mirror of
https://github.com/hashicorp/vault.git
synced 2026-01-10 11:11:12 +01:00
0b12cdcfd1
* Adding explicit MPL license for sub-package. This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Adding explicit MPL license for sub-package. This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Updating the license from MPL to Business Source License. Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at https://hashi.co/bsl-blog, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl. * add missing license headers * Update copyright file headers to BUS-1.1 * Fix test that expected exact offset on hcl file --------- Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com> Co-authored-by: Sarah Thompson <sthompson@hashicorp.com> Co-authored-by: Brian Kassouf <bkassouf@hashicorp.com>
108 lines
3.9 KiB
JavaScript
108 lines
3.9 KiB
JavaScript
/**
|
|
* Copyright (c) HashiCorp, Inc.
|
|
* SPDX-License-Identifier: BUSL-1.1
|
|
*/
|
|
|
|
/* eslint qunit/no-conditional-assertions: "warn" */
|
|
import { module, test } from 'qunit';
|
|
import { setupApplicationTest } from 'ember-qunit';
|
|
import sinon from 'sinon';
|
|
import { click, currentURL, visit, waitUntil, find } from '@ember/test-helpers';
|
|
import { supportedAuthBackends } from 'vault/helpers/supported-auth-backends';
|
|
import authForm from '../pages/components/auth-form';
|
|
import jwtForm from '../pages/components/auth-jwt';
|
|
import { create } from 'ember-cli-page-object';
|
|
import apiStub from 'vault/tests/helpers/noop-all-api-requests';
|
|
|
|
const component = create(authForm);
|
|
const jwtComponent = create(jwtForm);
|
|
|
|
module('Acceptance | auth', function (hooks) {
|
|
setupApplicationTest(hooks);
|
|
|
|
hooks.beforeEach(function () {
|
|
this.clock = sinon.useFakeTimers({
|
|
now: Date.now(),
|
|
shouldAdvanceTime: true,
|
|
});
|
|
this.server = apiStub({ usePassthrough: true });
|
|
});
|
|
|
|
hooks.afterEach(function () {
|
|
this.clock.restore();
|
|
this.server.shutdown();
|
|
});
|
|
|
|
test('auth query params', async function (assert) {
|
|
const backends = supportedAuthBackends();
|
|
assert.expect(backends.length + 1);
|
|
await visit('/vault/auth');
|
|
assert.strictEqual(currentURL(), '/vault/auth?with=token');
|
|
for (const backend of backends.reverse()) {
|
|
await component.selectMethod(backend.type);
|
|
assert.strictEqual(
|
|
currentURL(),
|
|
`/vault/auth?with=${backend.type}`,
|
|
`has the correct URL for ${backend.type}`
|
|
);
|
|
}
|
|
});
|
|
|
|
test('it clears token when changing selected auth method', async function (assert) {
|
|
await visit('/vault/auth');
|
|
assert.strictEqual(currentURL(), '/vault/auth?with=token');
|
|
await component.token('token').selectMethod('github');
|
|
await component.selectMethod('token');
|
|
assert.strictEqual(component.tokenValue, '', 'it clears the token value when toggling methods');
|
|
});
|
|
|
|
test('it sends the right attributes when authenticating', async function (assert) {
|
|
assert.expect(8);
|
|
const backends = supportedAuthBackends();
|
|
await visit('/vault/auth');
|
|
for (const backend of backends.reverse()) {
|
|
await component.selectMethod(backend.type);
|
|
if (backend.type === 'github') {
|
|
await component.token('token');
|
|
}
|
|
if (backend.type === 'jwt' || backend.type === 'oidc') {
|
|
await jwtComponent.role('test');
|
|
}
|
|
await component.login();
|
|
const lastRequest = this.server.passthroughRequests[this.server.passthroughRequests.length - 1];
|
|
let body = JSON.parse(lastRequest.requestBody);
|
|
// Note: x-vault-token used to be lowercase prior to upgrade
|
|
if (backend.type === 'token') {
|
|
assert.ok(
|
|
Object.keys(lastRequest.requestHeaders).includes('X-Vault-Token'),
|
|
'token uses vault token header'
|
|
);
|
|
} else if (backend.type === 'github') {
|
|
assert.ok(Object.keys(body).includes('token'), 'GitHub includes token');
|
|
} else if (backend.type === 'jwt' || backend.type === 'oidc') {
|
|
const authReq = this.server.passthroughRequests[this.server.passthroughRequests.length - 2];
|
|
body = JSON.parse(authReq.requestBody);
|
|
assert.ok(Object.keys(body).includes('role'), `${backend.type} includes role`);
|
|
} else {
|
|
assert.ok(Object.keys(body).includes('password'), `${backend.type} includes password`);
|
|
}
|
|
}
|
|
});
|
|
|
|
test('it shows the push notification warning after submit', async function (assert) {
|
|
assert.expect(1);
|
|
|
|
this.server.get('/v1/auth/token/lookup-self', async () => {
|
|
assert.ok(
|
|
await waitUntil(() => find('[data-test-auth-message="push"]')),
|
|
'shows push notification message'
|
|
);
|
|
return [204, { 'Content-Type': 'application/json' }, JSON.stringify({})];
|
|
});
|
|
|
|
await visit('/vault/auth');
|
|
await component.selectMethod('token');
|
|
await click('[data-test-auth-submit]');
|
|
});
|
|
});
|