-
Notifications
You must be signed in to change notification settings - Fork 230
Expand file tree
/
Copy pathsigninTokenCode.spec.ts
More file actions
136 lines (109 loc) · 5.18 KB
/
signinTokenCode.spec.ts
File metadata and controls
136 lines (109 loc) · 5.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
import { expect, test } from '../../lib/fixtures/standard';
test.describe('severity-2 #smoke', () => {
test.describe('signin token code for OAuth RP redirect with client requesting scoped keys', () => {
function toQueryString(obj: Record<string, any>) {
return Object.entries(obj)
.map((x) => `${x[0]}=${x[1]}`)
.join('&');
}
/* eslint-disable camelcase */
const queryParameters = {
client_id: '7f368c6886429f19',
code_challenge: 'aSOwsmuRBE1ZIVtiW6bzKMaf47kCFl7duD6ZWAXdnJo',
code_challenge_method: 'S256',
forceUA:
'Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Mobile Safari/537.36',
keys_jwk:
'eyJrdHkiOiJFQyIsImtpZCI6Im9DNGFudFBBSFZRX1pmQ09RRUYycTRaQlZYblVNZ2xISGpVRzdtSjZHOEEiLCJjcnYiOiJQLTI1NiIsIngiOiJDeUpUSjVwbUNZb2lQQnVWOTk1UjNvNTFLZVBMaEg1Y3JaQlkwbXNxTDk0IiwieSI6IkJCWDhfcFVZeHpTaldsdXU5MFdPTVZwamIzTlpVRDAyN0xwcC04RW9vckEifQ',
redirect_uri: 'https://mozilla.github.io/notes/fxa/android-redirect.html',
scope: 'profile https://identity.mozilla.com/apps/notes',
};
test('verified - valid code', async ({
target,
pages: { page, signin, relier, signinTokenCode },
testAccountTracker,
}) => {
// The `sync` prefix is needed to force confirmation.
const credentials = await testAccountTracker.signUpSync();
await relier.goto(toQueryString(queryParameters));
await relier.clickEmailFirst();
await signin.fillOutEmailFirstForm(credentials.email);
await signin.fillOutPasswordForm(credentials.password);
await expect(page).toHaveURL(/signin_token_code/);
const code = await target.emailClient.getVerifyLoginCode(
credentials.email
);
await signinTokenCode.fillOutCodeForm(code);
await expect(page).toHaveURL(/notes\/fxa/);
});
test('verified - invalid code', async ({
pages: { page, signin, relier, signinTokenCode },
testAccountTracker,
}) => {
// The `sync` prefix is needed to force confirmation.
const credentials = await testAccountTracker.signUpSync();
await relier.goto(toQueryString(queryParameters));
await relier.clickEmailFirst();
await signin.fillOutEmailFirstForm(credentials.email);
await signin.fillOutPasswordForm(credentials.password);
// Enter invalid code, ensure it doesn't work
await expect(page).toHaveURL(/signin_token_code/);
await signinTokenCode.fillOutCodeForm('123456');
await expect(page.getByText(/Invalid or expired/)).toBeVisible();
});
test('verified - resend code', async ({
target,
pages: { page, signin, relier, signinTokenCode },
testAccountTracker,
}) => {
// The `sync` prefix is needed to force confirmation.
const credentials = await testAccountTracker.signUpSync();
await relier.goto(toQueryString(queryParameters));
await relier.clickEmailFirst();
await signin.fillOutEmailFirstForm(credentials.email);
await signin.fillOutPasswordForm(credentials.password);
await expect(page).toHaveURL(/signin_token_code/);
// retrieve the first code and delete the email
let code = await target.emailClient.getVerifyLoginCode(credentials.email);
await expect(signinTokenCode.resendCodeButton).toBeVisible();
await signinTokenCode.resendCodeButton.click();
await expect(
page.getByText(/A new code was sent to your email./)
).toBeVisible();
// Retrieves the code from the new email
code = await target.emailClient.getVerifyLoginCode(credentials.email);
await signinTokenCode.fillOutCodeForm(code);
await expect(page).toHaveURL(/notes\/fxa/);
});
test('verified - token is always required', async ({
target,
pages: { page, signin, relier, signinTokenCode },
testAccountTracker,
}) => {
// The `sync` prefix is needed to force confirmation.
const credentials = await testAccountTracker.signUpSync();
await relier.goto(toQueryString(queryParameters));
await relier.clickEmailFirst();
await signin.fillOutEmailFirstForm(credentials.email);
await signin.fillOutPasswordForm(credentials.password);
await expect(page).toHaveURL(/signin_token_code/);
// retrieve the first code and delete the email
let code = await target.emailClient.getVerifyLoginCode(credentials.email);
// Go back to sign in page.
page.goBack();
// Enter the wrong password
await signin.fillOutPasswordForm(credentials.password + 'x');
await expect(page).toHaveURL(/signin/);
// Enter the right password
await signin.fillOutPasswordForm(credentials.password);
await expect(page).toHaveURL(/signin_token_code/);
// Retrieves the code from the new email
code = await target.emailClient.getVerifyLoginCode(credentials.email);
await signinTokenCode.fillOutCodeForm(code);
await expect(page).toHaveURL(/notes\/fxa/);
});
});
});