From be4e34d0c06cc7c8a27014c76e62e147e723eaf5 Mon Sep 17 00:00:00 2001 From: Andrew Keesler Date: Tue, 15 Dec 2020 11:30:06 -0500 Subject: [PATCH] Retry a couple of times if we fail to get a token from the Supervisor I hope this will make TestSupervisorLogin less flaky. There are some instances where the front half of the OIDC login flow happens so fast that the JWKS controller doesn't have time to properly generate an asymmetric key. Signed-off-by: Andrew Keesler --- test/integration/supervisor_login_test.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/test/integration/supervisor_login_test.go b/test/integration/supervisor_login_test.go index ed4ca1ebf..6fa7875fb 100644 --- a/test/integration/supervisor_login_test.go +++ b/test/integration/supervisor_login_test.go @@ -165,8 +165,12 @@ func TestSupervisorLogin(t *testing.T) { authcode := callback.URL.Query().Get("code") require.NotEmpty(t, authcode) - // Call the token endpoint to get tokens. - tokenResponse, err := downstreamOAuth2Config.Exchange(oidcHTTPClientContext, authcode, pkceParam.Verifier()) + // Call the token endpoint to get tokens. Give the Supervisor a couple of seconds to wire up its signing key. + var tokenResponse *oauth2.Token + assert.Eventually(t, func() bool { + tokenResponse, err = downstreamOAuth2Config.Exchange(oidcHTTPClientContext, authcode, pkceParam.Verifier()) + return err == nil + }, time.Second*5, time.Second*1) require.NoError(t, err) expectedIDTokenClaims := []string{"iss", "exp", "sub", "aud", "auth_time", "iat", "jti", "nonce", "rat"}