diff --git a/SecurityService.OpenIdConnect.IntegrationTests/Common/DockerHelper.cs b/SecurityService.OpenIdConnect.IntegrationTests/Common/DockerHelper.cs index 4101438a..b47734ea 100644 --- a/SecurityService.OpenIdConnect.IntegrationTests/Common/DockerHelper.cs +++ b/SecurityService.OpenIdConnect.IntegrationTests/Common/DockerHelper.cs @@ -70,7 +70,7 @@ private void SetupSecurityServiceTestUIContainer(String traceFolder) // Management API Container this.SecurityServiceTestUIContainer = new Builder().UseContainer().WithName(this.SecurityServiceTestUIContainerName) .WithEnvironment($"Authority=http://sferguson.ddns.net:55001", - $"ClientId=estateUIClient{this.TestId.ToString("N")}", + $"ClientId=estateUIClient{this.TestId:N}", "ClientSecret=Secret1") .UseImage("securityservicetestwebclient").ExposePort(5004) .UseNetwork(new List @@ -120,10 +120,11 @@ public Hooks(IObjectContainer objectContainer) [BeforeScenario(Order = 0)] public async Task BeforeScenario() { - ChromeOptions option = new ChromeOptions(); - option.AddArgument("--headless"); - this.WebDriver = new ChromeDriver(option); - //this.WebDriver = new ChromeDriver(); + ChromeOptions options = new ChromeOptions(); + options.AddArguments("--window-size=1920,1080"); + options.AddArguments("--start-maximized"); + options.AddArguments("--headless"); + this.WebDriver = new ChromeDriver(options); this.ObjectContainer.RegisterInstanceAs(this.WebDriver); } diff --git a/SecurityService.OpenIdConnect.IntegrationTests/Common/SharedSteps.cs b/SecurityService.OpenIdConnect.IntegrationTests/Common/SharedSteps.cs index 996c31f1..2119a457 100644 --- a/SecurityService.OpenIdConnect.IntegrationTests/Common/SharedSteps.cs +++ b/SecurityService.OpenIdConnect.IntegrationTests/Common/SharedSteps.cs @@ -64,6 +64,28 @@ private async Task CreateClient(CreateClientRequest create return createClientResponse; } + [Given(@"I create the following identity resources")] + public async Task GivenICreateTheFollowingIdentityResources(Table table) + { + foreach (TableRow tableRow in table.Rows) + { + // Get the scopes + String userClaims = SpecflowTableHelper.GetStringRowValue(tableRow, "UserClaims"); + + CreateIdentityResourceRequest createIdentityResourceRequest = new CreateIdentityResourceRequest + { + Name = SpecflowTableHelper + .GetStringRowValue(tableRow, "Name") + .Replace("[id]", this.TestingContext.DockerHelper.TestId.ToString("N")), + Claims = string.IsNullOrEmpty(userClaims) ? null : userClaims.Split(",").ToList(), + Description = SpecflowTableHelper.GetStringRowValue(tableRow, "Description"), + DisplayName = SpecflowTableHelper.GetStringRowValue(tableRow, "DisplayName") + }; + + await this.CreateIdentityResource(createIdentityResourceRequest, CancellationToken.None).ConfigureAwait(false); + } + } + [Given(@"I create the following api resources")] public async Task GivenICreateTheFollowingApiResources(Table table) { @@ -93,6 +115,42 @@ public async Task GivenICreateTheFollowingApiResources(Table table) } } + private async Task CreateIdentityResource(CreateIdentityResourceRequest createIdentityResourceRequest, + CancellationToken cancellationToken) + { + CreateIdentityResourceResponse createIdentityResourceResponse = null; + + List identityResourceList = await this.TestingContext.DockerHelper.SecurityServiceClient.GetIdentityResources(cancellationToken); + + if (identityResourceList == null || identityResourceList.Any() == false) + { + createIdentityResourceResponse = await this + .TestingContext.DockerHelper.SecurityServiceClient + .CreateIdentityResource(createIdentityResourceRequest, cancellationToken) + .ConfigureAwait(false); + createIdentityResourceResponse.ShouldNotBeNull(); + createIdentityResourceResponse.IdentityResourceName.ShouldNotBeNullOrEmpty(); + + this.TestingContext.IdentityResources.Add(createIdentityResourceResponse.IdentityResourceName); + } + else + { + if (identityResourceList.Where(i => i.Name == createIdentityResourceRequest.Name).Any()) + { + return; + } + + createIdentityResourceResponse = await this + .TestingContext.DockerHelper.SecurityServiceClient + .CreateIdentityResource(createIdentityResourceRequest, cancellationToken) + .ConfigureAwait(false); + createIdentityResourceResponse.ShouldNotBeNull(); + createIdentityResourceResponse.IdentityResourceName.ShouldNotBeNullOrEmpty(); + + this.TestingContext.IdentityResources.Add(createIdentityResourceResponse.IdentityResourceName); + } + } + [Given(@"I create the following clients")] public async Task GivenICreateTheFollowingClients(Table table) { diff --git a/SecurityService.OpenIdConnect.IntegrationTests/Common/TestingContext.cs b/SecurityService.OpenIdConnect.IntegrationTests/Common/TestingContext.cs index b5b2d8fb..3bdb844b 100644 --- a/SecurityService.OpenIdConnect.IntegrationTests/Common/TestingContext.cs +++ b/SecurityService.OpenIdConnect.IntegrationTests/Common/TestingContext.cs @@ -15,6 +15,8 @@ public class TestingContext public List ApiResources; + public List IdentityResources; + public TokenResponse TokenResponse; public TestingContext() @@ -23,6 +25,7 @@ public TestingContext() this.Roles= new Dictionary(); this.Clients=new List(); this.ApiResources=new List(); + this.IdentityResources= new List(); } } } \ No newline at end of file diff --git a/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature b/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature index 52643541..510f2ca2 100644 --- a/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature +++ b/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature @@ -11,6 +11,12 @@ Background: | Name | DisplayName | Secret | Scopes | UserClaims | | estateManagement[id] | Estate Managememt REST | Secret1 | estateManagement[id] | MerchantId,EstateId,role | + Given I create the following identity resources + | Name | DisplayName | Description | UserClaims | + | openid | Your user identifier | | sub | + | profile | User profile | Your user profile information (first name, last name, etc.) | name,role,email,given_name,middle_name,family_name,EstateId,MerchantId | + | email | Email | Email and Email Verified Flags | email_verified,email | + Given I create the following clients | ClientId | Name | Secret | Scopes | GrantTypes | RedirectUris | PostLogoutRedirectUris | RequireConsent | AllowOfflineAccess | | estateUIClient[id] | Merchant Client | Secret1 | estateManagement[id],openid,email,profile | hybrid | http://localhost:[port]/signin-oidc | http://localhost:[port]/signout-oidc | false | true | diff --git a/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature.cs b/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature.cs index 0cec8ebc..5686d2e1 100644 --- a/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature.cs +++ b/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature.cs @@ -111,6 +111,29 @@ public virtual void FeatureBackground() testRunner.Given("I create the following api resources", ((string)(null)), table2, "Given "); #line hidden TechTalk.SpecFlow.Table table3 = new TechTalk.SpecFlow.Table(new string[] { + "Name", + "DisplayName", + "Description", + "UserClaims"}); + table3.AddRow(new string[] { + "openid", + "Your user identifier", + "", + "sub"}); + table3.AddRow(new string[] { + "profile", + "User profile", + "Your user profile information (first name, last name, etc.)", + "name,role,email,given_name,middle_name,family_name,EstateId,MerchantId"}); + table3.AddRow(new string[] { + "email", + "Email", + "Email and Email Verified Flags", + "email_verified,email"}); +#line 14 + testRunner.Given("I create the following identity resources", ((string)(null)), table3, "Given "); +#line hidden + TechTalk.SpecFlow.Table table4 = new TechTalk.SpecFlow.Table(new string[] { "ClientId", "Name", "Secret", @@ -120,7 +143,7 @@ public virtual void FeatureBackground() "PostLogoutRedirectUris", "RequireConsent", "AllowOfflineAccess"}); - table3.AddRow(new string[] { + table4.AddRow(new string[] { "estateUIClient[id]", "Merchant Client", "Secret1", @@ -130,10 +153,10 @@ public virtual void FeatureBackground() "http://localhost:[port]/signout-oidc", "false", "true"}); -#line 14 - testRunner.Given("I create the following clients", ((string)(null)), table3, "Given "); +#line 20 + testRunner.Given("I create the following clients", ((string)(null)), table4, "Given "); #line hidden - TechTalk.SpecFlow.Table table4 = new TechTalk.SpecFlow.Table(new string[] { + TechTalk.SpecFlow.Table table5 = new TechTalk.SpecFlow.Table(new string[] { "Email Address", "Password", "Phone Number", @@ -142,7 +165,7 @@ public virtual void FeatureBackground() "Family Name", "Claims", "Roles"}); - table4.AddRow(new string[] { + table5.AddRow(new string[] { "estateuser[id]@testestate1.co.uk", "123456", "123456789", @@ -151,8 +174,8 @@ public virtual void FeatureBackground() "User 1", "EstateId:1", "Estate[id]"}); -#line 18 - testRunner.Given("I create the following users", ((string)(null)), table4, "Given "); +#line 24 + testRunner.Given("I create the following users", ((string)(null)), table5, "Given "); #line hidden } @@ -171,7 +194,7 @@ public virtual void AccessSecureAreaInApplication() "PRTest"}; TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("Access Secure Area In Application", null, new string[] { "PRTest"}); -#line 23 +#line 29 this.ScenarioInitialize(scenarioInfo); #line hidden bool isScenarioIgnored = default(bool); @@ -194,20 +217,20 @@ public virtual void AccessSecureAreaInApplication() #line 4 this.FeatureBackground(); #line hidden -#line 24 +#line 30 testRunner.Given("I am on the application home page", ((string)(null)), ((TechTalk.SpecFlow.Table)(null)), "Given "); #line hidden -#line 25 +#line 31 testRunner.When("I click the \'Privacy\' link", ((string)(null)), ((TechTalk.SpecFlow.Table)(null)), "When "); #line hidden -#line 26 +#line 32 testRunner.Then("I am presented with a login screen", ((string)(null)), ((TechTalk.SpecFlow.Table)(null)), "Then "); #line hidden -#line 27 +#line 33 testRunner.When("I login with the username \'estateuser[id]@testestate1.co.uk\' and password \'123456" + "\'", ((string)(null)), ((TechTalk.SpecFlow.Table)(null)), "When "); #line hidden -#line 28 +#line 34 testRunner.Then("I am presented with the privacy screen", ((string)(null)), ((TechTalk.SpecFlow.Table)(null)), "Then "); #line hidden } diff --git a/SecurityService/ca.tf b/SecurityService/ca.tf new file mode 100644 index 00000000..7ed6accd --- /dev/null +++ b/SecurityService/ca.tf @@ -0,0 +1,27 @@ +resource "tls_private_key" "root" { + algorithm = "RSA" + rsa_bits = "2048" +} + +resource "tls_self_signed_cert" "root" { + key_algorithm = tls_private_key.root.algorithm + private_key_pem = tls_private_key.root.private_key_pem + + validity_period_hours = 87600 + early_renewal_hours = 8760 + + is_ca_certificate = true + + allowed_uses = ["cert_signing"] + + subject { + common_name = "Event Store Development CA" + organization = "Event Store Ltd" + organizational_unit = "Testing" + } +} + +resource "local_file" "ca_cert" { + filename = "../ca.pem" + content = tls_self_signed_cert.root.cert_pem +} \ No newline at end of file