diff --git a/canaille/app/forms.py b/canaille/app/forms.py index f5d311e0..684bf2cf 100644 --- a/canaille/app/forms.py +++ b/canaille/app/forms.py @@ -126,6 +126,7 @@ def email_validator(form, field): except ImportError: pass + email_validator.TEST_ENVIRONMENT = current_app.config.get("TESTING", False) wtforms.validators.Email()(form, field) diff --git a/tests/app/commands/test_create.py b/tests/app/commands/test_create.py index 834d3808..82da046e 100644 --- a/tests/app/commands/test_create.py +++ b/tests/app/commands/test_create.py @@ -18,9 +18,9 @@ def test_create(testclient, backend, foo_group): "--formatted-name", "Johnny", "--emails", - "foo@example.org", + "foo@example.test", "--emails", - "bar@example.org", + "bar@example.test", "--given-name", "John", "--family-name", @@ -40,8 +40,8 @@ def test_create(testclient, backend, foo_group): "created": mock.ANY, "last_modified": mock.ANY, "emails": [ - "foo@example.org", - "bar@example.org", + "foo@example.test", + "bar@example.test", ], "family_name": "Doe", "given_name": "John", diff --git a/tests/app/commands/test_delete.py b/tests/app/commands/test_delete.py index ff1676b9..36177341 100644 --- a/tests/app/commands/test_delete.py +++ b/tests/app/commands/test_delete.py @@ -7,7 +7,7 @@ def test_delete_by_id(testclient, backend): user = models.User( formatted_name="Foo bar", family_name="Bar", - emails=["foobar@example.org"], + emails=["foobar@example.test"], user_name="foobar", ) backend.save(user) @@ -24,7 +24,7 @@ def test_delete_by_identifier(testclient, backend): user = models.User( formatted_name="Foo bar", family_name="Bar", - emails=["foobar@example.org"], + emails=["foobar@example.test"], user_name="foobar", ) backend.save(user) diff --git a/tests/app/commands/test_get.py b/tests/app/commands/test_get.py index dfbea996..f6c86567 100644 --- a/tests/app/commands/test_get.py +++ b/tests/app/commands/test_get.py @@ -26,7 +26,7 @@ def test_get(testclient, backend, user): "created": mock.ANY, "display_name": "Johnny", "emails": [ - "john@doe.com", + "john@doe.test", ], "family_name": "Doe", "formatted_address": "1235, somewhere", @@ -39,7 +39,7 @@ def test_get(testclient, backend, user): "555-000-000", ], "preferred_language": "en", - "profile_url": "https://john.example", + "profile_url": "https://john.test", "user_name": "user", }, ] @@ -56,7 +56,7 @@ def test_get_model_filter(testclient, backend, user, admin, foo_group): "created": mock.ANY, "display_name": "Johnny", "emails": [ - "john@doe.com", + "john@doe.test", ], "family_name": "Doe", "formatted_address": "1235, somewhere", @@ -69,7 +69,7 @@ def test_get_model_filter(testclient, backend, user, admin, foo_group): "555-000-000", ], "preferred_language": "en", - "profile_url": "https://john.example", + "profile_url": "https://john.test", "user_name": "user", "groups": [foo_group.id], }, @@ -87,7 +87,7 @@ def test_get_datetime_filter(testclient, backend, user): "created": mock.ANY, "display_name": "Johnny", "emails": [ - "john@doe.com", + "john@doe.test", ], "family_name": "Doe", "formatted_address": "1235, somewhere", @@ -100,7 +100,7 @@ def test_get_datetime_filter(testclient, backend, user): "555-000-000", ], "preferred_language": "en", - "profile_url": "https://john.example", + "profile_url": "https://john.test", "user_name": "user", }, ] diff --git a/tests/app/commands/test_set.py b/tests/app/commands/test_set.py index 85d795b7..41966f03 100644 --- a/tests/app/commands/test_set.py +++ b/tests/app/commands/test_set.py @@ -14,7 +14,7 @@ def test_set_string_by_id(testclient, backend, user): "created": mock.ANY, "display_name": "Johnny", "emails": [ - "john@doe.com", + "john@doe.test", ], "family_name": "Doe", "formatted_address": "1235, somewhere", @@ -27,7 +27,7 @@ def test_set_string_by_id(testclient, backend, user): "555-000-000", ], "preferred_language": "en", - "profile_url": "https://john.example", + "profile_url": "https://john.test", "user_name": "user", } backend.reload(user) @@ -44,7 +44,7 @@ def test_set_string_by_identifier(testclient, backend, user): "created": mock.ANY, "display_name": "Johnny", "emails": [ - "john@doe.com", + "john@doe.test", ], "family_name": "Doe", "formatted_address": "1235, somewhere", @@ -57,7 +57,7 @@ def test_set_string_by_identifier(testclient, backend, user): "555-000-000", ], "preferred_language": "en", - "profile_url": "https://john.example", + "profile_url": "https://john.test", "user_name": "user", } backend.reload(user) @@ -75,9 +75,9 @@ def test_set_multiple(testclient, backend, user): "user", user.id, "--emails", - "foo@example.org", + "foo@example.test", "--emails", - "bar@example.org", + "bar@example.test", ], ) assert res.exit_code == 0, res.stdout @@ -85,8 +85,8 @@ def test_set_multiple(testclient, backend, user): "created": mock.ANY, "display_name": "Johnny", "emails": [ - "foo@example.org", - "bar@example.org", + "foo@example.test", + "bar@example.test", ], "family_name": "Doe", "formatted_address": "1235, somewhere", @@ -99,13 +99,13 @@ def test_set_multiple(testclient, backend, user): "555-000-000", ], "preferred_language": "en", - "profile_url": "https://john.example", + "profile_url": "https://john.test", "user_name": "user", } backend.reload(user) assert user.emails == [ - "foo@example.org", - "bar@example.org", + "foo@example.test", + "bar@example.test", ] @@ -129,7 +129,7 @@ def test_set_remove_simple_attribute(testclient, backend, user, admin): "created": mock.ANY, "display_name": "Johnny", "emails": [ - "john@doe.com", + "john@doe.test", ], "family_name": "Doe", "formatted_name": "John (johnny) Doe", @@ -141,7 +141,7 @@ def test_set_remove_simple_attribute(testclient, backend, user, admin): "555-000-000", ], "preferred_language": "en", - "profile_url": "https://john.example", + "profile_url": "https://john.test", "user_name": "user", } backend.reload(user) @@ -161,7 +161,7 @@ def test_set_remove_multiple_attribute(testclient, backend, user, admin, foo_gro "created": mock.ANY, "display_name": "Johnny", "emails": [ - "john@doe.com", + "john@doe.test", ], "family_name": "Doe", "formatted_name": "John (johnny) Doe", @@ -174,7 +174,7 @@ def test_set_remove_multiple_attribute(testclient, backend, user, admin, foo_gro "555-000-000", ], "preferred_language": "en", - "profile_url": "https://john.example", + "profile_url": "https://john.test", "user_name": "user", } backend.reload(user) diff --git a/tests/app/test_apputils.py b/tests/app/test_apputils.py index 997105cb..1d6c3632 100644 --- a/tests/app/test_apputils.py +++ b/tests/app/test_apputils.py @@ -2,8 +2,8 @@ def test_validate_uri(): - assert validate_uri("https://canaille.tld") - assert validate_uri("scheme.with.dots://canaille.tld") + assert validate_uri("https://canaille.test") + assert validate_uri("scheme.with.dots://canaille.test") assert validate_uri("scheme.with.dots://localhost") assert validate_uri("scheme.with.dots://oauth") assert not validate_uri("invalid") diff --git a/tests/app/test_configuration.py b/tests/app/test_configuration.py index 1d7516a1..f05924d6 100644 --- a/tests/app/test_configuration.py +++ b/tests/app/test_configuration.py @@ -43,17 +43,17 @@ def test_configuration_nestedsecrets_directory(tmp_path, backend, configuration) def test_configuration_from_environment_vars(): """Canaille should read configuration from environment vars.""" os.environ["SECRET_KEY"] = "very-very-secret" - os.environ["CANAILLE__SMTP__FROM_ADDR"] = "user@mydomain.tld" + os.environ["CANAILLE__SMTP__FROM_ADDR"] = "user@mydomain.test" os.environ["CANAILLE_SQL__DATABASE_URI"] = "sqlite:///anything.db" conf = settings_factory({"TIMEZONE": "UTC"}) assert conf.SECRET_KEY == "very-very-secret" - assert conf.CANAILLE.SMTP.FROM_ADDR == "user@mydomain.tld" + assert conf.CANAILLE.SMTP.FROM_ADDR == "user@mydomain.test" assert conf.CANAILLE_SQL.DATABASE_URI == "sqlite:///anything.db" app = create_app({"TIMEZONE": "UTC"}) assert app.config["SECRET_KEY"] == "very-very-secret" - assert app.config["CANAILLE"]["SMTP"]["FROM_ADDR"] == "user@mydomain.tld" + assert app.config["CANAILLE"]["SMTP"]["FROM_ADDR"] == "user@mydomain.test" assert app.config["CANAILLE_SQL"]["DATABASE_URI"] == "sqlite:///anything.db" del os.environ["SECRET_KEY"] @@ -65,14 +65,14 @@ def test_disable_env_var_loading(tmp_path, configuration): """Canaille should not read configuration from environment vars when env_prefix is False.""" del configuration["SERVER_NAME"] - os.environ["SERVER_NAME"] = "example.com" - os.environ["FOOBAR_SERVER_NAME"] = "foobar.example.com" + os.environ["SERVER_NAME"] = "example.test" + os.environ["FOOBAR_SERVER_NAME"] = "foobar.example.test" app = create_app(configuration, env_prefix="") - assert app.config["SERVER_NAME"] == "example.com" + assert app.config["SERVER_NAME"] == "example.test" app = create_app(configuration, env_prefix="FOOBAR_") - assert app.config["SERVER_NAME"] == "foobar.example.com" + assert app.config["SERVER_NAME"] == "foobar.example.test" del os.environ["SERVER_NAME"] @@ -215,7 +215,7 @@ def test_enable_password_compromission_check_with_and_without_admin_email( validate(config_dict, validate_remote=False) configuration["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True - configuration["CANAILLE"]["ADMIN_EMAIL"] = "admin_default_mail@mymail.com" + configuration["CANAILLE"]["ADMIN_EMAIL"] = "admin_default_mail@mydomain.test" config_obj = settings_factory(configuration) config_dict = config_obj.model_dump() validate(config_dict, validate_remote=False) diff --git a/tests/app/test_flaskutils.py b/tests/app/test_flaskutils.py index 6eae3f60..bb70ce19 100644 --- a/tests/app/test_flaskutils.py +++ b/tests/app/test_flaskutils.py @@ -8,18 +8,18 @@ def test_set_parameter_in_url_query(): assert ( - set_parameter_in_url_query("https://auth.mydomain.tld", foo="bar") - == "https://auth.mydomain.tld?foo=bar" + set_parameter_in_url_query("https://auth.mydomain.test", foo="bar") + == "https://auth.mydomain.test?foo=bar" ) assert ( - set_parameter_in_url_query("https://auth.mydomain.tld?foo=baz", foo="bar") - == "https://auth.mydomain.tld?foo=bar" + set_parameter_in_url_query("https://auth.mydomain.test?foo=baz", foo="bar") + == "https://auth.mydomain.test?foo=bar" ) assert ( - set_parameter_in_url_query("https://auth.mydomain.tld?foo=baz", hello="world") - == "https://auth.mydomain.tld?foo=baz&hello=world" + set_parameter_in_url_query("https://auth.mydomain.test?foo=baz", hello="world") + == "https://auth.mydomain.test?foo=baz&hello=world" ) @@ -30,7 +30,7 @@ def test_environment_configuration(configuration, tmp_path): os.environ["CONFIG"] = config_path app = create_app() - assert app.config["CANAILLE"]["SMTP"]["FROM_ADDR"] == "admin@mydomain.tld" + assert app.config["CANAILLE"]["SMTP"]["FROM_ADDR"] == "admin@mydomain.test" del os.environ["CONFIG"] os.remove(config_path) diff --git a/tests/app/test_forms.py b/tests/app/test_forms.py index 45bcd92a..3784536f 100644 --- a/tests/app/test_forms.py +++ b/tests/app/test_forms.py @@ -239,7 +239,7 @@ def test_inline_validation_invalid_field(testclient, logged_admin, user): "/profile", { "csrf_token": res.form["csrf_token"].value, - "email": "john@doe.com", + "email": "john@doe.test", }, headers={ "HX-Request": "true", diff --git a/tests/app/test_logging.py b/tests/app/test_logging.py index 90d9a78c..3d670f4f 100644 --- a/tests/app/test_logging.py +++ b/tests/app/test_logging.py @@ -31,6 +31,7 @@ def test_file_log_config(configuration, backend, tmp_path, smtpd, admin): + configuration["TESTING"] = True assert len(smtpd.messages) == 0 log_path = os.path.join(tmp_path, "canaille-by-file.log") @@ -49,7 +50,7 @@ def test_file_log_config(configuration, backend, tmp_path, smtpd, admin): sess["user_id"] = [admin.id] res = testclient.get("/admin/mail") - res.form["email"] = "test@test.com" + res.form["email"] = "test@test.test" res = res.form.submit() assert len(smtpd.messages) == 1 @@ -58,10 +59,11 @@ def test_file_log_config(configuration, backend, tmp_path, smtpd, admin): with open(log_path) as fd: log_content = fd.read() - assert "Sending a mail to test@test.com: Test email from" in log_content + assert "Sending a mail to test@test.test: Test email from" in log_content def test_dict_log_config(configuration, backend, tmp_path, smtpd, admin): + configuration["TESTING"] = True assert len(smtpd.messages) == 0 log_path = os.path.join(tmp_path, "canaille-by-dict.log") configuration["CANAILLE"]["LOGGING"] = { @@ -91,7 +93,7 @@ def test_dict_log_config(configuration, backend, tmp_path, smtpd, admin): sess["user_id"] = [admin.id] res = testclient.get("/admin/mail") - res.form["email"] = "test@test.com" + res.form["email"] = "test@test.test" res = res.form.submit() assert len(smtpd.messages) == 1 @@ -100,7 +102,7 @@ def test_dict_log_config(configuration, backend, tmp_path, smtpd, admin): with open(log_path) as fd: log_content = fd.read() - assert "Sending a mail to test@test.com: Test email from" in log_content + assert "Sending a mail to test@test.test: Test email from" in log_content def test_custom_root_logger(caplog): diff --git a/tests/app/test_mails.py b/tests/app/test_mails.py index 15347f12..219d41f8 100644 --- a/tests/app/test_mails.py +++ b/tests/app/test_mails.py @@ -20,7 +20,7 @@ def test_send_test_email(testclient, logged_admin, smtpd): assert len(smtpd.messages) == 0 res = testclient.get("/admin/mail") - res.form["email"] = "test@test.com" + res.form["email"] = "test@test.test" res = res.form.submit() assert ( "success", @@ -42,7 +42,7 @@ def test_send_test_email_ssl(testclient, logged_admin, smtpd): assert len(smtpd.messages) == 0 res = testclient.get("/admin/mail") - res.form["email"] = "test@test.com" + res.form["email"] = "test@test.test" res = res.form.submit() assert ( "success", @@ -59,7 +59,7 @@ def test_send_test_email_without_credentials(testclient, logged_admin, smtpd): assert len(smtpd.messages) == 0 res = testclient.get("/admin/mail") - res.form["email"] = "test@test.com" + res.form["email"] = "test@test.test" res = res.form.submit() assert ( "success", @@ -72,12 +72,12 @@ def test_send_test_email_without_credentials(testclient, logged_admin, smtpd): @mock.patch("smtplib.SMTP") def test_send_test_email_recipient_refused(SMTP, testclient, logged_admin, smtpd): SMTP.side_effect = mock.Mock( - side_effect=smtplib.SMTPRecipientsRefused("test@test.com") + side_effect=smtplib.SMTPRecipientsRefused("test@test.test") ) assert len(smtpd.messages) == 0 res = testclient.get("/admin/mail") - res.form["email"] = "test@test.com" + res.form["email"] = "test@test.test" res = res.form.submit() assert ( "success", @@ -90,7 +90,7 @@ def test_send_test_email_recipient_refused(SMTP, testclient, logged_admin, smtpd def test_send_test_email_failed(testclient, logged_admin): testclient.app.config["CANAILLE"]["SMTP"]["TLS"] = False res = testclient.get("/admin/mail") - res.form["email"] = "test@test.com" + res.form["email"] = "test@test.test" with warnings.catch_warnings(record=True): res = res.form.submit(expect_errors=True) assert ( @@ -104,7 +104,7 @@ def test_mail_with_default_no_logo(testclient, logged_admin, smtpd): assert len(smtpd.messages) == 0 res = testclient.get("/admin/mail") - res.form["email"] = "test@test.com" + res.form["email"] = "test@test.test" res = res.form.submit() assert ( "success", @@ -126,7 +126,7 @@ def test_mail_with_default_logo(testclient, logged_admin, smtpd, httpserver): assert len(smtpd.messages) == 0 res = testclient.get(f"http://{httpserver.host}:{httpserver.port}/admin/mail") - res.form["email"] = "test@test.com" + res.form["email"] = "test@test.test" res = res.form.submit() assert ( "success", @@ -154,7 +154,7 @@ def test_mail_with_logo_in_http(testclient, logged_admin, smtpd, httpserver): assert len(smtpd.messages) == 0 res = testclient.get("/admin/mail") - res.form["email"] = "test@test.com" + res.form["email"] = "test@test.test" res = res.form.submit() assert ( "success", @@ -189,8 +189,8 @@ def test_custom_from_addr(testclient, user, smtpd): res = testclient.get("/reset", status=200) res.form["login"] = "user" res = res.form.submit(status=200) - assert smtpd.messages[0]["X-MailFrom"] == "admin@mydomain.tld" - assert smtpd.messages[0]["From"] == '"My Canaille" ' + assert smtpd.messages[0]["X-MailFrom"] == "admin@mydomain.test" + assert smtpd.messages[0]["From"] == '"My Canaille" ' def test_default_from_addr(testclient, user, smtpd): diff --git a/tests/backends/ldap/test_configuration.py b/tests/backends/ldap/test_configuration.py index 23d59e60..c8b63432 100644 --- a/tests/backends/ldap/test_configuration.py +++ b/tests/backends/ldap/test_configuration.py @@ -9,4 +9,4 @@ def configuration(ldap_configuration): def test_user_different_rdn(testclient, slapd_server, user): output = slapd_server.slapcat().stdout.decode() - assert "dn: mail=john@doe.com,ou=users,dc=mydomain,dc=tld" in output + assert "dn: mail=john@doe.test,ou=users,dc=mydomain,dc=tld" in output diff --git a/tests/backends/ldap/test_utils.py b/tests/backends/ldap/test_utils.py index 21a177ca..c2d15eb8 100644 --- a/tests/backends/ldap/test_utils.py +++ b/tests/backends/ldap/test_utils.py @@ -21,7 +21,7 @@ def test_object_creation(app, backend): formatted_name="Doe", # leading space family_name="Doe", user_name="user", - emails=["john@doe.com"], + emails=["john@doe.test"], ) assert not user.exists backend.save(user) @@ -43,7 +43,7 @@ def test_dn_when_leading_space_in_id_attribute(testclient, backend): formatted_name=" Doe", # leading space family_name=" Doe", user_name=" user", - emails=["john@doe.com"], + emails=["john@doe.test"], ) backend.save(user) @@ -64,7 +64,7 @@ def test_special_chars_in_rdn(testclient, backend): formatted_name="#Doe", family_name="#Doe", user_name="#user", # special char - emails=["john@doe.com"], + emails=["john@doe.test"], ) backend.save(user) @@ -261,10 +261,10 @@ def test_login_placeholder(testclient): testclient.app.config["CANAILLE_LDAP"]["USER_FILTER"] = "(mail={{ login }})" placeholder = testclient.get("/login").form["login"].attrs["placeholder"] - assert placeholder == "john@doe.com" + assert placeholder == "john@doe.test" testclient.app.config["CANAILLE_LDAP"]["USER_FILTER"] = ( "(|(uid={{ login }})(mail={{ login }}))" ) placeholder = testclient.get("/login").form["login"].attrs["placeholder"] - assert placeholder == "jdoe or john@doe.com" + assert placeholder == "jdoe or john@doe.test" diff --git a/tests/backends/test_models.py b/tests/backends/test_models.py index 14e83b27..6a1d99f3 100644 --- a/tests/backends/test_models.py +++ b/tests/backends/test_models.py @@ -70,29 +70,29 @@ def test_model_attribute_edition(testclient, backend): family_name="family_name", formatted_name="formatted_name", display_name="display_name", - emails=["email1@user.com", "email2@user.com"], + emails=["email1@user.test", "email2@user.test"], ) backend.save(user) assert user.user_name == "user_name" assert user.family_name == "family_name" - assert user.emails == ["email1@user.com", "email2@user.com"] + assert user.emails == ["email1@user.test", "email2@user.test"] user = backend.get(models.User, id=user.id) assert user.user_name == "user_name" assert user.family_name == "family_name" - assert user.emails == ["email1@user.com", "email2@user.com"] + assert user.emails == ["email1@user.test", "email2@user.test"] user.family_name = "new_family_name" - user.emails = ["email1@user.com"] + user.emails = ["email1@user.test"] backend.save(user) assert user.family_name == "new_family_name" - assert user.emails == ["email1@user.com"] + assert user.emails == ["email1@user.test"] user = backend.get(models.User, id=user.id) assert user.family_name == "new_family_name" - assert user.emails == ["email1@user.com"] + assert user.emails == ["email1@user.test"] user.display_name = "" assert not user.display_name @@ -108,38 +108,38 @@ def test_model_indexation(testclient, backend): user_name="user_name", family_name="family_name", formatted_name="formatted_name", - emails=["email1@user.com", "email2@user.com"], + emails=["email1@user.test", "email2@user.test"], ) backend.save(user) assert backend.get(models.User, family_name="family_name") == user assert not backend.get(models.User, family_name="new_family_name") - assert backend.get(models.User, emails=["email1@user.com"]) == user - assert backend.get(models.User, emails=["email2@user.com"]) == user - assert not backend.get(models.User, emails=["email3@user.com"]) + assert backend.get(models.User, emails=["email1@user.test"]) == user + assert backend.get(models.User, emails=["email2@user.test"]) == user + assert not backend.get(models.User, emails=["email3@user.test"]) user.family_name = "new_family_name" - user.emails = ["email2@user.com"] + user.emails = ["email2@user.test"] assert backend.get(models.User, family_name="family_name") != user - assert backend.get(models.User, emails=["email1@user.com"]) != user - assert not backend.get(models.User, emails=["email3@user.com"]) + assert backend.get(models.User, emails=["email1@user.test"]) != user + assert not backend.get(models.User, emails=["email3@user.test"]) backend.save(user) assert not backend.get(models.User, family_name="family_name") assert backend.get(models.User, family_name="new_family_name") == user - assert not backend.get(models.User, emails=["email1@user.com"]) - assert backend.get(models.User, emails=["email2@user.com"]) == user - assert not backend.get(models.User, emails=["email3@user.com"]) + assert not backend.get(models.User, emails=["email1@user.test"]) + assert backend.get(models.User, emails=["email2@user.test"]) == user + assert not backend.get(models.User, emails=["email3@user.test"]) backend.delete(user) assert not backend.get(models.User, family_name="family_name") assert not backend.get(models.User, family_name="new_family_name") - assert not backend.get(models.User, emails=["email1@user.com"]) - assert not backend.get(models.User, emails=["email2@user.com"]) - assert not backend.get(models.User, emails=["email3@user.com"]) + assert not backend.get(models.User, emails=["email1@user.test"]) + assert not backend.get(models.User, emails=["email2@user.test"]) + assert not backend.get(models.User, emails=["email3@user.test"]) def test_fuzzy_unique_attribute(user, moderator, admin, backend): @@ -158,14 +158,14 @@ def test_fuzzy_unique_attribute(user, moderator, admin, backend): def test_fuzzy_multiple_attribute(user, moderator, admin, backend): assert set(backend.query(models.User)) == {user, moderator, admin} - assert set(backend.fuzzy(models.User, "jack@doe.com")) == {moderator} - assert set(backend.fuzzy(models.User, "jack@doe.com", ["emails"])) == {moderator} - assert set(backend.fuzzy(models.User, "jack@doe.com", ["formatted_name"])) == set() + assert set(backend.fuzzy(models.User, "jack@doe.test")) == {moderator} + assert set(backend.fuzzy(models.User, "jack@doe.test", ["emails"])) == {moderator} + assert set(backend.fuzzy(models.User, "jack@doe.test", ["formatted_name"])) == set() assert set( - backend.fuzzy(models.User, "jack@doe.com", ["emails", "formatted_name"]) + backend.fuzzy(models.User, "jack@doe.test", ["emails", "formatted_name"]) ) == {moderator} - assert set(backend.fuzzy(models.User, "ack@doe.co")) == {moderator} - assert set(backend.fuzzy(models.User, "doe.com")) == {user, moderator, admin} + assert set(backend.fuzzy(models.User, "ack@doe.te")) == {moderator} + assert set(backend.fuzzy(models.User, "doe.test")) == {user, moderator, admin} def test_model_references(testclient, user, foo_group, admin, bar_group, backend): diff --git a/tests/conftest.py b/tests/conftest.py index d517ce25..0a989b96 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -129,7 +129,7 @@ def configuration(smtpd): "SSL": smtpd.config.use_ssl, "LOGIN": smtpd.config.login_username, "PASSWORD": smtpd.config.login_password, - "FROM_ADDR": "admin@mydomain.tld", + "FROM_ADDR": "admin@mydomain.test", }, "LOGGING": { "version": 1, @@ -151,7 +151,7 @@ def configuration(smtpd): }, "disable_existing_loggers": False, }, - "ADMIN_EMAIL": "admin_default_mail@mymail.com", + "ADMIN_EMAIL": "admin_default_mail@mydomain.test", "API_URL_HIBP": "https://api.pwnedpasswords.test/range/", }, } @@ -186,12 +186,12 @@ def user(app, backend): given_name="John", family_name="Doe", user_name="user", - emails=["john@doe.com"], + emails=["john@doe.test"], password="correct horse battery staple", display_name="Johnny", preferred_language="en", phone_numbers=["555-000-000"], - profile_url="https://john.example", + profile_url="https://john.test", formatted_address="1235, somewhere", ) backend.save(u) @@ -205,7 +205,7 @@ def admin(app, backend): formatted_name="Jane Doe", family_name="Doe", user_name="admin", - emails=["jane@doe.com"], + emails=["jane@doe.test"], password="admin", ) backend.save(u) @@ -219,7 +219,7 @@ def moderator(app, backend): formatted_name="Jack Doe", family_name="Doe", user_name="moderator", - emails=["jack@doe.com"], + emails=["jack@doe.test"], password="moderator", ) backend.save(u) diff --git a/tests/core/test_account.py b/tests/core/test_account.py index c54a1a76..61d57cd4 100644 --- a/tests/core/test_account.py +++ b/tests/core/test_account.py @@ -24,7 +24,7 @@ def test_user_deleted_in_session(testclient, backend): formatted_name="Jake Doe", family_name="Jake", user_name="jake", - emails=["jake@doe.com"], + emails=["jake@doe.test"], password="correct horse battery staple", ) backend.save(u) @@ -63,7 +63,7 @@ def test_admin_self_deletion(testclient, backend): formatted_name="Temp admin", family_name="admin", user_name="temp", - emails=["temp@temp.com"], + emails=["temp@temp.test"], password="admin", ) backend.save(admin) @@ -89,7 +89,7 @@ def test_user_self_deletion(testclient, backend): formatted_name="Temp user", family_name="user", user_name="temp", - emails=["temp@temp.com"], + emails=["temp@temp.test"], password="correct horse battery staple", ) backend.save(user) diff --git a/tests/core/test_email_confirmation.py b/tests/core/test_email_confirmation.py index e8c49724..73ead938 100644 --- a/tests/core/test_email_confirmation.py +++ b/tests/core/test_email_confirmation.py @@ -18,8 +18,8 @@ def test_confirmation_disabled_email_editable(testclient, backend, logged_user): assert not any(field.id == "add_email" for field in res.form.fields["action"]) res = res.form.submit(name="fieldlist_add", value="emails-0") - res.form["emails-0"] = "email1@mydomain.tld" - res.form["emails-1"] = "email2@mydomain.tld" + res.form["emails-0"] = "email1@mydomain.test" + res.form["emails-1"] = "email2@mydomain.test" res = res.form.submit(name="action", value="edit-profile") assert res.flashes == [("success", "Profile updated successfully.")] @@ -27,7 +27,7 @@ def test_confirmation_disabled_email_editable(testclient, backend, logged_user): backend.reload(logged_user) - assert logged_user.emails == ["email1@mydomain.tld", "email2@mydomain.tld"] + assert logged_user.emails == ["email1@mydomain.test", "email2@mydomain.test"] def test_confirmation_unset_smtp_disabled_email_editable( @@ -44,15 +44,15 @@ def test_confirmation_unset_smtp_disabled_email_editable( assert not any(field.id == "add_email" for field in res.form.fields["action"]) res = res.form.submit(name="fieldlist_add", value="emails-0") - res.form["emails-0"] = "email1@mydomain.tld" - res.form["emails-1"] = "email2@mydomain.tld" + res.form["emails-0"] = "email1@mydomain.test" + res.form["emails-1"] = "email2@mydomain.test" res = res.form.submit(name="action", value="edit-profile") assert res.flashes == [("success", "Profile updated successfully.")] res = res.follow() backend.reload(user) - assert user.emails == ["email1@mydomain.tld", "email2@mydomain.tld"] + assert user.emails == ["email1@mydomain.test", "email2@mydomain.test"] def test_confirmation_enabled_smtp_disabled_readonly(testclient, backend, logged_user): @@ -68,7 +68,7 @@ def test_confirmation_enabled_smtp_disabled_readonly(testclient, backend, logged assert "readonly" in res.forms["emailconfirmationform"]["old_emails-0"].attrs assert "emails-0" not in res.forms["baseform"].fields - res.forms["emailconfirmationform"]["old_emails-0"] = "email1@mydomain.tld" + res.forms["emailconfirmationform"]["old_emails-0"] = "email1@mydomain.test" assert "action" not in res.forms["emailconfirmationform"].fields @@ -84,15 +84,15 @@ def test_confirmation_unset_smtp_enabled_email_admin_editable( assert not any(field.id == "add_email" for field in res.form.fields["action"]) res = res.form.submit(name="fieldlist_add", value="emails-0") - res.form["emails-0"] = "email1@mydomain.tld" - res.form["emails-1"] = "email2@mydomain.tld" + res.form["emails-0"] = "email1@mydomain.test" + res.form["emails-1"] = "email2@mydomain.test" res = res.form.submit(name="action", value="edit-profile") assert res.flashes == [("success", "Profile updated successfully.")] res = res.follow() backend.reload(user) - assert user.emails == ["email1@mydomain.tld", "email2@mydomain.tld"] + assert user.emails == ["email1@mydomain.test", "email2@mydomain.test"] def test_confirmation_enabled_smtp_disabled_admin_editable( @@ -108,15 +108,15 @@ def test_confirmation_enabled_smtp_disabled_admin_editable( assert not any(field.id == "add_email" for field in res.form.fields["action"]) res = res.form.submit(name="fieldlist_add", value="emails-0") - res.form["emails-0"] = "email1@mydomain.tld" - res.form["emails-1"] = "email2@mydomain.tld" + res.form["emails-0"] = "email1@mydomain.test" + res.form["emails-1"] = "email2@mydomain.test" res = res.form.submit(name="action", value="edit-profile") assert res.flashes == [("success", "Profile updated successfully.")] res = res.follow() backend.reload(user) - assert user.emails == ["email1@mydomain.tld", "email2@mydomain.tld"] + assert user.emails == ["email1@mydomain.test", "email2@mydomain.test"] def test_confirmation_unset_smtp_enabled_email_user_validation( @@ -139,7 +139,7 @@ def test_confirmation_unset_smtp_enabled_email_user_validation( assert "readonly" in res.forms["emailconfirmationform"]["old_emails-0"].attrs with time_machine.travel("2020-01-01 02:00:00+00:00", tick=False): - res.forms["emailconfirmationform"]["new_email"] = "new_email@mydomain.tld" + res.forms["emailconfirmationform"]["new_email"] = "new_email@mydomain.test" res = res.forms["emailconfirmationform"].submit( name="action", value="add_email" ) @@ -155,7 +155,7 @@ def test_confirmation_unset_smtp_enabled_email_user_validation( email_confirmation = EmailConfirmationPayload( "2020-01-01T02:00:00+00:00", "user", - "new_email@mydomain.tld", + "new_email@mydomain.test", ) email_confirmation_url = url_for( "core.account.email_confirmation", @@ -165,7 +165,9 @@ def test_confirmation_unset_smtp_enabled_email_user_validation( ) assert len(smtpd.messages) == 1 - email_content = str(smtpd.messages[0].get_payload()[0]).replace("=\n", "") + email_content = ( + str(smtpd.messages[0].get_payload()[0]).replace("=\n", "").replace("=3D", "=") + ) assert email_confirmation_url in email_content with time_machine.travel("2020-01-01 03:00:00+00:00", tick=False): @@ -173,7 +175,7 @@ def test_confirmation_unset_smtp_enabled_email_user_validation( assert ("success", "Your email address have been confirmed.") in res.flashes backend.reload(user) - assert "new_email@mydomain.tld" in user.emails + assert "new_email@mydomain.test" in user.emails def test_confirmation_invalid_link(testclient, backend, user): @@ -207,7 +209,7 @@ def test_confirmation_mail_form_failed(testclient, backend, user): assert res.flashes == [("error", "Email addition failed.")] backend.reload(user) - assert user.emails == ["john@doe.com"] + assert user.emails == ["john@doe.test"] @mock.patch("smtplib.SMTP") @@ -227,14 +229,14 @@ def test_confirmation_mail_send_failed(SMTP, smtpd, testclient, backend, user): assert "readonly" in res.forms["emailconfirmationform"]["old_emails-0"].attrs with time_machine.travel("2020-01-01 02:00:00+00:00", tick=False): - res.forms["emailconfirmationform"]["new_email"] = "new_email@mydomain.tld" + res.forms["emailconfirmationform"]["new_email"] = "new_email@mydomain.test" res = res.forms["emailconfirmationform"].submit( name="action", value="add_email", expect_errors=True ) assert res.flashes == [("error", "Could not send the verification email")] backend.reload(user) - assert user.emails == ["john@doe.com"] + assert user.emails == ["john@doe.test"] def test_confirmation_expired_link(testclient, backend, user): @@ -242,7 +244,7 @@ def test_confirmation_expired_link(testclient, backend, user): email_confirmation = EmailConfirmationPayload( "2020-01-01T01:00:00+00:00", "user", - "new_email@mydomain.tld", + "new_email@mydomain.test", ) email_confirmation_url = url_for( "core.account.email_confirmation", @@ -259,7 +261,7 @@ def test_confirmation_expired_link(testclient, backend, user): "The email confirmation link that brought you here has expired.", ) in res.flashes backend.reload(user) - assert "new_email@mydomain.tld" not in user.emails + assert "new_email@mydomain.test" not in user.emails def test_confirmation_invalid_hash_link(testclient, backend, user): @@ -267,7 +269,7 @@ def test_confirmation_invalid_hash_link(testclient, backend, user): email_confirmation = EmailConfirmationPayload( "2020-01-01T01:00:00+00:00", "user", - "new_email@mydomain.tld", + "new_email@mydomain.test", ) email_confirmation_url = url_for( "core.account.email_confirmation", @@ -284,7 +286,7 @@ def test_confirmation_invalid_hash_link(testclient, backend, user): "The invitation link that brought you here was invalid.", ) in res.flashes backend.reload(user) - assert "new_email@mydomain.tld" not in user.emails + assert "new_email@mydomain.test" not in user.emails def test_confirmation_invalid_user_link(testclient, backend, user): @@ -296,7 +298,7 @@ def test_confirmation_invalid_user_link(testclient, backend, user): email_confirmation = EmailConfirmationPayload( "2020-01-01T01:00:00+00:00", "invalid-user", - "new_email@mydomain.tld", + "new_email@mydomain.test", ) email_confirmation_url = url_for( "core.account.email_confirmation", @@ -313,7 +315,7 @@ def test_confirmation_invalid_user_link(testclient, backend, user): "The email confirmation link that brought you here is invalid.", ) in res.flashes backend.reload(user) - assert "new_email@mydomain.tld" not in user.emails + assert "new_email@mydomain.test" not in user.emails def test_confirmation_email_already_confirmed_link(testclient, backend, user, admin): @@ -321,7 +323,7 @@ def test_confirmation_email_already_confirmed_link(testclient, backend, user, ad email_confirmation = EmailConfirmationPayload( "2020-01-01T01:00:00+00:00", "user", - "john@doe.com", + "john@doe.test", ) email_confirmation_url = url_for( "core.account.email_confirmation", @@ -338,7 +340,7 @@ def test_confirmation_email_already_confirmed_link(testclient, backend, user, ad "This address email have already been confirmed.", ) in res.flashes backend.reload(user) - assert "new_email@mydomain.tld" not in user.emails + assert "new_email@mydomain.test" not in user.emails def test_confirmation_email_already_used_link(testclient, backend, user, admin): @@ -351,7 +353,7 @@ def test_confirmation_email_already_used_link(testclient, backend, user, admin): email_confirmation = EmailConfirmationPayload( "2020-01-01T01:00:00+00:00", "user", - "jane@doe.com", + "jane@doe.test", ) email_confirmation_url = url_for( "core.account.email_confirmation", @@ -368,7 +370,7 @@ def test_confirmation_email_already_used_link(testclient, backend, user, admin): "This address email is already associated with another account.", ) in res.flashes backend.reload(user) - assert "new_email@mydomain.tld" not in user.emails + assert "new_email@mydomain.test" not in user.emails def test_delete_email(testclient, logged_user, backend): @@ -377,60 +379,60 @@ def test_delete_email(testclient, logged_user, backend): res = testclient.get("/profile/user") assert "email_remove" not in res.forms["emailconfirmationform"].fields - logged_user.emails = logged_user.emails + ["new@email.com"] + logged_user.emails = logged_user.emails + ["new@email.test"] backend.save(logged_user) res = testclient.get("/profile/user") assert "email_remove" in res.forms["emailconfirmationform"].fields res = res.forms["emailconfirmationform"].submit( - name="email_remove", value="new@email.com" + name="email_remove", value="new@email.test" ) assert res.flashes == [("success", "The email have been successfully deleted.")] backend.reload(logged_user) - assert logged_user.emails == ["john@doe.com"] + assert logged_user.emails == ["john@doe.test"] def test_delete_wrong_email(testclient, logged_user, backend): """Tests that removing an already removed email do not produce anything.""" - logged_user.emails = logged_user.emails + ["new@email.com"] + logged_user.emails = logged_user.emails + ["new@email.test"] backend.save(logged_user) res = testclient.get("/profile/user") res1 = res.forms["emailconfirmationform"].submit( - name="email_remove", value="new@email.com" + name="email_remove", value="new@email.test" ) assert res1.flashes == [("success", "The email have been successfully deleted.")] res2 = res.forms["emailconfirmationform"].submit( - name="email_remove", value="new@email.com" + name="email_remove", value="new@email.test" ) assert res2.flashes == [("error", "Email deletion failed.")] backend.reload(logged_user) - assert logged_user.emails == ["john@doe.com"] + assert logged_user.emails == ["john@doe.test"] def test_delete_last_email(testclient, logged_user, backend): """Tests that users cannot remove their last email address.""" - logged_user.emails = logged_user.emails + ["new@email.com"] + logged_user.emails = logged_user.emails + ["new@email.test"] backend.save(logged_user) res = testclient.get("/profile/user") res1 = res.forms["emailconfirmationform"].submit( - name="email_remove", value="new@email.com" + name="email_remove", value="new@email.test" ) assert res1.flashes == [("success", "The email have been successfully deleted.")] res2 = res.forms["emailconfirmationform"].submit( - name="email_remove", value="john@doe.com" + name="email_remove", value="john@doe.test" ) assert res2.flashes == [("error", "Email deletion failed.")] backend.reload(logged_user) - assert logged_user.emails == ["john@doe.com"] + assert logged_user.emails == ["john@doe.test"] def test_edition_forced_mail(testclient, logged_user, backend): @@ -442,13 +444,13 @@ def test_edition_forced_mail(testclient, logged_user, backend): "/profile/user", { "csrf_token": form["csrf_token"].value, - "emails-0": "new@email.com", + "emails-0": "new@email.test", "action": "edit-profile", }, ) backend.reload(logged_user) - assert logged_user.emails == ["john@doe.com"] + assert logged_user.emails == ["john@doe.test"] def test_invitation_form_mail_field_readonly(testclient): @@ -460,7 +462,7 @@ def test_invitation_form_mail_field_readonly(testclient): datetime.datetime.now(datetime.timezone.utc).isoformat(), "someoneelse", False, - "someone@mydomain.tld", + "someone@mydomain.test", [], ) hash = payload.build_hash() @@ -479,7 +481,7 @@ def test_invitation_form_mail_field_writable(testclient): datetime.datetime.now(datetime.timezone.utc).isoformat(), "someoneelse", False, - "someone@mydomain.tld", + "someone@mydomain.test", [], ) hash = payload.build_hash() diff --git a/tests/core/test_firstlogin.py b/tests/core/test_firstlogin.py index 074f1431..1622af2c 100644 --- a/tests/core/test_firstlogin.py +++ b/tests/core/test_firstlogin.py @@ -9,7 +9,7 @@ def test_user_without_password_first_login(testclient, backend, smtpd): formatted_name="Temp User", family_name="Temp", user_name="temp", - emails=["john@doe.com", "johhny@doe.com"], + emails=["john@doe.test", "johhny@doe.test"], ) backend.save(u) @@ -44,7 +44,7 @@ def test_first_login_account_initialization_mail_sending_failed( formatted_name="Temp User", family_name="Temp", user_name="temp", - emails=["john@doe.com"], + emails=["john@doe.test"], ) backend.save(u) @@ -66,7 +66,7 @@ def test_first_login_form_error(testclient, backend, smtpd): formatted_name="Temp User", family_name="Temp", user_name="temp", - emails=["john@doe.com"], + emails=["john@doe.test"], ) backend.save(u) @@ -90,7 +90,7 @@ def test_user_password_deleted_during_login(testclient, backend): formatted_name="Temp User", family_name="Temp", user_name="temp", - emails=["john@doe.com"], + emails=["john@doe.test"], password="correct horse battery staple", ) backend.save(u) @@ -117,7 +117,7 @@ def test_smtp_disabled(testclient, backend, smtpd): formatted_name="Temp User", family_name="Temp", user_name="temp", - emails=["john@doe.com", "johhny@doe.com"], + emails=["john@doe.test", "johhny@doe.test"], ) backend.save(u) diff --git a/tests/core/test_forgotten_password.py b/tests/core/test_forgotten_password.py index fdb189ec..26f6b45c 100644 --- a/tests/core/test_forgotten_password.py +++ b/tests/core/test_forgotten_password.py @@ -25,7 +25,7 @@ def test_password_forgotten(smtpd, testclient, user, caplog): assert ( "canaille", logging.SECURITY, - "Sending a reset password mail to john@doe.com for user from unknown IP", + "Sending a reset password mail to john@doe.test for user from unknown IP", ) in caplog.record_tuples res.mustcontain("Send again") @@ -33,7 +33,7 @@ def test_password_forgotten(smtpd, testclient, user, caplog): def test_password_forgotten_multiple_mails(smtpd, testclient, user, backend, caplog): - user.emails = ["foo@bar.com", "foo@baz.com", "foo@foo.com"] + user.emails = ["foo@bar.test", "foo@baz.test", "foo@foo.com"] backend.save(user) res = testclient.get("/reset", status=200) diff --git a/tests/core/test_groups.py b/tests/core/test_groups.py index 3178d7a9..8625d2b5 100644 --- a/tests/core/test_groups.py +++ b/tests/core/test_groups.py @@ -60,7 +60,7 @@ def test_group_deletion(testclient, backend): formatted_name="foobar", family_name="foobar", user_name="foobar", - emails=["foo@bar.com"], + emails=["foo@bar.test"], ) backend.save(user) @@ -120,7 +120,7 @@ def test_set_groups_with_leading_space_in_user_id_attribute(app, foo_group, back formatted_name=" Doe", # leading space in id attribute family_name="Doe", user_name="user2", - emails=["john@doe.com"], + emails=["john@doe.test"], ) backend.save(user) @@ -368,7 +368,7 @@ def test_remove_member_already_deleted( formatted_name="Foo bar", family_name="Bar", user_name="foobar", - emails=["foobar@example.org"], + emails=["foobar@example.test"], ) backend.save(user) foo_group.members = [user, moderator] @@ -391,7 +391,7 @@ def test_confirm_remove_member_already_deleted( user = models.User( formatted_name="Foo bar", family_name="Bar", - emails=["foobar@example.org"], + emails=["foobar@example.test"], user_name="foobar", ) backend.save(user) diff --git a/tests/core/test_invitation.py b/tests/core/test_invitation.py index 8d8d8e74..5968f82e 100644 --- a/tests/core/test_invitation.py +++ b/tests/core/test_invitation.py @@ -13,7 +13,7 @@ def test_invitation(testclient, logged_admin, foo_group, smtpd, backend): res.form["user_name"] = "someone" res.form["user_name_editable"] = False - res.form["email"] = "someone@domain.tld" + res.form["email"] = "someone@domain.test" res.form["groups"] = [foo_group.id] res = res.form.submit(name="action", value="send", status=200) assert len(smtpd.messages) == 1 @@ -33,7 +33,7 @@ def test_invitation(testclient, logged_admin, foo_group, smtpd, backend): assert "readonly" in res.form["groups"].attrs assert res.form["user_name"].value == "someone" - assert res.form["emails-0"].value == "someone@domain.tld" + assert res.form["emails-0"].value == "someone@domain.test" assert res.form["groups"].value == [foo_group.id] res.form["password1"] = "i'm a little pea" @@ -69,7 +69,7 @@ def test_invitation_editable_user_name( res.form["user_name"] = "jackyjack" res.form["user_name_editable"] = True - res.form["email"] = "jackyjack@domain.tld" + res.form["email"] = "jackyjack@domain.test" res.form["groups"] = [foo_group.id] res = res.form.submit(name="action", value="send", status=200) assert len(smtpd.messages) == 1 @@ -88,7 +88,7 @@ def test_invitation_editable_user_name( assert "readonly" in res.form["groups"].attrs assert res.form["user_name"].value == "jackyjack" - assert res.form["emails-0"].value == "jackyjack@domain.tld" + assert res.form["emails-0"].value == "jackyjack@domain.test" assert res.form["groups"].value == [foo_group.id] res.form["user_name"] = "djorje" @@ -119,7 +119,7 @@ def test_generate_link(testclient, logged_admin, foo_group, smtpd, backend): res = testclient.get("/invite", status=200) res.form["user_name"] = "sometwo" - res.form["email"] = "sometwo@domain.tld" + res.form["email"] = "sometwo@domain.test" res.form["groups"] = [foo_group.id] res = res.form.submit(name="action", value="generate", status=200) assert len(smtpd.messages) == 0 @@ -138,7 +138,7 @@ def test_generate_link(testclient, logged_admin, foo_group, smtpd, backend): assert "readonly" in res.form["groups"].attrs assert res.form["user_name"].value == "sometwo" - assert res.form["emails-0"].value == "sometwo@domain.tld" + assert res.form["emails-0"].value == "sometwo@domain.test" assert res.form["groups"].value == [foo_group.id] res.form["password1"] = "i'm a little pea" @@ -170,7 +170,7 @@ def test_invitation_login_already_taken(testclient, logged_admin): res = res.form.submit(name="action", value="send", status=200) res.mustcontain("The user name 'admin' already exists") - res.mustcontain("The email 'jane@doe.com' is already used") + res.mustcontain("The email 'jane@doe.test' is already used") def test_registration(testclient, foo_group): @@ -178,7 +178,7 @@ def test_registration(testclient, foo_group): datetime.datetime.now(datetime.timezone.utc).isoformat(), "someoneelse", False, - "someone@mydomain.tld", + "someone@mydomain.test", [foo_group.id], ) b64 = payload.b64() @@ -192,7 +192,7 @@ def test_registration_formcontrol(testclient): datetime.datetime.now(datetime.timezone.utc).isoformat(), "someoneelse", False, - "someone@mydomain.tld", + "someone@mydomain.test", [], ) b64 = payload.b64() @@ -208,7 +208,7 @@ def test_registration_formcontrol(testclient): def test_registration_invalid_hash(testclient, foo_group): now = datetime.datetime.now(datetime.timezone.utc).isoformat() payload = RegistrationPayload( - now, "anything", False, "someone@mydomain.tld", [foo_group.id] + now, "anything", False, "someone@mydomain.test", [foo_group.id] ) b64 = payload.b64() @@ -220,7 +220,7 @@ def test_registration_invalid_data(testclient, foo_group): datetime.datetime.now(datetime.timezone.utc).isoformat(), "someoneelse", False, - "someone@mydomain.tld", + "someone@mydomain.test", [foo_group.id], ) hash = payload.build_hash() @@ -236,7 +236,7 @@ def test_registration_more_than_48_hours_after_invitation(testclient, foo_group) two_days_ago.isoformat(), "someoneelse", False, - "someone@mydomain.tld", + "someone@mydomain.test", [foo_group.id], ) hash = payload.build_hash() @@ -250,7 +250,7 @@ def test_registration_no_password(testclient, foo_group, backend): datetime.datetime.now(datetime.timezone.utc).isoformat(), "someoneelse", False, - "someone@mydomain.tld", + "someone@mydomain.test", [foo_group.id], ) hash = payload.build_hash() @@ -275,7 +275,7 @@ def test_no_registration_if_logged_in(testclient, logged_user, foo_group): datetime.datetime.now(datetime.timezone.utc).isoformat(), "someoneelse", False, - "someone@mydomain.tld", + "someone@mydomain.test", [foo_group.id], ) hash = payload.build_hash() @@ -312,7 +312,7 @@ def test_groups_are_saved_even_when_user_does_not_have_read_permission( datetime.datetime.now(datetime.timezone.utc).isoformat(), "someoneelse", False, - "someone@mydomain.tld", + "someone@mydomain.test", [foo_group.id], ) b64 = payload.b64() diff --git a/tests/core/test_models.py b/tests/core/test_models.py index 7bbe1e5c..63fc5295 100644 --- a/tests/core/test_models.py +++ b/tests/core/test_models.py @@ -11,7 +11,7 @@ def test_user_has_password(testclient, backend): formatted_name="Temp User", family_name="Temp", user_name="temp", - emails=["john@doe.com"], + emails=["john@doe.test"], ) backend.save(user) diff --git a/tests/core/test_password_reset.py b/tests/core/test_password_reset.py index 163860bf..a624de06 100644 --- a/tests/core/test_password_reset.py +++ b/tests/core/test_password_reset.py @@ -24,11 +24,11 @@ def test_password_reset(testclient, user, backend): def test_password_reset_multiple_emails(testclient, user, backend): - user.emails = ["foo@bar.com", "foo@baz.com"] + user.emails = ["foo@bar.test", "foo@baz.test"] backend.save(user) assert not backend.check_user_password(user, "foobarbaz")[0] - hash = build_hash("user", "foo@baz.com", user.password) + hash = build_hash("user", "foo@baz.test", user.password) res = testclient.get("/reset/user/" + hash, status=200) diff --git a/tests/core/test_profile_creation.py b/tests/core/test_profile_creation.py index 6827df3c..b64e5631 100644 --- a/tests/core/test_profile_creation.py +++ b/tests/core/test_profile_creation.py @@ -14,7 +14,7 @@ def test_user_creation_edition_and_deletion( res.form["user_name"] = "george" res.form["given_name"] = "George" res.form["family_name"] = "Abitbol" - res.form["emails-0"] = "george@abitbol.com" + res.form["emails-0"] = "george@abitbol.test" res.form["phone_numbers-0"] = "555-666-888" res.form["groups"] = [foo_group.id] res.form["password1"] = "totoyolo" @@ -72,21 +72,21 @@ def test_profile_creation_dynamic_validation(testclient, logged_admin, user): "/profile", { "csrf_token": res.form["csrf_token"].value, - "emails-0": "john@doe.com", + "emails-0": "john@doe.test", }, headers={ "HX-Request": "true", "HX-Trigger-Name": "emails-0", }, ) - res.mustcontain("The email 'john@doe.com' is already used") + res.mustcontain("The email 'john@doe.test' is already used") def test_user_creation_without_password(testclient, logged_moderator, backend): res = testclient.get("/profile", status=200) res.form["user_name"] = "george" res.form["family_name"] = "Abitbol" - res.form["emails-0"] = "george@abitbol.com" + res.form["emails-0"] = "george@abitbol.test" res = res.form.submit(name="action", value="create-profile", status=302) assert ("success", "User account creation succeed.") in res.flashes @@ -117,7 +117,7 @@ def test_username_already_taken( res = testclient.get("/profile", status=200) res.form["user_name"] = "user" res.form["family_name"] = "foo" - res.form["emails-0"] = "any@thing.com" + res.form["emails-0"] = "any@thing.test" res = res.form.submit(name="action", value="create-profile") assert ("error", "User account creation failed.") in res.flashes res.mustcontain("The user name 'user' already exists") @@ -127,10 +127,10 @@ def test_email_already_taken(testclient, logged_moderator, user, foo_group, bar_ res = testclient.get("/profile", status=200) res.form["user_name"] = "user2" res.form["family_name"] = "foo" - res.form["emails-0"] = "john@doe.com" + res.form["emails-0"] = "john@doe.test" res = res.form.submit(name="action", value="create-profile") assert ("error", "User account creation failed.") in res.flashes - res.mustcontain("The email 'john@doe.com' is already used") + res.mustcontain("The email 'john@doe.test' is already used") def test_cn_setting_with_given_name_and_surname(testclient, logged_moderator, backend): @@ -138,7 +138,7 @@ def test_cn_setting_with_given_name_and_surname(testclient, logged_moderator, ba res.form["user_name"] = "george" res.form["given_name"] = "George" res.form["family_name"] = "Abitbol" - res.form["emails-0"] = "george@abitbol.com" + res.form["emails-0"] = "george@abitbol.test" res = res.form.submit(name="action", value="create-profile", status=302).follow( status=200 @@ -153,7 +153,7 @@ def test_cn_setting_with_surname_only(testclient, logged_moderator, backend): res = testclient.get("/profile", status=200) res.form["user_name"] = "george" res.form["family_name"] = "Abitbol" - res.form["emails-0"] = "george@abitbol.com" + res.form["emails-0"] = "george@abitbol.test" res = res.form.submit(name="action", value="create-profile", status=302).follow( status=200 diff --git a/tests/core/test_profile_edition.py b/tests/core/test_profile_edition.py index 5bc720ca..46832721 100644 --- a/tests/core/test_profile_edition.py +++ b/tests/core/test_profile_edition.py @@ -109,7 +109,7 @@ def test_edition(testclient, logged_user, admin, jpeg_photo, backend, caplog): form["given_name"] = "given_name" form["family_name"] = "family_name" form["display_name"] = "display_name" - form["emails-0"] = "email@mydomain.tld" + form["emails-0"] = "email@mydomain.test" form["phone_numbers-0"] = "555-666-777" form["formatted_address"] = "formatted_address" form["street"] = "street" @@ -139,7 +139,7 @@ def test_edition(testclient, logged_user, admin, jpeg_photo, backend, caplog): assert logged_user.given_name == "given_name" assert logged_user.family_name == "family_name" assert logged_user.display_name == "display_name" - assert logged_user.emails == ["email@mydomain.tld"] + assert logged_user.emails == ["email@mydomain.test"] assert logged_user.phone_numbers == ["555-666-777"] assert logged_user.formatted_address == "formatted_address" assert logged_user.street == "street" @@ -155,7 +155,7 @@ def test_edition(testclient, logged_user, admin, jpeg_photo, backend, caplog): logged_user.formatted_name = "John (johnny) Doe" logged_user.family_name = "Doe" - logged_user.emails = ["john@doe.com"] + logged_user.emails = ["john@doe.test"] logged_user.given_name = None logged_user.photo = None backend.save(logged_user) @@ -183,7 +183,7 @@ def test_edition_remove_fields( logged_user.formatted_name = "John (johnny) Doe" logged_user.family_name = "Doe" - logged_user.emails = ["john@doe.com"] + logged_user.emails = ["john@doe.test"] logged_user.given_name = None logged_user.photo = None backend.save(logged_user) @@ -301,11 +301,11 @@ def test_bad_email(testclient, logged_user, backend): res = testclient.get("/profile/user", status=200) form = res.forms["baseform"] - form["emails-0"] = "john@doe.com" + form["emails-0"] = "john@doe.test" res = form.submit(name="action", value="edit-profile").follow() - assert ["john@doe.com"] == logged_user.emails + assert ["john@doe.test"] == logged_user.emails res = testclient.get("/profile/user", status=200) form = res.forms["baseform"] @@ -316,7 +316,7 @@ def test_bad_email(testclient, logged_user, backend): backend.reload(logged_user) - assert ["john@doe.com"] == logged_user.emails + assert ["john@doe.test"] == logged_user.emails def test_surname_is_mandatory(testclient, logged_user, backend): @@ -371,7 +371,7 @@ def test_inline_validation(testclient, logged_admin, user): "/profile/admin", { "csrf_token": form["csrf_token"].value, - "emails-0": "john@doe.com", + "emails-0": "john@doe.test", "action": "edit-profile", }, headers={ @@ -379,7 +379,7 @@ def test_inline_validation(testclient, logged_admin, user): "HX-Trigger-Name": "emails-0", }, ) - res.mustcontain("The email 'john@doe.com' is already used") + res.mustcontain("The email 'john@doe.test' is already used") def test_inline_validation_keep_indicators(testclient, logged_admin, user, backend): diff --git a/tests/core/test_profile_photo.py b/tests/core/test_profile_photo.py index 0b7ccc5c..26e36fac 100644 --- a/tests/core/test_profile_photo.py +++ b/tests/core/test_profile_photo.py @@ -115,7 +115,7 @@ def test_photo_on_profile_creation(testclient, jpeg_photo, logged_admin, backend form["photo"] = Upload("logo.jpg", jpeg_photo) form["user_name"] = "foobar" form["family_name"] = "Abitbol" - form["emails-0"] = "george@abitbol.com" + form["emails-0"] = "george@abitbol.test" res = form.submit(name="action", value="edit-profile", status=302).follow( status=200 ) @@ -138,7 +138,7 @@ def test_photo_deleted_on_profile_creation( form["photo_delete"] = True form["user_name"] = "foobar" form["family_name"] = "Abitbol" - form["emails-0"] = "george@abitbol.com" + form["emails-0"] = "george@abitbol.test" res = form.submit(name="action", value="edit-profile", status=302).follow( status=200 ) diff --git a/tests/core/test_profile_settings.py b/tests/core/test_profile_settings.py index 4197851a..a90f3f7f 100644 --- a/tests/core/test_profile_settings.py +++ b/tests/core/test_profile_settings.py @@ -406,7 +406,7 @@ def test_password_initialization_mail(smtpd, testclient, backend, logged_admin): formatted_name="Temp User", family_name="Temp", user_name="temp", - emails=["john@doe.com"], + emails=["john@doe.test"], ) backend.save(u) @@ -421,7 +421,7 @@ def test_password_initialization_mail(smtpd, testclient, backend, logged_admin): "It should be received within a few minutes.", ) in res.flashes assert len(smtpd.messages) == 1 - assert smtpd.messages[0]["X-RcptTo"] == "john@doe.com" + assert smtpd.messages[0]["X-RcptTo"] == "john@doe.test" backend.reload(u) u.password = "correct horse battery staple" @@ -442,7 +442,7 @@ def test_password_initialization_mail_send_fail( formatted_name="Temp User", family_name="Temp", user_name="temp", - emails=["john@doe.com"], + emails=["john@doe.test"], ) backend.save(u) @@ -529,7 +529,7 @@ def test_password_reset_email(smtpd, testclient, backend, logged_admin): formatted_name="Temp User", family_name="Temp", user_name="temp", - emails=["john@doe.com"], + emails=["john@doe.test"], password="correct horse battery staple", ) backend.save(u) @@ -545,7 +545,7 @@ def test_password_reset_email(smtpd, testclient, backend, logged_admin): "It should be received within a few minutes.", ) in res.flashes assert len(smtpd.messages) == 1 - assert smtpd.messages[0]["X-RcptTo"] == "john@doe.com" + assert smtpd.messages[0]["X-RcptTo"] == "john@doe.test" backend.delete(u) @@ -557,7 +557,7 @@ def test_password_reset_email_failed(SMTP, smtpd, testclient, backend, logged_ad formatted_name="Temp User", family_name="Temp", user_name="temp", - emails=["john@doe.com"], + emails=["john@doe.test"], password="correct horse battery staple", ) backend.save(u) diff --git a/tests/core/test_registration.py b/tests/core/test_registration.py index 0f3fe71e..01df1377 100644 --- a/tests/core/test_registration.py +++ b/tests/core/test_registration.py @@ -20,7 +20,7 @@ def test_registration_without_email_validation(testclient, backend, foo_group): res.form["password1"] = "i'm a little pea" res.form["password2"] = "i'm a little pea" res.form["family_name"] = "newuser" - res.form["emails-0"] = "newuser@example.com" + res.form["emails-0"] = "newuser@example.test" res = res.form.submit() assert ("success", "Your account has been created successfully.") in res.flashes @@ -35,7 +35,7 @@ def test_registration_with_email_validation(testclient, backend, smtpd, foo_grou with time_machine.travel("2020-01-01 02:00:00+00:00", tick=False): res = testclient.get(url_for("core.account.join")) - res.form["email"] = "foo@bar.com" + res.form["email"] = "foo@bar.test" res = res.form.submit() assert res.flashes == [ @@ -50,7 +50,7 @@ def test_registration_with_email_validation(testclient, backend, smtpd, foo_grou creation_date_isoformat="2020-01-01T02:00:00+00:00", user_name="", user_name_editable=True, - email="foo@bar.com", + email="foo@bar.test", groups=[], ) registration_url = url_for( @@ -88,7 +88,7 @@ def test_registration_with_email_already_taken( testclient.app.config["CANAILLE"]["HIDE_INVALID_LOGINS"] = True res = testclient.get(url_for("core.account.join")) - res.form["email"] = "john@doe.com" + res.form["email"] = "john@doe.test" res = res.form.submit() assert res.flashes == [ ( @@ -99,10 +99,10 @@ def test_registration_with_email_already_taken( testclient.app.config["CANAILLE"]["HIDE_INVALID_LOGINS"] = False res = testclient.get(url_for("core.account.join")) - res.form["email"] = "john@doe.com" + res.form["email"] = "john@doe.test" res = res.form.submit() assert res.flashes == [] - res.mustcontain("The email 'john@doe.com' is already used") + res.mustcontain("The email 'john@doe.test' is already used") def test_registration_with_email_validation_needs_a_valid_link( @@ -140,7 +140,7 @@ def test_registration_mail_error(SMTP, testclient, backend, smtpd, foo_group): testclient.app.config["CANAILLE"]["ENABLE_REGISTRATION"] = True SMTP.side_effect = mock.Mock(side_effect=OSError("unit test mail error")) res = testclient.get(url_for("core.account.join")) - res.form["email"] = "foo@bar.com" + res.form["email"] = "foo@bar.test" res = res.form.submit(expect_errors=True) assert res.flashes == [ @@ -173,7 +173,7 @@ class Response: res.form["password1"] = "987654321" res.form["password2"] = "987654321" res.form["family_name"] = "newuser" - res.form["emails-0"] = "newuser@example.com" + res.form["emails-0"] = "newuser@example.test" res = res.form.submit() res.mustcontain( "This password appears on public compromission databases and is not secure." @@ -199,7 +199,7 @@ def test_registration_with_compromised_password_request_api_failed_but_account_c res.form["password1"] = "123456789" res.form["password2"] = "123456789" res.form["family_name"] = "newuser" - res.form["emails-0"] = "newuser@example.com" + res.form["emails-0"] = "newuser@example.test" res = res.form.submit() @@ -235,7 +235,7 @@ def test_compromised_password_validator_with_failure_of_api_request_and_success_ res.form["password1"] = "123456789" res.form["password2"] = "123456789" res.form["family_name"] = "newuser" - res.form["emails-0"] = "newuser@example.com" + res.form["emails-0"] = "newuser@example.test" res = res.form.submit() @@ -277,7 +277,7 @@ def test_compromised_password_validator_with_failure_of_api_request_and_fail_to_ res.form["password1"] = "123456789" res.form["password2"] = "123456789" res.form["family_name"] = "newuser" - res.form["emails-0"] = "newuser@example.com" + res.form["emails-0"] = "newuser@example.test" res = res.form.submit() @@ -321,7 +321,7 @@ def test_compromised_password_validator_with_failure_of_api_request_without_smtp res.form["password1"] = "123456789" res.form["password2"] = "123456789" res.form["family_name"] = "newuser" - res.form["emails-0"] = "newuser@example.com" + res.form["emails-0"] = "newuser@example.test" res = res.form.submit() @@ -358,7 +358,7 @@ def test_compromised_password_validator_with_failure_of_api_request_without_admi res.form["password1"] = "123456789" res.form["password2"] = "123456789" res.form["family_name"] = "newuser" - res.form["emails-0"] = "newuser@example.com" + res.form["emails-0"] = "newuser@example.test" res = res.form.submit() diff --git a/tests/oidc/commands/test_clean.py b/tests/oidc/commands/test_clean.py index dba69479..6ba98896 100644 --- a/tests/oidc/commands/test_clean.py +++ b/tests/oidc/commands/test_clean.py @@ -12,7 +12,7 @@ def test_clean_command(testclient, backend, client, user): code="my-valid-code", client=client, subject=user, - redirect_uri="https://foo.bar/callback", + redirect_uri="https://foobar.test/callback", response_type="code", scope=["openid", "profile"], nonce="nonce", @@ -27,7 +27,7 @@ def test_clean_command(testclient, backend, client, user): code="my-expired-code", client=client, subject=user, - redirect_uri="https://foo.bar/callback", + redirect_uri="https://foobar.test/callback", response_type="code", scope=["openid", "profile"], nonce="nonce", diff --git a/tests/oidc/conftest.py b/tests/oidc/conftest.py index 1028d075..37a292e8 100644 --- a/tests/oidc/conftest.py +++ b/tests/oidc/conftest.py @@ -32,7 +32,7 @@ def configuration(configuration, keypair): "JWT": { "PUBLIC_KEY": public_key, "PRIVATE_KEY": private_key, - "ISS": "https://auth.mydomain.tld", + "ISS": "https://auth.mydomain.test", } } return configuration @@ -43,13 +43,13 @@ def client(testclient, trusted_client, backend): c = models.Client( client_id=gen_salt(24), client_name="Some client", - contacts=["contact@mydomain.tld"], - client_uri="https://mydomain.tld", + contacts=["contact@mydomain.test"], + client_uri="https://mydomain.test", redirect_uris=[ - "https://mydomain.tld/redirect1", - "https://mydomain.tld/redirect2", + "https://mydomain.test/redirect1", + "https://mydomain.test/redirect2", ], - logo_uri="https://mydomain.tld/logo.webp", + logo_uri="https://mydomain.test/logo.webp", client_id_issued_at=datetime.datetime.now(datetime.timezone.utc), client_secret=gen_salt(48), grant_types=[ @@ -61,11 +61,11 @@ def client(testclient, trusted_client, backend): ], response_types=["code", "token", "id_token"], scope=["openid", "email", "profile", "groups", "address", "phone"], - tos_uri="https://mydomain.tld/tos", - policy_uri="https://mydomain.tld/policy", - jwks_uri="https://mydomain.tld/jwk", + tos_uri="https://mydomain.test/tos", + policy_uri="https://mydomain.test/policy", + jwks_uri="https://mydomain.test/jwk", token_endpoint_auth_method="client_secret_basic", - post_logout_redirect_uris=["https://mydomain.tld/disconnected"], + post_logout_redirect_uris=["https://mydomain.test/disconnected"], ) backend.save(c) c.audience = [c, trusted_client] @@ -80,13 +80,13 @@ def trusted_client(testclient, backend): c = models.Client( client_id=gen_salt(24), client_name="Some other client", - contacts=["contact@myotherdomain.tld"], - client_uri="https://myotherdomain.tld", + contacts=["contact@myotherdomain.test"], + client_uri="https://myotherdomain.test", redirect_uris=[ - "https://myotherdomain.tld/redirect1", - "https://myotherdomain.tld/redirect2", + "https://myotherdomain.test/redirect1", + "https://myotherdomain.test/redirect2", ], - logo_uri="https://myotherdomain.tld/logo.webp", + logo_uri="https://myotherdomain.test/logo.webp", client_id_issued_at=datetime.datetime.now(datetime.timezone.utc), client_secret=gen_salt(48), grant_types=[ @@ -98,11 +98,11 @@ def trusted_client(testclient, backend): ], response_types=["code", "token", "id_token"], scope=["openid", "profile", "groups"], - tos_uri="https://myotherdomain.tld/tos", - policy_uri="https://myotherdomain.tld/policy", - jwks_uri="https://myotherdomain.tld/jwk", + tos_uri="https://myotherdomain.test/tos", + policy_uri="https://myotherdomain.test/policy", + jwks_uri="https://myotherdomain.test/jwk", token_endpoint_auth_method="client_secret_basic", - post_logout_redirect_uris=["https://myotherdomain.tld/disconnected"], + post_logout_redirect_uris=["https://myotherdomain.test/disconnected"], preconsent=True, ) backend.save(c) @@ -120,7 +120,7 @@ def authorization(testclient, user, client, backend): code="my-code", client=client, subject=user, - redirect_uri="https://foo.bar/callback", + redirect_uri="https://foobar.test/callback", response_type="code", scope=["openid", "profile"], nonce="nonce", diff --git a/tests/oidc/test_authorization_code_flow.py b/tests/oidc/test_authorization_code_flow.py index 8eda77b9..a3fc351d 100644 --- a/tests/oidc/test_authorization_code_flow.py +++ b/tests/oidc/test_authorization_code_flow.py @@ -687,7 +687,7 @@ def test_code_with_invalid_user(testclient, admin, client, backend): formatted_name="John Doe", family_name="Doe", user_name="temp", - emails=["temp@temp.com"], + emails=["temp@temp.test"], password="correct horse battery staple", ) backend.save(user) diff --git a/tests/oidc/test_authorization_prompt.py b/tests/oidc/test_authorization_prompt.py index 943a3e0c..c199161f 100644 --- a/tests/oidc/test_authorization_prompt.py +++ b/tests/oidc/test_authorization_prompt.py @@ -179,7 +179,7 @@ def test_prompt_create_not_logged(testclient, trusted_client, smtpd): # Display the registration form res = res.follow() - res.form["email"] = "foo@bar.com" + res.form["email"] = "foo@bar.test" res = res.form.submit() # Checks the registration mail is sent @@ -192,7 +192,7 @@ def test_prompt_create_not_logged(testclient, trusted_client, smtpd): ).isoformat(), user_name="", user_name_editable=True, - email="foo@bar.com", + email="foo@bar.test", groups=[], ) registration_url = url_for( diff --git a/tests/oidc/test_client_admin.py b/tests/oidc/test_client_admin.py index f4b17500..0ed02764 100644 --- a/tests/oidc/test_client_admin.py +++ b/tests/oidc/test_client_admin.py @@ -89,23 +89,23 @@ def test_client_add(testclient, logged_admin, backend): res = testclient.get("/admin/client/add") data = { "client_name": "foobar", - "contacts-0": "foo@bar.com", - "client_uri": "https://foo.bar", - "redirect_uris-0": "https://foo.bar/callback", + "contacts-0": "foo@bar.test", + "client_uri": "https://foobar.test", + "redirect_uris-0": "https://foobar.test/callback", "grant_types": ["password", "authorization_code"], "scope": "openid profile", "response_types": ["code", "token"], "token_endpoint_auth_method": "none", - "logo_uri": "https://foo.bar/logo.webp", - "tos_uri": "https://foo.bar/tos", - "policy_uri": "https://foo.bar/policy", + "logo_uri": "https://foobar.test/logo.webp", + "tos_uri": "https://foobar.test/tos", + "policy_uri": "https://foobar.test/policy", "software_id": "software", "software_version": "1", "jwk": "jwk", - "jwks_uri": "https://foo.bar/jwks.json", + "jwks_uri": "https://foobar.test/jwks.json", "audience": [], "preconsent": False, - "post_logout_redirect_uris-0": "https://foo.bar/disconnected", + "post_logout_redirect_uris-0": "https://foobar.test/disconnected", } for k, v in data.items(): res.form[k].force_value(v) @@ -117,23 +117,23 @@ def test_client_add(testclient, logged_admin, backend): client = backend.get(models.Client, client_id=client_id) assert client.client_name == "foobar" - assert client.contacts == ["foo@bar.com"] - assert client.client_uri == "https://foo.bar" - assert client.redirect_uris == ["https://foo.bar/callback"] + assert client.contacts == ["foo@bar.test"] + assert client.client_uri == "https://foobar.test" + assert client.redirect_uris == ["https://foobar.test/callback"] assert client.grant_types == ["password", "authorization_code"] assert client.scope == ["openid", "profile"] assert client.response_types == ["code", "token"] assert client.token_endpoint_auth_method == "none" - assert client.logo_uri == "https://foo.bar/logo.webp" - assert client.tos_uri == "https://foo.bar/tos" - assert client.policy_uri == "https://foo.bar/policy" + assert client.logo_uri == "https://foobar.test/logo.webp" + assert client.tos_uri == "https://foobar.test/tos" + assert client.policy_uri == "https://foobar.test/policy" assert client.software_id == "software" assert client.software_version == "1" assert client.jwk == "jwk" - assert client.jwks_uri == "https://foo.bar/jwks.json" + assert client.jwks_uri == "https://foobar.test/jwks.json" assert client.audience == [client] assert not client.preconsent - assert client.post_logout_redirect_uris == ["https://foo.bar/disconnected"] + assert client.post_logout_redirect_uris == ["https://foobar.test/disconnected"] backend.delete(client) @@ -151,23 +151,23 @@ def test_client_edit(testclient, client, logged_admin, trusted_client, backend): res = testclient.get("/admin/client/edit/" + client.client_id) data = { "client_name": "foobar", - "contacts-0": "foo@bar.com", - "client_uri": "https://foo.bar", - "redirect_uris-0": "https://foo.bar/callback", + "contacts-0": "foo@bar.test", + "client_uri": "https://foobar.test", + "redirect_uris-0": "https://foobar.test/callback", "grant_types": ["password", "authorization_code"], "scope": "openid profile", "response_types": ["code", "token"], "token_endpoint_auth_method": "none", - "logo_uri": "https://foo.bar/logo.webp", - "tos_uri": "https://foo.bar/tos", - "policy_uri": "https://foo.bar/policy", + "logo_uri": "https://foobar.test/logo.webp", + "tos_uri": "https://foobar.test/tos", + "policy_uri": "https://foobar.test/policy", "software_id": "software", "software_version": "1", "jwk": "jwk", - "jwks_uri": "https://foo.bar/jwks.json", + "jwks_uri": "https://foobar.test/jwks.json", "audience": [client.id, trusted_client.id], "preconsent": True, - "post_logout_redirect_uris-0": "https://foo.bar/disconnected", + "post_logout_redirect_uris-0": "https://foobar.test/disconnected", } for k, v in data.items(): res.forms["clientaddform"][k].force_value(v) @@ -182,26 +182,26 @@ def test_client_edit(testclient, client, logged_admin, trusted_client, backend): backend.reload(client) assert client.client_name == "foobar" - assert client.contacts == ["foo@bar.com"] - assert client.client_uri == "https://foo.bar" + assert client.contacts == ["foo@bar.test"] + assert client.client_uri == "https://foobar.test" assert client.redirect_uris == [ - "https://foo.bar/callback", - "https://mydomain.tld/redirect2", + "https://foobar.test/callback", + "https://mydomain.test/redirect2", ] assert client.grant_types == ["password", "authorization_code"] assert client.scope == ["openid", "profile"] assert client.response_types == ["code", "token"] assert client.token_endpoint_auth_method == "none" - assert client.logo_uri == "https://foo.bar/logo.webp" - assert client.tos_uri == "https://foo.bar/tos" - assert client.policy_uri == "https://foo.bar/policy" + assert client.logo_uri == "https://foobar.test/logo.webp" + assert client.tos_uri == "https://foobar.test/tos" + assert client.policy_uri == "https://foobar.test/policy" assert client.software_id == "software" assert client.software_version == "1" assert client.jwk == "jwk" - assert client.jwks_uri == "https://foo.bar/jwks.json" + assert client.jwks_uri == "https://foobar.test/jwks.json" assert client.audience == [client, trusted_client] assert not client.preconsent - assert client.post_logout_redirect_uris == ["https://foo.bar/disconnected"] + assert client.post_logout_redirect_uris == ["https://foobar.test/disconnected"] def test_client_edit_missing_fields( diff --git a/tests/oidc/test_configuration.py b/tests/oidc/test_configuration.py index 2e0d7cc9..f3236cb6 100644 --- a/tests/oidc/test_configuration.py +++ b/tests/oidc/test_configuration.py @@ -11,15 +11,15 @@ def test_issuer(testclient): with warnings.catch_warnings(record=True): testclient.app.config["CANAILLE_OIDC"]["JWT"]["ISS"] = ( - "https://anyauth.mydomain.tld" + "https://anyauth.mydomain.test" ) - testclient.app.config["SERVER_NAME"] = "https://otherauth.mydomain.tld" + testclient.app.config["SERVER_NAME"] = "https://otherauth.mydomain.test" with testclient.app.test_request_context("/"): - assert get_issuer() == "https://anyauth.mydomain.tld" + assert get_issuer() == "https://anyauth.mydomain.test" testclient.app.config["CANAILLE_OIDC"]["JWT"]["ISS"] = None with testclient.app.test_request_context("/"): - assert get_issuer() == "https://otherauth.mydomain.tld" + assert get_issuer() == "https://otherauth.mydomain.test" testclient.app.config["SERVER_NAME"] = None with testclient.app.test_request_context("/"): diff --git a/tests/oidc/test_dynamic_client_registration.py b/tests/oidc/test_dynamic_client_registration.py index de49b054..ecca2b17 100644 --- a/tests/oidc/test_dynamic_client_registration.py +++ b/tests/oidc/test_dynamic_client_registration.py @@ -17,16 +17,16 @@ def test_client_registration_with_authentication_static_token( payload = { "redirect_uris": [ - "https://client.example.org/callback", - "https://client.example.org/callback2", + "https://client.example.test/callback", + "https://client.example.test/callback2", ], "post_logout_redirect_uris": [ - "https://client.example.org/logout_callback", + "https://client.example.test/logout_callback", ], "client_name": "My Example Client", "token_endpoint_auth_method": "client_secret_basic", - "logo_uri": "https://client.example.org/logo.webp", - "jwks_uri": "https://client.example.org/my_public_keys.jwks", + "logo_uri": "https://client.example.test/logo.webp", + "jwks_uri": "https://client.example.test/my_public_keys.jwks", "grant_types": ["authorization_code"], "response_types": ["code"], } @@ -41,11 +41,11 @@ def test_client_registration_with_authentication_static_token( "client_id_issued_at": mock.ANY, "client_name": "My Example Client", "client_secret_expires_at": 0, - "jwks_uri": "https://client.example.org/my_public_keys.jwks", - "logo_uri": "https://client.example.org/logo.webp", + "jwks_uri": "https://client.example.test/my_public_keys.jwks", + "logo_uri": "https://client.example.test/logo.webp", "redirect_uris": [ - "https://client.example.org/callback", - "https://client.example.org/callback2", + "https://client.example.test/callback", + "https://client.example.test/callback2", ], "token_endpoint_auth_method": "client_secret_basic", "grant_types": ["authorization_code"], @@ -54,15 +54,15 @@ def test_client_registration_with_authentication_static_token( assert client.client_name == "My Example Client" assert client.redirect_uris == [ - "https://client.example.org/callback", - "https://client.example.org/callback2", + "https://client.example.test/callback", + "https://client.example.test/callback2", ] assert client.post_logout_redirect_uris == [ - "https://client.example.org/logout_callback", + "https://client.example.test/logout_callback", ] assert client.token_endpoint_auth_method == "client_secret_basic" - assert client.logo_uri == "https://client.example.org/logo.webp" - assert client.jwks_uri == "https://client.example.org/my_public_keys.jwks" + assert client.logo_uri == "https://client.example.test/logo.webp" + assert client.jwks_uri == "https://client.example.test/my_public_keys.jwks" assert client in client.audience backend.delete(client) @@ -76,13 +76,13 @@ def test_client_registration_with_authentication_no_token( payload = { "redirect_uris": [ - "https://client.example.org/callback", - "https://client.example.org/callback2", + "https://client.example.test/callback", + "https://client.example.test/callback2", ], "client_name": "My Example Client", "token_endpoint_auth_method": "client_secret_basic", - "logo_uri": "https://client.example.org/logo.webp", - "jwks_uri": "https://client.example.org/my_public_keys.jwks", + "logo_uri": "https://client.example.test/logo.webp", + "jwks_uri": "https://client.example.test/my_public_keys.jwks", "grant_types": ["authorization_code"], "response_types": ["code"], } @@ -110,13 +110,13 @@ def test_client_registration_with_authentication_invalid_token( payload = { "redirect_uris": [ - "https://client.example.org/callback", - "https://client.example.org/callback2", + "https://client.example.test/callback", + "https://client.example.test/callback2", ], "client_name": "My Example Client", "token_endpoint_auth_method": "client_secret_basic", - "logo_uri": "https://client.example.org/logo.webp", - "jwks_uri": "https://client.example.org/my_public_keys.jwks", + "logo_uri": "https://client.example.test/logo.webp", + "jwks_uri": "https://client.example.test/my_public_keys.jwks", "grant_types": ["authorization_code"], "response_types": ["code"], } @@ -135,7 +135,7 @@ def test_client_registration_with_software_statement(testclient, backend, keypai software_statement_payload = { "software_id": "4NRB1-0XZABZI9E6-5SM3R", "client_name": "Example Statement-based Client", - "client_uri": "https://client.example.net/", + "client_uri": "https://client.example.test/", "response_types": ["code"], "grant_types": ["authorization_code"], } @@ -146,8 +146,8 @@ def test_client_registration_with_software_statement(testclient, backend, keypai payload = { "redirect_uris": [ - "https://client.example.org/callback", - "https://client.example.org/callback2", + "https://client.example.test/callback", + "https://client.example.test/callback2", ], "software_statement": software_statement, "scope": "openid profile", @@ -161,20 +161,20 @@ def test_client_registration_with_software_statement(testclient, backend, keypai "client_id_issued_at": mock.ANY, "client_secret_expires_at": 0, "redirect_uris": [ - "https://client.example.org/callback", - "https://client.example.org/callback2", + "https://client.example.test/callback", + "https://client.example.test/callback2", ], "grant_types": ["authorization_code"], "response_types": ["code"], "scope": "openid profile", "token_endpoint_auth_method": "client_secret_basic", "client_name": "Example Statement-based Client", - "client_uri": "https://client.example.net/", + "client_uri": "https://client.example.test/", "software_id": "4NRB1-0XZABZI9E6-5SM3R", } assert client.redirect_uris == [ - "https://client.example.org/callback", - "https://client.example.org/callback2", + "https://client.example.test/callback", + "https://client.example.test/callback2", ] assert client.token_endpoint_auth_method == "client_secret_basic" backend.delete(client) @@ -185,20 +185,20 @@ def test_client_registration_without_authentication_ok(testclient, backend): payload = { "redirect_uris": [ - "https://client.example.org/callback", - "https://client.example.org/callback2", + "https://client.example.test/callback", + "https://client.example.test/callback2", ], "client_name": "My Example Client", - "client_uri": "https://example.com", + "client_uri": "https://example.test", "token_endpoint_auth_method": "client_secret_basic", - "logo_uri": "https://client.example.org/logo.webp", - "jwks_uri": "https://client.example.org/my_public_keys.jwks", + "logo_uri": "https://client.example.test/logo.webp", + "jwks_uri": "https://client.example.test/my_public_keys.jwks", "grant_types": ["authorization_code", "implicit"], "response_types": ["code", "token"], "scope": "openid profile", - "contacts": ["contact@example.com"], - "tos_uri": "https://example.com/uri", - "policy_uri": "https://example.com/policy", + "contacts": ["contact@example.test"], + "tos_uri": "https://example.test/uri", + "policy_uri": "https://example.test/policy", "software_id": "example", "software_version": "x.y.z", } @@ -211,39 +211,39 @@ def test_client_registration_without_authentication_ok(testclient, backend): "client_secret": mock.ANY, "client_id_issued_at": mock.ANY, "client_name": "My Example Client", - "client_uri": "https://example.com", + "client_uri": "https://example.test", "client_secret_expires_at": 0, - "jwks_uri": "https://client.example.org/my_public_keys.jwks", - "logo_uri": "https://client.example.org/logo.webp", + "jwks_uri": "https://client.example.test/my_public_keys.jwks", + "logo_uri": "https://client.example.test/logo.webp", "redirect_uris": [ - "https://client.example.org/callback", - "https://client.example.org/callback2", + "https://client.example.test/callback", + "https://client.example.test/callback2", ], "token_endpoint_auth_method": "client_secret_basic", "grant_types": ["authorization_code", "implicit"], "response_types": ["code", "token"], "scope": "openid profile", - "contacts": ["contact@example.com"], - "tos_uri": "https://example.com/uri", - "policy_uri": "https://example.com/policy", + "contacts": ["contact@example.test"], + "tos_uri": "https://example.test/uri", + "policy_uri": "https://example.test/policy", "software_id": "example", "software_version": "x.y.z", } assert client.client_name == "My Example Client" - assert client.client_uri == "https://example.com" + assert client.client_uri == "https://example.test" assert client.redirect_uris == [ - "https://client.example.org/callback", - "https://client.example.org/callback2", + "https://client.example.test/callback", + "https://client.example.test/callback2", ] assert client.token_endpoint_auth_method == "client_secret_basic" - assert client.logo_uri == "https://client.example.org/logo.webp" - assert client.jwks_uri == "https://client.example.org/my_public_keys.jwks" + assert client.logo_uri == "https://client.example.test/logo.webp" + assert client.jwks_uri == "https://client.example.test/my_public_keys.jwks" assert client.grant_types == ["authorization_code", "implicit"] assert client.response_types == ["code", "token"] assert client.scope == ["openid", "profile"] - assert client.contacts == ["contact@example.com"] - assert client.tos_uri == "https://example.com/uri" - assert client.policy_uri == "https://example.com/policy" + assert client.contacts == ["contact@example.test"] + assert client.tos_uri == "https://example.test/uri" + assert client.policy_uri == "https://example.test/policy" assert client.software_id == "example" assert client.software_version == "x.y.z" backend.delete(client) diff --git a/tests/oidc/test_dynamic_client_registration_management.py b/tests/oidc/test_dynamic_client_registration_management.py index 71934db5..9937861f 100644 --- a/tests/oidc/test_dynamic_client_registration_management.py +++ b/tests/oidc/test_dynamic_client_registration_management.py @@ -22,8 +22,8 @@ def test_get(testclient, backend, client, user): "client_id_issued_at": int(datetime.timestamp(client.client_id_issued_at)), "client_secret_expires_at": 0, "redirect_uris": [ - "https://mydomain.tld/redirect1", - "https://mydomain.tld/redirect2", + "https://mydomain.test/redirect1", + "https://mydomain.test/redirect2", ], "registration_access_token": "static-token", "registration_client_uri": f"http://canaille.test/oauth/register/{client.client_id}", @@ -37,14 +37,14 @@ def test_get(testclient, backend, client, user): ], "response_types": ["code", "token", "id_token"], "client_name": "Some client", - "client_uri": "https://mydomain.tld", - "logo_uri": "https://mydomain.tld/logo.webp", + "client_uri": "https://mydomain.test", + "logo_uri": "https://mydomain.test/logo.webp", "scope": "openid email profile groups address phone", - "contacts": ["contact@mydomain.tld"], - "tos_uri": "https://mydomain.tld/tos", - "policy_uri": "https://mydomain.tld/policy", + "contacts": ["contact@mydomain.test"], + "tos_uri": "https://mydomain.test/tos", + "policy_uri": "https://mydomain.test/policy", "jwk": None, - "jwks_uri": "https://mydomain.tld/jwk", + "jwks_uri": "https://mydomain.test/jwk", "software_id": None, "software_version": None, } @@ -58,35 +58,35 @@ def test_update(testclient, backend, client, user): "static-token" ] - assert client.redirect_uris != ["https://newname.example.org/callback"] + assert client.redirect_uris != ["https://newname.example.test/callback"] assert client.token_endpoint_auth_method != "none" assert client.grant_types != ["refresh_token"] assert client.response_types != ["code", "token"] assert client.client_name != "new name" - assert client.client_uri != "https://newname.example.org" - assert client.logo_uri != "https://newname.example.org/logo.webp" + assert client.client_uri != "https://newname.example.test" + assert client.logo_uri != "https://newname.example.test/logo.webp" assert client.scope != ["openid", "profile", "email"] - assert client.contacts != ["newcontact@example.org"] - assert client.tos_uri != "https://newname.example.org/tos" - assert client.policy_uri != "https://newname.example.org/policy" - assert client.jwks_uri != "https://newname.example.org/my_public_keys.jwks" + assert client.contacts != ["newcontact@example.test"] + assert client.tos_uri != "https://newname.example.test/tos" + assert client.policy_uri != "https://newname.example.test/policy" + assert client.jwks_uri != "https://newname.example.test/my_public_keys.jwks" assert client.software_id != "new_software_id" assert client.software_version != "3.14" payload = { "client_id": client.client_id, - "redirect_uris": ["https://newname.example.org/callback"], + "redirect_uris": ["https://newname.example.test/callback"], "token_endpoint_auth_method": "none", "grant_types": ["refresh_token"], "response_types": ["code", "token"], "client_name": "new name", - "client_uri": "https://newname.example.org", - "logo_uri": "https://newname.example.org/logo.webp", + "client_uri": "https://newname.example.test", + "logo_uri": "https://newname.example.test/logo.webp", "scope": "openid profile email", - "contacts": ["newcontact@example.org"], - "tos_uri": "https://newname.example.org/tos", - "policy_uri": "https://newname.example.org/policy", - "jwks_uri": "https://newname.example.org/my_public_keys.jwks", + "contacts": ["newcontact@example.test"], + "tos_uri": "https://newname.example.test/tos", + "policy_uri": "https://newname.example.test/policy", + "jwks_uri": "https://newname.example.test/my_public_keys.jwks", "software_id": "new_software_id", "software_version": "3.14", } @@ -102,37 +102,37 @@ def test_update(testclient, backend, client, user): "client_secret": client.client_secret, "client_id_issued_at": int(datetime.timestamp(client.client_id_issued_at)), "client_secret_expires_at": 0, - "redirect_uris": ["https://newname.example.org/callback"], + "redirect_uris": ["https://newname.example.test/callback"], "registration_access_token": "static-token", "registration_client_uri": f"http://canaille.test/oauth/register/{client.client_id}", "token_endpoint_auth_method": "none", "grant_types": ["refresh_token"], "response_types": ["code", "token"], "client_name": "new name", - "client_uri": "https://newname.example.org", - "logo_uri": "https://newname.example.org/logo.webp", + "client_uri": "https://newname.example.test", + "logo_uri": "https://newname.example.test/logo.webp", "scope": "openid profile email", - "contacts": ["newcontact@example.org"], - "tos_uri": "https://newname.example.org/tos", - "policy_uri": "https://newname.example.org/policy", + "contacts": ["newcontact@example.test"], + "tos_uri": "https://newname.example.test/tos", + "policy_uri": "https://newname.example.test/policy", "jwk": None, - "jwks_uri": "https://newname.example.org/my_public_keys.jwks", + "jwks_uri": "https://newname.example.test/my_public_keys.jwks", "software_id": "new_software_id", "software_version": "3.14", } - assert client.redirect_uris == ["https://newname.example.org/callback"] + assert client.redirect_uris == ["https://newname.example.test/callback"] assert client.token_endpoint_auth_method == "none" assert client.grant_types == ["refresh_token"] assert client.response_types == ["code", "token"] assert client.client_name == "new name" - assert client.client_uri == "https://newname.example.org" - assert client.logo_uri == "https://newname.example.org/logo.webp" + assert client.client_uri == "https://newname.example.test" + assert client.logo_uri == "https://newname.example.test/logo.webp" assert client.scope == ["openid", "profile", "email"] - assert client.contacts == ["newcontact@example.org"] - assert client.tos_uri == "https://newname.example.org/tos" - assert client.policy_uri == "https://newname.example.org/policy" - assert client.jwks_uri == "https://newname.example.org/my_public_keys.jwks" + assert client.contacts == ["newcontact@example.test"] + assert client.tos_uri == "https://newname.example.test/tos" + assert client.policy_uri == "https://newname.example.test/policy" + assert client.jwks_uri == "https://newname.example.test/my_public_keys.jwks" assert client.software_id == "new_software_id" assert client.software_version == "3.14" @@ -166,7 +166,7 @@ def test_invalid_client(testclient, backend, user): payload = { "client_id": "invalid-client-id", - "redirect_uris": ["https://newname.example.org/callback"], + "redirect_uris": ["https://newname.example.test/callback"], } headers = {"Authorization": "Bearer static-token"} diff --git a/tests/oidc/test_end_session.py b/tests/oidc/test_end_session.py index a0a72c5a..1d72b43c 100644 --- a/tests/oidc/test_end_session.py +++ b/tests/oidc/test_end_session.py @@ -7,7 +7,7 @@ def test_end_session(testclient, backend, logged_user, client, id_token): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -31,7 +31,7 @@ def test_end_session(testclient, backend, logged_user, client, id_token): def test_end_session_no_client_id(testclient, backend, logged_user, client, id_token): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -80,7 +80,7 @@ def test_bad_redirect_uri_no_redirect( ): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/invalid-uri" + post_logout_redirect_url = "https://mydomain.test/invalid-uri" res = testclient.get( "/oauth/end_session", params={ @@ -104,7 +104,7 @@ def test_bad_redirect_uri_no_redirect( def test_no_client_hint_no_redirect(testclient, backend, logged_user, client, id_token): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -128,7 +128,7 @@ def test_no_client_hint_no_redirect(testclient, backend, logged_user, client, id def test_end_session_invalid_client_id(testclient, backend, logged_user, client): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -161,7 +161,7 @@ def test_client_hint_invalid(testclient, backend, logged_user, client): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -184,7 +184,7 @@ def test_client_hint_invalid(testclient, backend, logged_user, client): def test_no_jwt_logout(testclient, backend, logged_user, client): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -210,7 +210,7 @@ def test_no_jwt_logout(testclient, backend, logged_user, client): def test_no_jwt_no_logout(testclient, backend, logged_user, client): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -233,11 +233,11 @@ def test_no_jwt_no_logout(testclient, backend, logged_user, client): def test_jwt_not_issued_here(testclient, backend, logged_user, client, id_token): - testclient.app.config["CANAILLE_OIDC"]["JWT"]["ISS"] = "https://foo.bar" + testclient.app.config["CANAILLE_OIDC"]["JWT"]["ISS"] = "https://foobar.test" testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -266,7 +266,7 @@ def test_client_hint_mismatch(testclient, backend, logged_user, client): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -286,7 +286,7 @@ def test_client_hint_mismatch(testclient, backend, logged_user, client): def test_end_session_bad_id_token(testclient, backend, logged_user, client, id_token): - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -311,7 +311,7 @@ def test_bad_user_id_token_mismatch(testclient, backend, logged_user, client, ad **get_jwt_config(None), ) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -338,7 +338,7 @@ def test_bad_user_id_token_mismatch(testclient, backend, logged_user, client, ad def test_bad_user_hint(testclient, backend, logged_user, client, id_token, admin): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -365,7 +365,7 @@ def test_bad_user_hint(testclient, backend, logged_user, client, id_token, admin def test_no_jwt_bad_csrf(testclient, backend, logged_user, client): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -383,7 +383,7 @@ def test_no_jwt_bad_csrf(testclient, backend, logged_user, client): def test_end_session_already_disconnected(testclient, backend, user, client, id_token): - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ @@ -402,7 +402,7 @@ def test_end_session_already_disconnected(testclient, backend, user, client, id_ def test_end_session_no_state(testclient, backend, logged_user, client, id_token): testclient.get(f"/profile/{logged_user.user_name}", status=200) - post_logout_redirect_url = "https://mydomain.tld/disconnected" + post_logout_redirect_url = "https://mydomain.test/disconnected" res = testclient.get( "/oauth/end_session", params={ diff --git a/tests/oidc/test_forms.py b/tests/oidc/test_forms.py index affbd372..02e4ebb7 100644 --- a/tests/oidc/test_forms.py +++ b/tests/oidc/test_forms.py @@ -13,8 +13,8 @@ def test_fieldlist_add(testclient, logged_admin, backend): data = { "client_name": "foobar", - "client_uri": "https://foo.bar", - "redirect_uris-0": "https://foo.bar/callback", + "client_uri": "https://foobar.test", + "redirect_uris-0": "https://foobar.test/callback", "grant_types": ["password", "authorization_code"], "response_types": ["code", "token"], "token_endpoint_auth_method": "none", @@ -25,7 +25,7 @@ def test_fieldlist_add(testclient, logged_admin, backend): res = res.form.submit(status=200, name="fieldlist_add", value="redirect_uris-0") assert not backend.query(models.Client) - data["redirect_uris-1"] = "https://foo.bar/callback2" + data["redirect_uris-1"] = "https://foobar.test/callback2" for k, v in data.items(): res.form[k].force_value(v) @@ -36,8 +36,8 @@ def test_fieldlist_add(testclient, logged_admin, backend): client = backend.get(models.Client, client_id=client_id) assert client.redirect_uris == [ - "https://foo.bar/callback", - "https://foo.bar/callback2", + "https://foobar.test/callback", + "https://foobar.test/callback2", ] backend.delete(client) @@ -49,8 +49,8 @@ def test_fieldlist_delete(testclient, logged_admin, backend): data = { "client_name": "foobar", - "client_uri": "https://foo.bar", - "redirect_uris-0": "https://foo.bar/callback1", + "client_uri": "https://foobar.test", + "redirect_uris-0": "https://foobar.test/callback1", "grant_types": ["password", "authorization_code"], "response_types": ["code", "token"], "token_endpoint_auth_method": "none", @@ -59,7 +59,7 @@ def test_fieldlist_delete(testclient, logged_admin, backend): res.form[k].force_value(v) res = res.form.submit(status=200, name="fieldlist_add", value="redirect_uris-0") - res.form["redirect_uris-1"] = "https://foo.bar/callback2" + res.form["redirect_uris-1"] = "https://foobar.test/callback2" res = res.form.submit(status=200, name="fieldlist_remove", value="redirect_uris-1") assert not backend.query(models.Client) assert "redirect_uris-1" not in res.form.fields @@ -71,7 +71,7 @@ def test_fieldlist_delete(testclient, logged_admin, backend): client = backend.get(models.Client, client_id=client_id) assert client.redirect_uris == [ - "https://foo.bar/callback1", + "https://foobar.test/callback1", ] backend.delete(client) @@ -82,8 +82,8 @@ def test_fieldlist_add_invalid_field(testclient, logged_admin): data = { "csrf_token": res.form["csrf_token"].value, "client_name": "foobar", - "client_uri": "https://foo.bar", - "redirect_uris-0": "https://foo.bar/callback", + "client_uri": "https://foobar.test", + "redirect_uris-0": "https://foobar.test/callback", "grant_types": ["password", "authorization_code"], "response_types": ["code", "token"], "token_endpoint_auth_method": "none", @@ -99,9 +99,9 @@ def test_fieldlist_delete_invalid_field(testclient, logged_admin, backend): data = { "csrf_token": res.form["csrf_token"].value, "client_name": "foobar", - "client_uri": "https://foo.bar", - "redirect_uris-0": "https://foo.bar/callback1", - "redirect_uris-1": "https://foo.bar/callback2", + "client_uri": "https://foobar.test", + "redirect_uris-0": "https://foobar.test/callback1", + "redirect_uris-1": "https://foobar.test/callback2", "grant_types": ["password", "authorization_code"], "response_types": ["code", "token"], "token_endpoint_auth_method": "none", @@ -114,8 +114,8 @@ def test_fieldlist_duplicate_value(testclient, logged_admin, client): res = testclient.get("/admin/client/add") data = { "client_name": "foobar", - "client_uri": "https://foo.bar", - "redirect_uris-0": "https://foo.bar/samecallback", + "client_uri": "https://foobar.test", + "redirect_uris-0": "https://foobar.test/samecallback", "grant_types": ["password", "authorization_code"], "response_types": ["code", "token"], "token_endpoint_auth_method": "none", @@ -123,7 +123,7 @@ def test_fieldlist_duplicate_value(testclient, logged_admin, client): for k, v in data.items(): res.form[k].force_value(v) res = res.form.submit(status=200, name="fieldlist_add", value="redirect_uris-0") - res.form["redirect_uris-1"] = "https://foo.bar/samecallback" + res.form["redirect_uris-1"] = "https://foobar.test/samecallback" res = res.form.submit(status=200, name="action", value="edit") res.mustcontain("This value is a duplicate") @@ -132,9 +132,9 @@ def test_fieldlist_empty_value(testclient, logged_admin, backend): res = testclient.get("/admin/client/add") data = { "client_name": "foobar", - "client_uri": "https://foo.bar", - "redirect_uris-0": "https://foo.bar/samecallback", - "post_logout_redirect_uris-0": "https://foo.bar/callback1", + "client_uri": "https://foobar.test", + "redirect_uris-0": "https://foobar.test/samecallback", + "post_logout_redirect_uris-0": "https://foobar.test/callback1", "grant_types": ["password", "authorization_code"], "response_types": ["code", "token"], "token_endpoint_auth_method": "none", @@ -154,8 +154,8 @@ def test_fieldlist_add_field_htmx(testclient, logged_admin): data = { "csrf_token": res.form["csrf_token"].value, "client_name": "foobar", - "client_uri": "https://foo.bar", - "redirect_uris-0": "https://foo.bar/callback", + "client_uri": "https://foobar.test", + "redirect_uris-0": "https://foobar.test/callback", "grant_types": ["password", "authorization_code"], "response_types": ["code", "token"], "token_endpoint_auth_method": "none", @@ -178,7 +178,7 @@ def test_fieldlist_add_field_htmx_validation(testclient, logged_admin): data = { "csrf_token": res.form["csrf_token"].value, "client_name": "foobar", - "client_uri": "https://foo.bar", + "client_uri": "https://foobar.test", "redirect_uris-0": "not-a-valid-uri", "grant_types": ["password", "authorization_code"], "response_types": ["code", "token"], @@ -203,9 +203,9 @@ def test_fieldlist_remove_field_htmx(testclient, logged_admin): data = { "csrf_token": res.form["csrf_token"].value, "client_name": "foobar", - "client_uri": "https://foo.bar", - "redirect_uris-0": "https://foo.bar/callback1", - "redirect_uris-1": "https://foo.bar/callback2", + "client_uri": "https://foobar.test", + "redirect_uris-0": "https://foobar.test/callback1", + "redirect_uris-1": "https://foobar.test/callback2", "grant_types": ["password", "authorization_code"], "response_types": ["code", "token"], "token_endpoint_auth_method": "none", @@ -228,9 +228,9 @@ def test_fieldlist_inline_validation(testclient, logged_admin): data = { "csrf_token": res.form["csrf_token"].value, "client_name": "foobar", - "client_uri": "https://foo.bar", + "client_uri": "https://foobar.test", "redirect_uris-0": "invalid-url", - "redirect_uris-1": "https://foo.bar/callback2", + "redirect_uris-1": "https://foobar.test/callback2", "grant_types": ["password", "authorization_code"], "response_types": ["code", "token"], "token_endpoint_auth_method": "none", diff --git a/tests/oidc/test_refresh_token.py b/tests/oidc/test_refresh_token.py index be9f99dc..7882d7ae 100644 --- a/tests/oidc/test_refresh_token.py +++ b/tests/oidc/test_refresh_token.py @@ -84,7 +84,7 @@ def test_refresh_token_with_invalid_user(testclient, client, backend): formatted_name="John Doe", family_name="Doe", user_name="temp", - emails=["temp@temp.com"], + emails=["temp@temp.test"], password="correct horse battery staple", ) backend.save(user) diff --git a/tests/oidc/test_token_introspection.py b/tests/oidc/test_token_introspection.py index 62a4984b..b5e78018 100644 --- a/tests/oidc/test_token_introspection.py +++ b/tests/oidc/test_token_introspection.py @@ -21,7 +21,7 @@ def test_access_token_introspection(testclient, user, client, token): "scope": token.get_scope(), "sub": user.user_name, "aud": [client.client_id], - "iss": "https://auth.mydomain.tld", + "iss": "https://auth.mydomain.test", "exp": token.get_expires_at(), "iat": token.get_issued_at(), } == res.json @@ -42,7 +42,7 @@ def test_refresh_token_introspection(testclient, user, client, token): "scope": token.get_scope(), "sub": user.user_name, "aud": [client.client_id], - "iss": "https://auth.mydomain.tld", + "iss": "https://auth.mydomain.test", "exp": token.get_expires_at(), "iat": token.get_issued_at(), } == res.json @@ -110,6 +110,6 @@ def test_full_flow(testclient, logged_user, client, user, trusted_client, backen assert res.json["username"] == user.formatted_name assert res.json["scope"] == token.get_scope() assert res.json["sub"] == user.user_name - assert res.json["iss"] == "https://auth.mydomain.tld" + assert res.json["iss"] == "https://auth.mydomain.test" assert res.json["exp"] == token.get_expires_at() assert res.json["iat"] == token.get_issued_at() diff --git a/tests/oidc/test_userinfo.py b/tests/oidc/test_userinfo.py index 5a3cfca1..d23883d6 100644 --- a/tests/oidc/test_userinfo.py +++ b/tests/oidc/test_userinfo.py @@ -102,7 +102,7 @@ def test_generate_user_claims(user, foo_group): "family_name": "Doe", "preferred_username": "Johnny", "locale": "en", - "website": "https://john.example", + "website": "https://john.test", } assert generate_user_claims(user, claims_from_scope("openid profile email")) == { "sub": "user", @@ -111,8 +111,8 @@ def test_generate_user_claims(user, foo_group): "family_name": "Doe", "preferred_username": "Johnny", "locale": "en", - "website": "https://john.example", - "email": "john@doe.com", + "website": "https://john.test", + "email": "john@doe.test", } assert generate_user_claims(user, claims_from_scope("openid profile address")) == { "sub": "user", @@ -121,7 +121,7 @@ def test_generate_user_claims(user, foo_group): "family_name": "Doe", "preferred_username": "Johnny", "locale": "en", - "website": "https://john.example", + "website": "https://john.test", "address": "1235, somewhere", } assert generate_user_claims(user, claims_from_scope("openid profile phone")) == { @@ -131,7 +131,7 @@ def test_generate_user_claims(user, foo_group): "family_name": "Doe", "preferred_username": "Johnny", "locale": "en", - "website": "https://john.example", + "website": "https://john.test", "phone_number": "555-000-000", } assert generate_user_claims(user, claims_from_scope("openid profile groups")) == { @@ -141,7 +141,7 @@ def test_generate_user_claims(user, foo_group): "family_name": "Doe", "preferred_username": "Johnny", "locale": "en", - "website": "https://john.example", + "website": "https://john.test", "groups": ["foo"], } @@ -168,7 +168,7 @@ def test_userinfo(testclient, token, user, foo_group, backend): "name": "John (johnny) Doe", "preferred_username": "Johnny", "locale": "en", - "website": "https://john.example", + "website": "https://john.test", } token.scope = ["openid", "profile", "email"] @@ -184,8 +184,8 @@ def test_userinfo(testclient, token, user, foo_group, backend): "name": "John (johnny) Doe", "preferred_username": "Johnny", "locale": "en", - "website": "https://john.example", - "email": "john@doe.com", + "website": "https://john.test", + "email": "john@doe.test", } token.scope = ["openid", "profile", "address"] @@ -201,7 +201,7 @@ def test_userinfo(testclient, token, user, foo_group, backend): "name": "John (johnny) Doe", "preferred_username": "Johnny", "locale": "en", - "website": "https://john.example", + "website": "https://john.test", "address": "1235, somewhere", } @@ -218,7 +218,7 @@ def test_userinfo(testclient, token, user, foo_group, backend): "name": "John (johnny) Doe", "preferred_username": "Johnny", "locale": "en", - "website": "https://john.example", + "website": "https://john.test", "phone_number": "555-000-000", } @@ -235,7 +235,7 @@ def test_userinfo(testclient, token, user, foo_group, backend): "name": "John (johnny) Doe", "preferred_username": "Johnny", "locale": "en", - "website": "https://john.example", + "website": "https://john.test", "groups": ["foo"], } @@ -276,20 +276,20 @@ def test_generate_user_standard_claims_with_default_config(testclient, backend, "name": "John (johnny) Doe", "family_name": "Doe", "preferred_username": "Johnny", - "email": "john@doe.com", + "email": "john@doe.test", "locale": "fr", "phone_number": "555-000-000", - "website": "https://john.example", + "website": "https://john.test", } def test_custom_config_format_claim_is_well_formated(testclient, backend, user): jwt_mapping_config = JWTSettings().model_dump() - jwt_mapping_config["EMAIL"] = "{{ user.user_name }}@mydomain.tld" + jwt_mapping_config["EMAIL"] = "{{ user.user_name }}@mydomain.test" data = generate_user_claims(user, STANDARD_CLAIMS, jwt_mapping_config) - assert data["email"] == "user@mydomain.tld" + assert data["email"] == "user@mydomain.test" def test_claim_is_omitted_if_empty(testclient, backend, user): diff --git a/tests/oidc/test_webfinger.py b/tests/oidc/test_webfinger.py index 8cac7a40..34495a17 100644 --- a/tests/oidc/test_webfinger.py +++ b/tests/oidc/test_webfinger.py @@ -1,13 +1,13 @@ def test_issuer(testclient, user): res = testclient.get( - "/.well-known/webfinger?resource=acct%3Auser%40mydomain.tld&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer" + "/.well-known/webfinger?resource=acct%3Auser%40mydomain.test&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer" ) assert res.json == { - "subject": "acct:user@mydomain.tld", + "subject": "acct:user@mydomain.test", "links": [ { "rel": "http://openid.net/specs/connect/1.0/issuer", - "href": "https://auth.mydomain.tld", + "href": "https://auth.mydomain.test", } ], } @@ -15,14 +15,14 @@ def test_issuer(testclient, user): def test_resource_unknown(testclient): res = testclient.get( - "/.well-known/webfinger?resource=acct%3Ainvalid%40mydomain.tld&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer", + "/.well-known/webfinger?resource=acct%3Ainvalid%40mydomain.test&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer", ) assert res.json == { - "subject": "acct:invalid@mydomain.tld", + "subject": "acct:invalid@mydomain.test", "links": [ { "rel": "http://openid.net/specs/connect/1.0/issuer", - "href": "https://auth.mydomain.tld", + "href": "https://auth.mydomain.test", } ], } diff --git a/tests/oidc/test_well_known.py b/tests/oidc/test_well_known.py index e80b1289..af1aaa26 100644 --- a/tests/oidc/test_well_known.py +++ b/tests/oidc/test_well_known.py @@ -3,12 +3,12 @@ def test_oauth_authorization_server(testclient): res = testclient.get("/.well-known/oauth-authorization-server", status=200).json - assert "https://auth.mydomain.tld" == res["issuer"] + assert "https://auth.mydomain.test" == res["issuer"] assert res == { "authorization_endpoint": "http://canaille.test/oauth/authorize", "code_challenge_methods_supported": ["plain", "S256"], "introspection_endpoint": "http://canaille.test/oauth/introspect", - "issuer": "https://auth.mydomain.tld", + "issuer": "https://auth.mydomain.test", "jwks_uri": "http://canaille.test/oauth/jwks.json", "registration_endpoint": "http://canaille.test/oauth/register", "response_types_supported": [ @@ -42,7 +42,7 @@ def test_oauth_authorization_server(testclient): def test_openid_configuration(testclient): res = testclient.get("/.well-known/openid-configuration", status=200).json - assert "https://auth.mydomain.tld" == res["issuer"] + assert "https://auth.mydomain.test" == res["issuer"] assert res == { "authorization_endpoint": "http://canaille.test/oauth/authorize", "claims_supported": [ @@ -68,7 +68,7 @@ def test_openid_configuration(testclient): "end_session_endpoint": "http://canaille.test/oauth/end_session", "id_token_signing_alg_values_supported": ["RS256", "ES256", "HS256"], "introspection_endpoint": "http://canaille.test/oauth/introspect", - "issuer": "https://auth.mydomain.tld", + "issuer": "https://auth.mydomain.test", "jwks_uri": "http://canaille.test/oauth/jwks.json", "registration_endpoint": "http://canaille.test/oauth/register", "response_types_supported": [