chore(oauth): Add tests for signing in w/ an expired Sync sessionToken.

bz1509117

tests/functional/lib/helpers.js

@@ -2132,6 +2132,25 @@ const confirmTotpCode = thenify(function (secret) {
     .then(testElementExists(selectors.TOTP.STATUS_ENABLED));
 });
 
+/**
+ * Destroy the session for the given `email`. Only destroys
+ * the first session for the given email address.
+ *
+ * @param {string} email - email of the session to destroy.
+ * @returns {promise} resolves when complete
+ */
+const destroySessionForEmail = thenify(function (email) {
+  return this.parent
+    .then(getStoredAccountByEmail(email))
+    .then((account) => {
+      if (! account) {
+        return false;
+      }
+      const client = getFxaClient();
+      return client.sessionDestroy(account.sessionToken);
+    });
+});
+
 module.exports = {
   cleanMemory,
   clearBrowserNotifications: clearBrowserNotifications,
@@ -2144,6 +2163,7 @@ module.exports = {
   deleteAllEmails,
   deleteAllSms,
   denormalizeStoredEmail: denormalizeStoredEmail,
+  destroySessionForEmail,
   disableInProd,
   fetchAllMetrics: fetchAllMetrics,
   fillOutChangePassword: fillOutChangePassword,

tests/functional/oauth_sign_in.js

@@ -18,10 +18,15 @@ const selectors = require('./lib/selectors');
 otplib.authenticator.options = {encoding: 'hex'};
 
 const SIGNUP_URL = `${config.fxaContentRoot}signup`;
+const EMAIL_FIRST_SYNC_DESKTOP_URL = `${SIGNUP_URL}?context=fx_desktop_v3&service=sync&action=email`;
 const SETTINGS_URL = `${config.fxaContentRoot}settings`;
 
 const PASSWORD = 'passwordzxcv';
-let authenticator, email, secret, code;
+
+let authenticator;
+let code;
+let email;
+let secret;
 
 const thenify = FunctionalHelpers.thenify;
 
@@ -31,18 +36,21 @@ const {
   closeCurrentWindow,
   confirmTotpCode,
   createUser,
+  destroySessionForEmail,
   fillOutSignIn,
   fillOutSignInUnblock,
   fillOutSignUp,
   noSuchElement,
   openFxaFromRp,
   openPage,
+  openVerificationLinkInDifferentBrowser,
   openVerificationLinkInNewTab,
   openVerificationLinkInSameTab,
   reOpenWithAdditionalQueryParams,
   switchToWindow,
   testElementExists,
   testElementTextInclude,
+  testElementValueEquals,
   testSuccessWasShown,
   testUrlInclude,
   testUrlPathnameEquals,
@@ -76,7 +84,8 @@ registerSuite('oauth signin', {
     return this.remote
       .then(FunctionalHelpers.clearBrowserState({
         '123done': true,
-        contentServer: true
+        contentServer: true,
+        force: true
       }));
   },
   tests: {
@@ -113,7 +122,7 @@ registerSuite('oauth signin', {
         .then(testAtOAuthApp());
     },
 
-    'verified using a cached login': function () {
+    'verified using a cached OAuth login': function () {
       // verify account
       return this.remote
         .then(openFxaFromRp('signin'))
@@ -136,6 +145,76 @@ registerSuite('oauth signin', {
         .then(testAtOAuthApp());
     },
 
+    'verified using a cached Sync login': function () {
+      return this.remote
+        .then(openPage(EMAIL_FIRST_SYNC_DESKTOP_URL, selectors.ENTER_EMAIL.HEADER, {
+          webChannelResponses: {
+            'fxaccounts:can_link_account': {ok: true}
+          }
+        }))
+        .then(type(selectors.ENTER_EMAIL.EMAIL, email))
+        .then(click(selectors.ENTER_EMAIL.SUBMIT))
+
+        .then(type(selectors.SIGNUP_PASSWORD.PASSWORD, PASSWORD))
+        .then(type(selectors.SIGNUP_PASSWORD.VPASSWORD, PASSWORD))
+        .then(type(selectors.SIGNUP_PASSWORD.AGE, 21))
+        .then(click(selectors.SIGNUP_PASSWORD.SUBMIT))
+
+        .then(testElementExists(selectors.CHOOSE_WHAT_TO_SYNC.HEADER))
+        .then(click(selectors.CHOOSE_WHAT_TO_SYNC.SUBMIT))
+
+        .then(testElementExists(selectors.CONFIRM_SIGNUP.HEADER))
+        .then(openVerificationLinkInDifferentBrowser(email, 0))
+
+        .then(testElementExists(selectors.CONNECT_ANOTHER_DEVICE.HEADER))
+
+        .then(openFxaFromRp('signin'))
+        .then(testElementTextInclude(selectors.SIGNIN.EMAIL_NOT_EDITABLE, email))
+        .then(click(selectors.SIGNIN.SUBMIT_USE_SIGNED_IN))
+
+        .then(testAtOAuthApp());
+    },
+
+    'verified using a cached expired Sync login': function () {
+      return this.remote
+        .then(openPage(EMAIL_FIRST_SYNC_DESKTOP_URL, selectors.ENTER_EMAIL.HEADER, {
+          webChannelResponses: {
+            'fxaccounts:can_link_account': {ok: true}
+          }
+        }))
+        .then(type(selectors.ENTER_EMAIL.EMAIL, email))
+        .then(click(selectors.ENTER_EMAIL.SUBMIT))
+
+        .then(type(selectors.SIGNUP_PASSWORD.PASSWORD, PASSWORD))
+        .then(type(selectors.SIGNUP_PASSWORD.VPASSWORD, PASSWORD))
+        .then(type(selectors.SIGNUP_PASSWORD.AGE, 21))
+        .then(click(selectors.SIGNUP_PASSWORD.SUBMIT))
+
+        .then(testElementExists(selectors.CHOOSE_WHAT_TO_SYNC.HEADER))
+        .then(click(selectors.CHOOSE_WHAT_TO_SYNC.SUBMIT))
+
+        .then(testElementExists(selectors.CONFIRM_SIGNUP.HEADER))
+        .then(openVerificationLinkInDifferentBrowser(email, 0))
+
+        .then(testElementExists(selectors.CONNECT_ANOTHER_DEVICE.HEADER))
+        .then(destroySessionForEmail(email))
+
+        // we only know the sessionToken is expired once the
+        // user submits the form.
+        .then(openFxaFromRp('signin'))
+        .then(testElementTextInclude(selectors.SIGNIN.EMAIL_NOT_EDITABLE, email))
+        .then(click(selectors.SIGNIN.SUBMIT))
+
+        // we now know the sessionToken is expired. Allow the user to sign in
+        // with their password.
+        .then(testElementExists(selectors.SIGNIN.HEADER))
+        .then(testElementValueEquals(selectors.SIGNIN.EMAIL, email))
+        .then(type(selectors.SIGNIN.PASSWORD, PASSWORD))
+        .then(click(selectors.SIGNIN.SUBMIT))
+
+        .then(testAtOAuthApp());
+    },
+
     'unverified, acts like signup': function () {
       return this.remote
         .then(openFxaFromRp('signin'))

tests/functional/settings.js

@@ -20,9 +20,9 @@ const {
   closeCurrentWindow,
   createUser,
   denormalizeStoredEmail,
+  destroySessionForEmail,
   fillOutSignIn,
   focus,
-  getFxaClient,
   noSuchStoredAccountByEmail,
   openPage,
   openSettingsInNewTab,
@@ -227,16 +227,7 @@ registerSuite('settings with expired session', {
       .then(fillOutSignIn(email, FIRST_PASSWORD))
 
       .then(testElementExists('#fxa-settings-header'))
-      .execute(function () {
-        // get the first (and only) stored account data, we want to destroy
-        // the session.
-        var accounts = JSON.parse(localStorage.getItem('__fxa_storage.accounts')) || {};
-        var firstKey = Object.keys(accounts)[0];
-        return accounts[firstKey];
-      })
-      .then(function (accountData) {
-        return getFxaClient().sessionDestroy(accountData.sessionToken);
-      });
+      .then(destroySessionForEmail(email));
   },
 
   afterEach: function () {

tests/functional/sign_in_cached.js

@@ -30,6 +30,7 @@ const {
   click,
   createUser,
   denormalizeStoredEmail,
+  destroySessionForEmail,
   fillOutSignIn,
   fillOutSignUp,
   getStoredAccountByEmail,
@@ -152,13 +153,7 @@ registerSuite('cached signin', {
         .then(testElementExists(selectors.CONFIRM_SIGNIN.HEADER))
         .then(testIsBrowserNotified('fxaccounts:login'))
 
-        .execute(function () {
-          const accounts = JSON.parse(localStorage.getItem('__fxa_storage.accounts'));
-          const uid = Object.keys(accounts)[0];
-          accounts[uid].sessionToken = 'eeead2b45791360e00b162ed37f118abbdae6ee8d3997f4eb48ee31dbdf53802';
-          localStorage.setItem('__fxa_storage.accounts', JSON.stringify(accounts));
-          return true;
-        })
+        .then(destroySessionForEmail(email))
 
         .then(openPage(PAGE_SIGNIN, selectors.SIGNIN.HEADER))
         .then(click(selectors.SIGNIN.SUBMIT_USE_SIGNED_IN))