@thoughtspot/visual-embed-sdk 1.10.0 → 1.10.3

package/lib/src/visual-embed-sdk.d.ts

@@ -1,4 +1,6 @@
 // Generated by dts-bundle v0.7.3
+// Dependencies for this module:
+//   ../../eventemitter3
 
 declare module '@thoughtspot/visual-embed-sdk' {
     /**
@@ -11,11 +13,12 @@ declare module '@thoughtspot/visual-embed-sdk' {
       * @author Ayon Ghosh <ayon.ghosh@thoughtspot.com>
       */
     import { AppEmbed, Page, AppViewConfig } from '@thoughtspot/visual-embed-sdk/embed/app';
-    import { init, prefetch } from '@thoughtspot/visual-embed-sdk/embed/base';
+    import { init, prefetch, logout } from '@thoughtspot/visual-embed-sdk/embed/base';
     import { PinboardEmbed, LiveboardViewConfig, LiveboardEmbed } from '@thoughtspot/visual-embed-sdk/embed/liveboard';
     import { SearchEmbed, SearchViewConfig } from '@thoughtspot/visual-embed-sdk/embed/search';
+    import { AuthFailureType, AuthStatus } from '@thoughtspot/visual-embed-sdk/auth';
     import { AuthType, RuntimeFilter, RuntimeFilterOp, EmbedEvent, HostEvent, DataSourceVisualMode, Action, EmbedConfig } from '@thoughtspot/visual-embed-sdk/types';
-    export { init, prefetch, SearchEmbed, PinboardEmbed, LiveboardEmbed, AppEmbed, Page, AuthType, RuntimeFilter, RuntimeFilterOp, EmbedEvent, HostEvent, DataSourceVisualMode, Action, EmbedConfig, SearchViewConfig, LiveboardViewConfig, AppViewConfig, };
+    export { init, logout, prefetch, SearchEmbed, PinboardEmbed, LiveboardEmbed, AppEmbed, AuthFailureType, AuthStatus, Page, AuthType, RuntimeFilter, RuntimeFilterOp, EmbedEvent, HostEvent, DataSourceVisualMode, Action, EmbedConfig, SearchViewConfig, LiveboardViewConfig, AppViewConfig, };
 }
 
 declare module '@thoughtspot/visual-embed-sdk/embed/app' {
@@ -134,14 +137,27 @@ declare module '@thoughtspot/visual-embed-sdk/embed/app' {
 }
 
 declare module '@thoughtspot/visual-embed-sdk/embed/base' {
+    /**
+        * Copyright (c) 2022
+        *
+        * Base classes
+        *
+        * @summary Base classes
+        * @author Ayon Ghosh <ayon.ghosh@thoughtspot.com>
+        */
+    import EventEmitter from 'eventemitter3';
     import { EmbedConfig } from '@thoughtspot/visual-embed-sdk/types';
-    export let authPromise: Promise<void>;
+    import { AuthFailureType } from '@thoughtspot/visual-embed-sdk/auth';
+    export let authPromise: Promise<boolean>;
+    export const getEmbedConfig: () => EmbedConfig;
+    export const getAuthPromise: () => Promise<boolean>;
+    export function notifyAuthSuccess(): void;
+    export function notifyAuthFailure(failureType: AuthFailureType): void;
+    export function notifyLogout(): void;
     /**
         * Perform authentication on the ThoughtSpot app as applicable.
         */
-    export const handleAuth: () => Promise<void>;
-    export const getEmbedConfig: () => EmbedConfig;
-    export const getAuthPromise: () => Promise<void>;
+    export const handleAuth: () => Promise<boolean>;
     /**
         * Prefetches static resources from the specified URL. Web browsers can then cache the prefetched resources and serve them from the user's local disk to provide faster access to your app.
         * @param url The URL provided for prefetch
@@ -153,14 +169,31 @@ declare module '@thoughtspot/visual-embed-sdk/embed/base' {
         * @param embedConfig The configuration object containing ThoughtSpot host,
         * authentication mechanism and so on.
         *
-        * @returns authPromise Promise which resolves when authentication is complete.
+        * eg: authStatus = init(config);
+        * authStatus.on(AuthStatus.FAILURE, (reason) => { // do something here });
+        *
+        * @returns event emitter which emits events on authentication success, failure and logout. {@link AuthStatus}
         */
-    export const init: (embedConfig: EmbedConfig) => Promise<void>;
+    export const init: (embedConfig: EmbedConfig) => EventEmitter;
+    export function disableAutoLogin(): void;
+    /**
+        * Logout from ThoughtSpot. This also sets the autoLogin flag to false, to prevent
+        * the SDK from automatically logging in again.
+        *
+        * You can call the `init` method again to re login, if autoLogin is set to true in this
+        * second call it will be honored.
+        *
+        * @param doNotDisableAutoLogin This flag when passed will not disable autoLogin
+        * @returns Promise which resolves when logout completes.
+        * @version SDK: 1.10.1 | ThoughtSpot: *
+        */
+    export const logout: (doNotDisableAutoLogin?: boolean) => Promise<boolean>;
     /**
         * Renders functions in a queue, resolves to next function only after the callback next is called
         * @param fn The function being registered
         */
     export const renderInQueue: (fn: (next?: (val?: any) => void) => void) => void;
+    export function reset(): void;
 }
 
 declare module '@thoughtspot/visual-embed-sdk/embed/liveboard' {
@@ -357,6 +390,65 @@ declare module '@thoughtspot/visual-embed-sdk/embed/search' {
     export {};
 }
 
+declare module '@thoughtspot/visual-embed-sdk/auth' {
+    import { EmbedConfig } from '@thoughtspot/visual-embed-sdk/types';
+    export let loggedInStatus: boolean;
+    export let samlAuthWindow: Window;
+    export let samlCompletionPromise: Promise<void>;
+    export let sessionInfo: any;
+    export const SSO_REDIRECTION_MARKER_GUID = "5e16222e-ef02-43e9-9fbd-24226bf3ce5b";
+    export const EndPoints: {
+            AUTH_VERIFICATION: string;
+            SAML_LOGIN_TEMPLATE: (targetUrl: string) => string;
+            OIDC_LOGIN_TEMPLATE: (targetUrl: string) => string;
+            TOKEN_LOGIN: string;
+            BASIC_LOGIN: string;
+            LOGOUT: string;
+    };
+    export enum AuthFailureType {
+            SDK = "SDK",
+            NO_COOKIE_ACCESS = "NO_COOKIE_ACCESS",
+            EXPIRY = "EXPIRY",
+            OTHER = "OTHER"
+    }
+    export enum AuthStatus {
+            FAILURE = "FAILURE",
+            SUCCESS = "SUCCESS",
+            LOGOUT = "LOGOUT"
+    }
+    /**
+        * Return sessionInfo if available else make a loggedIn check to fetch the sessionInfo
+        */
+    export function getSessionInfo(): any;
+    export function initSession(sessionDetails: any): void;
+    /**
+        * Perform token based authentication
+        * @param embedConfig The embed configuration
+        */
+    export const doTokenAuth: (embedConfig: EmbedConfig) => Promise<boolean>;
+    /**
+        * Perform basic authentication to the ThoughtSpot cluster using the cluster
+        * credentials.
+        *
+        * Warning: This feature is primarily intended for developer testing. It is
+        * strongly advised not to use this authentication method in production.
+        * @param embedConfig The embed configuration
+        */
+    export const doBasicAuth: (embedConfig: EmbedConfig) => Promise<boolean>;
+    export const doSamlAuth: (embedConfig: EmbedConfig) => Promise<boolean>;
+    export const doOIDCAuth: (embedConfig: EmbedConfig) => Promise<boolean>;
+    export const logout: (embedConfig: EmbedConfig) => Promise<boolean>;
+    /**
+        * Perform authentication on the ThoughtSpot cluster
+        * @param embedConfig The embed configuration
+        */
+    export const authenticate: (embedConfig: EmbedConfig) => Promise<boolean>;
+    /**
+        * Check if we are authenticated to the ThoughtSpot cluster
+        */
+    export const isAuthenticated: () => boolean;
+}
+
 declare module '@thoughtspot/visual-embed-sdk/types' {
     /**
         * The authentication mechanism for allowing access to the
@@ -442,6 +534,15 @@ declare module '@thoughtspot/visual-embed-sdk/types' {
                 * @default false
                 */
             noRedirect?: boolean;
+            /**
+                * [SSO] For SSO Authentication, one can supply an optional path param,
+                * this will be the path on the host origin where the SAML flow will be
+                * terminated.
+                *
+                * Eg: "/dashboard", "#/foo" [Do not include the host]
+                * @version SDK: 1.10.2 | ThoughtSpot: *
+                */
+            redirectPath?: string;
             /** @internal */
             basepath?: string;
             /**
@@ -471,6 +572,11 @@ declare module '@thoughtspot/visual-embed-sdk/types' {
                 * @default false
                 */
             disableLoginRedirect?: boolean;
+            /**
+                * This message is displayed on the embed view when the login fails.
+                * @version 1.10.1 | ThoughtSpot: *
+                */
+            loginFailedMessage?: string;
             /**
                 * Calls the prefetch method internally when set to true
                 * @default false
@@ -684,6 +790,16 @@ declare module '@thoughtspot/visual-embed-sdk/types' {
                 * The ThoughtSpot auth session has expired.
                 */
             AuthExpire = "ThoughtspotAuthExpired",
+            /**
+                * ThoughtSpot failed to validate the auth session.
+                * @hidden
+                */
+            AuthFailure = "ThoughtspotAuthFailure",
+            /**
+                * ThoughtSpot failed to validate the auth session.
+                * @hidden
+                */
+            AuthLogout = "ThoughtspotAuthLogout",
             /**
                 * The height of the embedded Liveboard or visualization has been computed.
                 * @return data - The height of the embedded Liveboard or visualization

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@thoughtspot/visual-embed-sdk",
-    "version": "1.10.0",
+    "version": "1.10.3",
     "description": "ThoughtSpot Embed SDK",
     "module": "lib/src/index.js",
     "main": "dist/tsembed.js",
@@ -44,6 +44,7 @@
     "dependencies": {
         "algoliasearch": "^4.10.5",
         "classnames": "^2.3.1",
+        "eventemitter3": "^4.0.7",
         "mixpanel-browser": "^2.41.0"
     },
     "devDependencies": {

package/src/auth.spec.ts

@@ -9,12 +9,12 @@ const password = '12345678';
 const samalLoginUrl = `${thoughtSpotHost}/callosum/v1/saml/login?targetURLPath=%235e16222e-ef02-43e9-9fbd-24226bf3ce5b`;
 
 const embedConfig: any = {
-    doTokenAuthSuccess: {
+    doTokenAuthSuccess: (token: string) => ({
         thoughtSpotHost,
         username,
         authEndpoint: 'auth',
-        getAuthToken: jest.fn(() => Promise.resolve('authToken')),
-    },
+        getAuthToken: jest.fn(() => Promise.resolve(token)),
+    }),
     doTokenAuthFailureWithoutAuthEndPoint: {
         thoughtSpotHost,
         username,
@@ -35,9 +35,15 @@ const embedConfig: any = {
     doSamlAuth: {
         thoughtSpotHost,
     },
+    doOidcAuth: {
+        thoughtSpotHost,
+    },
     SSOAuth: {
         authType: AuthType.SSO,
     },
+    OIDCAuth: {
+        authType: AuthType.OIDC,
+    },
     authServerFailure: {
         thoughtSpotHost,
         username,
@@ -107,12 +113,14 @@ describe('Unit test for auth', () => {
                 status: 200,
             }),
         );
-        await authInstance.doTokenAuth(embedConfig.doTokenAuthSuccess);
+        await authInstance.doTokenAuth(
+            embedConfig.doTokenAuthSuccess('authToken'),
+        );
         expect(authService.fetchSessionInfoService).toBeCalled();
         expect(authInstance.loggedInStatus).toBe(true);
     });
 
-    test('doTokenAuth: when user is not loggedIn & getAuthToken have response, isLoggedIn should called', async () => {
+    test('doTokenAuth: when user is not loggedIn & getAuthToken have response', async () => {
         jest.spyOn(authService, 'fetchSessionInfoService').mockImplementation(
             () => false,
         );
@@ -120,13 +128,19 @@ describe('Unit test for auth', () => {
             authService,
             'fetchAuthTokenService',
         ).mockImplementation(() => ({ text: () => Promise.resolve('abc') }));
-        jest.spyOn(authService, 'fetchAuthService');
-        await authInstance.doTokenAuth(embedConfig.doTokenAuthSuccess);
+        jest.spyOn(authService, 'fetchAuthService').mockImplementation(() =>
+            Promise.resolve({
+                status: 200,
+            }),
+        );
+        await authInstance.doTokenAuth(
+            embedConfig.doTokenAuthSuccess('authToken2'),
+        );
         expect(authService.fetchSessionInfoService).toBeCalled();
         expect(authService.fetchAuthService).toBeCalledWith(
             thoughtSpotHost,
             username,
-            'authToken',
+            'authToken2',
         );
     });
 
@@ -140,7 +154,12 @@ describe('Unit test for auth', () => {
         ).mockImplementation(() =>
             Promise.resolve({ text: () => Promise.resolve('abc') }),
         );
-        jest.spyOn(authService, 'fetchAuthService');
+        jest.spyOn(authService, 'fetchAuthService').mockImplementation(() =>
+            Promise.resolve({
+                status: 200,
+                ok: true,
+            }),
+        );
         await authInstance.doTokenAuth(
             embedConfig.doTokenAuthFailureWithoutGetAuthToken,
         );
@@ -155,6 +174,38 @@ describe('Unit test for auth', () => {
         });
     });
 
+    test('doTokenAuth: Should raise error when duplicate token is used', async () => {
+        jest.spyOn(authService, 'fetchSessionInfoService').mockResolvedValue({
+            status: 401,
+        });
+        jest.spyOn(window, 'alert').mockClear();
+        jest.spyOn(window, 'alert').mockReturnValue(undefined);
+        jest.spyOn(authService, 'fetchAuthService').mockReset();
+        jest.spyOn(authService, 'fetchAuthService').mockImplementation(() =>
+            Promise.resolve({
+                status: 200,
+                ok: true,
+            }),
+        );
+        await authInstance.doTokenAuth(
+            embedConfig.doTokenAuthSuccess('authToken3'),
+        );
+
+        try {
+            await authInstance.doTokenAuth(
+                embedConfig.doTokenAuthSuccess('authToken3'),
+            );
+            expect(false).toBe(true);
+        } catch (e) {
+            expect(e.message).toContain('Duplicate token');
+        }
+        await executeAfterWait(() => {
+            expect(authInstance.loggedInStatus).toBe(false);
+            expect(window.alert).toBeCalled();
+            expect(authService.fetchAuthService).toHaveBeenCalledTimes(1);
+        });
+    });
+
     describe('doBasicAuth', () => {
         beforeEach(() => {
             global.fetch = window.fetch;
@@ -181,7 +232,7 @@ describe('Unit test for auth', () => {
             jest.spyOn(
                 authService,
                 'fetchBasicAuthService',
-            ).mockImplementation(() => ({ status: 200 }));
+            ).mockImplementation(() => ({ status: 200, ok: true }));
 
             await authInstance.doBasicAuth(embedConfig.doBasicAuth);
             expect(authService.fetchSessionInfoService).toBeCalled();
@@ -253,6 +304,7 @@ describe('Unit test for auth', () => {
                 },
             });
             spyOn(authInstance, 'samlCompletionPromise');
+            global.window.open = jest.fn();
             jest.spyOn(
                 authService,
                 'fetchSessionInfoService',
@@ -263,8 +315,28 @@ describe('Unit test for auth', () => {
                     ...embedConfig.doSamlAuth,
                     noRedirect: true,
                 }),
-            ).toBe(undefined);
+            ).toBe(true);
+            expect(authService.fetchSessionInfoService).toBeCalled();
+        });
+    });
+
+    describe('doOIDCAuth', () => {
+        afterEach(() => {
+            delete global.window;
+            global.window = Object.create(originalWindow);
+            global.window.open = jest.fn();
+            global.fetch = window.fetch;
+        });
+
+        it('when user is not loggedIn & isAtSSORedirectUrl is true', async () => {
+            jest.spyOn(
+                authService,
+                'fetchSessionInfoService',
+            ).mockImplementation(() => Promise.reject());
+            await authInstance.doOIDCAuth(embedConfig.doOidcAuth);
             expect(authService.fetchSessionInfoService).toBeCalled();
+            expect(window.location.hash).toBe('');
+            expect(authInstance.loggedInStatus).toBe(false);
         });
     });
 
@@ -275,6 +347,13 @@ describe('Unit test for auth', () => {
         expect(authInstance.doSamlAuth).toBeCalled();
     });
 
+    it('authenticate: when authType is OIDC', async () => {
+        jest.spyOn(authInstance, 'doOIDCAuth');
+        await authInstance.authenticate(embedConfig.OIDCAuth);
+        expect(window.location.hash).toBe('');
+        expect(authInstance.doOIDCAuth).toBeCalled();
+    });
+
     it('authenticate: when authType is AuthServer', async () => {
         spyOn(authInstance, 'doTokenAuth');
         await authInstance.authenticate(embedConfig.authServerFailure);

package/src/auth.ts

@@ -1,12 +1,13 @@
 import { initMixpanel } from './mixpanel-service';
 import { AuthType, EmbedConfig, EmbedEvent } from './types';
-import { appendToUrlHash } from './utils';
+import { getRedirectUrl } from './utils';
 // eslint-disable-next-line import/no-cycle
 import {
     fetchSessionInfoService,
     fetchAuthTokenService,
     fetchAuthService,
     fetchBasicAuthService,
+    fetchLogoutService,
 } from './utils/authService';
 
 // eslint-disable-next-line import/no-mutable-exports
@@ -29,8 +30,22 @@ export const EndPoints = {
         `/callosum/v1/oidc/login?targetURLPath=${targetUrl}`,
     TOKEN_LOGIN: '/callosum/v1/session/login/token',
     BASIC_LOGIN: '/callosum/v1/session/login',
+    LOGOUT: '/callosum/v1/session/logout',
 };
 
+export enum AuthFailureType {
+    SDK = 'SDK',
+    NO_COOKIE_ACCESS = 'NO_COOKIE_ACCESS',
+    EXPIRY = 'EXPIRY',
+    OTHER = 'OTHER',
+}
+
+export enum AuthStatus {
+    FAILURE = 'FAILURE',
+    SUCCESS = 'SUCCESS',
+    LOGOUT = 'LOGOUT',
+}
+
 /**
  * Check if we are logged into the ThoughtSpot cluster
  * @param thoughtSpotHost The ThoughtSpot cluster hostname or IP
@@ -58,6 +73,19 @@ export function initSession(sessionDetails: any) {
     initMixpanel(sessionInfo);
 }
 
+const DUPLICATE_TOKEN_ERR =
+    'Duplicate token, please issue a new token every time getAuthToken callback is called.' +
+    'See https://developers.thoughtspot.com/docs/?pageid=embed-auth#trusted-auth-embed for more details.';
+let prevAuthToken: string = null;
+function alertForDuplicateToken(authtoken: string) {
+    if (prevAuthToken === authtoken) {
+        // eslint-disable-next-line no-alert
+        alert(DUPLICATE_TOKEN_ERR);
+        throw new Error(DUPLICATE_TOKEN_ERR);
+    }
+    prevAuthToken = authtoken;
+}
+
 /**
  * Check if we are stuck at the SSO redirect URL
  */
@@ -83,7 +111,9 @@ function removeSSORedirectUrlMarker(): void {
  * Perform token based authentication
  * @param embedConfig The embed configuration
  */
-export const doTokenAuth = async (embedConfig: EmbedConfig): Promise<void> => {
+export const doTokenAuth = async (
+    embedConfig: EmbedConfig,
+): Promise<boolean> => {
     const {
         thoughtSpotHost,
         username,
@@ -95,20 +125,25 @@ export const doTokenAuth = async (embedConfig: EmbedConfig): Promise<void> => {
             'Either auth endpoint or getAuthToken function must be provided',
         );
     }
-    const loggedIn = await isLoggedIn(thoughtSpotHost);
-    if (!loggedIn) {
+    loggedInStatus = await isLoggedIn(thoughtSpotHost);
+    if (!loggedInStatus) {
         let authToken = null;
         if (getAuthToken) {
             authToken = await getAuthToken();
+            alertForDuplicateToken(authToken);
         } else {
             const response = await fetchAuthTokenService(authEndpoint);
             authToken = await response.text();
         }
-        await fetchAuthService(thoughtSpotHost, username, authToken);
-        loggedInStatus = false;
+        const resp = await fetchAuthService(
+            thoughtSpotHost,
+            username,
+            authToken,
+        );
+        // token login issues a 302 when successful
+        loggedInStatus = resp.ok || resp.type === 'opaqueredirect';
     }
-
-    loggedInStatus = true;
+    return loggedInStatus;
 };
 
 /**
@@ -119,7 +154,9 @@ export const doTokenAuth = async (embedConfig: EmbedConfig): Promise<void> => {
  * strongly advised not to use this authentication method in production.
  * @param embedConfig The embed configuration
  */
-export const doBasicAuth = async (embedConfig: EmbedConfig): Promise<void> => {
+export const doBasicAuth = async (
+    embedConfig: EmbedConfig,
+): Promise<boolean> => {
     const { thoughtSpotHost, username, password } = embedConfig;
     const loggedIn = await isLoggedIn(thoughtSpotHost);
     if (!loggedIn) {
@@ -128,10 +165,11 @@ export const doBasicAuth = async (embedConfig: EmbedConfig): Promise<void> => {
             username,
             password,
         );
-        loggedInStatus = response.status === 200;
+        loggedInStatus = response.ok;
+    } else {
+        loggedInStatus = true;
     }
-
-    loggedInStatus = true;
+    return loggedInStatus;
 };
 
 async function samlPopupFlow(ssoURL: string) {
@@ -198,6 +236,7 @@ const doSSOAuth = async (
     const ssoURL = `${thoughtSpotHost}${ssoEndPoint}`;
     if (embedConfig.noRedirect) {
         await samlPopupFlow(ssoURL);
+        loggedInStatus = true;
         return;
     }
 
@@ -210,7 +249,11 @@ export const doSamlAuth = async (embedConfig: EmbedConfig) => {
     // again and the same JS will execute again.
     const ssoRedirectUrl = embedConfig.noRedirect
         ? `${thoughtSpotHost}/v2/#/embed/saml-complete`
-        : appendToUrlHash(window.location.href, SSO_REDIRECTION_MARKER_GUID);
+        : getRedirectUrl(
+              window.location.href,
+              SSO_REDIRECTION_MARKER_GUID,
+              embedConfig.redirectPath,
+          );
 
     // bring back the page to the same URL
     const ssoEndPoint = `${EndPoints.SAML_LOGIN_TEMPLATE(
@@ -218,6 +261,7 @@ export const doSamlAuth = async (embedConfig: EmbedConfig) => {
     )}`;
 
     await doSSOAuth(embedConfig, ssoEndPoint);
+    return loggedInStatus;
 };
 
 export const doOIDCAuth = async (embedConfig: EmbedConfig) => {
@@ -226,7 +270,11 @@ export const doOIDCAuth = async (embedConfig: EmbedConfig) => {
     // again and the same JS will execute again.
     const ssoRedirectUrl = embedConfig.noRedirect
         ? `${thoughtSpotHost}/v2/#/embed/saml-complete`
-        : appendToUrlHash(window.location.href, SSO_REDIRECTION_MARKER_GUID);
+        : getRedirectUrl(
+              window.location.href,
+              SSO_REDIRECTION_MARKER_GUID,
+              embedConfig.redirectPath,
+          );
 
     // bring back the page to the same URL
     const ssoEndPoint = `${EndPoints.OIDC_LOGIN_TEMPLATE(
@@ -234,13 +282,23 @@ export const doOIDCAuth = async (embedConfig: EmbedConfig) => {
     )}`;
 
     await doSSOAuth(embedConfig, ssoEndPoint);
+    return loggedInStatus;
+};
+
+export const logout = async (embedConfig: EmbedConfig): Promise<boolean> => {
+    const { thoughtSpotHost } = embedConfig;
+    const response = await fetchLogoutService(thoughtSpotHost);
+    loggedInStatus = false;
+    return loggedInStatus;
 };
 
 /**
  * Perform authentication on the ThoughtSpot cluster
  * @param embedConfig The embed configuration
  */
-export const authenticate = async (embedConfig: EmbedConfig): Promise<void> => {
+export const authenticate = async (
+    embedConfig: EmbedConfig,
+): Promise<boolean> => {
     const { authType } = embedConfig;
     switch (authType) {
         case AuthType.SSO:
@@ -252,7 +310,7 @@ export const authenticate = async (embedConfig: EmbedConfig): Promise<void> => {
         case AuthType.Basic:
             return doBasicAuth(embedConfig);
         default:
-            return Promise.resolve();
+            return Promise.resolve(true);
     }
 };
 

package/src/embed/base.spec.ts

@@ -1,4 +1,7 @@
+import EventEmitter from 'eventemitter3';
+import * as auth from '../auth';
 import * as index from '../index';
+import * as base from './base';
 import {
     executeAfterWait,
     getAllIframeEl,
@@ -9,10 +12,11 @@ import {
 } from '../test/test-utils';
 
 const thoughtSpotHost = 'tshost';
+let authEE: EventEmitter;
 
 describe('Base TS Embed', () => {
     beforeAll(() => {
-        index.init({
+        authEE = index.init({
             thoughtSpotHost,
             authType: index.AuthType.None,
         });
@@ -38,10 +42,12 @@ describe('Base TS Embed', () => {
             },
             '*',
         );
-
-        jest.spyOn(window, 'alert').mockImplementation(() => {
+        jest.spyOn(window, 'alert').mockReset();
+        jest.spyOn(window, 'alert').mockImplementation(() => undefined);
+        authEE.on(auth.AuthStatus.FAILURE, (reason) => {
+            expect(reason).toEqual(auth.AuthFailureType.NO_COOKIE_ACCESS);
             expect(window.alert).toBeCalledWith(
-                'Third party cookie access is blocked on this browser, please allow third party cookies for ThoughtSpot to work properly',
+                'Third party cookie access is blocked on this browser, please allow third party cookies for this to work properly. \nYou can use `suppressNoCookieAccessAlert` to suppress this message.',
             );
             done();
         });
@@ -92,4 +98,52 @@ describe('Base TS Embed', () => {
             expect(getIFrameSrc()).toContain('disableLoginRedirect=true');
         });
     });
+
+    test('handleAuth notifies for SDK auth failure', (done) => {
+        jest.spyOn(auth, 'authenticate').mockResolvedValue(false);
+        const authEmitter = index.init({
+            thoughtSpotHost,
+            authType: index.AuthType.Basic,
+            username: 'test',
+            password: 'test',
+        });
+        authEmitter.on(auth.AuthStatus.FAILURE, (reason) => {
+            expect(reason).toBe(auth.AuthFailureType.SDK);
+            done();
+        });
+    });
+
+    test('Logout method should disable autoLogin', () => {
+        jest.spyOn(window, 'fetch').mockResolvedValue({
+            type: 'opaque',
+        });
+        index.init({
+            thoughtSpotHost,
+            authType: index.AuthType.None,
+            autoLogin: true,
+        });
+        index.logout();
+        expect(window.fetch).toHaveBeenCalledWith(
+            `http://${thoughtSpotHost}${auth.EndPoints.LOGOUT}`,
+            {
+                credentials: 'include',
+                headers: {
+                    'x-requested-by': 'ThoughtSpot',
+                },
+                method: 'POST',
+            },
+        );
+        expect(base.getEmbedConfig().autoLogin).toBe(false);
+    });
+});
+
+describe('Base without init', () => {
+    test('notify should error when called without init', () => {
+        base.reset();
+        jest.spyOn(global.console, 'error').mockImplementation(() => undefined);
+        base.notifyAuthSuccess();
+        base.notifyAuthFailure(auth.AuthFailureType.SDK);
+        base.notifyLogout();
+        expect(global.console.error).toHaveBeenCalledTimes(3);
+    });
 });