-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathoidcMock.ts
More file actions
84 lines (78 loc) · 2.95 KB
/
Copy pathoidcMock.ts
File metadata and controls
84 lines (78 loc) · 2.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
import type { Page } from '@playwright/test';
import BrowserTestJWTConfig from '../jwt/config';
import {
generateTokenEndpointResponse,
generateUserInfoEndpointResponse,
} from '../jwt/oidc';
import type {
OIDCOpenIdConfigurationResponseType,
OIDCUserProfileType,
} from '../jwt/types';
import { envUrl } from '../settings';
let cachedOidcConfig: OIDCOpenIdConfigurationResponseType | null = null;
// Build the OIDC discovery payload from the known authority URL.
// Tunnistamo/Keycloak follows the standard path convention, so we can
// construct all endpoint URLs without a live network call.
function getOidcConfig(): OIDCOpenIdConfigurationResponseType {
if (!cachedOidcConfig) {
const authority = BrowserTestJWTConfig.oidcAuthority;
const base = authority.endsWith('/') ? authority : `${authority}/`;
const issuer = base.replace(/\/$/, '');
cachedOidcConfig = {
issuer,
authorization_endpoint: `${base}protocol/openid-connect/auth`,
token_endpoint: `${base}protocol/openid-connect/token`,
userinfo_endpoint: `${base}protocol/openid-connect/userinfo`,
end_session_endpoint: `${base}protocol/openid-connect/logout`,
};
}
return cachedOidcConfig;
}
/**
* Install page.route handlers that mock the OIDC endpoints used by oidc-client-ts.
* Replaces AuthServiceRequestInterceptor + KukkuuApiTestJwtBearerAuthorization from
* browser-tests/utils/jwt/mocks/testJWTAuthRequests.ts.
*
* Must be called before page.goto() so that routes are in place when the app loads.
*/
export async function installOidcMock(
page: Page,
user: OIDCUserProfileType
): Promise<void> {
const oidcConfig = getOidcConfig();
const { authorization_endpoint, token_endpoint, userinfo_endpoint } =
oidcConfig;
const discoveryEndpoint = BrowserTestJWTConfig.oidcConfigurationEndpoint;
// Intercept every request whose URL starts with the OIDC authority
await page.route(`${BrowserTestJWTConfig.oidcAuthority}**`, async (route) => {
const url = route.request().url().split('?')[0];
if (url === authorization_endpoint) {
// Redirect auth endpoint straight back to the app (bypasses the login UI)
await route.fulfill({
status: 307,
headers: { Location: envUrl() },
});
} else if (url === token_endpoint) {
await route.fulfill({
status: 200,
contentType: 'application/json',
body: JSON.stringify(generateTokenEndpointResponse(user)),
});
} else if (url === userinfo_endpoint) {
await route.fulfill({
status: 200,
contentType: 'application/json',
body: JSON.stringify(generateUserInfoEndpointResponse(user)),
});
} else if (url === discoveryEndpoint) {
// Serve the discovery document from the mock — no live IdP request needed
await route.fulfill({
status: 200,
contentType: 'application/json',
body: JSON.stringify(oidcConfig),
});
} else {
await route.continue();
}
});
}