From 4371face65617914b8711e1dd0915a4f60cbaa63 Mon Sep 17 00:00:00 2001 From: Jordan Reimer Date: Tue, 7 Feb 2023 14:22:22 -0700 Subject: [PATCH] Wrapped token login bug (#19036) * fixes issue logging in with wrapped_token via logout route when not logged in * adds changelog entry * fixes cluster route mixin test --- changelog/19036.txt | 3 +++ ui/app/mixins/cluster-route.js | 4 +++- ui/tests/acceptance/wrapped-token-test.js | 13 ++++++++++++- 3 files changed, 18 insertions(+), 2 deletions(-) create mode 100644 changelog/19036.txt diff --git a/changelog/19036.txt b/changelog/19036.txt new file mode 100644 index 000000000..ebe62a7a6 --- /dev/null +++ b/changelog/19036.txt @@ -0,0 +1,3 @@ +```release-note:bug +ui: fixes logout route wrapped_token bug +`` \ No newline at end of file diff --git a/ui/app/mixins/cluster-route.js b/ui/app/mixins/cluster-route.js index d3f83318d..a43818725 100644 --- a/ui/app/mixins/cluster-route.js +++ b/ui/app/mixins/cluster-route.js @@ -29,11 +29,13 @@ export default Mixin.create({ targetRoute !== transition.targetName && targetRoute !== this.router.currentRouteName ) { + // there may be query params so check for inclusion rather than exact match + const isExcluded = EXCLUDED_REDIRECT_URLS.find((url) => this.router.currentURL?.includes(url)); if ( // only want to redirect if we're going to authenticate targetRoute === AUTH && transition.targetName !== CLUSTER_INDEX && - !EXCLUDED_REDIRECT_URLS.includes(this.router.currentURL) + !isExcluded ) { return this.transitionTo(targetRoute, { queryParams: { redirect_to: this.router.currentURL } }); } diff --git a/ui/tests/acceptance/wrapped-token-test.js b/ui/tests/acceptance/wrapped-token-test.js index 0dd18d3ca..26df1941e 100644 --- a/ui/tests/acceptance/wrapped-token-test.js +++ b/ui/tests/acceptance/wrapped-token-test.js @@ -1,7 +1,8 @@ import { module, test } from 'qunit'; import { setupApplicationTest } from 'ember-qunit'; -import { settled, currentURL } from '@ember/test-helpers'; +import { settled, currentURL, visit } from '@ember/test-helpers'; import { create } from 'ember-cli-page-object'; +import { setupMirage } from 'ember-cli-mirage/test-support'; import auth from 'vault/tests/pages/auth'; import consoleClass from 'vault/tests/pages/components/console/ui-panel'; @@ -27,6 +28,7 @@ const setupWrapping = async () => { }; module('Acceptance | wrapped_token query param functionality', function (hooks) { setupApplicationTest(hooks); + setupMirage(hooks); test('it authenticates you if the query param is present', async function (assert) { const token = await setupWrapping(); @@ -41,4 +43,13 @@ module('Acceptance | wrapped_token query param functionality', function (hooks) await settled(); assert.strictEqual(currentURL(), '/vault/secrets', 'authenticates and redirects to home'); }); + + test('it should authenticate when hitting logout url with wrapped_token when logged out', async function (assert) { + this.server.post('/sys/wrapping/unwrap', () => { + return { auth: { client_token: 'root' } }; + }); + + await visit(`/vault/logout?wrapped_token=1234`); + assert.strictEqual(currentURL(), '/vault/secrets', 'authenticates and redirects to home'); + }); });