added some units test for trusted header SSO

2025-08-03 08:10:28 +00:00 · 2023-05-06 17:26:49 +02:00 · 2023-05-06 17:26:49 +02:00 · 4122cc8ade
commit 4122cc8ade
parent a5914df807
3 changed files with 50 additions and 8 deletions
--- a/Taskfile.yml
+++ b/Taskfile.yml
@ -127,7 +127,7 @@ tasks:
    desc: Runs end-to-end test on a live server (only for use in CI)
    cmds:
      - cd backend && go build ./app/api
-      - backend/api &
+      - HBOX_OPTIONS_HEADER_SSO_ENABLED=1 HBOX_OPTIONS_HEADER_SSO_ALLOWED_IP=127.0.0.1 backend/api &
      - sleep 5
      - cd frontend && pnpm run test:ci
    silent: true
--- a/frontend/lib/api/test/user/trusted_headers.test.ts
+++ b/frontend/lib/api/test/user/trusted_headers.test.ts
@ -0,0 +1,39 @@
+import { describe, expect, test } from "vitest";
+
+import { PublicApi } from "../../public";
+import * as config from "../../../../test/config";
+import { Requests } from "../../../requests";
+import { overrideParts } from "../../base/urls";
+
+describe("trusted header handling", () => {
+  overrideParts(config.BASE_URL, "/api/v1");
+  const requests = new Requests("");
+  const pub = new PublicApi(requests);
+
+  test("basic login using HTTP headers", async () => {
+    const ssoHeaders = {
+      "Remote-Email": "test@test.com",
+      "Remote-Name": "Test User",
+      "Remote-Groups": "admins,local",
+    };
+
+    const response = await pub.login_sso_header(ssoHeaders);
+    expect(response.error).toBeFalsy();
+  }, 20000);
+
+  test("basic login using HTTP headers fails no headers", async () => {
+    const ssoHeaders = {};
+
+    const response = await pub.login_sso_header(ssoHeaders);
+    expect(response.error).toBeTruthy();
+  }, 20000);
+
+  test("basic login using HTTP headers empty email header", async () => {
+    const ssoHeaders = {
+      "Remote-Email": "",
+    };
+
+    const response = await pub.login_sso_header(ssoHeaders);
+    expect(response.error).toBeTruthy();
+  }, 20000);
+});
--- a/frontend/lib/api/public.ts
+++ b/frontend/lib/api/public.ts
@ -24,15 +24,18 @@ export class PublicApi extends BaseAPI {
    });
  }

-  public login_sso_header() {
+  // headers parameter only here for unit testing
+  public login_sso_header(headers = {}) {
+    const testHeaders = {
+      /** TODO: remove headers here. Only for testing. Usually the SSO servie will add this */
+      // "Remote-Email": "demo3@example.com",
+      // "Remote-Name": "Fritz3",
+      // "Remote-Groups": "admins,local",
+    };
+    const queryHeaders = { ...headers, ...testHeaders };
    return this.http.post<string, TokenResponse>({
      url: route("/users/login-sso-header"),
-      /** TODO: remove header here. Only for testing. Usually the SSO servie will add this */
-      headers: {
-        "Remote-Email": "demo3@example.com",
-        "Remote-Name": "Fritz3",
-        "Remote-Groups": "admins,local",
-      },
+      headers: queryHeaders,
    });
  }