work on testDomainVerification [wip]

wireapp · Jan 8, 2025 · 9674905 · 9674905
1 parent f521a6e
commit 9674905
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 2 deletions.
diff --git a/integration/test/API/Brig.hs b/integration/test/API/Brig.hs
@@ -893,7 +893,7 @@ postServiceWhitelist user tid update = do
 
 data DomainRegistrationConfig
   = DomainRegistrationConfigRemove
-  | DomainRegistrationConfigBackend String
+  | DomainRegistrationConfigBackend String {- domain -} String {- auth token -}
   | DomainRegistrationConfigNoRegistration
 
 instance ToJSON DomainRegistrationConfig where

diff --git a/integration/test/Test/DomainVerification.hs b/integration/test/Test/DomainVerification.hs
@@ -1,3 +1,4 @@
+-- | See also: "Test.EnterpriseLogin"
 module Test.DomainVerification where
 
 import API.Brig
@@ -9,21 +10,47 @@ testDomainVerification :: (HasCallStack) => App ()
 testDomainVerification = do
   domain <- randomDomain
 
+  domainVerificationToken OwnDomain domain Nothing >>= assertFailure
+
+  -- [backoffice] preauth
   domainRegistrationPreAuthorize OwnDomain domain >>= assertStatus 204
 
-  (_authToken, _dnsToken) <-
+  -- [customer admin] fetch tokens
+  (authToken, dnsToken) <-
     bindResponse (domainVerificationToken OwnDomain domain Nothing) $ \resp -> do
       resp.status `shouldMatchInt` 200
       authToken <- resp.json %. "auth_token"
       dnsToken <- resp.json %. "dns_verification_token"
       pure (authToken, dnsToken)
 
+  -- [customer admin] post config without auth token
+  domainVerificationBackend
+    OwnDomain
+    domain
+    Nothing
+    (DomainRegistrationConfigBackend "https://wire.example.com")
+    >>= assertStatus 401
+
+  -- [customer admin] post config with auth token, but without registering the domain
+  domainVerificationBackend
+    OwnDomain
+    domain
+    (Just authToken)
+    (DomainRegistrationConfigBackend "https://wire.example.com")
+    >>= assertStatus 401
+
+  -- [customer admin] register dns token
+  () <- undefined dnsToken
+
+  -- [customer admin] post config (happy flow)
   domainVerificationBackend
     OwnDomain
     domain
+    (Just authToken)
     (DomainRegistrationConfigBackend "https://wire.example.com")
     >>= assertStatus 200
 
+  -- [customer user] pull the redirect config based on email
   bindResponse (getDomainRegistrationFromEmail OwnDomain ("sven@" ++ domain)) \resp -> do
     resp.status `shouldMatchInt` 200
     resp.json %. "domain-redirect" `shouldMatch` "backend:https://wire.example.com"
diff --git a/integration/test/Test/EnterpriseLogin.hs b/integration/test/Test/EnterpriseLogin.hs
@@ -1,3 +1,4 @@
+-- | See also: "Test.DomainVerification"
 module Test.EnterpriseLogin where
 
 import API.BrigInternal