feat: implement tenant OAuth flow and guest achievements

2025-09-25 08:32:37 +02:00
parent ef6203c603
commit b22d91ed32
84 changed files with 5984 additions and 1399 deletions
--- a/tests/e2e/guest-profile-flow.test.ts
+++ b/tests/e2e/guest-profile-flow.test.ts
@@ -0,0 +1,52 @@
+import { test, expect } from '@playwright/test';
+
+test.describe('Guest Profile Flow', () => {
+  test('should require name setup on first event join and persist it', async ({ page }) => {
+    // Assume Vite dev server is running on localhost:5173
+    await page.goto('http://localhost:5173/');
+
+    // Enter event slug manually
+    await page.fill('input[placeholder*="Event-Code"]', 'test-event');
+    await page.click('button:has-text("Event beitreten")');
+
+    // Should redirect to setup if no name
+    await expect(page).toHaveURL(/.*\/e\/test-event\/setup/);
+
+    // Fill name and submit
+    await page.fill('input[placeholder*="Dein Name"]', 'Test User');
+    await page.click('button:has-text("LET\'S GO! ✨")');
+
+    // Should navigate to home
+    await expect(page).toHaveURL(/.*\/e\/test-event$/);
+
+    // Check localStorage
+    const storedName = await page.evaluate(() => localStorage.getItem('guestName_test-event'));
+    expect(storedName).toBe('Test User');
+
+    // Reload to test persistence - should stay on home, not redirect to setup
+    await page.reload();
+    await expect(page).toHaveURL(/.*\/e\/test-event$/);
+
+    // Re-nav to landing and join again - should go directly to home
+    await page.goto('http://localhost:5173/');
+    await page.fill('input[placeholder*="Event-Code"]', 'test-event');
+    await page.click('button:has-text("Event beitreten")');
+    await expect(page).toHaveURL(/.*\/e\/test-event$/);
+  });
+
+  test('should go directly to home if name already stored', async ({ page }) => {
+    // Pre-set name in localStorage
+    await page.addInitScript(() => {
+      localStorage.setItem('guestName_test-event', 'Existing User');
+    });
+
+    await page.goto('http://localhost:5173/');
+
+    // Join
+    await page.fill('input[placeholder*="Event-Code"]', 'test-event');
+    await page.click('button:has-text("Event beitreten")');
+
+    // Should go directly to home
+    await expect(page).toHaveURL(/.*\/e\/test-event$/);
+  });
+});
--- a/tests/e2e/oauth-flow.test.ts
+++ b/tests/e2e/oauth-flow.test.ts
@@ -0,0 +1,76 @@
+import { test, expect } from '@playwright/test';
+
+test('OAuth Flow for tenant-admin-app', async ({ page }) => {
+  const code_challenge = 'dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk';
+  const code_verifier = 'E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM';
+  const redirect_uri = 'http://localhost:8000/auth/callback';
+  const state = 'teststate';
+  const scope = 'tenant:read tenant:write tenant:admin';
+
+  const authorizeUrl = `/api/v1/oauth/authorize?response_type=code&client_id=tenant-admin-app&redirect_uri=${encodeURIComponent(redirect_uri)}&scope=${encodeURIComponent(scope)}&code_challenge=${code_challenge}&code_challenge_method=S256&state=${state}`;
+
+  // Navigate to authorize - should immediately redirect to callback
+  await page.goto(authorizeUrl);
+  await page.waitForLoadState('networkidle');
+
+  // Log response if no redirect
+  const currentUrl = page.url();
+  if (currentUrl.includes('/authorize')) {
+    const response = await page.content();
+    console.log('No redirect, response:', response.substring(0, 500)); // First 500 chars
+  }
+
+  // Wait for redirect to callback and parse params
+  await expect(page).toHaveURL(new RegExp(`${redirect_uri}\\?.*`));
+  const urlObj = new URL(currentUrl);
+  const code = urlObj.searchParams.get('code') || '';
+  const receivedState = urlObj.searchParams.get('state') || '';
+
+  expect(receivedState).toBe(state);
+  expect(code).not.toBeNull();
+
+  console.log('Authorization code:', code);
+
+  // Token exchange via fetch
+  const tokenParams = {
+    code: code!,
+    redirect_uri,
+    code_verifier
+  };
+  const tokenResponse = await page.evaluate(async (params) => {
+    const response = await fetch('/api/v1/oauth/token', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+      },
+      body: new URLSearchParams({
+        grant_type: 'authorization_code',
+        client_id: 'tenant-admin-app',
+        code: params.code,
+        redirect_uri: params.redirect_uri,
+        code_verifier: params.code_verifier,
+      }).toString(),
+    });
+    return await response.json();
+  }, tokenParams);
+
+  console.log('Token response:', tokenResponse);
+  expect(tokenResponse.access_token).toBeTruthy();
+
+  const accessToken = tokenResponse.access_token;
+
+  // Call /tenant/me with token
+  const meResponse = await page.evaluate(async (token) => {
+    const response = await fetch('/api/v1/tenant/me', {
+      headers: {
+        'Authorization': `Bearer ${token}`,
+        'Accept': 'application/json',
+      },
+    });
+    return await response.json();
+  }, accessToken);
+
+  console.log('/tenant/me response:', meResponse);
+  expect(meResponse).toHaveProperty('id');
+  expect(meResponse.email).toBe('demo@example.com');
+});