-
Notifications
You must be signed in to change notification settings - Fork 27
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: implement new experimental login workflow for local development (…
…#1934) * feat: implement experimental oidc-like workflow for local development * refactor: callback route * fix: invalidate session if requested scope change * refactor: enable oidc login workflow behind a feature flag * refactor: allow to switch projects to then trigger a new login * refactor(playground): pass initial project key as env placeholder * refactor: make the initial project key optional * docs: improvements * chore: keep formatting * refactor: revert experimental changes in playground app * fix: set authorization header only if session token is defined * feat: allow to pass the teamId as claim * fix: processing app config * test: fix test data * chore: remove .env local * refactor: redirect to /authorize endpoint * fix: authorize redirect * refactor: render a nicer error page for auth callback * refactor(app-config): allow to pass the custom app json as arg * refactor(app-config): expose types * feat: add new cypress package * test: enable oidc for playground app and adjust e2e tests accordingly * refactor(cypress): keep command a JS file, to avoid cypress types conflicts * test: missing props * chore: update to latest cypress * refactor(cypress): remove unused command * refactor(cypress): use ts file, mock Cypress types * chore: configure CI to use oidc flow when testing playground app * docs: changeset * test(playground): adjust permissions * feat(app-shell): export ConfigureIntlProvider * fix(playground): menu permission * test(playground): adjust permissions * fix(cypress): always try to read dotenv files * fix(cypress/task): merge loaded dotenv with process.env * refactor: use JSON.parse * test: remove duplicates * refactor: extract oidc storage operations into utils * refactor: rename route to /oidc/callback * docs: improve comment * refactor: use PublicPageLayout component * refactor(config): rename permissions to oAuthScopes, move shared fn into config package * fix: do not use application-config in browser env * fix(public-page-layout): use fixed widths, keep content layout more agnostic * docs: update changeset list of packages
- Loading branch information
Showing
72 changed files
with
1,366 additions
and
334 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
--- | ||
'@commercetools-frontend/application-components': minor | ||
'@commercetools-frontend/application-config': minor | ||
'@commercetools-frontend/application-shell': minor | ||
'@commercetools-frontend/application-shell-connectors': minor | ||
'@commercetools-frontend/constants': minor | ||
'@commercetools-frontend/cypress': minor | ||
'@commercetools-frontend/mc-scripts': minor | ||
'@commercetools-frontend/sdk': minor | ||
'playground': minor | ||
'@commercetools-local/visual-testing-app': minor | ||
--- | ||
|
||
Introduce a new **experimental opt-in** feature to authenticate the application for local development, using an OIDC-like workflow. | ||
|
||
> Disclaimer: this is an opt-in experimental feature. Use it at your own risk. | ||
> We want to test this feature internally first. Until then, we discourage you to try it out. | ||
The feature can be enabled by setting the `ENABLE_OIDC_FOR_DEVELOPMENT=true` environment variable. | ||
|
||
In addition to that, we have a new package `@commercetools-frontend/cypress`, to include some useful commands for testing Custom Applications. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,51 +1,75 @@ | ||
/* eslint-disable jest/valid-expect-in-promise */ | ||
import { encode } from 'qss'; | ||
import { LOGOUT_REASONS } from '@commercetools-frontend/constants'; | ||
import { URL_BASE, URL_STATE_MACHINES } from '../../support/urls'; | ||
import { | ||
URL_BASE, | ||
URL_STATE_MACHINES, | ||
ENTRY_POINT_STATE_MACHINES, | ||
} from '../../support/urls'; | ||
|
||
describe('when user is authenticated', () => { | ||
beforeEach(() => { | ||
cy.loginByOidc({ entryPointUriPath: ENTRY_POINT_STATE_MACHINES }); | ||
}); | ||
it('should log out with reason "user"', () => { | ||
cy.login({ redirectToUri: URL_STATE_MACHINES }); | ||
|
||
cy.findByRole('button', { name: /open user settings menu/i }).click(); | ||
cy.findByRole('link', { name: /logout/i }).click(); | ||
|
||
const queryParams = encode({ | ||
reason: LOGOUT_REASONS.USER, | ||
}); | ||
cy.url().should('include', `/logout?${queryParams}`); | ||
cy.findByText('This is the logout page for local development.').should( | ||
'exist' | ||
cy.findByRole('link', { name: /logout/i }).should( | ||
'have.attr', | ||
'href', | ||
`/logout?${queryParams}` | ||
); | ||
}); | ||
describe('when navigating to an unknown route', () => { | ||
it('should render a not found page', () => { | ||
cy.login({ redirectToUri: URL_STATE_MACHINES }); | ||
cy.visit(`${URL_BASE}/a-non-existing-route`); | ||
cy.findByText('We could not find what you are looking for').should( | ||
'exist' | ||
); | ||
cy.percySnapshot(); | ||
}); | ||
}); | ||
}); | ||
|
||
describe('navigation menu', () => { | ||
beforeEach(() => { | ||
cy.loginByOidc({ entryPointUriPath: ENTRY_POINT_STATE_MACHINES }); | ||
}); | ||
it('should stay collapsed for small viewports', () => { | ||
cy.login({ redirectToUri: URL_STATE_MACHINES }); | ||
cy.viewport(900, 800); | ||
cy.findAllByText('Initial').should('exist'); | ||
cy.percySnapshot(cy.state('runnable').fullTitle(), { | ||
widths: [900], | ||
}); | ||
}); | ||
it('should expand menu when clicking on the expand button', () => { | ||
cy.login({ redirectToUri: URL_STATE_MACHINES }); | ||
cy.findAllByText('Initial').should('exist'); | ||
cy.findByTestId('menu-expander').click(); | ||
// eslint-disable-next-line jest/valid-expect-in-promise | ||
cy.window().then((win) => | ||
// eslint-disable-next-line jest/valid-expect | ||
expect(win.localStorage.getItem('isForcedMenuOpen')).to.equal('true') | ||
); | ||
cy.percySnapshot(); | ||
}); | ||
}); | ||
|
||
describe('failed OIDC authentication', () => { | ||
describe('when sessionToken is missing', () => { | ||
it('should show oidc callback error page', () => { | ||
cy.visit(`/${URL_STATE_MACHINES}/oidc/callback`); | ||
cy.findByText('Authentication error'); | ||
cy.findByText(/missing sessionToken/i); | ||
cy.percySnapshot(); | ||
}); | ||
}); | ||
describe('when sessionToken is invalid', () => { | ||
it('should show oidc callback error page', () => { | ||
cy.visit(`/${URL_STATE_MACHINES}/oidc/callback#sessionToken=123`); | ||
cy.findByText('Authentication error'); | ||
cy.findByText(/invalid token specified/i); | ||
cy.percySnapshot(); | ||
}); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
d86c2e8
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Successfully deployed to the following URLs: