@@ -113,15 +113,12 @@ var _ = g.Describe("[sig-auth][Suite:openshift/auth/external-oidc][Serial][Slow]
113113 o .Expect (apiServerArgs ["authentication-config" ].([]interface {})[0 ].(string )).To (o .Equal ("/etc/kubernetes/static-pod-resources/configmaps/auth-config/auth-config.json" ))
114114 })
115115
116- g .It ("[Skipped] should remove the OpenShift OAuth stack" , func () {
117- g .Skip ("functionality not yet implemented" )
118- /*
119- o.Eventually(func(gomega o.Gomega) {
120- _, err := oc.AdminKubeClient().AppsV1().Deployments("openshift-authentication").Get(ctx, "oauth-openshift", metav1.GetOptions{})
121- gomega.Expect(err).NotTo(o.BeNil(), "should not be able to get the integrated oauth stack")
122- gomega.Expect(apierrors.IsNotFound(err)).To(o.BeTrue(), "integrated oauth stack should not be present when OIDC authentication is configured")
123- }).WithTimeout(20 * time.Minute).WithPolling(30 * time.Second).Should(o.Succeed())
124- */
116+ g .It ("should remove the OpenShift OAuth stack" , func () {
117+ o .Eventually (func (gomega o.Gomega ) {
118+ _ , err := oc .AdminKubeClient ().AppsV1 ().Deployments ("openshift-authentication" ).Get (ctx , "oauth-openshift" , metav1.GetOptions {})
119+ gomega .Expect (err ).NotTo (o .BeNil (), "should not be able to get the integrated oauth stack" )
120+ gomega .Expect (apierrors .IsNotFound (err )).To (o .BeTrue (), "integrated oauth stack should not be present when OIDC authentication is configured" )
121+ }).WithTimeout (5 * time .Minute ).WithPolling (10 * time .Second ).Should (o .Succeed ())
125122 })
126123
127124 g .It ("should not accept tokens provided by the OAuth server" , func () {
@@ -332,32 +329,26 @@ var _ = g.Describe("[sig-auth][Suite:openshift/auth/external-oidc][Serial][Slow]
332329 })
333330 })
334331
335- g .Describe ("[Skipped] with invalid specified UID or Extra claim mappings" , func () {
332+ g .Describe ("with invalid specified UID or Extra claim mappings" , func () {
336333 g .It ("should reject admission when UID claim expression is not compilable CEL" , func () {
337- g .Skip ("functionality not yet implemented" )
338- /*
339- _, _, err := configureOIDCAuthentication(ctx, oc, func(o *configv1.OIDCProvider) {
340- o.ClaimMappings.UID = &configv1.TokenClaimOrExpressionMapping{
341- Expression: "!@&*#^",
342- }
343- })
344- o.Expect(err).To(o.HaveOccurred(), "should encounter an error configuring OIDC authentication")
345- */
334+ _ , _ , err := configureOIDCAuthentication (ctx , oc , keycloakNamespace , func (o * configv1.OIDCProvider ) {
335+ o .ClaimMappings .UID = & configv1.TokenClaimOrExpressionMapping {
336+ Expression : "!@&*#^" ,
337+ }
338+ })
339+ o .Expect (err ).To (o .HaveOccurred (), "should encounter an error configuring OIDC authentication" )
346340 })
347341
348342 g .It ("should reject admission when Extra claim expression is not compilable CEL" , func () {
349- g .Skip ("functionality not yet implemented" )
350- /*
351- _, _, err := configureOIDCAuthentication(ctx, oc, func(o *configv1.OIDCProvider) {
352- o.ClaimMappings.Extra = []configv1.ExtraMapping{
353- {
354- Key: "payload/test",
355- ValueExpression: "!@*&#^!@(*&^",
356- },
357- }
358- })
359- o.Expect(err).To(o.HaveOccurred(), "should encounter an error configuring OIDC authentication")
360- */
343+ _ , _ , err := configureOIDCAuthentication (ctx , oc , keycloakNamespace , func (o * configv1.OIDCProvider ) {
344+ o .ClaimMappings .Extra = []configv1.ExtraMapping {
345+ {
346+ Key : "payload/test" ,
347+ ValueExpression : "!@*&#^!@(*&^" ,
348+ },
349+ }
350+ })
351+ o .Expect (err ).To (o .HaveOccurred (), "should encounter an error configuring OIDC authentication" )
361352 })
362353 })
363354 })
0 commit comments