starred/pocket-id-pocket-id-1
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-09 14:53:00 +03:00
Code Issues 122 Packages Projects Releases 10 Wiki Activity

feat: add option to OIDC client to require re-authentication (#747)

Browse Source 
Co-authored-by: Kyle Mendell <kmendell@ofkm.us>
Co-authored-by: Elias Schneider <login@eliasschneider.com>
This commit is contained in:
Robert Mang
2025-08-22 08:56:40 +02:00
committed by GitHub
parent 7ab0fd3028
commit 0cb039d35d
22 changed files with 362 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
tests/specs/oidc.spec.ts
View File

@@ -594,3 +594,30 @@ test('Authorize existing client with federated identity', async ({ page }) => {
expect(res.expires_in).not.toBeNull;
expect(res.token_type).toBe('Bearer');
});
test('Forces reauthentication when client requires it', async ({ page, request }) => {
let webauthnStartCalled = false;
await page.route('/api/webauthn/login/start', async (route) => {
webauthnStartCalled = true;
await route.continue();
});
await request.put(`/api/oidc/clients/${oidcClients.nextcloud.id}`, {
data: { ...oidcClients.nextcloud, requiresReauthentication: true }
});
await (await passkeyUtil.init(page)).addPasskey();
const urlParams = createUrlParams(oidcClients.nextcloud);
await page.goto(`/authorize?${urlParams.toString()}`);
await expect(page.getByTestId('scopes')).not.toBeVisible();
await page.waitForURL(oidcClients.nextcloud.callbackUrl).catch((e) => {
if (!e.message.includes('net::ERR_NAME_NOT_RESOLVED')) {
throw e;
}
});
expect(webauthnStartCalled).toBe(true);
});