Skip to content

AUT-1462: Playwright harness to reproduce the intermittent stg redirect loop#20

Open
shoffman-smartling wants to merge 1 commit into
masterfrom
aut-1462-playwright-repro-harness
Open

AUT-1462: Playwright harness to reproduce the intermittent stg redirect loop#20
shoffman-smartling wants to merge 1 commit into
masterfrom
aut-1462-playwright-repro-harness

Conversation

@shoffman-smartling

Copy link
Copy Markdown

Summary

  • Adds test/playwright-repro/, a self-contained Playwright harness that provisions a throwaway, per-client-scoped stg Keycloak client + test user and drives real Chrome through this repo's own keycloak-connect middleware (via a minimal fixture app) to try to trigger the intermittent KC26 session-cap redirect loop on demand.
  • provision.js is dry-run by default, scoped to stg only, and guarded so it can never create/modify/delete anything it doesn't already own (see README "Safety model").
  • Along the way, surfaced a real, separate defect in grant-manager.js's refresh_token handling for public clients: AUT-1468.
  • Full details, setup steps, and everything learned about stg's environment quirks (two-hostname split, realm-scoped vs master admin, login theme behavior) are in test/playwright-repro/README.md. ROADMAP-dashboard.md sketches what it'd take to extend this to the real tms-dashboard-app.

Current status

0/6 iterations reproduced the loop against current master (1 single-tab + 5 two-tab runs) - clean in every case, no errors. Per the README's own guidance, this isn't trustworthy as a "no repro" result yet until the harness is validated against the known pre-fix bug (checking out the commit before cbef5ad) - that's the natural next step.

Test plan

  • cd test/playwright-repro && npm install, copy .env.example to .env with your own stg admin credentials (must be a Smartling-realm admin, not master - see README)
  • npm run provision:plan then npm run provision:apply
  • node repro.js --iterations=1 --tabs=1 --headed to watch one run
  • Validate against the pre-fix commit (parent of cbef5ad) to confirm the harness actually catches the known bug before trusting further "no repro" results

🤖 Generated with Claude Code

…direct loop

Adds test/playwright-repro/, a self-contained tool that provisions a
throwaway, per-client-scoped stg Keycloak client + test user (dry-run by
default, guarded against touching anything it didn't create), then drives
real Chrome through this repo's own keycloak-connect middleware (via a
minimal fixture app) to try to trigger the KC26 session-cap redirect loop
on demand instead of by luck.

Along the way, confirmed and worked around several environment specifics
(public vs internal Keycloak hostnames, realm-scoped vs master admin
accounts, the stg login theme's two-step form), and surfaced a real,
separate defect in grant-manager.js's refresh_token handling for public
clients, tracked as AUT-1468.

Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
@@ -0,0 +1,73 @@
'use strict';

// Minimal Express app built on THIS repo's own keycloak-connect code (not

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a fascinating idea to isolate and test the problem. However, we have two additional layers that could introduce additional business logic (smartling-express/security and ti-next/tms-dashboard-app).
I believe it makes sense to use the smartling-express/security library to create this app.

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adding additional layers on the framework, eventually getting to full e2e dashboard/CAT tool operations is an end goal, but starting at the lowest level and adding levels sequentially allows us to isolate issues between the levels at this critical phase.

entirely in this code, so testing it in isolation is sufficient to reproduce
and diagnose it.

**Does NOT (yet):** touch `tms-dashboard-app`, `ti-next`, `wa`, or any other

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for this scaffold project. I'm sure it will save us time to create the second test tomorrow (or on Fri).
To team: Guys, you are welcome to challenge the LLM to create it while DmitryM is working on a new dirty hack.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants