Elgato_dark/console
1
0
Fork 0
mirror of https://github.com/graphql-hive/console synced 2026-05-22 16:48:56 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
console/integration-tests/testkit/auth.ts

171 lines
4.3 KiB
TypeScript
Raw Normal View History

prettier should be responsible for import sorting instead of eslint (#1027)
2023-01-23 09:30:38 +00:00
import { z } from 'zod';
Ensure user and personal org creation after successful sign up/in (#518)
2022-10-25 14:12:43 +00:00
import type { InternalApi } from '@hive/server';
[🔧 ESLint] import sort (#736)
2022-12-28 19:22:54 +00:00
import { createTRPCProxyClient, httpLink } from '@trpc/client';
Hello
2022-05-18 07:26:57 +00:00
import { ensureEnv } from './env';
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
import { getServiceHost } from './utils';
Ensure user and personal org creation after successful sign up/in (#518)
2022-10-25 14:12:43 +00:00
chore: upgrade supertokens core to 7 (#3386)
2023-11-15 09:39:54 +00:00
const SignUpSignInUserResponseModel = z
.object({
status: z.literal('OK'),
user: z.object({
emails: z.array(z.string()),
id: z.string(),
timeJoined: z.number(),
}),
})
.refine(response => response.user.emails.length === 1)
.transform(response => ({
...response,
user: {
id: response.user.id,
email: response.user.emails[0],
timeJoined: response.user.timeJoined,
},
}));
Hello
2022-05-18 07:26:57 +00:00
feat: replace auth0 with supertokens (#303) * add supertoken container to docker-compose file * yeah I am sorry this one big commit and I am ashamed of it * use logOut function * feat: show header on 404 page * feat: better handling for organization cookie when not authenticated * wrap it * check session within server side props * add is_admin flag user migration * simplify and annotate the config * fix: handle status codes + fix email/password sign up with import from auth0 * no hardcoded env pls * decode process.env * secure update user id mapping via a key * fix: login form * lol we don't need to hit the API * fix: do graphql api authorization via authorization header instead of cookie * implement isAdmin flag * fix: types :) * skipit * yo we can run this * set env variables * disable because it annoys the hell out of me * use the right host * add not about token length * refactor: decode environment variables * feat: store external user id from guthub/google provider in the database * workaround supertokens omitting null values from the token * re-enable check * i have no time for this shit * add missing env variable * fix: email test; missing domain extension * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> * fix: env names * fix: link google account to the correct db record * feat: email confirmation emails * ? * bump ts-node * fix types * omit package form the bundle * remove it from dependencies... * add emails apckage to dev deps * resolve eslint issues * remove comments * update dev info + change env variable (no need to expose it on the frontend) * use correct user id lol Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com>
2022-09-06 07:38:31 +00:00
const signUpUserViaEmail = async (
email: string,
Update dependency @theguild/prettier-config to v1 (#676) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-11-24 10:00:41 +00:00
password: string,
Ensure user and personal org creation after successful sign up/in (#518)
2022-10-25 14:12:43 +00:00
): Promise<z.TypeOf<typeof SignUpSignInUserResponseModel>> => {
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
try {
use supertoken cdi version 3.0 (#2631)
2023-07-20 08:44:27 +00:00
const response = await fetch(
`${ensureEnv('SUPERTOKENS_CONNECTION_URI')}/appid-public/public/recipe/signup`,
{
method: 'POST',
headers: {
'content-type': 'application/json; charset=UTF-8',
'api-key': ensureEnv('SUPERTOKENS_API_KEY'),
chore: upgrade supertokens core to 7 (#3386)
2023-11-15 09:39:54 +00:00
'cdi-version': '4.0',
use supertoken cdi version 3.0 (#2631)
2023-07-20 08:44:27 +00:00
},
body: JSON.stringify({
email,
password,
}),
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
},
use supertoken cdi version 3.0 (#2631)
2023-07-20 08:44:27 +00:00
);
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
const body = await response.text();
if (response.status !== 200) {
throw new Error(`Signup failed. ${response.status}.\n ${body}`);
}
return SignUpSignInUserResponseModel.parse(JSON.parse(body));
} catch (e) {
console.warn(`Failed to sign up:`, e);
throw e;
feat: replace auth0 with supertokens (#303) * add supertoken container to docker-compose file * yeah I am sorry this one big commit and I am ashamed of it * use logOut function * feat: show header on 404 page * feat: better handling for organization cookie when not authenticated * wrap it * check session within server side props * add is_admin flag user migration * simplify and annotate the config * fix: handle status codes + fix email/password sign up with import from auth0 * no hardcoded env pls * decode process.env * secure update user id mapping via a key * fix: login form * lol we don't need to hit the API * fix: do graphql api authorization via authorization header instead of cookie * implement isAdmin flag * fix: types :) * skipit * yo we can run this * set env variables * disable because it annoys the hell out of me * use the right host * add not about token length * refactor: decode environment variables * feat: store external user id from guthub/google provider in the database * workaround supertokens omitting null values from the token * re-enable check * i have no time for this shit * add missing env variable * fix: email test; missing domain extension * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> * fix: env names * fix: link google account to the correct db record * feat: email confirmation emails * ? * bump ts-node * fix types * omit package form the bundle * remove it from dependencies... * add emails apckage to dev deps * resolve eslint issues * remove comments * update dev info + change env variable (no need to expose it on the frontend) * use correct user id lol Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com>
2022-09-06 07:38:31 +00:00
}
};
const createSessionPayload = (superTokensUserId: string, email: string) => ({
version: '1',
superTokensUserId,
email,
});
Ensure user and personal org creation after successful sign up/in (#518)
2022-10-25 14:12:43 +00:00
const CreateSessionModel = z.object({
accessToken: z.object({
token: z.string(),
feat: replace auth0 with supertokens (#303) * add supertoken container to docker-compose file * yeah I am sorry this one big commit and I am ashamed of it * use logOut function * feat: show header on 404 page * feat: better handling for organization cookie when not authenticated * wrap it * check session within server side props * add is_admin flag user migration * simplify and annotate the config * fix: handle status codes + fix email/password sign up with import from auth0 * no hardcoded env pls * decode process.env * secure update user id mapping via a key * fix: login form * lol we don't need to hit the API * fix: do graphql api authorization via authorization header instead of cookie * implement isAdmin flag * fix: types :) * skipit * yo we can run this * set env variables * disable because it annoys the hell out of me * use the right host * add not about token length * refactor: decode environment variables * feat: store external user id from guthub/google provider in the database * workaround supertokens omitting null values from the token * re-enable check * i have no time for this shit * add missing env variable * fix: email test; missing domain extension * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> * fix: env names * fix: link google account to the correct db record * feat: email confirmation emails * ? * bump ts-node * fix types * omit package form the bundle * remove it from dependencies... * add emails apckage to dev deps * resolve eslint issues * remove comments * update dev info + change env variable (no need to expose it on the frontend) * use correct user id lol Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com>
2022-09-06 07:38:31 +00:00
}),
Ensure user and personal org creation after successful sign up/in (#518)
2022-10-25 14:12:43 +00:00
refreshToken: z.object({
token: z.string(),
feat: replace auth0 with supertokens (#303) * add supertoken container to docker-compose file * yeah I am sorry this one big commit and I am ashamed of it * use logOut function * feat: show header on 404 page * feat: better handling for organization cookie when not authenticated * wrap it * check session within server side props * add is_admin flag user migration * simplify and annotate the config * fix: handle status codes + fix email/password sign up with import from auth0 * no hardcoded env pls * decode process.env * secure update user id mapping via a key * fix: login form * lol we don't need to hit the API * fix: do graphql api authorization via authorization header instead of cookie * implement isAdmin flag * fix: types :) * skipit * yo we can run this * set env variables * disable because it annoys the hell out of me * use the right host * add not about token length * refactor: decode environment variables * feat: store external user id from guthub/google provider in the database * workaround supertokens omitting null values from the token * re-enable check * i have no time for this shit * add missing env variable * fix: email test; missing domain extension * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> * fix: env names * fix: link google account to the correct db record * feat: email confirmation emails * ? * bump ts-node * fix types * omit package form the bundle * remove it from dependencies... * add emails apckage to dev deps * resolve eslint issues * remove comments * update dev info + change env variable (no need to expose it on the frontend) * use correct user id lol Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com>
2022-09-06 07:38:31 +00:00
}),
});
Update dependency @theguild/prettier-config to v1 (#676) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-11-24 10:00:41 +00:00
const createSession = async (
superTokensUserId: string,
email: string,
oidcIntegrationId: string | null,
) => {
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
try {
const graphqlAddress = await getServiceHost('server', 8082);
const internalApi = createTRPCProxyClient<InternalApi>({
links: [
httpLink({
url: `http://${graphqlAddress}/trpc`,
fetch,
}),
],
});
await internalApi.ensureUser.mutate({
superTokensUserId,
email,
oidcIntegrationId,
Custom Auth UI, proper SSO login flow and slug modifications (#5111)
2024-07-03 14:31:01 +00:00
firstName: null,
lastName: null,
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
});
const sessionData = createSessionPayload(superTokensUserId, email);
const payload = {
enableAntiCsrf: false,
userId: superTokensUserId,
userDataInDatabase: sessionData,
userDataInJWT: sessionData,
};
use supertoken cdi version 3.0 (#2631)
2023-07-20 08:44:27 +00:00
const response = await fetch(
`${ensureEnv('SUPERTOKENS_CONNECTION_URI')}/appid-public/public/recipe/session`,
{
method: 'POST',
headers: {
'content-type': 'application/json; charset=UTF-8',
'api-key': ensureEnv('SUPERTOKENS_API_KEY'),
rid: 'session',
chore: upgrade supertokens core to 7 (#3386)
2023-11-15 09:39:54 +00:00
'cdi-version': '4.0',
use supertoken cdi version 3.0 (#2631)
2023-07-20 08:44:27 +00:00
},
body: JSON.stringify(payload),
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
},
use supertoken cdi version 3.0 (#2631)
2023-07-20 08:44:27 +00:00
);
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
const body = await response.text();
if (response.status !== 200) {
throw new Error(`Create session failed. ${response.status}.\n ${body}`);
}
const data = CreateSessionModel.parse(JSON.parse(body));
/**
* These are the required cookies that need to be set.
*/
return {
access_token: data.accessToken.token,
feat: preflight scripts for laboratory (#5564) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Saihajpreet Singh <saihajpreet.singh@gmail.com> Co-authored-by: Laurin Quast <laurinquast@googlemail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com>
2024-12-27 10:06:52 +00:00
refresh_token: data.refreshToken.token,
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
};
} catch (e) {
console.warn(`Failed to create session:`, e);
throw e;
feat: replace auth0 with supertokens (#303) * add supertoken container to docker-compose file * yeah I am sorry this one big commit and I am ashamed of it * use logOut function * feat: show header on 404 page * feat: better handling for organization cookie when not authenticated * wrap it * check session within server side props * add is_admin flag user migration * simplify and annotate the config * fix: handle status codes + fix email/password sign up with import from auth0 * no hardcoded env pls * decode process.env * secure update user id mapping via a key * fix: login form * lol we don't need to hit the API * fix: do graphql api authorization via authorization header instead of cookie * implement isAdmin flag * fix: types :) * skipit * yo we can run this * set env variables * disable because it annoys the hell out of me * use the right host * add not about token length * refactor: decode environment variables * feat: store external user id from guthub/google provider in the database * workaround supertokens omitting null values from the token * re-enable check * i have no time for this shit * add missing env variable * fix: email test; missing domain extension * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> * fix: env names * fix: link google account to the correct db record * feat: email confirmation emails * ? * bump ts-node * fix types * omit package form the bundle * remove it from dependencies... * add emails apckage to dev deps * resolve eslint issues * remove comments * update dev info + change env variable (no need to expose it on the frontend) * use correct user id lol Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com>
2022-09-06 07:38:31 +00:00
}
};
const password = 'ilikebigturtlesandicannotlie47';
Hello
2022-05-18 07:26:57 +00:00
Transfer ownership of an organization (#732)
2022-12-07 10:36:52 +00:00
export function userEmail(userId: string) {
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
return `${userId}-${Date.now()}@localhost.localhost`;
Transfer ownership of an organization (#732)
2022-12-07 10:36:52 +00:00
}
Hello
2022-05-18 07:26:57 +00:00
Transfer ownership of an organization (#732)
2022-12-07 10:36:52 +00:00
const tokenResponsePromise: {
[key: string]: Promise<z.TypeOf<typeof SignUpSignInUserResponseModel>> | null;
} = {};
Hello
2022-05-18 07:26:57 +00:00
feat: preflight scripts for laboratory (#5564) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Saihajpreet Singh <saihajpreet.singh@gmail.com> Co-authored-by: Laurin Quast <laurinquast@googlemail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com>
2024-12-27 10:06:52 +00:00
export function authenticate(
email: string,
): Promise<{ access_token: string; refresh_token: string }>;
Update dependency @theguild/prettier-config to v1 (#676) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-11-24 10:00:41 +00:00
export function authenticate(
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
email: string,
Transfer ownership of an organization (#732)
2022-12-07 10:36:52 +00:00
oidcIntegrationId?: string,
feat: preflight scripts for laboratory (#5564) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Saihajpreet Singh <saihajpreet.singh@gmail.com> Co-authored-by: Laurin Quast <laurinquast@googlemail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com>
2024-12-27 10:06:52 +00:00
): Promise<{ access_token: string; refresh_token: string }>;
Transfer ownership of an organization (#732)
2022-12-07 10:36:52 +00:00
export function authenticate(
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
email: string | string,
Update dependency @theguild/prettier-config to v1 (#676) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-11-24 10:00:41 +00:00
oidcIntegrationId?: string,
feat: preflight scripts for laboratory (#5564) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Saihajpreet Singh <saihajpreet.singh@gmail.com> Co-authored-by: Laurin Quast <laurinquast@googlemail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com>
2024-12-27 10:06:52 +00:00
): Promise<{ access_token: string; refresh_token: string }> {
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
if (!tokenResponsePromise[email]) {
tokenResponsePromise[email] = signUpUserViaEmail(email, password);
Hello
2022-05-18 07:26:57 +00:00
}
Drop `dockest`, refactor integration testkit, and run all integration tests in parallel (#883) Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-12-28 09:37:23 +00:00
return tokenResponsePromise[email]!.then(data =>
Update dependency @theguild/prettier-config to v1 (#676) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
2022-11-24 10:00:41 +00:00
createSession(data.user.id, data.user.email, oidcIntegrationId ?? null),
feat: OIDC organisation integration (#524) * feat: support login via okta * add deployment config * feat: automatically start okta login when visiting /auth with okta provider query parameter * remove trailing slash from base url * laurin pls * ... * adjust deployment url * we dont need this * docs: document how to enabled Google and GitHub social login (#511) * docs: document how to enabled Google and GitHub social login * Apply suggestions from code review * Apply suggestions from code review * docs: add Okta instructions * fix typo * add database migration * feat: env decoding * auto generate id * add generates types for the postgres table * implement crud graphql fields for the oidc integration entites * add unique constraint for the oidc domain column * use correct sql query for updating an oidc integration * return organization from deleteOIDCIntegration ok result * add crud forms to the settings page * update integration test fixture value * drop unique constraint for oidc_integrations.domain as this would allow a malicous user to block another account from using a domain * move notice to isolated component * apply url normalization in a central place * implement supertokens provider and overrides for dynamic oidc provider integrations * relocate code to correct files * prettify oidc crud forms * replace Query.isOIDCIntegrationFeatureEnabled with the Organization.viewerCanManageOIDCIntegration field * do not show oidc integrations for personal organizations + disable crud endpoints if the feature is disabled * load oidc integration for the supertokens flow via trpc from the server * prepare encryption secret within constructor * add user to organization upon oidc login * login via oidc does not create a personal organization * redirect oidc user to oidc organization * disallow oidc users to create an organization * disallow oidc accounts joining another organization * add test for updating an oidc integration * enhance ui * add documentation for OIDC SSO * add more tests * import Callout component * update snapshots * rename field User.isLinkedToOIDCIntegration to User.canSwitchOrganization to be more decriptive * add traling new line * gracefully handle unique constraint * upgrade supertokens-auth-react and adjust the code in order to remove the global preApiHook * sync image versions with tests * remove obsolete comment * rename database column * bruv * add test for oidc user deletion
2022-11-03 15:45:17 +00:00
);
Hello
2022-05-18 07:26:57 +00:00
}
Reference in a new issue Copy permalink