Rename oidc route test file
This commit is contained in:
Johannes Zellner
@@ -0,0 +1,193 @@
|
||||
/* jslint node:true */
|
||||
/* global it:false */
|
||||
/* global describe:false */
|
||||
/* global before:false */
|
||||
/* global after:false */
|
||||
|
||||
'use strict';
|
||||
|
||||
const common = require('./common.js'),
|
||||
expect = require('expect.js'),
|
||||
superagent = require('superagent');
|
||||
|
||||
const CLIENT_0 = {
|
||||
id: 'client0',
|
||||
name: 'test client 0',
|
||||
secret: 'secret0',
|
||||
loginRedirectUri: 'http://foo.bar'
|
||||
};
|
||||
|
||||
const CLIENT_1 = {
|
||||
id: 'client1',
|
||||
name: 'test client 1',
|
||||
secret: 'secret1',
|
||||
loginRedirectUri: 'https://cloudron.io/login',
|
||||
logoutRedirectUri: 'https://cloudron.io/logout'
|
||||
};
|
||||
|
||||
describe('OpenID connect clients API', function () {
|
||||
const { setup, cleanup, serverUrl, owner, user } = common;
|
||||
|
||||
before(setup);
|
||||
after(cleanup);
|
||||
|
||||
it('create fails due to missing token', async function () {
|
||||
const response = await superagent.post(`${serverUrl}/api/v1/oidc/clients`)
|
||||
.send(CLIENT_0)
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(401);
|
||||
});
|
||||
|
||||
it('create succeeds without logoutRedirectUri', async function () {
|
||||
const response = await superagent.post(`${serverUrl}/api/v1/oidc/clients`)
|
||||
.query({ access_token: owner.token })
|
||||
.send(CLIENT_0);
|
||||
|
||||
expect(response.statusCode).to.equal(201);
|
||||
});
|
||||
|
||||
it('create fails for already exists', async function () {
|
||||
const response = await superagent.post(`${serverUrl}/api/v1/oidc/clients`)
|
||||
.query({ access_token: owner.token })
|
||||
.send(CLIENT_0)
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(409);
|
||||
});
|
||||
|
||||
it('can create another client with logoutRedirectUri', async function () {
|
||||
const response = await superagent.post(`${serverUrl}/api/v1/oidc/clients`)
|
||||
.query({ access_token: owner.token })
|
||||
.send(CLIENT_1);
|
||||
|
||||
expect(response.statusCode).to.equal(201);
|
||||
});
|
||||
|
||||
it('cannot get non-existing client', async function () {
|
||||
const response = await superagent.get(`${serverUrl}/api/v1/oidc/clients/nope`)
|
||||
.query({ access_token: owner.token })
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(404);
|
||||
});
|
||||
|
||||
it('cannot get existing client with normal user', async function () {
|
||||
const response = await superagent.get(`${serverUrl}/api/v1/oidc/clients/${CLIENT_0.id}`)
|
||||
.query({ access_token: user.token })
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(403);
|
||||
});
|
||||
|
||||
it('can get existing client', async function () {
|
||||
const response = await superagent.get(`${serverUrl}/api/v1/oidc/clients/${CLIENT_1.id}`)
|
||||
.query({ access_token: owner.token });
|
||||
|
||||
expect(response.statusCode).to.equal(200);
|
||||
expect(response.body.id).to.equal(CLIENT_1.id);
|
||||
expect(response.body.secret).to.equal(CLIENT_1.secret);
|
||||
expect(response.body.loginRedirectUri).to.equal(CLIENT_1.loginRedirectUri);
|
||||
expect(response.body.logoutRedirectUri).to.equal(CLIENT_1.logoutRedirectUri);
|
||||
});
|
||||
|
||||
it('cannot update non-existent client', async function () {
|
||||
const response = await superagent.post(`${serverUrl}/api/v1/oidc/clients/nope`)
|
||||
.query({ access_token: owner.token })
|
||||
.send(CLIENT_0)
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(404);
|
||||
});
|
||||
|
||||
it('cannot list clients without token', async function () {
|
||||
const response = await superagent.get(`${serverUrl}/api/v1/oidc/clients`)
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(401);
|
||||
});
|
||||
|
||||
it('cannot list clients as normal user', async function () {
|
||||
const response = await superagent.get(`${serverUrl}/api/v1/oidc/clients`)
|
||||
.query({ access_token: user.token })
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(403);
|
||||
});
|
||||
|
||||
it('can list clients', async function () {
|
||||
const response = await superagent.get(`${serverUrl}/api/v1/oidc/clients`)
|
||||
.query({ access_token: owner.token });
|
||||
|
||||
expect(response.statusCode).to.equal(200);
|
||||
expect(response.body.clients).to.be.an(Array);
|
||||
expect(response.body.clients.length).to.be(2);
|
||||
expect(response.body.clients[0].id).to.eql(CLIENT_0.id);
|
||||
expect(response.body.clients[1].id).to.eql(CLIENT_1.id);
|
||||
});
|
||||
|
||||
it('cannot update client without secret', async function () {
|
||||
const response = await superagent.post(`${serverUrl}/api/v1/oidc/clients/${CLIENT_0.id}`)
|
||||
.query({ access_token: owner.token })
|
||||
.send({ loginRedirectUri: CLIENT_0.loginRedirectUri })
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(400);
|
||||
});
|
||||
|
||||
it('cannot update client without loginRedirectUri', async function () {
|
||||
const response = await superagent.post(`${serverUrl}/api/v1/oidc/clients/${CLIENT_0.id}`)
|
||||
.query({ access_token: owner.token })
|
||||
.send({ secret: CLIENT_0.secret })
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(400);
|
||||
});
|
||||
|
||||
it('can update client without logoutRedirectUri', async function () {
|
||||
const response = await superagent.post(`${serverUrl}/api/v1/oidc/clients/${CLIENT_0.id}`)
|
||||
.query({ access_token: owner.token })
|
||||
.send({ secret: 'newsecret', name: 'new name', loginRedirectUri: CLIENT_0.loginRedirectUri })
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(201);
|
||||
|
||||
const response2 = await superagent.get(`${serverUrl}/api/v1/oidc/clients/${CLIENT_0.id}`)
|
||||
.query({ access_token: owner.token });
|
||||
|
||||
expect(response2.statusCode).to.equal(200);
|
||||
expect(response2.body.secret).to.equal('newsecret');
|
||||
expect(response2.body.name).to.equal('new name');
|
||||
});
|
||||
|
||||
it('can update client with logoutRedirectUri', async function () {
|
||||
const response = await superagent.post(`${serverUrl}/api/v1/oidc/clients/${CLIENT_0.id}`)
|
||||
.query({ access_token: owner.token })
|
||||
.send({ secret: 'newsecret', name: CLIENT_1.name, loginRedirectUri: CLIENT_0.loginRedirectUri, logoutRedirectUri: CLIENT_1.logoutRedirectUri })
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(201);
|
||||
|
||||
const response2 = await superagent.get(`${serverUrl}/api/v1/oidc/clients/${CLIENT_0.id}`)
|
||||
.query({ access_token: owner.token });
|
||||
|
||||
expect(response2.statusCode).to.equal(200);
|
||||
expect(response2.body.secret).to.equal('newsecret');
|
||||
expect(response2.body.loginRedirectUri).to.equal(CLIENT_0.loginRedirectUri);
|
||||
expect(response2.body.logoutRedirectUri).to.equal(CLIENT_1.logoutRedirectUri);
|
||||
});
|
||||
|
||||
it('cannot remove without token', async function () {
|
||||
const response = await superagent.del(`${serverUrl}/api/v1/oidc/clients/${CLIENT_0.id}`)
|
||||
.ok(() => true);
|
||||
|
||||
expect(response.statusCode).to.equal(401);
|
||||
});
|
||||
|
||||
it('can remove empty group', async function () {
|
||||
const response = await superagent.del(`${serverUrl}/api/v1/oidc/clients/${CLIENT_0.id}`)
|
||||
.query({ access_token: owner.token });
|
||||
|
||||
expect(response.statusCode).to.equal(204);
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user