open-vault/ui/tests/unit/components/auth-jwt-test.js

/**
 * Copyright (c) HashiCorp, Inc.
 * SPDX-License-Identifier: MPL-2.0
 */

import { module, test } from 'qunit';
import { setupTest } from 'ember-qunit';
import EmberObject from '@ember/object';
import Evented from '@ember/object/evented';
import sinon from 'sinon';
import { _cancelTimers as cancelTimers } from '@ember/runloop';

const mockWindow = EmberObject.extend(Evented, {
  origin: 'http://localhost:4200',
  close: () => {},
});

module('Unit | Component | auth-jwt', function (hooks) {
  setupTest(hooks);

  hooks.beforeEach(function () {
    this.component = this.owner.lookup('component:auth-jwt');
    this.component.set('window', mockWindow.create());
    this.errorSpy = sinon.spy(this.component, 'handleOIDCError');
  });

  test('it should ignore messages from cross origin windows while waiting for oidc callback', async function (assert) {
    assert.expect(2);
    this.component.prepareForOIDC.perform(mockWindow.create());
    this.component.window.trigger('message', { origin: 'http://anotherdomain.com', isTrusted: true });

    assert.ok(this.errorSpy.notCalled, 'Error handler not triggered while waiting for oidc callback message');
    assert.strictEqual(this.component.exchangeOIDC.performCount, 0, 'exchangeOIDC method not fired');
    cancelTimers();
  });

  test('it should ignore untrusted messages while waiting for oidc callback', async function (assert) {
    assert.expect(2);
    this.component.prepareForOIDC.perform(mockWindow.create());
    this.component.window.trigger('message', { origin: 'http://localhost:4200', isTrusted: false });
    assert.ok(this.errorSpy.notCalled, 'Error handler not triggered while waiting for oidc callback message');
    assert.strictEqual(this.component.exchangeOIDC.performCount, 0, 'exchangeOIDC method not fired');
    cancelTimers();
  });

  // test case for https://github.com/hashicorp/vault/issues/12436
  test('it should ignore messages sent from outside the app while waiting for oidc callback', async function (assert) {
    assert.expect(2);
    this.component.prepareForOIDC.perform(mockWindow.create());
    const message = {
      origin: 'http://localhost:4200',
      isTrusted: true,
      data: {
        namespace: 'foobar',
        path: '/foo/bar',
        state: 'authorized',
        code: 204,
      },
    };

    this.component.window.trigger('message', message);
    message.data.source = 'foo-bar';
    this.component.window.trigger('message', message);
    message.data.source = 'oidc-callback';
    this.component.window.trigger('message', message);

    assert.ok(this.errorSpy.notCalled, 'Error handler not triggered while waiting for oidc callback message');
    assert.strictEqual(
      this.component.exchangeOIDC.performCount,
      1,
      'exchangeOIDC method fires when oidc callback message is received'
    );
    cancelTimers();
  });
});
adding copyright header (#19555) * adding copyright header * fix fmt and a test 2023-03-15 16:00:52 +00:00			`/**`
			`* Copyright (c) HashiCorp, Inc.`
			`* SPDX-License-Identifier: MPL-2.0`
			`*/`

OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`import { module, test } from 'qunit';`
			`import { setupTest } from 'ember-qunit';`
			`import EmberObject from '@ember/object';`
			`import Evented from '@ember/object/evented';`
			`import sinon from 'sinon';`
Runloop/Computed Dot Access Removal (#14596) * removes usages of Ember global * removes instances of dot access on runloop and computed functions * updates cancelTimers import 2022-03-21 21:09:59 +00:00			`import { _cancelTimers as cancelTimers } from '@ember/runloop';`
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00
			`const mockWindow = EmberObject.extend(Evented, {`
			`origin: 'http://localhost:4200',`
UI: Fix OIDC login in fullscreen (#19071) 2023-02-08 20:32:57 +00:00			`close: () => {},`
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`});`

Ember Upgrade to 3.24 (#13443) * Update browserslist * Add browserslistrc * ember-cli-update --to 3.26, fix conflicts * Run codemodes that start with ember-* * More codemods - before cp* * More codemods (curly data-test-) WIP ember-basic-dropdown template errors * updates ember-basic-dropdown and related deps to fix build issues * updates basic dropdown instances to new version API * updates more deps -- ember-template-lint is working again * runs no-implicit-this codemod * creates and runs no-quoteless-attributes codemod * runs angle brackets codemod * updates lint:hbs globs to only touch hbs files * removes yield only templates * creates and runs deprecated args transform * supresses lint error for invokeAction on LinkTo component * resolves remaining ambiguous path lint errors * resolves simple-unless lint errors * adds warnings for deprecated tagName arg on LinkTo components * adds warnings for remaining curly component invocation * updates global template lint rules * resolves remaining template lint errors * disables some ember specfic lint rules that target pre octane patterns * js lint fix run * resolves remaining js lint errors * fixes test run * adds npm-run-all dep * fixes test attribute issues * fixes console acceptance tests * fixes tests * adds yield only wizard/tutorial-active template * fixes more tests * attempts to fix more flaky tests * removes commented out settled in transit test * updates deprecations workflow and adds initializer to filter by version * updates flaky policies acl old test * updates to flaky transit test * bumps ember deps down to LTS version * runs linters after main merge * fixes client count tests after bad merge conflict fixes * fixes client count history test * more updates to lint config * another round of hbs lint fixes after extending stylistic rule * updates lint-staged commands * removes indent eslint rule since it seems to break things * fixes bad attribute in transform-edit-form template * test fixes * fixes enterprise tests * adds changelog * removes deprecated ember-concurrency-test-waiters dep and adds @ember/test-waiters * flaky test fix Co-authored-by: hashishaw <cshaw@hashicorp.com> 2021-12-17 03:44:29 +00:00			`module('Unit \| Component \| auth-jwt', function (hooks) {`
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`setupTest(hooks);`

Ember Upgrade to 3.24 (#13443) * Update browserslist * Add browserslistrc * ember-cli-update --to 3.26, fix conflicts * Run codemodes that start with ember-* * More codemods - before cp* * More codemods (curly data-test-) WIP ember-basic-dropdown template errors * updates ember-basic-dropdown and related deps to fix build issues * updates basic dropdown instances to new version API * updates more deps -- ember-template-lint is working again * runs no-implicit-this codemod * creates and runs no-quoteless-attributes codemod * runs angle brackets codemod * updates lint:hbs globs to only touch hbs files * removes yield only templates * creates and runs deprecated args transform * supresses lint error for invokeAction on LinkTo component * resolves remaining ambiguous path lint errors * resolves simple-unless lint errors * adds warnings for deprecated tagName arg on LinkTo components * adds warnings for remaining curly component invocation * updates global template lint rules * resolves remaining template lint errors * disables some ember specfic lint rules that target pre octane patterns * js lint fix run * resolves remaining js lint errors * fixes test run * adds npm-run-all dep * fixes test attribute issues * fixes console acceptance tests * fixes tests * adds yield only wizard/tutorial-active template * fixes more tests * attempts to fix more flaky tests * removes commented out settled in transit test * updates deprecations workflow and adds initializer to filter by version * updates flaky policies acl old test * updates to flaky transit test * bumps ember deps down to LTS version * runs linters after main merge * fixes client count tests after bad merge conflict fixes * fixes client count history test * more updates to lint config * another round of hbs lint fixes after extending stylistic rule * updates lint-staged commands * removes indent eslint rule since it seems to break things * fixes bad attribute in transform-edit-form template * test fixes * fixes enterprise tests * adds changelog * removes deprecated ember-concurrency-test-waiters dep and adds @ember/test-waiters * flaky test fix Co-authored-by: hashishaw <cshaw@hashicorp.com> 2021-12-17 03:44:29 +00:00			`hooks.beforeEach(function () {`
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`this.component = this.owner.lookup('component:auth-jwt');`
			`this.component.set('window', mockWindow.create());`
			`this.errorSpy = sinon.spy(this.component, 'handleOIDCError');`
			`});`

UI: Fix OIDC login in fullscreen (#19071) 2023-02-08 20:32:57 +00:00			`test('it should ignore messages from cross origin windows while waiting for oidc callback', async function (assert) {`
			`assert.expect(2);`
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`this.component.prepareForOIDC.perform(mockWindow.create());`
			`this.component.window.trigger('message', { origin: 'http://anotherdomain.com', isTrusted: true });`
UI: Fix OIDC login in fullscreen (#19071) 2023-02-08 20:32:57 +00:00
			`assert.ok(this.errorSpy.notCalled, 'Error handler not triggered while waiting for oidc callback message');`
			`assert.strictEqual(this.component.exchangeOIDC.performCount, 0, 'exchangeOIDC method not fired');`
Runloop/Computed Dot Access Removal (#14596) * removes usages of Ember global * removes instances of dot access on runloop and computed functions * updates cancelTimers import 2022-03-21 21:09:59 +00:00			`cancelTimers();`
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`});`

UI: Fix OIDC login in fullscreen (#19071) 2023-02-08 20:32:57 +00:00			`test('it should ignore untrusted messages while waiting for oidc callback', async function (assert) {`
			`assert.expect(2);`
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`this.component.prepareForOIDC.perform(mockWindow.create());`
			`this.component.window.trigger('message', { origin: 'http://localhost:4200', isTrusted: false });`
UI: Fix OIDC login in fullscreen (#19071) 2023-02-08 20:32:57 +00:00			`assert.ok(this.errorSpy.notCalled, 'Error handler not triggered while waiting for oidc callback message');`
			`assert.strictEqual(this.component.exchangeOIDC.performCount, 0, 'exchangeOIDC method not fired');`
Runloop/Computed Dot Access Removal (#14596) * removes usages of Ember global * removes instances of dot access on runloop and computed functions * updates cancelTimers import 2022-03-21 21:09:59 +00:00			`cancelTimers();`
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`});`
UI: Fix OIDC login in fullscreen (#19071) 2023-02-08 20:32:57 +00:00
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`// test case for https://github.com/hashicorp/vault/issues/12436`
Ember Upgrade to 3.24 (#13443) * Update browserslist * Add browserslistrc * ember-cli-update --to 3.26, fix conflicts * Run codemodes that start with ember-* * More codemods - before cp* * More codemods (curly data-test-) WIP ember-basic-dropdown template errors * updates ember-basic-dropdown and related deps to fix build issues * updates basic dropdown instances to new version API * updates more deps -- ember-template-lint is working again * runs no-implicit-this codemod * creates and runs no-quoteless-attributes codemod * runs angle brackets codemod * updates lint:hbs globs to only touch hbs files * removes yield only templates * creates and runs deprecated args transform * supresses lint error for invokeAction on LinkTo component * resolves remaining ambiguous path lint errors * resolves simple-unless lint errors * adds warnings for deprecated tagName arg on LinkTo components * adds warnings for remaining curly component invocation * updates global template lint rules * resolves remaining template lint errors * disables some ember specfic lint rules that target pre octane patterns * js lint fix run * resolves remaining js lint errors * fixes test run * adds npm-run-all dep * fixes test attribute issues * fixes console acceptance tests * fixes tests * adds yield only wizard/tutorial-active template * fixes more tests * attempts to fix more flaky tests * removes commented out settled in transit test * updates deprecations workflow and adds initializer to filter by version * updates flaky policies acl old test * updates to flaky transit test * bumps ember deps down to LTS version * runs linters after main merge * fixes client count tests after bad merge conflict fixes * fixes client count history test * more updates to lint config * another round of hbs lint fixes after extending stylistic rule * updates lint-staged commands * removes indent eslint rule since it seems to break things * fixes bad attribute in transform-edit-form template * test fixes * fixes enterprise tests * adds changelog * removes deprecated ember-concurrency-test-waiters dep and adds @ember/test-waiters * flaky test fix Co-authored-by: hashishaw <cshaw@hashicorp.com> 2021-12-17 03:44:29 +00:00			`test('it should ignore messages sent from outside the app while waiting for oidc callback', async function (assert) {`
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`assert.expect(2);`
			`this.component.prepareForOIDC.perform(mockWindow.create());`
			`const message = {`
			`origin: 'http://localhost:4200',`
			`isTrusted: true,`
			`data: {`
			`namespace: 'foobar',`
			`path: '/foo/bar',`
			`state: 'authorized',`
			`code: 204,`
			`},`
			`};`

			`this.component.window.trigger('message', message);`
			`message.data.source = 'foo-bar';`
			`this.component.window.trigger('message', message);`
			`message.data.source = 'oidc-callback';`
			`this.component.window.trigger('message', message);`

			`assert.ok(this.errorSpy.notCalled, 'Error handler not triggered while waiting for oidc callback message');`
Ember Upgrade to 4.4 (#17086) * runs ember-cli-update to 4.4.0 * updates yarn.lock * updates dependencies causing runtime errors (#17135) * Inject Store Service When Accessed Implicitly (#17345) * adds codemod for injecting store service * adds custom babylon parser with decorators-legacy plugin for jscodeshift transforms * updates inject-store-service codemod to only look for .extend object expressions and adds recast options * runs inject-store-service codemod on js files * replace query-params helper with hash (#17404) * Updates/removes dependencies throwing errors in Ember 4.4 (#17396) * updates ember-responsive to latest * updates ember-composable-helpers to latest and uses includes helper since contains was removed * updates ember-concurrency to latest * updates ember-cli-clipboard to latest * temporary workaround for toolbar-link component throwing errors for using params arg with LinkTo * adds missing store injection to auth configure route * fixes issue with string-list component throwing error for accessing prop in same computation * fixes non-iterable query params issue in mfa methods controller * refactors field-to-attrs to handle belongsTo rather than fragments * converts mount-config fragment to belongsTo on auth-method model * removes ember-api-actions and adds tune method to auth-method adapter * converts cluster replication attributes from fragment to relationship * updates ember-data, removes ember-data-fragments and updates yarn to latest * removes fragments from secret-engine model * removes fragment from test-form-model * removes commented out code * minor change to inject-store-service codemod and runs again on js files * Remove LinkTo positional params (#17421) * updates ember-cli-page-object to latest version * update toolbar-link to support link-to args and not positional params * adds replace arg to toolbar-link component * Clean up js lint errors (#17426) * replaces assert.equal to assert.strictEqual * update eslint no-console to error and disables invididual intended uses of console * cleans up hbs lint warnings (#17432) * Upgrade bug and test fixes (#17500) * updates inject-service codemod to take arg for service name and runs for flashMessages service * fixes hbs lint error after merging main * fixes flash messages * updates more deps * bug fixes * test fixes * updates ember-cli-content-security-policy and prevents default form submission throwing errors * more bug and test fixes * removes commented out code * fixes issue with code-mirror modifier sending change event on setup causing same computation error * Upgrade Clean Up (#17543) * updates deprecation workflow and filter * cleans up build errors, removes unused ivy-codemirror and sass and updates ember-cli-sass and node-sass to latest * fixes control groups test that was skipped after upgrade * updates control group service tests * addresses review feedback * updates control group service handleError method to use router.currentURL rather that transition.intent.url * adds changelog entry 2022-10-18 15:46:02 +00:00			`assert.strictEqual(`
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`this.component.exchangeOIDC.performCount,`
			`1,`
			`'exchangeOIDC method fires when oidc callback message is received'`
			`);`
Runloop/Computed Dot Access Removal (#14596) * removes usages of Ember global * removes instances of dot access on runloop and computed functions * updates cancelTimers import 2022-03-21 21:09:59 +00:00			`cancelTimers();`
OIDC Auth Bug (#13133) * fixes issue with oidc auth method when MetaMask chrome extenstion is used * adds changelog entry * updates auth-jwt integration tests * fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order 2021-11-15 15:48:11 +00:00			`});`
			`});`