mirror of
https://github.com/bitwarden/browser.git
synced 2024-11-22 11:45:59 +01:00
Auth/PM-8111 - LoginComponent Refactor Bug - Fix Extension SSO (#11699)
* PM-8111 - LoginComponent Refactor - I broke the browser SSO flow - fixing it as clientId doesn't persist unless it is in state qParam. * PM-8111 - Fix DefaultLoginComponentService tests
This commit is contained in:
parent
1fb1be56b3
commit
877d379f86
@ -6,11 +6,10 @@ window.addEventListener("load", () => {
|
|||||||
const code = getQsParam("code");
|
const code = getQsParam("code");
|
||||||
const state = getQsParam("state");
|
const state = getQsParam("state");
|
||||||
const lastpass = getQsParam("lp");
|
const lastpass = getQsParam("lp");
|
||||||
const clientId = getQsParam("clientId");
|
|
||||||
|
|
||||||
if (lastpass === "1") {
|
if (lastpass === "1") {
|
||||||
initiateBrowserSso(code, state, true);
|
initiateBrowserSso(code, state, true);
|
||||||
} else if (state != null && clientId == "browser") {
|
} else if (state != null && state.includes(":clientId=browser")) {
|
||||||
initiateBrowserSso(code, state, false);
|
initiateBrowserSso(code, state, false);
|
||||||
} else {
|
} else {
|
||||||
window.location.href = window.location.origin + "/#/sso?code=" + code + "&state=" + state;
|
window.location.href = window.location.origin + "/#/sso?code=" + code + "&state=" + state;
|
||||||
|
@ -83,12 +83,14 @@ describe("DefaultLoginComponentService", () => {
|
|||||||
|
|
||||||
describe("launchSsoBrowserWindow", () => {
|
describe("launchSsoBrowserWindow", () => {
|
||||||
const email = "test@bitwarden.com";
|
const email = "test@bitwarden.com";
|
||||||
const state = "testState";
|
let state = "testState";
|
||||||
const codeVerifier = "testCodeVerifier";
|
const codeVerifier = "testCodeVerifier";
|
||||||
const codeChallenge = "testCodeChallenge";
|
const codeChallenge = "testCodeChallenge";
|
||||||
const baseUrl = "https://webvault.bitwarden.com/#/sso";
|
const baseUrl = "https://webvault.bitwarden.com/#/sso";
|
||||||
|
|
||||||
beforeEach(() => {
|
beforeEach(() => {
|
||||||
|
state = "testState";
|
||||||
|
|
||||||
passwordGenerationService.generatePassword.mockResolvedValueOnce(state);
|
passwordGenerationService.generatePassword.mockResolvedValueOnce(state);
|
||||||
passwordGenerationService.generatePassword.mockResolvedValueOnce(codeVerifier);
|
passwordGenerationService.generatePassword.mockResolvedValueOnce(codeVerifier);
|
||||||
jest.spyOn(Utils, "fromBufferToUrlB64").mockReturnValue(codeChallenge);
|
jest.spyOn(Utils, "fromBufferToUrlB64").mockReturnValue(codeChallenge);
|
||||||
@ -112,6 +114,10 @@ describe("DefaultLoginComponentService", () => {
|
|||||||
|
|
||||||
await service.launchSsoBrowserWindow(email, clientId as "browser" | "desktop");
|
await service.launchSsoBrowserWindow(email, clientId as "browser" | "desktop");
|
||||||
|
|
||||||
|
if (clientType === ClientType.Browser) {
|
||||||
|
state += ":clientId=browser";
|
||||||
|
}
|
||||||
|
|
||||||
const expectedUrl = `${baseUrl}?clientId=${clientId}&redirectUri=${encodeURIComponent(expectedRedirectUri)}&state=${state}&codeChallenge=${codeChallenge}&email=${encodeURIComponent(email)}`;
|
const expectedUrl = `${baseUrl}?clientId=${clientId}&redirectUri=${encodeURIComponent(expectedRedirectUri)}&state=${state}&codeChallenge=${codeChallenge}&email=${encodeURIComponent(email)}`;
|
||||||
|
|
||||||
expect(ssoLoginService.setSsoEmail).toHaveBeenCalledWith(email);
|
expect(ssoLoginService.setSsoEmail).toHaveBeenCalledWith(email);
|
||||||
|
@ -50,7 +50,12 @@ export class DefaultLoginComponentService implements LoginComponentService {
|
|||||||
special: false,
|
special: false,
|
||||||
};
|
};
|
||||||
|
|
||||||
const state = await this.passwordGenerationService.generatePassword(passwordOptions);
|
let state = await this.passwordGenerationService.generatePassword(passwordOptions);
|
||||||
|
|
||||||
|
if (clientId === "browser") {
|
||||||
|
// Need to persist the clientId in the state for the extension
|
||||||
|
state += ":clientId=browser";
|
||||||
|
}
|
||||||
|
|
||||||
const codeVerifier = await this.passwordGenerationService.generatePassword(passwordOptions);
|
const codeVerifier = await this.passwordGenerationService.generatePassword(passwordOptions);
|
||||||
const codeVerifierHash = await this.cryptoFunctionService.hash(codeVerifier, "sha256");
|
const codeVerifierHash = await this.cryptoFunctionService.hash(codeVerifier, "sha256");
|
||||||
|
Loading…
Reference in New Issue
Block a user