From 706da7c64d3474bce2a8e15a0b2bf38d38e17bf0 Mon Sep 17 00:00:00 2001
From: Mark <mark@openappstack.net>
Date: Mon, 30 Sep 2019 17:29:20 +0200
Subject: [PATCH] Add lgout feature
---
.gitlab-ci.yml | 4 +++-
docker-compose.yml | 1 +
login_provider/app.py | 6 ++----
test/login_logout/app.py | 8 ++++++++
test/login_logout/test/behave/features/environment.py | 1 +
test/login_logout/test/behave/features/login.feature | 6 ++++++
test/login_logout/test/behave/features/steps/login.py | 8 +++++++-
7 files changed, 28 insertions(+), 6 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 0290f10..86aa1b1 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -134,6 +134,8 @@ behave-integration:
DATABASE_HOST: "172.17.0.2" # 172.17.0.2 -> postgres
URLS_LOGIN: "http://172.17.0.3:5000/" # 172.17.0.3 -> login
URLS_LOGOUT: "http://172.17.0.3:5000/logout"
+ LOGOUT_URL: "http://172.17.0.3:5000/logout"
+ URLS_POST_LOGOUT_REDIRECT: "http://172.17.0.3:5000/"
URLS_CONSENT: "http://172.17.0.4:5001/" # 172.17.0.4 -> consent
URLS_SELF_ISSUER: "http://172.17.0.5:4444/" # 172.17.0.5 -> hydra
HYDRA_ADMIN_URL: "http://172.17.0.5:4445"
@@ -168,7 +170,7 @@ behave-integration:
- /bin/sh user-panel/utils/grant-access.sh ${TESTUSER_USERNAME} ${KEY} backend 5000
- /bin/sh test/create-hydra-client.sh ${KEY} ${SECRET} hydra 4445 http://oauth:5000/callback
- cd test/login_logout/test/behave/
- - python3 -m behave -D headless=True -D url=http://oauth:5000 -D username=${TESTUSER_USERNAME} -D password=${TESTUSER_PASSWORD}
+ - python3 -m behave -D headless=True -D url=http://oauth:5000 -D logout_url=http://oauth:5000/logout -D username=${TESTUSER_USERNAME} -D password=${TESTUSER_PASSWORD}
artifacts:
paths:
- test/login_logout/test/behave/screenshots/
diff --git a/docker-compose.yml b/docker-compose.yml
index 484d3c4..26e1df1 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -19,6 +19,7 @@ services:
- URLS_CONSENT=http://oas.example.net:5001/
- URLS_LOGIN=http://oas.example.net:5000/
- URLS_LOGOUT=http://oas.example.net:5000/logout
+ - URLS_POST_LOGOUT_REDIRECT=http://oas.example.net:5000/
- DSN=memory
- SECRETS_SYSTEM=youReallyNeedToChangeThis
- OIDC_SUBJECT_TYPES_SUPPORTED=public,pairwise
diff --git a/login_provider/app.py b/login_provider/app.py
index acec10d..ba85dcd 100644
--- a/login_provider/app.py
+++ b/login_provider/app.py
@@ -56,11 +56,9 @@ def is_safe_url(url):
and url[18:].isalnum() or safe else False
return safe
-@app.route('/logout', methods=['POST'])
+@app.route('/logout', methods=['POST', 'GET'])
def logout():
- logout_form = LogoutForm()
- if logout_form.validate():
- logout_user()
+ logout_user()
return redirect(url_for('home'))
if __name__ == '__main__':
diff --git a/test/login_logout/app.py b/test/login_logout/app.py
index f2b8a6c..87420ec 100644
--- a/test/login_logout/app.py
+++ b/test/login_logout/app.py
@@ -8,6 +8,7 @@ import uuid
BASE_URL=environ["BASE_URL"]
ACCESS_TOKEN_URL=environ["ACCESS_TOKEN_URL"]
+LOGOUT_URL=environ["LOGOUT_URL"]
AUTHORIZE_URL=environ["AUTHORIZE_URL"]
KEY=environ["KEY"]
SECRET=environ["SECRET"]
@@ -35,10 +36,17 @@ def get_sso_token(token=None):
def login():
return sso.authorize(url_for('callback', _external=True))
+@app.route('/logout')
+def logout():
+ del session['sso_token']
+ return redirect(LOGOUT_URL)
+
@app.route('/callback')
def callback():
resp = sso.authorized_response()
if resp is None:
+ if "error" in request.args:
+ return jsonify(request.args)
abort(403)
session['sso_token'] = (resp['access_token'],None)
return jsonify(resp)
diff --git a/test/login_logout/test/behave/features/environment.py b/test/login_logout/test/behave/features/environment.py
index 4adf484..53dff84 100644
--- a/test/login_logout/test/behave/features/environment.py
+++ b/test/login_logout/test/behave/features/environment.py
@@ -38,6 +38,7 @@ def before_tag(context, tag):
values = dict()
userdata = context.config.userdata
values['url'] = userdata.get('url')
+ values['logout_url'] = userdata.get('logout_url')
values['username'] = userdata.get('username')
values['password'] = userdata.get('password')
assert values['url'], 'url variable missing in' \
diff --git a/test/login_logout/test/behave/features/login.feature b/test/login_logout/test/behave/features/login.feature
index 156c338..b397288 100644
--- a/test/login_logout/test/behave/features/login.feature
+++ b/test/login_logout/test/behave/features/login.feature
@@ -19,3 +19,9 @@ Scenario: Login with a valid user with access to application
And I expect that element "input#username" does not exist
And I expect that the path is "/callback"
And I expect that element "body" contains the text "access_token"
+
+Scenario: Logout
+ Given I open the logout URL
+ Then I wait on element "input#username" for 1000ms to be visible
+ And I expect that element "input#password" is visible
+ And I expect that element "input#submit" is visible
diff --git a/test/login_logout/test/behave/features/steps/login.py b/test/login_logout/test/behave/features/steps/login.py
index b4fa87a..ba1a9df 100644
--- a/test/login_logout/test/behave/features/steps/login.py
+++ b/test/login_logout/test/behave/features/steps/login.py
@@ -12,10 +12,16 @@ def before_all(context):
@when(u'I open the URL')
@given(u'I open the URL')
def step_impl(context):
- """Open nextcloud URL."""
+ """Open oauth client URL."""
context.behave_driver.get(context.oauth['url'])
+@when(u'I open the logout URL')
+@given(u'I open the logout URL')
+def step_impl(context):
+ """Logout by visitng the logout url"""
+ context.behave_driver.get(context.oauth['logout_url'])
+
@when(u'I enter the "{attribute}" in the inputfield "{element}"')
def step_impl(context, attribute, element):
--
GitLab