Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[QA] 0.6.1 Testplan #360

Closed
4 tasks done
jnweiger opened this issue Aug 30, 2023 · 1 comment
Closed
4 tasks done

[QA] 0.6.1 Testplan #360

jnweiger opened this issue Aug 30, 2023 · 1 comment

Comments

@jnweiger
Copy link
Contributor

jnweiger commented Aug 30, 2023
edited
Loading

Setup

Setup details (click to expand) References: * https://github.com/owncloud/oauth2/wiki/OAuth-code-Flow-Sequence-Diagram

OAuth2 app Test Plan

This aims to be a client-agnostic testplan for the OAuth2 application, centered in the actions available in the webUI and/or occ commands and their impact on ownCloud's core behavior. To test the application from a client standpoint see:

Testing functionality

Test Case Expected Result Result Related Comment
CLI commands
Enable OAuth2 app via CLI using occ app:enable oauth2 - The apps gets enabled
- Replies from the WebDAV endpoint includes a new WWW-Authenticate: Bearer... header		 ✔️
Disable OAuth2 app via CLI using occ app:disable oauth2 - The apps gets disabled
- Previously mentioned header goes away in further requests		 ✔️
Registered Clients
Default clients The default Registered clients are included among the "Settings > Admin > User Authentication" OAuth 2.0: Registered Clients ✔️ See #38 for the default values
Register new Client 64-character-length client_id and client_secret are generated together with a (required) Client Name and a (required) Redirection URL
Remove a Client - Confirmation dialog is prompted before removal
- All client sessions opened from those clients get removed		 🚧
Unregistered Clients
Authentication flow from an unregistered client Unsuccessful Authorization Request ✔️ Browser displays the "Request not valid" screen.
Authorized Applications
Login with a Registered Client The Client Name is displayed amongst the "Personal > Security" OAuth 2.0 Authorized Applications ✔️
Session Revocation (i.e. delete Authorized Application) All the sessions opened in the clients are revoked and must be re-authorized ⚙️
User Account Handling
Password change Open sessions are revoked and new credentials must be used in further login attempts 🚧
Authorization Flow
Successful Authorization Request without any session open in the browser Login form with an additional informative note about the application requesting access to ownCloud is displayed ✔️
Successful Authorization Request with a valid session in the browser The "Authorize" screen is displayed ✔️
Successful Authorization Request in a browser with a different user logged in The "Switch User" screen is displayed, allowing to modify the current session ✔️ See use of the additional user parameter in: #67
Failed attempt in the authorization login form The query parameters for the Authorization Request are preserved in next attempts ⚙️ See original issue in: owncloud/core#28129
Relevant Smoke Tests
Unauthenticated Actions: Public File Drop Files get uploaded normally ✔️ See #100
OAuth with new Web App
Register Web app via CLI occ app:enable web
client_id="$(tr -dc 'a-z0-9' < /dev/urandom | head -c 32)"
client_secret="$(tr -dc 'a-z0-9' < /dev/urandom | head -c 32)"
web_baseurl="https://$oc10_fqdn/index.php/apps/web"
occ config:system:set web.baseUrl --value $web_baseurl
occ oauth:add-client "ownCloud Web" $client_id $client_secret $web_baseurl/oidc-callback.html		 ✔️
Successful Authorization Request without any session open in the browser Login form with an additional informative note about the application requesting access to ownCloud is displayed ✔️
Successful Authorization Request with a valid session in the browser The "Authorize" screen is displayed ✔️

----

Changelog testing

  • occ oauth:add-client 'ownCloud Web' XXXX YYY https://oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.wo/index.php/apps/web/oidc-callback.html false
    • does not allow connection from ....works
  • occ oauth:add-client 'ownCloud Web' XXXX YYY https://jw-qa.owncloud.works/index.php/apps/web/oidc-callback.html false
    • does not allow connection from oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.works
  • occ oauth:add-client 'ownCloud Web' XXXX YYY https://oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.wo/index.php/apps/web/oidc-callback.html true
    • does not allow connection from ....works
  • occ oauth:add-client 'ownCloud Web' XXXX YYY https://jw-qa.owncloud.works/index.php/apps/web/oidc-callback.html true
    • allows(!) connection from oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.works
@jnweiger jnweiger mentioned this issue Aug 30, 2023
Closed
45 tasks
@jnweiger
Copy link
Contributor Author

tested with both 0.5.4-rc.1 and 0.6.1.rc.1

QA passed, ready to release.

@jnweiger jnweiger closed this as completed Sep 1, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jnweiger