LoginWithClient reuses the context of the passed in client. This means the same cookies will be used. This should be an unauthenticated client in most cases. This is a niche case, but it is needed for testing ConvertLoginType.
(t testing.TB, client *codersdk.Client, idTokenClaims jwt.MapClaims, opts ...func(r *http.Request))
| 631 | // |
| 632 | // This is a niche case, but it is needed for testing ConvertLoginType. |
| 633 | func (f *FakeIDP) LoginWithClient(t testing.TB, client *codersdk.Client, idTokenClaims jwt.MapClaims, opts ...func(r *http.Request)) (*codersdk.Client, *http.Response) { |
| 634 | t.Helper() |
| 635 | path := "/api/v2/users/oidc/callback" |
| 636 | if f.callbackPath != "" { |
| 637 | path = f.callbackPath |
| 638 | } |
| 639 | coderOauthURL, err := client.URL.Parse(path) |
| 640 | require.NoError(t, err) |
| 641 | f.SetRedirect(t, coderOauthURL.String()) |
| 642 | |
| 643 | cli := f.HTTPClient(client.HTTPClient) |
| 644 | redirectFn := cli.CheckRedirect |
| 645 | checkRedirect := func(req *http.Request, via []*http.Request) error { |
| 646 | // Store the idTokenClaims to the specific state request. This ties |
| 647 | // the claims 1:1 with a given authentication flow. |
| 648 | if state := req.URL.Query().Get("state"); state != "" { |
| 649 | f.stateToIDTokenClaims.Store(state, idTokenClaims) |
| 650 | return nil |
| 651 | } |
| 652 | // This is mainly intended to prevent the _last_ redirect |
| 653 | // The one involving the state param is a core part of the |
| 654 | // OIDC flow and shouldn't be redirected. |
| 655 | if redirectFn != nil { |
| 656 | return redirectFn(req, via) |
| 657 | } |
| 658 | return nil |
| 659 | } |
| 660 | cli.CheckRedirect = checkRedirect |
| 661 | |
| 662 | req, err := http.NewRequestWithContext(context.Background(), "GET", coderOauthURL.String(), nil) |
| 663 | require.NoError(t, err) |
| 664 | if cli.Jar == nil { |
| 665 | cli.Jar, err = cookiejar.New(nil) |
| 666 | require.NoError(t, err, "failed to create cookie jar") |
| 667 | } |
| 668 | |
| 669 | for _, opt := range opts { |
| 670 | opt(req) |
| 671 | } |
| 672 | |
| 673 | res, err := cli.Do(req) |
| 674 | require.NoError(t, err) |
| 675 | |
| 676 | // If the coder session token exists, return the new authed client! |
| 677 | var user *codersdk.Client |
| 678 | cookies := cli.Jar.Cookies(client.URL) |
| 679 | for _, cookie := range cookies { |
| 680 | if cookie.Name == codersdk.SessionTokenCookie { |
| 681 | user = codersdk.New(client.URL) |
| 682 | user.SetSessionToken(cookie.Value) |
| 683 | } |
| 684 | } |
| 685 | |
| 686 | t.Cleanup(func() { |
| 687 | if res.Body != nil { |
| 688 | _ = res.Body.Close() |
| 689 | } |
| 690 | }) |