test(quotas): test exhausted cookie handling (#5788)

* fix: remove access interceptor for console

* feat: template quota cookie value

* feat: show dialog on exhausted requests

* test: test quota exhausted screen

* chore: add convencience npm scripts

* test: ensure correct exhausted cookie handling

* fix exhausted cookie handling

* fix: send exhausted cookie from grpc-gateway

* fix linting

* refactor: remove ineffectual err assignments

* create prerelease

* test: simulate upgrading an instance

* run all quota tests

* fix quota exhausted screen

* fix: release

* fix linting

* Update internal/api/grpc/server/gateway.go

Co-authored-by: Livio Spring <livio.a@gmail.com>

* use dynamic host header to find instance

* add instance mgmt url to environment.json

* read instance mgmt from environment.json

* configure console

* fix interceptors

* fix: release

* mgmt url comes from environment.json

* don't check cookie on environment.json

* fix: release

* support hosts with default ports

* fix: release

* fix environment.json path

* fix linting

* docs: update lb example

* print access logs to stdout

* fix grpc gateway exhausted cookies

* update backend

* cleanup

* fix: release

* fix: release

* exclude environment.json from cookie check

* fix: release

* fix: release

* remove cookie before loading env

* use UTC to delete the cookie

* delete cookie before fetching env

* fix: release

* simplify cookie handling

* lint

* fix: set exhausted cookie with env json

* lint

* review cleanup

* fix: release

* use exhausted property from env json

* fix: send exhausted property in env json

* fix bootstrapping

* lint

* fix: release

* always open mgmt link if present

* fix: release

* fix: release

* chore: fetch env json before ng serve

* wait for cookie to be removed

* fix: release

* fix typo

* fix: release

* fix: debug

* fix: delete cookies

* don't wait for cookie to be set

* fix: delete cookies

* cleanup

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>

.releaserc.js

@@ -1,7 +1,7 @@
 module.exports = {
     branches: [
-        {name: 'main'},
-        {name: 'next'},
+        { name: 'main' },
+        { name: 'next' },
     ],
     plugins: [
         "@semantic-release/commit-analyzer"

e2e/config/host.docker.internal/zitadel.yaml

@@ -1,5 +1,5 @@
 Log:
-  Level: debug
+  Level: info
 
 ExternalDomain: host.docker.internal
 ExternalSecure: false
@@ -33,7 +33,10 @@ LogStore:
 Quotas:
   Access:
     ExhaustedCookieKey: "zitadel.quota.limiting"
-    ExhaustedCookieMaxAge: "60s"
+    ExhaustedCookieMaxAge: "600s"
+
+Console:
+  InstanceManagementURL: "https://example.com/instances/{{.InstanceID}}"
 
 Projections:
   Customizations:

e2e/config/localhost/zitadel.yaml

@@ -1,5 +1,5 @@
 Log:
-  Level: debug
+  Level: info
 
 ExternalDomain: localhost
 ExternalSecure: false
@@ -33,7 +33,10 @@ LogStore:
 Quotas:
   Access:
     ExhaustedCookieKey: "zitadel.quota.limiting"
-    ExhaustedCookieMaxAge: "60s"
+    ExhaustedCookieMaxAge: "600s"
+
+Console:
+  InstanceManagementURL: "https://example.com/instances/{{.InstanceID}}"
 
 Projections:
   Customizations:

e2e/cypress/e2e/quotas/quotas.cy.ts

@@ -94,7 +94,7 @@ describe('quotas', () => {
         });
       });
 
-      it('authenticated requests are limited', () => {
+      it('only authenticated requests are limited', () => {
         cy.get<Array<string>>('@authenticatedUrls').then((urls) => {
           cy.get<Context>('@ctx').then((ctx) => {
             const start = new Date();
@@ -109,9 +109,9 @@ describe('quotas', () => {
             });
             expectCookieDoesntExist();
             const expiresMax = new Date();
-            expiresMax.setMinutes(expiresMax.getMinutes() + 2);
+            expiresMax.setMinutes(expiresMax.getMinutes() + 20);
             cy.request({
-              url: urls[0],
+              url: urls[1],
               method: 'GET',
               auth: {
                 bearer: ctx.api.token,
@@ -129,7 +129,19 @@ describe('quotas', () => {
             createHumanUser(ctx.api, testUserName, false).then((res) => {
               expect(res.status).to.equal(429);
             });
+            // visit limited console
+            cy.visit('/users/me');
+            cy.contains('#authenticated-requests-exhausted-dialog button', 'Continue').click();
+            const upgradeInstancePage = `https://example.com/instances/${ctx.instanceId}`;
+            cy.origin(upgradeInstancePage, { args: { upgradeInstancePage } }, ({ upgradeInstancePage }) => {
+              cy.location('href').should('equal', upgradeInstancePage);
+            });
+            // upgrade instance
             ensureQuotaIsRemoved(ctx, Unit.AuthenticatedRequests);
+            // visit upgraded console again
+            cy.visit('/users/me');
+            cy.get('[data-e2e="top-view-title"]');
+            expectCookieDoesntExist();
             createHumanUser(ctx.api, testUserName);
             expectCookieDoesntExist();
           });

e2e/package.json

@@ -8,6 +8,8 @@
     "e2e:golang": "npm run e2e --",
     "open:golangangular": "CYPRESS_BASE_URL=http://localhost:4200 CYPRESS_BACKEND_URL=http://localhost:8080 npm run open --",
     "e2e:golangangular": "CYPRESS_BASE_URL=http://localhost:4200 CYPRESS_BACKEND_URL=http://localhost:8080 npm run e2e --",
+    "open:angulargolang": "npm run open:golangangular --",
+    "e2e:angulargolang": "npm run e2e:golangangular --",
     "open:angular": "CYPRESS_BASE_URL=http://localhost:4200 CYPRESS_BACKEND_URL=http://localhost:8080 CYPRESS_WEBHOOK_HANDLER_HOST=host.docker.internal npm run open --",
     "e2e:angular": "CYPRESS_BASE_URL=http://localhost:4200 CYPRESS_BACKEND_URL=http://localhost:8080 CYPRESS_WEBHOOK_HANDLER_HOST=host.docker.internal npm run e2e --",
     "lint": "prettier --check cypress",