OIDC Alternate Path Bug (#17661)

* adds error handling to auth-jwt component for missing roles and fixes bug where role wasn't being retained when using alternate oidc mount path at login * fixes jwt login bug from auth mount tabs and adds test * updates okta-number-challenge success value to arg in template * adds changelog entry * fixes issues logging in manually with jwt * reverts mistaken change
2025-11-01 11:08:10 +00:00 · 2022-10-26 15:34:43 -06:00
parent 1a2ee3ab33
commit aa94835a45
10 changed files with 154 additions and 75 deletions
--- a/ui/tests/integration/components/auth-form-test.js
+++ b/ui/tests/integration/components/auth-form-test.js
@@ -269,4 +269,49 @@ module('Integration | Component | auth form', function (hooks) {
    );
    server.shutdown();
  });
+
+  test('it should retain oidc role when mount path is changed', async function (assert) {
+    assert.expect(1);
+
+    const auth_url = 'http://dev-foo-bar.com';
+    const server = new Pretender(function () {
+      this.post('/v1/auth/:path/oidc/auth_url', (req) => {
+        const { role, redirect_uri } = JSON.parse(req.requestBody);
+        const goodRequest =
+          req.params.path === 'foo-oidc' &&
+          role === 'foo' &&
+          redirect_uri.includes('/auth/foo-oidc/oidc/callback');
+
+        return [
+          goodRequest ? 200 : 400,
+          { 'Content-Type': 'application/json' },
+          JSON.stringify(
+            goodRequest ? { data: { auth_url } } : { errors: [`role "${role}" could not be found`] }
+          ),
+        ];
+      });
+      this.get('/v1/sys/internal/ui/mounts', this.passthrough);
+    });
+
+    window.open = (url) => {
+      assert.strictEqual(url, auth_url, 'auth_url is returned when required params are passed');
+    };
+
+    this.owner.lookup('service:router').reopen({
+      urlFor(route, { auth_path }) {
+        return `/auth/${auth_path}/oidc/callback`;
+      },
+    });
+
+    this.set('cluster', EmberObject.create({}));
+    await render(hbs`<AuthForm @cluster={{this.cluster}} />`);
+
+    await component.selectMethod('oidc');
+    await component.oidcRole('foo');
+    await component.oidcMoreOptions();
+    await component.oidcMountPath('foo-oidc');
+    await component.login();
+
+    server.shutdown();
+  });
 });