OIDC Auth Bug (#13133)

* fixes issue with oidc auth method when MetaMask chrome extenstion is used

* adds changelog entry

* updates auth-jwt integration tests

* fixes race condition in runCommands ui-panel helper method where running multiple commands would not always result in the same output order

ui/app/components/auth-jwt.js

@@ -89,12 +89,18 @@ export default Component.extend({
     // start watching the popup window and the current one
     this.watchPopup.perform(oidcWindow);
     this.watchCurrent.perform(oidcWindow);
-    // wait for message posted from popup
-    const event = yield waitForEvent(thisWindow, 'message');
-    if (event.origin === thisWindow.origin && event.isTrusted) {
-      this.exchangeOIDC.perform(event.data, oidcWindow);
-    } else {
-      this.handleOIDCError();
+    // wait for message posted from oidc callback
+    // see issue https://github.com/hashicorp/vault/issues/12436
+    // ensure that postMessage event is from expected source
+    while (true) {
+      const event = yield waitForEvent(thisWindow, 'message');
+      if (event.origin !== thisWindow.origin || !event.isTrusted) {
+        return this.handleOIDCError();
+      }
+      if (event.data.source === 'oidc-callback') {
+        return this.exchangeOIDC.perform(event.data, oidcWindow);
+      }
+      // continue to wait for the correct message
     }
   }),