Add support for proper e2e testing for the sign in functionality of passkey

Author: deepjyoti30-st

examples/for-tests-react-16/src/App.js

@@ -907,11 +907,55 @@ function getWebauthnConfigs({ throwWebauthnError, webauthnErrorStatus }) {
                         log(`GET REGISTER OPTIONS`);
                         return implementation.getRegisterOptions(...args);
                     },
-                    getSignInOptions(...args) {
+                    async getSignInOptions(...args) {
                         log(`GET SIGN IN OPTIONS`);
                         return implementation.getSignInOptions(...args);
                     },
-                    signIn(...args) {
+                    async authenticateCredential(...args) {
+                        log("AUTHENTICATE CREDENTIAL");
+
+                        // We will make a network call to get the registration options
+                        // for sign up.
+                        // Then we will use the registrationOptions and the passed args
+                        // to create and assert a credential.
+
+                        const email = `${Math.random().toString().slice(2)}@supertokens.com`;
+                        const registrationOptions = await implementation.getRegisterOptions({
+                            userContext: {},
+                            email,
+                        });
+                        const signInOptions = args[0].authenticationOptions;
+
+                        const response = await fetch(`${getApiDomain()}/test/webauthn/create-and-assert-credential`, {
+                            method: "POST",
+                            body: JSON.stringify({
+                                registerOptionsResponse: registrationOptions,
+                                signInOptionsResponse: signInOptions,
+                                rpId: "localhost",
+                                rpName: "localhost",
+                                origin: "http://localhost:3031",
+                            }),
+                            headers: {
+                                "Content-Type": "application/json",
+                            },
+                        });
+
+                        if (!response.ok) {
+                            throw new STGeneralError("TEST ERROR: CREATING CREDENTIAL FAILED");
+                        }
+
+                        const { attestation, assertion } = (await response.json()).credential;
+
+                        // Sign up the user using the attestation;
+                        await implementation.signUp({
+                            webauthnGeneratedOptionsId: registrationOptions.webauthnGeneratedOptionsId,
+                            credential: attestation,
+                            userContext: {},
+                        });
+
+                        return { authenticationResponse: assertion, status: "OK" };
+                    },
+                    async signIn(...args) {
                         log(`SIGN IN`);
                         return implementation.signIn(...args);
                     },
@@ -953,11 +997,7 @@ function getWebauthnConfigs({ throwWebauthnError, webauthnErrorStatus }) {
                             };
                         }
 
-                        return {
-                            status: "OK",
-                            user: {},
-                            fetchResponse: {},
-                        };
+                        return implementation.authenticateCredentialWithSignIn(...args);
                     },
                 };
             },

examples/for-tests/src/App.js

@@ -1169,11 +1169,55 @@ function getWebauthnConfigs({ throwWebauthnError, webauthnErrorStatus }) {
                         log(`GET REGISTER OPTIONS`);
                         return implementation.getRegisterOptions(...args);
                     },
-                    getSignInOptions(...args) {
+                    async getSignInOptions(...args) {
                         log(`GET SIGN IN OPTIONS`);
                         return implementation.getSignInOptions(...args);
                     },
-                    signIn(...args) {
+                    async authenticateCredential(...args) {
+                        log("AUTHENTICATE CREDENTIAL");
+
+                        // We will make a network call to get the registration options
+                        // for sign up.
+                        // Then we will use the registrationOptions and the passed args
+                        // to create and assert a credential.
+
+                        const email = `${Math.random().toString().slice(2)}@supertokens.com`;
+                        const registrationOptions = await implementation.getRegisterOptions({
+                            userContext: {},
+                            email,
+                        });
+                        const signInOptions = args[0].authenticationOptions;
+
+                        const response = await fetch(`${getApiDomain()}/test/webauthn/create-and-assert-credential`, {
+                            method: "POST",
+                            body: JSON.stringify({
+                                registerOptionsResponse: registrationOptions,
+                                signInOptionsResponse: signInOptions,
+                                rpId: "localhost",
+                                rpName: "localhost",
+                                origin: "http://localhost:3031",
+                            }),
+                            headers: {
+                                "Content-Type": "application/json",
+                            },
+                        });
+
+                        if (!response.ok) {
+                            throw new STGeneralError("TEST ERROR: CREATING CREDENTIAL FAILED");
+                        }
+
+                        const { attestation, assertion } = (await response.json()).credential;
+
+                        // Sign up the user using the attestation;
+                        await implementation.signUp({
+                            webauthnGeneratedOptionsId: registrationOptions.webauthnGeneratedOptionsId,
+                            credential: attestation,
+                            userContext: {},
+                        });
+
+                        return { authenticationResponse: assertion, status: "OK" };
+                    },
+                    async signIn(...args) {
                         log(`SIGN IN`);
                         return implementation.signIn(...args);
                     },
@@ -1215,11 +1259,7 @@ function getWebauthnConfigs({ throwWebauthnError, webauthnErrorStatus }) {
                             };
                         }
 
-                        return {
-                            status: "OK",
-                            user: {},
-                            fetchResponse: {},
-                        };
+                        return implementation.authenticateCredentialWithSignIn(...args);
                     },
                 };
             },

lib/build/webauthnprebuiltui.js

@@ -6,7 +6,7 @@ import {
     screenshotOnFailure,
     clearBrowserCookiesWithoutAffectingConsole,
     toggleSignInSignUp,
-    getTestEmail,
+    setEnabledRecipes,
     waitForSTElement,
     submitForm,
 } from "../helpers";
@@ -25,6 +25,8 @@ describe("SuperTokens Webauthn SignIn", () => {
             method: "POST",
         }).catch(console.error);
 
+        await setEnabledRecipes(["webauthn", "emailpassword", "session", "dashboard", "userroles"]);
+
         browser = await setupBrowser();
         page = await browser.newPage();
         page.on("console", (consoleObj) => {
@@ -57,13 +59,28 @@ describe("SuperTokens Webauthn SignIn", () => {
     });
 
     describe("SignIn test", () => {
-        it("should be able to sign in with webauthn", async () => {
+        it("signup with passkey", async () => {
             await tryWebauthnSignIn(page);
+
+            // Most of the sign-in mock is defined in the override for the web
+            // test server.
+            //
+            // In here, we are just asserting the logs to ensure that all the necessary
+            // functions are being called in the correct order and all of them are present.
+
             assert.deepStrictEqual(consoleLogs, [
                 "ST_LOGS SESSION OVERRIDE ADD_FETCH_INTERCEPTORS_AND_RETURN_MODIFIED_FETCH",
                 "ST_LOGS SESSION OVERRIDE ADD_AXIOS_INTERCEPTORS",
                 "ST_LOGS WEBAUTHN OVERRIDE AUTHENTICATE CREDENTIAL WITH SIGN IN",
-                "ST_LOGS SUPERTOKENS GET_REDIRECTION_URL TO_AUTH",
+                "ST_LOGS WEBAUTHN OVERRIDE GET SIGN IN OPTIONS",
+                "ST_LOGS WEBAUTHN PRE_API_HOOKS SIGN_IN_OPTIONS",
+                "ST_LOGS WEBAUTHN OVERRIDE AUTHENTICATE CREDENTIAL",
+                "ST_LOGS WEBAUTHN PRE_API_HOOKS REGISTER_OPTIONS",
+                "ST_LOGS WEBAUTHN PRE_API_HOOKS SIGN_UP",
+                "ST_LOGS SESSION ON_HANDLE_EVENT SESSION_CREATED",
+                "ST_LOGS SESSION OVERRIDE GET_USER_ID",
+                "ST_LOGS WEBAUTHN OVERRIDE SIGN IN",
+                "ST_LOGS WEBAUTHN PRE_API_HOOKS SIGN_IN",
             ]);
         });
         it("should recover successfully from a recoverable error", async () => {