Versions Compared

Old Version 6

changes.mady.by.user Dennis Kittrell

Saved on

compared with

New Version Current

changes.mady.by.user Scott Bishel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Page Properties

Target release

Q2 2020

Epic

https://mattermost.atlassian.net/browse/MM-20777

Edition

N/A

Document status

Status
colourGreen
title99%

OVERVIEW

Increasing automated testing is necessary in order to increase the effectiveness, efficiency and coverage of software testing. Currently testing SAML is a manual process that only occurs during release and feature testing. Because testing SAML is a manual process we only test against OneLogin and Okta.

Creating reusable automated tests will make testing and supporting additional SAML providers a much easier process. These tests will ensure a base level of supported functionality. As test coverage increases, supporting a new provider could be as simple as writing the test harness for the given provider. 

GOALS

  1. Define the testing architecture for Automated SAML testing.

  2. Define the necessary APIs for manipulating SAML data.

  3. Define the base set of required tests 

SCOPE

In scope:

  • Define a pluggable architecture to test SAML Environment.

  • Provide a proof of concept.

...

  • Defining implementation details for specific providers.  

  • Define all tests and all potential data.

  • Define implementation details for all required tests.

BACKGROUND READING


SPECIFICATIONS

There are three different pieces of functionality to make this work.

  1. Architecture Definition

    1. Define test structure

    2. Define test data

    3. Define base tests to be implemented.

  2. Provider Creation and Setup

  3. Provider Test Creation and API definition

Architectural Definition

Test Structure

The test structure should be configured so that each provider can share the same test. Each provider will have to some of its own provisioning such as Setting up its configuration. At a minimum the SAML Configuration will need to be provided. A sample test flow is shown below. This test is doing a basic SAML login.

...

samlLogout() - logout MM user and ensure login page is displayed

Test Data

The SAML providers will have to have specific users with specific fields to be set appropriately for the accompanying test. This can be accomplished a couple different ways. That data can be created upfront in the SAML provider or each test suite can be responsible to create its own test data prior to each test. If the data in the SAML provider is static, that is it won’t be updated during a test run and be the same from test run to test run. It is suggested to create that data upfront. However, if the test requires the update of the SAML data, for instance to test if SAML fields update properly. Then the data should be either be verified or deleted and recreated before the test run.

If test data is required to be added to the Mattermost database. That data can be added in the following file - ../mattermost-server/cmd/mattermost/commands/sampledata.go.

Base Tests

  • SAML User Login - New user

  • SAML User Login - Existing user

  • SAML Guest Login - New user

  • SAML Guest Login - Existing user

  • SAML Admin Login - New user

  • SAML Admin Login - Existing user

Once the base tests have been completed, the manual release tests will be next.
https://docs.google.com/spreadsheets/d/18nQEYeHRQCkHPRmiDZLd-z8DyMg1TlDfDu-c0qlK8Vs/edit#gid=932310946

Required SAML APIs

Create User - create a new user in SAML Server

...

  • Certificates - will need loaded

  • SAML Provider settings may need updated, for server name to callback.

Proof of Concept

In order to ensure that the above specification is at least feasible, a proof of concept was developed.

...

e2e/cypress/support/saml_test_commands.js

The test expects the user to already exist in Mattermost, it won’t. Therefore, the first time through, select the default team. The next time the test will pass. It’s just a POC.

CREDITS