open-consul/ui/packages/consul-ui/tests/acceptance/token-header.feature

@setupApplicationTest
@notNamespaceable
Feature: token-header
  In order to authenticate with tokens
  As a user
  I need to be able to specify a ACL token AND/OR leave it blank to authenticate with the API
  Scenario: Arriving at the index page having not set a token previously
    Given 1 datacenter model with the value "datacenter"
    When I visit the index page
    Then the url should be /datacenter/services
    And a GET request was made to "/v1/internal/ui/services?dc=datacenter&ns=@namespace" from yaml
    ---
    headers:
      X-Consul-Token: ''
    ---
  Scenario: Set the token to [Token] and then navigate to the index page
    Given 1 datacenter model with the value "datacenter"
    And the url "/v1/acl/tokens" responds with a 403 status
    When I visit the tokens page for yaml
    ---
      dc: datacenter
    ---
    Then the url should be /datacenter/acls/tokens
    And I click login on the navigation
    And I fill in the auth form with yaml
    ---
    SecretID: [Token]
    ---
    And I click submit on the authdialog.form
    When I visit the index page
    Then the url should be /datacenter/services
    And a GET request was made to "/v1/internal/ui/services?dc=datacenter&ns=@namespace" from yaml
    ---
    headers:
      X-Consul-Token: [Token]
    ---
  Where:
      ---------
      | Token |
      | token |
      | ''    |
      ---------
Ensure a blank token is sent if the localStorage kv doesn't exist 2018-06-20 09:22:38 +00:00			`@setupApplicationTest`
ui: Acceptance test improvements to prepare for more NS tests (#6980) * ui: Acceptance test improvements to prepare for more NS tests * ui: Namespace acceptance testing (#7005) * Update api-double and consul-api-double for http.body * Adds places where we missed passing the nspace through * Hardcode nspace CRUD to use the default nspace for policies and roles * Alter test helpers to allow us to control nspaces from the outside * Amends to allow tests to account for namespace, move ns from queryParam 1. We decided to move how we pass the namespace value through to the backend when performing write actions (create, update). Previoulsy we were using the queryParam although using the post body is the preferred method to send the Namespace details through to the backend. 2. Other various amends to take into account testing across multiple namespaced scenarios * Enable nspace testing by default * Remove last few occurances of old style http assertions We had informally 'deprecated' our old style of http assertions that relied on the order of http calls (even though that order was not important for the assertion). Following on from our namespace work we removed the majority of the old occrances of these old style assertions. This commit removes the remaining few, and also then cleans up the assertions/http.js file to only include the ones we are using. This reduces our available step count further and prevents any confusion over the usage of the old types and the new types. * ui: Namespace CRUD acceptance tests (#7016) * Upgrade consul-api-double * Add all the things required for testing: 1. edit and index page objects 2. enable CONSUL_NSPACE_COUNT cookie setting 3. enable mutating HTTP response bodies based on URL * Add acceptance test for nspace edit/delete/list and searching 2020-01-24 12:26:28 +00:00			`@notNamespaceable`
			`Feature: token-header`
Ensure a blank token is sent if the localStorage kv doesn't exist 2018-06-20 09:22:38 +00:00			`In order to authenticate with tokens`
			`As a user`
			`I need to be able to specify a ACL token AND/OR leave it blank to authenticate with the API`
			`Scenario: Arriving at the index page having not set a token previously`
			`Given 1 datacenter model with the value "datacenter"`
			`When I visit the index page`
			`Then the url should be /datacenter/services`
ui: Run 2 separate test runs oss and ent (#7214) * ui: Make API integration tests aware of CONSUL_NSPACES_ENABLED * ui: Allow passing CONSUL_NSPACES_ENABLED in via the cli in ember * ui: Add more makefile targets/package scripts to switch NSPACEs on/off * ui: Ensure all acceptance tests continue to pass with NSPACEs on/off This required a little tweaking of the dictionary, at some point page-navigation and some of these little tweaks will no longer be required * ui: Try running CI frontend tests in two parellel runs oss/ent * ui: Use correct make target, use different names for the reports 2020-02-07 11:02:53 +00:00			`And a GET request was made to "/v1/internal/ui/services?dc=datacenter&ns=@namespace" from yaml`
Ensure a blank token is sent if the localStorage kv doesn't exist 2018-06-20 09:22:38 +00:00			`---`
			`headers:`
			`X-Consul-Token: ''`
			`---`
Make sure token is set to blank if nothing is typed in settings 2018-06-20 13:38:54 +00:00			`Scenario: Set the token to [Token] and then navigate to the index page`
Ensure a blank token is sent if the localStorage kv doesn't exist 2018-06-20 09:22:38 +00:00			`Given 1 datacenter model with the value "datacenter"`
UI: Catch 500 error on token endpoint and revert to legacy tokens (#4874) In some circumstances a consul 1.4 client could be running in an un-upgraded 1.3 or lower cluster. Currently this gives a 500 error on the new ACL token endpoint. Here we catch this specific 500 error/message and set the users AccessorID to null. Elsewhere in the frontend we use this fact (AccessorID being null) to decide whether to present the legacy or the new ACL UI to the user. Also: - Re-adds in most of the old style ACL acceptance tests, now that we are keeping the old style UI - Restricts code editors to HCL only mode for all `Rules` editing (legacy/'half legacy'/new style) - Adds a [Stop using] button to the old style ACL rows so its possible to logout. - Updates copy and documentation links for the upgrade notices 2018-11-02 14:44:36 +00:00			`And the url "/v1/acl/tokens" responds with a 403 status`
			`When I visit the tokens page for yaml`
			`---`
			`dc: datacenter`
			`---`
			`Then the url should be /datacenter/acls/tokens`
UI: Improved Login/Logout flow inc SSO support (#7790) * 6 new components for new login/logout flow, plus SSO support UI Components: 1. AuthDialog: Wraps/orchestrates AuthForm and AuthProfile 2. AuthForm: Authorization form shown when logged out. 3. AuthProfile: Simple presentational component to show the users 'Profile' 4. OidcSelect: A 'select' component for selecting an OIDC provider, dynamically uses either a single select menu or multiple buttons depending on the amount of providers Data Components: 1. JwtSource: Given an OIDC provider URL this component will request a token from the provider and fire an donchange event when it has been retrieved. Used by TokenSource. 2. TokenSource: Given a oidc provider name or a Consul SecretID, TokenSource will use whichever method/API requests required to retrieve Consul ACL Token, which is emitted to the onchange event handler. Very basic README documentation included here, which is likely to be refined somewhat. * CSS required for new auth/SSO UI components * Remaining app code required to tie the new auth/SSO work together * CSS code required to help tie the auth/SSO work together * Test code in order to get current tests passing with new auth/SSO flow ..plus extremely basics/skipped rendering tests for the new components * Treat the secret received from the server as the truth Previously we've always treated what the user typed as the truth, this breaks down when using SSO as the user doesn't type anything to retrieve a token. Therefore we change this so that we use the secret in the API response as the truth. * Make sure removing an dom tree from a buffer only removes its own tree 2020-05-11 15:37:11 +00:00			`And I click login on the navigation`
			`And I fill in the auth form with yaml`
Ensure a blank token is sent if the localStorage kv doesn't exist 2018-06-20 09:22:38 +00:00			`---`
UI: Improved Login/Logout flow inc SSO support (#7790) * 6 new components for new login/logout flow, plus SSO support UI Components: 1. AuthDialog: Wraps/orchestrates AuthForm and AuthProfile 2. AuthForm: Authorization form shown when logged out. 3. AuthProfile: Simple presentational component to show the users 'Profile' 4. OidcSelect: A 'select' component for selecting an OIDC provider, dynamically uses either a single select menu or multiple buttons depending on the amount of providers Data Components: 1. JwtSource: Given an OIDC provider URL this component will request a token from the provider and fire an donchange event when it has been retrieved. Used by TokenSource. 2. TokenSource: Given a oidc provider name or a Consul SecretID, TokenSource will use whichever method/API requests required to retrieve Consul ACL Token, which is emitted to the onchange event handler. Very basic README documentation included here, which is likely to be refined somewhat. * CSS required for new auth/SSO UI components * Remaining app code required to tie the new auth/SSO work together * CSS code required to help tie the auth/SSO work together * Test code in order to get current tests passing with new auth/SSO flow ..plus extremely basics/skipped rendering tests for the new components * Treat the secret received from the server as the truth Previously we've always treated what the user typed as the truth, this breaks down when using SSO as the user doesn't type anything to retrieve a token. Therefore we change this so that we use the secret in the API response as the truth. * Make sure removing an dom tree from a buffer only removes its own tree 2020-05-11 15:37:11 +00:00			`SecretID: [Token]`
Ensure a blank token is sent if the localStorage kv doesn't exist 2018-06-20 09:22:38 +00:00			`---`
UI: Improved Login/Logout flow inc SSO support (#7790) * 6 new components for new login/logout flow, plus SSO support UI Components: 1. AuthDialog: Wraps/orchestrates AuthForm and AuthProfile 2. AuthForm: Authorization form shown when logged out. 3. AuthProfile: Simple presentational component to show the users 'Profile' 4. OidcSelect: A 'select' component for selecting an OIDC provider, dynamically uses either a single select menu or multiple buttons depending on the amount of providers Data Components: 1. JwtSource: Given an OIDC provider URL this component will request a token from the provider and fire an donchange event when it has been retrieved. Used by TokenSource. 2. TokenSource: Given a oidc provider name or a Consul SecretID, TokenSource will use whichever method/API requests required to retrieve Consul ACL Token, which is emitted to the onchange event handler. Very basic README documentation included here, which is likely to be refined somewhat. * CSS required for new auth/SSO UI components * Remaining app code required to tie the new auth/SSO work together * CSS code required to help tie the auth/SSO work together * Test code in order to get current tests passing with new auth/SSO flow ..plus extremely basics/skipped rendering tests for the new components * Treat the secret received from the server as the truth Previously we've always treated what the user typed as the truth, this breaks down when using SSO as the user doesn't type anything to retrieve a token. Therefore we change this so that we use the secret in the API response as the truth. * Make sure removing an dom tree from a buffer only removes its own tree 2020-05-11 15:37:11 +00:00			`And I click submit on the authdialog.form`
Ensure a blank token is sent if the localStorage kv doesn't exist 2018-06-20 09:22:38 +00:00			`When I visit the index page`
			`Then the url should be /datacenter/services`
ui: Run 2 separate test runs oss and ent (#7214) * ui: Make API integration tests aware of CONSUL_NSPACES_ENABLED * ui: Allow passing CONSUL_NSPACES_ENABLED in via the cli in ember * ui: Add more makefile targets/package scripts to switch NSPACEs on/off * ui: Ensure all acceptance tests continue to pass with NSPACEs on/off This required a little tweaking of the dictionary, at some point page-navigation and some of these little tweaks will no longer be required * ui: Try running CI frontend tests in two parellel runs oss/ent * ui: Use correct make target, use different names for the reports 2020-02-07 11:02:53 +00:00			`And a GET request was made to "/v1/internal/ui/services?dc=datacenter&ns=@namespace" from yaml`
Ensure a blank token is sent if the localStorage kv doesn't exist 2018-06-20 09:22:38 +00:00			`---`
			`headers:`
			`X-Consul-Token: [Token]`
			`---`
			`Where:`
			`---------`
			`\| Token \|`
			`\| token \|`
			`\| '' \|`
			`---------`