tusaryan opened a new pull request, #17410: URL: https://github.com/apache/dolphinscheduler/pull/17410
<!--Thanks very much for contributing to Apache DolphinScheduler, we are happy that you want to help us improve DolphinScheduler! --> ## Purpose of the pull request <!--(For example: This pull request adds checkstyle plugin).--> This pull request introduces a comprehensive API test suite for the **OIDC (OpenID Connect) authentication** feature, as part of the work for [DSIP-88](https://github.com/apache/dolphinscheduler/issues/17171). These tests ensure the reliability and correctness of the OIDC integration by validating the entire backend API flow in a realistic, containerized environment. This PR complements my previous core implementation PR (#17340) by adding the necessary end-to-end verification. Closes: #17171 (Part 2: API Tests) ## Brief change log <!--*(for example:)* - *Add maven-checkstyle-plugin to root pom.xml* --> - **Feature:** Added `OidcLoginAPITest.java`, a new test class to cover the OIDC login lifecycle. - **Feature:** Introduced a Docker-based test environment using `docker-compose.yaml` which sets up a Keycloak instance as the OIDC provider. - **Feature:** Created `OidcLoginPage.java` as a page object to encapsulate API requests for the OIDC flow, improving test readability and maintenance. - **Enhancement:** Updated `RequestClient.java` to better handle redirects and response headers required for testing the OIDC flow. - **Tests Added:** - Verification of the `/oidc-providers` endpoint. - Validation of the redirect to the OIDC provider from `/oauth2/authorization/{providerId}`. - Tests for the callback endpoint `/login/oauth2/code/{providerId}` covering scenarios like: - OIDC login failure (e.g., `access_denied`). - Missing authorization code in the callback. - Invalid `state` parameter to prevent CSRF. - A simulated successful login flow. ## Verify this pull request This change is verified by the new API test suite itself. ## Pull Request Notice [Pull Request Notice](https://github.com/apache/dolphinscheduler/blob/dev/docs/docs/en/contribute/join/pull-request.md) If your pull request contains incompatible change, you should also add it to `docs/docs/en/guide/upgrade/incompatible.md` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
