diff --git a/packages/auth/src/core/providers/saml.test.ts b/packages/auth/src/core/providers/saml.test.ts index b2e714c7918..f4a5f3a187a 100644 --- a/packages/auth/src/core/providers/saml.test.ts +++ b/packages/auth/src/core/providers/saml.test.ts @@ -22,6 +22,7 @@ import { OperationType } from '../../model/enums'; import { TEST_ID_TOKEN_RESPONSE } from '../../../test/helpers/id_token_response'; import { testUser, testAuth } from '../../../test/helpers/mock_auth'; import { TaggedWithTokenResponse } from '../../model/id_token'; +import { SAMLAuthCredential } from '../credentials/saml'; import { AuthErrorCode } from '../errors'; import { UserCredentialImpl } from '../user/user_credential_impl'; import { _createError } from '../util/assert'; @@ -45,6 +46,17 @@ describe('core/providers/saml', () => { expect(cred.signInMethod).to.eq('saml.provider'); }); + it('generates SAML provider', () => { + const provider = new SAMLAuthProvider('saml.provider'); + expect(provider.providerId).to.eq('saml.provider'); + }); + + it('returns error for invalid SAML provdier', () => { + expect(() => { + new SAMLAuthProvider('provider'); + }).throw(/auth\/argument-error/); + }); + it('credentialFromResult returns null if provider ID not specified', async () => { const auth = await testAuth(); const userCred = new UserCredentialImpl({ @@ -73,4 +85,78 @@ describe('core/providers/saml', () => { expect(cred.providerId).to.eq('saml.provider'); expect(cred.signInMethod).to.eq('saml.provider'); }); + + it('credentialFromJSON returns SAML credential from valid object', () => { + const json = { + providerId: 'saml.provider', + signInMethod: 'saml.provider', + pendingToken: 'fake-pending-token' + }; + + const credential = SAMLAuthProvider.credentialFromJSON(json); + expect(credential.providerId).to.eq('saml.provider'); + expect(credential.signInMethod).to.eq('saml.provider'); + expect((credential as any).pendingToken).to.eq('fake-pending-token'); + }); + + it('returns null when _tokenResponse is missing (undefined)', () => { + const error = _createError(AuthErrorCode.NEED_CONFIRMATION, { + appName: 'test-app' + }); + + error.customData = {}; // _tokenResponse missing + const credential = SAMLAuthProvider.credentialFromError(error); + expect(credential).to.be.null; + }); + + it('returns null when _tokenResponse is missing oauthAccessToken key', () => { + const error = _createError(AuthErrorCode.NEED_CONFIRMATION, { + appName: 'foo' + }); + error.customData = { + _tokenResponse: { + // intentionally missing oauthAccessToken + idToken: 'some-id-token', + oauthAccessToken: null + } + }; + + const cred = SAMLAuthProvider.credentialFromError(error); + expect(cred).to.be.null; + }); + + it('returns null if _create throws internally', () => { + const originalCreate = (SAMLAuthCredential as any)._create; + + (SAMLAuthCredential as any)._create = () => { + throw new Error('Simulated error'); + }; + + const error = _createError(AuthErrorCode.NEED_CONFIRMATION, { + appName: 'test-app' + }); + + error.customData = { + _tokenResponse: { + pendingToken: 'valid-token', + providerId: 'saml.my-provider' + } + }; + + const cred = SAMLAuthProvider.credentialFromError(error); + expect(cred).to.be.null; + + (SAMLAuthCredential as any)._create = originalCreate; + }); + + it('returns null when customData is undefined (falls back to empty object)', () => { + const error = _createError(AuthErrorCode.NEED_CONFIRMATION, { + appName: 'test-app' + }); + + delete (error as any).customData; + + const credential = SAMLAuthProvider.credentialFromError(error); + expect(credential).to.be.null; + }); });