frodovdr/node-red
1
0
Fork 0
mirror of https://github.com/node-red/node-red.git synced 2025-03-01 10:36:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2479 from node-red-hitachi/dev-admin-api-auth

Browse Source 
Add admin api authentication function
This commit is contained in:
Nick O'Leary
2020-03-13 13:36:53 +00:00
committed by GitHub
parent de971fa53f 83942c2551
commit 6912dec166
5 changed files with 142 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
test/unit/@node-red/editor-api/lib/auth/strategies_spec.js
View File

@@ -129,6 +129,61 @@ describe("api/auth/strategies", function() {
})
});
describe("Tokens Strategy", function() {
it('Succeeds if tokens user enabled custom header',function(done) {
var userTokens = sinon.stub(Users,"tokens",function(token) {
return when.resolve("tokens-"+token);
});
var userTokenHeader = sinon.stub(Users,"tokenHeader",function(token) {
return "x-test-token";
});
strategies.tokensStrategy._success = strategies.tokensStrategy.success;
strategies.tokensStrategy.success = function(user) {
user.should.equal("tokens-1234");
strategies.tokensStrategy.success = strategies.tokensStrategy._success;
delete strategies.tokensStrategy._success;
done();
};
strategies.tokensStrategy.authenticate({headers:{"x-test-token":"1234"}});
});
it('Succeeds if tokens user enabled default header',function(done) {
var userTokens = sinon.stub(Users,"tokens",function(token) {
return when.resolve("tokens-"+token);
});
var userTokenHeader = sinon.stub(Users,"tokenHeader",function(token) {
return "authorization";
});
strategies.tokensStrategy._success = strategies.tokensStrategy.success;
strategies.tokensStrategy.success = function(user) {
user.should.equal("tokens-1234");
strategies.tokensStrategy.success = strategies.tokensStrategy._success;
delete strategies.tokensStrategy._success;
done();
};
strategies.tokensStrategy.authenticate({headers:{"authorization":"Bearer 1234"}});
});
it('Fails if tokens user not enabled',function(done) {
var userTokens = sinon.stub(Users,"tokens",function() {
return when.resolve(null);
});
var userTokenHeader = sinon.stub(Users,"tokenHeader",function(token) {
return "authorization";
});
strategies.tokensStrategy._fail = strategies.tokensStrategy.fail;
strategies.tokensStrategy.fail = function(err) {
err.should.equal(401);
strategies.tokensStrategy.fail = strategies.tokensStrategy._fail;
delete strategies.tokensStrategy._fail;
done();
};
strategies.tokensStrategy.authenticate({headers:{"authorization":"Bearer 1234"}});
});
afterEach(function() {
Users.tokens.restore();
Users.tokenHeader.restore();
})
});
describe("Bearer Strategy", function() {
it('Rejects invalid token',function(done) {
var getToken = sinon.stub(Tokens,"get",function(token) {

43
test/unit/@node-red/editor-api/lib/auth/users_spec.js
View File

@@ -227,4 +227,47 @@ describe("api/auth/users", function() {
});
});
});
describe('Initialised with tokens set as function',function() {
before(function() {
Users.init({
type:"strategy",
tokens: function(token) { return("Done-"+token); }
});
});
after(function() {
Users.init({});
});
describe('#tokens',function() {
it('handles api.tokens being a function',function(done) {
Users.should.have.property('tokens').which.is.a.Function();
(Users.tokens("1234")).should.equal("Done-1234");
(Users.tokenHeader()).should.equal("authorization");
done();
});
});
});
describe('Initialised with tokens set as function and tokenHeader set as token header name',function() {
before(function() {
Users.init({
type:"strategy",
tokens: function(token) { return("Done-"+token); },
tokenHeader: "X-TEST-TOKEN"
});
});
after(function() {
Users.init({});
});
describe('#tokens',function() {
it('handles api.tokens being a function and api.tokenHeader being a header name',function(done) {
Users.should.have.property('tokens').which.is.a.Function();
(Users.tokens("1234")).should.equal("Done-1234");
Users.should.have.property('tokenHeader').which.is.a.Function();
(Users.tokenHeader()).should.equal("x-test-token");
done();
});
});
});
});