Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Question]: Is it possible to mock the authentication state of the user? #1525

Open
FabienDehopre opened this issue Sep 5, 2022 · 1 comment
Open

[Question]: Is it possible to mock the authentication state of the user? #1525

FabienDehopre opened this issue Sep 5, 2022 · 1 comment
Labels
question

Comments

@FabienDehopre
Copy link

FabienDehopre commented Sep 5, 2022
edited
Loading

What Version of the library are you using?
14.1.4

Question
How can we mock the authentication state of a test user?

In our project, we configure the library using 2 JSON files that are merged at runtime:

  • config.base.json which contains the environment invariant configuration
  • config.overrides.json which is different in each environment (dev, qua, prd)

The authentication section (property) in the JSON can be either a test user (given name, family name, and username) or the actual configuration of our IdP server.

The scenario where the authentication section is the IdP configuration works perfectly but I'm wondering how can configure the library to allow the test (static) user scenario where there is not IdP.

I thought about a couple of possible solutions but both turned out to be very difficult to implement (at least to me):

  • Using a custom storage implementation which would return a "static" object when the configuration points to a test user and use the session storage when the configuration points to an IdP configuration. I'm not sure what the static object should contains to make the library still work.
  • Using a HTTP interceptor to intercept the HTTP calls to the well-known endpoints but it wouldn't intercept the eventual redirects during login.

Since both the above solutions seem to difficult to implement, we actually use a façade around the OidcSecurityService where we check for the configuration and either forward to the actual OidcSecurityService service or return fake data instead.

What do you think about this scenario? Do you have any advice? I hope my explanation make sense to you.

Here is a fragment of code representing the configuration object:

export interface SecurityConfiguration {
  // ...
  readonly authN: AuthnConfiguration | DevModeAuthnConfiguration;
  //  ...
}

export interface AuthnConfiguration {
  readonly authorityUrl: string;
  readonly clientId: string;
  readonly scopes: string[];
  readonly responseType: 'code' | 'id_token' | 'id_token token';
  // ...
}

export interface DevModeAuthnConfiguration {
  readonly givenName: string;
  readonly familyName: string;
  readonly username: string;
}
@JDeblaton
Copy link

Hello @FabienDehopre how did you do that?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@FabienDehopre @JDeblaton