baron-sso/adminfront/tests/auth.spec.ts

import { test, expect } from '@playwright/test';

test.describe('Authentication', () => {
  test.beforeEach(async ({ page }) => {
    // Mock OIDC configuration
    await page.route('**/oidc/.well-known/openid-configuration', async route => {
      await route.fulfill({
        json: {
          issuer: "http://localhost:5000/oidc",
          authorization_endpoint: "http://localhost:5000/oidc/auth",
          token_endpoint: "http://localhost:5000/oidc/token",
          jwks_uri: "http://localhost:5000/oidc/jwks",
          response_types_supported: ["code"],
          subject_types_supported: ["public"],
          id_token_signing_alg_values_supported: ["RS256"]
        }
      });
    });
  });

  test('should redirect unauthorized users to login page', async ({ page }) => {
    await page.goto('/');
    // Should be redirected to /login
    await expect(page).toHaveURL(/\/login/);
    await expect(page.locator('h1')).toContainText('Baron SSO');
  });

  test('should allow access to dashboard when authenticated', async ({ page }) => {
    await page.addInitScript(() => {
      const authority = "http://localhost:5000/oidc";
      const client_id = "adminfront";
      const key = `oidc.user:${authority}:${client_id}`;
      const authData = {
        access_token: 'fake-token',
        token_type: 'Bearer',
        profile: { 
          sub: 'admin-user', 
          name: 'Admin User',
          email: 'admin@example.com'
        },
        expires_at: Math.floor(Date.now() / 1000) + 3600,
      };
      window.localStorage.setItem(key, JSON.stringify(authData));
    });

    await page.goto('/');
    
    // Wait for the auth loading to finish
    await expect(page.locator('.animate-spin')).not.toBeVisible();
    
    // Should be on the dashboard/overview
    await expect(page.locator('aside')).toBeVisible();
    await expect(page.locator('h1')).toContainText('Admin Control');
  });

  test('should logout and redirect to login page', async ({ page }) => {
    // Start authenticated
    await page.addInitScript(() => {
      const authority = "http://localhost:5000/oidc";
      const client_id = "adminfront";
      const key = `oidc.user:${authority}:${client_id}`;
      const authData = {
        access_token: 'fake-token',
        token_type: 'Bearer',
        profile: { sub: 'admin-user', name: 'Admin' },
        expires_at: Math.floor(Date.now() / 1000) + 3600,
      };
      window.localStorage.setItem(key, JSON.stringify(authData));
    });

    await page.goto('/');
    await expect(page.locator('aside')).toBeVisible();

    // Mock window.confirm
    page.on('dialog', dialog => dialog.accept());
    
    // Click logout button (label: ui.admin.nav.logout)
    await page.click('button:has-text("Logout"), button:has-text("로그아웃")');

    await expect(page).toHaveURL(/\/login/);
  });
});