nexgen_mirrors
015c622016
Add 162 integration tests covering authentication flows, TOTP MFA, SSH key/certificate management, organization workflows, multi-org access, self-service features, admin operations, authorization, security edge cases, department/principal management, CA management, policy compliance, WebAuthn passkeys, and ZeroTier network access. Includes: - Reusable API client library with session management - Test fixtures for users, organizations, memberships, and CAs - Helper functions for SSH key generation and verification - Documentation for running and writing tests Also update test configuration to disable conflicting maas plugins and configure WebAuthn/session settings for localhost testing.
24 lines
1.1 KiB
Plaintext
24 lines
1.1 KiB
Plaintext
# SSH Certificate Signing Tests
|
|
|
|
This file contains the new test class `TestCertificateSigning` that should be appended to the end of `test_ssh_workflows.py`.
|
|
|
|
## Test Class: TestCertificateSigning
|
|
|
|
The class includes the following tests:
|
|
|
|
1. `test_sign_certificate_default_principals_positive` (SSH-CERT-01)
|
|
2. `test_sign_certificate_custom_principals_positive` (SSH-CERT-02)
|
|
3. `test_sign_certificate_unverified_key_negative` (SSH-CERT-04)
|
|
4. `test_sign_certificate_no_principals_negative` (SSH-CERT-05)
|
|
5. `test_sign_certificate_unauthorized_principals_negative` (SSH-CERT-06)
|
|
6. `test_sign_certificate_suspended_account_negative` (SSH-CERT-07)
|
|
7. `test_sign_certificate_no_ca_negative` (SSH-CERT-08)
|
|
8. `test_sign_certificate_cross_user_key_negative` (SSH-CERT-09)
|
|
|
|
## Implementation Details
|
|
|
|
The tests require:
|
|
- A setup helper function `_setup_cert_env` that creates a user with verified key, org membership, principal assignment, and CA
|
|
- Use of `tempfile`, `subprocess`, `os`, and `base64` for key generation and signing
|
|
- Proper error assertions using `assert_error` helper
|
|
- Direct database manipulation to suspend users for the suspended account test |