kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity
Files
33249eb229c254d81c7f4399d578127232cc12fc
baron-sso/orgfront/tests/orgfront-auto-login.spec.ts

80 lines
2.4 KiB
TypeScript
Raw Blame History

import { expect, type Page, test } from "@playwright/test";
async function stubOidcAuthorization(page: Page) {
let authorizationURL = "";
await page.route(
"http://localhost:5000/oidc/.well-known/openid-configuration",
async (route) => {
await route.fulfill({
json: {
issuer: "http://localhost:5000/oidc",
authorization_endpoint: "http://localhost:5000/oidc/oauth2/auth",
token_endpoint: "http://localhost:5000/oidc/oauth2/token",
jwks_uri: "http://localhost:5000/oidc/.well-known/jwks.json",
userinfo_endpoint: "http://localhost:5000/oidc/userinfo",
},
headers: { "Access-Control-Allow-Origin": "*" },
});
},
);
await page.route(
"http://localhost:5000/oidc/oauth2/auth**",
async (route) => {
authorizationURL = route.request().url();
await route.fulfill({
contentType: "text/html",
body: "<!doctype html><title>Authorization captured</title>",
});
},
);
return {
authorizationURL: () => authorizationURL,
};
}
test("orgfront login waits for explicit auto parameter", async ({ page }) => {
const oidc = await stubOidcAuthorization(page);
await page.goto("/login");
await page.waitForTimeout(500);
expect(oidc.authorizationURL()).toBe("");
});
test("orgfront login auto parameter starts OIDC authorization", async ({
page,
baseURL,
}) => {
const oidc = await stubOidcAuthorization(page);
await page.goto("/login?auto=1&returnTo=%2Fpicker");
await expect.poll(oidc.authorizationURL).toContain("/oauth2/auth");
const parsed = new URL(oidc.authorizationURL());
expect(parsed.searchParams.get("client_id")).toBe("orgfront");
const redirectUri = new URL(parsed.searchParams.get("redirect_uri") ?? "");
const appUrl = new URL(baseURL ?? page.url());
expect(["localhost", "127.0.0.1"]).toContain(redirectUri.hostname);
expect(redirectUri.port).toBe(appUrl.port);
expect(redirectUri.pathname).toBe("/auth/callback");
expect(parsed.searchParams.get("response_type")).toBe("code");
expect((parsed.searchParams.get("scope") ?? "").split(/\s+/)).toEqual(
expect.arrayContaining(["openid", "offline_access", "profile", "email"]),
);
});
test("orgfront login can opt out of default OIDC authorization", async ({
page,
}) => {
const oidc = await stubOidcAuthorization(page);
await page.goto("/login?auto=0");
await page.waitForTimeout(500);
expect(oidc.authorizationURL()).toBe("");
});
View Git Blame Copy Permalink