UI - Login fix (hashicorp#4403)

* fix login * add tests for login submission
sikachu · Apr 20, 2018 · 7763007 · 7763007
1 parent cc8ec49
commit 7763007
Show file tree

Hide file tree

Showing 5 changed files with 56 additions and 21 deletions.
diff --git a/ui/app/components/auth-form.js b/ui/app/components/auth-form.js
@@ -1,15 +1,7 @@
 import Ember from 'ember';
 import { supportedAuthBackends } from 'vault/helpers/supported-auth-backends';
 const BACKENDS = supportedAuthBackends();
-const { computed, inject } = Ember;
-
-const attributesForSelectedAuthBackend = {
-  token: ['token'],
-  userpass: ['username', 'password'],
-  ldap: ['username', 'password'],
-  github: ['username', 'password'],
-  okta: ['username', 'password'],
-};
+const { computed, inject, get } = Ember;
 
 const DEFAULTS = {
   token: null,
@@ -81,16 +73,16 @@ export default Ember.Component.extend(DEFAULTS, {
         error: null,
       });
       let targetRoute = this.get('redirectTo') || 'vault.cluster';
-      let backend = this.get('selectedAuthBackend.type');
+      let backend = this.get('selectedAuthBackend');
       let path = this.get('customPath');
-      let attributes = attributesForSelectedAuthBackend[backend];
+      let attributes = get(backend, 'formAttributes');
 
       data = Ember.assign(data, this.getProperties(...attributes));
       if (this.get('useCustomPath') && path) {
         data.path = path;
       }
       const clusterId = this.get('cluster.id');
-      this.get('auth').authenticate({ clusterId, backend, data }).then(
+      this.get('auth').authenticate({ clusterId, backend: get(backend, 'type'), data }).then(
         ({ isRoot }) => {
           this.set('loading', false);
           const transition = this.get('routing.router').transitionTo(targetRoute);

diff --git a/ui/app/helpers/supported-auth-backends.js b/ui/app/helpers/supported-auth-backends.js
@@ -6,30 +6,35 @@ const SUPPORTED_AUTH_BACKENDS = [
     description: 'Token authentication.',
     tokenPath: 'id',
     displayNamePath: 'display_name',
+    formAttributes: ['token'],
   },
   {
     type: 'userpass',
     description: 'A simple username and password backend.',
     tokenPath: 'client_token',
     displayNamePath: 'metadata.username',
+    formAttributes: ['username', 'password'],
   },
   {
     type: 'LDAP',
     description: 'LDAP authentication.',
     tokenPath: 'client_token',
     displayNamePath: 'metadata.username',
+    formAttributes: ['username', 'password'],
   },
   {
     type: 'Okta',
     description: 'Authenticate with your Okta username and password.',
     tokenPath: 'client_token',
     displayNamePath: 'metadata.username',
+    formAttributes: ['username', 'password'],
   },
   {
     type: 'GitHub',
     description: 'GitHub authentication.',
     tokenPath: 'client_token',
     displayNamePath: ['metadata.org', 'metadata.username'],
+    formAttributes: ['token'],
   },
 ];
 

diff --git a/ui/tests/acceptance/auth-test.js b/ui/tests/acceptance/auth-test.js
@@ -3,24 +3,29 @@ import moduleForAcceptance from 'vault/tests/helpers/module-for-acceptance';
 import { supportedAuthBackends } from 'vault/helpers/supported-auth-backends';
 import authForm from '../pages/components/auth-form';
 import { create } from 'ember-cli-page-object';
+import apiStub from 'vault/tests/helpers/noop-all-api-requests';
 
 const component = create(authForm);
 
 moduleForAcceptance('Acceptance | auth', {
   beforeEach() {
+    this.server = apiStub({ usePassthrough: true });
     return authLogout();
   },
+  afterEach() {
+    this.server.shutdown();
+  },
 });
 
 test('auth query params', function(assert) {
   const backends = supportedAuthBackends();
   visit('/vault/auth');
-  andThen(function() {
+  andThen(() => {
     assert.equal(currentURL(), '/vault/auth');
   });
   backends.reverse().forEach(backend => {
     click(`[data-test-auth-method-link="${backend.type}"]`);
-    andThen(function() {
+    andThen(() => {
       assert.equal(
         currentURL(),
         `/vault/auth?with=${backend.type}`,
@@ -32,12 +37,38 @@ test('auth query params', function(assert) {
 
 test('it clears token when changing selected auth method', function(assert) {
   visit('/vault/auth');
-  andThen(function() {
+  andThen(() => {
     assert.equal(currentURL(), '/vault/auth');
   });
   component.token('token').tabs.filterBy('name', 'GitHub')[0].link();
   component.tabs.filterBy('name', 'Token')[0].link();
-  andThen(function() {
+  andThen(() => {
     assert.equal(component.tokenValue, '', 'it clears the token value when toggling methods');
   });
 });
+
+test('it sends the right attributes when authenticating', function(assert) {
+  let backends = supportedAuthBackends();
+  visit('/vault/auth');
+  backends.reverse().forEach(backend => {
+    click(`[data-test-auth-method-link="${backend.type}"]`);
+    if (backend.type === 'GitHub') {
+      component.token('token');
+    }
+    component.login();
+    andThen(() => {
+      let lastRequest = this.server.passthroughRequests[this.server.passthroughRequests.length - 1];
+      let body = JSON.parse(lastRequest.requestBody);
+      if (backend.type === 'token') {
+        assert.ok(
+          Object.keys(lastRequest.requestHeaders).includes('X-Vault-Token'),
+          'token uses vault token header'
+        );
+      } else if (backend.type === 'GitHub') {
+        assert.ok(Object.keys(body).includes('token'), 'GitHub includes token');
+      } else {
+        assert.ok(Object.keys(body).includes('password'), `${backend.type} includes password`);
+      }
+    });
+  });
+});
diff --git a/ui/tests/acceptance/policies-acl-old-test.js b/ui/tests/acceptance/policies-acl-old-test.js
@@ -72,19 +72,26 @@ test('policies', function(assert) {
   });
 });
 
+// https://github.com/hashicorp/vault/issues/4395
 test('it properly fetches policies when the name ends in a ,', function(assert) {
+  const now = new Date().getTime();
   const policyString = 'path "*" { capabilities = ["update"]}';
-  const policyName = `symbol,.`;
+  const policyName = `${now}-symbol,.`;
 
   page.visit({ type: 'acl' });
   // new policy creation
   click('[data-test-policy-create-link]');
   fillIn('[data-test-policy-input="name"]', policyName);
-  andThen(() => {
+  andThen(function() {
     find('.CodeMirror').get(0).CodeMirror.setValue(policyString);
   });
   click('[data-test-policy-save]');
-  andThen(() => {
+  andThen(function() {
+    assert.equal(
+      currentURL(),
+      `/vault/policy/acl/${policyName}`,
+      'navigates to policy show on successful save'
+    );
     assert.equal(find('[data-test-policy-edit-toggle]').length, 1, 'shows the edit toggle');
   });
 });
diff --git a/ui/tests/acceptance/secrets/backend/kv/secret-test.js b/ui/tests/acceptance/secrets/backend/kv/secret-test.js
@@ -29,7 +29,7 @@ test('it creates a secret and redirects', function(assert) {
   andThen(() => {
     let capabilitiesReq = this.server.passthroughRequests.findBy('url', '/v1/sys/capabilities-self');
     assert.equal(
-      JSON.parse(capabilitiesReq.requestBody).path,
+      JSON.parse(capabilitiesReq.requestBody).paths,
       `secret/data/${path}`,
       'calls capabilites with the correct path'
     );
@@ -49,7 +49,7 @@ test('version 1 performs the correct capabilities lookup', function(assert) {
   andThen(() => {
     let capabilitiesReq = this.server.passthroughRequests.findBy('url', '/v1/sys/capabilities-self');
     assert.equal(
-      JSON.parse(capabilitiesReq.requestBody).path,
+      JSON.parse(capabilitiesReq.requestBody).paths,
       `${enginePath}/${secretPath}`,
       'calls capabilites with the correct path'
     );