Last active
October 5, 2022 15:13
-
-
Save mjhenkes/f5ca93fcd9f88450b552dc4c53585140 to your computer and use it in GitHub Desktop.
session code snippit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| </head> | |
| <body> | |
| <script> | |
| setTimeout(() => { | |
| const sessionStorage = window.sessionStorage; | |
| // If there is a new token, set it. This is clearly not secure and no one should setup real auth this way | |
| const queryString = location.search; | |
| const urlParams = new URLSearchParams(queryString); | |
| const newToken = urlParams.get('token') | |
| if (newToken) { | |
| sessionStorage.setItem('cypressAuthToken', decodeURIComponent(newToken)); | |
| urlParams.delete('token') | |
| const newSearchParams = urlParams.toString() | |
| let newLocation = `${location.origin}${location.pathname}` | |
| if(newSearchParams){ | |
| newLocation = `${newLocation}?${newSearchParams}` | |
| } | |
| if(location.hash){ | |
| newLocation = `${newLocation}${location.hash}` | |
| } | |
| location.replace(newLocation) | |
| } | |
| const cypressAuthToken = sessionStorage.getItem('cypressAuthToken'); | |
| // If a token doesn't exist we aren't logged in | |
| if (!cypressAuthToken){ | |
| // Add Message | |
| const tag = document.createElement("p"); | |
| const text = document.createTextNode("You are not logged in"); | |
| tag.appendChild(text) | |
| const body = document.body | |
| body.appendChild(tag) | |
| // Add Login button that redirects to the idp | |
| const loginBtn = document.createElement("button"); | |
| loginBtn.innerHTML = "Login IDP" | |
| loginBtn.dataset.cy = "login-idp" | |
| loginBtn.onclick = function () { | |
| window.location.href = `http://www.idp.com:3500/fixtures/auth/idp.html?redirect=${encodeURIComponent(window.location.href)}` | |
| }; | |
| document.body.appendChild(loginBtn); | |
| // Add Login button that redirects to the idp | |
| const loginFoobarBtn = document.createElement("button"); | |
| loginFoobarBtn.innerHTML = "Login Foobar" | |
| loginFoobarBtn.dataset.cy = "login-foobar" | |
| loginFoobarBtn.onclick = function () { | |
| window.location.href = `http://www.foobar.com:3500/fixtures/auth/idp.html?redirect=${encodeURIComponent(window.location.href)}` | |
| }; | |
| document.body.appendChild(loginFoobarBtn); | |
| // Add Login button that redirects to the idp | |
| const loginWithApprovalBtn = document.createElement("button"); | |
| loginWithApprovalBtn.innerHTML = "Login With Approval" | |
| loginWithApprovalBtn.dataset.cy = "login-with-approval" | |
| loginWithApprovalBtn.onclick = function () { | |
| window.location.href = `http://wwww.foobar.com:3500/fixtures/auth/approval.html?redirect=${encodeURIComponent(window.location.href)}` | |
| }; | |
| document.body.appendChild(loginWithApprovalBtn); | |
| } else { | |
| const token = JSON.parse(cypressAuthToken) | |
| // If the token exists, hooray, give them a logout button to destroy the token and refresh. | |
| const tag = document.createElement("p"); | |
| const text = document.createTextNode(`Welcome ${token.body.username}`); | |
| tag.dataset.cy = "welcome" | |
| tag.appendChild(text) | |
| const body = document.body | |
| body.appendChild(tag) | |
| // Add log out button | |
| const btn = document.createElement("button"); | |
| btn.innerHTML = "Logout"; | |
| btn.dataset.cy = "logout" | |
| btn.onclick = function () { | |
| sessionStorage.removeItem('cypressAuthToken'); | |
| location.reload() | |
| }; | |
| document.body.appendChild(btn); | |
| } | |
| }, 2000) | |
| </script> | |
| </body> | |
| </html> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| describe('session', () => { | |
| // Custom login command that establishes a session | |
| const login = (name) => { | |
| cy.session(name, () => { | |
| // Note, this assumes localhost is the primary origin, ideally we'd be able to specify this directly. | |
| cy.origin('http://idp.com:3500', { args: name }, (name) => { | |
| cy.visit('http://www.idp.com:3500/fixtures/auth/idp.html') | |
| cy.get('[data-cy="username"]').type(name) | |
| cy.get('[data-cy="login"]').click() | |
| }) | |
| // cy.url().should('contain', '/index.html') | |
| // cy.window().should((win) => { | |
| // const cypressAuthToken = win.sessionStorage.getItem('cypressAuthToken') | |
| // expect(cypressAuthToken).to.be.ok | |
| // }) | |
| }, { | |
| validate: () => { | |
| cy.visit('/fixtures/auth/index.html') | |
| cy.window().should((win) => { | |
| const cypressAuthToken = win.sessionStorage.getItem('cypressAuthToken') | |
| expect(cypressAuthToken).to.be.ok | |
| }) | |
| }, | |
| }) | |
| } | |
| // Scenario, Token based auth. Establish session using custom login command (login through IDP hosted on secondary origin), and verify to site. | |
| it.only('establishes a session', () => { | |
| login('BJohnson') | |
| // cy.visit('/fixtures/auth/index.html') | |
| // Verify that the user has logged in on localhost | |
| cy.get('[data-cy="welcome"]') | |
| .invoke('text') | |
| .should('equal', 'Welcome BJohnson') | |
| }) | |
| // Scenario, Token based auth. use previously established session, and verify to site. | |
| it('uses established session', () => { | |
| login('BJohnson') | |
| cy.visit('/fixtures/auth/index.html') | |
| cy.get('[data-cy="welcome"]') | |
| .invoke('text') | |
| .should('equal', 'Welcome BJohnson') | |
| }) | |
| }) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment