Elgato_dark/ToolJet
1
0
Fork 0
mirror of https://github.com/ToolJet/ToolJet synced 2026-05-04 05:48:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
ToolJet/server/test/controllers/oauth.e2e-spec.ts

462 lines
14 KiB
TypeScript
Raw Normal View History

Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
import * as request from 'supertest';
import { INestApplication } from '@nestjs/common';
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
import { clearDB, createUser, createNestAppInstanceWithEnvMock } from '../test.helper';
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
import { OAuth2Client } from 'google-auth-library';
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
import { mocked } from 'ts-jest/utils';
import got from 'got';
jest.mock('got');
const mockedGot = mocked(got);
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
describe('oauth controller', () => {
let app: INestApplication;
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
let mockConfig;
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
beforeEach(async () => {
await clearDB();
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
jest.spyOn(mockConfig, 'get').mockImplementation((key: string) => {
if (key === 'SSO_DISABLE_SIGNUP') {
return 'false';
} else {
return process.env[key];
}
});
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
});
beforeAll(async () => {
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
({ app, mockConfig } = await createNestAppInstanceWithEnvMock());
});
afterEach(() => {
jest.resetAllMocks();
jest.clearAllMocks();
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
});
describe('sign in via Google OAuth', () => {
it('should return login info when the user does not exist', async () => {
const googleVerifyMock = jest.spyOn(OAuth2Client.prototype, 'verifyIdToken');
googleVerifyMock.mockImplementation(() => ({
getPayload: () => ({
sub: 'someSSOId',
email: 'ssoUser@tooljet.io',
name: 'SSO User',
hd: 'tooljet.io',
}),
}));
// Calling the createUser helper function to have an Organization created. This user is irrelevant for the test
await createUser(app, { email: 'anotherUser@tooljet.io', role: 'admin' });
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
const token = 'someStuff';
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
const response = await request(app.getHttpServer()).post('/api/oauth/sign-in').send({ token, origin: 'google' });
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
expect(googleVerifyMock).toHaveBeenCalledWith({
idToken: token,
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
audience: undefined,
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
});
expect(response.statusCode).toBe(201);
Fix failing oauth specs due to change in permissions (#1422)
2021-11-21 04:14:54 +00:00
expect(Object.keys(response.body).sort()).toEqual(
[
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
'id',
'email',
'first_name',
'last_name',
'auth_token',
'admin',
'group_permissions',
'app_group_permissions',
Fix failing oauth specs due to change in permissions (#1422)
2021-11-21 04:14:54 +00:00
].sort()
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
);
const { email, first_name, last_name, admin, group_permissions, app_group_permissions } = response.body;
expect(email).toEqual('ssoUser@tooljet.io');
expect(first_name).toEqual('SSO');
expect(last_name).toEqual('User');
expect(admin).toBeFalsy();
expect(group_permissions).toHaveLength(1);
expect(group_permissions[0].group).toEqual('all_users');
Fix failing oauth specs due to change in permissions (#1422)
2021-11-21 04:14:54 +00:00
expect(Object.keys(group_permissions[0]).sort()).toEqual(
[
'id',
'organization_id',
'group',
'app_create',
'app_delete',
'updated_at',
'created_at',
'folder_create',
].sort()
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
);
expect(app_group_permissions).toHaveLength(0);
});
it('should be forbid logging in when the user does not exist and signups are disabled', async () => {
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
jest.spyOn(mockConfig, 'get').mockImplementation((key: string) => {
if (key === 'SSO_DISABLE_SIGNUP') {
return 'true';
} else {
return process.env[key];
}
});
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
const googleVerifyMock = jest.spyOn(OAuth2Client.prototype, 'verifyIdToken');
googleVerifyMock.mockImplementation(() => ({
getPayload: () => ({
sub: 'someSSOId',
email: 'ssoUser@tooljet.io',
name: 'SSO User',
hd: 'tooljet.io',
}),
}));
// Calling the createUser helper function to have an Organization created. This user is irrelevant for the test
await createUser(app, { email: 'anotherUser@tooljet.io', role: 'admin' });
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
const token = 'someStuff';
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
const response = await request(app.getHttpServer()).post('/api/oauth/sign-in').send({ token, origin: 'google' });
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
expect(googleVerifyMock).toHaveBeenCalledWith({
idToken: token,
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
audience: undefined,
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
});
expect(response.statusCode).toBe(401);
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
});
it('should be forbid logging in when the restricted domin is configured and domain not match', async () => {
jest.spyOn(mockConfig, 'get').mockImplementation((key: string) => {
if (key === 'SSO_RESTRICTED_DOMAIN') {
return 'tooljet.com,tooljet.in';
} else {
return process.env[key];
}
});
const googleVerifyMock = jest.spyOn(OAuth2Client.prototype, 'verifyIdToken');
googleVerifyMock.mockImplementation(() => ({
getPayload: () => ({
sub: 'someSSOId',
email: 'ssoUser@tooljet.io',
name: 'SSO User',
hd: 'tooljet.io',
}),
}));
// Calling the createUser helper function to have an Organization created. This user is irrelevant for the test
await createUser(app, { email: 'anotherUser@tooljet.io', role: 'admin' });
const token = 'someStuff';
const response = await request(app.getHttpServer()).post('/api/oauth/sign-in').send({ token, origin: 'google' });
expect(googleVerifyMock).toHaveBeenCalledWith({
idToken: token,
audience: undefined,
});
expect(response.statusCode).toBe(401);
});
it('should be success when the restricted domin is configured and domain matches', async () => {
jest.spyOn(mockConfig, 'get').mockImplementation((key: string) => {
if (key === 'SSO_RESTRICTED_DOMAIN') {
return 'tooljet.com,tooljet.io';
} else {
return process.env[key];
}
});
const googleVerifyMock = jest.spyOn(OAuth2Client.prototype, 'verifyIdToken');
googleVerifyMock.mockImplementation(() => ({
getPayload: () => ({
sub: 'someSSOId',
email: 'ssoUser@tooljet.io',
name: 'SSO User',
hd: 'tooljet.io',
}),
}));
// Calling the createUser helper function to have an Organization created. This user is irrelevant for the test
await createUser(app, { email: 'anotherUser@tooljet.io', role: 'admin' });
const token = 'someStuff';
const response = await request(app.getHttpServer()).post('/api/oauth/sign-in').send({ token, origin: 'google' });
expect(googleVerifyMock).toHaveBeenCalledWith({
idToken: token,
audience: undefined,
});
expect(response.statusCode).toBe(201);
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
});
it('should return login info when the user exists', async () => {
const googleVerifyMock = jest.spyOn(OAuth2Client.prototype, 'verifyIdToken');
googleVerifyMock.mockImplementation(() => ({
getPayload: () => ({
sub: 'someSSOId',
email: 'ssoUser@tooljet.io',
name: 'New name',
hd: 'tooljet.io',
}),
}));
await createUser(app, {
email: 'ssoUser@tooljet.io',
role: 'developer',
ssoId: 'someSSOId',
firstName: 'Existing',
lastName: 'Name',
groups: ['all_users', 'admin'],
});
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
const token = 'someStuff';
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
const response = await request(app.getHttpServer()).post('/api/oauth/sign-in').send({ token, origin: 'google' });
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
expect(googleVerifyMock).toHaveBeenCalledWith({
idToken: token,
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
audience: undefined,
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
});
expect(response.statusCode).toBe(201);
expect(new Set(Object.keys(response.body))).toEqual(
new Set([
'id',
'email',
'first_name',
'last_name',
'auth_token',
'admin',
'group_permissions',
'app_group_permissions',
])
);
const { email, first_name, last_name, admin, group_permissions, app_group_permissions } = response.body;
expect(email).toEqual('ssoUser@tooljet.io');
expect(first_name).toEqual('Existing');
expect(last_name).toEqual('Name');
expect(admin).toBeTruthy();
expect(group_permissions).toHaveLength(2);
Fix failing oauth specs due to change in permissions (#1422)
2021-11-21 04:14:54 +00:00
expect(group_permissions.map((p) => p.group).sort()).toEqual(['all_users', 'admin'].sort());
expect(Object.keys(group_permissions[0]).sort()).toEqual(
[
'id',
'organization_id',
'group',
'app_create',
'app_delete',
'folder_create',
'updated_at',
'created_at',
].sort()
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
);
expect(app_group_permissions).toHaveLength(0);
});
});
Github OAuth integration (#1837) * Initial commit * git auth * git sso * Git sso * Git Oauth rebase * review comments * added email validation * improvement * Package lock revert * E2E test case fix * fix data population in migration * Supress initial error thrown by google * Fix * e2e test cases * added e2e test cases * isValidDomain improvement * e2e test cases fix Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
2022-01-27 09:51:17 +00:00
describe('sign in via Git OAuth', () => {
it('should return login info when the user does not exist', async () => {
const gitAuthResponse = jest.fn();
gitAuthResponse.mockImplementation(() => {
return {
json: () => {
return {
access_token: 'some-access-token',
scope: 'scope',
token_type: 'bearer',
};
},
};
});
const gitGetUserResponse = jest.fn();
gitGetUserResponse.mockImplementation(() => {
return {
json: () => {
return {
name: 'SSO UserGit',
email: 'ssoUserGit@tooljet.io',
};
},
};
});
mockedGot.mockImplementationOnce(gitAuthResponse);
mockedGot.mockImplementationOnce(gitGetUserResponse);
const token = 'some-token';
// Calling the createUser helper function to have an Organization created. This user is irrelevant for the test
await createUser(app, { email: 'anotherUser@tooljet.io', role: 'admin' });
const response = await request(app.getHttpServer()).post('/api/oauth/sign-in').send({ token, origin: 'git' });
expect(response.statusCode).toBe(201);
expect(Object.keys(response.body).sort()).toEqual(
[
'id',
'email',
'first_name',
'last_name',
'auth_token',
'admin',
'group_permissions',
'app_group_permissions',
].sort()
);
const { email, first_name, last_name, admin, group_permissions, app_group_permissions } = response.body;
expect(email).toEqual('ssoUserGit@tooljet.io');
expect(first_name).toEqual('SSO');
expect(last_name).toEqual('UserGit');
expect(admin).toBeFalsy();
expect(group_permissions).toHaveLength(1);
expect(group_permissions[0].group).toEqual('all_users');
expect(Object.keys(group_permissions[0]).sort()).toEqual(
[
'id',
'organization_id',
'group',
'app_create',
'app_delete',
'updated_at',
'created_at',
'folder_create',
].sort()
);
expect(app_group_permissions).toHaveLength(0);
});
it('should be forbid logging in when the user does not exist and signups are disabled', async () => {
jest.spyOn(mockConfig, 'get').mockImplementation((key: string) => {
if (key === 'SSO_DISABLE_SIGNUP') {
return 'true';
} else {
return process.env[key];
}
});
const gitAuthResponse = jest.fn();
gitAuthResponse.mockImplementation(() => {
return {
json: () => {
return {
access_token: 'some-access-token',
scope: 'scope',
token_type: 'bearer',
};
},
};
});
const gitGetUserResponse = jest.fn();
gitGetUserResponse.mockImplementation(() => {
return {
json: () => {
return {
name: 'SSO UserGit',
email: 'ssoUserGit@tooljet.io',
};
},
};
});
mockedGot.mockImplementationOnce(gitAuthResponse);
mockedGot.mockImplementationOnce(gitGetUserResponse);
// Calling the createUser helper function to have an Organization created. This user is irrelevant for the test
await createUser(app, { email: 'anotherUser@tooljet.io', role: 'admin' });
const token = 'someStuff';
const response = await request(app.getHttpServer()).post('/api/oauth/sign-in').send({ token, origin: 'git' });
expect(response.statusCode).toBe(401);
});
it('should return login info when the user exists', async () => {
const gitAuthResponse = jest.fn();
gitAuthResponse.mockImplementation(() => {
return {
json: () => {
return {
access_token: 'some-access-token',
scope: 'scope',
token_type: 'bearer',
};
},
};
});
const gitGetUserResponse = jest.fn();
gitGetUserResponse.mockImplementation(() => {
return {
json: () => {
return {
name: 'Existing Name',
email: 'ssoUserGit@tooljet.io',
};
},
};
});
mockedGot.mockImplementationOnce(gitAuthResponse);
mockedGot.mockImplementationOnce(gitGetUserResponse);
await createUser(app, {
email: 'ssoUserGit@tooljet.io',
role: 'developer',
ssoId: 'someSSOId',
firstName: 'Existing',
lastName: 'Name',
groups: ['all_users', 'admin'],
});
const token = 'someStuff';
const response = await request(app.getHttpServer()).post('/api/oauth/sign-in').send({ token, origin: 'git' });
expect(response.statusCode).toBe(201);
expect(new Set(Object.keys(response.body))).toEqual(
new Set([
'id',
'email',
'first_name',
'last_name',
'auth_token',
'admin',
'group_permissions',
'app_group_permissions',
])
);
const { email, first_name, last_name, admin, group_permissions, app_group_permissions } = response.body;
expect(email).toEqual('ssoUserGit@tooljet.io');
expect(first_name).toEqual('Existing');
expect(last_name).toEqual('Name');
expect(admin).toBeTruthy();
expect(group_permissions).toHaveLength(2);
expect(group_permissions.map((p) => p.group).sort()).toEqual(['all_users', 'admin'].sort());
expect(Object.keys(group_permissions[0]).sort()).toEqual(
[
'id',
'organization_id',
'group',
'app_create',
'app_delete',
'folder_create',
'updated_at',
'created_at',
].sort()
);
expect(app_group_permissions).toHaveLength(0);
});
});
Feature/merge google sso to community edition (#1420) * SSO 🔥 (#2) * Add rough implementation of google SSO * Use env variables for storing Google Oauth client id * Set organization user to active when a new user is created via sso This commit also fetches first name and last name from the payload received from google. Also adds some refactoring. * Apply proper styles to google login button * Refactor oauth controller * Move google specific logic to a separate service * Fail sign-in if google could not verify idToken * Refactoring update for GoogleOAuthService * Change env variable name for google sso client id * Show Google sign-in button only if client id env variable is given * Add SSO_GOOGLE_OAUTH2_CLIENT_ID to app.json * Whitelist apis.google.com in CSP * Add accounts.google.com to CSP * Add documentation for Google SSO * Add e2e tests for Google SSO * Resolve minor linting issues * Avoid use of raw query in migration for SSO ID This commit also adds an index for SSO ID * Verify domain of user's email id for single sign on * Add documentation for RESTRICTED_DOMAIN env variable in SSO * Move SSO controllers and services to ee folder * Move GoogleLoginButton to ee folder * Test the restricted domain verification for Google SSO * Remove unnecessary console.log * Apply better styles to Sign in with google button * Remove documentation for Google SSO This will be added to the community edition repo * Remove unnecessary static images * Fetch Google OAuth2 client id from server instead of client env (#3) * Check for existing email when signing in via SSO (#4) * hotfix oauth service return type * hotfix sso user creation * Allow disabling sign-up via SSO (#5) * hotfix file input change on import/export * Align SSO button on login box center (#6) * Fix: group permission not being set on sso (#7) * fixes group permission not being set on sso * update specs for sso * lint fix * add user id on login response * decamelize keys on login response * fix specs Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com> Co-authored-by: navaneeth <navaneethpk@outlook.com>
2021-11-17 11:21:50 +00:00
afterAll(async () => {
await app.close();
});
});
Reference in a new issue Copy permalink