ElyBy-Mirror/accounts-frontend
1
0
Fork 0
mirror of https://github.com/elyby/accounts-frontend.git synced 2025-05-31 14:11:58 +05:30
Code Issues Packages Projects Releases Wiki Activity

fix: correct logic for handling deleted users during oauth (#27)

Browse Source
This commit is contained in:
SleepWalker
2020-10-11 20:15:53 +03:00
committed by ErickSkrauch
parent 79ff3b9410
commit 831ab42155
4 changed files with 354 additions and 296 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
packages/app/services/authFlow/ChooseAccountState.ts
View File

@@ -1,3 +1,5 @@
import type { Account } from 'app/components/accounts/reducer';
import AbstractState from './AbstractState';
import { AuthContext } from './AuthFlow';
import LoginState from './LoginState';
@@ -14,10 +16,12 @@ export default class ChooseAccountState extends AbstractState {
}
}
resolve(context: AuthContext, payload: Record<string, any>): Promise<void> | void {
resolve(context: AuthContext, payload: Account | Record<string, any>): Promise<void> | void {
if (payload.id) {
// payload is Account
context.setState(new CompleteState());
} else {
// log in to another account
context.navigate('/login');
context.run('setLogin', null);
context.setState(new LoginState());

316
packages/app/services/authFlow/CompleteState.test.ts
View File

@@ -22,8 +22,7 @@ describe('CompleteState', () => {
state = new CompleteState();
const data = bootstrap();
context = data.context;
mock = data.mock;
({ context, mock } = data);
});
afterEach(() => {
@@ -116,157 +115,188 @@ describe('CompleteState', () => {
state.enter(context);
});
it('should transition to finish state if code is present', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
auth: {
oauth: {
clientId: 'ely.by',
code: 'XXX',
describe('oauth', () => {
it('should transition to finish state if code is present', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
},
auth: {
oauth: {
clientId: 'ely.by',
code: 'XXX',
},
},
});
expectState(mock, FinishState);
state.enter(context);
});
expectState(mock, FinishState);
describe('permissions', () => {
it('should transition to permissions state if acceptRequired', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
auth: {
oauth: {
clientId: 'ely.by',
acceptRequired: true,
},
},
});
state.enter(context);
});
expectState(mock, PermissionsState);
it('should transition to permissions state if acceptRequired', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
auth: {
oauth: {
clientId: 'ely.by',
acceptRequired: true,
},
},
state.enter(context);
});
it('should transition to permissions state if prompt=consent', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
auth: {
oauth: {
clientId: 'ely.by',
prompt: ['consent'],
},
},
});
expectState(mock, PermissionsState);
state.enter(context);
});
});
expectState(mock, PermissionsState);
describe('account switcher', () => {
it('should transition to ChooseAccountState if user has multiple accs and switcher enabled', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
accounts: {
available: [{ id: 1 }, { id: 2 }],
active: 1,
},
auth: {
isSwitcherEnabled: true,
oauth: {
clientId: 'ely.by',
prompt: [],
},
},
});
state.enter(context);
});
expectState(mock, ChooseAccountState);
it('should transition to permissions state if prompt=consent', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
auth: {
oauth: {
clientId: 'ely.by',
prompt: ['consent'],
},
},
state.enter(context);
});
it('should transition to ChooseAccountState if user isDeleted', () => {
context.getState.returns({
user: {
isActive: true,
isDeleted: true,
isGuest: false,
},
accounts: {
available: [{ id: 1 }],
active: 1,
},
auth: {
isSwitcherEnabled: true,
oauth: {
clientId: 'ely.by',
prompt: [],
},
},
});
expectState(mock, ChooseAccountState);
state.enter(context);
});
it('should NOT transition to ChooseAccountState if user has multiple accs and switcher disabled', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
accounts: {
available: [{ id: 1 }, { id: 2 }],
active: 1,
},
auth: {
isSwitcherEnabled: false,
oauth: {
clientId: 'ely.by',
prompt: [],
},
},
});
expectRun(mock, 'oAuthComplete', {}).returns({ then() {} });
state.enter(context);
});
it('should transition to ChooseAccountState if prompt=select_account and switcher enabled', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
accounts: {
available: [{ id: 1 }],
active: 1,
},
auth: {
isSwitcherEnabled: true,
oauth: {
clientId: 'ely.by',
prompt: ['select_account'],
},
},
});
expectState(mock, ChooseAccountState);
state.enter(context);
});
it('should NOT transition to ChooseAccountState if prompt=select_account and switcher disabled', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
accounts: {
available: [{ id: 1 }],
active: 1,
},
auth: {
isSwitcherEnabled: false,
oauth: {
clientId: 'ely.by',
prompt: ['select_account'],
},
},
});
expectRun(mock, 'oAuthComplete', {}).returns({ then() {} });
state.enter(context);
});
});
expectState(mock, PermissionsState);
state.enter(context);
});
it('should transition to ChooseAccountState if user has multiple accs and switcher enabled', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
accounts: {
available: [{ id: 1 }, { id: 2 }],
active: 1,
},
auth: {
isSwitcherEnabled: true,
oauth: {
clientId: 'ely.by',
prompt: [],
},
},
});
expectState(mock, ChooseAccountState);
state.enter(context);
});
it('should NOT transition to ChooseAccountState if user has multiple accs and switcher disabled', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
accounts: {
available: [{ id: 1 }, { id: 2 }],
active: 1,
},
auth: {
isSwitcherEnabled: false,
oauth: {
clientId: 'ely.by',
prompt: [],
},
},
});
expectRun(mock, 'oAuthComplete', {}).returns({ then() {} });
state.enter(context);
});
it('should transition to ChooseAccountState if prompt=select_account and switcher enabled', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
accounts: {
available: [{ id: 1 }],
active: 1,
},
auth: {
isSwitcherEnabled: true,
oauth: {
clientId: 'ely.by',
prompt: ['select_account'],
},
},
});
expectState(mock, ChooseAccountState);
state.enter(context);
});
it('should NOT transition to ChooseAccountState if prompt=select_account and switcher disabled', () => {
context.getState.returns({
user: {
isActive: true,
isGuest: false,
},
accounts: {
available: [{ id: 1 }],
active: 1,
},
auth: {
isSwitcherEnabled: false,
oauth: {
clientId: 'ely.by',
prompt: ['select_account'],
},
},
});
expectRun(mock, 'oAuthComplete', {}).returns({ then() {} });
state.enter(context);
});
});

22
packages/app/services/authFlow/CompleteState.ts
View File

@@ -34,9 +34,7 @@ export default class CompleteState extends AbstractState {
context.setState(new LoginState());
} else if (!user.isActive) {
context.setState(new ActivationState());
} else if (user.isDeleted) {
context.navigate('/');
} else if (user.shouldAcceptRules) {
} else if (user.shouldAcceptRules && !user.isDeleted) {
context.setState(new AcceptRulesState());
} else if (oauth && oauth.clientId) {
return this.processOAuth(context);
@@ -46,7 +44,7 @@ export default class CompleteState extends AbstractState {
}
processOAuth(context: AuthContext): Promise<void> | void {
const { auth, accounts } = context.getState();
const { auth, accounts, user } = context.getState();
let { isSwitcherEnabled } = auth;
const { oauth } = auth;
@@ -75,8 +73,22 @@ export default class CompleteState extends AbstractState {
}
}
if (isSwitcherEnabled && (accounts.available.length > 1 || oauth.prompt.includes(PROMPT_ACCOUNT_CHOOSE))) {
if (
isSwitcherEnabled &&
(accounts.available.length > 1 ||
// we are always showing account switcher for deleted users
// so that they can see, that their account was deleted
// (this info is displayed on switcher)
user.isDeleted ||
oauth.prompt.includes(PROMPT_ACCOUNT_CHOOSE))
) {
context.setState(new ChooseAccountState());
} else if (user.isDeleted) {
// you shall not pass
// if we are here, this means that user have already seen account
// switcher and now we should redirect him to his profile,
// because oauth is not available for deleted accounts
context.navigate('/');
} else if (oauth.code) {
context.setState(new FinishState());
} else {