mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-18 04:27:02 +02:00
76e742ba32
* UI: HDS adoption replace AlertBanner part 1 (#21163) * rename test selector * replace db banner * add class * replace db role edit * db creds * generate creds * simpler class * license banner component * oidc callback plash * raft * aws * secret create or update * change to compact alert for form field * change back to inline * combine alert banners * wrap in conditional * remove references to message class * UI: HDS adoption replace AlertBanner part 2 (#21243) * token expire warning * delete css * edit form * item details distribute mfa step 2 transit verify * back to secondary * distribute * oidc lease error * sign * kv obj and repl dash * more repl * update test selector * show, creds * shamir * pki csr * pki banners * add hds library to ember engines * woops comma * fix k8 test * update message error component for last! * hold off MessageError changes until next pr * revert test selectors * update pki tests * UI: part 3 remove alert banner (#21334) * final component swap * and actual final of MessageError * update MessageError selectors * delete alert-banner and remove references * update next step alerts to highlight color * finishing touches, auth form test and client dashboard inline link * fix more selectors * fix shamir flow test * ui: part 4 final cleanup (#21365) * replace AlertPopup * add test tag * move tag * one more message error tag * delete alert popup * final css cleanup * move preformatted flash into <p> tag * ui: address comments for sidebranch (#21388) * add periods, move link to trailing * more periods and typo fix
99 lines
4.1 KiB
JavaScript
99 lines
4.1 KiB
JavaScript
/**
|
|
* Copyright (c) HashiCorp, Inc.
|
|
* SPDX-License-Identifier: MPL-2.0
|
|
*/
|
|
|
|
import { module, test } from 'qunit';
|
|
import { setupApplicationTest } from 'ember-qunit';
|
|
import { click, visit, fillIn } from '@ember/test-helpers';
|
|
import { setupMirage } from 'ember-cli-mirage/test-support';
|
|
import sinon from 'sinon';
|
|
import { Response } from 'miragejs';
|
|
import { ERROR_JWT_LOGIN } from 'vault/components/auth-jwt';
|
|
|
|
module('Acceptance | jwt auth method', function (hooks) {
|
|
setupApplicationTest(hooks);
|
|
setupMirage(hooks);
|
|
|
|
hooks.beforeEach(function () {
|
|
localStorage.clear(); // ensure that a token isn't stored otherwise visit('/vault/auth') will redirect to secrets
|
|
this.stub = sinon.stub();
|
|
this.server.post(
|
|
'/auth/:path/oidc/auth_url',
|
|
() =>
|
|
new Response(
|
|
400,
|
|
{ 'Content-Type': 'application/json' },
|
|
JSON.stringify({ errors: [ERROR_JWT_LOGIN] })
|
|
)
|
|
);
|
|
this.server.get('/auth/foo/oidc/callback', () => ({
|
|
auth: { client_token: 'root' },
|
|
}));
|
|
});
|
|
|
|
test('it works correctly with default name and no role', async function (assert) {
|
|
assert.expect(6);
|
|
this.server.post('/auth/jwt/login', (schema, req) => {
|
|
const { jwt, role } = JSON.parse(req.requestBody);
|
|
assert.ok(true, 'request made to auth/jwt/login after submit');
|
|
assert.strictEqual(jwt, 'my-test-jwt-token', 'JWT token is sent in body');
|
|
assert.strictEqual(role, undefined, 'role is not sent in body when not filled in');
|
|
req.passthrough();
|
|
});
|
|
await visit('/vault/auth');
|
|
await fillIn('[data-test-select="auth-method"]', 'jwt');
|
|
assert.dom('[data-test-role]').exists({ count: 1 }, 'Role input exists');
|
|
assert.dom('[data-test-jwt]').exists({ count: 1 }, 'JWT input exists');
|
|
await fillIn('[data-test-jwt]', 'my-test-jwt-token');
|
|
await click('[data-test-auth-submit]');
|
|
assert.dom('[data-test-message-error]').exists('Failed login');
|
|
});
|
|
|
|
test('it works correctly with default name and a role', async function (assert) {
|
|
assert.expect(7);
|
|
this.server.post('/auth/jwt/login', (schema, req) => {
|
|
const { jwt, role } = JSON.parse(req.requestBody);
|
|
assert.ok(true, 'request made to auth/jwt/login after login');
|
|
assert.strictEqual(jwt, 'my-test-jwt-token', 'JWT token is sent in body');
|
|
assert.strictEqual(role, 'some-role', 'role is sent in the body when filled in');
|
|
req.passthrough();
|
|
});
|
|
await visit('/vault/auth');
|
|
await fillIn('[data-test-select="auth-method"]', 'jwt');
|
|
assert.dom('[data-test-role]').exists({ count: 1 }, 'Role input exists');
|
|
assert.dom('[data-test-jwt]').exists({ count: 1 }, 'JWT input exists');
|
|
await fillIn('[data-test-role]', 'some-role');
|
|
await fillIn('[data-test-jwt]', 'my-test-jwt-token');
|
|
assert.dom('[data-test-jwt]').exists({ count: 1 }, 'JWT input exists');
|
|
await click('[data-test-auth-submit]');
|
|
assert.dom('[data-test-message-error]').exists('Failed login');
|
|
});
|
|
|
|
test('it works correctly with custom endpoint and a role', async function (assert) {
|
|
assert.expect(6);
|
|
this.server.get('/sys/internal/ui/mounts', () => ({
|
|
data: {
|
|
auth: {
|
|
'test-jwt/': { description: '', options: {}, type: 'jwt' },
|
|
},
|
|
},
|
|
}));
|
|
this.server.post('/auth/test-jwt/login', (schema, req) => {
|
|
const { jwt, role } = JSON.parse(req.requestBody);
|
|
assert.ok(true, 'request made to auth/custom-jwt-login after login');
|
|
assert.strictEqual(jwt, 'my-test-jwt-token', 'JWT token is sent in body');
|
|
assert.strictEqual(role, 'some-role', 'role is sent in body when filled in');
|
|
req.passthrough();
|
|
});
|
|
await visit('/vault/auth');
|
|
await click('[data-test-auth-method-link="jwt"]');
|
|
assert.dom('[data-test-role]').exists({ count: 1 }, 'Role input exists');
|
|
assert.dom('[data-test-jwt]').exists({ count: 1 }, 'JWT input exists');
|
|
await fillIn('[data-test-role]', 'some-role');
|
|
await fillIn('[data-test-jwt]', 'my-test-jwt-token');
|
|
await click('[data-test-auth-submit]');
|
|
assert.dom('[data-test-message-error]').exists('Failed login');
|
|
});
|
|
});
|