Skip to content

Commit

Permalink
test: Relative redirect tests for all flows
Browse files Browse the repository at this point in the history
Add tests for error, verification, and settings flows
  • Loading branch information
chlasch committed Oct 25, 2021
1 parent 5884f77 commit 780ddd2
Show file tree
Hide file tree
Showing 5 changed files with 71 additions and 0 deletions.
11 changes: 11 additions & 0 deletions internal/testhelpers/handler_mock.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,17 @@ func NewClientWithCookies(t *testing.T) *http.Client {
return &http.Client{Jar: cj}
}

func NewNoRedirectClientWithCookies(t *testing.T) *http.Client {
cj, err := cookiejar.New(&cookiejar.Options{})
require.NoError(t, err)
return &http.Client{
Jar: cj,
CheckRedirect: func(req *http.Request, via []*http.Request) error {
return http.ErrUseLastResponse
},
}
}

func MockHydrateCookieClient(t *testing.T, c *http.Client, u string) {
res, err := c.Get(u)
require.NoError(t, err)
Expand Down
26 changes: 26 additions & 0 deletions internal/testhelpers/session.go
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,20 @@ func NewHTTPClientWithSessionCookie(t *testing.T, reg *driver.RegistryDefault, s
return c
}

func NewNoRedirectHTTPClientWithSessionCookie(t *testing.T, reg *driver.RegistryDefault, sess *session.Session) *http.Client {
maybePersistSession(t, reg, sess)

ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
require.NoError(t, reg.SessionManager().IssueCookie(context.Background(), w, r, sess))
}))
defer ts.Close()

c := NewNoRedirectClientWithCookies(t)

MockHydrateCookieClient(t, c, ts.URL)
return c
}

func NewTransportWithLogger(parent http.RoundTripper, t *testing.T) *TransportWithLogger {
return &TransportWithLogger{
RoundTripper: parent,
Expand Down Expand Up @@ -118,6 +132,18 @@ func NewHTTPClientWithArbitrarySessionCookie(t *testing.T, reg *driver.RegistryD
return NewHTTPClientWithSessionCookie(t, reg, s)
}

func NewNoRedirectHTTPClientWithArbitrarySessionCookie(t *testing.T, reg *driver.RegistryDefault) *http.Client {
s, err := session.NewActiveSession(
&identity.Identity{ID: x.NewUUID(), State: identity.StateActive},
NewSessionLifespanProvider(time.Hour),
time.Now(),
identity.CredentialsTypePassword,
)
require.NoError(t, err, "Could not initialize session from identity.")

return NewNoRedirectHTTPClientWithSessionCookie(t, reg, s)
}

func NewHTTPClientWithIdentitySessionCookie(t *testing.T, reg *driver.RegistryDefault, id *identity.Identity) *http.Client {
s, err := session.NewActiveSession(id, NewSessionLifespanProvider(time.Hour), time.Now(), identity.CredentialsTypePassword)
require.NoError(t, err, "Could not initialize session from identity.")
Expand Down
14 changes: 14 additions & 0 deletions selfservice/flow/login/error_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ import (

"github.com/ory/herodot"

"github.com/ory/kratos/driver/config"
"github.com/ory/kratos/internal"
"github.com/ory/kratos/internal/testhelpers"
"github.com/ory/kratos/schema"
Expand Down Expand Up @@ -98,6 +99,19 @@ func TestHandleError(t *testing.T) {
assertx.EqualAsJSON(t, flowError, sse)
})

t.Run("case=relative error", func(t *testing.T) {
t.Cleanup(reset)
reg.Config(context.Background()).MustSet(config.ViperKeySelfServiceErrorUI, "/login-ts")
flowError = herodot.ErrInternalServerError.WithReason("system error")
ct = node.PasswordGroup
assert.Regexp(
t,
"^/login-ts.*$",
testhelpers.GetSelfServiceRedirectLocation(t, ts.URL+"/error"),
)

})

t.Run("case=error with nil flow detects application/json", func(t *testing.T) {
t.Cleanup(reset)

Expand Down
10 changes: 10 additions & 0 deletions selfservice/flow/settings/handler_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -363,4 +363,14 @@ func TestHandler(t *testing.T) {
})
})
})
t.Run("case=relative redirect when self-service settings ui is a relative url", func(t *testing.T) {
reg.Config(context.Background()).MustSet(config.ViperKeySelfServiceSettingsURL, "/settings-ts")
user1 := testhelpers.NewNoRedirectHTTPClientWithArbitrarySessionCookie(t, reg)
res, _ := initFlow(t, user1, false)
assert.Regexp(
t,
"^/settings-ts.*$",
res.Header.Get("Location"),
)
})
}
10 changes: 10 additions & 0 deletions selfservice/flow/verification/handler_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -132,4 +132,14 @@ func TestGetFlow(t *testing.T) {
require.NoError(t, err)
assert.Equal(t, public.URL+verification.RouteInitBrowserFlow+"?return_to=https://www.ory.sh", f.RequestURL)
})
t.Run("case=relative redirect when self-service verification ui is a relative URL", func(t *testing.T) {
router := x.NewRouterPublic()
ts, _ := testhelpers.NewKratosServerWithRouters(t, reg, router, x.NewRouterAdmin())
reg.Config(context.Background()).MustSet(config.ViperKeySelfServiceVerificationUI, "/verification-ts")
assert.Regexp(
t,
"^/verification-ts.*$",
testhelpers.GetSelfServiceRedirectLocation(t, ts.URL+verification.RouteInitBrowserFlow),
)
})
}

0 comments on commit 780ddd2

Please sign in to comment.