fix: explicitly redirect user to next page when oauth login succeeds
GitHub Actions / Test report for security:test
succeeded
Mar 4, 2025 in 0s
55 passed, 0 failed and 0 skipped
β Β backend/security/build/test-results/test/TEST-io.tolgee.security.authentication.AuthenticationDisabledFilterTest.xml
3 tests were completed in 165ms with 3 passed, 0 failed and 0 skipped.
| Test suite | Passed | Failed | Skipped | Time |
|---|---|---|---|---|
| io.tolgee.security.authentication.AuthenticationDisabledFilterTest | 3β | 165ms |
β Β io.tolgee.security.authentication.AuthenticationDisabledFilterTest
β
it does not filter when request is OPTIONS()
β
it does not require authentication to go through()
β
it does not authenticate when authentication is enabled()
β Β backend/security/build/test-results/test/TEST-io.tolgee.security.authentication.AuthenticationFilterTest.xml
10 tests were completed in 142ms with 10 passed, 0 failed and 0 skipped.
| Test suite | Passed | Failed | Skipped | Time |
|---|---|---|---|---|
| io.tolgee.security.authentication.AuthenticationFilterTest | 10β | 142ms |
β Β io.tolgee.security.authentication.AuthenticationFilterTest
β
it does not allow request to go through with invalid JWT tokens()
β
it does not filter when request is OPTIONS()
β
it applies a rate limit on authentication attempts()
β
it allows request to go through when using invalid PAK()
β
it allows request to go through when using invalid PAT()
β
it allows request to go through with valid JWT token()
β
it allows request to go through when using expired PAK()
β
it allows request to go through when using expired PAT()
β
it allows request to go through when using valid PAK()
β
it allows request to go through when using valid PAT()
β Β backend/security/build/test-results/test/TEST-io.tolgee.security.authentication.AuthenticationInterceptorTest.xml
4 tests were completed in 135ms with 4 passed, 0 failed and 0 skipped.
| Test suite | Passed | Failed | Skipped | Time |
|---|---|---|---|---|
| io.tolgee.security.authentication.AuthenticationInterceptorTest | 4β | 135ms |
β Β io.tolgee.security.authentication.AuthenticationInterceptorTest
β
it ignores super JWT requirement when authentication is disabled()
β
it doesn't allow API key authentication by default()
β
it enforces the super JWT requirement()
β
it doesn't interfere with basic endpoints()
β Β backend/security/build/test-results/test/TEST-io.tolgee.security.authentication.EmailValidInterceptorTest.xml
2 tests were completed in 20ms with 2 passed, 0 failed and 0 skipped.
| Test suite | Passed | Failed | Skipped | Time |
|---|---|---|---|---|
| io.tolgee.security.authentication.EmailValidInterceptorTest | 2β | 20ms |
β Β io.tolgee.security.authentication.EmailValidInterceptorTest
β
not throw when annotated by email verification bypass()
β
rejects access if the user does not have a verified email()
β Β backend/security/build/test-results/test/TEST-io.tolgee.security.authentication.SsoAuthenticationInterceptorTest.xml
6 tests were completed in 82ms with 6 passed, 0 failed and 0 skipped.
| Test suite | Passed | Failed | Skipped | Time |
|---|---|---|---|---|
| io.tolgee.security.authentication.SsoAuthenticationInterceptorTest | 6β | 82ms |
β Β io.tolgee.security.authentication.SsoAuthenticationInterceptorTest
β
it allows access when sso is not forced for the user()
β
it allows access for user using sso authentication()
β
it rejects access if sso is forced for the user()
β
it allows access for user with invalid email as username()
β
it allows access for user using sso global authentication()
β
it allows access when annotated by email verification bypass()
β Β backend/security/build/test-results/test/TEST-io.tolgee.security.authorization.OrganizationAuthorizationInterceptorTest.xml
5 tests were completed in 102ms with 5 passed, 0 failed and 0 skipped.
| Test suite | Passed | Failed | Skipped | Time |
|---|---|---|---|---|
| io.tolgee.security.authorization.OrganizationAuthorizationInterceptorTest | 5β | 102ms |
β Β io.tolgee.security.authorization.OrganizationAuthorizationInterceptorTest
β
rejects access if the user does not have a sufficiently high role()
β
it hides the organization if the user cannot see it()
β
it has no effect on endpoints not specific to a single organization()
β
it requires an annotation to be present on the handler()
β
it does not allow both annotations to be present()
β Β backend/security/build/test-results/test/TEST-io.tolgee.security.authorization.ProjectAuthorizationInterceptorTest.xml
11 tests were completed in 249ms with 11 passed, 0 failed and 0 skipped.
| Test suite | Passed | Failed | Skipped | Time |
|---|---|---|---|---|
| io.tolgee.security.authorization.ProjectAuthorizationInterceptorTest | 11β | 249ms |
β Β io.tolgee.security.authorization.ProjectAuthorizationInterceptorTest
β
it hides the organization if the user cannot see it()
β
permissions work as intended when using implicit project id()
β
it does not let scopes on the key work if the authenticated user does not have them()
β
it has no effect on endpoints not specific to a single project()
β
ensures API key works only for the project it is bound to()
β
rejects access if the user is admin and authorizes with API key()
β
rejects access if the user does not have the required scope (single scope)()
β
it restricts scopes (multiple scopes)()
β
it requires an annotation to be present on the handler()
β
it does not allow both annotations to be present()
β
rejects access if the user does not have the required scope (multiple scopes)()
β Β backend/security/build/test-results/test/TEST-io.tolgee.security.ratelimit.GlobalIpRateLimitFilterTest.xml
3 tests were completed in 10ms with 3 passed, 0 failed and 0 skipped.
| Test suite | Passed | Failed | Skipped | Time |
|---|---|---|---|---|
| io.tolgee.security.ratelimit.GlobalIpRateLimitFilterTest | 3β | 10ms |
β Β io.tolgee.security.ratelimit.GlobalIpRateLimitFilterTest
β
it lets requests through()
β
it does not let rate limited requests through()
β
it does rate limit if request is OPTIONS()
β Β backend/security/build/test-results/test/TEST-io.tolgee.security.ratelimit.GlobalUserRateLimitFilterTest.xml
3 tests were completed in 6ms with 3 passed, 0 failed and 0 skipped.
| Test suite | Passed | Failed | Skipped | Time |
|---|---|---|---|---|
| io.tolgee.security.ratelimit.GlobalUserRateLimitFilterTest | 3β | 6ms |
β Β io.tolgee.security.ratelimit.GlobalUserRateLimitFilterTest
β
it lets requests through()
β
it does not let rate limited requests through()
β
it does rate limit if request is OPTIONS()
β Β backend/security/build/test-results/test/TEST-io.tolgee.security.ratelimit.RateLimitInterceptorTest.xml
8 tests were completed in 117ms with 8 passed, 0 failed and 0 skipped.
| Test suite | Passed | Failed | Skipped | Time |
|---|---|---|---|---|
| io.tolgee.security.ratelimit.RateLimitInterceptorTest | 8β | 117ms |
β Β io.tolgee.security.ratelimit.RateLimitInterceptorTest
β
it rate limits requests according to the specified policy()
β
endpoint rate limit policy is correctly extracted from annotations()
β
endpoint rate limit bucket correctly discriminates against major path variables()
β
endpoint rate limit uses the correct user or ip discrimination method()
β
it uses different buckets for different paths()
β
it does not rate limit when limits are disabled()
β
it does not rate limit when there are no annotations()
β
it uses the same buckets for paths with a shared bucket()
Loading