Skip to content

Commit be8bc1a

Browse files
louischan-ourskylouischan-oursky
committed
Fix secondary oob otp setup always skipped
ref DEV-1344
2 parents 7b3fb15 + 286f60f commit be8bc1a

6 files changed

+568
-31
lines changed

e2e/tests/account_linking/login_and_link_identification_after.test.yaml

-6
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,6 @@
11
name: Account linking login and link with identification email after it
22
authgear.yaml:
33
override: |
4-
test_mode:
5-
oob_otp:
6-
enabled: true
7-
rules:
8-
- fixed_code: "aaaaaa"
9-
regex: ".*"
104
authentication:
115
identities:
126
- login_id

e2e/tests/account_linking/login_and_link_skip_create_oob_otp.test.yaml

+349
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,349 @@
1+
name: Account linking login and link with secondary oob otp setup skipped
2+
authgear.yaml:
3+
override: |
4+
authentication:
5+
identities:
6+
- login_id
7+
- oauth
8+
identity:
9+
oauth:
10+
providers:
11+
- alias: google
12+
client_id: "google"
13+
type: google
14+
account_linking:
15+
oauth:
16+
- alias: google
17+
action: login_and_link
18+
oauth_claim:
19+
pointer: "/email"
20+
user_profile:
21+
pointer: "/email"
22+
authentication_flow:
23+
signup_flows:
24+
- name: f1
25+
steps:
26+
- type: identify
27+
name: identify_email
28+
one_of:
29+
- identification: email
30+
steps:
31+
- type: identify
32+
one_of:
33+
- identification: oauth
34+
steps:
35+
# This step should be skipped because the email in step "identify_email" will not be created
36+
- type: create_authenticator
37+
one_of:
38+
- authentication: secondary_oob_otp_email
39+
target_step: identify_email
40+
login_flows:
41+
- name: f1
42+
steps:
43+
- name: identify
44+
type: identify
45+
one_of:
46+
- identification: oauth
47+
- identification: email
48+
steps:
49+
- type: authenticate
50+
one_of:
51+
- authentication: primary_password
52+
before:
53+
- type: user_import
54+
user_import: email_users.json
55+
steps:
56+
- action: "create"
57+
input: |
58+
{
59+
"type": "signup",
60+
"name": "f1"
61+
}
62+
output:
63+
result: |
64+
{
65+
"action": {
66+
"type": "identify"
67+
}
68+
}
69+
70+
- action: input
71+
input: |
72+
{
73+
"identification": "email",
74+
"login_id": "anothermail@example.com"
75+
}
76+
output:
77+
result: |
78+
{
79+
"action": {
80+
"type": "identify"
81+
}
82+
}
83+
84+
- action: input
85+
input: |
86+
{
87+
"identification": "oauth",
88+
"alias": "google",
89+
"redirect_uri": "http://mock"
90+
}
91+
output:
92+
result: |
93+
{
94+
"action": {
95+
"type": "identify",
96+
"data": {
97+
"oauth_authorization_url": "[[string]]"
98+
}
99+
}
100+
}
101+
102+
- action: oauth_redirect
103+
to: "{{ .prev.result.action.data.oauth_authorization_url }}"
104+
redirect_uri: http://mock
105+
output:
106+
result: |
107+
{
108+
"query": "[[string]]"
109+
}
110+
111+
- action: input
112+
input: |
113+
{
114+
"query": "{{ .prev.result.query }}"
115+
}
116+
output:
117+
result: |
118+
{
119+
"action": {
120+
"type": "identify",
121+
"identification": "oauth",
122+
"data": {
123+
"type": "account_linking_identification_data"
124+
}
125+
}
126+
}
127+
128+
- action: input
129+
input: |
130+
{
131+
"index": 0
132+
}
133+
output:
134+
result: |
135+
{
136+
"action": {
137+
"type": "authenticate",
138+
"data": {
139+
"type": "authentication_data"
140+
}
141+
}
142+
}
143+
144+
- action: input
145+
input: |
146+
{
147+
"authentication": "primary_password",
148+
"password": "12341234"
149+
}
150+
output:
151+
result: |
152+
{
153+
"action": {
154+
"type": "finished"
155+
}
156+
}
157+
158+
---
159+
name: Account linking login and link with secondary oob otp setup not skipped
160+
authgear.yaml:
161+
override: |
162+
authenticator:
163+
oob_otp:
164+
email:
165+
email_otp_mode: code
166+
authentication:
167+
identities:
168+
- login_id
169+
- oauth
170+
identity:
171+
oauth:
172+
providers:
173+
- alias: google
174+
client_id: "google"
175+
type: google
176+
account_linking:
177+
oauth:
178+
- alias: google
179+
action: login_and_link
180+
oauth_claim:
181+
pointer: "/email"
182+
user_profile:
183+
pointer: "/email"
184+
authentication_flow:
185+
signup_flows:
186+
- name: f1
187+
steps:
188+
- type: identify
189+
name: identify_email
190+
one_of:
191+
- identification: email
192+
steps:
193+
- type: identify
194+
one_of:
195+
- identification: oauth
196+
steps:
197+
# This step should NOT be skipped because target is not specified
198+
- type: create_authenticator
199+
one_of:
200+
- authentication: secondary_oob_otp_email
201+
login_flows:
202+
- name: f1
203+
steps:
204+
- name: identify
205+
type: identify
206+
one_of:
207+
- identification: oauth
208+
- identification: email
209+
steps:
210+
- type: authenticate
211+
one_of:
212+
- authentication: primary_password
213+
before:
214+
- type: user_import
215+
user_import: email_users.json
216+
steps:
217+
- action: "create"
218+
input: |
219+
{
220+
"type": "signup",
221+
"name": "f1"
222+
}
223+
output:
224+
result: |
225+
{
226+
"action": {
227+
"type": "identify"
228+
}
229+
}
230+
231+
- action: input
232+
input: |
233+
{
234+
"identification": "email",
235+
"login_id": "anothermail@example.com"
236+
}
237+
output:
238+
result: |
239+
{
240+
"action": {
241+
"type": "identify"
242+
}
243+
}
244+
245+
- action: input
246+
input: |
247+
{
248+
"identification": "oauth",
249+
"alias": "google",
250+
"redirect_uri": "http://mock"
251+
}
252+
output:
253+
result: |
254+
{
255+
"action": {
256+
"type": "identify",
257+
"data": {
258+
"oauth_authorization_url": "[[string]]"
259+
}
260+
}
261+
}
262+
263+
- action: oauth_redirect
264+
to: "{{ .prev.result.action.data.oauth_authorization_url }}"
265+
redirect_uri: http://mock
266+
output:
267+
result: |
268+
{
269+
"query": "[[string]]"
270+
}
271+
272+
- action: input
273+
input: |
274+
{
275+
"query": "{{ .prev.result.query }}"
276+
}
277+
output:
278+
result: |
279+
{
280+
"action": {
281+
"type": "identify",
282+
"identification": "oauth",
283+
"data": {
284+
"type": "account_linking_identification_data"
285+
}
286+
}
287+
}
288+
289+
- action: input
290+
input: |
291+
{
292+
"index": 0
293+
}
294+
output:
295+
result: |
296+
{
297+
"action": {
298+
"type": "authenticate",
299+
"data": {
300+
"type": "authentication_data"
301+
}
302+
}
303+
}
304+
305+
- action: input
306+
input: |
307+
{
308+
"authentication": "primary_password",
309+
"password": "12341234"
310+
}
311+
output:
312+
result: |
313+
{
314+
"action": {
315+
"type": "create_authenticator"
316+
}
317+
}
318+
319+
- action: input
320+
input: |
321+
{
322+
"authentication": "secondary_oob_otp_email",
323+
"target": "anothermail@example.com"
324+
}
325+
output:
326+
result: |
327+
{
328+
"action": {
329+
"type": "create_authenticator",
330+
"authentication": "secondary_oob_otp_email",
331+
"data": {
332+
"type": "verify_oob_otp_data",
333+
"otp_form": "code"
334+
}
335+
}
336+
}
337+
338+
- action: input
339+
input: |
340+
{
341+
"code": "111111"
342+
}
343+
output:
344+
result: |
345+
{
346+
"action": {
347+
"type": "finished"
348+
}
349+
}

0 commit comments

Comments
 (0)