From 56d2480389b25773af82aed5de0aea205d0dbd2b Mon Sep 17 00:00:00 2001
From: Zach Wasserman <zach@fleetdm.com>
Date: Mon, 5 Apr 2021 11:01:30 -0700
Subject: [PATCH] Fix E2E SSO testing (#589)

Some of the command helpers were dropped in a rebase/merge.
---
 cypress/support/commands.ts | 89 ++++++++++++++++++++++++++++++++++---
 cypress/support/index.d.ts  | 15 ++++---
 2 files changed, 91 insertions(+), 13 deletions(-)

diff --git a/cypress/support/commands.ts b/cypress/support/commands.ts
index 4c70132db1..11a5877b10 100644
--- a/cypress/support/commands.ts
+++ b/cypress/support/commands.ts
@@ -30,6 +30,26 @@ Cypress.Commands.add('setup', () => {
   cy.exec('make e2e-reset-db e2e-setup', { timeout: 10000 });
 });
 
+Cypress.Commands.add('login', (username, password) => {
+  username ||= 'test';
+  password ||= 'admin123#';
+  cy.request('POST', '/api/v1/fleet/login', { username, password })
+    .then((resp) => {
+      window.localStorage.setItem('KOLIDE::auth_token', resp.body.token);
+    });
+});
+
+Cypress.Commands.add('logout', () => {
+  cy.request({
+    url: '/api/v1/fleet/logout',
+    method: 'POST',
+    body: {},
+    auth: {
+      bearer: window.localStorage.getItem('KOLIDE::auth_token'),
+    },
+  });
+});
+
 Cypress.Commands.add('setupSMTP', () => {
   const body = {
     smtp_settings: {
@@ -51,11 +71,66 @@ Cypress.Commands.add('setupSMTP', () => {
   });
 });
 
-Cypress.Commands.add('login', (username, password) => {
-  username ||= 'test';
-  password ||= 'admin123#';
-  cy.request('POST', '/api/v1/fleet/login', { username, password })
-    .then((resp) => {
-      window.localStorage.setItem('KOLIDE::auth_token', resp.body.token);
-    });
+Cypress.Commands.add('setupSSO', (enable_idp_login = false) => {
+  const body = {
+    sso_settings: {
+      enable_sso: true,
+      enable_sso_idp_login: enable_idp_login,
+      entity_id: 'https://localhost:8080',
+      idp_name: 'SimpleSAML',
+      issuer_uri: 'http://localhost:8080/simplesaml/saml2/idp/SSOService.php',
+      metadata_url: 'http://localhost:9080/simplesaml/saml2/idp/metadata.php',
+    },
+  };
+
+  cy.request({
+    url: '/api/v1/fleet/config',
+    method: 'PATCH',
+    body,
+    auth: {
+      bearer: window.localStorage.getItem('KOLIDE::auth_token'),
+    },
+  });
+});
+
+Cypress.Commands.add('loginSSO', () => {
+  // Note these requests set cookies that are required for the SSO flow to
+  // work properly. This is handled automatically by the browser.
+  cy.request({
+    method: 'GET',
+    url: 'http://localhost:9080/simplesaml/saml2/idp/SSOService.php?spentityid=https://localhost:8080',
+    followRedirect: false,
+  }).then((firstResponse) => {
+    const redirect = firstResponse.headers.location;
+
+    cy.request({
+      method: 'GET',
+      url: redirect,
+      followRedirect: false,
+    }).then((secondResponse) => {
+      const el = document.createElement('html');
+      el.innerHTML = secondResponse.body;
+      const authState = el.getElementsByTagName('input').namedItem('AuthState').defaultValue;
+
+      cy.request({
+        method: 'POST',
+        url: redirect,
+        body: `username=user1&password=user1pass&AuthState=${authState}`,
+        form: true,
+        followRedirect: false,
+      }).then((finalResponse) => {
+        el.innerHTML = finalResponse.body;
+        const saml = el.getElementsByTagName('input').namedItem('SAMLResponse').defaultValue;
+
+        // Load the callback URL with the response from the IdP
+        cy.visit({
+          url: '/api/v1/fleet/sso/callback',
+          method: 'POST',
+          body: {
+            SAMLResponse: saml,
+          },
+        });
+      });
+    });
+  });
 });
diff --git a/cypress/support/index.d.ts b/cypress/support/index.d.ts
index 9ee4ec1497..a3eb140065 100644
--- a/cypress/support/index.d.ts
+++ b/cypress/support/index.d.ts
@@ -13,6 +13,11 @@ declare namespace Cypress {
      */
     login(): Chainable<Element>;
 
+    /**
+     * Custom command to login a user1@example.com via SSO.
+     */
+    loginSSO(): Chainable<Element>;
+
     /**
      * Custom command to log out the current user.
      */
@@ -22,18 +27,16 @@ declare namespace Cypress {
      * Custom command to setup the SMTP configuration for this testing environment.
      *
      * NOTE: login() command is required before this, as it will make authenticated
-     * requests to set up SMTP
+     * requests.
      */
     setupSMTP(): Chainable<Element>;
 
     /**
      * Custom command to set up SSO auth with the local server.
+     *
+     * NOTE: login() command is required before this, as it will make authenticated
+     * requests.
      */
     setupSSO(enable_idp_login?: boolean): Chainable<Element>;
-
-    /**
-     * Custom command to login a user1@example.com via SSO.
-     */
-    loginSSO(): Chainable<Element>;
   }
 }