Test to mock GitHub oauth with Next-Auth #6164
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
It's great having you contribute to this project
Welcome to the community 🤓If you would like to continue contributing to open source and would like to do it with an awesome inclusive community, you should join our Discord chat and our GitHub Organisation - we help and encourage each other to contribute to open source little and often 🤓 . Any questions let us know.
github-actions
bot
added
large
|
I have a few theories I'm exploring as to why this won't work "as is" from the blog tutorial version. Feel free to follow my rabbit hole or consider others: 1.We may have to set up the mock server for this version to work even though we have no need to mock the API calls. I'm thinking this because the mock server is what intercepts and modifies the information allowing login to github. I got this idea re-reading this comment in the article where it talks about the data provided for the GH secrets and such won't matter since it will be intercepted. We are currently getting errors that it's invalid JWT becuase we are NOT intercepting it "// 3. Here we are binding our user with a "Github fake account", this is needed since we are using OAuth, we don't have to worry about this data since we are gonna intercept and mock the direct Github API calls" 2.Theory 2 -this won't work bc similarly to what Dan noticed, we need to provide more information, however, I'm not sure how to build a fake yet valid JWT. Another potential area to explore... (see [nextauth].js for the auth options that led me to this train of thought) |
|
Thanks Amanda! Another option/idea for plan C, is we enable email/password login during testing instead of GitHub OAuth, and we perform a real login but only to out DB (we would have to inject the user into the DB, and maybe have a password field that isn't used during production). |
|
adding note to this issue from Discord suggestion to review https://next-auth.js.org/configuration/callbacks |
|
I did some debug work. After modifying the tests & removing There is a library to create valid JWTs |
Amazing! I was thinking the same thing after you noticed the JWT issue but hadn't looked into mocking that yet. I'm about to head into some meetings so won't have time to look at this again until tomorrow likely so feel free to use this branch if you want. I haven't made any changes yet today |
|
I got the session Token working 🥳 Now the problem is the statistics page doesn't have all the info it needs in getServerSideProps. |
|
The automated test fails because we nee Not exactly sure how to do this. |
Dan!!!! This is incredible news. I can't wait to take a look at the code. And the stats page makes sense and should be easy to fix. I'm pretty sure we didn't make a full profile, just login so there's no account. But login only actually covers the scope of this issue so we might be able to qa this and then split that out. Wdyt @eddiejaoude ? |
I think you are right and from reading the docs, they may require it in the future anyway so we would be ahead of any future changes for prod and dev. "Defining an explicit secret will make this problem go away. We will likely make this option mandatory, even in development, in the future." Here's the docs for quick referencce: https://next-auth.js.org/configuration/options#secret |
|
Automated test works! |
There was a problem hiding this comment.
Left a few suggestions, also another question I do not know the answer to. Is it fine to leave this test user sitting in the database? Will it be accidentally queried in any other code we have that we know of? We could destroy after tests. but then we are creating each time, which perhaps we dont' want to do. Thoughts?
Co-authored-by: Amanda <97615019+amandamartin-dev@users.noreply.github.com>
Co-authored-by: Amanda <97615019+amandamartin-dev@users.noreply.github.com>
All tests are run on an empty database, not the production database. |
Oh! Thank you for that. It makes sense but just wasn't sure. So I guess the only thing left is to officially open this to review? And then open a subsequent issue to write a test for the stats page (that addresses the data issues you noticed?) |
I got rid of the data issue (we were passing session as a prop, but it was unused). |
|
Wow great work 🚀 ! I was out yesterday and looks like you both had fun and success 🎉 |
|
Looks great, amazing work, thank you both! I kept getting timing outs on the search and map tests locally, and this was due to the use list api payload being so big, I hope you don't mind but I fixed it and added it to this PR - please review it though. |
|
I got too excited and merged it 😱 I am so excited we have this feature 🎉 |
Fixes Issue
Building on from #6151
fixes #5788
Changes proposed
Check List (Check all the applicable boxes)
Screenshots
Note to reviewers