github.com/masterhung0112/hk_server/v5@v5.0.0-20220302090640-ec71aef15e1c/api4/saml_test.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See LICENSE.txt for license information. 3 4 package api4 5 6 import ( 7 "net/http" 8 "testing" 9 10 "github.com/stretchr/testify/require" 11 12 "github.com/masterhung0112/hk_server/v5/einterfaces/mocks" 13 "github.com/masterhung0112/hk_server/v5/model" 14 ) 15 16 func TestGetSamlMetadata(t *testing.T) { 17 th := Setup(t) 18 defer th.TearDown() 19 Client := th.Client 20 21 _, resp := Client.GetSamlMetadata() 22 CheckNotImplementedStatus(t, resp) 23 24 // Rest is tested by enterprise tests 25 } 26 27 func TestSamlCompleteCSRFPass(t *testing.T) { 28 th := Setup(t).InitBasic() 29 defer th.TearDown() 30 31 url := th.Client.Url + "/login/sso/saml" 32 req, err := http.NewRequest("POST", url, nil) 33 if err != nil { 34 return 35 } 36 37 cookie1 := &http.Cookie{ 38 Name: model.SESSION_COOKIE_USER, 39 Value: th.BasicUser.Username, 40 } 41 cookie2 := &http.Cookie{ 42 Name: model.SESSION_COOKIE_TOKEN, 43 Value: th.Client.AuthToken, 44 } 45 req.AddCookie(cookie1) 46 req.AddCookie(cookie2) 47 48 client := &http.Client{} 49 resp, err := client.Do(req) 50 require.NoError(t, err) 51 require.NotEqual(t, http.StatusUnauthorized, resp.StatusCode) 52 defer resp.Body.Close() 53 } 54 55 func TestSamlResetId(t *testing.T) { 56 th := SetupEnterprise(t).InitBasic() 57 defer th.TearDown() 58 th.App.Srv().Saml = &mocks.SamlInterface{} 59 60 user := th.BasicUser 61 _, appErr := th.App.UpdateUserAuth(user.Id, &model.UserAuth{ 62 AuthData: model.NewString(model.NewId()), 63 AuthService: model.USER_AUTH_SERVICE_SAML, 64 }) 65 require.Nil(t, appErr) 66 67 _, resp := th.Client.ResetSamlAuthDataToEmail(false, false, nil) 68 CheckForbiddenStatus(t, resp) 69 70 numAffected, resp := th.SystemAdminClient.ResetSamlAuthDataToEmail(false, false, nil) 71 CheckOKStatus(t, resp) 72 require.Equal(t, int64(1), numAffected) 73 }