Test disabling the unsolicited sso

1. The TestFeatureConfiguration missed the default setting. Causing some of the behat tests to fail (the ones running the check in the controller) 2. I added a dedicated test that tests if the flag can disable the unsolicited sso flow See: #1312
OpenConext · Aug 27, 2024 · a890b21 · a890b21
1 parent ac2e658
commit a890b21
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 0 deletions.
diff --git a/src/OpenConext/EngineBlockBundle/Configuration/TestFeatureConfiguration.php b/src/OpenConext/EngineBlockBundle/Configuration/TestFeatureConfiguration.php
@@ -46,6 +46,7 @@ public function __construct()
         $this->setFeature(new Feature('eb.feature_enable_consent', true));
         $this->setFeature(new Feature('eb.enable_sso_session_cookie', true));
         $this->setFeature(new Feature('eb.stepup.sfo.override_engine_entityid', false));
+        $this->setFeature(new Feature('eb.feature_enable_idp_initiated_flow', true));
     }
 
     public function setFeature(Feature $feature): void

diff --git a/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/UnsolicitedSingleSignOn.feature b/src/OpenConext/EngineBlockFunctionalTestingBundle/Features/UnsolicitedSingleSignOn.feature
@@ -40,3 +40,10 @@ Feature:
     When An IdP initiated Single Sign on for SP "Dummy SP" is triggered by IdP "Dummy IdP" and specifies an invalid signing key
     Then I should see "Error - unknown key id"
      And I should see "Key ID: does-not-exist"
+
+  # The feature flag: eb.feature_enable_idp_initiated_flow can disable unsolicited login
+  # EB Shows a 404 page in that case as the entire HTTP route is blocked in that case
+  Scenario: Engine disallows unsolicited login
+    Given feature "eb.feature_enable_idp_initiated_flow" is disabled
+    When An IdP initiated Single Sign on for SP "Dummy SP" is triggered by IdP "Dummy IdP"
+    Then I should see "404 - Page not found"