During restart in some login tests

Adding rollbacks in several migration tests

Author: wmathurin

native/SampleApps/AuthFlowTester/AuthFlowTesterUITests/Tests/BaseAuthFlowTesterTest.swift

@@ -67,7 +67,7 @@ class BaseAuthFlowTesterTest: XCTestCase {
         app.launch()
 
         // Start logged out
-        if (!loginPage.isShowing()) {
+        if (mainPage.isShowing()) {
             logout()
         }
     }
@@ -323,17 +323,13 @@ class BaseAuthFlowTesterTest: XCTestCase {
     /// with the expected credentials. Use this to test session persistence.
     ///
     /// - Parameters:
-    ///   - user: The user that should still be logged in after restart.
-    ///   - staticAppConfigName: The static app configuration name.
-    ///   - staticScopeSelection: The scope selection for static configuration. Defaults to `.empty`.
+    ///   - user: The user that should still be logged in after restart. Defaults to `.first`.
     ///   - userAppConfigName: The app configuration the user was logged in with.
     ///   - userScopeSelection: The scope selection the user was logged in with. Defaults to `.empty`.
     ///   - useWebServerFlow: Whether web server OAuth flow was used. Defaults to `true`.
     ///   - useHybridFlow: Whether hybrid authentication flow was used. Defaults to `true`.
     func restartAndValidate(
-        user: KnownUserConfig,
-        staticAppConfigName: KnownAppConfig,
-        staticScopeSelection: ScopeSelection = .empty,
+        user: KnownUserConfig = .first,
         userAppConfigName: KnownAppConfig,
         userScopeSelection: ScopeSelection = .empty,
         useWebServerFlow: Bool = true,
@@ -343,11 +339,10 @@ class BaseAuthFlowTesterTest: XCTestCase {
         app.terminate()
         app.launch()
 
-        // Validate
-        validate(
+        // Validate user
+        // Not checking static app config since it will depend on the bootconfig of the target app
+        validateUser(
             user: user,
-            staticAppConfigName: staticAppConfigName,
-            staticScopeSelection: staticScopeSelection,
             userAppConfigName: userAppConfigName,
             userScopeSelection: userScopeSelection,
             useWebServerFlow: useWebServerFlow,
@@ -410,25 +405,24 @@ class BaseAuthFlowTesterTest: XCTestCase {
     // MARK: - Private Helpers
 
     @discardableResult
-    private func validate(
+    private func validateUser(
         user: KnownUserConfig,
-        staticAppConfigName: KnownAppConfig,
-        staticScopeSelection: ScopeSelection,
         userAppConfigName: KnownAppConfig,
         userScopeSelection: ScopeSelection,
         useWebServerFlow: Bool,
-        useHybridFlow: Bool
+        useHybridFlow: Bool,
     ) -> UserCredentialsData {
-
+        
         let userConfig = getUser(user)
-        let staticAppConfig = getAppConfig(named: staticAppConfigName)
         let userAppConfig = getAppConfig(named: userAppConfigName)
         let expectedGrantedScopes = testConfig.getExpectedScopesGranted(for: userAppConfig, userScopeSelection)
         let issuesJwt = userAppConfig.issuesJwt
 
         // Check that app loads and shows the expected user credentials etc
         assertMainPageLoaded()
 
+        
+        
         // Check the user credentials (consumer key should match the app config used)
         let userCredentials = checkUserCredentials(
             username: userConfig.username,
@@ -438,13 +432,6 @@ class BaseAuthFlowTesterTest: XCTestCase {
             issuesJwt: issuesJwt
         )
 
-        // Check the oauth configuration
-        _ = checkOauthConfiguration(
-            staticConsumerKey: staticAppConfig.consumerKey,
-            staticCallbackUrl: staticAppConfig.redirectUri,
-            staticScopes: testConfig.getScopesToRequest(for: staticAppConfig, staticScopeSelection)
-        )
-        
         // Check JWT if applicable
         checkJwtDetailsIfApplicable(
             appConfig: userAppConfig,
@@ -462,6 +449,39 @@ class BaseAuthFlowTesterTest: XCTestCase {
         return userCredentials
     }
 
+    @discardableResult
+    private func validate(
+        user: KnownUserConfig,
+        staticAppConfigName: KnownAppConfig,
+        staticScopeSelection: ScopeSelection,
+        userAppConfigName: KnownAppConfig,
+        userScopeSelection: ScopeSelection,
+        useWebServerFlow: Bool,
+        useHybridFlow: Bool,
+    ) -> UserCredentialsData {
+        
+        let staticAppConfig = getAppConfig(named: staticAppConfigName)
+        
+        // Check that app loads and shows the expected user credentials etc
+        assertMainPageLoaded()
+        
+        let userCredentials = validateUser(
+            user: user,
+            userAppConfigName: userAppConfigName,
+            userScopeSelection: userScopeSelection,
+            useWebServerFlow: useWebServerFlow,
+            useHybridFlow: useHybridFlow
+        )
+
+        // Check the oauth configuration
+        _ = checkOauthConfiguration(
+            staticConsumerKey: staticAppConfig.consumerKey,
+            staticCallbackUrl: staticAppConfig.redirectUri,
+            staticScopes: testConfig.getScopesToRequest(for: staticAppConfig, staticScopeSelection)
+        )
+                
+        return userCredentials
+    }
 
     private func migrateRefreshToken(
         appConfigName: KnownAppConfig,

native/SampleApps/AuthFlowTester/AuthFlowTesterUITests/Tests/BeaconLoginTests.swift

@@ -71,18 +71,28 @@ class BeaconLoginTests: BaseAuthFlowTesterTest {
     // MARK: - Using dynamic config
 
     /// Login with Beacon advanced JWT using default scopes and web server flow provided as dynamic configuration.
-    func testBeaconAdvancedJwt_DefaultScopes_DynamicConfiguration() throws {
+    /// Restart the application and validate it still works afterwards
+    func testBeaconAdvancedJwt_DefaultScopes_DynamicConfiguration_WithRestart() throws {
         launchLoginAndValidate(
             staticAppConfigName: .beaconAdvancedOpaque,
             dynamicAppConfigName: .beaconAdvancedJwt
         )
+        restartAndValidate(
+            userAppConfigName: .beaconAdvancedJwt
+        )
     }
 
     /// Login with Beacon advanced JWT using subset of scopes and web server flow provided as dynamic configuration.
-    func testBeaconAdvancedJwt_SubsetScopes_DynamicConfiguration() throws {
+    /// Restart the application and validate it still works afterwards
+    func testBeaconAdvancedJwt_SubsetScopes_DynamicConfiguration_WithRestart() throws {
         launchLoginAndValidate(
             staticAppConfigName: .beaconAdvancedOpaque,
             dynamicAppConfigName: .beaconAdvancedJwt,
-            dynamicScopeSelection: .subset)
+            dynamicScopeSelection: .subset
+        )
+        restartAndValidate(
+            userAppConfigName: .beaconAdvancedJwt,
+            userScopeSelection: .subset
+        )
     }
 }

native/SampleApps/AuthFlowTester/AuthFlowTesterUITests/Tests/ECALoginTests.swift

@@ -71,18 +71,27 @@ class ECALoginTests: BaseAuthFlowTesterTest {
     // MARK: - Using dynamic config
 
     /// Login with ECA advanced JWT using default scopes and web server flow provided as dynamic configuration.
-    func testECAAdvancedJwt_DefaultScopes_DynamicConfiguration() throws {
+    /// Restart the application and validate it still works afterwards
+    func testECAAdvancedJwt_DefaultScopes_DynamicConfiguration_WithRestart() throws {
         launchLoginAndValidate(
             staticAppConfigName: .ecaAdvancedOpaque,
             dynamicAppConfigName: .ecaAdvancedJwt
         )
+        restartAndValidate(
+            userAppConfigName: .ecaAdvancedJwt
+        )
     }
 
     /// Login with ECA advanced JWT using subset of scopes and web server flow provided as dynamic configuration.
-    func testECAAdvancedJwt_SubsetScopes_DynamicConfiguration() throws {
+    /// Restart the application and validate it still works afterwards
+    func testECAAdvancedJwt_SubsetScopes_DynamicConfiguration_WithRestart() throws {
         launchLoginAndValidate(
             staticAppConfigName: .ecaAdvancedOpaque,
             dynamicAppConfigName: .ecaAdvancedJwt,
             dynamicScopeSelection: .subset)
+        restartAndValidate(
+            userAppConfigName: .ecaAdvancedJwt,
+            userScopeSelection: .subset
+        )
     }
 }

native/SampleApps/AuthFlowTester/AuthFlowTesterUITests/Tests/LegacyLoginTests.swift

@@ -107,19 +107,28 @@ class LegacyLoginTests: BaseAuthFlowTesterTest {
     // MARK: - Using dynamic config
 
     /// Login with CA advanced JWT using default scopes and web server flow provided as dynamic configuration.
-    func testCAAdvancedJwt_DefaultScopes_DynamicConfiguration() throws {
+    /// Restart the application and validate it still works afterwards
+    func testCAAdvancedJwt_DefaultScopes_DynamicConfiguration_WithRestart() throws {
         launchLoginAndValidate(
             staticAppConfigName: .caAdvancedOpaque,
             dynamicAppConfigName: .caAdvancedJwt
         )
+        restartAndValidate(
+            userAppConfigName: .caAdvancedJwt
+        )
     }
 
     /// Login with CA advanced JWT using subset of scopes and web server flow provided as dynamic configuration.
-    func testCAAdvancedJwt_SubsetScopes_DynamicConfiguration() throws {
+    /// Restart the application and validate it still works afterwards
+    func testCAAdvancedJwt_SubsetScopes_DynamicConfiguration_WithRestart() throws {
         launchLoginAndValidate(
             staticAppConfigName: .caAdvancedOpaque,
             dynamicAppConfigName: .caAdvancedJwt,
             dynamicScopeSelection: .subset)
+        restartAndValidate(
+            userAppConfigName: .caAdvancedJwt,
+            userScopeSelection: .subset
+        )
     }
 
 }

native/SampleApps/AuthFlowTester/AuthFlowTesterUITests/Tests/MigrationTests.swift

@@ -36,6 +36,21 @@ import XCTest
 class MigrationTests: BaseAuthFlowTesterTest {
 
     // MARK: - Migration within same app (scope upgrade)
+
+    /// Migrate within same CA (scope upgrade).
+    func testMigrateCA_AddMoreScopes() throws {
+        launchAndLogin(
+            user:.second,
+            staticAppConfigName: .caAdvancedJwt,
+            staticScopeSelection: .subset
+        )
+        migrateAndValidate(
+            staticAppConfigName: .caAdvancedJwt,
+            staticScopeSelection: .subset,
+            migrationAppConfigName: .caAdvancedJwt,
+            migrationScopeSelection: .all
+        )
+    }
 
     /// Migrate within same ECA (scope upgrade).
     func testMigrateECA_AddMoreScopes() throws {
@@ -67,9 +82,9 @@ class MigrationTests: BaseAuthFlowTesterTest {
         )
     }
 
-    // MARK: - Cross-App Migrations
+    // MARK: - Cross-App Migrations with rollbacks
 
-    /// Migrate from CA to ECA
+    /// Migrate from CA to ECA and back to CA
     func testMigrateCAToECA() throws {
         launchAndLogin(
             user:.second,
@@ -79,34 +94,12 @@ class MigrationTests: BaseAuthFlowTesterTest {
             staticAppConfigName: .caAdvancedOpaque,
             migrationAppConfigName: .ecaAdvancedOpaque
         )
-    }
-        
-    /// Migrate from CA to Beacon
-    func testMigrateCAToBeacon() throws {
-        launchAndLogin(
-            user:.second,
-            staticAppConfigName: .caAdvancedOpaque
-        )
         migrateAndValidate(
-            staticAppConfigName: .caAdvancedOpaque,
-            migrationAppConfigName: .beaconAdvancedOpaque
-        )
-    }
-    
-    /// Migrate from Beacon opaque to Beacon JWT
-    func testMigrateBeaconOpaqueToJWT() throws {
-        launchAndLogin(
-            user:.second,
-            staticAppConfigName: .beaconAdvancedOpaque
-        )
-        migrateAndValidate(
-            staticAppConfigName: .beaconAdvancedOpaque,
-            migrationAppConfigName: .beaconAdvancedJwt
+            staticAppConfigName: .caAdvancedOpaque, // should not have changed
+            migrationAppConfigName: .caAdvancedOpaque
         )
     }
 
-    // MARK: - Migration followed by rollback
-
     // Migrate from CA to Beacon and back to CA
     func testMigrateCAToBeaconAndBack() throws {
         launchAndLogin(

native/SampleApps/AuthFlowTester/AuthFlowTesterUITests/overview.md

@@ -34,8 +34,8 @@ Tests for Connected App (CA) configurations including user agent flow and non-hy
 | `testCAAdvancedOpaque_DefaultScopes_UserAgentFlow_NotHybrid` | CA Advanced Opaque | Default | User Agent | No | No |
 | `testCAAdvancedOpaque_SubsetScopes_UserAgentFlow_NotHybrid` | CA Advanced Opaque | Subset | User Agent | No | No |
 | `testCAAdvancedOpaque_AllScopes_UserAgentFlow_NotHybrid` | CA Advanced Opaque | All | User Agent | No | No |
-| `testCAAdvancedJwt_DefaultScopes_DynamicConfiguration` | CA Advanced JWT | Default | Web Server | Yes | Yes |
-| `testCAAdvancedJwt_SubsetScopes_DynamicConfiguration` | CA Advanced JWT | Subset | Web Server | Yes | Yes |
+| `testCAAdvancedJwt_DefaultScopes_DynamicConfiguration_WithRestart` | CA Advanced JWT | Default | Web Server | Yes | Yes |
+| `testCAAdvancedJwt_SubsetScopes_DynamicConfiguration_WithRestart` | CA Advanced JWT | Subset | Web Server | Yes | Yes |
 
 ### ECALoginTests (8 tests)
 
@@ -49,8 +49,8 @@ Tests for External Client App (ECA) configurations using web server flow with hy
 | `testECAAdvancedJwt_DefaultScopes` | ECA Advanced JWT | Default | No |
 | `testECAAdvancedJwt_SubsetScopes_NotHybrid` | ECA Advanced JWT | Subset | No |
 | `testECAAdvancedJwt_AllScopes` | ECA Advanced JWT | All | No |
-| `testECAAdvancedJwt_DefaultScopes_DynamicConfiguration` | ECA Advanced JWT | Default | Yes |
-| `testECAAdvancedJwt_SubsetScopes_DynamicConfiguration` | ECA Advanced JWT | Subset | Yes |
+| `testECAAdvancedJwt_DefaultScopes_DynamicConfiguration_WithRestart` | ECA Advanced JWT | Default | Yes |
+| `testECAAdvancedJwt_SubsetScopes_DynamicConfiguration_WithRestart` | ECA Advanced JWT | Subset | Yes |
 
 ### BeaconLoginTests (8 tests)
 
@@ -64,26 +64,25 @@ Tests for Beacon app configurations using web server flow with hybrid auth.
 | `testBeaconAdvancedJwt_DefaultScopes` | Beacon Advanced JWT | Default | No |
 | `testBeaconAdvancedJwt_SubsetScopes` | Beacon Advanced JWT | Subset | No |
 | `testBeaconAdvancedJwt_AllScopes` | Beacon Advanced JWT | All | No |
-| `testBeaconAdvancedJwt_DefaultScopes_DynamicConfiguration` | Beacon Advanced JWT | Default | Yes |
-| `testBeaconAdvancedJwt_SubsetScopes_DynamicConfiguration` | Beacon Advanced JWT | Subset | Yes |
+| `testBeaconAdvancedJwt_DefaultScopes_DynamicConfiguration_WithRestart` | Beacon Advanced JWT | Default | Yes |
+| `testBeaconAdvancedJwt_SubsetScopes_DynamicConfiguration_WithRestart` | Beacon Advanced JWT | Subset | Yes |
 
 ---
 
 ## Migration Tests
 
-### MigrationTests (7 tests)
+### MigrationTests (6 tests)
 
 Tests for migrating refresh tokens between different app configurations without re-authentication.
 
 | Test Name | Original App | Migration App | Scope Change |
 |-----------|--------------|---------------|--------------|
+| `testMigrateCA_AddMoreScopes` | CA Advanced JWT (subset) | CA Advanced JWT (all) | Yes (add more scopes) |
 | `testMigrateECA_AddMoreScopes` | ECA Advanced JWT (subset) | ECA Advanced JWT (all) | Yes (add more scopes) |
 | `testMigrateBeacon_AddMoreScopes` | Beacon Advanced JWT (subset) | Beacon Advanced JWT (all) | Yes (add more scopes) |
-| `testMigrateCAToECA` | CA Advanced Opaque | ECA Advanced Opaque | No |
-| `testMigrateCAToBeacon` | CA Advanced Opaque | Beacon Advanced Opaque | No |
-| `testMigrateBeaconOpaqueToJWT` | Beacon Advanced Opaque | Beacon Advanced JWT | No |
+| `testMigrateCAToECA` | CA Advanced Opaque → ECA Advanced Opaque → CA Advanced Opaque | Migration with rollback | No |
 | `testMigrateCAToBeaconAndBack` | CA Advanced Opaque → Beacon Advanced Opaque → CA Advanced Opaque | Migration with rollback | No |
-| `testMigrateBeaconOpaqueToJWTAndBack` | Beacon Advanced Opaque → Beacon Advanced JWT | Migration with rollback | No |
+| `testMigrateBeaconOpaqueToJWTAndBack` | Beacon Advanced Opaque → Beacon Advanced JWT → Beacon Advanced Opaque | Migration with rollback | No |
 
 ---