UI: address flaky auth-jwt and control group tests (#28297)

* address flaky auth-jwt test * refactor control group success test
2025-11-02 11:38:02 +00:00 · 2024-09-05 12:37:13 -07:00
parent cbec86fba5
commit c4962925de
3 changed files with 97 additions and 93 deletions
--- a/ui/tests/helpers/auth/auth-form-selectors.ts
+++ b/ui/tests/helpers/auth/auth-form-selectors.ts
@@ -9,7 +9,7 @@ export const AUTH_FORM = {
  tabs: (method: string) => (method ? `[data-test-auth-method="${method}"]` : '[data-test-auth-method]'),
  description: '[data-test-description]',
  roleInput: '[data-test-role]',
-  input: (item: string) => `[data-test-${item}]`, // i.e. role, token, password or username
+  input: (item: string) => `[data-test-${item}]`, // i.e. jwt, role, token, password or username
  mountPathInput: '[data-test-auth-form-mount-path]',
  moreOptions: '[data-test-auth-form-options-toggle]',
 };
--- a/ui/tests/integration/components/auth-jwt-test.js
+++ b/ui/tests/integration/components/auth-jwt-test.js
@@ -6,16 +6,17 @@
 import { _cancelTimers as cancelTimers } from '@ember/runloop';
 import { module, test } from 'qunit';
 import { setupRenderingTest } from 'ember-qunit';
-import { render, settled, waitUntil } from '@ember/test-helpers';
+import { fillIn, render, settled, waitUntil } from '@ember/test-helpers';
 import hbs from 'htmlbars-inline-precompile';
 import sinon from 'sinon';
 import { resolve } from 'rsvp';
 import { create } from 'ember-cli-page-object';
 import form from '../../pages/components/auth-jwt';
 import { ERROR_WINDOW_CLOSED, ERROR_MISSING_PARAMS, ERROR_JWT_LOGIN } from 'vault/components/auth-jwt';
-import { fakeWindow, buildMessage } from '../../helpers/oidc-window-stub';
+import { fakeWindow, buildMessage } from 'vault/tests/helpers/oidc-window-stub';
 import { setupMirage } from 'ember-cli-mirage/test-support';
 import { overrideResponse } from 'vault/tests/helpers/stubs';
+import { AUTH_FORM } from 'vault/tests/helpers/auth/auth-form-selectors';

 const component = create(form);
 const windows = [];
@@ -33,12 +34,6 @@ fakeWindow.reopen({
  },
 });

-const OIDC_AUTH_RESPONSE = {
-  auth: {
-    client_token: 'token',
-  },
-};
-
 const renderIt = async (context, path = 'jwt') => {
  const handler = (data, e) => {
    if (e && e.preventDefault) e.preventDefault();
@@ -75,11 +70,11 @@ module('Integration | Component | auth jwt', function (hooks) {
      },
    });
    this.server.get('/auth/:path/oidc/callback', function () {
-      return OIDC_AUTH_RESPONSE;
+      return { auth: { client_token: 'token' } };
    });
    this.server.post('/auth/:path/oidc/auth_url', (_, request) => {
      const { role } = JSON.parse(request.requestBody);
-      if (['test', 'bar'].includes(role)) {
+      if (['okta', 'test', 'bar'].includes(role)) {
        const auth_url = role === 'test' ? 'http://example.com' : role === 'okta' ? 'http://okta.com' : '';
        return {
          data: { auth_url },
@@ -127,35 +122,46 @@ module('Integration | Component | auth jwt', function (hooks) {
  });

  test('oidc: test role: it renders', async function (assert) {
+    // setting the path also fires off a request to auth_url but this happens inconsistently in tests
+    // setting here so it doesn't affect the postCount because it's not relevant to what's being tested
+    this.set('selectedAuthPath', 'foo');
    let postCount = 0;
    this.server.post('/auth/:path/oidc/auth_url', (_, request) => {
      postCount++;
      const { role } = JSON.parse(request.requestBody);
-      if (['test', 'okta', 'bar'].includes(role)) {
-        const auth_url = role === 'test' ? 'http://example.com' : role === 'okta' ? 'http://okta.com' : '';
-        return {
-          data: { auth_url },
-        };
-      }
-      const errors = role === 'foo' ? ['role "foo" could not be found'] : [ERROR_JWT_LOGIN];
-      return overrideResponse(400, { errors });
+      const auth_url = role === 'test' ? 'http://example.com' : role === 'okta' ? 'http://okta.com' : '';
+      return {
+        data: { auth_url },
+      };
    });
    await renderIt(this);
    await settled();
-    this.set('selectedAuthPath', 'foo');
-    await component.role('test');
-    await settled();
-    assert.notOk(component.jwtPresent, 'does not show jwt input for OIDC type login');
-    assert.strictEqual(component.loginButtonText, 'Sign in with OIDC Provider');
-
-    await component.role('okta');
+    await fillIn(AUTH_FORM.roleInput, 'test');
+    assert
+      .dom(AUTH_FORM.input('jwt'))
+      .doesNotExist('does not show jwt token input if role matches OIDC login url');
+    assert.dom(AUTH_FORM.login).hasText('Sign in with OIDC Provider');
+    await fillIn(AUTH_FORM.roleInput, 'okta');
    // 1 for initial render, 1 for each time role changed = 3
-    assert.strictEqual(postCount, 3, 'fetches the auth_url when the path changes');
-    assert.strictEqual(
-      component.loginButtonText,
-      'Sign in with Okta',
-      'recognizes auth methods with certain urls'
-    );
+    assert.strictEqual(postCount, 3, 'fetches the auth_url when the role changes');
+    assert.dom(AUTH_FORM.login).hasText('Sign in with Okta', 'recognizes auth methods with certain urls');
+  });
+
+  test('oidc: it fetches auth_url when path changes', async function (assert) {
+    assert.expect(2);
+    this.set('selectedAuthPath', 'foo');
+    await renderIt(this);
+    // auth_url is requested on initial render so stubbing after rendering the component
+    // to test auth_url is called when the :path changes
+    this.server.post('/auth/:path/oidc/auth_url', (_, request) => {
+      assert.true(true, 'request is made to auth_url');
+      assert.strictEqual(request?.params?.path, 'foo', 'request params are { path: foo }');
+      return {
+        data: { auth_url: '' },
+      };
+    });
+    this.set('selectedAuthPath', 'foo');
+    await settled();
  });

  test('oidc: it calls window.open popup window on login', async function (assert) {
--- a/ui/tests/integration/components/control-group-success-test.js
+++ b/ui/tests/integration/components/control-group-success-test.js
@@ -3,97 +3,95 @@
 * SPDX-License-Identifier: BUSL-1.1
 */

-import { later, run, _cancelTimers as cancelTimers } from '@ember/runloop';
 import { resolve } from 'rsvp';
 import Service from '@ember/service';
 import { module, test } from 'qunit';
 import { setupRenderingTest } from 'ember-qunit';
-import { render, settled } from '@ember/test-helpers';
+import { click, fillIn, find, render } from '@ember/test-helpers';
 import hbs from 'htmlbars-inline-precompile';
 import sinon from 'sinon';
-import { create } from 'ember-cli-page-object';
-import controlGroupSuccess from '../../pages/components/control-group-success';
 import { setRunOptions } from 'ember-a11y-testing/test-support';

-const component = create(controlGroupSuccess);
-
-const controlGroupService = Service.extend({
-  deleteControlGroupToken: sinon.stub(),
-  markTokenForUnwrap: sinon.stub(),
-});
-
-const storeService = Service.extend({
-  adapterFor() {
-    return {
-      toolAction() {
-        return resolve({ data: { foo: 'bar' } });
-      },
-    };
-  },
-});
+const SELECTORS = {
+  jsonViewer: '[data-test-json-viewer]',
+  navigate: '[data-test-navigate-button]',
+  navMessage: '[data-test-navigate-message]',
+  tokenInput: '[data-test-token-input]',
+  unwrap: '[data-test-unwrap-button]',
+  unwrapForm: '[data-test-unwrap-form]',
+};

 module('Integration | Component | control group success', function (hooks) {
  setupRenderingTest(hooks);

  hooks.beforeEach(function () {
-    run(() => {
-      this.owner.unregister('service:store');
-      this.owner.register('service:control-group', controlGroupService);
-      this.controlGroup = this.owner.lookup('service:control-group');
-      this.owner.register('service:store', storeService);
-      this.router = this.owner.lookup('service:router');
-      this.router.reopen({
-        transitionTo: sinon.stub().returns(resolve()),
-      });
-      setRunOptions({
-        rules: {
-          // TODO: swap out JsonEditor with Hds::CodeBlock for display
-          'color-contrast': { enabled: false },
-          label: { enabled: false },
-        },
-      });
+    this.store = this.owner.lookup('service:store');
+    this.transitionStub = sinon.stub(this.owner.lookup('service:router'), 'transitionTo');
+    this.controlGroup = this.owner.lookup('service:control-group');
+    this.markTokenForUnwrapStub = sinon.stub(this.controlGroup, 'markTokenForUnwrap');
+    this.model = {
+      approved: false,
+      requestPath: 'foo/bar',
+      id: 'accessor',
+      requestEntity: { id: 'requestor', name: 'entity8509' },
+      reload: sinon.stub(),
+    };
+    setRunOptions({
+      rules: {
+        // TODO: swap out JsonEditor with Hds::CodeBlock for display
+        'color-contrast': { enabled: false },
+        label: { enabled: false },
+      },
    });
  });

-  const MODEL = {
-    approved: false,
-    requestPath: 'foo/bar',
-    id: 'accessor',
-    requestEntity: { id: 'requestor', name: 'entity8509' },
-    reload: sinon.stub(),
-  };
  test('render with saved token', async function (assert) {
    assert.expect(3);
    const response = {
      uiParams: { url: '/foo' },
      token: 'token',
    };
-    this.set('model', MODEL);
    this.set('response', response);
    await render(hbs`<ControlGroupSuccess @model={{this.model}} @controlGroupResponse={{this.response}} />`);
+    assert
+      .dom(SELECTORS.navMessage)
+      .hasText(
+        'You have been granted access to foo/bar. Be careful, you can only access this data once. If you need access again in the future you will need to get authorized again. Visit'
+      );

-    assert.true(component.showsNavigateMessage, 'shows unwrap message');
-
-    await component.navigate();
-    later(() => cancelTimers(), 50);
-    await settled();
-
-    assert.true(this.controlGroup.markTokenForUnwrap.calledOnce, 'marks token for unwrap');
-    assert.true(this.router.transitionTo.calledOnce, 'calls router transition');
+    await click(SELECTORS.navigate);
+    const [transition] = this.transitionStub.lastCall.args;
+    const [accessor] = this.markTokenForUnwrapStub.lastCall.args;
+    assert.strictEqual(accessor, 'accessor', 'marks token for unwrap');
+    assert.strictEqual(transition, '/foo', 'calls router transition');
  });

  test('render without token', async function (assert) {
    assert.expect(2);
-    this.set('model', MODEL);
    await render(hbs`<ControlGroupSuccess @model={{this.model}} />`);
+    assert.dom(SELECTORS.unwrapForm).exists();
+    assert.dom(SELECTORS.tokenInput).hasValue('');
+  });

-    assert.true(component.showsUnwrapForm, 'shows unwrap form');
-
-    await component.token('token');
-    component.unwrap();
-    later(() => cancelTimers(), 50);
-    await settled();
-
-    assert.true(component.showsJsonViewer, 'shows unwrapped data');
+  test('it unwraps data on submit', async function (assert) {
+    assert.expect(2);
+    const storeService = Service.extend({
+      adapterFor() {
+        return {
+          toolAction() {
+            return resolve({ data: { foo: 'bar' } });
+          },
+        };
+      },
+    });
+    this.owner.unregister('service:store');
+    this.owner.register('service:store', storeService);
+    await render(hbs`<ControlGroupSuccess @model={{this.model}} />`);
+    assert.dom(SELECTORS.tokenInput).hasValue('');
+    await fillIn(SELECTORS.tokenInput, 'token');
+    await click(SELECTORS.unwrap);
+    const actual = find(SELECTORS.jsonViewer).innerText;
+    const expected = JSON.stringify({ foo: 'bar' }, null, 2);
+    assert.strictEqual(actual, expected, `it renders unwrapped data: ${actual}`);
  });
 });