Fix github oAuth spec by using a fresh OTP

Also updates OP executables to the latest version and make OnePassword::CLI class a singleton to cache the session token

Fix github oAuth spec by using a fresh OTP
Also updates OP executables to the latest version and make OnePassword::CLI class a singleton to cache the session token
a12b6fb9 · Sanad Liaquat · Dan Davison · 819289d7 · a12b6fb9 · a12b6fb9
Commit a12b6fb9 authored Jan 10, 2020 by Sanad Liaquat Committed by Dan Davison Jan 10, 2020
5 changed files
--- a/qa/qa/specs/features/browser_ui/1_manage/login/login_via_oauth_spec.rb
+++ b/qa/qa/specs/features/browser_ui/1_manage/login/login_via_oauth_spec.rb
 # frozen_string_literal: true
 module QA
-  # Failure issue: https://gitlab.com/gitlab-org/gitlab/issues/36305
+  context 'Manage', :orchestrated, :oauth do
-  context 'Manage', :orchestrated, :oauth, :skip do
    describe 'OAuth login' do
      it 'User logs in to GitLab with GitHub OAuth' do
        Runtime::Browser.visit(:gitlab, Page::Main::Login)

--- a/qa/qa/vendor/github/page/login.rb
+++ b/qa/qa/vendor/github/page/login.rb
 # frozen_string_literal: true
 require 'capybara/dsl'
+require 'benchmark'
 module QA
  module Vendor
@@ -13,9 +14,15 @@ module QA
            click_on 'Sign in'
            Support::Retrier.retry_until(raise_on_failure: true, sleep_interval: 35) do
-              otp = OnePassword::CLI.new.otp
+              fresh_otp = nil
-              fill_in 'otp', with: otp
+              time = Benchmark.realtime do
+                fresh_otp = OnePassword::CLI.instance.fresh_otp
+              end
+              QA::Runtime::Logger.info("Returned fresh_otp: #{fresh_otp} in #{time} seconds")
+              fill_in 'otp', with: fresh_otp
              click_on 'Verify'

--- a/qa/qa/vendor/one_password/cli.rb
+++ b/qa/qa/vendor/one_password/cli.rb
 # frozen_string_literal: true
+require 'benchmark'
 module QA
  module Vendor
    module OnePassword
      class CLI
+        include Singleton
        def initialize
          @email = QA::Runtime::Env.gitlab_qa_1p_email
          @password = QA::Runtime::Env.gitlab_qa_1p_password
@@ -11,14 +15,39 @@ module QA
          @github_uuid = QA::Runtime::Env.gitlab_qa_1p_github_uuid
        end
-        def otp
+        def fresh_otp
-          `#{op_path} get totp #{@github_uuid} --session=#{session_token}`.to_i
+          otps = []
+          # Fetches a fresh OTP and returns it only after op provides the same OTP twice
+          # An OTP is valid for 30 seconds so 70 attempts with 0.5 interval would ensure we complete 1 cycle
+          Support::Retrier.retry_until(max_attempts: 70, sleep_interval: 0.5) do
+            otps << fetch_otp
+            otps.size >= 3 && otps[-1] == otps[-2] && otps[-1] != otps[-3]
+          end
+          otps.last
        end
        private
+        def fetch_otp
+          result = nil
+          time = Benchmark.realtime do
+            result = `#{op_path} get totp #{@github_uuid} --session=#{session_token}`.to_i
+          end
+          QA::Runtime::Logger.info("Fetched OTP: #{result} in: #{time} seconds")
+          result
+        end
+        # OP session tokens are valid for 30 minutes. We are caching the session token here and this is fine currently
+        # as we just have one test that is not expected to go over 30 minutes.
+        # But note that if we add more tests that use this class, we might need to add a mechanism to invalidate
+        # the cache after 30 minutes or if the session_token is rejected by op CLI.
        def session_token
-          `echo '#{@password}' | #{op_path} signin gitlab.1password.com #{@email} #{@secret} --output=raw --shorthand=gitlab_qa`
+          @session_token ||= `echo '#{@password}' | #{op_path} signin gitlab.1password.com #{@email} #{@secret} --output=raw --shorthand=gitlab_qa`
        end
        def op_path

--- a/qa/qa/vendor/one_password/darwin/op
+++ b/qa/qa/vendor/one_password/darwin/op
--- a/qa/qa/vendor/one_password/linux/op
+++ b/qa/qa/vendor/one_password/linux/op