imterah/element-portable
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Port remaining login.spec.ts & soft_logout.spec.ts tests from Cypress to Playwright (#11917)

Browse source 
Co-authored-by: R Midhun Suresh <hi@midhun.dev>
This commit is contained in:
Michael Telatynski 2023-11-23 10:27:11 +00:00 committed by GitHub
parent 8dcd13eb6d
commit a6705304aa
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 465 additions and 386 deletions
Download patch file Download diff file Expand all files Collapse all files

103
cypress/e2e/login/login.spec.ts
View file

@ -1,103 +0,0 @@
/*
Copyright 2022 The Matrix.org Foundation C.I.C.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/// <reference types="cypress" />
import { HomeserverInstance } from "../../plugins/utils/homeserver";
import { doTokenRegistration } from "./utils";
describe("Login", () => {
let homeserver: HomeserverInstance;
afterEach(() => {
cy.stopHomeserver(homeserver);
});
// tests for old-style SSO login, in which we exchange tokens with Synapse, and Synapse talks to an auth server
describe("SSO login", () => {
beforeEach(() => {
cy.task("startOAuthServer")
.then((oAuthServerPort: number) => {
return cy.startHomeserver({ template: "default", oAuthServerPort });
})
.then((data) => {
homeserver = data;
});
});
afterEach(() => {
cy.task("stopOAuthServer");
});
it("logs in with SSO and lands on the home screen", () => {
// If this test fails with a screen showing "Timeout connecting to remote server", it is most likely due to
// your firewall settings: Synapse is unable to reach the OIDC server.
//
// If you are using ufw, try something like:
// sudo ufw allow in on docker0
//
doTokenRegistration(homeserver.baseUrl);
// Eventually, we should end up at the home screen.
cy.url().should("contain", "/#/home", { timeout: 30000 });
cy.findByRole("heading", { name: "Welcome Alice" });
});
});
describe("logout", () => {
beforeEach(() => {
cy.startHomeserver("consent").then((data) => {
homeserver = data;
cy.initTestUser(homeserver, "Erin");
});
});
it("should go to login page on logout", () => {
cy.findByRole("button", { name: "User menu" }).click();
// give a change for the outstanding requests queue to settle before logging out
cy.wait(2000);
cy.get(".mx_UserMenu_contextMenu").within(() => {
cy.findByRole("menuitem", { name: "Sign out" }).click();
});
cy.url().should("contain", "/#/login");
});
it("should respect logout_redirect_url", () => {
cy.tweakConfig({
// We redirect to decoder-ring because it's a predictable page that isn't Element itself.
// We could use example.org, matrix.org, or something else, however this puts dependency of external
// infrastructure on our tests. In the same vein, we don't really want to figure out how to ship a
// `test-landing.html` page when running with an uncontrolled Element (via `yarn start`).
// Using the decoder-ring is just as fine, and we can search for strategic names.
logout_redirect_url: "/decoder-ring/",
});
cy.findByRole("button", { name: "User menu" }).click();
// give a change for the outstanding requests queue to settle before logging out
cy.wait(2000);
cy.get(".mx_UserMenu_contextMenu").within(() => {
cy.findByRole("menuitem", { name: "Sign out" }).click();
});
cy.url().should("contains", "decoder-ring");
});
});
});

141
cypress/e2e/login/soft_logout.spec.ts
View file

@ -1,141 +0,0 @@
/*
Copyright 2023 The Matrix.org Foundation C.I.C.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
import { HomeserverInstance } from "../../plugins/utils/homeserver";
import { UserCredentials } from "../../support/login";
import { doTokenRegistration } from "./utils";
describe("Soft logout", () => {
let homeserver: HomeserverInstance;
beforeEach(() => {
cy.task("startOAuthServer")
.then((oAuthServerPort: number) => {
return cy.startHomeserver({ template: "default", oAuthServerPort });
})
.then((data) => {
homeserver = data;
});
});
afterEach(() => {
cy.stopHomeserver(homeserver);
cy.task("stopOAuthServer");
});
describe("with password user", () => {
let testUserCreds: UserCredentials;
beforeEach(() => {
cy.initTestUser(homeserver, "Alice").then((creds) => {
testUserCreds = creds;
});
});
it("shows the soft-logout page when a request fails, and allows a re-login", () => {
interceptRequestsWithSoftLogout();
cy.findByText("You're signed out");
cy.findByPlaceholderText("Password").type(testUserCreds.password).type("{enter}");
// back to the welcome page
cy.url().should("contain", "/#/home", { timeout: 30000 });
cy.findByRole("heading", { name: "Welcome Alice" });
});
it("still shows the soft-logout page when the page is reloaded after a soft-logout", () => {
interceptRequestsWithSoftLogout();
cy.findByText("You're signed out");
cy.reload();
cy.findByText("You're signed out");
});
});
describe("with SSO user", () => {
beforeEach(() => {
doTokenRegistration(homeserver.baseUrl);
// Eventually, we should end up at the home screen.
cy.url().should("contain", "/#/home", { timeout: 30000 });
cy.findByRole("heading", { name: "Welcome Alice" });
});
it("shows the soft-logout page when a request fails, and allows a re-login", () => {
cy.findByRole("heading", { name: "Welcome Alice" });
interceptRequestsWithSoftLogout();
cy.findByText("You're signed out");
cy.findByRole("button", { name: "Continue with OAuth test" }).click();
// click the submit button
cy.findByRole("button", { name: "Submit" }).click();
// Synapse prompts us to grant permission to Element
cy.findByRole("heading", { name: "Continue to your account" });
cy.findByRole("link", { name: "Continue" }).click();
// back to the welcome page
cy.url().should("contain", "/#/home", { timeout: 30000 });
cy.findByRole("heading", { name: "Welcome Alice" });
});
});
});
/**
* Intercept calls to /sync and have them fail with a soft-logout
*
* Any further requests to /sync with the same access token are blocked.
*/
function interceptRequestsWithSoftLogout(): void {
let expiredAccessToken: string | null = null;
cy.intercept(
{
pathname: "/_matrix/client/*/sync",
},
(req) => {
const accessToken = req.headers["authorization"] as string;
// on the first request, record the access token
if (!expiredAccessToken) {
console.log(`Soft-logout on access token ${accessToken}`);
expiredAccessToken = accessToken;
}
// now, if the access token on this request matches the expired one, block it
if (expiredAccessToken && accessToken === expiredAccessToken) {
console.log(`Intercepting request with soft-logged-out access token`);
req.reply({
statusCode: 401,
body: {
errcode: "M_UNKNOWN_TOKEN",
error: "Soft logout",
soft_logout: true,
},
});
return;
}
// otherwise, pass through as normal
req.continue();
},
);
// do something to make the active /sync return: create a new room
cy.getClient().then((client) => {
// don't wait for this to complete: it probably won't, because of the broken sync
return client.createRoom({});
});
}

49
cypress/e2e/login/utils.ts
View file

@ -1,49 +0,0 @@
/*
Copyright 2023 The Matrix.org Foundation C.I.C.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/** Visit the login page, choose to log in with "OAuth test", register a new account, and redirect back to Element
*/
export function doTokenRegistration(homeserverUrl: string) {
cy.visit("/#/login");
cy.findByRole("button", { name: "Edit" }).click();
cy.findByRole("textbox", { name: "Other homeserver" }).type(homeserverUrl);
cy.findByRole("button", { name: "Continue" }).click();
// wait for the dialog to go away
cy.get(".mx_ServerPickerDialog").should("not.exist");
// click on "Continue with OAuth test"
cy.findByRole("button", { name: "Continue with OAuth test" }).click();
// wait for the Test OAuth Page to load
cy.findByText("Test OAuth page");
// click the submit button
cy.findByRole("button", { name: "Submit" }).click();
// Synapse prompts us to pick a user ID
cy.findByRole("heading", { name: "Create your account" });
cy.findByRole("textbox", { name: "Username (required)" }).type("alice");
// wait for username validation to start, and complete
cy.wait(50);
cy.get("#field-username-output").should("have.value", "");
cy.findByRole("button", { name: "Continue" }).click();
// Synapse prompts us to grant permission to Element
cy.findByRole("heading", { name: "Continue to your account" });
cy.findByRole("link", { name: "Continue" }).click();
}

7
cypress/plugins/index.ts
View file

@ -26,17 +26,12 @@ import { slidingSyncProxyDocker } from "./sliding-sync";
import { webserver } from "./webserver";
import { docker } from "./docker";
import { log } from "./log";
import { oAuthServer } from "./oauth_server";
/**
* @type {Cypress.PluginConfig}
*/
export default function (on: PluginEvents, config: PluginConfigOptions) {
initPlugins(
on,
[docker, synapseDocker, dendriteDocker, slidingSyncProxyDocker, webserver, oAuthServer, log],
config,
);
initPlugins(on, [docker, synapseDocker, dendriteDocker, slidingSyncProxyDocker, webserver, log], config);
installLogsPrinter(on, {
printLogsToConsole: "never",

24
cypress/plugins/oauth_server/README.md
View file

@ -1,24 +0,0 @@
# oauth_server
A very simple OAuth identity provider server.
The following endpoints are exposed:
- `/oauth/auth.html`: An OAuth2 [authorization endpoint](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint).
In a proper OAuth2 system, this would prompt the user to log in; we just give a big "Submit" button (and an
auth code that can be changed if we want the next step to fail). It redirects back to the calling application
with a "code".
- `/oauth/token`: An OAuth2 [token endpoint](https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint).
Receives the code issued by "auth.html" and, if it is valid, exchanges it for an OAuth2 access token.
- `/oauth/userinfo`: An OAuth2 [userinfo endpoint](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo).
Returns details about the owner of the offered access token.
To start the server, do:
```javascript
cy.task("startOAuthServer").then((port) => {
// now we can configure Synapse or Element to talk to the OAuth2 server.
});
```

81
cypress/plugins/oauth_server/index.ts
View file

@ -1,81 +0,0 @@
/*
Copyright 2023 The Matrix.org Foundation C.I.C.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
import http from "http";
import express from "express";
import { AddressInfo } from "net";
import PluginEvents = Cypress.PluginEvents;
import PluginConfigOptions = Cypress.PluginConfigOptions;
const servers: http.Server[] = [];
function startOAuthServer(html: string): number {
const app = express();
// static files. This includes the "authorization endpoint".
app.use(express.static(__dirname + "/res"));
// token endpoint (see https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint)
app.use("/oauth/token", express.urlencoded());
app.post("/oauth/token", (req, res) => {
// if the code is valid, accept it. Otherwise, return an error.
const code = req.body.code;
if (code === "valid_auth_code") {
res.send({
access_token: "oauth_access_token",
token_type: "Bearer",
expires_in: "3600",
});
} else {
res.send({ error: "bad auth code" });
}
});
// userinfo endpoint (see https://openid.net/specs/openid-connect-core-1_0.html#UserInfo)
app.get("/oauth/userinfo", (req, res) => {
// TODO: validate that the request carries an auth header which matches the access token we issued above
// return an OAuth2 user info object
res.send({
sub: "alice",
name: "Alice",
});
});
const server = http.createServer(app);
server.listen();
servers.push(server);
const address = server.address() as AddressInfo;
console.log(`Started OAuth server at ${address.address}:${address.port}`);
return address.port;
}
function stopOAuthServer(): null {
console.log("Stopping OAuth servers");
for (const server of servers) {
const address = server.address() as AddressInfo;
server.close();
console.log(`Stopped OAuth server at ${address.address}:${address.port}`);
}
servers.splice(0, servers.length); // clear
return null;
}
export function oAuthServer(on: PluginEvents, config: PluginConfigOptions) {
on("task", { startOAuthServer, stopOAuthServer });
on("after:run", stopOAuthServer);
}

42
cypress/plugins/oauth_server/res/oauth/auth.html
View file

@ -1,42 +0,0 @@
<!--
Copyright 2023 The Matrix.org Foundation C.I.C.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!--
A dummy OAuth2 authorization endpoint (see https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint)
Mostly, it just redirects back to the `redirect_uri` in the query params.
-->
<html lang="en">
<body>
<h1>Test OAuth page</h1>
<form id="auth_form">
<input type="hidden" id="state" name="state" />
<label for="code">Auth Code:</label>
<input type="text" id="code" name="code" value="valid_auth_code" />
<input type="submit" value="Submit" />
</form>
<script>
// process the query params, and set up the form
const urlParams = new URLSearchParams(window.location.search);
console.log("Test OAuth page: query params:", new Map(urlParams.entries()));
document.getElementById("auth_form").action = urlParams.get("redirect_uri");
document.getElementById("state").value = urlParams.get("state");
</script>
</body>
</html>