chore: move ciba tests to jest

.circleci/workflows.yml

@@ -653,10 +653,6 @@ jobs:
             # Start AM Gateway
             bash .circleci/scripts/am-service-launcher.sh gravitee-am-gateway-standalone-${AM_VERSION}
             
-            # build & start CIBA Delegated Service
-            mvn -s /tmp/workspace/.gravitee.settings.xml -P gio-artifactory-snapshot -P cicd -f gravitee-am-ciba-delegated-service/pom.xml package
-            java -jar gravitee-am-ciba-delegated-service/target/gravitee-am-ciba-delegated-service-${AM_VERSION}.jar &
-            
             # Run Postman tests
             make postman
       - keeper/env-export:
@@ -753,10 +749,6 @@ jobs:
             # Start AM Gateway
             bash .circleci/scripts/am-service-launcher.sh gravitee-am-gateway-standalone-${AM_VERSION}
             
-            # build & start CIBA Delegated Service
-            mvn -s /tmp/workspace/.gravitee.settings.xml -P gio-artifactory-snapshot -P cicd -f gravitee-am-ciba-delegated-service/pom.xml package
-            java -jar gravitee-am-ciba-delegated-service/target/gravitee-am-ciba-delegated-service-${AM_VERSION}.jar &
-                       
             # Run Postman tests
             make postman
       - keeper/env-export:

Makefile

@@ -211,9 +211,6 @@ postman: ## Run postman non regression test (require newman npm module)
 	@newman run postman/collections/graviteeio-am-vhost-collection.json -e postman/environment/dev.json --ignore-redirects --insecure --bail
 	@newman run postman/collections/graviteeio-am-environment-collection.json -e postman/environment/dev.json --ignore-redirects --insecure --bail
 	@newman run postman/collections/graviteeio-am-self-account-management-collection-app-version.json -e postman/environment/dev.json --ignore-redirects --insecure --bail
-    # Run CIBA tests, note that if this collection is executed against the docker-compose the docker.json must be used.
-    # (Delegated service and GW will see each other using the container names and not on localhost)
-	@newman run postman/collections/graviteeio-am-openid-ciba-collection.json -e postman/environment/dev.json --ignore-redirects --insecure --bail
 
 oidctest-run: oidctest-install oidctest-start ## Run openid-certification tools, using same docker network
 

gravitee-am-test/api/commands/gateway/login-commands.ts

@@ -19,8 +19,12 @@ import { expect } from '@jest/globals';
 
 const cheerio = require('cheerio');
 
-export const initiateLoginFlow = async (clientId, openIdConfiguration, domain, responseType = 'code') => {
-  const params = `?response_type=${responseType}&client_id=${clientId}&redirect_uri=https://auth-nightly.gravitee.io/myApp/callback`;
+export const initiateLoginFlow = async (clientId, openIdConfiguration, domain, responseType = 'code', redirecrUri?) => {
+  let redirect = `https://auth-nightly.gravitee.io/myApp/callback`;
+  if (redirecrUri != undefined) {
+    redirect = redirecrUri;
+  }
+  const params = `?response_type=${responseType}&client_id=${clientId}&redirect_uri=${redirect}`;
 
   const authResponse = await performGet(openIdConfiguration.authorization_endpoint, params).expect(302);
   const loginLocation = authResponse.headers['location'];
@@ -75,16 +79,40 @@ export const postConsent = async (consent) => {
   ).expect(302);
 };
 
-export const loginUserNameAndPassword = async (clientId, user, userPassword, rememberMe, openIdConfiguration, domain) => {
-  return await loginUser(clientId, user.username, userPassword, rememberMe, openIdConfiguration, domain);
+export const loginUserNameAndPassword = async (
+  clientId,
+  user,
+  userPassword,
+  rememberMe,
+  openIdConfiguration,
+  domain,
+  redirectUri?,
+  responseType?,
+) => {
+  return await loginUser(clientId, user.username, userPassword, rememberMe, openIdConfiguration, domain, redirectUri, responseType);
 };
 
 export const loginAdditionalInfoAndPassword = async (clientId, additionalInfo, userPassword, rememberMe, openIdConfiguration, domain) => {
   return await loginUser(clientId, additionalInfo, userPassword, rememberMe, openIdConfiguration, domain);
 };
 
-export const loginUser = async (clientId, nameOrAdditionalInfo, userPassword, rememberMe, openIdConfiguration, domain) => {
-  const authResponse = await initiateLoginFlow(clientId, openIdConfiguration, domain);
+export const loginUser = async (
+  clientId,
+  nameOrAdditionalInfo,
+  userPassword,
+  rememberMe,
+  openIdConfiguration,
+  domain,
+  reidrectUri?,
+  responseType?,
+) => {
+  let authResponse;
+  if (responseType != undefined) {
+    authResponse = await initiateLoginFlow(clientId, openIdConfiguration, domain, responseType, reidrectUri);
+  } else {
+    authResponse = await initiateLoginFlow(clientId, openIdConfiguration, domain, reidrectUri);
+  }
+
   const postLogin = await login(authResponse, nameOrAdditionalInfo, clientId, userPassword, rememberMe);
   //log in failed with error
   if (postLogin.headers['location'].includes('error=login_failed&error_code=invalid_user&error_description=Invalid+or+unknown+user')) {

gravitee-am-test/api/commands/gateway/oauth-oidc-commands.ts

@@ -65,9 +65,9 @@ export const extractXsrfTokenAndActionResponse = async (response) => {
   const result = await performGet(response.headers['location'], '', headers);
   if (result.status == 302) {
     console.error(` Expected 200 from ${result.request.url}, got 302 location=${result.headers['location']}`);
-    throw new Error('Expected 200, got 302')
+    throw new Error('Expected 200, got 302');
   } else if (result.status != 200) {
-    throw new Error(`Expected 200 from ${result.request.url}, got ${result.status}`)
+    throw new Error(`Expected 200 from ${result.request.url}, got ${result.status}`);
   }
   const dom = cheerio.load(result.text);
   const xsrfToken = dom('[name=X-XSRF-TOKEN]').val();

gravitee-am-test/api/commands/management/bot-detection-management-commands.ts

@@ -1,12 +1,12 @@
 /*
  * Copyright (C) 2015 The Gravitee team (http://gravitee.io)
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *         http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -30,7 +30,7 @@ export const updateBotDetection = (domainId, accessToken, botDetectionId, body)
     environmentId: process.env.AM_DEF_ENV_ID,
     domain: domainId,
     botDetection: botDetectionId,
-    updateBotDetection: body
+    updateBotDetection: body,
   });
 
 export const getBotDetection = (domainId, accessToken, botDetectionId) =>

gravitee-am-test/api/commands/management/extension-grant-commands.ts

@@ -54,5 +54,5 @@ export const updateExtensionGrant = (domainId, accessToken, extensionId, updateE
     environmentId: process.env.AM_DEF_ENV_ID,
     domain: domainId,
     extensionGrant: extensionId,
-    updateExtensionGrant: updateExtension
+    updateExtensionGrant: updateExtension,
   });

gravitee-am-test/api/commands/management/form-management-commands.ts

@@ -21,5 +21,5 @@ export const preview = (domainId, accessToken, body) =>
     organizationId: process.env.AM_DEF_ORG_ID,
     environmentId: process.env.AM_DEF_ENV_ID,
     domain: domainId,
-      previewRequest: body,
+    previewRequest: body,
   });

gravitee-am-test/api/commands/management/password-policy-management-commands.ts

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-import { getIdpApi, getPasswordPolicyApi,getUserApi } from './service/utils';
+import { getIdpApi, getPasswordPolicyApi, getUserApi } from './service/utils';
 import { UpdatePasswordPolicy } from '../../management/models/UpdatePasswordPolicy';
 import { NewPasswordPolicy } from '../../management/models';
 
@@ -79,7 +79,7 @@ export const assignPasswordPolicyToIdp = (domainId: string, accessToken: string,
     environmentId: process.env.AM_DEF_ENV_ID,
     domain: domainId,
     identity: idpId,
-    assignPasswordPolicy: {passwordPolicy: policyId},
+    assignPasswordPolicy: { passwordPolicy: policyId },
   });
 
 export const resetUserPassword = (domainId: string, accessToken: string, user: string, password: string) =>
@@ -88,5 +88,5 @@ export const resetUserPassword = (domainId: string, accessToken: string, user: s
     environmentId: process.env.AM_DEF_ENV_ID,
     domain: domainId,
     user: user,
-    passwordValue: {password},
+    passwordValue: { password },
   });

gravitee-am-test/api/commands/management/scope-management-commands.ts

@@ -13,7 +13,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import {getScopeApi} from './service/utils';
+import { getScopeApi } from './service/utils';
 
 export const createScope = (domainId, accessToken, scope) =>
   getScopeApi(accessToken).createScope({

gravitee-am-test/api/commands/management/service/utils.ts

@@ -48,10 +48,7 @@ export const getDomainManagerUrl = (domainId: String) => {
 };
 
 export const getOrganisationManagementUrl = () => {
-    return (
-        process.env.AM_MANAGEMENT_URL +
-        `/management/organizations/${process.env.AM_DEF_ORG_ID}`
-    );
+  return process.env.AM_MANAGEMENT_URL + `/management/organizations/${process.env.AM_DEF_ORG_ID}`;
 };
 
 export function getDomainApi(accessToken) {
@@ -123,10 +120,10 @@ export function getBotDetectionApi(accessToken) {
 }
 
 export function createRandomString(length: number) {
-    const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
-    let result = '';
-    for (let i = 0; i < length; i++) {
-        result += chars.charAt(Math.floor(Math.random() * chars.length));
-    }
-    return result;
+  const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+  let result = '';
+  for (let i = 0; i < length; i++) {
+    result += chars.charAt(Math.floor(Math.random() * chars.length));
+  }
+  return result;
 }

gravitee-am-test/api/commands/management/token-management-commands.ts

@@ -26,4 +26,3 @@ export const requestAccessToken = (username: string, password: string) => {
     .expect(200)
     .then((res) => res.body.access_token);
 };
-

gravitee-am-test/api/commands/management/user-management-commands.ts

@@ -13,9 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import {getDomainApi, getUserApi} from './service/utils';
-import {expect} from '@jest/globals';
-import {NewOrganizationUser, NewUser} from '../../management/models';
+import { getDomainApi, getUserApi } from './service/utils';
+import { expect } from '@jest/globals';
+import { NewOrganizationUser, NewUser } from '../../management/models';
 
 export const createUser = (domainId, accessToken, user) =>
   getUserApi(accessToken).createUser({

gravitee-am-test/api/commands/utils/application-commands.ts

@@ -16,9 +16,15 @@
 
 import { createApplication, updateApplication } from '@management-commands/application-management-commands';
 import { expect } from '@jest/globals';
-import {Domain,PatchApplication} from '../../management/models';
+import { Domain, PatchApplication } from '../../management/models';
 
-export const createTestApp = async (name: string, domain: Domain, accessToken: string, applicationType = 'web', body: PatchApplication = {}) => {
+export const createTestApp = async (
+  name: string,
+  domain: Domain,
+  accessToken: string,
+  applicationType = 'web',
+  body: PatchApplication = {},
+) => {
   const creatAppSettings =
     applicationType !== 'service'
       ? {

gravitee-am-test/api/commands/utils/misc.ts

@@ -15,7 +15,7 @@
  */
 
 import { waitFor } from '@management-commands/domain-management-commands';
-import { expect,jest } from '@jest/globals';
+import { expect, jest } from '@jest/globals';
 import { performGet } from '@gateway-commands/oauth-oidc-commands';
 import faker from 'faker';
 import { BulkResponse } from '@management-models/BulkResponse';
@@ -54,25 +54,31 @@ export async function timeout<T>(millis: number, promise: Promise<T>): Promise<T
   return Promise.race([timeLimit, promise]);
 }
 
-export type BasicResponse = { status: number; header: { [x: string]: string }; headers: { [x: string]: string }, text: string, [x: string]: any };
+export type BasicResponse = {
+  status: number;
+  header: { [x: string]: string };
+  headers: { [x: string]: string };
+  text: string;
+  [x: string]: any;
+};
 
-export function followRedirectTag(tag?:string) {
+export function followRedirectTag(tag?: string) {
   return (redirectResponse: BasicResponse) => {
     if (redirectResponse.status != 302) {
-      throw new Error(`expected 302 response, but got ${redirectResponse.status}. Full response: ${JSON.stringify(redirectResponse)}`)
+      throw new Error(`expected 302 response, but got ${redirectResponse.status}. Full response: ${JSON.stringify(redirectResponse)}`);
     }
     const headers = redirectResponse.header['set-cookie'] ? { Cookie: redirectResponse.header['set-cookie'] } : {};
     if (tag) {
-      console.log(`[${tag}] redirecting to ${redirectResponse.header['location']}`)
+      console.log(`[${tag}] redirecting to ${redirectResponse.header['location']}`);
     } else {
-      console.log(`redirecting to ${redirectResponse.header['location']}`)
+      console.log(`redirecting to ${redirectResponse.header['location']}`);
     }
     return performGet(redirectResponse.header['location'], '', headers);
-  }
+  };
 }
 
 export async function followRedirect(redirectResponse: BasicResponse) {
-  return followRedirectTag()(redirectResponse)
+  return followRedirectTag()(redirectResponse);
 }
 
 export function checkBulkResponse(

gravitee-am-test/api/commands/utils/retry.ts

@@ -13,8 +13,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import {waitFor} from '@management-commands/domain-management-commands';
-import {timeout} from '@utils-commands/misc';
+import { waitFor } from '@management-commands/domain-management-commands';
+import { timeout } from '@utils-commands/misc';
 
 export async function withRetry(operation, retries = 50, delay = 100) {
   let success = false;
@@ -33,7 +33,6 @@ export async function withRetry(operation, retries = 50, delay = 100) {
   }
 }
 
-
 export type RetryOptions<T> = {
   /**
    * Maximum time, in ms, to wait for the condition to pass. Use 0 or a negative value for no timeout
@@ -81,7 +80,7 @@ export async function retryUntil<T>(f: () => Promise<T>, cond: (t: T) => boolean
         resolve(result);
         break;
       } else if (timeoutMillis <= 0 && attempts > maxAttempts) {
-        reject(result)
+        reject(result);
         break;
       } else {
         onRetry(result);

gravitee-am-test/api/config/dev.setup.js

@@ -23,7 +23,7 @@ process.env.AM_DEF_ENV_ID = 'DEFAULT';
 process.env.AM_ADMIN_USERNAME = 'admin';
 process.env.AM_ADMIN_PASSWORD = 'adminadmin';
 process.env.FAKE_SMTP = 'http://localhost:5080';
-process.env.AM_GATEWAY_SYNC_GRACE_PERIOD = '5000'
+process.env.AM_GATEWAY_SYNC_GRACE_PERIOD = '5000';
 // here is some Settings that allow Jest Tests execution on Relational DB
 //process.env.GRAVITEE_REPOSITORIES_MANAGEMENT_TYPE="jdbc";
 //process.env.GRAVITEE_REPOSITORIES_OAUTH2_JDBC_DATABASE= "postgres";

gravitee-am-test/api/fixtures/oidc.ts

@@ -13,26 +13,6 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-export const domainOidcCibaConfig = (notifierId) => {
-  return {
-    oidc: {
-      clientRegistrationSettings: {
-        allowLocalhostRedirectUri: true,
-        allowHttpSchemeRedirectUri: true,
-        allowWildCardRedirectUri: true,
-        isDynamicClientRegistrationEnabled: true,
-        isOpenDynamicClientRegistrationEnabled: true,
-      },
-      cibaSettings: {
-        authReqExpiry: 600,
-        tokenReqInterval: 1,
-        bindingMessageLength: 256,
-        deviceNotifiers: [{ id: notifierId }],
-        enabled: true,
-      },
-    },
-  };
-};
 
 export const privateJwk = {
   p: '-JXCCIZsXZ5aNZNtwxMRO67QSycjCxuw6VFKUQL8Iavrnk08K7HWVmncqusAdJV9NZUlqzW8eVxjrbGoTn0WIX-sqwlf3-JJS6KY4vHXh_wxLfmyoKXDDbS3xCa0OOwSA1I9VcFHW73ETTCGjVlOdrtwoMLKhGiZLJJxkhGKiVM',
@@ -48,13 +28,15 @@ export const privateJwk = {
   n: 'uo-DsCNGkKqJ9jDgzmS3-GCFvezuvb0b0Qux58Y_DzbIPM_6xg9J9J1weCSiWg4GxXcBtbrd6bsc1dyj9yKRpJ3I_t68BCeGvhaQ-LYcfyQ36ckw-ibG3wYHECFoOd5sxSvDnswCy1er5vgMCOf-wzHjfZJAkQudq7gl0-45D_T_syRqbTOZ_GZiNF1mJD0493VGvkLFwsKrLbPUpZeOev74X2rMS8RnLsvglzoS3ycvFKwKk9EcK6wxV6a59h-vCUQy28BJIJYd9W5SNT6M655ZikpacbIsIcaTO0L3FO4UxWGaL7Z6Y5EboO7B8Ev4amrCGzY7WH3Jyc0vY9rEHQ',
 };
 
-export const publicJwk = {
-  kty: 'RSA',
-  e: 'AQAB',
-  use: 'sig',
-  kid: '123',
-  n: 'uo-DsCNGkKqJ9jDgzmS3-GCFvezuvb0b0Qux58Y_DzbIPM_6xg9J9J1weCSiWg4GxXcBtbrd6bsc1dyj9yKRpJ3I_t68BCeGvhaQ-LYcfyQ36ckw-ibG3wYHECFoOd5sxSvDnswCy1er5vgMCOf-wzHjfZJAkQudq7gl0-45D_T_syRqbTOZ_GZiNF1mJD0493VGvkLFwsKrLbPUpZeOev74X2rMS8RnLsvglzoS3ycvFKwKk9EcK6wxV6a59h-vCUQy28BJIJYd9W5SNT6M655ZikpacbIsIcaTO0L3FO4UxWGaL7Z6Y5EboO7B8Ev4amrCGzY7WH3Jyc0vY9rEHQ',
-};
+export const publicJwk = [
+  {
+    kty: 'RSA',
+    e: 'AQAB',
+    use: 'sig',
+    kid: '123',
+    n: 'uo-DsCNGkKqJ9jDgzmS3-GCFvezuvb0b0Qux58Y_DzbIPM_6xg9J9J1weCSiWg4GxXcBtbrd6bsc1dyj9yKRpJ3I_t68BCeGvhaQ-LYcfyQ36ckw-ibG3wYHECFoOd5sxSvDnswCy1er5vgMCOf-wzHjfZJAkQudq7gl0-45D_T_syRqbTOZ_GZiNF1mJD0493VGvkLFwsKrLbPUpZeOev74X2rMS8RnLsvglzoS3ycvFKwKk9EcK6wxV6a59h-vCUQy28BJIJYd9W5SNT6M655ZikpacbIsIcaTO0L3FO4UxWGaL7Z6Y5EboO7B8Ev4amrCGzY7WH3Jyc0vY9rEHQ',
+  },
+];
 
 export const oidcApplication = {
   redirect_uris: ['https://callback'],