Merge pull request #2673 from cyberark/failing-oidc-features-fix

Fixes failing Cucumber Test
cyberark · Nov 2, 2022 · 6b43f2f · 6b43f2f
2 parents 32dda9d + 9e589c3
commit 6b43f2f
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 24 deletions.
diff --git a/app/domain/authentication/authn_oidc/v2/client.rb b/app/domain/authentication/authn_oidc/v2/client.rb
@@ -54,6 +54,9 @@ def callback(code:, nonce:, code_verifier:)
             when /The authorization code is invalid or has expired/
               raise Errors::Authentication::AuthnOidc::TokenRetrievalFailed,
                     'Authorization code is invalid or has expired'
+            when /Code not valid/
+              raise Errors::Authentication::AuthnOidc::TokenRetrievalFailed,
+                    'Authorization code is invalid'
             end
             raise e
           end

diff --git a/cucumber/authenticators_oidc/features/authn_oidc_v2.feature b/cucumber/authenticators_oidc/features/authn_oidc_v2.feature
@@ -192,7 +192,7 @@ Feature: OIDC Authenticator V2 - Users can authenticate with OIDC authenticator
     Then it is a bad request
     And The following appears in the log after my savepoint:
     """
-    Rack::OAuth2::Client::Error
+    Errors::Authentication::AuthnOidc::TokenRetrievalFailed
     """
 
   @negative @acceptance
@@ -217,29 +217,6 @@ Feature: OIDC Authenticator V2 - Users can authenticate with OIDC authenticator
     Errors::Conjur::RequestedResourceNotFound: CONJ00123E Resource
     """
 
-
-  # This test throws an error because the provider URI is invalid.
-  # TODO - add a test to verify URI valididity of provider uri
-  # TODO - throw a valid exception when the provider fails to load an OIDC
-  #         endpoint during the service discover (which occurs when rendering the
-  #         provider list)
-  #
-  # Does this test actually make sense?
-  # @smoke
-  # Scenario: provider-uri dynamic change
-  #   And I fetch a code for username "alice" and password "alice"
-  #   And I authenticate via OIDC V2 with code
-  #   And user "alice" has been authorized by Conjur
-  #   # Update provider uri to a different hostname and verify `provider-uri` has changed
-  #   When I add the secret value "https://different-provider:8443" to the resource "cucumber:variable:conjur/authn-oidc/keycloak2/provider-uri"
-  #   And I authenticate via OIDC V2 with code
-  #   Then it is unauthorized
-  #   # Check recovery to a valid provider uri
-  #   # When I successfully set OIDC V2 variables for "keycloak2"
-  #   And I fetch a code for username "alice" and password "alice"
-  #   And I authenticate via OIDC V2 with code
-  #   Then user "alice" has been authorized by Conjur
-
   @negative @acceptance
   Scenario: Unauthenticated is raised in case of an invalid OIDC Provider hostname
     Given I fetch a code for username "alice" and password "alice"