile: docker/php-fpm/Dockerfile-php82 + dockerfile: docker/ci/Dockerfile-php82 diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 8d33d39f15..93270ca474 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -2,24 +2,7 @@ version: '2.4' services: - db.vm.openconext.org: - image: mariadb:10.2 - restart: always - container_name: eb-db - environment: - MYSQL_ROOT_PASSWORD: "root" - MYSQL_DATABASE: "eb" - MYSQL_USER: "eb_rw" - MYSQL_PASSWORD: "secret" - MYSQL_INITDB_SKIP_TZINFO: 1 - volumes: - - eb-mysql-data:/var/lib/mysql - healthcheck: - test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"] - timeout: 2s - retries: 20 - - db-test.vm.openconext.org: + mariadb: image: mariadb:10.2 restart: always container_name: eb-db-test @@ -37,32 +20,24 @@ services: retries: 20 interval: 2s - php-fpm.vm.openconext.org: + engine.dev.openconext.local: build: context: ../ # override this in a dedicated dockerfile per php version - # dockerfile: docker/php-fpm/Dockerfile + # dockerfile: docker/ci/Dockerfile container_name: eb-phpfpm volumes: - - ../:/opt/openconext/OpenConext-engineblock - - ../ci/qa-config/files/engine.vm.openconext.org.crt:/etc/apache2/ssl/engine.vm.openconext.org.crt - - ../ci/qa-config/files/engine.vm.openconext.org.key:/etc/apache2/ssl/engine.vm.openconext.org.key + - ../:/var/www/html + - ../ci/qa-config/files/engine.dev.openconext.local.crt:/config/engine/engineblock.crt + - ../ci/qa-config/files/engine.dev.openconext.local.key:/config/engine/engineblock.pem depends_on: - db.vm.openconext.org: - condition: service_healthy - db-test.vm.openconext.org: + mariadb: condition: service_healthy - extra_hosts: - - 'engine.vm.openconext.org: 127.0.0.1' environment: APP_ENV: ci SYMFONY_ENV: ci - networks: - default: - aliases: - - engine.vm.openconext.org - selenium.vm.openconext.org: + selenium.dev.openconext.local: image: selenium/standalone-chrome:2.53.1 container_name: eb-selenium user: "${UID}:${GID}" @@ -79,7 +54,7 @@ services: cypress: image: "cypress/included:13.1.0" environment: - - CYPRESS_baseUrl=https://engine.vm.openconext.org + - CYPRESS_baseUrl=https://engine.dev.openconext.local working_dir: /e2e entrypoint: cypress open --project . volumes: diff --git a/docker/nginx/nginx.conf b/docker/nginx/nginx.conf deleted file mode 100644 index d4f5a4e61d..0000000000 --- a/docker/nginx/nginx.conf +++ /dev/null @@ -1,58 +0,0 @@ -server { - listen 443 ssl; - server_name engine.vm.openconext.org; - root /var/www/web; - - ssl_certificate /etc/nginx/certs/engine.vm.openconext.org.crt; - ssl_certificate_key /etc/nginx/certs/engine.vm.openconext.org.key; - - - location / { - # try to serve file directly, fallback to app.php - try_files $uri /app.php$is_args$args; - } - - # optionally disable falling back to PHP script for the asset directories; - # nginx will return a 404 error when files are not found instead of passing the - # request to Symfony (improves performance but Symfony's 404 page is not displayed) - # location /bundles { - # try_files $uri =404; - # } - - location ~ ^/app\.php(/|$) { - fastcgi_pass php-fpm.vm.openconext.org:9000; - - fastcgi_split_path_info ^(.+\.php)(/.*)$; - include fastcgi_params; - - # optionally set the value of the environment variables used in the application - # fastcgi_param APP_ENV prod; - # fastcgi_param APP_SECRET ; - # fastcgi_param DATABASE_URL "mysql://db_user:db_pass@host:3306/db_name"; - fastcgi_param ENGINEBLOCK_ENV ci; - fastcgi_param SYMFONY_ENV ci; - - # When you are using symlinks to link the document root to the - # current version of your application, you should pass the real - # application path instead of the path to the symlink to PHP - # FPM. - # Otherwise, PHP's OPcache may not properly detect changes to - # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126 - # for more information). - fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; - fastcgi_param DOCUMENT_ROOT $realpath_root; - # Prevents URIs that include the front controller. This will 404: - # http://domain.tld/index.php/some-path - # Remove the internal directive to allow URIs like this - internal; - } - - # return 404 for all other php files not matching the front controller - # this prevents access to other php files you don't want to be accessible. - location ~ \.php$ { - return 404; - } - - error_log /proc/self/fd/2; - access_log /proc/self/fd/2; -} diff --git a/docker/php-fpm/Dockerfile-php82 b/docker/php-fpm/Dockerfile-php82 deleted file mode 100644 index 439cf46d24..0000000000 --- a/docker/php-fpm/Dockerfile-php82 +++ /dev/null @@ -1,15 +0,0 @@ -FROM ghcr.io/openconext/openconext-basecontainers/php82-apache2-node16-composer2:latest - -RUN a2enmod ssl - - -COPY docker/php-fpm/app.ini /usr/local/etc/php/conf.d/ -COPY docker/php-fpm/apache2.conf /etc/apache2/sites-enabled/ -RUN chown -R www-data: /var/www/ -WORKDIR /opt/openconext/OpenConext-engineblock - -# Copy keys and config -COPY ci/qa-config/files/ /etc/openconext -EXPOSE 443 -CMD ["apache2-foreground"] - diff --git a/library/EngineBlock/Application/FunctionalTestDiContainer.php b/library/EngineBlock/Application/FunctionalTestDiContainer.php index 567f7bd254..933bef68fd 100644 --- a/library/EngineBlock/Application/FunctionalTestDiContainer.php +++ b/library/EngineBlock/Application/FunctionalTestDiContainer.php @@ -76,7 +76,7 @@ public function getEncryptionKeysConfiguration() $basePath = $this->container->getParameter('kernel.project_dir'); return [ 'default' => [ - 'publicFile' => '/etc/openconext/engineblock.crt', + 'publicFile' => '/config/engine/engineblock.crt', 'privateFile' => $basePath . '/ci/qa-config/files/engineblock.pem', ], ]; diff --git a/library/EngineBlock/Application/TestDiContainer.php b/library/EngineBlock/Application/TestDiContainer.php index 1b09a6de81..74b425fab7 100644 --- a/library/EngineBlock/Application/TestDiContainer.php +++ b/library/EngineBlock/Application/TestDiContainer.php @@ -73,7 +73,7 @@ public function getEncryptionKeysConfiguration() return [ 'default' => [ - 'publicFile' => '/etc/openconext/engineblock.crt', + 'publicFile' => '/config/engine/engineblock.crt', 'privateFile' => $basePath . '/ci/qa-config/files/engineblock.pem', ], ]; diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Controllers/ConsentController.php b/src/OpenConext/EngineBlockFunctionalTestingBundle/Controllers/ConsentController.php index 84b339af89..4e6bf19b69 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Controllers/ConsentController.php +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Controllers/ConsentController.php @@ -90,7 +90,7 @@ public function consentAction(Request $request) 'urn:mace:dir:attribute-def:givenName' => ['John'], 'urn:mace:dir:attribute-def:mail' => ['j.doe@example.com'], 'urn:mace:terena.org:attribute-def:schacHomeOrganization' => ['example.com'], - 'urn:mace:dir:attribute-def:isMemberOf' => ['urn:collab:org:vm.openconext.org', 'urn:collab:org:example.com'], + 'urn:mace:dir:attribute-def:isMemberOf' => ['urn:collab:org:dev.openconext.local', 'urn:collab:org:example.com'], ]; $attributeMotivations = [ 'urn:mace:dir:attribute-def:eduPersonPrincipalName' => 'Test tooltip', diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AcsTinkering.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AcsTinkering.feature index 3e12d9df4a..785ec527f6 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AcsTinkering.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AcsTinkering.feature @@ -4,7 +4,7 @@ Feature: I need EB to filter malicious asc values in AuthnRequests Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "AlwaysAuth" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeAggregation.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeAggregation.feature index 6fc76d6b27..3c5ad6aad0 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeAggregation.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeAggregation.feature @@ -4,7 +4,7 @@ Feature: I need EB to add the attributes returned by the attribute aggregator Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "IDP-AA" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulation.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulation.feature index cf7dcb8071..7286403e2f 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulation.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulation.feature @@ -4,7 +4,7 @@ Feature: I want to be able to manipulate the response attributes through configured code Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy-IdP" @@ -188,11 +188,11 @@ Feature: And I select "Dummy-IdP" on the WAYF And I pass through EngineBlock And I pass through the IdP - Then I should not see "https://engine.vm.openconext.org/authentication/idp/single-sign-on" + Then I should not see "https://engine.dev.openconext.local/authentication/idp/single-sign-on" When I give my consent And I pass through EngineBlock Then the url should match "functional-testing/SP-with-Attribute-Manipulations/acs" - And the response should match xpath '/samlp:Response/saml:Assertion/saml:AttributeStatement/saml:Attribute[@Name="urn:mace:dir:attribute-def:uid"]/saml:AttributeValue[text()="https://engine.vm.openconext.org/authentication/idp/single-sign-on"]' + And the response should match xpath '/samlp:Response/saml:Assertion/saml:AttributeStatement/saml:Attribute[@Name="urn:mace:dir:attribute-def:uid"]/saml:AttributeValue[text()="https://engine.dev.openconext.local/authentication/idp/single-sign-on"]' Scenario: The manipulation reduces a multivalued attribute to a single value Given the IdP "Dummy-IdP" sends attribute "urn:mace:dir:attribute-def:eduPersonAffiliation" with values "student,faculty,guest,member" and xsi:type is "xs:string" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulationException.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulationException.feature index 9cae8f425a..375b3e98cc 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulationException.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulationException.feature @@ -4,7 +4,7 @@ Feature: I want to be able to throw a custom exception through configured code Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy-IdP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulationWithAllManipulationsBeforeConsent.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulationWithAllManipulationsBeforeConsent.feature index 02a29a8e18..ef73462669 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulationWithAllManipulationsBeforeConsent.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeManipulationWithAllManipulationsBeforeConsent.feature @@ -4,7 +4,7 @@ Feature: I want to be able to manipulate the response attributes through configured code Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy-IdP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeReleasePolicy.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeReleasePolicy.feature index 7b6c709745..8bfe708664 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeReleasePolicy.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeReleasePolicy.feature @@ -4,7 +4,7 @@ Feature: I need EB to apply Attribute Release Policies Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "TestIdp" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeReleasePolicyWithAllManipulationsBeforeConsent.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeReleasePolicyWithAllManipulationsBeforeConsent.feature index 76ec668e97..0ea500c307 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeReleasePolicyWithAllManipulationsBeforeConsent.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AttributeReleasePolicyWithAllManipulationsBeforeConsent.feature @@ -4,7 +4,7 @@ Feature: I need EB to apply Attribute Release Policies Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "TestIdp" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AuthenticationLoop.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AuthenticationLoop.feature index a69e8d71b5..56740a0cea 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AuthenticationLoop.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/AuthenticationLoop.feature @@ -4,7 +4,7 @@ Feature: I want to prevent authentication loops from happening Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And EngineBlock is configured to allow a maximum of 2 authentication procedures within a time frame of 6000 seconds And no registered SPs And no registered Idps diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Bindings.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Bindings.feature index 95578fed12..b91c6e60c1 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Bindings.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Bindings.feature @@ -4,7 +4,7 @@ Feature: I want to send SAML Requests / Responses in a variety of ways Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy Idp" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/ClearErrorMessages.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/ClearErrorMessages.feature index 6783f5e926..9fd2a96337 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/ClearErrorMessages.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/ClearErrorMessages.feature @@ -4,7 +4,7 @@ Feature: I need to see useful error information when something goes wrong Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy Idp" @@ -165,7 +165,7 @@ Feature: When I log in at "Dummy SP" And I pass through EngineBlock Then I should see "HTTP Method not allowed" - And I should see "The HTTP method \"GET\" is not allowed for location \"https://engine.vm.openconext.org/authentication/sp/consume-assertion\". Supported methods are: POST." + And I should see "The HTTP method \"GET\" is not allowed for location \"https://engine.dev.openconext.local/authentication/sp/consume-assertion\". Supported methods are: POST." Scenario: An Identity Provider sends a response without a SHO Given the IdP does not send the attribute named "urn:mace:terena.org:attribute-def:schacHomeOrganization" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Consent.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Consent.feature index ff6e02c9ac..dea58abdab 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Consent.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Consent.feature @@ -5,7 +5,7 @@ Feature: I want to see what information the SP requires Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And an Identity Provider named "Dummy-IdP" And a Service Provider named "Dummy-SP" And a Service Provider named "Trusted Proxy" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Debug.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Debug.feature index d26e1e45c9..997a02031f 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Debug.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Debug.feature @@ -4,7 +4,7 @@ Feature: I want to perform test authentication requests on EngineBlock Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And an Identity Provider named "First-IdP" with logo "idp-logo.jpg" And an Identity Provider named "Second-IdP" with logo "idp2-logo.jpg" And my browser is configured to accept language "nl-NL" @@ -20,7 +20,7 @@ Feature: And I pass through the IdP Then I should see "Identity Provider" And I should see "Entity ID" - And I should see "https://engine.vm.openconext.org/functional-testing/Second-IdP/metadata" + And I should see "https://engine.dev.openconext.local/functional-testing/Second-IdP/metadata" And I should see "Naam" And I should see "Second-IdP" And I should see "Logo" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/DisplayUnconnectedIdpsWayf.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/DisplayUnconnectedIdpsWayf.feature index ed04d7d171..df3def8c90 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/DisplayUnconnectedIdpsWayf.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/DisplayUnconnectedIdpsWayf.feature @@ -4,7 +4,7 @@ Feature: I need EB to show me all the unconnected identity providers in the WAYF Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And a Service Provider named "SP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/EduPersonTargetedId.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/EduPersonTargetedId.feature index 4f9b6761b3..7d0f38f437 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/EduPersonTargetedId.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/EduPersonTargetedId.feature @@ -4,7 +4,7 @@ Feature: I need EB to add an EduPersonTargetedId attribute when requested in the ARP Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "TestIdp" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Encryption.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Encryption.feature index 0654bcb7d3..3ef9bad094 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Encryption.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Encryption.feature @@ -4,7 +4,7 @@ Feature: I want to send Encrypted SAML Responses Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy Idp" @@ -13,7 +13,7 @@ Feature: Scenario: EngineBlock accepts RSA Encrypted Responses Given the SP uses the HTTP POST Binding And feature "eb.encrypted_assertions" is enabled - And the IdP encrypts its assertions with the public key in "/etc/openconext/engineblock.crt" + And the IdP encrypts its assertions with the public key in "/config/engine/engineblock.crt" When I log in at "Dummy SP" And I pass through the SP And I pass through EngineBlock diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/FeedbackFooters.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/FeedbackFooters.feature index 0b7ec82dae..a4f96ffb76 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/FeedbackFooters.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/FeedbackFooters.feature @@ -4,7 +4,7 @@ Feature: I need to see useful footer blocks when something goes wrong Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy Idp" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/FrontPage.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/FrontPage.feature index bcf59f4e29..2558443b36 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/FrontPage.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/FrontPage.feature @@ -4,7 +4,7 @@ Feature: I want to display a front page with links to my metadata endpoints and other features Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/InternalCollabPersonId.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/InternalCollabPersonId.feature index d4e7a9a96b..bc7fb71327 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/InternalCollabPersonId.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/InternalCollabPersonId.feature @@ -4,7 +4,7 @@ Feature: I need to release the internal-collabPersonId attribute if a trusted proxy is involved in authentication Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "AlwaysAuth" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/IsPassive.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/IsPassive.feature index dfa8978862..2280e126ac 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/IsPassive.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/IsPassive.feature @@ -4,7 +4,7 @@ Feature: The IsPassive implementation in EB should function correctly Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy IdP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/LocaleSelection.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/LocaleSelection.feature index b7ba806443..d90cb8e8ef 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/LocaleSelection.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/LocaleSelection.feature @@ -5,7 +5,7 @@ Feature: Where desired, I want to override the language with the EN/NL buttons in the interface. Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And an Identity Provider named "First IdP" And an Identity Provider named "Second IdP" And a Service Provider named "Test SP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Logout.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Logout.feature index e05e1caba5..27ad08cbd0 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Logout.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Logout.feature @@ -4,7 +4,7 @@ Feature: I want to be able to logout of EngineBlock Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy IdP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Metadata.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Metadata.feature index 58698f5f98..2213580389 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Metadata.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Metadata.feature @@ -4,20 +4,20 @@ Feature: I want to be able to share EngineBlock metadata Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps Scenario: A user can request the EngineBlock SP Proxy metadata When I go to Engineblock URL "/authentication/sp/metadata" # Verify the entity id is correctly set in the metadata - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/authentication/sp/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/authentication/sp/metadata"]' # Verify the display name (EN) correctly set in the metadata And the response should match xpath '//mdui:DisplayName[@xml:lang="en" and text()="OpenConext EngineBlock"]' # Verify the signature method is set to sha256 And the response should match xpath '//ds:SignatureMethod[@Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"]' # Verify the ACS location and binding - And the response should match xpath '//md:AssertionConsumerService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" and @Location="https://engine.vm.openconext.org/authentication/sp/consume-assertion"]' + And the response should match xpath '//md:AssertionConsumerService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" and @Location="https://engine.dev.openconext.local/authentication/sp/consume-assertion"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key @@ -26,13 +26,13 @@ Feature: Scenario: A user can request the EngineBlock IdP Proxy metadata When I go to Engineblock URL "/authentication/idp/metadata" # Verify the entity id is correctly set in the metadata - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/authentication/idp/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/authentication/idp/metadata"]' # Verify the display name (EN) correctly set in the metadata And the response should match xpath '//mdui:DisplayName[@xml:lang="en" and text()="OpenConext EngineBlock"]' # Verify the signature method is set to sha256 And the response should match xpath '//ds:SignatureMethod[@Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"]' # Verify SSO location and binding is set correctly - And the response should match xpath '//md:SingleSignOnService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" and @Location="https://engine.vm.openconext.org/authentication/idp/single-sign-on"]' + And the response should match xpath '//md:SingleSignOnService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" and @Location="https://engine.dev.openconext.local/authentication/idp/single-sign-on"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key @@ -41,11 +41,11 @@ Feature: Scenario: A user can request the EngineBlock stepup metadata When I go to Engineblock URL "/authentication/stepup/metadata" # Verify the entity id is correctly set in the metadata - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/authentication/stepup/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/authentication/stepup/metadata"]' # Verify the signature method is set to sha256 And the response should match xpath '//ds:SignatureMethod[@Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"]' # Verify the ACS location and binding - And the response should match xpath '//md:AssertionConsumerService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" and @Location="https://engine.vm.openconext.org/authentication/stepup/consume-assertion"]' + And the response should match xpath '//md:AssertionConsumerService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" and @Location="https://engine.dev.openconext.local/authentication/stepup/consume-assertion"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key @@ -57,17 +57,17 @@ Feature: And an Identity Provider named "Regular-IdP" When I go to Engineblock URL "/authentication/proxy/idps-metadata" # Verify the three IdPs are present in the list - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Known-IdP/metadata"]' - And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Second-IdP/metadata"]' - And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Regular-IdP/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Known-IdP/metadata"]' + And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Second-IdP/metadata"]' + And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Regular-IdP/metadata"]' # And Engine IdP is not listed - And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/authentication/idp/metadata"]' + And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/authentication/idp/metadata"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key And the response should match xpath '//ds:Signature//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the schema and hostname are not appende twice as was done prior to resolving: https://www.pivotaltracker.com/story/show/169724838 - And the response should not match xpath '//mdui:Logo[text()="https://engine.vm.openconext.orghttps://engine.vm.openconext.org/images/logo.png"]' + And the response should not match xpath '//mdui:Logo[text()="https://engine.dev.openconext.localhttps://engine.dev.openconext.local/images/logo.png"]' Scenario: A user can request the metadata and does not see invisible IdPs Given an Identity Provider named "Known-IdP" @@ -76,10 +76,10 @@ Feature: And the IdP "Hidden-IdP" is hidden When I go to Engineblock URL "/authentication/proxy/idps-metadata" # Verify the two IdPs are present in the list - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Known-IdP/metadata"]' - And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Second-IdP/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Known-IdP/metadata"]' + And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Second-IdP/metadata"]' # The Hidden IdP is not listed - And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Hidden-IdP/metadata"]' + And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Hidden-IdP/metadata"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key @@ -91,9 +91,9 @@ Feature: And the Idp with name "Known-IdP" has shibd scope "foobar.example.com" When I go to Engineblock URL "/authentication/proxy/idps-metadata" # Verify the two IdPs are present in the list - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Known-IdP/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Known-IdP/metadata"]' And the response should match xpath '//shibmd:Scope[@regexp="false" and text() = "foobar.example.com"]' - And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Second-IdP/metadata"]' + And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Second-IdP/metadata"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key @@ -105,14 +105,14 @@ Feature: And an Identity Provider named "Not-Connected-IdP" And a Service Provider named "Test-SP" And SP "Test-SP" is not connected to IdP "Not-Connected-IdP" - When I go to Engineblock URL "/authentication/proxy/idps-metadata?sp-entity-id=https://engine.vm.openconext.org/functional-testing/Test-SP/metadata" + When I go to Engineblock URL "/authentication/proxy/idps-metadata?sp-entity-id=https://engine.dev.openconext.local/functional-testing/Test-SP/metadata" # Verify the two connected IdPs are present in the list - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Connected-IdP/metadata"]' - And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Second-Connected-IdP/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Connected-IdP/metadata"]' + And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Second-Connected-IdP/metadata"]' # Verify the disconnected IdP is not listed - And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Not-Connected-IdP/metadata"]' + And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Not-Connected-IdP/metadata"]' # Verify the SP enitty is not listed (used to be the case in older EB versions) - And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Test-SP/metadata"]' + And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Test-SP/metadata"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key @@ -123,13 +123,13 @@ Feature: Scenario: A user can request the EngineBlock SP Proxy metadata with a keyID When I go to Engineblock URL "/authentication/sp/metadata/key:default" # Verify the entity id is correctly set in the metadata - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/authentication/sp/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/authentication/sp/metadata"]' # Verify the display name (EN) correctly set in the metadata And the response should match xpath '//mdui:DisplayName[@xml:lang="en" and text()="OpenConext EngineBlock"]' # Verify the signature method is set to sha256 And the response should match xpath '//ds:SignatureMethod[@Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"]' # Verify the ACS location and binding - And the response should match xpath '//md:AssertionConsumerService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" and @Location="https://engine.vm.openconext.org/authentication/sp/consume-assertion"]' + And the response should match xpath '//md:AssertionConsumerService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" and @Location="https://engine.dev.openconext.local/authentication/sp/consume-assertion"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key @@ -138,13 +138,13 @@ Feature: Scenario: A user can request the EngineBlock IdP Proxy metadata with a keyID When I go to Engineblock URL "/authentication/idp/metadata/key:default" # Verify the entity id is correctly set in the metadata - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/authentication/idp/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/authentication/idp/metadata"]' # Verify the display name (EN) correctly set in the metadata And the response should match xpath '//mdui:DisplayName[@xml:lang="en" and text()="OpenConext EngineBlock"]' # Verify the signature method is set to sha256 And the response should match xpath '//ds:SignatureMethod[@Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"]' # Verify SSO location and binding is set correctly including Key ID - And the response should match xpath '//md:SingleSignOnService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" and @Location="https://engine.vm.openconext.org/authentication/idp/single-sign-on/key:default"]' + And the response should match xpath '//md:SingleSignOnService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" and @Location="https://engine.dev.openconext.local/authentication/idp/single-sign-on/key:default"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key @@ -153,11 +153,11 @@ Feature: Scenario: A user can request the EngineBlock stepup metadata with a keyID When I go to Engineblock URL "/authentication/stepup/metadata/key:default" # Verify the entity id is correctly set in the metadata - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/authentication/stepup/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/authentication/stepup/metadata"]' # Verify the signature method is set to sha256 And the response should match xpath '//ds:SignatureMethod[@Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"]' # Verify the ACS location and binding - And the response should match xpath '//md:AssertionConsumerService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" and @Location="https://engine.vm.openconext.org/authentication/stepup/consume-assertion"]' + And the response should match xpath '//md:AssertionConsumerService[@Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" and @Location="https://engine.dev.openconext.local/authentication/stepup/consume-assertion"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key @@ -169,17 +169,17 @@ Feature: And an Identity Provider named "Regular-IdP" When I go to Engineblock URL "/authentication/proxy/idps-metadata/key:default" # Verify the three IdPs are present in the list - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Known-IdP/metadata"]' - And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Second-IdP/metadata"]' - And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Regular-IdP/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Known-IdP/metadata"]' + And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Second-IdP/metadata"]' + And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Regular-IdP/metadata"]' # And Engine IdP is not listed - And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/authentication/idp/metadata"]' + And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/authentication/idp/metadata"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key And the response should match xpath '//ds:Signature//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the schema and hostname are not appende twice as was done prior to resolving: https://www.pivotaltracker.com/story/show/169724838 - And the response should not match xpath '//mdui:Logo[text()="https://engine.vm.openconext.orghttps://engine.vm.openconext.org/images/logo.png"]' + And the response should not match xpath '//mdui:Logo[text()="https://engine.dev.openconext.localhttps://engine.dev.openconext.local/images/logo.png"]' Scenario: A user can request the metadata of the IdPs connected to a specific SP with a keyID Given an Identity Provider named "Connected-IdP" @@ -187,14 +187,14 @@ Feature: And an Identity Provider named "Not-Connected-IdP" And a Service Provider named "Test-SP" And SP "Test-SP" is not connected to IdP "Not-Connected-IdP" - When I go to Engineblock URL "/authentication/proxy/idps-metadata/key:default?sp-entity-id=https://engine.vm.openconext.org/functional-testing/Test-SP/metadata" + When I go to Engineblock URL "/authentication/proxy/idps-metadata/key:default?sp-entity-id=https://engine.dev.openconext.local/functional-testing/Test-SP/metadata" # Verify the two connected IdPs are present in the list - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Connected-IdP/metadata"]' - And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Second-Connected-IdP/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Connected-IdP/metadata"]' + And the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Second-Connected-IdP/metadata"]' # Verify the disconnected IdP is not listed - And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Not-Connected-IdP/metadata"]' + And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Not-Connected-IdP/metadata"]' # Verify the SP enitty is not listed (used to be the case in older EB versions) - And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/functional-testing/Test-SP/metadata"]' + And the response should not match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/functional-testing/Test-SP/metadata"]' # Verify the propagated signing key is EB key And the response should match xpath '//md:KeyDescriptor[@use="signing"]//ds:X509Certificate[starts-with(.,"MIIDuDCCAqCgAwIBAgIJAPdqJ9JQKN6vMA0GCSqGSIb3DQEBBQUAMEYxDzANBgNVBAMT")]' # Verify the used signing key is EB key diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/MfaAuthnContextClassRef.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/MfaAuthnContextClassRef.feature index c2d3122730..e8e29b6dca 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/MfaAuthnContextClassRef.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/MfaAuthnContextClassRef.feature @@ -4,7 +4,7 @@ Feature: I want to support configurable AuthnContextClassRefs for certain IdP SP combinations Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "SSO-IdP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/MultipleSingleSignOn.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/MultipleSingleSignOn.feature index 3d34871bb8..8af0696034 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/MultipleSingleSignOn.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/MultipleSingleSignOn.feature @@ -5,7 +5,7 @@ Feature: I want to support multiple in-flight AuthNRequests Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "SSO-IdP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/NameIdFormat.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/NameIdFormat.feature index b3ebd32766..60c6f3e98c 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/NameIdFormat.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/NameIdFormat.feature @@ -4,7 +4,7 @@ Feature: I want to be sure after ARP my name id format is presented correctly to the SP Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "SSO-IdP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/PolicyEnforcement.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/PolicyEnforcement.feature index ccecb2fa9b..d740ef3faf 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/PolicyEnforcement.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/PolicyEnforcement.feature @@ -4,7 +4,7 @@ Feature: I want to enforce the configured policies Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy IdP" with logo "idp-logo.jpg" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SignatureBypassVulnerability.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SignatureBypassVulnerability.feature index 02fdfc8a2e..8a5642c3ec 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SignatureBypassVulnerability.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SignatureBypassVulnerability.feature @@ -4,7 +4,7 @@ Feature: I need EB to throw an exception to prevent further processing of a tampered with SAML Response Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "IdP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SingleSignOn.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SingleSignOn.feature index 7b382970d2..770d871a23 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SingleSignOn.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SingleSignOn.feature @@ -4,7 +4,7 @@ Feature: I want to send them the correct AuthnRequests and Responses Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "SSO-IdP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SingleSignOnWithScoping.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SingleSignOnWithScoping.feature index 41731f7c93..8d97b56cae 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SingleSignOnWithScoping.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SingleSignOnWithScoping.feature @@ -4,7 +4,7 @@ Feature: I want to limit the available IDPs in the WAYF based on ACLs or elements in the AuthnRequest Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "IDP1" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SpProxy.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SpProxy.feature index 36d0be3019..98c3b2ec32 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SpProxy.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/SpProxy.feature @@ -4,7 +4,7 @@ Feature: I need EB to proxy for my Step Up proxy Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "AlwaysAuth" @@ -206,7 +206,7 @@ Feature: And SP "Step Up" does not require consent And SP "Loa SP" does not require consent And SP "Loa SP" requires a policy enforcement decision - And pdp gives a stepup obligation response for "http://vm.openconext.org/assurance/loa3" + And pdp gives a stepup obligation response for "http://dev.openconext.local/assurance/loa3" When I log in at "Step Up" And I select "AlwaysAuth" on the WAYF And I pass through EngineBlock diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/StatusCodes.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/StatusCodes.feature index def9ffb69d..155363d6c9 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/StatusCodes.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/StatusCodes.feature @@ -4,7 +4,7 @@ Feature: The correct status codes and sub status codes should be shown Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy Idp" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Stepup.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Stepup.feature index 91959b798e..2822d88b59 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Stepup.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Stepup.feature @@ -4,7 +4,7 @@ Feature: I want to support step-up authentication by utilizing the Stepup Gateway SFO capabilities Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "SSO-IdP" @@ -14,7 +14,7 @@ Feature: And a Service Provider named "Proxy-SP" Scenario: Stepup authentication should be supported if set through SP configuration - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -25,7 +25,7 @@ Feature: Then the url should match "/functional-testing/SSO-SP/acs" Scenario: LoA 1.5 (self-asserted token) should be supported - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa1_5" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa1_5" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -36,7 +36,7 @@ Feature: Then the url should match "/functional-testing/SSO-SP/acs" Scenario: Stepup authentication should be supported if set through IdP configuration mapping - Given the IdP "SSO-IdP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" for SP "SSO-SP" + Given the IdP "SSO-IdP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" for SP "SSO-SP" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -47,8 +47,8 @@ Feature: Then the url should match "/functional-testing/SSO-SP/acs" Scenario: Stepup authentication should be supported if set through both IdP and SP - Given the IdP "SSO-IdP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" for SP "SSO-SP" - And the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa3" + Given the IdP "SSO-IdP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" for SP "SSO-SP" + And the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa3" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -60,7 +60,7 @@ Feature: Scenario: Stepup authentication should be supported if set through PDP Given SP "SSO-SP" requires a policy enforcement decision - And pdp gives a stepup obligation response for "http://vm.openconext.org/assurance/loa3" + And pdp gives a stepup obligation response for "http://dev.openconext.local/assurance/loa3" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -71,7 +71,7 @@ Feature: Then the url should match "/functional-testing/SSO-SP/acs" Scenario: Stepup authentication should be supported if set through SP AuthnRequest - Given SP "SSO-SP" requests LoA "http://vm.openconext.org/assurance/loa3" + Given SP "SSO-SP" requests LoA "http://dev.openconext.local/assurance/loa3" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -82,7 +82,7 @@ Feature: Then the url should match "/functional-testing/SSO-SP/acs" Scenario: Stepup authentication is forced when coin:stepup:forceauthn is configured for the SP - Given SP "SSO-SP" requests LoA "http://vm.openconext.org/assurance/loa3" + Given SP "SSO-SP" requests LoA "http://dev.openconext.local/assurance/loa3" And the SP "SSO-SP" forces stepup authentication When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF @@ -91,7 +91,7 @@ Feature: Then the received AuthnRequest should match xpath '/samlp:AuthnRequest[@ForceAuthn="true"]' Scenario: Stepup authentication is NOT forced when coin:stepup:forceauthn is not configured for the SP - Given SP "SSO-SP" requests LoA "http://vm.openconext.org/assurance/loa3" + Given SP "SSO-SP" requests LoA "http://dev.openconext.local/assurance/loa3" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -99,7 +99,7 @@ Feature: Then the received AuthnRequest should not match xpath '/samlp:AuthnRequest[@ForceAuthn="true"]' Scenario: LoA 1 is allowed, but refrains from doing a step up callout - Given SP "SSO-SP" requests LoA "http://vm.openconext.org/assurance/loa1" + Given SP "SSO-SP" requests LoA "http://dev.openconext.local/assurance/loa1" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -118,7 +118,7 @@ Feature: Then the url should match "/functional-testing/Dummy-SP/acs" Scenario: Stepup authentication should handle stepup if LoA level is not met but no token is allowed - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" And the SP "SSO-SP" allows no Stepup token When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF @@ -130,7 +130,7 @@ Feature: Then the url should match "/functional-testing/SSO-SP/acs" Scenario: Stepup authentication should show exception when LoA level is not met - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -141,7 +141,7 @@ Feature: And the response status code should be 400 Scenario: User can click back button on error page after failing StepUp - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -156,7 +156,7 @@ Feature: And the response should contain '(No message provided)' Scenario: Stepup authentication should show exception when user does cancel - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -167,7 +167,7 @@ Feature: And the response status code should be 400 Scenario: Stepup authentication should show exception when an unknown status is returned - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -179,7 +179,7 @@ Feature: # Trusted proxy logic Scenario: Step-up authentication should be requested for the proxied SP when using a trusted proxy setup and if configured in the proxied SP - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" And SP "Proxy-SP" is authenticating for SP "SSO-SP" And SP "Proxy-SP" is a trusted proxy And SP "Proxy-SP" signs its requests @@ -193,7 +193,7 @@ Feature: Then the url should match "/functional-testing/Proxy-SP/acs" Scenario: Stepup authentication should succeed for the proxied SP when using a trusted proxy setup, if LoA level is not met but when no token is allowed is configured in the proxied SP - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" And the SP "SSO-SP" allows no Stepup token And SP "Proxy-SP" is authenticating for SP "SSO-SP" And SP "Proxy-SP" is a trusted proxy @@ -208,7 +208,7 @@ Feature: Then the url should match "/functional-testing/Proxy-SP/acs" Scenario: Step-up ForceAuthn should be requested for the proxied SP when using a trusted proxy setup and if configured in the proxied SP - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" And the SP "SSO-SP" forces stepup authentication And SP "Proxy-SP" is authenticating for SP "SSO-SP" And SP "Proxy-SP" is a trusted proxy @@ -220,7 +220,7 @@ Feature: Then the received AuthnRequest should match xpath '/samlp:AuthnRequest[@ForceAuthn="true"]' Scenario: Step-up ForceAuthn should not be requested for the proxied SP when using a trusted proxy setup and if configured in the proxied SP - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" And SP "Proxy-SP" is authenticating for SP "SSO-SP" And SP "Proxy-SP" is a trusted proxy And SP "Proxy-SP" signs its requests @@ -239,7 +239,7 @@ Feature: Then I should see "Error - An error occurred" Scenario: Stepup authentication should fail when LoA 3 is requested, but LoA 2 is provided - Given the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa3" + Given the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa3" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock @@ -252,7 +252,7 @@ Feature: And the url should match "/feedback/unknown-error" Scenario: Stepup authentication should be fail when insufficient LoA is provided when LoA set through SP AuthnRequest - Given SP "SSO-SP" requests LoA "http://vm.openconext.org/assurance/loa3" + Given SP "SSO-SP" requests LoA "http://dev.openconext.local/assurance/loa3" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/StepupKeyRollover.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/StepupKeyRollover.feature index aeac7057ad..84b0e71223 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/StepupKeyRollover.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/StepupKeyRollover.feature @@ -6,7 +6,7 @@ Feature: This then allows two entities, with two different keys, to be configured in the Stepup-Gateway Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "SSO-IdP" @@ -18,12 +18,13 @@ Feature: Scenario: When stepup.sfo.override_engine_entityid is not configured, stepup/metadata should show default EntityId Given feature "eb.stepup.sfo.override_engine_entityid" is disabled When I go to Engineblock URL "/authentication/stepup/metadata" - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.org/authentication/stepup/metadata"]' + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/authentication/stepup/metadata"]' Scenario: When stepup.sfo.override_engine_entityid is configured with a valid EntityId, stepup/metadata should show that EntityId Given feature "eb.stepup.sfo.override_engine_entityid" is enabled When I go to Engineblock URL "/authentication/stepup/metadata" - Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.vm.openconext.com/new/stepup/metadata"]' + Then print last response + Then the response should match xpath '//md:EntityDescriptor[@entityID="https://engine.dev.openconext.local/new/stepup/metadata"]' # Note that we can not ascertain programatically if the Issuer is updated as this is an internal # redirect response where we can not easily intervene with the browser (we would need to disable @@ -31,7 +32,7 @@ Feature: # is not broken by it. Scenario: When stepup.sfo.override_engine_entityid is configured, the the Issuer is updated Given feature "eb.stepup.sfo.override_engine_entityid" is enabled - And the SP "SSO-SP" requires Stepup LoA "http://vm.openconext.org/assurance/loa2" + And the SP "SSO-SP" requires Stepup LoA "http://dev.openconext.local/assurance/loa2" When I log in at "SSO-SP" And I select "SSO-IdP" on the WAYF And I pass through EngineBlock diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/UnsolicitedSingleSignOn.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/UnsolicitedSingleSignOn.feature index 3dcaf28b6d..49cfebe50e 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/UnsolicitedSingleSignOn.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/UnsolicitedSingleSignOn.feature @@ -4,7 +4,7 @@ Feature: I want to be able to initiate a login Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And no registered SPs And no registered Idps And an Identity Provider named "Dummy IdP" diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/UnsolicitedSingleSignOnDisabled.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/UnsolicitedSingleSignOnDisabled.feature index 0f86bb2b32..9695966898 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/UnsolicitedSingleSignOnDisabled.feature +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/UnsolicitedSingleSignOnDisabled.feature @@ -4,7 +4,7 @@ Feature: I want to be able to disable unsolicited login Background: - Given an EngineBlock instance on "vm.openconext.org" + Given an EngineBlock instance on "dev.openconext.local" And feature "eb.feature_enable_idp_initiated_flow" is disabled And no registered SPs And no registered Idps diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Fixtures/FunctionalTestingStepupGatewayMockConfiguration.php b/src/OpenConext/EngineBlockFunctionalTestingBundle/Fixtures/FunctionalTestingStepupGatewayMockConfiguration.php index 5c2d750107..80ac5a2af8 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Fixtures/FunctionalTestingStepupGatewayMockConfiguration.php +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Fixtures/FunctionalTestingStepupGatewayMockConfiguration.php @@ -57,7 +57,7 @@ public function __construct( // Set gateway configured IDP $mockEbIdp = $this->mockIdentityProviderFactory->createNew('Stepup gateway'); - $mockEbIdp->setEntityId('https://engine.vm.openconext.org/authentication/stepup/metadata'); + $mockEbIdp->setEntityId('https://engine.dev.openconext.local/authentication/stepup/metadata'); $mockEbIdp->setPrivateKey($keysConfig['default']['privateFile']); $mockEbIdp->setCertificate($keysConfig['default']['publicFile']); @@ -65,7 +65,7 @@ public function __construct( // Set gateway configured SP $mockSp = $this->mockServiceProviderFactory->createNew('ebStepupSp'); - $mockSp->setEntityId('https://engine.vm.openconext.org/authentication/stepup/metadata'); + $mockSp->setEntityId('https://engine.dev.openconext.local/authentication/stepup/metadata'); $this->mockServiceProvider = $mockSp; } diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Fixtures/ServiceRegistryFixture.php b/src/OpenConext/EngineBlockFunctionalTestingBundle/Fixtures/ServiceRegistryFixture.php index 571f5805e6..cd441fa4eb 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Fixtures/ServiceRegistryFixture.php +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Fixtures/ServiceRegistryFixture.php @@ -157,7 +157,7 @@ public function registerSp($name, $entityId, $acsLocation, $certData = '') 0 ); - $this->setCoin($sp, 'termsOfServiceUrl', 'http://welcome.vm.openconext.org'); + $this->setCoin($sp, 'termsOfServiceUrl', 'http://welcome.dev.openconext.local'); $sp->getMdui()->setLogo(new Logo('/images/placeholder.png')); diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Resources/config/services.yml b/src/OpenConext/EngineBlockFunctionalTestingBundle/Resources/config/services.yml index b4031c05fe..30668a02fb 100644 --- a/src/OpenConext/EngineBlockFunctionalTestingBundle/Resources/config/services.yml +++ b/src/OpenConext/EngineBlockFunctionalTestingBundle/Resources/config/services.yml @@ -95,8 +95,8 @@ services: engineblock.configuration.stepup.endpoint: class: OpenConext\EngineBlock\Stepup\StepupEndpoint arguments: - - "https://engine.vm.openconext.org/authentication/stepup/metadata" - - "https://engine.vm.openconext.org/functional-testing/gateway/second-factor-only/single-sign-on" + - "https://engine.dev.openconext.local/authentication/stepup/metadata" + - "https://engine.dev.openconext.local/functional-testing/gateway/second-factor-only/single-sign-on" - "%stepup.gateway.sfo.key_file%" engineblock.functional_testing.mock.translator: diff --git a/tests/behat-ci.yml b/tests/behat-ci.yml index 41457d6997..551a4c081b 100644 --- a/tests/behat-ci.yml +++ b/tests/behat-ci.yml @@ -67,7 +67,7 @@ default: extensions: Behat\MinkExtension: - base_url: https://engine.vm.openconext.org/ + base_url: https://engine.dev.openconext.local/ goutte: ~ sessions: default: @@ -77,7 +77,7 @@ default: chrome: selenium2: browser: chrome - wd_host: http://selenium.vm.openconext.org:4444/wd/hub + wd_host: http://selenium.dev.openconext.local:4444/wd/hub capabilities: chrome: switches: diff --git a/tests/behat.yml b/tests/behat.yml index 0791a01f37..cfa9d6fc89 100644 --- a/tests/behat.yml +++ b/tests/behat.yml @@ -67,7 +67,7 @@ default: extensions: Behat\MinkExtension: - base_url: ~ + base_url: https://engine.dev.openconext.local/ goutte: ~ sessions: default: @@ -86,4 +86,8 @@ default: - "--window-size=1920,1080" - "--no-sandbox" - "--disable-dev-shm-usage" - Behat\Symfony2Extension: ~ + Behat\Symfony2Extension: + kernel: + env: ci + debug: true + diff --git a/tests/e2e/cypress/integration/openconext/consent/consent.material.spec.js b/tests/e2e/cypress/integration/openconext/consent/consent.material.spec.js index c2b141fe20..a3392e6184 100644 --- a/tests/e2e/cypress/integration/openconext/consent/consent.material.spec.js +++ b/tests/e2e/cypress/integration/openconext/consent/consent.material.spec.js @@ -1,7 +1,7 @@ context('Consent on Material theme', () => { beforeEach(() => { - cy.visit('https://engine.vm.openconext.org/functional-testing/consent'); + cy.visit('https://engine.dev.openconext.local/functional-testing/consent'); }); it('gives openconext information', () => { diff --git a/tests/e2e/cypress/integration/openconext/wayf/WayfMouseBehaviour.spec.js b/tests/e2e/cypress/integration/openconext/wayf/WayfMouseBehaviour.spec.js index d19d5f41fa..f662ea4b29 100644 --- a/tests/e2e/cypress/integration/openconext/wayf/WayfMouseBehaviour.spec.js +++ b/tests/e2e/cypress/integration/openconext/wayf/WayfMouseBehaviour.spec.js @@ -8,7 +8,7 @@ context('WayfMouseBehaviour', () => { */ it.skip('Disconnected IdPs should be highlighted on mouse hover', () => { // Open a dummy wayf with 5 connected IdPs and 5 unconnected IdPs - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=10&displayUnconnectedIdpsWayf=true&unconnectedIdps=5'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=10&displayUnconnectedIdpsWayf=true&unconnectedIdps=5'); cy.get('#unconnected-idp-picker > div > div.idp-list > a.result.active.noaccess:nth-child(1)') .hover() .should('have.class', 'focussed'); @@ -19,23 +19,23 @@ context('WayfMouseBehaviour', () => { */ it('Connected IdP should respond to mouse click after clearing previous selections', () => { // Open a dummy wayf with 5 connected IdPs - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=10&displayUnconnectedIdpsWayf=true&unconnectedIdps=5'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=10&displayUnconnectedIdpsWayf=true&unconnectedIdps=5'); // Click the first IdP, adding it to the list of previously chosen IdPs cy.get('a.result.active.access:nth-child(1)').click({force:true}); // We visit the fake IdP, verify the right redirect is performed cy.location().should((loc) => { - expect(loc.href).to.eq('https://engine.vm.openconext.org/?idp=https%3A//example.com/entityId/1'); + expect(loc.href).to.eq('https://engine.dev.openconext.local/?idp=https%3A//example.com/entityId/1'); }); // Go back to the WAYF - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=10&displayUnconnectedIdpsWayf=true&unconnectedIdps=5'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=10&displayUnconnectedIdpsWayf=true&unconnectedIdps=5'); // Click the second IdP, adding it to the list of previously chosen IdPs cy.get('a.result.active.access:nth-child(2)').click({force:true}); // We visit the fake IdP, verify the right redirect is performed cy.location().should((loc) => { - expect(loc.href).to.eq('https://engine.vm.openconext.org/?idp=https%3A//example.com/entityId/2'); + expect(loc.href).to.eq('https://engine.dev.openconext.local/?idp=https%3A//example.com/entityId/2'); }); // Go back to the WAYF - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=10&displayUnconnectedIdpsWayf=true&unconnectedIdps=5'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=10&displayUnconnectedIdpsWayf=true&unconnectedIdps=5'); cy.get('div.preselection header h2') .should('contain.text', 'Previously chosen:'); cy.get('.edit') diff --git a/tests/e2e/cypress/integration/openconext/wayf/WayfShowsConnectedIdps.spec.js b/tests/e2e/cypress/integration/openconext/wayf/WayfShowsConnectedIdps.spec.js index 324c55d185..ca478c2734 100644 --- a/tests/e2e/cypress/integration/openconext/wayf/WayfShowsConnectedIdps.spec.js +++ b/tests/e2e/cypress/integration/openconext/wayf/WayfShowsConnectedIdps.spec.js @@ -1,7 +1,7 @@ context('WayfMouseBehaviour', () => { it('Should show five connected IdPs and the search field', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); // Load the connected IdPs by selecting their h3 titles cy.countIdps(5) @@ -23,12 +23,12 @@ context('WayfMouseBehaviour', () => { }); it('Should show ten connected IdPs', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=10'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=10'); cy.countIdps(10); }); it('Should show no connected IdPs when cutoff point is configured', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=6&cutoffPointForShowingUnfilteredIdps=5'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=6&cutoffPointForShowingUnfilteredIdps=5'); cy.countIdps(0); cy.get('.mod-search-input').type('IdP'); @@ -36,7 +36,7 @@ context('WayfMouseBehaviour', () => { }); it('Should show the return to service link when configured', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=5&backLink=true'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=5&backLink=true'); cy.onPage('Select an organisation to login to the service'); cy.onPage('Return to service provider'); @@ -50,7 +50,7 @@ context('WayfMouseBehaviour', () => { }); it('Should show the remember my choice option', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=5&rememberChoiceFeature=true'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=5&rememberChoiceFeature=true'); // Ensure some elements are on the page cy.onPage('Select an organisation to login to the service'); cy.onPage('Remember my choice'); diff --git a/tests/e2e/cypress/integration/shared/consent.a11y.spec.js b/tests/e2e/cypress/integration/shared/consent.a11y.spec.js index 1ff9087d22..1d55d3cb46 100644 --- a/tests/e2e/cypress/integration/shared/consent.a11y.spec.js +++ b/tests/e2e/cypress/integration/shared/consent.a11y.spec.js @@ -1,6 +1,6 @@ context('Consent verify a11y', () => { beforeEach(() => { - cy.visit('https://engine.vm.openconext.org/functional-testing/consent'); + cy.visit('https://engine.dev.openconext.local/functional-testing/consent'); }); it('contains no a11y problems on load', () => { diff --git a/tests/e2e/cypress/integration/shared/cookieRemoval.a11y.spec.js b/tests/e2e/cypress/integration/shared/cookieRemoval.a11y.spec.js index d70c10add1..11d84e6a0c 100644 --- a/tests/e2e/cypress/integration/shared/cookieRemoval.a11y.spec.js +++ b/tests/e2e/cypress/integration/shared/cookieRemoval.a11y.spec.js @@ -3,7 +3,7 @@ */ context.skip('Cookie removal page verify a11y', () => { beforeEach(() => { - cy.visit('https://engine.vm.openconext.org/authentication/idp/remove-cookies'); + cy.visit('https://engine.dev.openconext.local/authentication/idp/remove-cookies'); }); it('contains no a11y problems on load', () => { diff --git a/tests/e2e/cypress/integration/shared/error.a11y.spec.js b/tests/e2e/cypress/integration/shared/error.a11y.spec.js index 6bb9121b3a..3a3a17d70d 100644 --- a/tests/e2e/cypress/integration/shared/error.a11y.spec.js +++ b/tests/e2e/cypress/integration/shared/error.a11y.spec.js @@ -1,26 +1,26 @@ context('Error pages verify a11y', () => { it('Unknown error page contains no a11y problems on load', () => { - cy.visit('https://engine.vm.openconext.org/feedback/unknown-error', {failOnStatusCode: false + cy.visit('https://engine.dev.openconext.local/feedback/unknown-error', {failOnStatusCode: false }); cy.injectAxe(); cy.checkA11y(); }); it('Unknown error page contains no html errors', () => { - cy.visit('https://engine.vm.openconext.org/feedback/unknown-error', {failOnStatusCode: false + cy.visit('https://engine.dev.openconext.local/feedback/unknown-error', {failOnStatusCode: false }); cy.htmlvalidate(); }); it('404 page contains no a11y problems on load', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/a;dkfj;ad', {failOnStatusCode: false + cy.visit('https://engine.dev.openconext.local/functional-testing/a;dkfj;ad', {failOnStatusCode: false }); cy.injectAxe(); cy.checkA11y(); }); it('404 page contains no html errors', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/a;dkfj;ad', {failOnStatusCode: false + cy.visit('https://engine.dev.openconext.local/functional-testing/a;dkfj;ad', {failOnStatusCode: false }); cy.htmlvalidate(); }); diff --git a/tests/e2e/cypress/integration/shared/index.a11y.spec.js b/tests/e2e/cypress/integration/shared/index.a11y.spec.js index a9ebb675dd..6d203f4628 100644 --- a/tests/e2e/cypress/integration/shared/index.a11y.spec.js +++ b/tests/e2e/cypress/integration/shared/index.a11y.spec.js @@ -1,6 +1,6 @@ context('Index verify a11y', () => { beforeEach(() => { - cy.visit('https://engine.vm.openconext.org/'); + cy.visit('https://engine.dev.openconext.local/'); }); diff --git a/tests/e2e/cypress/integration/shared/logout.a11y.spec.js b/tests/e2e/cypress/integration/shared/logout.a11y.spec.js index dc6533add1..6dd94c34b3 100644 --- a/tests/e2e/cypress/integration/shared/logout.a11y.spec.js +++ b/tests/e2e/cypress/integration/shared/logout.a11y.spec.js @@ -1,13 +1,13 @@ context('Logout page verify a11y', () => { it('Logout page contains no a11y problems on load', () => { - cy.visit('https://engine.vm.openconext.org/logout', {failOnStatusCode: false + cy.visit('https://engine.dev.openconext.local/logout', {failOnStatusCode: false }); cy.injectAxe(); cy.checkA11y(); }); it('Logout page contains no html errors', () => { - cy.visit('https://engine.vm.openconext.org/logout', {failOnStatusCode: false + cy.visit('https://engine.dev.openconext.local/logout', {failOnStatusCode: false }); cy.htmlvalidate(); }); diff --git a/tests/e2e/cypress/integration/shared/wayf.a11y.spec.js b/tests/e2e/cypress/integration/shared/wayf.a11y.spec.js index a1c30514af..7d3c346e0b 100644 --- a/tests/e2e/cypress/integration/shared/wayf.a11y.spec.js +++ b/tests/e2e/cypress/integration/shared/wayf.a11y.spec.js @@ -1,6 +1,6 @@ context('Wayf verify a11y', () => { beforeEach(() => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); }); it('contains no a11y problems on load', () => { diff --git a/tests/e2e/cypress/integration/skeune/consent/consent.general.spec.js b/tests/e2e/cypress/integration/skeune/consent/consent.general.spec.js index db0e8347e4..60b9c78100 100644 --- a/tests/e2e/cypress/integration/skeune/consent/consent.general.spec.js +++ b/tests/e2e/cypress/integration/skeune/consent/consent.general.spec.js @@ -3,7 +3,7 @@ import {attribute6, labelSelector, nokSectionTitleSelector, tooltip3Selector} fr context('Consent on Skeune theme', () => { beforeEach(() => { - cy.visit('https://engine.vm.openconext.org/functional-testing/consent'); + cy.visit('https://engine.dev.openconext.local/functional-testing/consent'); }); describe('Handles additional attributes correctly', () => { @@ -34,7 +34,7 @@ context('Consent on Skeune theme', () => { describe('Shows the right content on load', () => { it('Shows the global site notice', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/consent?showGlobalSiteNotice=1'); + cy.visit('https://engine.dev.openconext.local/functional-testing/consent?showGlobalSiteNotice=1'); cy.beVisible(siteNoticeSelector); }); }); diff --git a/tests/e2e/cypress/integration/skeune/consent/consent.keyboard.spec.js b/tests/e2e/cypress/integration/skeune/consent/consent.keyboard.spec.js index a6e1969170..697b431d09 100644 --- a/tests/e2e/cypress/integration/skeune/consent/consent.keyboard.spec.js +++ b/tests/e2e/cypress/integration/skeune/consent/consent.keyboard.spec.js @@ -6,7 +6,7 @@ import {backButtonSelector, contentSectionSelector, nokButtonSelectorForKeyboard */ context('Consent when using the keyboard', () => { beforeEach(() => { - cy.visit('https://engine.vm.openconext.org/functional-testing/consent'); + cy.visit('https://engine.dev.openconext.local/functional-testing/consent'); }); describe('Test showing / hiding the extra attributes', () => { diff --git a/tests/e2e/cypress/integration/skeune/consent/consent.mouse.spec.js b/tests/e2e/cypress/integration/skeune/consent/consent.mouse.spec.js index d3a27a48c3..1570f1c629 100644 --- a/tests/e2e/cypress/integration/skeune/consent/consent.mouse.spec.js +++ b/tests/e2e/cypress/integration/skeune/consent/consent.mouse.spec.js @@ -6,7 +6,7 @@ import {backButtonSelector, contentSectionSelector, nokButtonSelector, nokSectio */ context('Consent when using the mouse', () => { beforeEach(() => { - cy.visit('https://engine.vm.openconext.org/functional-testing/consent'); + cy.visit('https://engine.dev.openconext.local/functional-testing/consent'); }); describe('Test showing / hiding the extra attributes', () => { diff --git a/tests/e2e/cypress/integration/skeune/error/error.general.spec.js b/tests/e2e/cypress/integration/skeune/error/error.general.spec.js index 4fdc8f5538..48d8818ec3 100644 --- a/tests/e2e/cypress/integration/skeune/error/error.general.spec.js +++ b/tests/e2e/cypress/integration/skeune/error/error.general.spec.js @@ -9,7 +9,7 @@ import { */ context('Error pages on skeune theme', () => { it('Test if the error page loads with the unknown error notice & all components', () => { - cy.visit('https://engine.vm.openconext.org/feedback/unknown-error', {failOnStatusCode: false + cy.visit('https://engine.dev.openconext.local/feedback/unknown-error', {failOnStatusCode: false }); cy.beVisible(errorTitleHeadingSelector); cy.beVisible(errorTitleMessageSelector); @@ -21,7 +21,7 @@ context('Error pages on skeune theme', () => { }); it('Test if a faulty url loads the 404 page with all components', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/a;dkfj;ad', {failOnStatusCode: false + cy.visit('https://engine.dev.openconext.local/functional-testing/a;dkfj;ad', {failOnStatusCode: false }); cy.beVisible(errorTitleHeadingSelector); cy.beVisible(errorTitleMessageSelector); diff --git a/tests/e2e/cypress/integration/skeune/index/index.general.spec.js b/tests/e2e/cypress/integration/skeune/index/index.general.spec.js index 8e7ad94fe6..ae42394625 100644 --- a/tests/e2e/cypress/integration/skeune/index/index.general.spec.js +++ b/tests/e2e/cypress/integration/skeune/index/index.general.spec.js @@ -3,7 +3,7 @@ import {siteNoticeSelector} from '../../../../../../theme/base/javascripts/selec context('Index on Skeune theme', () => { beforeEach(() => { - cy.visit('https://engine.vm.openconext.org/'); + cy.visit('https://engine.dev.openconext.local/'); }); it('Renders the index page and has all relevant data', () => { @@ -14,7 +14,7 @@ context('Index on Skeune theme', () => { }); it('Shows the global site notice', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/consent?showGlobalSiteNotice=1'); + cy.visit('https://engine.dev.openconext.local/functional-testing/consent?showGlobalSiteNotice=1'); cy.beVisible(siteNoticeSelector); }); }); diff --git a/tests/e2e/cypress/integration/skeune/wayf/wayf.general.spec.js b/tests/e2e/cypress/integration/skeune/wayf/wayf.general.spec.js index 8cfd1c2f9e..a7c4432c70 100644 --- a/tests/e2e/cypress/integration/skeune/wayf/wayf.general.spec.js +++ b/tests/e2e/cypress/integration/skeune/wayf/wayf.general.spec.js @@ -17,21 +17,21 @@ import { context('WAYF behaviour not tied to mouse / keyboard navigation', () => { describe('Test elements shown on page', () => { it('Should not show backLink and rememberChoice', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.notOnPage('Identity providers without access').should('not.exist'); cy.notOnPage('Remember my choice'); cy.notOnPage('Return to service provider'); }); it('Should show ten connected IdPs', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=10'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=10'); // 11 because of the template div cy.get(idpTitle) .should('have.length', 11); }); it('Should show no connected IdPs when cutoff point is configured', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=6&cutoffPointForShowingUnfilteredIdps=5'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=6&cutoffPointForShowingUnfilteredIdps=5'); cy.get(remainingIdpSelector) .should('not.be.visible'); }); @@ -45,7 +45,7 @@ context('WAYF behaviour not tied to mouse / keyboard navigation', () => { }); it('Should show 5 disconnected IdPs', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?displayUnconnectedIdpsWayf=1&unconnectedIdps=5'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?displayUnconnectedIdpsWayf=1&unconnectedIdps=5'); // cy.get(unconnectedIdpSelector) .should('have.length', 6) @@ -53,21 +53,21 @@ context('WAYF behaviour not tied to mouse / keyboard navigation', () => { }); it('Should show no disconnected IdPs when the flag is false', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?displayUnconnectedIdpsWayf=0&unconnectedIdps=5'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?displayUnconnectedIdpsWayf=0&unconnectedIdps=5'); cy.get(unconnectedIdpSelector) .should('not.be.visible') .should('have.length', 1); }); it.only('Shows the global site notice', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?showGlobalSiteNotice=1'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?showGlobalSiteNotice=1'); cy.beVisible(siteNoticeSelector); }); }); describe('Test if search works as it should', () => { it('Should show no results when no IdPs are found', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get(searchFieldSelector).type('OllekebollekeKnol'); cy.get(noResultSectionSelector).should('be.visible'); cy.get(searchSubmitSelector).should('have.class', 'visually-hidden'); @@ -75,7 +75,7 @@ context('WAYF behaviour not tied to mouse / keyboard navigation', () => { }); it('Should be able to search for an idp', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get(searchFieldSelector).type('4'); // When the user starts typing, the reset (x) button should appear, replacing the search icon cy.get(searchSubmitSelector).should('have.class', 'visually-hidden'); @@ -88,7 +88,7 @@ context('WAYF behaviour not tied to mouse / keyboard navigation', () => { }); it('Should get the correct weight for an idp with a full match on the title', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=50'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=50'); cy.get(searchFieldSelector).type('Connected Idp 4 en'); cy.get(weight215Selector) .should('have.length', 1) @@ -96,49 +96,49 @@ context('WAYF behaviour not tied to mouse / keyboard navigation', () => { }); it('Should get the correct weight for an idp with a partial match on the title', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=50'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=50'); cy.get(searchFieldSelector).type('Connected Idp 4'); cy.get(weight82Selector) .should('have.length', 10); }); it('Should get the correct weight for an idp with a full match on the keyword', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=50'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=50'); cy.get(searchFieldSelector).type('awesome idp'); cy.get(weight100Selector) .should('have.length', 50); }); it('Should get the correct weight for an idp with a partial match on the keyword', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=50'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=50'); cy.get(searchFieldSelector).type('awesome'); cy.get(weight8Selector) .should('have.length', 50); }); it('Should get the correct weight for an idp with a full match on the entityId', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=50'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=50'); cy.get(searchFieldSelector).type('https://example.com/entityId/1'); cy.get(weight60Selector) .should('have.length', 1); }); it('Should get the correct weight for an idp with a partial match on the entityId', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=50'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=50'); cy.get(searchFieldSelector).type('/1'); cy.get(weight7Selector) .should('have.length', 11); }); it('Should not take into account the space at the end of a searchTerm', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get(searchFieldSelector).type('con 1'); cy.get(remainingIdpSelector) .should('have.length', 5); }); it('Should reset the search text when clicking the reset button', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get(searchFieldSelector).type('con 1'); cy.get(searchResetSelector).click({force:true}); cy.get(searchSubmitSelector).should('be.visible'); @@ -151,7 +151,7 @@ context('WAYF behaviour not tied to mouse / keyboard navigation', () => { describe('Should show five connected IdPs, the search field and the defaultIdp CTA', () => { it('Get the connected IdPs & check if it\'s correct', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get(idpTitle) .should('have.length', 6) .eq(2) @@ -159,22 +159,22 @@ context('WAYF behaviour not tied to mouse / keyboard navigation', () => { }); it('Check if the search field is present', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get(searchFieldSelector).should('exist'); }); it('Check if the defaultIdp is present', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.contains(defaultIdpInformational, 'is available as an alternative'); }); it('Ensure the CTA is not present when the feature flag is disabled', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?showIdPBanner=0'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?showIdPBanner=0'); cy.get(defaultIdpInformational).should('not.exist'); }); it('Ensure the default IdP has the correct data attribute', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?defaultIdpEntityId=https://example.com/entityId/3'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?defaultIdpEntityId=https://example.com/entityId/3'); cy.get('div[data-entityid="https://example.com/entityId/3"]') .should('have.id', 'defaultIdp'); }); @@ -182,13 +182,13 @@ context('WAYF behaviour not tied to mouse / keyboard navigation', () => { describe('Should show the remember my choice option', () => { it('Ensure some elements are on the page', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=5&rememberChoiceFeature=true'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=5&rememberChoiceFeature=true'); cy.onPage('Select an account to login'); cy.onPage('Remember my choice'); }); it('Ensure some elements are NOT on the page', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=5&rememberChoiceFeature=true'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=5&rememberChoiceFeature=true'); cy.notOnPage('Identity providers without access'); cy.notOnPage('Return to service provideraccess'); }); @@ -196,7 +196,7 @@ context('WAYF behaviour not tied to mouse / keyboard navigation', () => { describe('Should show the return to service link when configured', () => { it('Load the page & check if the page is there', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=5&backLink=true'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=5&backLink=true'); cy.get('.wayf__backLink') .should('be.visible'); }); @@ -204,13 +204,13 @@ context('WAYF behaviour not tied to mouse / keyboard navigation', () => { describe('Test hides and shows IdP list', () => { it('Should hide the IdP link when search term is provided', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get('.search__field').type('search-term'); cy.get(defaultIdpInformational).should('not.be.visible'); }); it('Should show the IdP link when search term is provided', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get('.search__field').clear(); cy.onPage('If your organisation is not listed'); }); diff --git a/tests/e2e/cypress/integration/skeune/wayf/wayf.keyboard.spec.js b/tests/e2e/cypress/integration/skeune/wayf/wayf.keyboard.spec.js index 93d9d93cbc..b9894be02c 100644 --- a/tests/e2e/cypress/integration/skeune/wayf/wayf.keyboard.spec.js +++ b/tests/e2e/cypress/integration/skeune/wayf/wayf.keyboard.spec.js @@ -29,33 +29,33 @@ import {firstRemainingIdp, firstSelectedIdpDeleteDisable, selectedIdpDataIndex1} context('WAYF when using the keyboard', () => { describe('Test logging in', () => { it('Should login when selecting an idp', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get(remainingIdpSelector) .eq(1) .focus() .type('{enter}'); cy.location().should((loc) => { - expect(loc.href).to.eq('https://engine.vm.openconext.org/?idp=https%3A//example.com/entityId/2'); + expect(loc.href).to.eq('https://engine.dev.openconext.local/?idp=https%3A//example.com/entityId/2'); }); - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); }); it('Should login to first IdP when hitting enter', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get(searchFieldSelector) .type('{enter}'); cy.location().should((loc) => { - expect(loc.href).to.eq('https://engine.vm.openconext.org/?idp=https%3A//example.com/entityId/1'); + expect(loc.href).to.eq('https://engine.dev.openconext.local/?idp=https%3A//example.com/entityId/1'); }); }); it('Should login to topmost IdP when hitting enter', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get(searchFieldSelector) .type('2') .type('{enter}'); cy.location().should((loc) => { - expect(loc.href).to.eq('https://engine.vm.openconext.org/?idp=https%3A//example.com/entityId/2'); + expect(loc.href).to.eq('https://engine.dev.openconext.local/?idp=https%3A//example.com/entityId/2'); }); }); }); @@ -63,7 +63,7 @@ context('WAYF when using the keyboard', () => { // todo if html spec is changed, or cypress fixes bug 6207, get rid of the manual focus on search. See https://github.com/cypress-io/cypress/issues/6207 describe('Should be able to traverse the remaining idp section with arrow keys', () => { it('check if pressing down works as expected', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?showIdpBanner=1'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?showIdpBanner=1'); cy.get(searchFieldSelector).focus(); cy.pressArrowOnIdpList('down', searchFieldClass); cy.pressArrowOnIdpList('down', defaultIdpClass); @@ -76,7 +76,7 @@ context('WAYF when using the keyboard', () => { }); it('check if pressing up works as expected', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?showIdpBanner=1'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?showIdpBanner=1'); cy.get(searchFieldSelector).focus(); cy.pressArrowOnIdpList('up', searchFieldClass); cy.pressArrowOnIdpList('up', idpClass, '5'); @@ -128,7 +128,7 @@ context('WAYF when using the keyboard', () => { it('Should be able to partially fill the request access form and get validation message', () => { cy.clearAllCookies(); - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?displayUnconnectedIdpsWayf=true&unconnectedIdps=5'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?displayUnconnectedIdpsWayf=true&unconnectedIdps=5'); cy.openUnconnectedIdp(); cy.focusAndEnter(showFormSelector); cy.fillNoAccessForm(); @@ -179,12 +179,12 @@ context('WAYF when using the keyboard', () => { describe('Should have a working default Idp Banner', () => { it('Should have a default Idp banner visible', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?showIdpBanner=1'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?showIdpBanner=1'); cy.beVisible(defaultIdpSelector); }); it('Should scroll to the default Idp when clicking the banner link', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=10&defaultIdpEntityId=https://example.com/entityId/9&showIdpBanner=1'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=10&defaultIdpEntityId=https://example.com/entityId/9&showIdpBanner=1'); // click the banner link & check if it did what it should have cy.focusAndEnter(defaultIdpSelector); @@ -215,7 +215,7 @@ context('WAYF when using the keyboard', () => { cy.addOnePreviouslySelectedIdp(); cy.selectFirstIdp(false, selectedIdpDataIndex1); cy.location().should((loc) => { - expect(loc.href).to.eq('https://engine.vm.openconext.org/?idp=https%3A//example.com/entityId/1'); + expect(loc.href).to.eq('https://engine.dev.openconext.local/?idp=https%3A//example.com/entityId/1'); }); }); diff --git a/tests/e2e/cypress/integration/skeune/wayf/wayf.mouse.spec.js b/tests/e2e/cypress/integration/skeune/wayf/wayf.mouse.spec.js index a7e10902ff..43d79e03d7 100644 --- a/tests/e2e/cypress/integration/skeune/wayf/wayf.mouse.spec.js +++ b/tests/e2e/cypress/integration/skeune/wayf/wayf.mouse.spec.js @@ -7,14 +7,14 @@ import {firstRemainingIdp, firstSelectedIdpDeleteDisable, selectedIdpDataIndex1} context('WAYF when using the mouse', () => { describe('Test logging in', () => { it('Should login when selecting an idp', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); cy.get(remainingIdpSelector) .eq(1) .click({force: true}); cy.location().should((loc) => { - expect(loc.href).to.eq('https://engine.vm.openconext.org/?idp=https%3A//example.com/entityId/2'); + expect(loc.href).to.eq('https://engine.dev.openconext.local/?idp=https%3A//example.com/entityId/2'); }); - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf'); }); }); @@ -85,12 +85,12 @@ context('WAYF when using the mouse', () => { describe('Should have a working default Idp Banner', () => { it('Should have a default Idp banner visible', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?showIdpBanner=1'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?showIdpBanner=1'); cy.get(defaultIdpSelector).should('be.visible'); }); it('Should scroll to the default Idp when clicking the banner link', () => { - cy.visit('https://engine.vm.openconext.org/functional-testing/wayf?connectedIdps=10&defaultIdpEntityId=https://example.com/entityId/9&showIdpBanner=1'); + cy.visit('https://engine.dev.openconext.local/functional-testing/wayf?connectedIdps=10&defaultIdpEntityId=https://example.com/entityId/9&showIdpBanner=1'); // click the banner link & check if it did what it should have cy.get(defaultIdpSelector).click(); @@ -123,7 +123,7 @@ context('WAYF when using the mouse', () => { cy.addOnePreviouslySelectedIdp(false); cy.selectFirstIdp(true, selectedIdpDataIndex1); cy.location().should((loc) => { - expect(loc.href).to.eq('https://engine.vm.openconext.org/?idp=https%3A//example.com/entityId/1'); + expect(loc.href).to.eq('https://engine.dev.openconext.local/?idp=https%3A//example.com/entityId/1'); }); }); diff --git a/tests/e2e/cypress/support/commands.js b/tests/e2e/cypress/support/commands.js index a89cb55158..89a22e3a6f 100644 --- a/tests/e2e/cypress/support/commands.js +++ b/tests/e2e/cypress/support/commands.js @@ -80,7 +80,7 @@ Cypress.Commands.add('selectFirstIdp', (click = true, firstElementSelector = '.w cy.get(firstElementSelector).type('{enter}', {force: true}); }); -Cypress.Commands.add('selectFirstIdpAndReturn', (click = true, url = 'https://engine.vm.openconext.org/functional-testing/wayf') => { +Cypress.Commands.add('selectFirstIdpAndReturn', (click = true, url = 'https://engine.dev.openconext.local/functional-testing/wayf') => { cy.selectFirstIdp(click).then(() => { cy.visit(url); }); @@ -104,7 +104,7 @@ Cypress.Commands.add('hitDeleteButton', (click = true, deleteSelector = '.wayf__ cy.get(deleteSelector).focus().type('{enter}', {force: true}); }); -Cypress.Commands.add('openUnconnectedIdp', (keyboard = true, url = 'https://engine.vm.openconext.org/functional-testing/wayf?displayUnconnectedIdpsWayf=true&unconnectedIdps=5', idpSelector = '.wayf__idp[data-entityid="https://unconnected.example.com/entityId/4"]') => { +Cypress.Commands.add('openUnconnectedIdp', (keyboard = true, url = 'https://engine.dev.openconext.local/functional-testing/wayf?displayUnconnectedIdpsWayf=true&unconnectedIdps=5', idpSelector = '.wayf__idp[data-entityid="https://unconnected.example.com/entityId/4"]') => { cy.visit(url); if (keyboard) { @@ -128,11 +128,11 @@ Cypress.Commands.add('fillNoAccessForm', (keyboard = true, showFormSelector = '. cy.get('#motivation').focus().type('tis toapuh dattem tuis is', {force: true}); }); -Cypress.Commands.add('loadWayf', (url = 'https://engine.vm.openconext.org/functional-testing/wayf') => { +Cypress.Commands.add('loadWayf', (url = 'https://engine.dev.openconext.local/functional-testing/wayf') => { cy.visit(url); }); -Cypress.Commands.add('addOnePreviouslySelectedIdp', (keyboard = true, url = 'https://engine.vm.openconext.org/functional-testing/wayf') => { +Cypress.Commands.add('addOnePreviouslySelectedIdp', (keyboard = true, url = 'https://engine.dev.openconext.local/functional-testing/wayf') => { cy.loadWayf(url).then(() => { cy.selectFirstIdpAndReturn(!keyboard, url); }); diff --git a/tests/e2e/cypress/visual-regression/openconext/ConsentPage.spec.js b/tests/e2e/cypress/visual-regression/openconext/ConsentPage.spec.js index c76b87aefc..39169a712c 100644 --- a/tests/e2e/cypress/visual-regression/openconext/ConsentPage.spec.js +++ b/tests/e2e/cypress/visual-regression/openconext/ConsentPage.spec.js @@ -6,7 +6,7 @@ const viewports = [ const pageTests = [ { title: 'default', - url: 'https://engine.vm.openconext.org/functional-testing/consent' + url: 'https://engine.dev.openconext.local/functional-testing/consent' } ]; diff --git a/tests/e2e/cypress/visual-regression/openconext/ErrorPage.spec.js b/tests/e2e/cypress/visual-regression/openconext/ErrorPage.spec.js index 0e209447aa..79687d5d7b 100644 --- a/tests/e2e/cypress/visual-regression/openconext/ErrorPage.spec.js +++ b/tests/e2e/cypress/visual-regression/openconext/ErrorPage.spec.js @@ -6,94 +6,94 @@ const viewports = [ const pageTests = [ { title: 'unable-to-receive-message', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unable-to-receive-message&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98", "serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unable-to-receive-message&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98", "serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}' }, { title: 'session-lost', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=session-lost' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=session-lost' }, { title: 'session-not-started', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=session-not-started' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=session-not-started' }, { title: 'no-idps', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=no-idps&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName":"OpenConext Drop Supplies SP"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=no-idps&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName":"OpenConext Drop Supplies SP"}' }, { title: 'no-idps-sp-proxy', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=no-idps&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914","ipAddress":"192.168.66.98","currentServiceProvider":"https://current-sp.entity-id.org/proxy-metadata","serviceProvider":"https://current-sp.entity-id.org/proxy-metadata","serviceProviderName":"OpenConext Drop Supplies SP","proxyServiceProvider":"https://current-sp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=no-idps&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914","ipAddress":"192.168.66.98","currentServiceProvider":"https://current-sp.entity-id.org/proxy-metadata","serviceProvider":"https://current-sp.entity-id.org/proxy-metadata","serviceProviderName":"OpenConext Drop Supplies SP","proxyServiceProvider":"https://current-sp.entity-id.org/metadata"}' }, { title: 'invalid-acs-location', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=invalid-acs-location&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=invalid-acs-location&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'unsupported-acs-location-scheme', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unsupported-acs-location-scheme&feedback-info={"statusCode": "418", "statusMessage": "(No message provided)", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unsupported-acs-location-scheme&feedback-info={"statusCode": "418", "statusMessage": "(No message provided)", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'missing-required-fields', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=missing-required-fields&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98", "serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=missing-required-fields&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98", "serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'invalid-acs-binding', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=invalid-acs-binding&feedback-info={"serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=invalid-acs-binding&feedback-info={"serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'received-error-status-code', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=received-error-status-code' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=received-error-status-code' }, { title: 'received-invalid-signed-response', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=received-invalid-signed-response&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=received-invalid-signed-response&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'received-invalid-response', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=received-invalid-response&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=received-invalid-response&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'unknown_requesterid_in_authnrequest', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unknown-requesterid-in-authnrequest&feedback-info={"Idp Hash": "64531cc179d0d2e66243c30e58125f0a", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unknown-requesterid-in-authnrequest&feedback-info={"Idp Hash": "64531cc179d0d2e66243c30e58125f0a", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP"}' }, { title: 'unknown-preselected-idp', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unknown-preselected-idp&feedback-info={"Idp Hash": "64531cc179d0d2e66243c30e58125f0a", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unknown-preselected-idp&feedback-info={"Idp Hash": "64531cc179d0d2e66243c30e58125f0a", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP"}' }, { title: 'stuck-in-authentication-loop', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=stuck-in-authentication-loop&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=stuck-in-authentication-loop&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'clock-issue', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=clock-issue&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=clock-issue&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'unsupported-signature-method', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unsupported-signature-method&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"signatureMethod":"https://www.w3.org/2000/09/xmldsig%23rsa-sha1"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unsupported-signature-method&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"signatureMethod":"https://www.w3.org/2000/09/xmldsig%23rsa-sha1"}' }, { title: 'unknown-service-provider', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unknown-service-provider&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"entityId":"https://serviceregistry.vm.openconext.org/simplesaml/module.php/saml/sp/metadata.php/default-sp"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unknown-service-provider&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"entityId":"https://serviceregistry.dev.openconext.local/simplesaml/module.php/saml/sp/metadata.php/default-sp"}' }, { title: 'unknown-identity-provider', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unknown-identity-provider&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","IdentityProvider":"https://current-idp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"entityId":"https://serviceregistry.vm.openconext.org/simplesaml/module.php/saml/idp/metadata.php/default-idp"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unknown-identity-provider&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","IdentityProvider":"https://current-idp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"entityId":"https://serviceregistry.dev.openconext.local/simplesaml/module.php/saml/idp/metadata.php/default-idp"}' }, { title: 'invalid-attribute-value', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=invalid-attribute-value&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}¶meters={"attributeName":"schacHomeOrganization","attributeValue":"openconext"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=invalid-attribute-value&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}¶meters={"attributeName":"schacHomeOrganization","attributeValue":"openconext"}' }, { title: 'no-authentication-request-received', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=no-authentication-request-received¶meters={"message":"No SAMLRequest parameter was found in the HTTP POST request parameters"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=no-authentication-request-received¶meters={"message":"No SAMLRequest parameter was found in the HTTP POST request parameters"}' }, { title: 'authorization-policy-violation', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=authorization-policy-violation&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}¶meters={"logo":{"height":"96","width":"96","url":"https://static.vm.openconext.org/media/conext_logo.png"},"policyDecisionMessage":"No localized deny messages present"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=authorization-policy-violation&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}¶meters={"logo":{"height":"96","width":"96","url":"https://static.dev.openconext.local/media/conext_logo.png"},"policyDecisionMessage":"No localized deny messages present"}' }, { title: 'uncaught-error', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unknown-error&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unknown-error&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'authn-context-class-ref-blacklisted', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=authn-context-class-ref-blacklisted&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=authn-context-class-ref-blacklisted&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'stepup-callout-unmet-loa', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=stepup-callout-unmet-loa&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=stepup-callout-unmet-loa&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' }, { title: 'stepup-callout-user-cancelled', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=stepup-callout-user-cancelled&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=stepup-callout-user-cancelled&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' }, { title: 'stepup-callout-unknown', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=stepup-callout-unknown&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=stepup-callout-unknown&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' }, { title: 'metadata-entity-id-not-found', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=metadata-entity-not-found¶meters={"message":"Could not find your entity"}&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=metadata-entity-not-found¶meters={"message":"Could not find your entity"}&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98"}' }, { title: 'invalid-mfa-authn-context-class-ref', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=invalid-mfa-authn-context-class-ref&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}', + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=invalid-mfa-authn-context-class-ref&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}', }, { title: '', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=invalid-mfa-authn-context-class-ref&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}', + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=invalid-mfa-authn-context-class-ref&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}', } ]; diff --git a/tests/e2e/cypress/visual-regression/openconext/Footer.spec.js b/tests/e2e/cypress/visual-regression/openconext/Footer.spec.js index a33cf26577..f20230f0da 100644 --- a/tests/e2e/cypress/visual-regression/openconext/Footer.spec.js +++ b/tests/e2e/cypress/visual-regression/openconext/Footer.spec.js @@ -5,16 +5,16 @@ const viewports = [ const pageTests = [ { title: 'all-buttons-visible', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unable-to-receive-message&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://mock-idp"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unable-to-receive-message&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://mock-idp"}' }, { title: 'only-support-email-hidden', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unable-to-receive-message' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unable-to-receive-message' }, { title: 'only-wiki-hidden', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=missing-required-fields&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://mock-idp"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=missing-required-fields&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://mock-idp"}' }, { title: 'support-email-and-wiki-button-hidden', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=missing-required-fields' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=missing-required-fields' }, ]; diff --git a/tests/e2e/cypress/visual-regression/skeune/ConsentPage.spec.js b/tests/e2e/cypress/visual-regression/skeune/ConsentPage.spec.js index c76b87aefc..39169a712c 100644 --- a/tests/e2e/cypress/visual-regression/skeune/ConsentPage.spec.js +++ b/tests/e2e/cypress/visual-regression/skeune/ConsentPage.spec.js @@ -6,7 +6,7 @@ const viewports = [ const pageTests = [ { title: 'default', - url: 'https://engine.vm.openconext.org/functional-testing/consent' + url: 'https://engine.dev.openconext.local/functional-testing/consent' } ]; diff --git a/tests/e2e/cypress/visual-regression/skeune/ErrorPage.spec.js b/tests/e2e/cypress/visual-regression/skeune/ErrorPage.spec.js index 0e209447aa..79687d5d7b 100644 --- a/tests/e2e/cypress/visual-regression/skeune/ErrorPage.spec.js +++ b/tests/e2e/cypress/visual-regression/skeune/ErrorPage.spec.js @@ -6,94 +6,94 @@ const viewports = [ const pageTests = [ { title: 'unable-to-receive-message', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unable-to-receive-message&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98", "serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unable-to-receive-message&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98", "serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}' }, { title: 'session-lost', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=session-lost' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=session-lost' }, { title: 'session-not-started', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=session-not-started' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=session-not-started' }, { title: 'no-idps', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=no-idps&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName":"OpenConext Drop Supplies SP"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=no-idps&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName":"OpenConext Drop Supplies SP"}' }, { title: 'no-idps-sp-proxy', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=no-idps&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914","ipAddress":"192.168.66.98","currentServiceProvider":"https://current-sp.entity-id.org/proxy-metadata","serviceProvider":"https://current-sp.entity-id.org/proxy-metadata","serviceProviderName":"OpenConext Drop Supplies SP","proxyServiceProvider":"https://current-sp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=no-idps&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914","ipAddress":"192.168.66.98","currentServiceProvider":"https://current-sp.entity-id.org/proxy-metadata","serviceProvider":"https://current-sp.entity-id.org/proxy-metadata","serviceProviderName":"OpenConext Drop Supplies SP","proxyServiceProvider":"https://current-sp.entity-id.org/metadata"}' }, { title: 'invalid-acs-location', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=invalid-acs-location&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=invalid-acs-location&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'unsupported-acs-location-scheme', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unsupported-acs-location-scheme&feedback-info={"statusCode": "418", "statusMessage": "(No message provided)", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unsupported-acs-location-scheme&feedback-info={"statusCode": "418", "statusMessage": "(No message provided)", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'missing-required-fields', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=missing-required-fields&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98", "serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=missing-required-fields&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98", "serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'invalid-acs-binding', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=invalid-acs-binding&feedback-info={"serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=invalid-acs-binding&feedback-info={"serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'received-error-status-code', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=received-error-status-code' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=received-error-status-code' }, { title: 'received-invalid-signed-response', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=received-invalid-signed-response&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=received-invalid-signed-response&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'received-invalid-response', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=received-invalid-response&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=received-invalid-response&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'unknown_requesterid_in_authnrequest', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unknown-requesterid-in-authnrequest&feedback-info={"Idp Hash": "64531cc179d0d2e66243c30e58125f0a", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unknown-requesterid-in-authnrequest&feedback-info={"Idp Hash": "64531cc179d0d2e66243c30e58125f0a", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP"}' }, { title: 'unknown-preselected-idp', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unknown-preselected-idp&feedback-info={"Idp Hash": "64531cc179d0d2e66243c30e58125f0a", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unknown-preselected-idp&feedback-info={"Idp Hash": "64531cc179d0d2e66243c30e58125f0a", "requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP"}' }, { title: 'stuck-in-authentication-loop', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=stuck-in-authentication-loop&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=stuck-in-authentication-loop&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'clock-issue', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=clock-issue&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=clock-issue&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'unsupported-signature-method', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unsupported-signature-method&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"signatureMethod":"https://www.w3.org/2000/09/xmldsig%23rsa-sha1"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unsupported-signature-method&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"signatureMethod":"https://www.w3.org/2000/09/xmldsig%23rsa-sha1"}' }, { title: 'unknown-service-provider', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unknown-service-provider&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"entityId":"https://serviceregistry.vm.openconext.org/simplesaml/module.php/saml/sp/metadata.php/default-sp"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unknown-service-provider&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"entityId":"https://serviceregistry.dev.openconext.local/simplesaml/module.php/saml/sp/metadata.php/default-sp"}' }, { title: 'unknown-identity-provider', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unknown-identity-provider&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","IdentityProvider":"https://current-idp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"entityId":"https://serviceregistry.vm.openconext.org/simplesaml/module.php/saml/idp/metadata.php/default-idp"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unknown-identity-provider&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","IdentityProvider":"https://current-idp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP"}¶meters={"entityId":"https://serviceregistry.dev.openconext.local/simplesaml/module.php/saml/idp/metadata.php/default-idp"}' }, { title: 'invalid-attribute-value', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=invalid-attribute-value&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}¶meters={"attributeName":"schacHomeOrganization","attributeValue":"openconext"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=invalid-attribute-value&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}¶meters={"attributeName":"schacHomeOrganization","attributeValue":"openconext"}' }, { title: 'no-authentication-request-received', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=no-authentication-request-received¶meters={"message":"No SAMLRequest parameter was found in the HTTP POST request parameters"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=no-authentication-request-received¶meters={"message":"No SAMLRequest parameter was found in the HTTP POST request parameters"}' }, { title: 'authorization-policy-violation', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=authorization-policy-violation&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}¶meters={"logo":{"height":"96","width":"96","url":"https://static.vm.openconext.org/media/conext_logo.png"},"policyDecisionMessage":"No localized deny messages present"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=authorization-policy-violation&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}¶meters={"logo":{"height":"96","width":"96","url":"https://static.dev.openconext.local/media/conext_logo.png"},"policyDecisionMessage":"No localized deny messages present"}' }, { title: 'uncaught-error', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unknown-error&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unknown-error&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'authn-context-class-ref-blacklisted', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=authn-context-class-ref-blacklisted&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=authn-context-class-ref-blacklisted&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}' }, { title: 'stepup-callout-unmet-loa', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=stepup-callout-unmet-loa&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=stepup-callout-unmet-loa&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' }, { title: 'stepup-callout-user-cancelled', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=stepup-callout-user-cancelled&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=stepup-callout-user-cancelled&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' }, { title: 'stepup-callout-unknown', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=stepup-callout-unknown&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=stepup-callout-unknown&feedback-info=%7B%22statusCode%22%3A%22Responder%2FAuthnFailed%22%2C%22statusMessage%22%3A%22Authentication+cancelled+by+user%22%2C%22requestId%22%3A%225cb4bd3879b49%22%2C%22ipAddress%22%3A%22192.168.66.98%22%2C%22artCode%22%3A%2231914%22%7D&lang=en' }, { title: 'metadata-entity-id-not-found', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=metadata-entity-not-found¶meters={"message":"Could not find your entity"}&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=metadata-entity-not-found¶meters={"message":"Could not find your entity"}&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98"}' }, { title: 'invalid-mfa-authn-context-class-ref', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=invalid-mfa-authn-context-class-ref&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}', + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=invalid-mfa-authn-context-class-ref&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}', }, { title: '', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=invalid-mfa-authn-context-class-ref&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}', + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=invalid-mfa-authn-context-class-ref&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata","serviceProviderName":"OpenConext Drop Supplies SP","IdentityProvider":"https://current-idp.entity-id.org/metadata"}', } ]; diff --git a/tests/e2e/cypress/visual-regression/skeune/Footer.spec.js b/tests/e2e/cypress/visual-regression/skeune/Footer.spec.js index a33cf26577..f20230f0da 100644 --- a/tests/e2e/cypress/visual-regression/skeune/Footer.spec.js +++ b/tests/e2e/cypress/visual-regression/skeune/Footer.spec.js @@ -5,16 +5,16 @@ const viewports = [ const pageTests = [ { title: 'all-buttons-visible', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unable-to-receive-message&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://mock-idp"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unable-to-receive-message&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://mock-idp"}' }, { title: 'only-support-email-hidden', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=unable-to-receive-message' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=unable-to-receive-message' }, { title: 'only-wiki-hidden', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=missing-required-fields&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://mock-idp"}' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=missing-required-fields&feedback-info={"requestId":"5cb4bd3879b49","artCode":"31914", "ipAddress":"192.168.66.98","serviceProvider":"https://current-sp.entity-id.org/metadata", "serviceProviderName": "OpenConext Drop Supplies SP","IdentityProvider":"https://mock-idp"}' }, { title: 'support-email-and-wiki-button-hidden', - url: 'https://engine.vm.openconext.org/functional-testing/feedback?template=missing-required-fields' + url: 'https://engine.dev.openconext.local/functional-testing/feedback?template=missing-required-fields' }, ]; diff --git a/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/AttributeReleasePolicyControllerApiTest.php b/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/AttributeReleasePolicyControllerApiTest.php index 66f34d5827..11f585f163 100644 --- a/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/AttributeReleasePolicyControllerApiTest.php +++ b/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/AttributeReleasePolicyControllerApiTest.php @@ -46,7 +46,7 @@ public function tearDown(): void public function authentication_is_required_for_applying_arps() { $unauthenticatedClient = static::createClient(); - $unauthenticatedClient->request('POST', 'https://engine-api.vm.openconext.org/arp'); + $unauthenticatedClient->request('POST', 'https://engine-api.dev.openconext.local/arp'); $this->assertStatusCode(Response::HTTP_UNAUTHORIZED, $unauthenticatedClient); } @@ -66,7 +66,7 @@ public function only_post_requests_are_allowed_when_applying_arp($invalidHttpMet 'PHP_AUTH_PW' => $this->getContainer()->getParameter('api.users.profile.password'), ]); - $client->request($invalidHttpMethod, 'https://engine-api.vm.openconext.org/arp'); + $client->request($invalidHttpMethod, 'https://engine-api.dev.openconext.local/arp'); $this->assertStatusCode(Response::HTTP_METHOD_NOT_ALLOWED, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); @@ -86,7 +86,7 @@ public function cannot_apply_arp_if_user_does_not_have_profile_role() 'PHP_AUTH_PW' => 'no_roles', ]); - $client->request('POST', 'https://engine-api.vm.openconext.org/arp'); + $client->request('POST', 'https://engine-api.dev.openconext.local/arp'); $this->assertStatusCode(Response::HTTP_FORBIDDEN, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); @@ -111,7 +111,7 @@ public function cannot_push_invalid_content_to_the_arp_api($invalidJsonPayload) $client->request( 'POST', - 'https://engine-api.vm.openconext.org/arp', + 'https://engine-api.dev.openconext.local/arp', [], [], [], @@ -153,7 +153,7 @@ public function all_attributes_are_released_through_the_arp_api_if_no_arp_is_fou $client->request( 'POST', - 'https://engine-api.vm.openconext.org/arp', + 'https://engine-api.dev.openconext.local/arp', [], [], [], @@ -220,7 +220,7 @@ public function arps_are_applied_to_sps_and_attributes_by_the_arp_api() $client->request( 'POST', - 'https://engine-api.vm.openconext.org/arp', + 'https://engine-api.dev.openconext.local/arp', [], [], [], @@ -294,7 +294,7 @@ public function arps_matching_on_exact_keys_are_applied_to_sps_and_attributes_by $client->request( 'POST', - 'https://engine-api.vm.openconext.org/arp', + 'https://engine-api.dev.openconext.local/arp', [], [], [], @@ -368,7 +368,7 @@ public function arps_matching_on_partial_keys_are_applied_to_sps_and_attributes_ $client->request( 'POST', - 'https://engine-api.vm.openconext.org/arp', + 'https://engine-api.dev.openconext.local/arp', [], [], [], diff --git a/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/ConnectionsControllerTest.php b/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/ConnectionsControllerTest.php index ed922ada3b..304e2f4b88 100644 --- a/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/ConnectionsControllerTest.php +++ b/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/ConnectionsControllerTest.php @@ -39,7 +39,7 @@ class ConnectionsControllerTest extends WebTestCase public function authentication_is_required_for_pushing_metadata() { $unauthenticatedClient = static::createClient();; - $unauthenticatedClient->request('POST', 'https://engine-api.vm.openconext.org/api/connections'); + $unauthenticatedClient->request('POST', 'https://engine-api.dev.openconext.local/api/connections'); $this->assertStatusCode(Response::HTTP_UNAUTHORIZED, $unauthenticatedClient); } @@ -59,7 +59,7 @@ public function only_post_requests_are_allowed_when_pushing_metadata($invalidHtt 'PHP_AUTH_PW' => $this->getContainer()->getParameter('api.users.metadataPush.password'), ]); - $client->request($invalidHttpMethod, 'https://engine-api.vm.openconext.org/api/connections'); + $client->request($invalidHttpMethod, 'https://engine-api.dev.openconext.local/api/connections'); $this->assertStatusCode(Response::HTTP_METHOD_NOT_ALLOWED, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); @@ -82,7 +82,7 @@ public function cannot_push_metadata_if_feature_is_disabled() $this->disableMetadataPushApiFeatureFor($client); - $client->request('POST', 'https://engine-api.vm.openconext.org/api/connections'); + $client->request('POST', 'https://engine-api.dev.openconext.local/api/connections'); $this->assertStatusCode(Response::HTTP_NOT_FOUND, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); @@ -102,7 +102,7 @@ public function cannot_push_metadata_if_user_does_not_have_manage_role() 'PHP_AUTH_PW' => 'no_roles', ]); - $client->request('POST', 'https://engine-api.vm.openconext.org/api/connections'); + $client->request('POST', 'https://engine-api.dev.openconext.local/api/connections'); $this->assertStatusCode(Response::HTTP_FORBIDDEN, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); @@ -127,7 +127,7 @@ public function cannot_push_invalid_content_to_the_metadata_push_api($invalidJso $client->request( 'POST', - 'https://engine-api.vm.openconext.org/api/connections', + 'https://engine-api.dev.openconext.local/api/connections', [], [], [], @@ -161,7 +161,7 @@ public function pushing_data_to_engineblock_should_succeed() $client->request( 'POST', - 'https://engine-api.vm.openconext.org/api/connections', + 'https://engine-api.dev.openconext.local/api/connections', [], [], [], @@ -230,7 +230,7 @@ public function pushing_data_with_coins_to_engineblock_should_succeed() $client->request( 'POST', - 'https://engine-api.vm.openconext.org/api/connections', + 'https://engine-api.dev.openconext.local/api/connections', [], [], [], @@ -316,7 +316,7 @@ public function pushing_manage_sfo_data_should_succeed() $client->request( 'POST', - 'https://engine-api.vm.openconext.org/api/connections', + 'https://engine-api.dev.openconext.local/api/connections', [], [], [], @@ -375,7 +375,7 @@ public function pushing_data_to_engineblock_can_fail() $client->request( 'POST', - 'https://engine-api.vm.openconext.org/api/connections', + 'https://engine-api.dev.openconext.local/api/connections', [], [], [], diff --git a/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/ConsentControllerTest.php b/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/ConsentControllerTest.php index 754d713a02..66e03cb552 100644 --- a/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/ConsentControllerTest.php +++ b/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/ConsentControllerTest.php @@ -62,11 +62,11 @@ public function authentication_is_required_for_accessing_the_consent_api() $userId = 'my-name-id'; $unauthenticatedClient = static::createClient(); - $unauthenticatedClient->request('GET', 'https://engine-api.vm.openconext.org/consent/' . $userId); + $unauthenticatedClient->request('GET', 'https://engine-api.dev.openconext.local/consent/' . $userId); $this->assertStatusCode(Response::HTTP_UNAUTHORIZED, $unauthenticatedClient); $unauthenticatedClient = static::createClient(); - $unauthenticatedClient->request('POST', 'https://engine-api.vm.openconext.org/remove-consent'); + $unauthenticatedClient->request('POST', 'https://engine-api.dev.openconext.local/remove-consent'); $this->assertStatusCode(Response::HTTP_UNAUTHORIZED, $unauthenticatedClient); } @@ -89,7 +89,7 @@ public function only_get_requests_are_allowed_when_accessing_the_consent_api($in 'PHP_AUTH_PW' => $this->getContainer()->getParameter('api.users.profile.password'), ]); - $client->request($invalidHttpMethod, 'https://engine-api.vm.openconext.org/consent/' . $userId); + $client->request($invalidHttpMethod, 'https://engine-api.dev.openconext.local/consent/' . $userId); $this->assertStatusCode(Response::HTTP_METHOD_NOT_ALLOWED, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); @@ -114,7 +114,7 @@ public function cannot_access_the_consent_api_if_the_feature_has_been_disabled() $this->disableConsentApiFeatureFor($client); - $client->request('GET', 'https://engine-api.vm.openconext.org/consent/' . $userId); + $client->request('GET', 'https://engine-api.dev.openconext.local/consent/' . $userId); $this->assertStatusCode(Response::HTTP_NOT_FOUND, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); @@ -136,7 +136,7 @@ public function cannot_access_the_consent_api_if_user_does_not_have_profile_role 'PHP_AUTH_PW' => 'no_roles', ]); - $client->request('GET', 'https://engine-api.vm.openconext.org/consent/' . $userId); + $client->request('GET', 'https://engine-api.dev.openconext.local/consent/' . $userId); $this->assertStatusCode(Response::HTTP_FORBIDDEN, $client); @@ -159,7 +159,7 @@ public function a_consent_listing_for_a_not_found_user_is_retrieved_as_an_empty_ 'PHP_AUTH_PW' => $this->getContainer()->getParameter('api.users.profile.password'), ]); - $client->request('GET', 'https://engine-api.vm.openconext.org/consent/' . $userId); + $client->request('GET', 'https://engine-api.dev.openconext.local/consent/' . $userId); $this->assertStatusCode(Response::HTTP_OK, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); @@ -216,7 +216,7 @@ public function a_consent_listing_for_a_given_user_is_retrieved_from_the_consent $this->addServiceProviderFixture($serviceProvider); $this->addConsentFixture($userId, $spEntityId, $attributeHash, $consentType, $consentDate, $deletedAt); - $client->request('GET', 'https://engine-api.vm.openconext.org/consent/' . $userId); + $client->request('GET', 'https://engine-api.dev.openconext.local/consent/' . $userId); $this->assertStatusCode(Response::HTTP_OK, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); @@ -300,7 +300,7 @@ public function consent_is_soft_deleted_from_the_consent_api() $this->addConsentFixture($userId, $spEntityId, $attributeHash, $consentType, $consentDate, $deletedAt); $data = json_encode(['collabPersonId' => $userId, 'serviceProviderEntityId' => $spEntityId]); - $client->request('POST', 'https://engine-api.vm.openconext.org/remove-consent', [], [], [], $data); + $client->request('POST', 'https://engine-api.dev.openconext.local/remove-consent', [], [], [], $data); $this->assertStatusCode(Response::HTTP_OK, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); $this->assertTrue($isContentTypeJson, 'Response should have Content-Type: application/json header'); @@ -367,7 +367,7 @@ public function consent_is_soft_deleted_from_the_consent_api_multiple_soft_delet $this->assertEquals(1, $count['active']); $this->assertEquals(2, $count['removed']); $data = json_encode(['collabPersonId' => $userId, 'serviceProviderEntityId' => $spEntityId]); - $client->request('POST', 'https://engine-api.vm.openconext.org/remove-consent', [], [], [], $data); + $client->request('POST', 'https://engine-api.dev.openconext.local/remove-consent', [], [], [], $data); $this->assertStatusCode(Response::HTTP_OK, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); $this->assertTrue($isContentTypeJson, 'Response should have Content-Type: application/json header'); @@ -397,7 +397,7 @@ public function cannot_access_the_remove_consent_api_if_the_feature_has_been_dis $this->disableRemoveConsentApiFeatureFor($client); $data = json_encode(['collabPersonId' => $collabPersonId, 'serviceProviderEntityId' => 'https://example.com/metadata']); - $client->request('POST', 'https://engine-api.vm.openconext.org/remove-consent', [], [], [], $data); + $client->request('POST', 'https://engine-api.dev.openconext.local/remove-consent', [], [], [], $data); $this->assertStatusCode(Response::HTTP_NOT_FOUND, $client); $this->assertResponseIsJson($client); @@ -430,7 +430,7 @@ public function cannot_access_the_remove_consent_api_if_user_does_not_have_profi ]); $data = json_encode(['collabPersonId' => $collabPersonId, 'serviceProviderEntityId' => 'https://example.com/metadata']); - $client->request('POST', 'https://engine-api.vm.openconext.org/remove-consent', [], [], [], $data); + $client->request('POST', 'https://engine-api.dev.openconext.local/remove-consent', [], [], [], $data); $this->assertStatusCode(Response::HTTP_FORBIDDEN, $client); $this->assertResponseIsJson($client); @@ -449,7 +449,7 @@ public function no_consent_is_removed_if_request_parameters_are_missing_or_incor ]); $data = json_encode(['userId' => 'urn:collab:person:test', 'serviceProviderId' => 'https://example.com/metadata']); - $client->request('POST', 'https://engine-api.vm.openconext.org/remove-consent', [], [], [], $data); + $client->request('POST', 'https://engine-api.dev.openconext.local/remove-consent', [], [], [], $data); $this->assertStatusCode(Response::HTTP_FOUND, $client); $this->assertResponseIsJson($client); @@ -468,7 +468,7 @@ public function no_consent_is_removed_if_collab_person_id_is_unknown() ]); $data = json_encode(['collabPersonId' => 'urn:collab:person:test', 'serviceProviderEntityId' => 'https://example.com/metadata']); - $client->request('POST', 'https://engine-api.vm.openconext.org/remove-consent', [], [], [], $data); + $client->request('POST', 'https://engine-api.dev.openconext.local/remove-consent', [], [], [], $data); $this->assertStatusCode(Response::HTTP_OK, $client); $this->assertResponseIsJson($client); @@ -537,7 +537,7 @@ public function cannot_access_the_consent_post_api_if_the_engineblock_consent_fe $this->disableEngineConsentFeatureFor($client); $data = json_encode(['collabPersonId' => $collabPersonId, 'serviceProviderEntityId' => 'https://example.com/metadata']); - $client->request('POST', 'https://engine-api.vm.openconext.org/remove-consent', [], [], [], $data); + $client->request('POST', 'https://engine-api.dev.openconext.local/remove-consent', [], [], [], $data); $this->assertStatusCode(Response::HTTP_NOT_FOUND, $client); $this->assertResponseIsJson($client); @@ -561,7 +561,7 @@ public function cannot_access_the_consent_get_api_if_the_engineblock_consent_fea $this->disableEngineConsentFeatureFor($client); - $client->request('GET', 'https://engine-api.vm.openconext.org/consent/' . $userId); + $client->request('GET', 'https://engine-api.dev.openconext.local/consent/' . $userId); $this->assertStatusCode(Response::HTTP_NOT_FOUND, $client); $isContentTypeJson = $client->getResponse()->headers->contains('Content-Type', 'application/json'); diff --git a/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/DeprovisionControllerTest.php b/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/DeprovisionControllerTest.php index d4557dbfde..50d9122701 100644 --- a/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/DeprovisionControllerTest.php +++ b/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/DeprovisionControllerTest.php @@ -45,19 +45,19 @@ public function authentication_is_required_for_accessing_the_deprovision_api() $collabPersonId = 'urn:collab:person:test'; $unauthenticatedClient = static::createClient(); - $unauthenticatedClient->request('GET', 'https://engine-api.vm.openconext.org/deprovision/' . $collabPersonId); + $unauthenticatedClient->request('GET', 'https://engine-api.dev.openconext.local/deprovision/' . $collabPersonId); $this->assertStatusCode(Response::HTTP_UNAUTHORIZED, $unauthenticatedClient); $unauthenticatedClient = static::createClient(); - $unauthenticatedClient->request('DELETE', 'https://engine-api.vm.openconext.org/deprovision/' . $collabPersonId); + $unauthenticatedClient->request('DELETE', 'https://engine-api.dev.openconext.local/deprovision/' . $collabPersonId); $this->assertStatusCode(Response::HTTP_UNAUTHORIZED, $unauthenticatedClient); $unauthenticatedClient = static::createClient(); - $unauthenticatedClient->request('DELETE', 'https://engine-api.vm.openconext.org/deprovision/' . $collabPersonId . '/dry-run'); + $unauthenticatedClient->request('DELETE', 'https://engine-api.dev.openconext.local/deprovision/' . $collabPersonId . '/dry-run'); $this->assertStatusCode(Response::HTTP_UNAUTHORIZED, $unauthenticatedClient); $unauthenticatedClient = static::createClient(); - $unauthenticatedClient->request('DELETE', 'https://engine-api.vm.openconext.org/remove-consent'); + $unauthenticatedClient->request('DELETE', 'https://engine-api.dev.openconext.local/remove-consent'); $this->assertStatusCode(Response::HTTP_UNAUTHORIZED, $unauthenticatedClient); } @@ -75,13 +75,13 @@ public function only_get_or_delete_requests_are_allowed_when_accessing_the_depro 'PHP_AUTH_PW' => $this->getContainer()->getParameter('api.users.deprovision.password'), ]); - $client->request('PUT', 'https://engine-api.vm.openconext.org/deprovision/' . $collabPersonId); + $client->request('PUT', 'https://engine-api.dev.openconext.local/deprovision/' . $collabPersonId); $this->assertStatusCode(Response::HTTP_METHOD_NOT_ALLOWED, $client); - $client->request('HEAD', 'https://engine-api.vm.openconext.org/deprovision/' . $collabPersonId); + $client->request('HEAD', 'https://engine-api.dev.openconext.local/deprovision/' . $collabPersonId); $this->assertStatusCode(Response::HTTP_METHOD_NOT_ALLOWED, $client); - $client->request('GET', 'https://engine-api.vm.openconext.org/deprovision/' . $collabPersonId . '/dry-run'); + $client->request('GET', 'https://engine-api.dev.openconext.local/deprovision/' . $collabPersonId . '/dry-run'); $this->assertStatusCode(Response::HTTP_METHOD_NOT_ALLOWED, $client); $this->assertResponseIsJson($client); @@ -104,7 +104,7 @@ public function cannot_access_the_deprovision_api_if_the_feature_has_been_disabl $this->disableDeprovisionApiFeatureFor($client); - $client->request('GET', 'https://engine-api.vm.openconext.org/deprovision/' . $collabPersonId); + $client->request('GET', 'https://engine-api.dev.openconext.local/deprovision/' . $collabPersonId); $this->assertStatusCode(Response::HTTP_NOT_FOUND, $client); $this->assertResponseIsJson($client); @@ -124,7 +124,7 @@ public function cannot_access_the_deprovision_api_if_user_does_not_have_deprovis 'PHP_AUTH_PW' => 'no_roles', ]); - $client->request('GET', 'https://engine-api.vm.openconext.org/deprovision/' . $collabPersonId); + $client->request('GET', 'https://engine-api.dev.openconext.local/deprovision/' . $collabPersonId); $this->assertStatusCode(Response::HTTP_FORBIDDEN, $client); $this->assertResponseIsJson($client); @@ -144,7 +144,7 @@ public function no_user_data_is_returned_if_collab_person_id_is_unknown($method, 'PHP_AUTH_PW' => $this->getContainer()->getParameter('api.users.deprovision.password'), ]); - $client->request($method, 'https://engine-api.vm.openconext.org/' . trim($path, '/')); + $client->request($method, 'https://engine-api.dev.openconext.local/' . trim($path, '/')); $this->assertStatusCode(Response::HTTP_OK, $client); $this->assertResponseIsJson($client); @@ -208,7 +208,7 @@ public function all_user_data_for_collab_person_id_is_retrieved_and_deleted($met $this->addConsentFixture($userId, $spEntityId1, $attributeHash, $consentType, $consentDate); $this->addConsentFixture($userId, $spEntityId2, $attributeHash, $consentType, $consentDate); - $client->request($method, 'https://engine-api.vm.openconext.org/' . trim($path, '/')); + $client->request($method, 'https://engine-api.dev.openconext.local/' . trim($path, '/')); $this->assertStatusCode(Response::HTTP_OK, $client); $this->assertResponseIsJson($client); @@ -266,7 +266,7 @@ public function all_user_data_for_collab_person_id_is_retrieved_and_deleted($met $this->assertEquals($expectedData, $responseData); // Now test if the data was deleted by checking the response of a subsequent call to the API. - $client->request('GET', 'https://engine-api.vm.openconext.org/deprovision/urn:collab:person:test'); + $client->request('GET', 'https://engine-api.dev.openconext.local/deprovision/urn:collab:person:test'); $responseData = json_decode($client->getResponse()->getContent(), true); if ($method === 'DELETE' && !preg_match('#/dry-run$#', $path)) { diff --git a/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/HeartbeatControllerTest.php b/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/HeartbeatControllerTest.php index 3ea41b6af7..9ec9ee3be6 100644 --- a/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/HeartbeatControllerTest.php +++ b/tests/functional/OpenConext/EngineBlockBundle/Controller/Api/HeartbeatControllerTest.php @@ -31,7 +31,7 @@ final class HeartbeatControllerTest extends WebTestCase public function engineblock_has_a_heartbeat() { $client = $this->createClient(); - $client->request('GET', 'https://engine-api.vm.openconext.org/'); + $client->request('GET', 'https://engine-api.dev.openconext.local/'); $this->assertStatusCode(Response::HTTP_OK, $client); } diff --git a/tests/integration/OpenConext/EngineBlock/Metadata/Entity/Assembler/PushMetadataAssemblerTest.php b/tests/integration/OpenConext/EngineBlock/Metadata/Entity/Assembler/PushMetadataAssemblerTest.php index a27b9f006a..8f25e8211c 100644 --- a/tests/integration/OpenConext/EngineBlock/Metadata/Entity/Assembler/PushMetadataAssemblerTest.php +++ b/tests/integration/OpenConext/EngineBlock/Metadata/Entity/Assembler/PushMetadataAssemblerTest.php @@ -99,7 +99,7 @@ public function test_it_rejects_invalid_acs_location_schemes($acsLocation) }, "logo": [{ "width": "96", - "url": "https:\/\/static.vm.openconext.org\/media\/conext_logo.png", + "url": "https:\/\/static.dev.openconext.local\/media\/conext_logo.png", "height": "96" }], "name": { @@ -107,7 +107,7 @@ public function test_it_rejects_invalid_acs_location_schemes($acsLocation) "nl": "Test SP" } }, - "name": "https:\/\/serviceregistry.vm.openconext.org\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-sp", + "name": "https:\/\/serviceregistry.dev.openconext.local\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-sp", "state": "prodaccepted", "type": "saml20-sp" } @@ -199,7 +199,7 @@ public function test_it_assembles_sfo_settings() } } }, - "name": "https:\/\/serviceregistry.vm.openconext.org\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-sp", + "name": "https:\/\/serviceregistry.dev.openconext.local\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-sp", "state": "prodaccepted", "type": "saml20-sp" }, @@ -214,7 +214,7 @@ public function test_it_assembles_sfo_settings() "level": "http://test.openconext.nl/assurance/loa3" } ], - "name": "https:\/\/serviceregistry.vm.openconext.org\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-idp", + "name": "https:\/\/serviceregistry.dev.openconext.local\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-idp", "state": "prodaccepted", "type": "saml20-idp" } @@ -253,7 +253,7 @@ public function test_it_does_not_assemble_invalid_sfo_settings() "level3": "http://test.openconext.nl/assurance/loa3" } ], - "name": "https:\/\/serviceregistry.vm.openconext.org\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-idp", + "name": "https:\/\/serviceregistry.dev.openconext.local\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-idp", "state": "prodaccepted", "type": "saml20-idp" } @@ -277,13 +277,13 @@ public function test_it_assembles_mfa_entity_settings() $connection = '{ "2d96e27a-76cf-4ca2-ac70-ece5d4c49524": { "mfa_entities": [{ - "name": "https://teams.vm.openconext.org/shibboleth", + "name": "https://teams.dev.openconext.local/shibboleth", "level": "http://schemas.microsoft.com/claims/multipleauthn" }, { - "name": "https://aa.vm.openconext.org/shibboleth", + "name": "https://aa.dev.openconext.local/shibboleth", "level": "http://schemas.microsoft.com/claims/multipleauthn" }], - "name": "https:\/\/serviceregistry.vm.openconext.org\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-idp", + "name": "https:\/\/serviceregistry.dev.openconext.local\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-idp", "state": "prodaccepted", "type": "saml20-idp" } @@ -305,7 +305,7 @@ public function test_mfa_entity_settings_are_optional() { $connection = '{ "2d96e27a-76cf-4ca2-ac70-ece5d4c49524": { - "name": "https:\/\/serviceregistry.vm.openconext.org\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-idp", + "name": "https:\/\/serviceregistry.dev.openconext.local\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-idp", "state": "prodaccepted", "type": "saml20-idp" } @@ -328,16 +328,16 @@ public function test_it_assembles_mfa_entity_settings_with_transparent_option() $connection = '{ "2d96e27a-76cf-4ca2-ac70-ece5d4c49524": { "mfa_entities": [{ - "name": "https://teams.vm.openconext.org/shibboleth", + "name": "https://teams.dev.openconext.local/shibboleth", "level": "http://schemas.microsoft.com/claims/multipleauthn" }, { - "name": "https://aa.vm.openconext.org/shibboleth", + "name": "https://aa.dev.openconext.local/shibboleth", "level": "http://schemas.microsoft.com/claims/multipleauthn" }, { - "name": "https://test-sp.vm.openconext.org", + "name": "https://test-sp.dev.openconext.local", "level": "transparent_authn_context" }], - "name": "https:\/\/serviceregistry.vm.openconext.org\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-idp", + "name": "https:\/\/serviceregistry.dev.openconext.local\/simplesaml\/module.php\/saml\/sp\/metadata.php\/default-idp", "state": "prodaccepted", "type": "saml20-idp" } @@ -353,7 +353,7 @@ public function test_it_assembles_mfa_entity_settings_with_transparent_option() $mfaEntities = $idp->getCoins()->mfaEntities(); $this->assertInstanceOf(MfaEntityCollection::class, $mfaEntities); $this->assertCount(3, $mfaEntities); - $transparent = $mfaEntities->findByEntityId('https://test-sp.vm.openconext.org'); + $transparent = $mfaEntities->findByEntityId('https://test-sp.dev.openconext.local'); $this->assertInstanceOf(TransparentMfaEntity::class, $transparent); } diff --git a/tests/resources/saml/responses/assertion_id_does_not_match_signature_reference_uri.xml b/tests/resources/saml/responses/assertion_id_does_not_match_signature_reference_uri.xml index d8b98d62eb..b3de5fbc99 100644 --- a/tests/resources/saml/responses/assertion_id_does_not_match_signature_reference_uri.xml +++ b/tests/resources/saml/responses/assertion_id_does_not_match_signature_reference_uri.xml @@ -1,6 +1,6 @@ admin + Recipient="https://engine.dev.openconext.local/authentication/sp/consume-assertion"/> - https://engine.vm.openconext.org/authentication/sp/metadata + https://engine.dev.openconext.local/authentication/sp/metadata diff --git a/tests/resources/saml/responses/h01_response.xml b/tests/resources/saml/responses/h01_response.xml index 2b33b6fb40..28c54aaa3d 100644 --- a/tests/resources/saml/responses/h01_response.xml +++ b/tests/resources/saml/responses/h01_response.xml @@ -1,5 +1,5 @@ - + http://mock-idp @@ -40,12 +40,12 @@ admin - + - https://engine.vm.openconext.org/authentication/sp/metadata + https://engine.dev.openconext.local/authentication/sp/metadata @@ -87,12 +87,12 @@ john-a1 - + - https://engine.vm.openconext.org/authentication/sp/metadata + https://engine.dev.openconext.local/authentication/sp/metadata diff --git a/tests/resources/saml/responses/multiple_assertions_response.xml b/tests/resources/saml/responses/multiple_assertions_response.xml index 76cbd6c4cb..03f163c460 100644 --- a/tests/resources/saml/responses/multiple_assertions_response.xml +++ b/tests/resources/saml/responses/multiple_assertions_response.xml @@ -1,6 +1,6 @@ admin + Recipient="https://engine.dev.openconext.local/authentication/sp/consume-assertion"/> - https://engine.vm.openconext.org/authentication/sp/metadata + https://engine.dev.openconext.local/authentication/sp/metadata @@ -126,14 +126,14 @@ admin + Recipient="https://engine.dev.openconext.local/authentication/sp/consume-assertion"/> - https://engine.vm.openconext.org/authentication/sp/metadata + https://engine.dev.openconext.local/authentication/sp/metadata diff --git a/tests/resources/saml/responses/multiple_signed_info_elements.xml b/tests/resources/saml/responses/multiple_signed_info_elements.xml index 661f1a111e..4a86733254 100644 --- a/tests/resources/saml/responses/multiple_signed_info_elements.xml +++ b/tests/resources/saml/responses/multiple_signed_info_elements.xml @@ -1,6 +1,6 @@ admin + Recipient="https://engine.dev.openconext.local/authentication/sp/consume-assertion"/> - https://engine.vm.openconext.org/authentication/sp/metadata + https://engine.dev.openconext.local/authentication/sp/metadata diff --git a/tests/resources/saml/responses/signature_value_not_second_child.xml b/tests/resources/saml/responses/signature_value_not_second_child.xml index c6f92686d5..b74ab80aa2 100644 --- a/tests/resources/saml/responses/signature_value_not_second_child.xml +++ b/tests/resources/saml/responses/signature_value_not_second_child.xml @@ -1,6 +1,6 @@ admin + Recipient="https://engine.dev.openconext.local/authentication/sp/consume-assertion"/> - https://engine.vm.openconext.org/authentication/sp/metadata + https://engine.dev.openconext.local/authentication/sp/metadata diff --git a/tests/resources/saml/responses/signed_info_not_first_child.xml b/tests/resources/saml/responses/signed_info_not_first_child.xml index 57b3d67872..640f695c00 100644 --- a/tests/resources/saml/responses/signed_info_not_first_child.xml +++ b/tests/resources/saml/responses/signed_info_not_first_child.xml @@ -1,6 +1,6 @@ admin + Recipient="https://engine.dev.openconext.local/authentication/sp/consume-assertion"/> - https://engine.vm.openconext.org/authentication/sp/metadata + https://engine.dev.openconext.local/authentication/sp/metadata diff --git a/tests/unit/OpenConext/EngineBlock/Metadata/LoaRepositoryTest.php b/tests/unit/OpenConext/EngineBlock/Metadata/LoaRepositoryTest.php index aedf7470d0..79e70aa74a 100644 --- a/tests/unit/OpenConext/EngineBlock/Metadata/LoaRepositoryTest.php +++ b/tests/unit/OpenConext/EngineBlock/Metadata/LoaRepositoryTest.php @@ -43,7 +43,7 @@ public function test_it_can_find_by_loa_identifier() { $repository = new LoaRepository($this->getValidConfigAsArray()); - $existingLoa = 'http://vm.openconext.org/assurance/loa1'; + $existingLoa = 'http://dev.openconext.local/assurance/loa1'; $loa = $repository->getByIdentifier($existingLoa); $this->assertInstanceOf(Loa::class, $loa); @@ -84,10 +84,10 @@ public function test_it_raises_exceptions_when_constructed_with_invalid_configur private function getValidConfigAsArray() { return [ - 10 => ["engineblock" => "http://vm.openconext.org/assurance/loa1", "gateway" => "https://gateway.tld/authentication/loa1"], - 15 => ["engineblock" => "http://vm.openconext.org/assurance/loa1_5", "gateway" => "https://gateway.tld/authentication/loa1_5"], - 20 => ["engineblock" => "http://vm.openconext.org/assurance/loa2", "gateway" => "https://gateway.tld/authentication/loa2"], - 30 => ["engineblock" => "http://vm.openconext.org/assurance/loa3", "gateway" => "https://gateway.tld/authentication/loa3"] + 10 => ["engineblock" => "http://dev.openconext.local/assurance/loa1", "gateway" => "https://gateway.tld/authentication/loa1"], + 15 => ["engineblock" => "http://dev.openconext.local/assurance/loa1_5", "gateway" => "https://gateway.tld/authentication/loa1_5"], + 20 => ["engineblock" => "http://dev.openconext.local/assurance/loa2", "gateway" => "https://gateway.tld/authentication/loa2"], + 30 => ["engineblock" => "http://dev.openconext.local/assurance/loa3", "gateway" => "https://gateway.tld/authentication/loa3"] ]; } diff --git a/tests/unit/OpenConext/EngineBlock/Metadata/LoaTest.php b/tests/unit/OpenConext/EngineBlock/Metadata/LoaTest.php index 5b35089176..fe1671d7b9 100644 --- a/tests/unit/OpenConext/EngineBlock/Metadata/LoaTest.php +++ b/tests/unit/OpenConext/EngineBlock/Metadata/LoaTest.php @@ -55,10 +55,10 @@ public function test_loa_errors($level, $identifier) public function test_loa_can_be_compared_to_other_loa() { - $loa1 = Loa::create(10, 'https://vm.openconext.org/assurance/loa1'); - $loa15 = Loa::create(15, 'https://vm.openconext.org/assurance/loa1_5'); - $loa2 = Loa::create(20, 'https://vm.openconext.org/assurance/loa2'); - $loa3 = Loa::create(30, 'https://vm.openconext.org/assurance/loa3'); + $loa1 = Loa::create(10, 'https://dev.openconext.local/assurance/loa1'); + $loa15 = Loa::create(15, 'https://dev.openconext.local/assurance/loa1_5'); + $loa2 = Loa::create(20, 'https://dev.openconext.local/assurance/loa2'); + $loa3 = Loa::create(30, 'https://dev.openconext.local/assurance/loa3'); $this->assertTrue($loa3->levelIsHigherOrEqualTo($loa3)); $this->assertTrue($loa3->levelIsHigherOrEqualTo($loa2)); diff --git a/tests/unit/OpenConext/EngineBlock/Metadata/MfaEntityCollectionTest.php b/tests/unit/OpenConext/EngineBlock/Metadata/MfaEntityCollectionTest.php index aa1d2b3f60..b9d1a66eab 100644 --- a/tests/unit/OpenConext/EngineBlock/Metadata/MfaEntityCollectionTest.php +++ b/tests/unit/OpenConext/EngineBlock/Metadata/MfaEntityCollectionTest.php @@ -33,14 +33,14 @@ public function test_works_with_correct_data() { $collection = MfaEntityCollection::fromMetadataPush($this->validData()); $this->assertCount(2, $collection); - $entity = $collection->findByEntityId('https://teams.vm.openconext.org/shibboleth'); + $entity = $collection->findByEntityId('https://teams.dev.openconext.local/shibboleth'); $this->assertInstanceOf(MfaEntity::class, $entity); - $this->assertEquals('https://teams.vm.openconext.org/shibboleth', $entity->entityId()); + $this->assertEquals('https://teams.dev.openconext.local/shibboleth', $entity->entityId()); $this->assertEquals('http://schemas.microsoft.com/claims/multipleauthn', $entity->level()); - $entity = $collection->findByEntityId('https://aa.vm.openconext.org/shibboleth'); + $entity = $collection->findByEntityId('https://aa.dev.openconext.local/shibboleth'); $this->assertInstanceOf(MfaEntity::class, $entity); - $this->assertEquals('https://aa.vm.openconext.org/shibboleth', $entity->entityId()); + $this->assertEquals('https://aa.dev.openconext.local/shibboleth', $entity->entityId()); $this->assertEquals('http://schemas.microsoft.com/claims/multipleauthn', $entity->level()); } @@ -48,7 +48,7 @@ public function test_find_by_can_return_null() { $data = [ [ - "name" => "https://teams.vm.openconext.org/shibboleth", + "name" => "https://teams.dev.openconext.local/shibboleth", "level" => "http://schemas.microsoft.com/claims/multipleauthn", ], ]; @@ -60,11 +60,11 @@ public function test_rejects_duplicate_entity_ids() { $data = [ [ - "name" => "https://teams.vm.openconext.org/shibboleth", + "name" => "https://teams.dev.openconext.local/shibboleth", "level" => "http://schemas.microsoft.com/claims/multipleauthn", ], [ - "name" => "https://teams.vm.openconext.org/shibboleth", + "name" => "https://teams.dev.openconext.local/shibboleth", "level" => "http://schemas.microsoft.com/claims/multipleauthn", ], ]; @@ -78,11 +78,11 @@ private function validData(): array { return [ [ - "name" => "https://teams.vm.openconext.org/shibboleth", + "name" => "https://teams.dev.openconext.local/shibboleth", "level" => "http://schemas.microsoft.com/claims/multipleauthn", ], [ - "name" => "https://aa.vm.openconext.org/shibboleth", + "name" => "https://aa.dev.openconext.local/shibboleth", "level" => "http://schemas.microsoft.com/claims/multipleauthn", ], ]; diff --git a/theme/README.md b/theme/README.md index 144fb12488..4d33318475 100644 --- a/theme/README.md +++ b/theme/README.md @@ -91,7 +91,7 @@ This script changes the Twig theme and builds the chosen frontend theme assets. $ EB_THEME=skeune ./scripts/prepare-test.js ``` -The script must be run on the php-fpm instance on your CI environment as it also clears the application cache in order to let the correct Twig templates to be included in the cache. +The script must be run on the engine instance on your CI environment as it also clears the application cache in order to let the correct Twig templates to be included in the cache. ### Writing your own custom theme: @@ -149,7 +149,7 @@ To override a twig file create one with the same name in the same location. Thi Below you'll find a list of the "entry points" for each page with corresponding testing urls to ease development. If you want to override the entire page, you will need to have those in your theme. - consent page: - `templates > modules > authentication > view > proxy > consent.html.twig`. - - You can use `https://engine.vm.openconext.org/functional-testing/consent` to develop the page. + - You can use `https://engine.dev.openconext.local/functional-testing/consent` to develop the page. - To test group memberships, you will need to make the following change to \src\OpenConext\EngineBlockFunctionalTestingBundle\Controllers\ConsentController.php: - find the attribute `'urn:mace:dir:attribute-def:isMemberOf'` (at the time of writing on line 93) - add some values to the array. Eg: @@ -166,16 +166,16 @@ Below you'll find a list of the "entry points" for each page with corresponding ], ``` -- wayf: `templates > modules > authentication > view > proxy > wayf.html.twig `. You can use `https://engine.vm.openconext.org/functional-testing/wayf` to develop the page. -- error: `templates > modules > default > view > error > error.html.twig`. You can use `https://engine.vm.openconext.org/feedback/unknown-error` to develop the page. +- wayf: `templates > modules > authentication > view > proxy > wayf.html.twig `. You can use `https://engine.dev.openconext.local/functional-testing/wayf` to develop the page. +- error: `templates > modules > default > view > error > error.html.twig`. You can use `https://engine.dev.openconext.local/feedback/unknown-error` to develop the page. There are a lot of error pages. To test all different kinds, you can use the urls on this page: `https://github.com/OpenConext/OpenConext-engineblock/blob/master/tests/e2e/cypress/visual-regression/ErrorPage.spec.js#L72` - redirect page: `templates > modules > authentication > view > proxy > redirect.html.twig`. - spinner page: `templates > modules > authentication > view > proxy > form.html.twig`. To test it disable the onload handler on the body-tag and go to your profile (or load the page without JS). -- index.html.twig: `templates > modules > authentication > view > index > index.html.twig`. You can use `https://engine.vm.openconext.org/` to develop the page. -- cookie removal page: `templates > modules > authentication > view > identityprovider > remove-cookies.html.twig`. You can use `https://engine.vm.openconext.org/authentication/idp/remove-cookies` to develop the page. The page is only accessible if you set the `wayf.remember_choice` parameter in `parameters.yml` to true. -- debug page: `templates > modules > authentication > view > proxy > debug-idp-response.html.twig`. You can use `https://engine.vm.openconext.org/authentication/sp/debug` to develop the page. -- logout page: `templates > modules > logout > view > index > index.html.twig`. You can use `https://engine.vm.openconext.org/logout` to develop the page. +- index.html.twig: `templates > modules > authentication > view > index > index.html.twig`. You can use `https://engine.dev.openconext.local/` to develop the page. +- cookie removal page: `templates > modules > authentication > view > identityprovider > remove-cookies.html.twig`. You can use `https://engine.dev.openconext.local/authentication/idp/remove-cookies` to develop the page. The page is only accessible if you set the `wayf.remember_choice` parameter in `parameters.yml` to true. +- debug page: `templates > modules > authentication > view > proxy > debug-idp-response.html.twig`. You can use `https://engine.dev.openconext.local/authentication/sp/debug` to develop the page. +- logout page: `templates > modules > logout > view > index > index.html.twig`. You can use `https://engine.dev.openconext.local/logout` to develop the page. #### Supported feature / testing flags @@ -195,7 +195,7 @@ There is currently one flag which allows for testing a more realistic scenario. **The following test flag exist (name of query param):** - randomIdps: whether to use random Idp names (taken from a selection of real IDP names) with random connected status. Example usage: -`https://engine.vm.openconext.org/functional-testing/wayf?randomIdps=20&displayUnconnectedIdpsWayf=true` +`https://engine.dev.openconext.local/functional-testing/wayf?randomIdps=20&displayUnconnectedIdpsWayf=true` There are only 25 random names to choose from. If you enter a number larger than 25, number 26 & greater will receive names as normal for the FT idps. **Note:** these idps are randomly assigned connected / unconnected status.