nebari-dev
Create tests for keycloak
Context
Keycloak currently doesn't have any testing.
Value and/or benefit
Keycloak needs to be updated and having tests will enable us to ensure that the newer versions of keycloak are operating as expected. See #2495
Anything else?
Here is a breakdown of what needs to be done:
CRUD for users: Make sure we can create a user, delete and patch/modify any of the user information, this also might include a list of the available users. Keycloak has something called impersonate might be interesting to see if that can be used to perform a dummy action with the user itself – not really needed since we are kind of doing this within the playwright tests already CRUD for clients: We need to be able to create clients, list available ones, and to test validity within the created clients we should use a dummy Oauth2 class(?) (might be an external dep.) to test if the client is working properly (since it requires a secret and key from kc as well as interaction with the auth and token endpoints)
CRUD for roles/permissions: Kind of tested already as part of jhub-apps tests (somewhere)
CRUD for groups: Same create, delete and test assignments (e.g if a user is given a range of groups, does it receive the expected attributes and scopes from all the set of permissions attributed to the given groups? – inspect the user token response to check if the roles exists ) EG nebari_user: contain superusers, admin, guest For example the scopes and permissions defined in here https://deploy-preview-554--nebari-docs.netlify.app/docs/how-tos/fine-grained-permissions#roles-groups-and-scopes are expected to be propagated based on being included or not in a given group
User Story: Admin creates a user, some groups, and a client for testing Test credentials for the created user, check group association Test logging in to oauth client using the user Test if scopes are present on user token
