From 1ff42bc835c4e4df5bacb6d4aa324edfa22cd6d2 Mon Sep 17 00:00:00 2001 From: Simon Legg Date: Fri, 19 Apr 2019 20:35:56 +0100 Subject: [PATCH 1/5] clears authentications when logout is clicked --- src/core/components/auth/auths.jsx | 5 ++ .../static/documents/bugs/4641.yaml | 34 +++++++++++++ test/e2e-cypress/tests/bugs/4641.js | 49 +++++++++++++++++++ 3 files changed, 88 insertions(+) create mode 100644 test/e2e-cypress/static/documents/bugs/4641.yaml create mode 100644 test/e2e-cypress/tests/bugs/4641.js diff --git a/src/core/components/auth/auths.jsx b/src/core/components/auth/auths.jsx index 98074512c53..9a9b0cdde1f 100644 --- a/src/core/components/auth/auths.jsx +++ b/src/core/components/auth/auths.jsx @@ -38,6 +38,11 @@ export default class Auths extends React.Component { return key }).toArray() + this.setState(auths.reduce((prev, auth) => { + prev[auth] = "" + return prev + }, {})) + authActions.logout(auths) } diff --git a/test/e2e-cypress/static/documents/bugs/4641.yaml b/test/e2e-cypress/static/documents/bugs/4641.yaml new file mode 100644 index 00000000000..de64e095284 --- /dev/null +++ b/test/e2e-cypress/static/documents/bugs/4641.yaml @@ -0,0 +1,34 @@ +openapi: 3.0.0 +info: + title: Demo API + description: First test + termsOfService: 'http://demo.io/terms-of-service/' + contact: + name: Demo Support + email: support@demo.io + version: 1.0.0 +servers: + - url: 'https://httpstat.us/' + +paths: + /200: + get: + summary: Returns a 200 + tags: + - 200 + security: + - api_key: [] + responses: + '200': + description: A 200 + content: + application/text: + schema: + type: string + +components: + securitySchemes: + api_key: + type: apiKey + name: api_key + in: header diff --git a/test/e2e-cypress/tests/bugs/4641.js b/test/e2e-cypress/tests/bugs/4641.js new file mode 100644 index 00000000000..7e3b5a8e876 --- /dev/null +++ b/test/e2e-cypress/tests/bugs/4641.js @@ -0,0 +1,49 @@ +describe("#4641: The Logout button in Authorize popup not clearing API Key", () => { + it("should include the given api key in requests", () => { + cy + .visit("/?url=/documents/bugs/4641.yaml") + .get("button.btn.authorize") // open authorize popup + .click() + .get("section>input") // type api key into input + .type("my_api_key") + .get(".auth-btn-wrapper > .authorize") // authorise button + .click() + .get(".close-modal") // close authorise popup button + .click() + .get(".opblock-summary") // expand the route details + .click() + .get(".try-out > .btn") // expand "try it out" + .click() + .get(".execute-wrapper > .btn") // excecute request + .click() + .wait(2000) // wait for response + .get(".curl") + .should("contain", "api_key: my_api_key") + }) + + it("should not remember the previous auth value when you logout and reauthorise", () => { + cy + .visit("/?url=/documents/bugs/4641.yaml") + .get("button.btn.authorize") // open authorize popup + .click() + .get("section>input") // type api key into input + .type("my_api_key") + .get(".auth-btn-wrapper > .authorize") // authorise button + .click() + .get(".auth-btn-wrapper button:nth-child(1)") // logout button + .click() + .get(".auth-btn-wrapper > .authorize") // authorise button + .click() + .get(".close-modal") // close authorise popup button + .click() + .get(".opblock-summary") // expand the route details + .click() + .get(".try-out > .btn") // expand "try it out" + .click() + .get(".execute-wrapper > .btn") // excecute request + .click() + .wait(2000) // wait for response + .get(".curl") + .should("not.contain", "api_key: my_api_key") + }) +}) From 3ef208eb8102bbc5d7a889ec2bdd0e398f816055 Mon Sep 17 00:00:00 2001 From: Simon Legg Date: Sun, 21 Apr 2019 19:10:00 +0100 Subject: [PATCH 2/5] tests the headers sent in the network request --- .../static/documents/bugs/4641.yaml | 6 +---- test/e2e-cypress/tests/bugs/4641.js | 22 ++++++++++++++----- 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/test/e2e-cypress/static/documents/bugs/4641.yaml b/test/e2e-cypress/static/documents/bugs/4641.yaml index de64e095284..a4f4d98ffc6 100644 --- a/test/e2e-cypress/static/documents/bugs/4641.yaml +++ b/test/e2e-cypress/static/documents/bugs/4641.yaml @@ -7,15 +7,11 @@ info: name: Demo Support email: support@demo.io version: 1.0.0 -servers: - - url: 'https://httpstat.us/' paths: - /200: + /4641: get: summary: Returns a 200 - tags: - - 200 security: - api_key: [] responses: diff --git a/test/e2e-cypress/tests/bugs/4641.js b/test/e2e-cypress/tests/bugs/4641.js index 7e3b5a8e876..c5c68b1485d 100644 --- a/test/e2e-cypress/tests/bugs/4641.js +++ b/test/e2e-cypress/tests/bugs/4641.js @@ -1,4 +1,14 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", () => { + beforeEach(() => { + cy.server() + cy + .route({ + url: "/4641*", + response: "OK", + }) + .as("request") + }) + it("should include the given api key in requests", () => { cy .visit("/?url=/documents/bugs/4641.yaml") @@ -16,9 +26,9 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", () .click() .get(".execute-wrapper > .btn") // excecute request .click() - .wait(2000) // wait for response - .get(".curl") - .should("contain", "api_key: my_api_key") + .get("@request") + .its("request.headers.api_key") + .should("equal", "my_api_key") }) it("should not remember the previous auth value when you logout and reauthorise", () => { @@ -42,8 +52,8 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", () .click() .get(".execute-wrapper > .btn") // excecute request .click() - .wait(2000) // wait for response - .get(".curl") - .should("not.contain", "api_key: my_api_key") + .get("@request") + .its("request.headers") + .should("not.to.have.property", "api_key") }) }) From a0b8f4f50418ff85d2949c988c8ef272169933a1 Mon Sep 17 00:00:00 2001 From: Simon Legg Date: Sun, 21 Apr 2019 20:05:00 +0100 Subject: [PATCH 3/5] adds test for multiple api keys --- .../static/documents/bugs/4641.yaml | 25 +++- test/e2e-cypress/tests/bugs/4641.js | 113 ++++++++++++++---- 2 files changed, 110 insertions(+), 28 deletions(-) diff --git a/test/e2e-cypress/static/documents/bugs/4641.yaml b/test/e2e-cypress/static/documents/bugs/4641.yaml index a4f4d98ffc6..e586f1c93ae 100644 --- a/test/e2e-cypress/static/documents/bugs/4641.yaml +++ b/test/e2e-cypress/static/documents/bugs/4641.yaml @@ -9,11 +9,24 @@ info: version: 1.0.0 paths: - /4641: + /4641_1: get: summary: Returns a 200 security: - - api_key: [] + - api_key_1: [] + responses: + '200': + description: A 200 + content: + application/text: + schema: + type: string + /4641_2: + get: + summary: Returns a 200 + security: + - api_key_1: [] + - api_key_2: [] responses: '200': description: A 200 @@ -24,7 +37,11 @@ paths: components: securitySchemes: - api_key: + api_key_1: + type: apiKey + name: api_key_1 + in: header + api_key_2: type: apiKey - name: api_key + name: api_key_2 in: header diff --git a/test/e2e-cypress/tests/bugs/4641.js b/test/e2e-cypress/tests/bugs/4641.js index c5c68b1485d..594a4478ccd 100644 --- a/test/e2e-cypress/tests/bugs/4641.js +++ b/test/e2e-cypress/tests/bugs/4641.js @@ -14,20 +14,28 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", () .visit("/?url=/documents/bugs/4641.yaml") .get("button.btn.authorize") // open authorize popup .click() - .get("section>input") // type api key into input - .type("my_api_key") - .get(".auth-btn-wrapper > .authorize") // authorise button - .click() + .get(".modal-ux-content > :nth-child(1)") // only deal with api_key_1 for this test + .within(() => { + cy + .get("section>input") // type api key into input + .type("my_api_key") + .get(".auth-btn-wrapper > .authorize") // authorise button + .click() + }) .get(".close-modal") // close authorise popup button .click() - .get(".opblock-summary") // expand the route details - .click() - .get(".try-out > .btn") // expand "try it out" - .click() - .get(".execute-wrapper > .btn") // excecute request - .click() + .get("#operations-default-get_4641_1") // expand the route details + .within(() => { + cy + .get(".opblock-summary") + .click() + .get(".try-out > .btn") // expand "try it out" + .click() + .get(".execute-wrapper > .btn") // excecute request + .click() + }) .get("@request") - .its("request.headers.api_key") + .its("request.headers.api_key_1") .should("equal", "my_api_key") }) @@ -36,24 +44,81 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", () .visit("/?url=/documents/bugs/4641.yaml") .get("button.btn.authorize") // open authorize popup .click() - .get("section>input") // type api key into input - .type("my_api_key") - .get(".auth-btn-wrapper > .authorize") // authorise button - .click() - .get(".auth-btn-wrapper button:nth-child(1)") // logout button - .click() - .get(".auth-btn-wrapper > .authorize") // authorise button - .click() + .get(".modal-ux-content > :nth-child(1)") // only deal with api_key_1 for this test + .within(() => { + cy + .get("section>input") // type api key into input + .type("my_api_key") + .get(".auth-btn-wrapper > .authorize") // authorise button + .click() + .get(".auth-btn-wrapper button:nth-child(1)") // logout button + .click() + .get(".auth-btn-wrapper > .authorize") // authorise button + .click() + }) .get(".close-modal") // close authorise popup button .click() - .get(".opblock-summary") // expand the route details - .click() - .get(".try-out > .btn") // expand "try it out" + .get("#operations-default-get_4641_1") // expand the route details + .within(() => { + cy + .get(".opblock-summary") + .click() + .get(".try-out > .btn") // expand "try it out" + .click() + .get(".execute-wrapper > .btn") // excecute request + .click() + }) + .get("@request") + .its("request.headers") + .should("not.to.have.property", "api_key_1") + }) + + it("should not only forget the value of the auth the user logged out from", () => { + cy + .visit("/?url=/documents/bugs/4641.yaml") + .get("button.btn.authorize") // open authorize popup .click() - .get(".execute-wrapper > .btn") // excecute request + .get(".modal-ux-content > :nth-child(1)") // deal with api_key_1 + .within(() => { + cy + .get("section>input") // type api key into input + .type("my_api_key") + .get(".auth-btn-wrapper > .authorize") // authorise button + .click() + }) + .get(".modal-ux-content > :nth-child(2)") // deal with api_key_2 + .within(() => { + cy + .get("section>input") // type api key into input + .type("my_second_api_key") + .get(".auth-btn-wrapper > .authorize") // authorise button + .click() + }) + .get(".modal-ux-content > :nth-child(1)") // deal with api_key_1 again + .within(() => { + cy + .get(".auth-btn-wrapper button:nth-child(1)") // logout button + .click() + .get(".auth-btn-wrapper > .authorize") // authorise button + .click() + }) + .get(".close-modal") // close authorise popup button .click() + .get("#operations-default-get_4641_2") // expand the route details + .within(() => { + cy + .get(".opblock-summary") + .click() + .get(".try-out > .btn") // expand "try it out" + .click() + .get(".execute-wrapper > .btn") // excecute request + .click() + }) .get("@request") .its("request.headers") - .should("not.to.have.property", "api_key") + .should(headers => { + expect(headers).not.to.have.property("api_key_1") + expect(headers).to.have.property("api_key_2", "my_second_api_key") + }) }) }) From 66e7f5aaa697d8159474dda3f64d2624acb267e7 Mon Sep 17 00:00:00 2001 From: Simon Legg Date: Sun, 21 Apr 2019 20:18:17 +0100 Subject: [PATCH 4/5] refactors tests to extract common uses --- test/e2e-cypress/tests/bugs/4641.js | 122 +++++++++++----------------- 1 file changed, 48 insertions(+), 74 deletions(-) diff --git a/test/e2e-cypress/tests/bugs/4641.js b/test/e2e-cypress/tests/bugs/4641.js index 594a4478ccd..836cf25f696 100644 --- a/test/e2e-cypress/tests/bugs/4641.js +++ b/test/e2e-cypress/tests/bugs/4641.js @@ -1,3 +1,29 @@ +const clickTryItOutAndExecute = () => { + return cy + .get(".opblock-summary") + .click() + .get(".try-out > .btn") // expand "try it out" + .click() + .get(".execute-wrapper > .btn") // excecute request + .click() +} + +const fillInApiKeyAndAuthorise = apiKey => () => { + return cy + .get("section>input") // type api key into input + .type(apiKey) + .get(".auth-btn-wrapper > .authorize") // authorise button + .click() +} + +const clickLogoutAndReauthorise = () => { + return cy + .get(".auth-btn-wrapper button:nth-child(1)") // logout button + .click() + .get(".auth-btn-wrapper > .authorize") // authorise button + .click() +} + describe("#4641: The Logout button in Authorize popup not clearing API Key", () => { beforeEach(() => { cy.server() @@ -15,28 +41,16 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", () .get("button.btn.authorize") // open authorize popup .click() .get(".modal-ux-content > :nth-child(1)") // only deal with api_key_1 for this test - .within(() => { - cy - .get("section>input") // type api key into input - .type("my_api_key") - .get(".auth-btn-wrapper > .authorize") // authorise button - .click() - }) + .within(fillInApiKeyAndAuthorise("my_api_key")) .get(".close-modal") // close authorise popup button .click() .get("#operations-default-get_4641_1") // expand the route details - .within(() => { - cy - .get(".opblock-summary") - .click() - .get(".try-out > .btn") // expand "try it out" - .click() - .get(".execute-wrapper > .btn") // excecute request - .click() - }) + .within(clickTryItOutAndExecute) .get("@request") - .its("request.headers.api_key_1") - .should("equal", "my_api_key") + .its("request") + .should(request => { + expect(request.headers).to.have.property("api_key_1", "my_api_key") + }) }) it("should not remember the previous auth value when you logout and reauthorise", () => { @@ -45,32 +59,18 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", () .get("button.btn.authorize") // open authorize popup .click() .get(".modal-ux-content > :nth-child(1)") // only deal with api_key_1 for this test - .within(() => { - cy - .get("section>input") // type api key into input - .type("my_api_key") - .get(".auth-btn-wrapper > .authorize") // authorise button - .click() - .get(".auth-btn-wrapper button:nth-child(1)") // logout button - .click() - .get(".auth-btn-wrapper > .authorize") // authorise button - .click() - }) + .within(fillInApiKeyAndAuthorise("my_api_key")) + .get(".modal-ux-content > :nth-child(1)") // only deal with api_key_1 for this test + .within(clickLogoutAndReauthorise) .get(".close-modal") // close authorise popup button .click() .get("#operations-default-get_4641_1") // expand the route details - .within(() => { - cy - .get(".opblock-summary") - .click() - .get(".try-out > .btn") // expand "try it out" - .click() - .get(".execute-wrapper > .btn") // excecute request - .click() - }) + .within(clickTryItOutAndExecute) .get("@request") - .its("request.headers") - .should("not.to.have.property", "api_key_1") + .its("request") + .should(request => { + expect(request.headers).not.to.have.property("api_key_1") + }) }) it("should not only forget the value of the auth the user logged out from", () => { @@ -79,46 +79,20 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", () .get("button.btn.authorize") // open authorize popup .click() .get(".modal-ux-content > :nth-child(1)") // deal with api_key_1 - .within(() => { - cy - .get("section>input") // type api key into input - .type("my_api_key") - .get(".auth-btn-wrapper > .authorize") // authorise button - .click() - }) + .within(fillInApiKeyAndAuthorise("my_api_key")) .get(".modal-ux-content > :nth-child(2)") // deal with api_key_2 - .within(() => { - cy - .get("section>input") // type api key into input - .type("my_second_api_key") - .get(".auth-btn-wrapper > .authorize") // authorise button - .click() - }) + .within(fillInApiKeyAndAuthorise("my_second_api_key")) .get(".modal-ux-content > :nth-child(1)") // deal with api_key_1 again - .within(() => { - cy - .get(".auth-btn-wrapper button:nth-child(1)") // logout button - .click() - .get(".auth-btn-wrapper > .authorize") // authorise button - .click() - }) + .within(clickLogoutAndReauthorise) .get(".close-modal") // close authorise popup button .click() .get("#operations-default-get_4641_2") // expand the route details - .within(() => { - cy - .get(".opblock-summary") - .click() - .get(".try-out > .btn") // expand "try it out" - .click() - .get(".execute-wrapper > .btn") // excecute request - .click() - }) + .within(clickTryItOutAndExecute) .get("@request") - .its("request.headers") - .should(headers => { - expect(headers).not.to.have.property("api_key_1") - expect(headers).to.have.property("api_key_2", "my_second_api_key") + .its("request") + .should(request => { + expect(request.headers).not.to.have.property("api_key_1") + expect(request.headers).to.have.property("api_key_2", "my_second_api_key") }) }) }) From 188da2b9ce4fbc37ff5f613e5c754e4cc67a189f Mon Sep 17 00:00:00 2001 From: Simon Legg Date: Sun, 12 Jan 2020 17:02:39 +0100 Subject: [PATCH 5/5] correct test message description Co-Authored-By: kyle shockey --- test/e2e-cypress/tests/bugs/4641.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/e2e-cypress/tests/bugs/4641.js b/test/e2e-cypress/tests/bugs/4641.js index 836cf25f696..a9b9537c621 100644 --- a/test/e2e-cypress/tests/bugs/4641.js +++ b/test/e2e-cypress/tests/bugs/4641.js @@ -73,7 +73,7 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", () }) }) - it("should not only forget the value of the auth the user logged out from", () => { + it("should only forget the value of the auth the user logged out from", () => { cy .visit("/?url=/documents/bugs/4641.yaml") .get("button.btn.authorize") // open authorize popup