Closed jnweiger closed 1 year ago
This aims to be a client-agnostic testplan for the OAuth2 application, centered in the actions available in the webUI and/or occ commands and their impact on ownCloud's core behavior. To test the application from a client standpoint see:
occ
occ app:enable oauth2
WWW-Authenticate: Bearer...
occ app:disable oauth2
client_id
client_secret
user
occ app:enable web
client_id="$(tr -dc 'a-z0-9' < /dev/urandom \| head -c 32)"
client_secret="$(tr -dc 'a-z0-9' < /dev/urandom \| head -c 32)"
web_baseurl="https://$oc10_fqdn/index.php/apps/web"
occ config:system:set web.baseUrl --value $web_baseurl
occ oauth:add-client "ownCloud Web" $client_id $client_secret $web_baseurl/oidc-callback.html
occ oauth:add-client 'ownCloud Web' XXXX YYY https://oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.wo/index.php/apps/web/oidc-callback.html false
.works
occ oauth:add-client 'ownCloud Web' XXXX YYY https://jw-qa.owncloud.works/index.php/apps/web/oidc-callback.html false
oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.works
occ oauth:add-client 'ownCloud Web' XXXX YYY https://oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.wo/index.php/apps/web/oidc-callback.html true
occ oauth:add-client 'ownCloud Web' XXXX YYY https://jw-qa.owncloud.works/index.php/apps/web/oidc-callback.html true
tested with both 0.5.4-rc.1 and 0.6.1.rc.1
QA passed, ready to release.
Setup
Setup details (click to expand)
References: * https://github.com/owncloud/oauth2/wiki/OAuth-code-Flow-Sequence-Diagram * oc10.sh oauth2=0.6.1-rc.1 - https://oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.works * oc10.sh oauth2=0.5.4-rc.1 - https://oc10130-oauth2-054rc1-20230831.jw-qa.owncloud.worksOAuth2 app Test Plan
This aims to be a client-agnostic testplan for the OAuth2 application, centered in the actions available in the webUI and/or
occ
commands and their impact on ownCloud's core behavior. To test the application from a client standpoint see:Testing functionality
occ app:enable oauth2
- Replies from the WebDAV endpoint includes a new
WWW-Authenticate: Bearer...
headerocc app:disable oauth2
- Previously mentioned header goes away in further requests
client_id
andclient_secret
are generated together with a (required) Client Name and a (required) Redirection URL- All client sessions opened from those clients get removed
user
parameter in: https://github.com/owncloud/oauth2/pull/67occ app:enable web
client_id="$(tr -dc 'a-z0-9' < /dev/urandom \| head -c 32)"
client_secret="$(tr -dc 'a-z0-9' < /dev/urandom \| head -c 32)"
web_baseurl="https://$oc10_fqdn/index.php/apps/web"
occ config:system:set web.baseUrl --value $web_baseurl
occ oauth:add-client "ownCloud Web" $client_id $client_secret $web_baseurl/oidc-callback.html
Changelog testing
occ oauth:add-client 'ownCloud Web' XXXX YYY https://oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.wo/index.php/apps/web/oidc-callback.html false
.works
occ oauth:add-client 'ownCloud Web' XXXX YYY https://jw-qa.owncloud.works/index.php/apps/web/oidc-callback.html false
oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.works
occ oauth:add-client 'ownCloud Web' XXXX YYY https://oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.wo/index.php/apps/web/oidc-callback.html true
.works
occ oauth:add-client 'ownCloud Web' XXXX YYY https://jw-qa.owncloud.works/index.php/apps/web/oidc-callback.html true
oc10130-oauth2-061rc1-20230831.jw-qa.owncloud.works