-
Notifications
You must be signed in to change notification settings - Fork 161
Jans Test Plan
manoj suryawanshi edited this page May 28, 2025
·
4 revisions
- Introduction
- Purpose of The Test Plan Document
-
Testing Strategy Overview
- Unit Testing
- Installation Testing
- Functional Testing
- SYSTEM / E2E testing Flows
- Performance Testing
- High Availability (HA) Testing
- Penetration Testing
- Release Quality Assurance
- Testing Tools and Environments
- Test Approach(s)
- Test Regulatory / Mandate Criteria
- Test Pass / Fail Criteria
- Test Entry / Exit Criteria
- Test Deliverables
- Test Suspension / Resumption Criteria
- The Janssen Project is an identity and access management (IAM) platform that supports standards like OAuth 2.0, OpenID Connect, FIDO2, and SCIM. This test plan defines the testing scope, approach, resources, and schedule for validating the quality of the project.
Purpose of test plan document is to provide details on how testing process
will be conducted for a given project.Its intended audience is the project manager,
project team, and testing team.
ITEMS TO BE TESTED: JANS-CLI, JANS-CLI-TUI, JANS-CONFIG-API, JANS-CASA
Janssen Project's testing framework encompasses multiple layers to ensure the reliability and security of its components:
- Mandatory for Code Submissions: All code changes must include corresponding unit tests.
- Continuous Integration: Unit tests are executed automatically with each Jenkins build.([docs.jans.io][2])
installation process and ensures that the software is installed correctly on various
systems and configurations. It is a critical aspect of the software testing process
and helps ensure that the software can be easily installed, configured, and uninstalled
without any issues on different operating systems such as EL8,Ubuntu,Suse etc using VM’s ,K8s.
| # | Item to Test | Test Description | database |
|---|---|---|---|
| 1 | RHEL8 | install/configure JANSSEN on RHEL8 | PGSQL/MYSQL |
| 2 | SUSE 15 | Install/configure JANSSEN on SUSE | PGSQL/MYSQL |
| 3 | UBUNTU(20,22,24) | Install/configure JANSSEN on UBUNTU | PGSQL/MYSQL |
| 4 | Installation Verification | Installation Verification |
3a) **jans-cli-tui**
| # | Item to Test | Test Description |
|---|---|---|
| 1 | Attribute | 1 Gets a list of attributes |
| 2 Add/update/delete/partially modify a new attribute | ||
| 2 | Default Authentication Method | 1 Gets default authentication method |
| 2 Updates default authentication method | ||
| 3 | Configuration - Properties | 1 Gets all Jans authorization server configuration properties |
| 2 Partially modifies Jans authorization server Application configuration properties | ||
| 3 Returns persistence type configured for Jans authorization server | ||
| 4 | Configuration - Fido2 | 1 Gets Jans Authorization Server Fido2 configuration properties |
| 2 Updates Fido2 configuration properties | ||
| 5 | Configuration - SMTP | 1 Returns SMTP server configuration |
| 2 Adds SMTP server configuration | ||
| 3 Updates SMTP server configuration | ||
| 4 Deletes SMTP server configuration | ||
| 5 Test SMTP server configuration | ||
| 6 | Configuration - Logging | 1 Returns Jans Authorization Server logging settings |
| 2 Updates Jans Authorization Server logging settings | ||
| 7 | Custom Scripts | 1 Gets a list of custom scripts |
| 2 Adds a new custom script | ||
| 3 Updates a custom script | ||
| 4 Deletes a custom script | ||
| 8 | OAuth - OpenID Connect - Clients | 1 Gets list of OpenID Connect clients |
| 2 Create new OpenId connect client | ||
| 3 Update OpenId Connect client | ||
| 4 Get OpenId Connect Client by Inum | ||
| 5 Delete OpenId Connect client | ||
| 6 Update modified properties of OpenId Connect client by Inum | ||
| 9 | OAuth - Scopes | 1 Gets list of Scopes |
| 3 Updates existing Scope | ||
| 5 Delete Scope | ||
| 10 | User Management | 1 Gets list of users |
| 2 Create a user | ||
| 3 Retrieves user by Id | ||
| 4 Updates an user | ||
| 5 Deletes a user | ||
| 6 Search user | ||
| 11 | service | start/stop/restart all the services and container |
3b) jans-cli testing
Test JANS-CLI with All command line options for all products
3c) jans-casa Functional Testing
| # | Item to Test | Test Description |
|---|---|---|
| 1 | Enable scripts | enable otp/fido scripts |
| 2 | enable 2FA | enable 2 scripts and enable 2FA |
| 3 | chang preferred method | change preferred method in 2FA and try to login and test |
| 4 | change passwd | change casa user passwd |
| 5 | upload plugins | upload casa plugins and test it |
| # | Flows to Test | Test Description |
|---|---|---|
| 1 | enable fido2 | enable fido2 and test using jans-tarp |
| 2 | enable otp | enable fido2 and test using jans-tarp |
| 3 | enable 2FA | enable 2FA and test in jans-casa |
| 4 | auth server client test | test device auth server flow |
| 5 | deploy agama | deploy agama flow and test it using jans-tarp |
- Optimization Focus: Critical for optimizing persistence and caching implementations.
- Testing Tools: JMeter is used to generate load for performance tests.
- Supported Configurations: Performance tests are conducted on all supported database and cache configurations using the Cloud Native distribution.
- Community Access: Test results are published for community benchmarking.([docs.jans.io][2])
- Active-Active Design: Tests are run against the Cloud Native distribution, which is designed to be active-active with no single point of failure.
- Simulated Failures: Infrastructure components are intentionally taken down to assess the system's resilience and transaction handling during crashes.([docs.jans.io][2])
- Deployment Specific: Penetration testing is highly deployment-specific.
- Responsibility: Organizations operating their own IAM platform based on Janssen are encouraged to perform their own penetration testing.([docs.jans.io][2])
-
Test Environments: Installation and sanity testing on various OS platforms (Ubuntu, Suse 15, RHEL8) and database(PGSQL, MYSQL) configurations.
-
Sanity Checks:
- Functionality of
.well-knownendpoints for OpenID, FIDO, UMA, SCIM modules. - Device authentication flow using Text User Interface (TUI).
- Password authentication flow using Jans Tarp.
- Deployment and functionality of the Agama project.([docs.jans.io][2])
- Functionality of
- Package Installation Verification: Ensures successful installation on all supported OS platforms and database configurations.
- Jenkins: Automated execution of unit and component tests.
- JMeter: Used for performance testing by generating load.
- Material for MkDocs: Employed for testing documentation changes locally.
- Jans-CLI/Jans-CLI-TUI: Command-line and Text User Interface for testing and device authentication flows.([docs.jans.io][2])
Follow instructions given on wiki page to install and configuration
of JANSSEN application on different operating system.
Install application on VM server with given hardware size.
Run above all Test scenarios manually.
Run above Test scenarios using TUI mode.
Run JANS-CLI commands on terminal
test passed without any error.
Entry: New Jenkins build passed
Exit: test case pass
Installation and configuration is Successful
TEST case PASS/FAIL report
Errors occurred during testing