be632db682
* runs ember-cli-update to 4.4.0 * updates yarn.lock * updates dependencies causing runtime errors (#17135) * Inject Store Service When Accessed Implicitly (#17345) * adds codemod for injecting store service * adds custom babylon parser with decorators-legacy plugin for jscodeshift transforms * updates inject-store-service codemod to only look for .extend object expressions and adds recast options * runs inject-store-service codemod on js files * replace query-params helper with hash (#17404) * Updates/removes dependencies throwing errors in Ember 4.4 (#17396) * updates ember-responsive to latest * updates ember-composable-helpers to latest and uses includes helper since contains was removed * updates ember-concurrency to latest * updates ember-cli-clipboard to latest * temporary workaround for toolbar-link component throwing errors for using params arg with LinkTo * adds missing store injection to auth configure route * fixes issue with string-list component throwing error for accessing prop in same computation * fixes non-iterable query params issue in mfa methods controller * refactors field-to-attrs to handle belongsTo rather than fragments * converts mount-config fragment to belongsTo on auth-method model * removes ember-api-actions and adds tune method to auth-method adapter * converts cluster replication attributes from fragment to relationship * updates ember-data, removes ember-data-fragments and updates yarn to latest * removes fragments from secret-engine model * removes fragment from test-form-model * removes commented out code * minor change to inject-store-service codemod and runs again on js files * Remove LinkTo positional params (#17421) * updates ember-cli-page-object to latest version * update toolbar-link to support link-to args and not positional params * adds replace arg to toolbar-link component * Clean up js lint errors (#17426) * replaces assert.equal to assert.strictEqual * update eslint no-console to error and disables invididual intended uses of console * cleans up hbs lint warnings (#17432) * Upgrade bug and test fixes (#17500) * updates inject-service codemod to take arg for service name and runs for flashMessages service * fixes hbs lint error after merging main * fixes flash messages * updates more deps * bug fixes * test fixes * updates ember-cli-content-security-policy and prevents default form submission throwing errors * more bug and test fixes * removes commented out code * fixes issue with code-mirror modifier sending change event on setup causing same computation error * Upgrade Clean Up (#17543) * updates deprecation workflow and filter * cleans up build errors, removes unused ivy-codemirror and sass and updates ember-cli-sass and node-sass to latest * fixes control groups test that was skipped after upgrade * updates control group service tests * addresses review feedback * updates control group service handleError method to use router.currentURL rather that transition.intent.url * adds changelog entry
66 lines
2.5 KiB
JavaScript
66 lines
2.5 KiB
JavaScript
import { module, test } from 'qunit';
|
|
import { setupTest } from 'ember-qunit';
|
|
import EmberObject from '@ember/object';
|
|
import Evented from '@ember/object/evented';
|
|
import sinon from 'sinon';
|
|
import { _cancelTimers as cancelTimers } from '@ember/runloop';
|
|
|
|
const mockWindow = EmberObject.extend(Evented, {
|
|
origin: 'http://localhost:4200',
|
|
});
|
|
|
|
module('Unit | Component | auth-jwt', function (hooks) {
|
|
setupTest(hooks);
|
|
|
|
hooks.beforeEach(function () {
|
|
this.component = this.owner.lookup('component:auth-jwt');
|
|
this.component.set('window', mockWindow.create());
|
|
this.errorSpy = sinon.spy(this.component, 'handleOIDCError');
|
|
});
|
|
|
|
test('it should handle error for cross origin messages while waiting for oidc callback', async function (assert) {
|
|
assert.expect(1);
|
|
this.component.prepareForOIDC.perform(mockWindow.create());
|
|
this.component.window.trigger('message', { origin: 'http://anotherdomain.com', isTrusted: true });
|
|
assert.ok(this.errorSpy.calledOnce, 'Error handled from cross origin window message event');
|
|
cancelTimers();
|
|
});
|
|
|
|
test('it should handle error for untrusted messages while waiting for oidc callback', async function (assert) {
|
|
assert.expect(1);
|
|
this.component.prepareForOIDC.perform(mockWindow.create());
|
|
this.component.window.trigger('message', { origin: 'http://localhost:4200', isTrusted: false });
|
|
assert.ok(this.errorSpy.calledOnce, 'Error handled from untrusted window message event');
|
|
cancelTimers();
|
|
});
|
|
// test case for https://github.com/hashicorp/vault/issues/12436
|
|
test('it should ignore messages sent from outside the app while waiting for oidc callback', async function (assert) {
|
|
assert.expect(2);
|
|
this.component.prepareForOIDC.perform(mockWindow.create());
|
|
const message = {
|
|
origin: 'http://localhost:4200',
|
|
isTrusted: true,
|
|
data: {
|
|
namespace: 'foobar',
|
|
path: '/foo/bar',
|
|
state: 'authorized',
|
|
code: 204,
|
|
},
|
|
};
|
|
|
|
this.component.window.trigger('message', message);
|
|
message.data.source = 'foo-bar';
|
|
this.component.window.trigger('message', message);
|
|
message.data.source = 'oidc-callback';
|
|
this.component.window.trigger('message', message);
|
|
|
|
assert.ok(this.errorSpy.notCalled, 'Error handler not triggered while waiting for oidc callback message');
|
|
assert.strictEqual(
|
|
this.component.exchangeOIDC.performCount,
|
|
1,
|
|
'exchangeOIDC method fires when oidc callback message is received'
|
|
);
|
|
cancelTimers();
|
|
});
|
|
});
|