...

Source file src/edge-infra.dev/pkg/edge/api/graph/integration/auth_queries.resolvers_test.go

Documentation: edge-infra.dev/pkg/edge/api/graph/integration

     1  package integration_test
     2  
     3  import (
     4  	"fmt"
     5  	"strings"
     6  
     7  	"github.com/udacity/graphb"
     8  
     9  	"edge-infra.dev/test/framework/integration"
    10  
    11  	"edge-infra.dev/pkg/edge/api/graph/model"
    12  	edgebsl "edge-infra.dev/pkg/edge/bsl-reconciler"
    13  )
    14  
    15  func (s *Suite) TestWhoAmINoAuth() {
    16  	integration.SkipIf(s.Framework)
    17  	// whoAmi with no auth user should fail
    18  	var resp interface{}
    19  	// Set Authorization to empty to get error
    20  	err := ResolverClient.Post("{whoAmI}", resp, SetHeader("Authorization", ""))
    21  	s.Error(err)
    22  	s.Nil(resp)
    23  }
    24  
    25  func (s *Suite) TestLogin() {
    26  	integration.SkipIf(s.Framework)
    27  	var resp struct{ Login *model.AuthPayload }
    28  	mutation := loginMutation(testUser, "password", testOrg)
    29  	s.NoError(ResolverClient.Post(mutation, &resp))
    30  	s.NotNil(resp.Login)
    31  	s.NotEmpty(resp.Login.Token)
    32  	s.False(resp.Login.CredentialsExpired)
    33  	s.NotEmpty(resp.Login.FullName)
    34  	s.NotEmpty(resp.Login.FirstName)
    35  	s.Contains(resp.Login.Roles, "EDGE_ORG_ADMIN")
    36  	s.Equal(resp.Login.SessionTime, 15.0)
    37  }
    38  
    39  func (s *Suite) TestLoginWithOkta_Valid() {
    40  	integration.SkipIf(s.Framework)
    41  	var resp struct{ LoginWithOkta *model.OktaAuthPayload }
    42  	mutation := loginWithOktaMutation("good-okta-token", "test-refresh-token", "test-org")
    43  	s.NoError(ResolverClient.Post(mutation, &resp))
    44  	s.Equal(resp.LoginWithOkta.Token, "good-okta-token")
    45  	s.Equal(resp.LoginWithOkta.RefreshToken, "test-refresh-token")
    46  }
    47  
    48  func (s *Suite) TestLoginWithOkta_InValid() {
    49  	integration.SkipIf(s.Framework)
    50  	var resp struct{ LoginWithOkta *model.OktaAuthPayload }
    51  	mutation := loginWithOktaMutation("bad-okta-token", "test-refresh-token", "test-org")
    52  	s.Error(ResolverClient.Post(mutation, &resp))
    53  }
    54  
    55  func (s *Suite) TestVerifyOktaToken_Valid() {
    56  	integration.SkipIf(s.Framework)
    57  	var resp struct{ VerifyOktaToken bool }
    58  	mutation := verifyOktaTokenMutation("good-okta-token")
    59  	s.NoError(ResolverClient.Post(mutation, &resp))
    60  }
    61  
    62  func (s *Suite) TestVerifyOktaToken_InValid() {
    63  	integration.SkipIf(s.Framework)
    64  	var resp struct{ VerifyOktaToken bool }
    65  	mutation := verifyOktaTokenMutation("bad-okta-token")
    66  	s.Error(ResolverClient.Post(mutation, &resp))
    67  }
    68  
    69  func (s *Suite) TestLoginBadPassword() {
    70  	integration.SkipIf(s.Framework)
    71  	var resp struct{ Login *model.AuthPayload }
    72  	mutation := loginMutation(testUser, "", testOrg)
    73  	s.Error(ResolverClient.Post(mutation, &resp))
    74  	s.Nil(resp.Login)
    75  }
    76  
    77  func (s *Suite) TestUpdateUserPassword() {
    78  	integration.SkipIf(s.Framework)
    79  	var resp struct{ UpdateUserPassword *model.EdgeResponsePayload }
    80  	mutation := updateUserPasswordMutation(testUser, "new-password", testRootOrg)
    81  	s.NoError(ResolverClient.Post(mutation, &resp))
    82  	s.Equal(resp.UpdateUserPassword.StatusCode, 200)
    83  	s.Equal(resp.UpdateUserPassword.Message, "Updated Successfully!")
    84  }
    85  
    86  func (s *Suite) TestTokenExchange() {
    87  	integration.SkipIf(s.Framework)
    88  	var resp struct{ TokenExchange string }
    89  	mutation := tokenExchangeMutation()
    90  	s.NoError(ResolverClient.Post(mutation, &resp))
    91  	s.NotNil(resp.TokenExchange)
    92  }
    93  
    94  func (s *Suite) TestGetUserData() {
    95  	integration.SkipIf(s.Framework)
    96  	var resp struct{ UserData *model.UserData }
    97  	query := getUserDataQuery(testUser)
    98  	s.NoError(ResolverClient.Post(query, &resp))
    99  	s.Len(resp.UserData.AssignedBanners, 3)
   100  	s.Equal(resp.UserData.AssignedBanners[0].Name, "test-org")
   101  	s.Equal(resp.UserData.AssignedBanners[0].BannerBSLId, "test-org-id")
   102  	s.Equal(resp.UserData.AssignedBanners[1].Name, "test-org-banner")
   103  	s.Equal(resp.UserData.AssignedBanners[1].BannerBSLId, "test-org-banner")
   104  	s.Equal(resp.UserData.AssignedBanners[2].Name, "test-banner-eu")
   105  	s.Equal(resp.UserData.AssignedBanners[2].BannerBSLId, "eu-banner-bsl-id")
   106  	s.Len(resp.UserData.Roles, 1)
   107  	s.Equal(resp.UserData.Roles[0], testUserRole)
   108  }
   109  
   110  func (s *Suite) TestGetUserData_Empty() {
   111  	integration.SkipIf(s.Framework)
   112  	var resp struct{ UserData *model.UserData }
   113  	query := getUserDataQuery("acct:emerald-edge-dev@nodata")
   114  	s.NoError(ResolverClient.Post(query, &resp))
   115  	s.Empty(resp.UserData.AssignedBanners)
   116  	s.Empty(resp.UserData.Roles)
   117  }
   118  
   119  func (s *Suite) TestGetUserData_Multiple() {
   120  	integration.SkipIf(s.Framework)
   121  	var resp struct{ UserData *model.UserData }
   122  	query := getUserDataQuery("acct:emerald-edge-dev@multiple")
   123  	s.NoError(ResolverClient.Post(query, &resp))
   124  	s.Len(resp.UserData.AssignedBanners, 4)
   125  	s.Equal(resp.UserData.AssignedBanners[0].Name, "test-org")
   126  	s.Equal(resp.UserData.AssignedBanners[0].BannerBSLId, "test-org-id")
   127  	s.Equal(resp.UserData.AssignedBanners[1].Name, "test-org-banner")
   128  	s.Equal(resp.UserData.AssignedBanners[1].BannerBSLId, "test-org-banner")
   129  	s.Equal(resp.UserData.AssignedBanners[2].Name, "test-banner-eu")
   130  	s.Equal(resp.UserData.AssignedBanners[2].BannerBSLId, "eu-banner-bsl-id")
   131  	s.Equal(resp.UserData.AssignedBanners[3].Name, "test-banner-eu")
   132  	s.Equal(resp.UserData.AssignedBanners[3].BannerBSLId, "eu-banner-bsl-id")
   133  	s.Len(resp.UserData.Roles, 1)
   134  	s.Equal(resp.UserData.Roles[0], testUserRole)
   135  }
   136  
   137  func (s *Suite) TestUpdateUserPasswordWithToken() {
   138  	integration.SkipIf(s.Framework)
   139  	var resp struct{ UpdatePasswordWithToken bool }
   140  	query := updateUserPasswordWithTokenMutation("good-token", "good-password", "good-org")
   141  	err := ResolverClient.Post(query, &resp)
   142  	s.NoError(err)
   143  	s.True(resp.UpdatePasswordWithToken)
   144  	query = updateUserPasswordWithTokenMutation("good-token", "bad-password", "good-org")
   145  	s.Error(ResolverClient.Post(query, &resp))
   146  	query = updateUserPasswordWithTokenMutation("bad-token", "bad-token", "good-org")
   147  	s.Error(ResolverClient.Post(query, &resp))
   148  }
   149  
   150  func (s *Suite) TestForgotPassword() {
   151  	integration.SkipIf(s.Framework)
   152  	var resp struct{ ForgotPassword bool }
   153  	mutation := forgotPasswordMutation(testUserName, testRootOrg)
   154  	s.NoError(ResolverClient.Post(mutation, &resp))
   155  	s.True(resp.ForgotPassword)
   156  }
   157  
   158  func (s *Suite) TestGetUser() {
   159  	integration.SkipIf(s.Framework)
   160  	var resp struct{ User *model.User }
   161  	mutation := getUserMutation("acct:edge-dev0-edge-b413cb@test")
   162  	s.NoError(ResolverClient.Post(mutation, &resp))
   163  	s.NotEmpty(resp.User)
   164  	s.Equal(*resp.User.Email, "test@ncr.com")
   165  	s.Equal(resp.User.Status, "INACTIVE")
   166  	s.Equal(resp.User.GivenName, "Peter")
   167  	s.Equal(resp.User.FamilyName, "Doe")
   168  }
   169  
   170  func (s *Suite) TestUpdateUserProfile() {
   171  	integration.SkipIf(s.Framework)
   172  	var getUserResp struct{ User *model.User }
   173  	getUserMutation := getUserMutation("acct:edge-dev0-edge-b413cb@test")
   174  	s.NoError(ResolverClient.Post(getUserMutation, &getUserResp))
   175  	s.NotEmpty(getUserResp.User)
   176  	s.Equal(*getUserResp.User.Email, "test@ncr.com")
   177  	s.Equal(getUserResp.User.Status, "INACTIVE")
   178  	s.Equal(getUserResp.User.GivenName, "Peter")
   179  	s.Equal(getUserResp.User.FamilyName, "Doe")
   180  
   181  	var resp struct{ UpdateUserProfile *model.User }
   182  	mutation := updateUserProfileMutation("acct:edge-dev0-edge-b413cb@test", "ACTIVE", "John")
   183  	s.NoError(ResolverClient.Post(mutation, &resp))
   184  	s.NotEmpty(resp.UpdateUserProfile)
   185  	s.Equal(*resp.UpdateUserProfile.Email, *getUserResp.User.Email)
   186  	s.Equal(resp.UpdateUserProfile.Status, "ACTIVE")
   187  	s.Equal(resp.UpdateUserProfile.GivenName, "John")
   188  	s.Equal(resp.UpdateUserProfile.FamilyName, getUserResp.User.FamilyName)
   189  }
   190  
   191  func (s *Suite) TestUsers() {
   192  	integration.SkipIf(s.Framework)
   193  	var response struct{ Users []*model.User }
   194  	mutation := usersMutation("")
   195  	s.NoError(ResolverClient.Post(mutation, &response))
   196  	s.Equal(1, len(response.Users))
   197  	if len(response.Users) > 0 {
   198  		for _, user := range response.Users {
   199  			s.True(!strings.HasSuffix(user.Username, fmt.Sprintf("-%s", edgebsl.BFFUsername)))
   200  		}
   201  	}
   202  }
   203  
   204  func (s *Suite) TestUsersOrgBanner() {
   205  	integration.SkipIf(s.Framework)
   206  	var response struct{ Users []*model.User }
   207  	mutation := usersMutation("3396a52c-6a22-4049-9593-5a63b596a101")
   208  	s.NoError(ResolverClient.Post(mutation, &response))
   209  	s.Equal(len(response.Users), 1)
   210  }
   211  
   212  func (s *Suite) TestUsersEUBanner() {
   213  	integration.SkipIf(s.Framework)
   214  	var response struct{ Users []*model.User }
   215  	mutation := usersMutation("98ef1fcb-dc88-4c9f-9980-c09a04564a48")
   216  	s.NoError(ResolverClient.Post(mutation, &response))
   217  	s.Equal(len(response.Users), 1)
   218  }
   219  
   220  func loginMutation(username, password, organization string) string {
   221  	return MustParse(graphb.Query{
   222  		Type: graphb.TypeMutation,
   223  		Fields: []*graphb.Field{
   224  			{
   225  				Name: "login",
   226  				Arguments: []graphb.Argument{
   227  					graphb.ArgumentString("username", username),
   228  					graphb.ArgumentString("password", password),
   229  					graphb.ArgumentString("organization", organization),
   230  				},
   231  				Fields: graphb.Fields("token", "firstName", "fullName", "roles", "credentialsExpired", "sessionTime"),
   232  			},
   233  		},
   234  	})
   235  }
   236  
   237  func loginWithOktaMutation(oktaToken, refreshToken, organization string) string {
   238  	return MustParse(graphb.Query{
   239  		Type: graphb.TypeMutation,
   240  		Fields: []*graphb.Field{
   241  			{
   242  				Name: "loginWithOkta",
   243  				Arguments: []graphb.Argument{
   244  					graphb.ArgumentString("oktaToken", oktaToken),
   245  					graphb.ArgumentString("refreshToken", refreshToken),
   246  					graphb.ArgumentString("organization", organization),
   247  				},
   248  				Fields: graphb.Fields("token", "refreshToken", "firstName", "fullName", "valid", "sessionTime"),
   249  			},
   250  		},
   251  	})
   252  }
   253  
   254  func verifyOktaTokenMutation(oktaToken string) string {
   255  	return MustParse(graphb.Query{
   256  		Type: graphb.TypeMutation,
   257  		Fields: []*graphb.Field{
   258  			{
   259  				Name: "verifyOktaToken",
   260  				Arguments: []graphb.Argument{
   261  					graphb.ArgumentString("oktaToken", oktaToken),
   262  				},
   263  			},
   264  		},
   265  	})
   266  }
   267  
   268  func tokenExchangeMutation() string {
   269  	return MustParse(graphb.Query{
   270  		Type: graphb.TypeMutation,
   271  		Fields: []*graphb.Field{
   272  			{
   273  				Name: "tokenExchange",
   274  			},
   275  		},
   276  	})
   277  }
   278  
   279  func updateUserPasswordWithTokenMutation(token, newPassword, organization string) string {
   280  	return MustParse(graphb.Query{
   281  		Type: graphb.TypeMutation,
   282  		Fields: []*graphb.Field{
   283  			{
   284  				Name: "updatePasswordWithToken",
   285  				Arguments: []graphb.Argument{
   286  					graphb.ArgumentString("token", token),
   287  					graphb.ArgumentString("newPassword", newPassword),
   288  					graphb.ArgumentString("organization", organization),
   289  				},
   290  			},
   291  		},
   292  	})
   293  }
   294  
   295  func updateUserPasswordMutation(username, newPassword, organization string) string {
   296  	return MustParse(graphb.Query{
   297  		Type: graphb.TypeMutation,
   298  		Fields: []*graphb.Field{
   299  			{
   300  				Name: "updateUserPassword",
   301  				Arguments: []graphb.Argument{
   302  					graphb.ArgumentString("username", username),
   303  					graphb.ArgumentString("newPassword", newPassword),
   304  					graphb.ArgumentString("organization", organization),
   305  				},
   306  				Fields: graphb.Fields("statusCode", "message"),
   307  			},
   308  		},
   309  	})
   310  }
   311  
   312  func getUserDataQuery(username string) string {
   313  	return MustParse(graphb.Query{
   314  		Type: graphb.TypeQuery,
   315  		Fields: []*graphb.Field{
   316  			{
   317  				Name: "userData",
   318  				Arguments: []graphb.Argument{
   319  					graphb.ArgumentString("username", username),
   320  				},
   321  				Fields: []*graphb.Field{
   322  					graphb.NewField("assignedBanners", graphb.OfFields("bannerBSLId", "name", "bannerEdgeId")),
   323  					graphb.NewField("roles"),
   324  				},
   325  			},
   326  		},
   327  	})
   328  }
   329  
   330  func usersMutation(bannerEdgeID string) string {
   331  	return MustParse(graphb.Query{
   332  		Type: graphb.TypeQuery,
   333  		Fields: []*graphb.Field{
   334  			{
   335  				Name: "users",
   336  				Arguments: []graphb.Argument{
   337  					graphb.ArgumentString("bannerEdgeId", bannerEdgeID),
   338  				},
   339  				Fields: []*graphb.Field{
   340  					graphb.NewField("email"),
   341  					graphb.NewField("status"),
   342  					graphb.NewField("givenName"),
   343  					graphb.NewField("familyName"),
   344  				},
   345  			},
   346  		},
   347  	})
   348  }
   349  
   350  func forgotPasswordMutation(username, organization string) string {
   351  	return MustParse(graphb.Query{
   352  		Type: graphb.TypeMutation,
   353  		Fields: []*graphb.Field{
   354  			{
   355  				Name: "forgotPassword",
   356  				Arguments: []graphb.Argument{
   357  					graphb.ArgumentString("username", username),
   358  					graphb.ArgumentString("organization", organization),
   359  				},
   360  			},
   361  		},
   362  	})
   363  }
   364  
   365  func getUserMutation(username string) string {
   366  	return MustParse(graphb.Query{
   367  		Type: graphb.TypeQuery,
   368  		Fields: []*graphb.Field{
   369  			{
   370  				Name: "user",
   371  				Arguments: []graphb.Argument{
   372  					graphb.ArgumentString("username", username),
   373  				},
   374  				Fields: []*graphb.Field{
   375  					graphb.NewField("email"),
   376  					graphb.NewField("status"),
   377  					graphb.NewField("givenName"),
   378  					graphb.NewField("familyName"),
   379  				},
   380  			},
   381  		},
   382  	})
   383  }
   384  
   385  func updateUserProfileMutation(username, status, givenName string) string {
   386  	return MustParse(graphb.Query{
   387  		Type: graphb.TypeMutation,
   388  		Fields: []*graphb.Field{
   389  			{
   390  				Name: "updateUserProfile",
   391  				Arguments: []graphb.Argument{
   392  					graphb.ArgumentCustomType("user",
   393  						graphb.ArgumentString("username", username),
   394  						graphb.ArgumentString("givenName", givenName),
   395  						graphb.ArgumentString("status", status),
   396  					),
   397  				},
   398  				Fields: []*graphb.Field{
   399  					graphb.NewField("email"),
   400  					graphb.NewField("status"),
   401  					graphb.NewField("givenName"),
   402  					graphb.NewField("familyName"),
   403  				},
   404  			},
   405  		},
   406  	})
   407  }
   408  

View as plain text