Skip to content

Commit

Permalink
runfix: do not allow a new client to snooze the enrollment [WPB-8878] (
Browse files Browse the repository at this point in the history
…#17323)

* runfix: do not allow a new client to snooze the enrolment

* Revert "runfix: do not allow a new client to snooze the enrolment"

This reverts commit b955508.

* runfix: check for user auth data before we continue the enrollment

* test: update mocks

* Revert "runfix: check for user auth data before we continue the enrollment"

This reverts commit d519cc3.

* Revert "test: update mocks"

This reverts commit dfca08b.

* runfix: check if redirect params are defined

* test: update mocks for in progress enrolment

* test: start from scratch when returned to webapp without proper query params

* runfix: use SignInResponse from oidc client
  • Loading branch information
PatrykBuniX committed Apr 29, 2024
1 parent 2d1cd53 commit 634670d
Show file tree
Hide file tree
Showing 2 changed files with 66 additions and 1 deletion.
50 changes: 50 additions & 0 deletions src/script/E2EIdentity/E2EIdentityEnrollment.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -151,6 +151,20 @@ describe('E2EIHandler', () => {

it('continues in progress enrollment', async () => {
jest.spyOn(coreMock.service!.e2eIdentity!, 'isEnrollmentInProgress').mockResolvedValue(true);

// mock window search params (code, session_state, state)
const searchParams = new URLSearchParams();
searchParams.append('code', 'CODE');
searchParams.append('session_state', 'SESSION_STATE');
searchParams.append('state', 'STATE');

Object.defineProperty(window, 'location', {
value: {
search: searchParams.toString(),
},
writable: true,
});

const enrollPromise = E2EIHandler.getInstance().initialize(params);
await waitFor(() => {
expect(modalMock).toHaveBeenCalledWith(
Expand All @@ -172,6 +186,42 @@ describe('E2EIHandler', () => {
return enrollPromise;
});

it('starts from scratch if returned to app without auth params', async () => {
jest.spyOn(coreMock.service!.e2eIdentity!, 'isEnrollmentInProgress').mockResolvedValue(true);

// mock window search params (code, session_state, state)
Object.defineProperty(window, 'location', {
value: {
search: '',
},
writable: true,
});

const enrollPromise = E2EIHandler.getInstance().initialize(params);

await waitFor(() => {
expect(modalMock).toHaveBeenCalledWith(
PrimaryModalType.ACKNOWLEDGE,
expect.objectContaining({text: expect.objectContaining({title: 'acme.settingsChanged.headline.alt'})}),
);
});

// Trigger the user clicking the get certificate button
modalMock.mock.lastCall?.[1].primaryAction?.action?.();

await waitFor(() => {
expect(modalMock).toHaveBeenCalledWith(
PrimaryModalType.ACKNOWLEDGE,
expect.objectContaining({text: expect.objectContaining({title: 'acme.done.headline'})}),
);
});

// Trigger the user clicking the OK button after successful enrollment
modalMock.mock.lastCall?.[1].primaryAction?.action?.();

return enrollPromise;
});

it('registers a renew timer when device is enrolled', async () => {
const conversationState = container.resolve(ConversationState);
jest.spyOn(conversationState, 'getSelfMLSConversation').mockReturnValue(new Conversation() as any);
Expand Down
17 changes: 16 additions & 1 deletion src/script/E2EIdentity/E2EIdentityEnrollment.ts
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@

import {LowPrecisionTaskScheduler} from '@wireapp/core/lib/util/LowPrecisionTaskScheduler';
import {amplify} from 'amplify';
import {SigninResponse} from 'oidc-client-ts';
import {container} from 'tsyringe';

import {TypedEventEmitter} from '@wireapp/commons';
Expand Down Expand Up @@ -143,14 +144,28 @@ export class E2EIHandler extends TypedEventEmitter<Events> {

if (await this.coreE2EIService.isEnrollmentInProgress()) {
// If we have an enrollment in progress, we can just finish it (meaning we are coming back from an idp redirect)
await this.enroll();
if (this.wasJustRedirected()) {
await this.enroll();
} else {
// If we have an enrollment in progress but we are not coming back from an idp redirect, we need to clear the progress and start over
await this.coreE2EIService.clearAllProgress();
await this.startEnrollment(ModalType.ENROLL, false);
}
} else if (await isFreshMLSSelfClient()) {
// When the user logs in to a new device in an environment that has e2ei enabled, they should be forced to enroll
await this.startEnrollment(ModalType.ENROLL, false);
}
return this;
}

public wasJustRedirected() {
const searchParams = new URLSearchParams(window.location.search);

const {state, session_state, code} = new SigninResponse(searchParams);

return !!state && !!session_state && !!code;
}

/**
* Will initiate the timer that will regularly prompt the user to enroll (or to renew the certificate if it is about to expire)
* @returns the delay under which the next enrollment/renewal modal will be prompted
Expand Down

0 comments on commit 634670d

Please sign in to comment.