Mirroristas/CommunitySolidServer
2
0
Fork 0
mirror of https://github.com/CommunitySolidServer/CommunitySolidServer.git synced 2024-10-03 14:55:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add controls to IDP response JSON

Browse Source 
Controls are now used in templates to prevent IDP URL hardcoding
This commit is contained in:
Joachim Van Herwegen
2021-08-25 14:49:57 +02:00
parent d68854a474
commit 32a182dde8
13 changed files with 80 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
test/integration/Identity.test.ts
View File

@@ -145,9 +145,8 @@ describe('A Solid server with IDP', (): void => {
it('initializes the session and logs in.', async(): Promise<void> => {
const url = await state.startSession();
const { login } = await state.parseLoginPage(url);
expect(typeof login).toBe('string');
await state.login(login, email, password);
await state.parseLoginPage(url);
await state.login(url, email, password);
expect(state.session.info?.webId).toBe(webId);
});
@@ -168,10 +167,10 @@ describe('A Solid server with IDP', (): void => {
it('can log in again.', async(): Promise<void> => {
const url = await state.startSession();
const form = await state.extractFormUrl(url);
expect(form.url.endsWith('/confirm')).toBe(true);
let res = await state.fetchIdp(url);
expect(res.status).toBe(200);
const res = await state.fetchIdp(form.url, 'POST', '', APPLICATION_X_WWW_FORM_URLENCODED);
res = await state.fetchIdp(url, 'POST', '', APPLICATION_X_WWW_FORM_URLENCODED);
const nextUrl = res.headers.get('location');
expect(typeof nextUrl).toBe('string');
@@ -226,16 +225,12 @@ describe('A Solid server with IDP', (): void => {
state = new IdentityTestState(baseUrl, redirectUrl, oidcIssuer);
});
it('initializes the session.', async(): Promise<void> => {
const url = await state.startSession();
const { login } = await state.parseLoginPage(url);
expect(typeof login).toBe('string');
nextUrl = login;
});
it('can not log in with the old password anymore.', async(): Promise<void> => {
const url = await state.startSession();
nextUrl = url;
await state.parseLoginPage(url);
const formData = stringify({ email, password });
const res = await state.fetchIdp(nextUrl, 'POST', formData, APPLICATION_X_WWW_FORM_URLENCODED);
const res = await state.fetchIdp(url, 'POST', formData, APPLICATION_X_WWW_FORM_URLENCODED);
expect(res.status).toBe(200);
expect(await res.text()).toContain('Incorrect password');
});
@@ -307,9 +302,8 @@ describe('A Solid server with IDP', (): void => {
it('initializes the session and logs in.', async(): Promise<void> => {
state = new IdentityTestState(baseUrl, redirectUrl, oidcIssuer);
const url = await state.startSession();
const { login } = await state.parseLoginPage(url);
expect(typeof login).toBe('string');
await state.login(login, newMail, password);
await state.parseLoginPage(url);
await state.login(url, newMail, password);
expect(state.session.info?.webId).toBe(newWebId);
});

20
test/integration/IdentityTestState.ts
View File

@@ -94,15 +94,14 @@ export class IdentityTestState {
return nextUrl;
}
public async parseLoginPage(url: string): Promise<{ register: string; login: string; forgotPassword: string }> {
public async parseLoginPage(url: string): Promise<{ register: string; forgotPassword: string }> {
const res = await this.fetchIdp(url);
expect(res.status).toBe(200);
const text = await res.text();
const register = this.extractUrl(text, 'a:contains("Sign up")', 'href');
const login = this.extractUrl(text, 'form', 'action');
const forgotPassword = this.extractUrl(text, 'a:contains("Forgot password")', 'href');
return { register, login, forgotPassword };
return { register, forgotPassword };
}
/**
@@ -118,21 +117,6 @@ export class IdentityTestState {
return this.handleLoginRedirect(nextUrl);
}
/**
* Calls the given URL and extracts the action URL from a form contained within the resulting body.
* Also returns the resulting body in case further parsing is needed.
*/
public async extractFormUrl(url: string): Promise<{ url: string; body: string }> {
const res = await this.fetchIdp(url);
expect(res.status).toBe(200);
const text = await res.text();
const formUrl = this.extractUrl(text, 'form', 'action');
return {
url: new URL(formUrl, this.baseUrl).href,
body: text,
};
}
/**
* Handles the redirect that happens after logging in.
*/