From 8f0f9ffcc252c0363fe7c27ac5eed57c497051e1 Mon Sep 17 00:00:00 2001 From: mantrakp04 Date: Tue, 28 Apr 2026 16:15:55 -0700 Subject: [PATCH] fix oidc federation e2e error assertions --- .claude/CLAUDE-KNOWLEDGE.md | 3 +++ .../endpoints/api/v1/auth/oidc-federation/exchange.test.ts | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.claude/CLAUDE-KNOWLEDGE.md b/.claude/CLAUDE-KNOWLEDGE.md index 17168ea6b..a0e660615 100644 --- a/.claude/CLAUDE-KNOWLEDGE.md +++ b/.claude/CLAUDE-KNOWLEDGE.md @@ -367,3 +367,6 @@ A: Invalid `tools` entries are rejected by `requestBodySchema` in `apps/backend/ ## Q: Why did the internal metrics E2E snapshots need to change in April 2026? A: The `/api/v1/internal/metrics` response now intentionally includes `analytics_overview.daily_anonymous_visitors_fallback`, `analytics_overview.anonymous_visitors_fallback`, and `active_users_by_country`. Those additions are reflected in `packages/stack-shared/src/interface/admin-metrics.ts` and the backend route, so the E2E snapshots must include them instead of treating them as regressions. + +## Q: What body shape should E2E tests expect from backend `StatusError` responses? +A: `StatusError.getBody()` returns the error message as a plain text response body with `Content-Type: text/plain; charset=utf-8`. E2E tests using `niceBackendFetch` should assert against `response.body` directly, for example `expect(response.body).toBe("invalid_grant")`, not `response.body.error`. diff --git a/apps/e2e/tests/backend/endpoints/api/v1/auth/oidc-federation/exchange.test.ts b/apps/e2e/tests/backend/endpoints/api/v1/auth/oidc-federation/exchange.test.ts index 4052d82ff..b67371490 100644 --- a/apps/e2e/tests/backend/endpoints/api/v1/auth/oidc-federation/exchange.test.ts +++ b/apps/e2e/tests/backend/endpoints/api/v1/auth/oidc-federation/exchange.test.ts @@ -179,7 +179,7 @@ it("rejects when no trust policies are enabled", async ({ expect }) => { const token = await mockIdp.signToken({ sub: "workload-1" }, { audience: "anything" }); const response = await postExchange({ subject_token: token, projectId }); expect(response.status).toBe(400); - expect(response.body.error).toBe("invalid_grant"); + expect(response.body).toBe("invalid_grant"); }); it("rejects when the audience doesn't match the policy", async ({ expect }) => { @@ -217,7 +217,7 @@ it("rejects when a StringEquals claim condition fails", async ({ expect }) => { ); const response = await postExchange({ subject_token: token, projectId }); expect(response.status).toBe(400); - expect(response.body.error).toBe("invalid_grant"); + expect(response.body).toBe("invalid_grant"); expect(JSON.stringify(response.body)).not.toContain("StringEquals"); });