Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[QA] 0.6.1 Testplan #360

Closed
4 tasks done
jnweiger opened this issue Aug 30, 2023 · 1 comment
Closed
4 tasks done

[QA] 0.6.1 Testplan #360

jnweiger opened this issue Aug 30, 2023 · 1 comment

Comments

@jnweiger
Copy link
Contributor

jnweiger commented Aug 30, 2023
edited
Loading

Setup

Setup details (click to expand) References: * https://github.com/owncloud/oauth2/wiki/OAuth-code-Flow-Sequence-Diagram

OAuth2 app Test Plan

This aims to be a client-agnostic testplan for the OAuth2 application, centered in the actions available in the webUI and/or occ commands and their impact on ownCloud's core behavior. To test the application from a client standpoint see:

Testing functionality

Test Case Expected Result Result Related Comment
CLI commands
Enable OAuth2 app via CLI using occ app:enable oauth2 - The apps gets enabled
- Replies from the WebDAV endpoint includes a new WWW-Authenticate: Bearer... header		 ✔️
Disable OAuth2 app via CLI using occ app:disable oauth2 - The apps gets disabled
- Previously mentioned header goes away in further requests		 ✔️
Registered Clients
Default clients The default Registered clients are included among the "Settings > Admin > User Authentication" OAuth 2.0: Registered Clients ✔️ See #38 for the default values
Register new Client 64-character-length client_id and client_secret are generated together with a (required) Client Name and a (required) Redirection URL
Remove a Client - Confirmation dialog is prompted before removal
- All client sessions opened from those clients get removed		 🚧
Unregistered Clients
Authentication flow from an unregistered client Unsuccessful Authorization Request ✔️ Browser displays the "Request not valid" screen.
Authorized Applications
Login with a Registered Client The Client Name is displayed amongst the "Personal > Security" OAuth 2.0 Authorized Applications ✔️
Session Revocation (i.e. delete Authorized Application) All the sessions opened in the clients are revoked and must be re-authorized ⚙️
User Account Handling
Password change Open sessions are revoked and new credentials must be used in further login attempts 🚧
Authorization Flow
Successful Authorization Request without any session open in the browser Login form with an additional informative note about the application requesting access to ownCloud is displayed ✔️
Successful Authorization Request with a valid session in the browser The "Authorize" screen is displayed ✔️
Successful Authorization Request in a browser with a different user logged in The "Switch User" screen is displayed, allowing to modify the current session ✔️ See use of the additional user parameter in: #67
Failed attempt in the authorization login form The query parameters for the Authorization Request are preserved in next attempts ⚙️ See original issue in: owncloud/core#28129
Relevant Smoke Tests
Unauthenticated Actions: Public File Drop Files get uploaded normally ✔️ See #100
OAuth with new Web App
Register Web app via CLI occ app:enable web
client_id="$(tr -dc 'a-z0-9' < /dev/urandom | head -c 32)"
client_secret="$(tr -dc 'a-z0-9' < /dev/urandom | head -c 32)"
web_baseurl="https://$oc10_fqdn/index.php/apps/web"
occ config:system:set web.baseUrl --value $web_baseurl
occ oauth:add-client "ownCloud Web" $client_id $client_secret $web_baseurl/oidc-callback.html		 ✔️
Successful Authorization Request without any session open in the browser Login form with an additional informative note about the application requesting access to ownCloud is displayed ✔️
Successful Authorization Request with a valid session in the browser The "Authorize" screen is displayed ✔️

----

Changelog testing

  • occ oauth:add-client 'ownCloud Web' XXXX YYY https://oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.wo/index.php/apps/web/oidc-callback.html false
    • does not allow connection from ....works
  • occ oauth:add-client 'ownCloud Web' XXXX YYY https://jw-qa.owncloud.works/index.php/apps/web/oidc-callback.html false
    • does not allow connection from oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.works
  • occ oauth:add-client 'ownCloud Web' XXXX YYY https://oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.wo/index.php/apps/web/oidc-callback.html true
    • does not allow connection from ....works
  • occ oauth:add-client 'ownCloud Web' XXXX YYY https://jw-qa.owncloud.works/index.php/apps/web/oidc-callback.html true
    • allows(!) connection from oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.works
@jnweiger jnweiger mentioned this issue Aug 30, 2023
Closed
45 tasks
@jnweiger
Copy link
Contributor Author

tested with both 0.5.4-rc.1 and 0.6.1.rc.1

QA passed, ready to release.

@jnweiger jnweiger closed this as completed Sep 1, 2023
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jnweiger