starred/pocket-id
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-23 09:15:13 +03:00
Code Issues 121 Packages Projects Releases 16 Wiki Activity

fix: authorization can't be revoked

Browse Source
This commit is contained in:
Elias Schneider
2025-08-23 17:28:27 +02:00
parent 182d809028
commit 0aab3f3c7a
3 changed files with 22 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
frontend/src/lib/services/oidc-service.ts
View File

@@ -126,7 +126,7 @@ class OidcService extends APIService {
} }
async revokeOwnAuthorizedClient(clientId: string) { async revokeOwnAuthorizedClient(clientId: string) {
await this.api.delete(`/oidc/users/me/clients/${clientId}`); await this.api.delete(`/oidc/users/me/authorized-clients/${clientId}`);
} }
} }

34
tests/specs/apps-dashboard.spec.ts
View File

@@ -23,18 +23,25 @@ test('Dashboard shows all clients in the correct order', async ({ page }) => {
await expect(card2.getByText(new URL(client2.launchURL).hostname)).toBeVisible(); await expect(card2.getByText(new URL(client2.launchURL).hostname)).toBeVisible();
}); });
test('Dashboard shows only clients where user has access', async ({ page }) => { test.describe('Dashboard shows only clients where user has access', () => {
await authUtil.changeUser(page, 'craig'); test("User can't see one client", async ({ page }) => {
const notVisibleClient = oidcClients.immich; await authUtil.changeUser(page, 'craig');
const notVisibleClient = oidcClients.immich;
await page.goto('/settings/apps'); await page.goto('/settings/apps');
const cards = page.getByTestId('authorized-oidc-client-card'); const cards = page.getByTestId('authorized-oidc-client-card');
await expect(cards).toHaveCount(3); await expect(cards).toHaveCount(3);
const cardTexts = await cards.allTextContents(); const cardTexts = await cards.allTextContents();
expect(cardTexts.some((text) => text.includes(notVisibleClient.name))).toBe(false); expect(cardTexts.some((text) => text.includes(notVisibleClient.name))).toBe(false);
});
test('User can see all clients', async ({ page }) => {
await page.goto('/settings/apps');
const cards = page.getByTestId('authorized-oidc-client-card');
await expect(cards).toHaveCount(4);
});
}); });
test('Revoke authorized client', async ({ page }) => { test('Revoke authorized client', async ({ page }) => {
@@ -42,11 +49,9 @@ test('Revoke authorized client', async ({ page }) => {
await page.goto('/settings/apps'); await page.goto('/settings/apps');
page const card = page.getByTestId('authorized-oidc-client-card').filter({ hasText: client.name });
.getByTestId('authorized-oidc-client-card')
.first() card.getByRole('button', { name: 'Toggle menu' }).click();
.getByRole('button', { name: 'Toggle menu' })
.click();
await page.getByRole('menuitem', { name: 'Revoke' }).click(); await page.getByRole('menuitem', { name: 'Revoke' }).click();
await page.getByRole('button', { name: 'Revoke' }).click(); await page.getByRole('button', { name: 'Revoke' }).click();
@@ -55,7 +60,8 @@ test('Revoke authorized client', async ({ page }) => {
`The access to ${client.name} has been successfully revoked.` `The access to ${client.name} has been successfully revoked.`
); );
await expect(page.getByTestId('authorized-oidc-client-card')).toHaveCount(4); // The ... ago text should be gone as there is no last access anymore
await expect(card).not.toContainText('ago');
}); });
test('Launch authorized client', async ({ page }) => { test('Launch authorized client', async ({ page }) => {

1
tests/utils/auth.util.ts
View File

@@ -15,6 +15,7 @@ async function changeUser(page: Page, username: keyof typeof passkeyUtil.passkey
await (await passkeyUtil.init(page)).addPasskey(username); await (await passkeyUtil.init(page)).addPasskey(username);
await page.getByRole('button', { name: 'Authenticate' }).click(); await page.getByRole('button', { name: 'Authenticate' }).click();
await page.waitForURL('/settings/**');
} }
export default { authenticate, changeUser }; export default { authenticate, changeUser };