|
| 1 | +/* |
| 2 | + * Copyright (c) 2025 Ping Identity Corporation. All rights reserved. |
| 3 | + * |
| 4 | + * This software may be modified and distributed under the terms |
| 5 | + * of the MIT license. See the LICENSE file for details. |
| 6 | + */ |
| 7 | +import { expect, test } from '@playwright/test'; |
| 8 | +import { asyncEvents } from './utils/async-events.js'; |
| 9 | +import { username, password } from './utils/demo-user.js'; |
| 10 | + |
| 11 | +test('Test Protect collector with Custom HTML component', async ({ page }) => { |
| 12 | + const davinciFlow = 'ea02bcbfb2112e051c94ee9b08083d2d'; |
| 13 | + const { navigate } = asyncEvents(page); |
| 14 | + await navigate(`/?acr_values=${davinciFlow}`); |
| 15 | + |
| 16 | + await expect(page.url()).toBe(`http://localhost:5829/?acr_values=${davinciFlow}`); |
| 17 | + |
| 18 | + await expect(page.getByText('JS Protect - Custom HTML Form')).toBeVisible(); |
| 19 | + |
| 20 | + const requests = []; |
| 21 | + page.on('request', (request) => { |
| 22 | + const method = request.method(); |
| 23 | + const requestUrl = request.url(); |
| 24 | + const payload = request.postDataJSON(); |
| 25 | + const data = payload.parameters.data.formData.riskSDK; |
| 26 | + |
| 27 | + requests.push(requestUrl); |
| 28 | + |
| 29 | + if (method === 'POST' && requestUrl.includes('customHTMLTemplate')) { |
| 30 | + expect(data).toBeDefined(); |
| 31 | + expect(data).toMatch(/^R\/o\//); |
| 32 | + } |
| 33 | + }); |
| 34 | + |
| 35 | + await page.getByLabel('Username').fill(username); |
| 36 | + await page.getByLabel('Password').fill(password); |
| 37 | + |
| 38 | + await page.getByRole('button', { name: 'Sign On' }).click(); |
| 39 | + |
| 40 | + await expect( |
| 41 | + page.getByText(/Sorry Bot, we cannot let you in this time.|You were blocked by PingOne Risk/), |
| 42 | + ).toBeVisible(); |
| 43 | + |
| 44 | + const protectRequest = requests.some((url) => url.includes('customHTMLTemplate')); |
| 45 | + await expect(protectRequest).toBeTruthy(); |
| 46 | +}); |
| 47 | + |
| 48 | +test('Test Protect collector with P1 Forms component', async ({ page }) => { |
| 49 | + const davinciFlow = '908858ce3a809b579f11f49c4283b7a6'; |
| 50 | + const { navigate } = asyncEvents(page); |
| 51 | + await navigate(`/?acr_values=${davinciFlow}`); |
| 52 | + |
| 53 | + await expect(page.url()).toBe(`http://localhost:5829/?acr_values=${davinciFlow}`); |
| 54 | + |
| 55 | + await expect(page.getByText('Example - Sign On')).toBeVisible(); |
| 56 | + |
| 57 | + const requests = []; |
| 58 | + page.on('request', (request) => { |
| 59 | + const method = request.method(); |
| 60 | + const requestUrl = request.url(); |
| 61 | + const payload = request.postDataJSON(); |
| 62 | + const data = payload.parameters.data.formData.deviceRisk; |
| 63 | + |
| 64 | + requests.push(requestUrl); |
| 65 | + |
| 66 | + if (method === 'POST' && requestUrl.includes('customForm')) { |
| 67 | + expect(data).toBeDefined(); |
| 68 | + expect(data).toMatch(/^R\/o\//); |
| 69 | + } |
| 70 | + }); |
| 71 | + |
| 72 | + await page.getByLabel('Username').fill(username); |
| 73 | + await page.getByLabel('Password').fill(password); |
| 74 | + |
| 75 | + await page.getByRole('button', { name: 'Sign On' }).click(); |
| 76 | + |
| 77 | + await expect( |
| 78 | + page.getByText(/Sorry Bot, we cannot let you in this time.|You were blocked by PingOne Risk/), |
| 79 | + ).toBeVisible(); |
| 80 | + |
| 81 | + const protectRequest = requests.some((url) => url.includes('customForm')); |
| 82 | + await expect(protectRequest).toBeTruthy(); |
| 83 | +}); |
0 commit comments