Wrapped token login bug (#19036)

* fixes issue logging in with wrapped_token via logout route when not logged in * adds changelog entry * fixes cluster route mixin test
2023-02-07 14:22:22 -07:00 · 2023-02-07 14:22:22 -07:00 · 4371face65
parent 788c4aff67
commit 4371face65
3 changed files with 18 additions and 2 deletions
--- a/changelog/19036.txt
+++ b/changelog/19036.txt
@ -0,0 +1,3 @@
+```release-note:bug
+ui: fixes logout route wrapped_token bug
+``
--- a/ui/app/mixins/cluster-route.js
+++ b/ui/app/mixins/cluster-route.js
@ -29,11 +29,13 @@ export default Mixin.create({
      targetRoute !== transition.targetName &&
      targetRoute !== this.router.currentRouteName
    ) {
+      // there may be query params so check for inclusion rather than exact match
+      const isExcluded = EXCLUDED_REDIRECT_URLS.find((url) => this.router.currentURL?.includes(url));
      if (
        // only want to redirect if we're going to authenticate
        targetRoute === AUTH &&
        transition.targetName !== CLUSTER_INDEX &&
-        !EXCLUDED_REDIRECT_URLS.includes(this.router.currentURL)
+        !isExcluded
      ) {
        return this.transitionTo(targetRoute, { queryParams: { redirect_to: this.router.currentURL } });
      }
--- a/ui/tests/acceptance/wrapped-token-test.js
+++ b/ui/tests/acceptance/wrapped-token-test.js
@ -1,7 +1,8 @@
 import { module, test } from 'qunit';
 import { setupApplicationTest } from 'ember-qunit';
-import { settled, currentURL } from '@ember/test-helpers';
+import { settled, currentURL, visit } from '@ember/test-helpers';
 import { create } from 'ember-cli-page-object';
+import { setupMirage } from 'ember-cli-mirage/test-support';
 import auth from 'vault/tests/pages/auth';
 import consoleClass from 'vault/tests/pages/components/console/ui-panel';

@ -27,6 +28,7 @@ const setupWrapping = async () => {
 };
 module('Acceptance | wrapped_token query param functionality', function (hooks) {
  setupApplicationTest(hooks);
+  setupMirage(hooks);

  test('it authenticates you if the query param is present', async function (assert) {
    const token = await setupWrapping();
@ -41,4 +43,13 @@ module('Acceptance | wrapped_token query param functionality', function (hooks)
    await settled();
    assert.strictEqual(currentURL(), '/vault/secrets', 'authenticates and redirects to home');
  });
+
+  test('it should authenticate when hitting logout url with wrapped_token when logged out', async function (assert) {
+    this.server.post('/sys/wrapping/unwrap', () => {
+      return { auth: { client_token: 'root' } };
+    });
+
+    await visit(`/vault/logout?wrapped_token=1234`);
+    assert.strictEqual(currentURL(), '/vault/secrets', 'authenticates and redirects to home');
+  });
 });