Fixup tests

CHANGELOG.md

@@ -262,3 +262,36 @@
 * Mark some themes as tentatively deprecated: BlueLagoon, Flat, Screwdriver #4807
 * Many UI improvements
 
+[1.17.0]
+* Update base image to 4.2.0
+
+[1.18.0]
+* Update FreshRSS to 1.22.0
+* [Full Changelog](https://github.com/FreshRSS/FreshRSS/releases/tag/1.22.0)
+* Rework trusted proxies
+* Improve scaling with many feeds and long processes, reduce database locks
+* Fix many bugs and regressions
+* Improve themes Origine (also with automatic dark mode), Nord, etc.
+* Several UI / UX improvements
+* New languages Hungarian, Latvian, Persian
+
+[1.19.0]
+* Implement OIDC login
+
+[1.19.1]
+* Update FreshRSS to 1.22.1
+* [Full Changelog](https://github.com/FreshRSS/FreshRSS/releases/tag/1.22.1)
+* Fix regression in extensions translations (i18n)
+* Better identification of proxied client IP
+
+[1.20.0]
+* Update FreshRSS to 1.23.0
+* [Full Changelog](https://github.com/FreshRSS/FreshRSS/releases/tag/1.23.0)
+* New Important feeds group in the main view, with corresponding new priority level for feeds #5782
+* Entries from important feeds are not marked as read during scroll, during focus, nor during Mark all as read
+* Add filter actions (auto mark as read) at category level and at global levels #5942
+* Increase SQL fields length to maximum possible #5788, #5570
+* Many bug fixes
+* Soft require Apache 2.4+ (but repair minimal compatibility with Apache 2.2)
+* Upgraded extensions require FreshRSS 1.23.0+ Extensions#181
+

CloudronManifest.json

@@ -5,13 +5,14 @@
   "description": "file://DESCRIPTION.md",
   "changelog": "file://CHANGELOG.md",
   "tagline": "RSS feed reader",
-  "version": "1.16.0-1",
-  "upstreamVersion": "1.21.0",
+  "version": "1.20.0",
+  "upstreamVersion": "1.23.0",
   "healthCheckPath": "/",
   "httpPort": 8000,
   "addons": {
     "localstorage": {},
     "mysql": {},
+    "oidc": { "loginRedirectUri": "/i/oidc/" },
     "scheduler": {
       "update_feeds": {
         "schedule": "*/1 * * * *",
@@ -28,7 +29,8 @@
     "https://screenshots.cloudron.io/org.freshrss.cloudronapp/1.png"
   ],
   "postInstallMessage": "file://POSTINSTALL.md",
-  "minBoxVersion": "7.1.0",
+  "minBoxVersion": "7.5.1",
   "forumUrl": "https://forum.cloudron.io/category/27/freshrss",
-  "documentationUrl": "https://cloudron.io/documentation/apps/freshrss/"
+  "documentationUrl": "https://cloudron.io/documentation/apps/freshrss/",
+  "optionalSso": true
 }

Dockerfile

@@ -1,15 +1,16 @@
-FROM cloudron/base:4.0.0@sha256:31b195ed0662bdb06a6e8a5ddbedb6f191ce92e8bee04c03fb02dd4e9d0286df
+FROM cloudron/base:4.2.0@sha256:46da2fffb36353ef714f97ae8e962bd2c212ca091108d768ba473078319a47f4
+
+RUN apt-get update && apt-get install --no-install-recommends -y libapache2-mod-auth-openidc && rm -rf /var/cache/apt /var/lib/apt/lists
 
 RUN mkdir -p /app/code
 WORKDIR /app/code
 
-ARG VERSION=1.21.0
-RUN curl -L https://github.com/FreshRSS/FreshRSS/archive/${VERSION}.tar.gz | tar -zxvf - --strip-components=1
-
-RUN mv data data-orig && ln -s /app/data data
+ARG VERSION=1.22.1
+RUN curl -L https://github.com/FreshRSS/FreshRSS/archive/${VERSION}.tar.gz | tar -zxvf - --strip-components=1 && \
+    mv data data-orig && ln -s /app/data data
 
 # official extensions (https://github.com/FreshRSS/Extensions/commits/master)
-RUN wget https://github.com/FreshRSS/Extensions/archive/f66efcf5feb1245607c2e3ac9ef4176b5f2801b3.tar.gz -O - | tar -xz --strip-components=1 -C /app/code/extensions && \
+RUN wget https://github.com/FreshRSS/Extensions/archive/8af0d55265ffa03de22ee62b2ae175b3cb038a3c.tar.gz -O - | tar -xz --strip-components=1 -C /app/code/extensions && \
     mv /app/code/extensions /app/code/extensions-orig && \
     ln -s /app/data/extensions /app/code/extensions
 
@@ -22,7 +23,7 @@ RUN a2disconf other-vhosts-access-log
 ADD apache/freshrss.conf /etc/apache2/sites-enabled/freshrss.conf
 RUN echo "Listen 8000" > /etc/apache2/ports.conf
 
-RUN a2enmod headers expires deflate mime dir rewrite setenvif
+RUN a2enmod headers expires deflate mime dir rewrite setenvif auth_openidc
 
 RUN rm -rf /var/lib/php && ln -s /run/php /var/lib/php
 

POSTINSTALL.md

@@ -1,7 +1,16 @@
+<sso>
+On first visit, sign in using the built-in Cloudron authentication and then make the user administrator
+by running:
+```
+php cli/reconfigure.php --default_user YOUR_USERNAME
+```
+</sso>
+
+<nosso>
 This app is pre-setup with an admin account. The initial credentials are:
   
 **Username**: admin<br/>
 **Password**: changeme<br/>
 
 Please change the admin password immediately.
-
+</nosso>

apache/freshrss.conf

@@ -1,3 +1,5 @@
+# https://github.com/FreshRSS/FreshRSS/blob/edge/Docker/FreshRSS.Apache.conf
+
 ServerName %{HTTP_HOST}
 
 <VirtualHost *:8000>
@@ -13,4 +15,41 @@ ServerName %{HTTP_HOST}
         AllowOverride All
         Require all granted
     </Directory>
+
+    <Directory /app/code/p/api>
+        Include /app/code/p/api/.htaccess
+    </Directory>
+
+    <Directory /app/code/p/i>
+        ExpiresActive Off
+
+        <IfDefine OIDC_ENABLED>
+            AuthType openid-connect
+            Require valid-user
+        </IfDefine>
+        IncludeOptional /app/code/p/i/.htaccess
+    </Directory>
+
+    <Directory /app/code/p/themes>
+        Include /app/code/p/themes/.htaccess
+    </Directory>
+
+
+    <IfDefine OIDC_ENABLED>
+        OIDCProviderMetadataURL ${CLOUDRON_OIDC_DISCOVERY_URL}
+        OIDCClientID ${CLOUDRON_OIDC_CLIENT_ID}
+        OIDCClientSecret ${CLOUDRON_OIDC_CLIENT_SECRET}
+
+        OIDCRedirectURI /i/oidc/
+
+        OIDCCryptoPassphrase ${OIDC_CRYPTO_PASSPHRASE}
+
+        OIDCRemoteUserClaim sub
+
+        OIDCScope "openid profile email"
+
+        OIDCRefreshAccessTokenBeforeExpiry 30
+        OIDCPassClaimsAs headers
+        OIDCXForwardedHeaders X-Forwarded-Proto
+    </IfDefine>
 </VirtualHost>

start.sh

@@ -13,7 +13,11 @@ if ! [ -f /app/data/.installed ]; then
       --db-user "${CLOUDRON_MYSQL_USERNAME}" --db-password "${CLOUDRON_MYSQL_PASSWORD}" \
       --db-base "${CLOUDRON_MYSQL_DATABASE}" --db-prefix "" \
       --disable_update
-    php cli/create-user.php --user admin --password changeme --language en
+
+    if [[ -z "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
+        php cli/create-user.php --user admin --password changeme --language en
+    fi
+
     touch /app/data/.installed
     echo "==> Done."
 fi
@@ -35,7 +39,15 @@ for f in $(ls /app/code/extensions-orig); do
 done
 
 echo "==> Updating config file"
-php cli/reconfigure.php --default_user admin --base_url "https://${CLOUDRON_APP_DOMAIN}" \
+if [[ -z "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
+    extra_args="--default_user admin"
+    [[ ! -f /app/data/.oauth_crypto_passphrase ]] && openssl rand -base64 42 > /app/data/.oauth_crypto_passphrase
+    export OIDC_CRYPTO_PASSPHRASE=$(</app/data/.oauth_crypto_passphrase) # used in apache config
+else
+    extra_args="--auth_type http_auth"
+fi
+
+php cli/reconfigure.php ${extra_args} --base_url "https://${CLOUDRON_APP_DOMAIN}" \
     --db-type mysql --db-host "${CLOUDRON_MYSQL_HOST}" \
     --db-user "${CLOUDRON_MYSQL_USERNAME}" --db-password "${CLOUDRON_MYSQL_PASSWORD}" \
     --db-base "${CLOUDRON_MYSQL_DATABASE}" --db-prefix "" \
@@ -47,4 +59,4 @@ chown -R www-data.www-data /run/php /app/data /tmp/log_api.txt
 echo "==> Starting apache"
 APACHE_CONFDIR="" source /etc/apache2/envvars
 rm -f "${APACHE_PID_FILE}"
-exec /usr/sbin/apache2 -DFOREGROUND
+exec /usr/sbin/apache2 -D FOREGROUND $([[ -n "$CLOUDRON_OIDC_ISSUER" ]] && echo '-D OIDC_ENABLED')

test/package-lock.json

@@ -9,17 +9,17 @@
       "version": "1.0.0",
       "license": "ISC",
       "dependencies": {
-        "chromedriver": "^110.0.0",
+        "chromedriver": "^120.0.1",
         "expect.js": "^0.3.1",
         "mocha": "^10.2.0",
-        "selenium-webdriver": "^4.8.1",
-        "superagent": "^8.0.9"
+        "selenium-webdriver": "^4.16.0",
+        "superagent": "^8.1.2"
       }
     },
     "node_modules/@testim/chrome-version": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/@testim/chrome-version/-/chrome-version-1.1.3.tgz",
-      "integrity": "sha512-g697J3WxV/Zytemz8aTuKjTGYtta9+02kva3C1xc7KXB8GdbfE1akGJIsZLyY/FSh2QrnE+fiB7vmWU3XNcb6A=="
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/@testim/chrome-version/-/chrome-version-1.1.4.tgz",
+      "integrity": "sha512-kIhULpw9TrGYnHp/8VfdcneIcxKnLixmADtukQRtJUmsVlMg0niMkwV0xZmi8hqa57xqilIHjWFA0GKvEjVU5g=="
     },
     "node_modules/@types/node": {
       "version": "15.12.2",
@@ -97,9 +97,9 @@
       "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k="
     },
     "node_modules/axios": {
-      "version": "1.3.4",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.3.4.tgz",
-      "integrity": "sha512-toYm+Bsyl6VC5wSkfkbbNB6ROv7KY93PEBBL6xyDczaIHasAiv4wPqQ/c4RjoQzipxRD2W5g21cOqQulZ7rHwQ==",
+      "version": "1.6.2",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.2.tgz",
+      "integrity": "sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A==",
       "dependencies": {
         "follow-redirects": "^1.15.0",
         "form-data": "^4.0.0",
@@ -217,24 +217,24 @@
       }
     },
     "node_modules/chromedriver": {
-      "version": "110.0.0",
-      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-110.0.0.tgz",
-      "integrity": "sha512-Le6q8xrA/3fAt+g8qiN0YjsYxINIhQMC6wj9X3W5L77uN4NspEzklDrqYNwBcEVn7PcAEJ73nLlS7mTyZRspHA==",
+      "version": "120.0.1",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-120.0.1.tgz",
+      "integrity": "sha512-ETTJlkibcAmvoKsaEoq2TFqEsJw18N0O9gOQZX6Uv/XoEiOV8p+IZdidMeIRYELWJIgCZESvlOx5d1QVnB4v0w==",
       "hasInstallScript": true,
       "dependencies": {
-        "@testim/chrome-version": "^1.1.3",
-        "axios": "^1.2.1",
-        "compare-versions": "^5.0.1",
+        "@testim/chrome-version": "^1.1.4",
+        "axios": "^1.6.0",
+        "compare-versions": "^6.1.0",
         "extract-zip": "^2.0.1",
         "https-proxy-agent": "^5.0.1",
         "proxy-from-env": "^1.1.0",
-        "tcp-port-used": "^1.0.1"
+        "tcp-port-used": "^1.0.2"
       },
       "bin": {
         "chromedriver": "bin/chromedriver"
       },
       "engines": {
-        "node": ">=14"
+        "node": ">=18"
       }
     },
     "node_modules/cliui": {
@@ -315,9 +315,9 @@
       }
     },
     "node_modules/compare-versions": {
-      "version": "5.0.1",
-      "resolved": "https://registry.npmjs.org/compare-versions/-/compare-versions-5.0.1.tgz",
-      "integrity": "sha512-v8Au3l0b+Nwkp4G142JcgJFh1/TUhdxut7wzD1Nq1dyp5oa3tXaqb03EXOAB6jS4gMlalkjAUPZBMiAfKUixHQ=="
+      "version": "6.1.0",
+      "resolved": "https://registry.npmjs.org/compare-versions/-/compare-versions-6.1.0.tgz",
+      "integrity": "sha512-LNZQXhqUvqUTotpZ00qLSaify3b4VFD588aRr8MKFw4CMUr98ytzCW5wDH5qx/DEY5kCDXcbcRuCqL0szEf2tg=="
     },
     "node_modules/component-emitter": {
       "version": "1.3.0",
@@ -489,9 +489,9 @@
       }
     },
     "node_modules/follow-redirects": {
-      "version": "1.15.2",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz",
-      "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==",
+      "version": "1.15.3",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.3.tgz",
+      "integrity": "sha512-1VzOtuEM8pC9SFU1E+8KfTjZyMztRsgEfwQl44z8A25uy13jSzTj6dyK2Df52iV0vgHCfBwLhDWevLn95w5v6Q==",
       "funding": [
         {
           "type": "individual",
@@ -1214,13 +1214,13 @@
       "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
     },
     "node_modules/selenium-webdriver": {
-      "version": "4.8.1",
-      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.8.1.tgz",
-      "integrity": "sha512-p4MtfhCQdcV6xxkS7eI0tQN6+WNReRULLCAuT4RDGkrjfObBNXMJ3WT8XdK+aXTr5nnBKuh+PxIevM0EjJgkxA==",
+      "version": "4.16.0",
+      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.16.0.tgz",
+      "integrity": "sha512-IbqpRpfGE7JDGgXHJeWuCqT/tUqnLvZ14csSwt+S8o4nJo3RtQoE9VR4jB47tP/A8ArkYsh/THuMY6kyRP6kuA==",
       "dependencies": {
-        "jszip": "^3.10.0",
+        "jszip": "^3.10.1",
         "tmp": "^0.2.1",
-        "ws": ">=8.11.0"
+        "ws": ">=8.14.2"
       },
       "engines": {
         "node": ">= 14.20.0"
@@ -1286,9 +1286,9 @@
       }
     },
     "node_modules/superagent": {
-      "version": "8.0.9",
-      "resolved": "https://registry.npmjs.org/superagent/-/superagent-8.0.9.tgz",
-      "integrity": "sha512-4C7Bh5pyHTvU33KpZgwrNKh/VQnvgtCSqPRfJAUdmrtSYePVzVg4E4OzsrbkhJj9O7SO6Bnv75K/F8XVZT8YHA==",
+      "version": "8.1.2",
+      "resolved": "https://registry.npmjs.org/superagent/-/superagent-8.1.2.tgz",
+      "integrity": "sha512-6WTxW1EB6yCxV5VFOIPQruWGHqc3yI7hEmZK6h+pyk69Lk/Ut7rLUY6W/ONF2MjBuGjvmMiIpsrVJ2vjrHlslA==",
       "dependencies": {
         "component-emitter": "^1.3.0",
         "cookiejar": "^2.1.4",
@@ -1435,9 +1435,9 @@
       "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8="
     },
     "node_modules/ws": {
-      "version": "8.12.1",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.12.1.tgz",
-      "integrity": "sha512-1qo+M9Ba+xNhPB+YTWUlK6M17brTut5EXbcBaMRN5pH5dFrXz7lzz1ChFSUq3bOUl8yEvSenhHmYUNJxFzdJew==",
+      "version": "8.14.2",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.14.2.tgz",
+      "integrity": "sha512-wEBG1ftX4jcglPxgFCMJmZ2PLtSbJ2Peg6TmpJFTbe9GZYOQCDPdMYu/Tm0/bGZkw8paZnJY45J4K2PZrLYq8g==",
       "engines": {
         "node": ">=10.0.0"
       },
@@ -1569,9 +1569,9 @@
   },
   "dependencies": {
     "@testim/chrome-version": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/@testim/chrome-version/-/chrome-version-1.1.3.tgz",
-      "integrity": "sha512-g697J3WxV/Zytemz8aTuKjTGYtta9+02kva3C1xc7KXB8GdbfE1akGJIsZLyY/FSh2QrnE+fiB7vmWU3XNcb6A=="
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/@testim/chrome-version/-/chrome-version-1.1.4.tgz",
+      "integrity": "sha512-kIhULpw9TrGYnHp/8VfdcneIcxKnLixmADtukQRtJUmsVlMg0niMkwV0xZmi8hqa57xqilIHjWFA0GKvEjVU5g=="
     },
     "@types/node": {
       "version": "15.12.2",
@@ -1634,9 +1634,9 @@
       "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k="
     },
     "axios": {
-      "version": "1.3.4",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.3.4.tgz",
-      "integrity": "sha512-toYm+Bsyl6VC5wSkfkbbNB6ROv7KY93PEBBL6xyDczaIHasAiv4wPqQ/c4RjoQzipxRD2W5g21cOqQulZ7rHwQ==",
+      "version": "1.6.2",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.2.tgz",
+      "integrity": "sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A==",
       "requires": {
         "follow-redirects": "^1.15.0",
         "form-data": "^4.0.0",
@@ -1719,17 +1719,17 @@
       }
     },
     "chromedriver": {
-      "version": "110.0.0",
-      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-110.0.0.tgz",
-      "integrity": "sha512-Le6q8xrA/3fAt+g8qiN0YjsYxINIhQMC6wj9X3W5L77uN4NspEzklDrqYNwBcEVn7PcAEJ73nLlS7mTyZRspHA==",
+      "version": "120.0.1",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-120.0.1.tgz",
+      "integrity": "sha512-ETTJlkibcAmvoKsaEoq2TFqEsJw18N0O9gOQZX6Uv/XoEiOV8p+IZdidMeIRYELWJIgCZESvlOx5d1QVnB4v0w==",
       "requires": {
-        "@testim/chrome-version": "^1.1.3",
-        "axios": "^1.2.1",
-        "compare-versions": "^5.0.1",
+        "@testim/chrome-version": "^1.1.4",
+        "axios": "^1.6.0",
+        "compare-versions": "^6.1.0",
         "extract-zip": "^2.0.1",
         "https-proxy-agent": "^5.0.1",
         "proxy-from-env": "^1.1.0",
-        "tcp-port-used": "^1.0.1"
+        "tcp-port-used": "^1.0.2"
       }
     },
     "cliui": {
@@ -1794,9 +1794,9 @@
       }
     },
     "compare-versions": {
-      "version": "5.0.1",
-      "resolved": "https://registry.npmjs.org/compare-versions/-/compare-versions-5.0.1.tgz",
-      "integrity": "sha512-v8Au3l0b+Nwkp4G142JcgJFh1/TUhdxut7wzD1Nq1dyp5oa3tXaqb03EXOAB6jS4gMlalkjAUPZBMiAfKUixHQ=="
+      "version": "6.1.0",
+      "resolved": "https://registry.npmjs.org/compare-versions/-/compare-versions-6.1.0.tgz",
+      "integrity": "sha512-LNZQXhqUvqUTotpZ00qLSaify3b4VFD588aRr8MKFw4CMUr98ytzCW5wDH5qx/DEY5kCDXcbcRuCqL0szEf2tg=="
     },
     "component-emitter": {
       "version": "1.3.0",
@@ -1925,9 +1925,9 @@
       "integrity": "sha512-b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ=="
     },
     "follow-redirects": {
-      "version": "1.15.2",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz",
-      "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA=="
+      "version": "1.15.3",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.3.tgz",
+      "integrity": "sha512-1VzOtuEM8pC9SFU1E+8KfTjZyMztRsgEfwQl44z8A25uy13jSzTj6dyK2Df52iV0vgHCfBwLhDWevLn95w5v6Q=="
     },
     "form-data": {
       "version": "4.0.0",
@@ -2434,13 +2434,13 @@
       "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
     },
     "selenium-webdriver": {
-      "version": "4.8.1",
-      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.8.1.tgz",
-      "integrity": "sha512-p4MtfhCQdcV6xxkS7eI0tQN6+WNReRULLCAuT4RDGkrjfObBNXMJ3WT8XdK+aXTr5nnBKuh+PxIevM0EjJgkxA==",
+      "version": "4.16.0",
+      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.16.0.tgz",
+      "integrity": "sha512-IbqpRpfGE7JDGgXHJeWuCqT/tUqnLvZ14csSwt+S8o4nJo3RtQoE9VR4jB47tP/A8ArkYsh/THuMY6kyRP6kuA==",
       "requires": {
-        "jszip": "^3.10.0",
+        "jszip": "^3.10.1",
         "tmp": "^0.2.1",
-        "ws": ">=8.11.0"
+        "ws": ">=8.14.2"
       }
     },
     "semver": {
@@ -2488,9 +2488,9 @@
       "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig=="
     },
     "superagent": {
-      "version": "8.0.9",
-      "resolved": "https://registry.npmjs.org/superagent/-/superagent-8.0.9.tgz",
-      "integrity": "sha512-4C7Bh5pyHTvU33KpZgwrNKh/VQnvgtCSqPRfJAUdmrtSYePVzVg4E4OzsrbkhJj9O7SO6Bnv75K/F8XVZT8YHA==",
+      "version": "8.1.2",
+      "resolved": "https://registry.npmjs.org/superagent/-/superagent-8.1.2.tgz",
+      "integrity": "sha512-6WTxW1EB6yCxV5VFOIPQruWGHqc3yI7hEmZK6h+pyk69Lk/Ut7rLUY6W/ONF2MjBuGjvmMiIpsrVJ2vjrHlslA==",
       "requires": {
         "component-emitter": "^1.3.0",
         "cookiejar": "^2.1.4",
@@ -2603,9 +2603,9 @@
       "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8="
     },
     "ws": {
-      "version": "8.12.1",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.12.1.tgz",
-      "integrity": "sha512-1qo+M9Ba+xNhPB+YTWUlK6M17brTut5EXbcBaMRN5pH5dFrXz7lzz1ChFSUq3bOUl8yEvSenhHmYUNJxFzdJew==",
+      "version": "8.14.2",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.14.2.tgz",
+      "integrity": "sha512-wEBG1ftX4jcglPxgFCMJmZ2PLtSbJ2Peg6TmpJFTbe9GZYOQCDPdMYu/Tm0/bGZkw8paZnJY45J4K2PZrLYq8g==",
       "requires": {}
     },
     "y18n": {

test/package.json

@@ -9,10 +9,10 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^110.0.0",
+    "chromedriver": "^120.0.1",
     "expect.js": "^0.3.1",
     "mocha": "^10.2.0",
-    "selenium-webdriver": "^4.8.1",
-    "superagent": "^8.0.9"
+    "selenium-webdriver": "^4.16.0",
+    "superagent": "^8.1.2"
   }
 }

test/test.js

@@ -5,29 +5,38 @@
 /* global before */
 /* global after */
 /* global it */
+/* global xit */
 
 'use strict';
 
 require('chromedriver');
 
-var execSync = require('child_process').execSync,
+const execSync = require('child_process').execSync,
     expect = require('expect.js'),
     path = require('path'),
     superagent = require('superagent'),
     { Builder, By, Key, until } = require('selenium-webdriver'),
     { Options } = require('selenium-webdriver/chrome');
 
-var username = 'admin',
-    password = 'changeme';
+const admin_username = 'admin', admin_password = 'changeme';
+
+if (!process.env.USERNAME || !process.env.PASSWORD) {
+    console.log('USERNAME and PASSWORD env vars need to be set');
+    process.exit(1);
+}
 
 describe('Application life cycle test', function () {
     this.timeout(0);
 
     const LOCATION = 'test';
-    const TEST_TIMEOUT = 10000;
+    const TEST_TIMEOUT = parseInt(process.env.TIMEOUT, 10) || 10000;
     const EXEC_ARGS = { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' };
 
-    var browser, app;
+    const USERNAME = process.env.USERNAME;
+    const PASSWORD = process.env.PASSWORD;
+
+    let browser, app;
+    let athenticated_by_oidc = false;
 
     before(function () {
         const options = new Options().windowSize({ width: 1280, height: 1024 });
@@ -56,7 +65,7 @@ describe('Application life cycle test', function () {
         await browser.wait(until.elementIsVisible(browser.findElement(elem)), TEST_TIMEOUT);
     }
 
-    async function login(password) {
+    async function login(username, password) {
         await browser.get('https://' + app.fqdn);
         await waitForElement(By.id('loginButton'));
         await browser.findElement(By.id('username')).sendKeys(username);
@@ -65,6 +74,25 @@ describe('Application life cycle test', function () {
         await waitForElement(By.id('btn-subscription'));
     }
 
+    async function loginOIDC(username, password) {
+        browser.manage().deleteAllCookies();
+        await browser.get(`https://${app.fqdn}/i/`);
+        await browser.sleep(6000);
+
+        if (!athenticated_by_oidc) {
+            await waitForElement(By.xpath('//input[@name="username"]'));
+            await browser.findElement(By.xpath('//input[@name="username"]')).sendKeys(username);
+            await browser.findElement(By.xpath('//input[@name="password"]')).sendKeys(password);
+            await browser.sleep(2000);
+            await browser.findElement(By.xpath('//button[@type="submit" and contains(text(), "Sign in")]')).click();
+            await browser.sleep(2000);
+
+            athenticated_by_oidc = true;
+        }
+
+        await waitForElement(By.id('btn-subscription'));
+    }
+
     async function logout() {
         var logout_btn = By.xpath('//li/a[@class="signout"]');
 
@@ -87,12 +115,10 @@ describe('Application life cycle test', function () {
         await waitForElement(By.xpath('//div[@id="notification" and @class="notification good"]'));
     }
 
-    async function addUser(password) {
-        var test_username = 'test';
-
+    async function addUser(username, password) {
         await browser.get(`${baseUrl()}/i/?c=user&a=manage`);
         await waitForElement(By.id('new_user_name'));
-        await browser.findElement(By.id('new_user_name')).sendKeys(test_username);
+        await browser.findElement(By.id('new_user_name')).sendKeys(username);
         await browser.findElement(By.id('new_user_passwordPlain')).sendKeys(password);
         await browser.findElement(By.xpath('//button[text()="Create"]')).click();
         await waitForElement(By.xpath('//div[@id="notification" and @class="notification good"]'));
@@ -103,6 +129,7 @@ describe('Application life cycle test', function () {
         await waitForElement(By.id('api_enabled'));
         await browser.findElement(By.id('api_enabled')).click();
         await browser.findElement(By.xpath('//button[text()="Submit"]')).click();
+        await browser.sleep(5000);
     }
 
     async function checkApiConfiguration() {
@@ -116,30 +143,42 @@ describe('Application life cycle test', function () {
         return waitForElement(By.xpath('//span[text()="Cloudron"]'));
     }
 
-    function getStaticExtensionFile(callback) {
-        superagent.get(`${baseUrl()}/ext.php?f=xExtension-StickyFeeds/static/script.js&t=js`)
+    async function getStaticExtensionFile() {
+        const response = await superagent.get(`${baseUrl()}/ext.php?f=xExtension-StickyFeeds/static/script.js&t=js`)
             .buffer(true)
-            .end(function (err, res) {
-                expect(err).to.be(null);
-                expect(res.status).to.be(200);
-                expect(res.text).to.contain('sticky_feeds'); // relies on the buffer flag above
-                callback();
-        });
+            .ok(() => true);
+        expect(response.statusCode).to.be(200);
+        expect(response.text).to.contain('sticky_feeds'); // relies on the buffer flag above
     }
 
     xit('build app', function () { execSync('cloudron build', EXEC_ARGS); });
-    it('install app', function () { execSync('cloudron install --location ' + LOCATION, EXEC_ARGS); });
+    // No SSO
+    it('install app (no sso)', function () { execSync('cloudron install --no-sso --location ' + LOCATION, EXEC_ARGS); });
 
     it('can get app information', getAppInfo);
 
-    it('can login', login.bind(null, password));
+    it('can login', login.bind(null, admin_username, admin_password));
     it('can subscribe', addSubscription);
-    it('can add users', addUser.bind(null, password));
+    it('can add users', addUser.bind(null, 'test', admin_password));
     it('can enable API', enableApi);
     it('can check configuration', checkApiConfiguration);
     it('subscription exists', subscriptionExists);
     it('can get static extension file', getStaticExtensionFile);
     it('can logout', logout);
+    it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
+
+    // SSO
+    it('install app (sso)', function () { execSync('cloudron install --location ' + LOCATION, EXEC_ARGS); });
+
+    it('can get app information', getAppInfo);
+
+    it('can login OIDC', loginOIDC.bind(null, USERNAME, PASSWORD));
+    it('can make user Administrator', function () { execSync(`cloudron exec --app ${app.id} -- bash -c "php cli/reconfigure.php --default_user ${USERNAME}"`); });
+    it('can subscribe', addSubscription);
+    it('can enable API', enableApi);
+    it('can check configuration', checkApiConfiguration);
+    it('subscription exists', subscriptionExists);
+    it('can get static extension file', getStaticExtensionFile);
 
     it('backup app', function () { execSync('cloudron backup create --app ' + app.id, EXEC_ARGS); });
 
@@ -151,11 +190,10 @@ describe('Application life cycle test', function () {
         execSync(`cloudron restore --backup ${backups[0].id} --app ${app.id}`, EXEC_ARGS);
     });
 
-    it('can login', login.bind(null, password));
+    it('can login OIDC', loginOIDC.bind(null, USERNAME, PASSWORD));
     it('can check configuration', checkApiConfiguration);
     it('subscription exists', subscriptionExists);
     it('can get static extension file', getStaticExtensionFile);
-    it('can logout', logout);
 
     it('move to different location', function () {
         browser.manage().deleteAllCookies();
@@ -165,11 +203,10 @@ describe('Application life cycle test', function () {
         expect(app).to.be.an('object');
     });
 
-    it('can login', login.bind(null, password));
+    it('can login OIDC', loginOIDC.bind(null, USERNAME, PASSWORD));
     it('can check configuration', checkApiConfiguration);
     it('subscription exists', subscriptionExists);
     it('can get static extension file', getStaticExtensionFile);
-    it('can logout', logout);
 
     it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
 
@@ -177,9 +214,10 @@ describe('Application life cycle test', function () {
     it('can install app', function () { execSync('cloudron install --appstore-id org.freshrss.cloudronapp --location ' + LOCATION, EXEC_ARGS); });
 
     it('can get app information', getAppInfo);
-    it('can login', login.bind(null, password));
+    it('can login OIDC', loginOIDC.bind(null, USERNAME, PASSWORD));
+    it('can make user Administrator', function () { execSync(`cloudron exec --app ${app.id} -- bash -c "php cli/reconfigure.php --default_user ${USERNAME}"`); });
     it('can subscribe', addSubscription);
-    it('can add users', addUser.bind(null, password));
+    it('can add users', addUser.bind(null, 'test', admin_password));
 
     it('can update', function () {
         execSync('cloudron update --app ' + app.id, EXEC_ARGS);
@@ -188,7 +226,6 @@ describe('Application life cycle test', function () {
         expect(app).to.be.an('object');
     });
 
-    it('can login', login.bind(null, password));
     it('subscription exists', subscriptionExists);
     it('can get static extension file', getStaticExtensionFile);