Skip to content

Commit

Permalink
feat: redirect to custom URL when third-party auth account is unlinked
Browse files Browse the repository at this point in the history
(cherry picked from commit abad25c)
  • Loading branch information
ArturGaspar authored and kaustavb12 committed Apr 14, 2024
1 parent 1134c1b commit 8dd8889
Show file tree
Hide file tree
Showing 5 changed files with 66 additions and 1 deletion.
1 change: 1 addition & 0 deletions .env
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ ORDER_HISTORY_URL=null
REFRESH_ACCESS_TOKEN_ENDPOINT=null
SEGMENT_KEY=''
SITE_NAME=null
TPA_UNLINKED_ACCOUNT_PROVISION_URL=''
INFO_EMAIL=''
# ***** Cookies *****
USER_RETENTION_COOKIE_NAME=null
Expand Down
6 changes: 5 additions & 1 deletion README.rst
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,10 @@ The authentication micro-frontend also requires the following additional variabl
- Name of MFE, this will be used by the API to get runtime configurations for the specific micro frontend. For a frontend repo `frontend-app-appName`, use `appName` as APP_ID.
- ``authn`` | ``''``

* - ``TPA_UNLINKED_ACCOUNT_PROVISION_URL``
- URL to redirect to when the identity provided by third-party authentication is not yet linked to a platform account. This allows for redirecting to a custom sign-up flow handled by an external service to create the linked account. An empty string (the default) disables this feature.
- ``http://example.com/signup`` | ``''``


edX-specific Environment Variables
**********************************
Expand Down Expand Up @@ -187,4 +191,4 @@ Please see `LICENSE <https://github.com/openedx/frontend-app-authn/blob/master/L
:target: https://github.com/openedx/edx-developer-docs/actions/workflows/ci.yml
:alt: Continuous Integration
.. |semantic-release| image:: https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg
:target: https://github.com/semantic-release/semantic-release
:target: https://github.com/semantic-release/semantic-release
1 change: 1 addition & 0 deletions src/config/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ const configuration = {
SEARCH_CATALOG_URL: process.env.SEARCH_CATALOG_URL || null,
TOS_AND_HONOR_CODE: process.env.TOS_AND_HONOR_CODE || null,
TOS_LINK: process.env.TOS_LINK || null,
TPA_UNLINKED_ACCOUNT_PROVISION_URL: process.env.TPA_UNLINKED_ACCOUNT_PROVISION_URL || null,
// Base container images
BANNER_IMAGE_LARGE: process.env.BANNER_IMAGE_LARGE || '',
BANNER_IMAGE_MEDIUM: process.env.BANNER_IMAGE_MEDIUM || '',
Expand Down
12 changes: 12 additions & 0 deletions src/login/LoginPage.jsx
Original file line number Diff line number Diff line change
Expand Up @@ -310,6 +310,18 @@ class LoginPage extends React.Component {
} = this.props;
const { currentProvider, providers, secondaryProviders } = this.props.thirdPartyAuthContext;

const unlinkedProvisionUrl = getConfig().TPA_UNLINKED_ACCOUNT_PROVISION_URL;

/**
* When currentProvider exists and we are in a login page, it is
* because the third-party authenticated account is not linked.
* See also ThirdPartyAuthAlert.jsx.
*/
if (currentProvider && unlinkedProvisionUrl) {
window.location.href = unlinkedProvisionUrl;
return null;
}

if (this.tpaHint) {
if (thirdPartyAuthApiStatus === PENDING_STATE) {
return <Skeleton height={36} />;
Expand Down
47 changes: 47 additions & 0 deletions src/login/tests/LoginPage.test.jsx
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import { Provider } from 'react-redux';
import { getConfig, mergeConfig } from '@edx/frontend-platform';
import { sendPageEvent } from '@edx/frontend-platform/analytics';
import { injectIntl, IntlProvider } from '@edx/frontend-platform/i18n';
import { render } from '@testing-library/react';
import { mount } from 'enzyme';
import { MemoryRouter } from 'react-router-dom';
import renderer from 'react-test-renderer';
Expand Down Expand Up @@ -766,4 +767,50 @@ describe('LoginPage', () => {

expect(store.dispatch).toHaveBeenCalledWith(loginRemovePasswordResetBanner());
});

it('should not redirect to provisioning URL when not configured', () => {
mergeConfig({
TPA_UNLINKED_ACCOUNT_PROVISION_URL: '',
});

store = mockStore({
...initialState,
commonComponents: {
...initialState.commonComponents,
thirdPartyAuthContext: {
...initialState.commonComponents.thirdPartyAuthContext,
currentProvider: ssoProvider.name,
},
},
});

delete window.location;
window.location = { href: getConfig().BASE_URL.concat(LOGIN_PAGE) };

render(reduxWrapper(<IntlLoginPage {...props} />));
expect(window.location.href).toEqual(getConfig().BASE_URL.concat(LOGIN_PAGE));
});

it('should redirect to provisioning URL on unlinked third-party auth account', () => {
mergeConfig({
TPA_UNLINKED_ACCOUNT_PROVISION_URL: 'http://example.com/signup',
});

store = mockStore({
...initialState,
commonComponents: {
...initialState.commonComponents,
thirdPartyAuthContext: {
...initialState.commonComponents.thirdPartyAuthContext,
currentProvider: ssoProvider.name,
},
},
});

delete window.location;
window.location = { href: getConfig().BASE_URL.concat(LOGIN_PAGE) };

render(reduxWrapper(<IntlLoginPage {...props} />));
expect(window.location.href).toEqual('http://example.com/signup');
});
});

0 comments on commit 8dd8889

Please sign in to comment.