hashicorp · zofskeez · Apr 7, 2022 · Apr 5, 2022 · Apr 5, 2022 · Apr 6, 2022
diff --git a/changelog/14916.txt b/changelog/14916.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+ui: Fixes issue logging in with OIDC from a listed auth mounts tab
+```
@@ -117,7 +117,8 @@ export default Component.extend(DEFAULTS, {
     if (!methods && !wrappedToken) {
       return {};
     }
-    if (keyIsPath) {
+    // if type is provided we can ignore path since we are attempting to lookup a specific backend by type
+    if (keyIsPath && !type) {
       return methods.findBy('path', selected);
     }
     return BACKENDS.findBy('type', selected);
@@ -227,7 +228,7 @@ export default Component.extend(DEFAULTS, {
         });
         this.onSuccess(authResponse, backendType, data);
       } catch (e) {
-        this.set('loading', false);
+        this.set('isLoading', false);
         if (!this.auth.mfaError) {
           this.set('error', `Authentication failed: ${this.auth.handleError(e)}`);
         }
@@ -260,7 +261,7 @@ export default Component.extend(DEFAULTS, {
         error: null,
       });
       // if callback from oidc or jwt we have a token at this point
-      let backend = ['oidc', 'jwt'].includes(this.selectedAuth)
+      let backend = ['oidc', 'jwt'].includes(this.providerName)
         ? this.getAuthBackend('token')
         : this.selectedAuthBackend || {};
       let backendMeta = BACKENDS.find(
@@ -279,7 +280,7 @@ export default Component.extend(DEFAULTS, {
     },
     handleError(e) {
       this.setProperties({
-        loading: false,
+        isLoading: false,
         error: e ? this.auth.handleError(e) : null,
       });
     },

@@ -178,8 +178,14 @@ export default Component.extend({
       if (!this.isOIDC || !this.role || !this.role.authUrl) {
         return;
       }
-
-      await this.fetchRole.perform(this.roleName, { debounce: false });
+      try {
+        await this.fetchRole.perform(this.roleName, { debounce: false });
+      } catch (error) {
+        // this task could be cancelled if the instances in didReceiveAttrs resolve after this was started
+        if (error?.name !== 'TaskCancelation') {
+          throw error;
+        }
+      }
       let win = this.getWindow();
 
       const POPUP_WIDTH = 500;

@@ -6,19 +6,12 @@ import { fakeWindow, buildMessage } from '../helpers/oidc-window-stub';
 import sinon from 'sinon';
 import { later, _cancelTimers as cancelTimers } from '@ember/runloop';
 
-module('Acceptance | logout auth method', function (hooks) {
+module('Acceptance | oidc auth method', function (hooks) {
   setupApplicationTest(hooks);
   setupMirage(hooks);
 
   hooks.beforeEach(function () {
     this.openStub = sinon.stub(window, 'open').callsFake(() => fakeWindow.create());
-  });
-  hooks.afterEach(function () {
-    this.openStub.restore();
-  });
-
-  // coverage for bug where token was selected as auth method for oidc and jwt
-  test('it should populate oidc auth method on logout', async function (assert) {
     this.server.post('/auth/oidc/oidc/auth_url', () => ({
       data: { auth_url: 'http://example.com' },
     }));
@@ -27,13 +20,59 @@ module('Acceptance | logout auth method', function (hooks) {
     }));
     // ensure clean state
     sessionStorage.removeItem('selectedAuth');
+  });
+  hooks.afterEach(function () {
+    this.openStub.restore();
+  });
+
+  const login = async (select) => {
     await visit('/vault/auth');
-    await fillIn('[data-test-select="auth-method"]', 'oidc');
+    // select from dropdown or click auth path tab
+    if (select) {
+      await fillIn('[data-test-select="auth-method"]', 'oidc');
+    } else {
+      await click('[data-test-auth-method-link="oidc"]');
+    }
     later(() => {
       window.postMessage(buildMessage().data, window.origin);
       cancelTimers();
     }, 50);
     await click('[data-test-auth-submit]');
+  };
+
+  test('it should login with oidc when selected from auth methods dropdown', async function (assert) {
+    assert.expect(1);
+
+    this.server.get('/auth/token/lookup-self', (schema, req) => {
+      assert.ok(true, 'request made to auth/token/lookup-self after oidc callback');
+      req.passthrough();
+    });
+
+    await login(true);
+  });
+
+  test('it should login with oidc from listed auth mount tab', async function (assert) {
+    assert.expect(1);
+
+    this.server.get('/sys/internal/ui/mounts', () => ({
+      data: {
+        auth: {
+          'oidc/': { description: '', options: {}, type: 'oidc' },
+        },
+      },
+    }));
+    // there was a bug that would result in the /auth/:path/login endpoint hit with an empty payload rather than lookup-self
+    // ensure that the correct endpoint is hit after the oidc callback
+    this.server.get('/auth/token/lookup-self', (schema, req) => {
+      assert.ok(true, 'request made to auth/token/lookup-self after oidc callback');
+      req.passthrough();
+    });
+    await login();
+  });
+
+  // coverage for bug where token was selected as auth method for oidc and jwt
+  test('it should populate oidc auth method on logout', async function (assert) {
+    await login(true);
     await click('.nav-user-button button');
     await click('#logout');
     assert