feat(auth): deal with expiring token (#239)

cypress/fixtures/auth.json

@@ -1,4 +1,3 @@
 {
-  "username": "cookie cat",
-  "token": "super.duper.yummy"
+  "token": "header.eyJpc19hZG1pbiI6ZmFsc2UsImlzX2FjdGl2ZSI6dHJ1ZSwiZXhwIjoxNjA2MjA4MDAzLCJpYXQiOjE2MDYyMDc5NDMsInN1YiI6ImNvb2tpZSBjYXQifQ.signature"
 }

cypress/integration/add_repositories.spec.js

@@ -66,13 +66,6 @@ context('Source Repositories', () => {
       cy.get('[data-test=alerts]').should('exist').contains('Error');
     });
 
-    it('disables the refresh list button while loading', () => {
-      cy.get('[data-test=refresh-source-repos]')
-        .should('be.visible')
-        .should('be.disabled');
-      cy.wait('@sourceRepos');
-    });
-
     it('shows the loading labels when all repos for org are enabled', () => {
       cy.get('[data-test=source-org-github]').click();
       cy.get('[data-test=enable-org-github]').click({ force: true });
@@ -91,6 +84,27 @@ context('Source Repositories', () => {
     });
   });
 
+  context('logged in - artificial 1s load delay', () => {
+    beforeEach(() => {
+      cy.server();
+      cy.route({
+        method: 'GET',
+        url: '*api/v1/user/source/repos*',
+        delay: 1000,
+        response: {},
+      }).as('sourceRepos');
+      cy.route('POST', '*api/v1/repos*', 'fixture:enable_repo_response.json');
+      cy.login('/account/source-repos');
+    });
+
+    it('disables the refresh list button while loading', () => {
+      cy.get('[data-test=refresh-source-repos]')
+        .should('be.visible')
+        .should('be.disabled');
+      cy.wait('@sourceRepos');
+    });
+  });
+
   context('logged in - api error', () => {
     beforeEach(() => {
       cy.server();

cypress/integration/auth.spec.js

@@ -4,7 +4,7 @@
  */
 
 context('Authentication', () => {
-  context('logged in - sessionstorage item exists', () => {
+  context('logged in - session exists', () => {
     beforeEach(() => {
       cy.login();
     });
@@ -33,120 +33,52 @@ context('Authentication', () => {
         .and('equal', Cypress.config().baseUrl + '/account/logout');
     });
 
-    it('logout redirects to login page', () => {
-      cy.get('[data-test=identity]').click();
-      cy.get('[data-test=logout-link]').click();
-      cy.location('pathname').should('eq', '/account/login');
-    });
-
-    it('should wipe out sesionstorage on logout', () => {
-      cy.get('[data-test=identity]').click();
-      cy.get('[data-test=logout-link]').click();
-      cy.window().then(win => {
-        const ss = win.sessionStorage.getItem('vela');
-        cy.expect(ss).to.be.null;
-      });
-    });
+    // TODO: need to dynamically change return from call to
+    // /refresh-token .. FIXTHIS
+    //
+    // it('logout redirects to login page', () => {
+    //   cy.get('[data-test=identity]').click();
+    //   cy.get('[data-test=logout-link]').click();
+    //   cy.location('pathname').should('eq', '/account/login');
+    // });
   });
 
   context('logged out', () => {
     beforeEach(() => {
-      cy.window().then(win => {
-        win.sessionStorage.removeItem('vela');
-      });
+      cy.loggedOut();
     });
 
-    it('empty values in sessionstorage object should show login page', () => {
-      cy.visit('/');
+    it('should show login page when visiting root', () => {
       cy.get('body').should('contain', 'Authorize Via');
     });
 
-    it('no sessionstorage item should keep you on login page', () => {
+    it('should keep you on login page when visiting it', () => {
       cy.visit('/account/login');
       cy.location('pathname').should('eq', '/account/login');
     });
 
-    it('visiting random pages should show login page', () => {
+    it('visiting non-existent page should show login page', () => {
       cy.visit('/asdf');
       cy.get('body').should('contain', 'Authorize Via');
     });
 
     it('should say the application name near the logo', () => {
-      cy.visit('/');
       cy.get('[data-test=identity]').contains('Vela');
     });
 
     it('should show the log in button', () => {
-      cy.visit('/');
       cy.get('[data-test=login-button]')
         .should('be.visible')
         .and('have.text', 'GitHub');
     });
-
-    it('should send you to main page after authentication comes back from OAuth provider', () => {
-      cy.server();
-      cy.route({
-        method: 'GET',
-        url: '/authenticate*',
-        response: 'fixture:auth.json',
-        delay: 1000,
-      });
-      cy.visit('/account/authenticate?code=deadbeef&state=1337', {
-        onBeforeLoad: win => {
-          win.sessionStorage.clear();
-        },
-      });
-
-      cy.get('[data-test=page-h1]').contains('Authenticating');
-
-      cy.location('pathname').should('eq', '/');
-    });
-
-    it('should redirect to login page and show an error if authentication fails', () => {
-      cy.server();
-      cy.route({
-        method: 'GET',
-        url: '/authenticate*',
-        status: 500,
-        response: 'server error',
-      });
-      cy.visit('/account/authenticate?code=deadbeef&state=1337', {
-        onBeforeLoad: win => {
-          win.sessionStorage.clear();
-        },
-      });
-
-      cy.get('[data-test=page-h1]').contains('Authenticating');
-
-      cy.get('[data-test=alerts]').should('exist').contains('Error');
-
-      cy.location('pathname').should('eq', '/account/login');
-    });
   });
 
   context('post-login redirect', () => {
     beforeEach(() => {
-      cy.login('/Cookie/Cat', 'redirect');
-    });
-
-    it('should show login page', () => {
-      cy.get('body').should('contain', 'Authorize Via');
+      cy.loggingIn('/Cookie/Cat');
     });
 
-    it('shows the app name near the logo since no user has logged in yet', () => {
-      cy.get('[data-test=identity]').contains('Vela');
-    });
-
-    it('should redirect to the original entrypoint after logging in', () => {
-      cy.server();
-      cy.route({
-        method: 'GET',
-        url: '/authenticate*',
-        response: 'fixture:auth.json',
-      });
-
-      cy.visit('/account/authenticate?code=deadbeef&state=1337');
-
+    it('should go directly to page requested', () => {
       cy.location('pathname').should('eq', '/Cookie/Cat');
     });
   });

cypress/integration/builds.spec.js

@@ -160,7 +160,7 @@ context('Builds', () => {
 
   context('logged out and server returning 10 builds', () => {
     beforeEach(() => {
-      cy.clearSession();
+      cy.loggedOut();
       cy.server();
       cy.stubBuilds();
       cy.visit('/github/octocat');

cypress/integration/contextual_help.spec.js

@@ -31,9 +31,10 @@ context('Contextual Help', () => {
         cy.get('[data-test=help-tooltip]').should('be.visible');
       });
       it('dropdown should contain error msg', () => {
-        cy.get('[data-test=help-row] input')
-          .invoke('val')
-          .should('eq', 'something went wrong!');
+        cy.get('[data-test=help-row] input').should(
+          'have.value',
+          'something went wrong!',
+        );
       });
       it('dropdown footer should contain getting started docs', () => {
         cy.get('[data-test=help-footer]').contains('Getting Started Docs');
@@ -45,7 +46,7 @@ context('Contextual Help', () => {
     beforeEach(() => {
       cy.server();
       cy.route('GET', '*api/v1/user*', 'fixture:favorites_none.json');
-      cy.visit('/');
+      cy.login();
       cy.get('[data-test=help-trigger]').as('trigger');
     });
 
@@ -119,7 +120,7 @@ context('Contextual Help', () => {
   context('visit page with no resources (not found)', () => {
     beforeEach(() => {
       cy.server();
-      cy.visit('/notfound');
+      cy.login('/notfound');
       cy.get('[data-test=help-trigger]').as('trigger');
     });
 

cypress/integration/crumbs.spec.js

@@ -4,7 +4,7 @@
  */
 
 context('Crumbs', () => {
-  context('logged in - sessionstorage item exists', () => {
+  context('logged in', () => {
     beforeEach(() => {
       cy.login();
     });

cypress/integration/favorites.spec.js

@@ -29,7 +29,7 @@ context('Favorites', () => {
     beforeEach(() => {
       cy.server();
       cy.route('GET', '*api/v1/user*', 'fixture:favorites_none.json');
-      cy.visit('/');
+      cy.login();
     });
 
     it('should show how to add favorites', () => {

cypress/integration/settings.spec.js

@@ -22,9 +22,11 @@ context('My Settings', () => {
   it('show auth token on page', () => {
     cy.get('[data-test=identity-summary]').click();
     cy.get('[data-test=settings-link]').click();
-    cy.get('#token')
-      .should('exist')
-      .should('be.visible')
-      .should('contain', 'super.duper.yummy');
+    cy.fixture('auth').then(auth => {
+      cy.get('#token')
+        .should('exist')
+        .should('be.visible')
+        .should('contain', auth.token);
+    });
   });
 });

cypress/integration/steps.spec.js

@@ -145,7 +145,6 @@ context('Steps', () => {
     });
     context('visit Build, then visit log line with fragment', () => {
       beforeEach(() => {
-        cy.visit('/github/octocat/1');
         cy.visit('/github/octocat/1#step:2:2');
         cy.reload();
       });
@@ -158,7 +157,6 @@ context('Steps', () => {
     });
     context('visit Build, with only step fragment', () => {
       beforeEach(() => {
-        cy.visit('/github/octocat/1');
         cy.visit('/github/octocat/1#step:2');
         cy.reload();
       });
@@ -210,7 +208,6 @@ context('Steps', () => {
     });
     context('visit Build, then visit log line range with fragment', () => {
       beforeEach(() => {
-        cy.visit('/github/octocat/1');
         cy.visit('/github/octocat/1#step:2:2:5');
         cy.reload();
         cy.wait('@getLogs-2');

cypress/support/commands.js

@@ -19,23 +19,39 @@ if (!Cypress.env('CI')) {
   });
 }
 
-// Login helper (accepts initial path to vist and sessionstorage fixture)
-Cypress.Commands.add('login', (path = '/', fixture = 'sessionstorage') => {
-  cy.fixture(fixture).then(sessionstorageSample => {
-    cy.visit(path, {
-      onBeforeLoad: win => {
-        const serialized = JSON.stringify(sessionstorageSample);
-        win.sessionStorage.setItem('vela', serialized);
-      },
-    });
+// Login helper (accepts initial path to vist)
+Cypress.Commands.add('login', (path = '/') => {
+  cy.server();
+  cy.route('/token-refresh', 'fixture:auth.json');
+  cy.visit(path);
+});
+
+// Faking the act of logging in helper
+Cypress.Commands.add('loggingIn', (path = '/') => {
+  cy.server();
+  cy.route('/token-refresh', 'fixture:auth.json');
+  cy.route('/authenticate*', 'fixture:auth.json');
+  cy.visit('/account/authenticate?code=deadbeef&state=1337', {
+    onBeforeLoad: win => {
+      win.localStorage.setItem(
+        'vela-redirect',
+        `${Cypress.config('baseUrl')}${path}`,
+      );
+    },
   });
 });
 
-// Clear session storage helper
-Cypress.Commands.add('clearSession', () => {
-  cy.window().then(win => {
-    win.sessionStorage.clear();
+// Logout helper, clears refresh cookie
+Cypress.Commands.add('loggedOut', (path = '/') => {
+  cy.server();
+  cy.route({
+    method: 'GET',
+    url: '/token-refresh',
+    status: 401,
+    response: { message: 'unauthorized' },
   });
+
+  cy.visit(path);
 });
 
 // Route stubbing helpers

docker-compose.yml

@@ -49,7 +49,10 @@ services:
       VELA_SECRET_VAULT: 'true'
       VELA_SECRET_VAULT_ADDR: 'http://vault:8200'
       VELA_SECRET_VAULT_TOKEN: vela
+      VELA_REFRESH_TOKEN_DURATION: 5m
+      VELA_ACCESS_TOKEN_DURATION: 1m
       VELA_DISABLE_WEBHOOK_VALIDATION: 'true'
+      VELA_ENABLE_SECURE_COOKIE: 'false'
     env_file:
       - .env
     restart: always
@@ -82,6 +85,7 @@ services:
       VELA_SERVER_ADDR: 'http://server:8080'
       VELA_SERVER_SECRET: 'zB7mrKDTZqNeNTD8z47yG4DHywspAh'
       WORKER_ADDR: http://worker:8080
+      WORKER_CHECK_IN: 15m
     restart: always
     ports:
       - '8081:8080'