2014-11-06 23:59:48 +01:00
|
|
|
/**
|
2017-01-11 16:24:33 +01:00
|
|
|
* Copyright JS Foundation and other contributors, http://js.foundation
|
2014-11-06 23:59:48 +01:00
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
**/
|
2015-07-15 23:43:24 +02:00
|
|
|
|
2014-11-06 23:59:48 +01:00
|
|
|
var should = require("should");
|
2015-01-28 23:41:13 +01:00
|
|
|
var when = require("when");
|
2014-11-06 23:59:48 +01:00
|
|
|
var sinon = require("sinon");
|
|
|
|
|
|
|
|
var passport = require("passport");
|
|
|
|
|
|
|
|
var auth = require("../../../../red/api/auth");
|
2015-03-25 21:32:40 +01:00
|
|
|
var Users = require("../../../../red/api/auth/users");
|
2015-01-28 23:41:13 +01:00
|
|
|
var Tokens = require("../../../../red/api/auth/tokens");
|
2014-11-06 23:59:48 +01:00
|
|
|
|
2015-11-11 23:11:02 +01:00
|
|
|
describe("api auth middleware",function() {
|
2014-11-06 23:59:48 +01:00
|
|
|
|
|
|
|
|
2015-07-15 23:43:24 +02:00
|
|
|
|
2014-11-06 23:59:48 +01:00
|
|
|
describe("ensureClientSecret", function() {
|
2015-11-11 23:11:02 +01:00
|
|
|
before(function() {
|
|
|
|
auth.init({settings:{},log:{audit:function(){}}})
|
|
|
|
});
|
2014-11-06 23:59:48 +01:00
|
|
|
it("leaves client_secret alone if not present",function(done) {
|
|
|
|
var req = {
|
|
|
|
body: {
|
|
|
|
client_secret: "test_value"
|
|
|
|
}
|
|
|
|
};
|
|
|
|
auth.ensureClientSecret(req,null,function() {
|
|
|
|
req.body.should.have.a.property("client_secret","test_value");
|
|
|
|
done();
|
|
|
|
})
|
|
|
|
});
|
|
|
|
it("applies a default client_secret if not present",function(done) {
|
|
|
|
var req = {
|
|
|
|
body: { }
|
|
|
|
};
|
|
|
|
auth.ensureClientSecret(req,null,function() {
|
|
|
|
req.body.should.have.a.property("client_secret","not_available");
|
|
|
|
done();
|
|
|
|
})
|
|
|
|
});
|
|
|
|
});
|
2015-07-15 23:43:24 +02:00
|
|
|
|
2015-01-28 23:41:13 +01:00
|
|
|
describe("revoke", function() {
|
|
|
|
it("revokes a token", function(done) {
|
|
|
|
var revokeToken = sinon.stub(Tokens,"revoke",function() {
|
|
|
|
return when.resolve();
|
|
|
|
});
|
2015-07-15 23:43:24 +02:00
|
|
|
|
2015-01-28 23:41:13 +01:00
|
|
|
var req = { body: { token: "abcdef" } };
|
2015-07-15 23:43:24 +02:00
|
|
|
|
|
|
|
var res = { status: function(resp) {
|
2015-01-28 23:41:13 +01:00
|
|
|
revokeToken.restore();
|
|
|
|
|
|
|
|
resp.should.equal(200);
|
2015-10-03 21:32:24 +02:00
|
|
|
return {
|
|
|
|
end: done
|
|
|
|
}
|
2015-01-28 23:41:13 +01:00
|
|
|
}};
|
2015-07-15 23:43:24 +02:00
|
|
|
|
2015-01-28 23:41:13 +01:00
|
|
|
auth.revoke(req,res);
|
|
|
|
});
|
|
|
|
});
|
2015-07-15 23:43:24 +02:00
|
|
|
|
2015-01-28 23:41:13 +01:00
|
|
|
describe("login", function() {
|
2015-03-25 21:32:40 +01:00
|
|
|
beforeEach(function() {
|
|
|
|
sinon.stub(Tokens,"init",function(){});
|
|
|
|
sinon.stub(Users,"init",function(){});
|
|
|
|
});
|
|
|
|
afterEach(function() {
|
|
|
|
Tokens.init.restore();
|
|
|
|
Users.init.restore();
|
|
|
|
});
|
|
|
|
it("returns login details - credentials", function(done) {
|
2017-04-12 11:09:03 +02:00
|
|
|
auth.init({settings:{adminAuth:{type:"credentials"}},log:{audit:function(){}}})
|
2015-01-28 23:41:13 +01:00
|
|
|
auth.login(null,{json: function(resp) {
|
|
|
|
resp.should.have.a.property("type","credentials");
|
|
|
|
resp.should.have.a.property("prompts");
|
|
|
|
resp.prompts.should.have.a.lengthOf(2);
|
|
|
|
done();
|
|
|
|
}});
|
|
|
|
});
|
2015-03-25 21:32:40 +01:00
|
|
|
it("returns login details - none", function(done) {
|
2015-11-11 23:11:02 +01:00
|
|
|
auth.init({settings:{},log:{audit:function(){}}})
|
2015-03-25 21:32:40 +01:00
|
|
|
auth.login(null,{json: function(resp) {
|
|
|
|
resp.should.eql({});
|
|
|
|
done();
|
|
|
|
}});
|
|
|
|
});
|
2017-04-12 11:09:03 +02:00
|
|
|
it("returns login details - oauth", function(done) {
|
|
|
|
auth.init({settings:{adminAuth:{type:"oauth",strategy:{label:"test-oauth",icon:"test-icon"}}},log:{audit:function(){}}})
|
|
|
|
auth.login(null,{json: function(resp) {
|
|
|
|
resp.should.have.a.property("type","oauth");
|
|
|
|
resp.should.have.a.property("prompts");
|
|
|
|
resp.prompts.should.have.a.lengthOf(1);
|
|
|
|
resp.prompts[0].should.have.a.property("type","button");
|
|
|
|
resp.prompts[0].should.have.a.property("label","test-oauth");
|
|
|
|
resp.prompts[0].should.have.a.property("icon","test-icon");
|
|
|
|
|
|
|
|
done();
|
|
|
|
}});
|
|
|
|
});
|
2015-07-15 23:43:24 +02:00
|
|
|
|
2015-01-28 23:41:13 +01:00
|
|
|
});
|
2015-07-15 23:43:24 +02:00
|
|
|
|
2014-11-06 23:59:48 +01:00
|
|
|
});
|