Fix integration manager get_open_id_token action and add E2E tests (#9520)

* Fix missing await

* Fix get openID token action requiring room ID and user ID

* Add e2e test for integration manager get openID token

* Remove outdated comment

* Update test description

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Fix type

* Fix types again

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
This commit is contained in:
Justin Carlson 2022-11-15 12:03:47 -05:00 committed by GitHub
parent 663c7e069e
commit 8e42497e81
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 149 additions and 8 deletions

View file

@ -0,0 +1,143 @@
/*
Copyright 2022 The Matrix.org Foundation C.I.C.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/// <reference types="cypress" />
import { SynapseInstance } from "../../plugins/synapsedocker";
import { UserCredentials } from "../../support/login";
const ROOM_NAME = "Integration Manager Test";
const USER_DISPLAY_NAME = "Alice";
const INTEGRATION_MANAGER_TOKEN = "DefinitelySecret_DoNotUseThisForReal";
const INTEGRATION_MANAGER_HTML = `
<html lang="en">
<head>
<title>Fake Integration Manager</title>
</head>
<body>
<button name="Send" id="send-action">Press to send action</button>
<button name="Close" id="close">Press to close</button>
<p id="message-response">No response</p>
<script>
document.getElementById("send-action").onclick = () => {
window.parent.postMessage(
{
action: "get_open_id_token",
},
'*',
);
};
document.getElementById("close").onclick = () => {
window.parent.postMessage(
{
action: "close_scalar",
},
'*',
);
};
// Listen for a postmessage response
window.addEventListener("message", (event) => {
document.getElementById("message-response").innerText = JSON.stringify(event.data);
});
</script>
</body>
</html>
`;
function openIntegrationManager() {
cy.get(".mx_RightPanel_roomSummaryButton").click();
cy.get(".mx_RoomSummaryCard_appsGroup").within(() => {
cy.contains("Add widgets, bridges & bots").click();
});
}
function sendActionFromIntegrationManager(integrationManagerUrl: string) {
cy.accessIframe(`iframe[src*="${integrationManagerUrl}"]`).within(() => {
cy.get("#send-action").should("exist").click();
});
}
describe("Integration Manager: Get OpenID Token", () => {
let testUser: UserCredentials;
let synapse: SynapseInstance;
let integrationManagerUrl: string;
beforeEach(() => {
cy.serveHtmlFile(INTEGRATION_MANAGER_HTML).then(url => {
integrationManagerUrl = url;
});
cy.startSynapse("default").then(data => {
synapse = data;
cy.initTestUser(synapse, USER_DISPLAY_NAME, () => {
cy.window().then(win => {
win.localStorage.setItem("mx_scalar_token", INTEGRATION_MANAGER_TOKEN);
win.localStorage.setItem(`mx_scalar_token_at_${integrationManagerUrl}`, INTEGRATION_MANAGER_TOKEN);
});
}).then(user => {
testUser = user;
});
cy.setAccountData("m.widgets", {
"m.integration_manager": {
content: {
type: "m.integration_manager",
name: "Integration Manager",
url: integrationManagerUrl,
data: {
api_url: integrationManagerUrl,
},
},
id: "integration-manager",
},
}).as("integrationManager");
// Succeed when checking the token is valid
cy.intercept(`${integrationManagerUrl}/account?scalar_token=${INTEGRATION_MANAGER_TOKEN}*`, req => {
req.continue(res => {
return res.send(200, {
user_id: testUser.userId,
});
});
});
cy.createRoom({
name: ROOM_NAME,
}).as("roomId");
});
});
afterEach(() => {
cy.stopSynapse(synapse);
cy.stopWebServers();
});
it("should successfully obtain an openID token", () => {
cy.all([
cy.get<{}>("@integrationManager"),
]).then(() => {
cy.viewRoomByName(ROOM_NAME);
openIntegrationManager();
sendActionFromIntegrationManager(integrationManagerUrl);
cy.accessIframe(`iframe[src*="${integrationManagerUrl}"]`).within(() => {
cy.get("#message-response").should('include.text', 'access_token');
});
});
});
});

View file

@ -376,7 +376,7 @@ function kickUser(event: MessageEvent<any>, roomId: string, userId: string): voi
}); });
} }
function setWidget(event: MessageEvent<any>, roomId: string): void { function setWidget(event: MessageEvent<any>, roomId: string | null): void {
const widgetId = event.data.widget_id; const widgetId = event.data.widget_id;
let widgetType = event.data.type; let widgetType = event.data.type;
const widgetUrl = event.data.url; const widgetUrl = event.data.url;
@ -435,6 +435,7 @@ function setWidget(event: MessageEvent<any>, roomId: string): void {
} else { // Room widget } else { // Room widget
if (!roomId) { if (!roomId) {
sendError(event, _t('Missing roomId.'), null); sendError(event, _t('Missing roomId.'), null);
return;
} }
WidgetUtils.setRoomWidget(roomId, widgetId, widgetType, widgetUrl, widgetName, widgetData, widgetAvatarUrl) WidgetUtils.setRoomWidget(roomId, widgetId, widgetType, widgetUrl, widgetName, widgetData, widgetAvatarUrl)
.then(() => { .then(() => {
@ -651,7 +652,7 @@ function returnStateEvent(event: MessageEvent<any>, roomId: string, eventType: s
async function getOpenIdToken(event: MessageEvent<any>) { async function getOpenIdToken(event: MessageEvent<any>) {
try { try {
const tokenObject = MatrixClientPeg.get().getOpenIdToken(); const tokenObject = await MatrixClientPeg.get().getOpenIdToken();
sendResponse(event, tokenObject); sendResponse(event, tokenObject);
} catch (ex) { } catch (ex) {
logger.warn("Unable to fetch openId token.", ex); logger.warn("Unable to fetch openId token.", ex);
@ -706,15 +707,15 @@ const onMessage = function(event: MessageEvent<any>): void {
if (!roomId) { if (!roomId) {
// These APIs don't require roomId // These APIs don't require roomId
// Get and set user widgets (not associated with a specific room)
// If roomId is specified, it must be validated, so room-based widgets agreed
// handled further down.
if (event.data.action === Action.GetWidgets) { if (event.data.action === Action.GetWidgets) {
getWidgets(event, null); getWidgets(event, null);
return; return;
} else if (event.data.action === Action.SetWidget) { } else if (event.data.action === Action.SetWidget) {
setWidget(event, null); setWidget(event, null);
return; return;
} else if (event.data.action === Action.GetOpenIdToken) {
getOpenIdToken(event);
return;
} else { } else {
sendError(event, _t('Missing room_id in request')); sendError(event, _t('Missing room_id in request'));
return; return;
@ -776,9 +777,6 @@ const onMessage = function(event: MessageEvent<any>): void {
case Action.SetBotPower: case Action.SetBotPower:
setBotPower(event, roomId, userId, event.data.level, event.data.ignoreIfGreater); setBotPower(event, roomId, userId, event.data.level, event.data.ignoreIfGreater);
break; break;
case Action.GetOpenIdToken:
getOpenIdToken(event);
break;
default: default:
logger.warn("Unhandled postMessage event with action '" + event.data.action +"'"); logger.warn("Unhandled postMessage event with action '" + event.data.action +"'");
break; break;