diff --git a/playwright/e2e/oidc/index.ts b/playwright/e2e/oidc/index.ts index 0ed405df14..bc83f8fb63 100644 --- a/playwright/e2e/oidc/index.ts +++ b/playwright/e2e/oidc/index.ts @@ -12,156 +12,6 @@ import { Page } from "@playwright/test"; import { test as base, expect } from "../../element-web-test"; export const test = base.extend<{}>({ - synapseConfigOptions: async ({ mas }, use) => { - await use({ - enable_registration: undefined, - enable_registration_without_verification: undefined, - disable_msisdn_registration: undefined, - experimental_features: { - msc3861: { - enabled: true, - issuer: "http://mas:8080/", - issuer_metadata: { - "issuer": `http://localhost:${mas.getMappedPort(8080)}/`, - "authorization_endpoint": "http://mas:8080/authorize", - "token_endpoint": "http://mas:8080/oauth2/token", - "jwks_uri": "http://mas:8080/oauth2/keys.json", - "registration_endpoint": "http://mas:8080/oauth2/registration", - "scopes_supported": ["openid", "email"], - "response_types_supported": ["code", "id_token", "code id_token"], - "response_modes_supported": ["form_post", "query", "fragment"], - "grant_types_supported": [ - "authorization_code", - "refresh_token", - "client_credentials", - "urn:ietf:params:oauth:grant-type:device_code", - ], - "token_endpoint_auth_methods_supported": [ - "client_secret_basic", - "client_secret_post", - "client_secret_jwt", - "private_key_jwt", - "none", - ], - "token_endpoint_auth_signing_alg_values_supported": [ - "HS256", - "HS384", - "HS512", - "RS256", - "RS384", - "RS512", - "PS256", - "PS384", - "PS512", - "ES256", - "ES384", - "ES256K", - ], - "revocation_endpoint": "http://mas:8080/oauth2/revoke", - "revocation_endpoint_auth_methods_supported": [ - "client_secret_basic", - "client_secret_post", - "client_secret_jwt", - "private_key_jwt", - "none", - ], - "revocation_endpoint_auth_signing_alg_values_supported": [ - "HS256", - "HS384", - "HS512", - "RS256", - "RS384", - "RS512", - "PS256", - "PS384", - "PS512", - "ES256", - "ES384", - "ES256K", - ], - "introspection_endpoint": "http://mas:8080/oauth2/introspect", - "introspection_endpoint_auth_methods_supported": [ - "client_secret_basic", - "client_secret_post", - "client_secret_jwt", - "private_key_jwt", - "none", - ], - "introspection_endpoint_auth_signing_alg_values_supported": [ - "HS256", - "HS384", - "HS512", - "RS256", - "RS384", - "RS512", - "PS256", - "PS384", - "PS512", - "ES256", - "ES384", - "ES256K", - ], - "code_challenge_methods_supported": ["plain", "S256"], - "userinfo_endpoint": "http://mas:8080/oauth2/userinfo", - "subject_types_supported": ["public"], - "id_token_signing_alg_values_supported": [ - "RS256", - "RS384", - "RS512", - "ES256", - "ES384", - "PS256", - "PS384", - "PS512", - "ES256K", - ], - "userinfo_signing_alg_values_supported": [ - "RS256", - "RS384", - "RS512", - "ES256", - "ES384", - "PS256", - "PS384", - "PS512", - "ES256K", - ], - "display_values_supported": ["page"], - "claim_types_supported": ["normal"], - "claims_supported": [ - "iss", - "sub", - "aud", - "iat", - "exp", - "nonce", - "auth_time", - "at_hash", - "c_hash", - ], - "claims_parameter_supported": false, - "request_parameter_supported": false, - "request_uri_parameter_supported": false, - "prompt_values_supported": ["none", "login", "create"], - "device_authorization_endpoint": "http://mas:8080/oauth2/device", - "org.matrix.matrix-authentication-service.graphql_endpoint": "http://mas:8080/graphql", - "account_management_uri": "http://mas:8080/account/", - "account_management_actions_supported": [ - "org.matrix.profile", - "org.matrix.sessions_list", - "org.matrix.session_view", - "org.matrix.session_end", - ], - }, - client_id: "0000000000000000000SYNAPSE", - client_auth_method: "client_secret_basic", - client_secret: "SomeRandomSecret", - admin_token: "AnotherRandomSecret", - account_management_url: `http://localhost:${mas.getMappedPort(8080)}/account`, - }, - }, - }); - }, config: async ({ homeserver, mas, context }, use) => { const issuer = `http://localhost:${mas.getMappedPort(8080)}/`; const wellKnown = { diff --git a/playwright/e2e/sliding-sync/sliding-sync.spec.ts b/playwright/e2e/sliding-sync/sliding-sync.spec.ts index 08fed9b3bf..f0b717b972 100644 --- a/playwright/e2e/sliding-sync/sliding-sync.spec.ts +++ b/playwright/e2e/sliding-sync/sliding-sync.spec.ts @@ -7,7 +7,7 @@ Please see LICENSE files in the repository root for full details. */ import { Page, Request } from "@playwright/test"; -import { GenericContainer, StartedTestContainer } from "testcontainers"; +import { GenericContainer, StartedTestContainer, Wait } from "testcontainers"; import { test as base, expect } from "../../element-web-test"; import type { ElementAppPage } from "../../pages/ElementAppPage"; @@ -23,9 +23,10 @@ const test = base.extend<{ .withNetwork(network) .withExposedPorts(8008) .withLogConsumer(logger.getConsumer("sliding-sync-proxy")) + .withWaitStrategy(Wait.forHttp("/client/server.json", 8008)) .withEnvironment({ SYNCV3_SECRET: "bwahahaha", - SYNCV3_DB: `user=postgres dbname=postgres password=${postgres.getPassword()} host=postgres sslmode=disable`, + SYNCV3_DB: `user=${postgres.getUsername()} dbname=postgres password=${postgres.getPassword()} host=postgres sslmode=disable`, SYNCV3_SERVER: `http://homeserver:8008`, }) .start(); diff --git a/playwright/services.ts b/playwright/services.ts index b1ab5c6a98..e9b735c3ab 100644 --- a/playwright/services.ts +++ b/playwright/services.ts @@ -99,26 +99,178 @@ export const test = base.extend({ await use(container); await container.stop(); }, - mas: async ({ logger, network }, use) => { - const container = await new MatrixAuthenticationServiceContainer() + mas: async ({ _homeserver: homeserver, logger, network, postgres, mailhog }, use) => { + const config = { + clients: [ + { + client_id: "0000000000000000000SYNAPSE", + client_auth_method: "client_secret_basic", + client_secret: "SomeRandomSecret", + }, + ], + matrix: { + homeserver: "localhost", + secret: "AnotherRandomSecret", + endpoint: "http://synapse:8008", + }, + }; + + const container = await new MatrixAuthenticationServiceContainer(postgres) .withNetwork(network) .withNetworkAliases("mas") .withLogConsumer(logger.getConsumer("mas")) - .withConfig({ - clients: [ - { - client_id: "0000000000000000000SYNAPSE", - client_auth_method: "client_secret_basic", - client_secret: "SomeRandomSecret", - }, - ], - matrix: { - homeserver: "localhost", - secret: "AnotherRandomSecret", - endpoint: "http://synapse:8008", - }, - }) + .withConfig(config) .start(); + + homeserver.withConfig({ + enable_registration: undefined, + enable_registration_without_verification: undefined, + disable_msisdn_registration: undefined, + experimental_features: { + msc3861: { + enabled: true, + issuer: "http://mas:8080/", + issuer_metadata: { + "issuer": `http://${container.getHost()}:${container.getMappedPort(8080)}/`, + "authorization_endpoint": "http://mas:8080/authorize", + "token_endpoint": "http://mas:8080/oauth2/token", + "jwks_uri": "http://mas:8080/oauth2/keys.json", + "registration_endpoint": "http://mas:8080/oauth2/registration", + "scopes_supported": ["openid", "email"], + "response_types_supported": ["code", "id_token", "code id_token"], + "response_modes_supported": ["form_post", "query", "fragment"], + "grant_types_supported": [ + "authorization_code", + "refresh_token", + "client_credentials", + "urn:ietf:params:oauth:grant-type:device_code", + ], + "token_endpoint_auth_methods_supported": [ + "client_secret_basic", + "client_secret_post", + "client_secret_jwt", + "private_key_jwt", + "none", + ], + "token_endpoint_auth_signing_alg_values_supported": [ + "HS256", + "HS384", + "HS512", + "RS256", + "RS384", + "RS512", + "PS256", + "PS384", + "PS512", + "ES256", + "ES384", + "ES256K", + ], + "revocation_endpoint": "http://mas:8080/oauth2/revoke", + "revocation_endpoint_auth_methods_supported": [ + "client_secret_basic", + "client_secret_post", + "client_secret_jwt", + "private_key_jwt", + "none", + ], + "revocation_endpoint_auth_signing_alg_values_supported": [ + "HS256", + "HS384", + "HS512", + "RS256", + "RS384", + "RS512", + "PS256", + "PS384", + "PS512", + "ES256", + "ES384", + "ES256K", + ], + "introspection_endpoint": "http://mas:8080/oauth2/introspect", + "introspection_endpoint_auth_methods_supported": [ + "client_secret_basic", + "client_secret_post", + "client_secret_jwt", + "private_key_jwt", + "none", + ], + "introspection_endpoint_auth_signing_alg_values_supported": [ + "HS256", + "HS384", + "HS512", + "RS256", + "RS384", + "RS512", + "PS256", + "PS384", + "PS512", + "ES256", + "ES384", + "ES256K", + ], + "code_challenge_methods_supported": ["plain", "S256"], + "userinfo_endpoint": "http://mas:8080/oauth2/userinfo", + "subject_types_supported": ["public"], + "id_token_signing_alg_values_supported": [ + "RS256", + "RS384", + "RS512", + "ES256", + "ES384", + "PS256", + "PS384", + "PS512", + "ES256K", + ], + "userinfo_signing_alg_values_supported": [ + "RS256", + "RS384", + "RS512", + "ES256", + "ES384", + "PS256", + "PS384", + "PS512", + "ES256K", + ], + "display_values_supported": ["page"], + "claim_types_supported": ["normal"], + "claims_supported": [ + "iss", + "sub", + "aud", + "iat", + "exp", + "nonce", + "auth_time", + "at_hash", + "c_hash", + ], + "claims_parameter_supported": false, + "request_parameter_supported": false, + "request_uri_parameter_supported": false, + "prompt_values_supported": ["none", "login", "create"], + "device_authorization_endpoint": "http://mas:8080/oauth2/device", + "org.matrix.matrix-authentication-service.graphql_endpoint": "http://mas:8080/graphql", + "account_management_uri": "http://mas:8080/account/", + "account_management_actions_supported": [ + "org.matrix.profile", + "org.matrix.sessions_list", + "org.matrix.session_view", + "org.matrix.session_end", + ], + }, + client_id: config.clients[0].client_id, + client_auth_method: config.clients[0].client_auth_method, + client_secret: config.clients[0].client_secret, + admin_token: config.matrix.secret, + account_management_url: `http://${container.getHost()}:${container.getMappedPort(8080)}/account`, + }, + }, + }); + await use(container); await container.stop(); }, diff --git a/playwright/testcontainers/mas.ts b/playwright/testcontainers/mas.ts index f2cdef6794..833167b141 100644 --- a/playwright/testcontainers/mas.ts +++ b/playwright/testcontainers/mas.ts @@ -6,6 +6,7 @@ Please see LICENSE files in the repository root for full details. */ import { GenericContainer, StartedTestContainer, Wait } from "testcontainers"; +import { StartedPostgreSqlContainer } from "@testcontainers/postgresql"; import * as YAML from "yaml"; import { getFreePort } from "../plugins/utils/port.ts"; @@ -54,8 +55,7 @@ const DEFAULT_CONFIG = { ], binds: [ { - host: "localhost", - port: 8081, + address: "[::]:8081", }, ], proxy_protocol: false, @@ -167,12 +167,16 @@ const DEFAULT_CONFIG = { export class MatrixAuthenticationServiceContainer extends GenericContainer { private config: typeof DEFAULT_CONFIG; - constructor() { + constructor(db: StartedPostgreSqlContainer) { super("ghcr.io/matrix-org/matrix-authentication-service:0.8.0"); this.config = deepCopy(DEFAULT_CONFIG); + this.config.database.username = db.getUsername(); + this.config.database.password = db.getPassword(); - this.withWaitStrategy(Wait.forHttp("/health", 8081)).withCommand(["server", "--config", "/config/config.yaml"]); + this.withExposedPorts(8080, 8081) + .withWaitStrategy(Wait.forHttp("/health", 8081)) + .withCommand(["server", "--config", "/config/config.yaml"]); } public withConfig(config: object): this {