mirror of
https://github.com/open-metadata/OpenMetadata
synced 2026-05-24 09:39:11 +00:00
ca2d0122db
* test(playwright): add nightly SAML session renewal spec Covers OM's JWT refresh behavior for SAML sessions end-to-end against the local Keycloak fixture: silent refresh after expiry, concurrent 401s queuing behind a single refresh call, and forced re-login when the server-side SAML HttpSession is gone. Reuses the snapshot/restore mechanism and keycloak-azure-saml provider helper introduced in #27164; shortens samlConfiguration.security.token Validity to 10s so the suite observes multiple expiry cycles in <60s. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Update openmetadata-ui/src/main/resources/ui/playwright/utils/sessionRenewal.ts Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * test(playwright): drop expiry wait from refresh-on-reload SSO specs The reactive 401 refresh path races with the AuthProvider useEffect that wires tokenService.renewToken from authenticatorRef — if the 401 from /users/loggedInUser lands before that effect commits the populated ref, refreshToken() returns null and the user is logged out instead of refreshed. With tokenValidity=10s (< EXPIRY_THRESHOLD_MILLES=60s), the UI's proactive timer in startTokenExpiryTimer fires immediately on every mount, so /auth/refresh is exercised on each reload regardless of expiry state. Assertions on token rotation and session continuity still cover "silent refresh works end-to-end". The SAML-session-gone case still waits for expiry — it needs to. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * test(playwright): trigger refresh via SPA nav in SSO renewal specs page.reload() remounts React and re-races the axios interceptor setup in AuthProvider — the useEffect that wires authenticatorRef.renewIdToken onto TokenService has a ref-typed dependency that doesn't reliably re-run, so the first 401 after reload sometimes finds renewToken=null and the interceptor silently logs the user out instead of refreshing. Click the Explore sidebar link instead. The click triggers authenticated API calls while staying inside the already-mounted React tree, so the interceptor always reaches the wired TokenService. Spec now passes 10/10 locally. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Siddhant <siddhant@MacBook-Pro-621.local> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| airflow-apis-tests.yml | ||
| auto-cherry-pick-labeled-prs.yaml | ||
| claude.yml | ||
| codeql.yml | ||
| docker-k8s-operator.yml | ||
| docker-openmetadata-db.yml | ||
| docker-openmetadata-ingestion-base-slim.yml | ||
| docker-openmetadata-ingestion-base.yml | ||
| docker-openmetadata-ingestion.yml | ||
| docker-openmetadata-postgres.yml | ||
| docker-openmetadata-server.yml | ||
| git-create-release-branch.yml | ||
| integration-tests-mysql-elasticsearch.yml | ||
| integration-tests-postgres-opensearch.yml | ||
| java-checkstyle.yml | ||
| label-connector.yml | ||
| maven-build-collate.yml | ||
| maven-sonar-build.yml | ||
| monitor-slack-link.yml | ||
| mysql-nightly-e2e.yml | ||
| openmetadata-service-unit-tests.yml | ||
| playwright-docs-check.yml | ||
| playwright-integration-tests-mysql.yml | ||
| playwright-integration-tests-postgres.yml | ||
| playwright-knowledge-graph-postgresql-e2e.yml | ||
| playwright-mysql-e2e-skip.yml | ||
| playwright-mysql-e2e.yml | ||
| playwright-postgresql-e2e-skip.yml | ||
| playwright-postgresql-e2e.yml | ||
| playwright-sso-login-nightly.yml | ||
| playwright-sso-tests.yml | ||
| postgresql-nightly-e2e.yml | ||
| publish-maven-package.yml | ||
| py-checkstyle.yml | ||
| py-cli-e2e-tests.yml | ||
| py-operator-build-test.yml | ||
| py-sonarcloud-nightly.yml | ||
| py-tests-postgres.yml | ||
| py-tests.yml | ||
| python-packages-publish.yml | ||
| security-scan.yml | ||
| stale.yml | ||
| team-labeler.yml | ||
| trivy-scan-ingestion-base-slim-image.yml | ||
| trivy-scan-ingestion-image.yml | ||
| trivy-scan-openmetadata-server.yml | ||
| typescript-type-generation.yml | ||
| ui-checkstyle.yml | ||
| update-playwright-e2e-docs.yml | ||
| validate-docker-compose-quickstart.yml | ||
| validate-jsons-yamls.yml | ||
| yarn-coverage.yml | ||