Merge 04731b2c66 into 886b855098

Test case for wrong redirect url
Fixture method to update SSO connection
2024-04-30 17:55:47 +05:30 · 2024-04-30 17:55:37 +05:30 · 2024-04-30 17:55:16 +05:30
2 changed files with 41 additions and 1 deletions
--- a/e2e/support/fixtures/sso-page.ts
+++ b/e2e/support/fixtures/sso-page.ts
@ -100,10 +100,20 @@ export class SSOPage {
    this.connections = [...this.connections, ssoName];
  }

-  async deleteSSOConnection(name: string) {
+  async gotoEditView(name: string) {
    await this.goto();
    const editButton = this.page.getByText(name).locator('xpath=..').getByLabel('Edit');
    await editButton.click();
+  }
+
+  async updateSSOConnection({ name, url }: { name: string; url: string }) {
+    await this.gotoEditView(name);
+    await this.redirectURLSInput.fill(url);
+    await this.saveConnection.click();
+  }
+
+  async deleteSSOConnection(name: string) {
+    await this.gotoEditView(name);
    // click the delete and confirm deletion
    await this.deleteButton.click();
    await this.confirmButton.click();
--- a/e2e/ui/Enterprise
+++ b/e2e/ui/Enterprise
@ -4,6 +4,7 @@ import { Portal, SSOPage } from 'e2e/support/fixtures';
 type MyFixtures = {
  ssoPage: SSOPage;
  portal: Portal;
+  ssoPageWithoutDelete: SSOPage;
 };

 export const test = baseTest.extend<MyFixtures>({
@ -19,6 +20,13 @@ export const test = baseTest.extend<MyFixtures>({
    const portal = new Portal(page);
    await use(portal);
  },
+  ssoPageWithoutDelete: async ({ page, baseURL }, use, testInfo) => {
+    const ssoPage = new SSOPage(page);
+    const ssoName = `saml-${testInfo.workerIndex}`;
+    await ssoPage.goto();
+    await ssoPage.addSSOConnection({ name: ssoName, type: 'saml', baseURL: baseURL! });
+    await use(ssoPage);
+  },
 });

 test('OAuth2 wrapper + SAML provider', async ({ ssoPage, portal, page, baseURL }, testInfo) => {
@ -35,6 +43,28 @@ test('OAuth2 wrapper + SAML provider', async ({ ssoPage, portal, page, baseURL }
  await portal.isLoggedIn();
 });

+test('OAuth2 wrapper + SAML provider + wrong redirectUrl', async ({
+  ssoPageWithoutDelete,
+  page,
+  baseURL,
+}, testInfo) => {
+  // check if the first added connection appears in the connection list
+  await expect(page.getByText(`saml-${testInfo.workerIndex}-1`)).toBeVisible();
+  await ssoPageWithoutDelete.updateSSOConnection({
+    name: `saml-${testInfo.workerIndex}-1`,
+    url: 'https://invalid-url.com',
+  });
+  // Logout of magic link login
+  await ssoPageWithoutDelete.logout();
+  await ssoPageWithoutDelete.signInWithSSO();
+  // // Login using MockSAML
+  // await ssoPage.signInWithMockSAML();
+  // Wait for browser to redirect to error page
+  await page.waitForURL((url) => url.origin === baseURL && url.pathname === '/error');
+  // Assert error text
+  await expect(page.getByText(`SSO error: Redirect URL is not allowed.`)).toBeVisible();
+});
+
 test('OAuth2 wrapper + 2 SAML providers', async ({ ssoPage, portal, page, baseURL }, testInfo) => {
  const ssoName = `saml-${testInfo.workerIndex}`;
  // check if the first added connection appears in the connection list
Author	SHA1	Message	Date
Aswin V	21380f10a5	Merge `04731b2c66` into `886b855098`	2024-04-30 17:55:47 +05:30
Aswin V	04731b2c66	Test case for wrong redirect url	2024-04-30 17:55:37 +05:30
Aswin V	279563bf16	Fixture method to update SSO connection	2024-04-30 17:55:16 +05:30