Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: failiing tests #263

Merged
merged 2 commits into from
Jul 3, 2024
Merged

fix: failiing tests #263

merged 2 commits into from
Jul 3, 2024

Conversation

anku255
Copy link
Contributor

@anku255 anku255 commented Jul 3, 2024

Summary of change

This PR has a couple of changes -

1. "test sameSite is none if using iframe" test fix

In #262, we changed getLocalSessionState to be called with tryRefresh: false wherever it wasn't required (such as just after a session was created/refreshed).

This removed unnecessary calls to the refresh API in certain cases. One such is when the FrontToken doesn't get saved (either because of SameSite: None; Secure setting on HTTP non-localhost domain or because of cookie writes being disabled).

The "test sameSite is none if using iframe" test relied on this refresh call. After its removal the test started failing.

The test implementation wasn't correct. It was relying on a side-effect. When isInIframe is set to true, we set the Frontend cookies with SameSite: true; Secure. Since the test domain was http://localhost.org:8080, the browsers simply ignored all the frontend cookies such as anticsrf and frontToken cookie. Prior to #262, we would do a refresh call just after login, this removed all the backend cookies as well (because antiCsrf token was not present). The test was checking that all the cookies would be removed. After #262, the backend cookies were not removed because the /refresh call never happened.

The correct test implementation should have been checking the sameSite and secure attributes of the frontend cookies. However, for this we needed to make sure the domain was localhost and not localhost.org. This PR fixes this and also updates all the tests.

2. Refresh loop while calling the /refresh API is called when front token is not available

While debugging the tests, we found out that if session is not available and a /refresh API is called directly then it would cause a refresh loop (upto 10 times by default).

If there is no session, then preRequestLSS.status would be NOT_EXISTS but postLockLSS.status would be MAY_EXISTS. In onUnauthorisedResponse, the condition preRequestLSS.status !== postLockLSS.status was always true, so it kept looping. This has been fixed.

Related issues

  • Link to issue1 here
  • Link to issue1 here

Test Plan

(Write your test plan here. If you changed any code, please provide us with clear instructions on how you verified your changes work. Bonus points for screenshots and videos!)

Documentation changes

(If relevant, please create a PR in our docs repo, or create a checklist here highlighting the necessary changes)

Checklist for important updates

  • Changelog has been updated
  • frontendDriverInterfaceSupported.json file has been updated (if needed)
    • Along with the associated array in lib/ts/version.ts
  • Changes to the version if needed
    • In package.json
    • In package-lock.json
    • In lib/ts/version.ts
  • Had run npm run build-pretty
  • Had installed and ran the pre-commit hook
  • Issue this PR against the latest non released version branch.
    • To know which one it is, run find the latest released tag (git tag) in the format vX.Y.Z, and then find the latest branch (git branch --all) whose X.Y is greater than the latest released tag.
    • If no such branch exists, then create one from the latest released branch.

Copy link

github-actions bot commented Jul 3, 2024

size-limit report 📦

Path Size
lib/build/bundleEntry.js 21.31 KB (+0.3% 🔺)

test/interception.basic1.test.js Outdated Show resolved Hide resolved
test/fetch.test.js Outdated Show resolved Hide resolved
@porcellus porcellus merged commit a80f69f into 20.1 Jul 3, 2024
3 of 4 checks passed
@porcellus porcellus deleted the fix/session-refresh-loop branch July 3, 2024 22:20
@anku255 anku255 mentioned this pull request Jul 4, 2024
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants