E2618 - OIDC login#172
Open
johnmweisz wants to merge 13 commits into
Open
Conversation
Normalize login response
Switching to using the axiosClient rather than axios directly. This allows us to leverage the axioClient to set the backend url making the location of it in one singular location.
This allows us to still leverage the axiosClient for endpoints where we need to auth first.
By passing {skipAuth: true} to the axiosclient .post/.get requests in login and OidcLogin, we're able to utilize the same module for api calls.
```
...ents/OidcLogin | 43.75 | 25 | 22.22 | 42.85 |
OidcLogin.tsx | 43.75 | 25 | 22.22 | 42.85 | 17-18,22-28,34-47
Login.tsx | 53.33 | 50 | 40 | 53.33 | 33-57
...s/OidcCallback | 4.16 | 0 | 0 | 4.16 |
OidcCallback.tsx | 4.16 | 0 | 0 | 4.16 | 10-64
```
- Add TypeScript type definitions for skipAuth option on axios requests - Update request interceptor to skip authentication when skipAuth is true - Enables login and OIDC login pages to query REST API without auth tokens - Maintains backward compatibility with existing authenticated requests
Moved axio calls to use AxiosClient
During the oidc callbacks we needed to ensure that skipAuth is enabled. This makes sure that we don't need to be authed for this endpoint as of this step.
adding skipAuth to callback
- OidcLogin.tsx - This was moved to be a Modal rather than it's own page. This allows for a nicer UI experience. - OidcModal.tsx - Updated to use Formik and Yup to better align with the rest of the codebase - OidcModal.test.tsx - Created a reusable renderModal helper function to improve repeatability intests - Created 9 test cases to use consistent helper pattern - Added window.location.href mock to prevent navigation errors - Wrapped render calls in act() to eliminate React state update warnings - OidcCallback.test.tsx - Created reusable renderCallback helper wrapping MemoryRouter + Redux Provider - Added 8 test cases to to validate the functionality of the callback - Standardized mock setup with configurable success/error scenarios - Using MemoryRouter instead of BrowserRouter for better test isolation There are a total of 17 tests for the oidc functionality and all of them are currently passing. |-|-|-|-|-|-| |File | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s| |-|-|-|-|-|-| | components/Modals | 92 | 87.5 | 85.71 | 92 || | OidcModal.tsx | 92 | 87.5 | 85.71 | 92 | 51,72| | ...s/OidcCallback | 100 | 90 | 100 | 100 || | OidcCallback.tsx | 100 | 90 | 100 | 100 | 50|
OIDC Component refactor and test suite additions
* Fixed login session bug. session_token did not exist. * Improved shallow login token test to assert for exact JWT token, where it previously only checked that one existed. * Previous test only tested the lack of backend call, new test also asserts that the error is displayed and the user is redirected to login. * The test previously only asserted that the POST was called -> improvements assert the alert was actually dispatched, asserts the specific error message was used, and asserts that the redirect to login occurs. * anchor provider error test on Login redirect before asserting no API call * wait for Login redirect before asserting alert in backend error test
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Expertiza currently authenticates users with its own login page, implemented by the Expertiza application. Expertiza has been used at many campuses, however, and each has their own SSO (single signon) protocol that students and staff use to log into other applications. Supporting these standard protocols at sites where they are in use is more secure for the application, provides a familiar and streamlined login experience, and frees Expertiza from managing credentials for users whose institution already does so. This design introduces OIDC login as an additional authentication option alongside the existing username and password login. Both methods will continue to be supported, allowing users to choose their preferred approach.
Wiki: https://wiki.expertiza.ncsu.edu/index.php?title=CSC/ECE_517_Spring_2026_-_E2618._Support_OIDC_Logins