Merge pull request #397 from pehala/fix_dinosaur

Fix failing dinosaur test on Keycloak 24
Kuadrant · May 27, 2024 · 288e85a · 288e85a
2 parents cfd830b + a486588
commit 288e85a
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 19 deletions.
diff --git a/Makefile b/Makefile
@@ -49,7 +49,7 @@ authorino: poetry-no-dev
 
 authorino-standalone: ## Run only test capable of running with standalone Authorino
 authorino-standalone: poetry-no-dev
-	$(PYTEST) -n4 -m 'authorino and not kuadrant_only' --runxfail --dist loadfile --enforce --standalone $(flags) testsuite/tests/kuadrant/authorino
+	$(PYTEST) -n4 -m 'authorino and not kuadrant_only' --dist loadfile --enforce --standalone $(flags) testsuite/tests/kuadrant/authorino
 
 limitador: ## Run only Limitador related tests
 limitador: poetry-no-dev

diff --git a/testsuite/tests/kuadrant/authorino/dinosaur/conftest.py b/testsuite/tests/kuadrant/authorino/dinosaur/conftest.py
@@ -3,6 +3,7 @@
 """
 
 import pytest
+from openshift_client import OpenShiftPythonException
 
 from testsuite.httpx.auth import HttpxOidcClientAuth
 from testsuite.oidc.keycloak import Keycloak
@@ -28,6 +29,22 @@ def admin_rhsso(blame, keycloak):
     return info
 
 
+@pytest.fixture(scope="module", autouse=True)
+def commit(request, authorization):
+    """
+    xFails tests if the commit fails with Too many branches exception
+    https://github.com/Kuadrant/kuadrant-operator/issues/566
+    This should happen only when using Kuadrant. The test should pass on AuthConfig
+    """
+    request.addfinalizer(authorization.delete)
+    try:
+        authorization.commit()
+        authorization.wait_for_ready()
+    except OpenShiftPythonException as exc:
+        if "Too many" in exc.result.err():
+            pytest.xfail("AuthPolicy max limit")
+
+
 @pytest.fixture()
 def admin_auth(admin_rhsso):
     """Returns Keycloak authentication object for HTTPX"""
@@ -116,7 +133,7 @@ def authorization(authorization, keycloak, terms_and_conditions, cluster_info, a
         "user-sso",
         keycloak.well_known["issuer"],
         ttl=3600,
-        defaults_properties={"org_id": ValueFrom("auth.identity.middle_name")},
+        defaults_properties={"org_id": ValueFrom("auth.identity.family_name")},
     )
     authorization.identity.add_oidc(
         "admin-sso", admin_rhsso.well_known["issuer"], ttl=3600, when=[PatternRef("admin-route")]
@@ -231,30 +248,31 @@ def authorization(authorization, keycloak, terms_and_conditions, cluster_info, a
 @pytest.fixture(scope="module")
 def user_with_valid_org_id(keycloak, blame):
     """
-    Creates new user with valid middle name.
-    Middle name is mapped to org ID in auth config.
+    Creates new user with valid last name.
+    last name is mapped to org ID in auth config.
     """
-    user = keycloak.realm.create_user(blame("someuser"), blame("password"))
-    user.assign_attribute({"middleName": "123"})
+    user = keycloak.realm.create_user(blame("someuser"), blame("password"), lastName="123")
     return HttpxOidcClientAuth.from_user(keycloak.get_token, user=user)
 
 
-@pytest.fixture(scope="module", params=["321", None])
-def user_with_invalid_org_id(keycloak, blame, request):
+# https://github.com/Kuadrant/testsuite/issues/396
+# @pytest.fixture(scope="module", params=["321", None])
+@pytest.fixture(scope="module")
+def user_with_invalid_org_id(keycloak, blame):
     """
-    Creates new user with valid middle name.
-    Middle name is mapped to org ID in auth config.
+    Creates new user with valid last name.
+    last name is mapped to org ID in auth config.
     """
-    user = keycloak.realm.create_user(blame("someuser"), blame("password"))
-    user.assign_attribute({"middleName": request.param})
+    user = keycloak.realm.create_user(blame("someuser"), blame("password"), lastName="321")
     return HttpxOidcClientAuth.from_user(keycloak.get_token, user=user)
 
 
 @pytest.fixture(scope="module")
 def user_with_invalid_email(keycloak, blame):
     """Creates new user with invalid email"""
-    user = keycloak.realm.create_user(blame("someuser"), blame("password"), email="[email protected]")
-    user.assign_attribute({"middleName": "123"})
+    user = keycloak.realm.create_user(
+        blame("someuser"), blame("password"), email="[email protected]", lastName="123"
+    )
     return HttpxOidcClientAuth.from_user(keycloak.get_token, user=user)
 
 

diff --git a/testsuite/tests/kuadrant/authorino/dinosaur/test_dinosaur.py b/testsuite/tests/kuadrant/authorino/dinosaur/test_dinosaur.py
@@ -3,14 +3,9 @@
 """
 
 import pytest
-from openshift_client import OpenShiftPythonException
 
 pytestmark = [
     pytest.mark.authorino,
-    pytest.mark.xfail(
-        reason="AuthPolicy max limit",
-        raises=OpenShiftPythonException,
-    ),
     pytest.mark.issue("https://github.com/Kuadrant/kuadrant-operator/issues/566"),
 ]