jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Prepare simpleauth test for accessRestriction

Browse Source
This commit is contained in:
Johannes Zellner
2015-10-15 13:19:58 +02:00
parent ae1bfaf0c8
commit c916a76e6b
1 changed files with 145 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

208
src/routes/test/simpleauth-test.js
View File

@@ -7,6 +7,7 @@
'use strict';
var clientdb = require('../../clientdb.js'),
appdb = require('../../appdb.js'),
async = require('async'),
config = require('../../config.js'),
database = require('../../database.js'),
@@ -14,64 +15,98 @@ var clientdb = require('../../clientdb.js'),
request = require('superagent'),
server = require('../../server.js'),
simpleauth = require('../../simpleauth.js'),
nock = require('nock'),
userdb = require('../../userdb.js');
var SERVER_URL = 'http://localhost:' + config.get('port');
var SIMPLE_AUTH_ORIGIN = 'http://localhost:' + config.get('simpleAuthPort');
var USERNAME = 'admin', PASSWORD = 'password', EMAIL ='silly@me.com';
var CLIENT = {
id: 'someclientid',
appId: 'someappid',
clientSecret: 'someclientsecret',
redirectURI: '',
scope: 'user,profile'
};
var server;
function setup(done) {
async.series([
server.start.bind(server),
simpleauth.start.bind(simpleauth),
userdb._clear,
function createAdmin(callback) {
var scope1 = nock(config.apiServerOrigin()).get('/api/v1/boxes/' + config.fqdn() + '/setup/verify?setupToken=somesetuptoken').reply(200, {});
var scope2 = nock(config.apiServerOrigin()).post('/api/v1/boxes/' + config.fqdn() + '/setup/done?setupToken=somesetuptoken').reply(201, {});
request.post(SERVER_URL + '/api/v1/cloudron/activate')
.query({ setupToken: 'somesetuptoken' })
.send({ username: USERNAME, password: PASSWORD, email: EMAIL })
.end(function (error, result) {
expect(error).to.not.be.ok();
expect(result).to.be.ok();
expect(result.statusCode).to.eql(201);
expect(scope1.isDone()).to.be.ok();
expect(scope2.isDone()).to.be.ok();
callback();
});
},
function addClient(callback) {
clientdb.add(CLIENT.id, CLIENT.appId, CLIENT.clientSecret, CLIENT.redirectURI, CLIENT.scope, callback);
}
], done);
}
function cleanup(done) {
database._clear(function (error) {
expect(!error).to.be.ok();
server.stop(done);
});
}
nock = require('nock');
describe('SimpleAuth API', function () {
before(setup);
after(cleanup);
var SERVER_URL = 'http://localhost:' + config.get('port');
var SIMPLE_AUTH_ORIGIN = 'http://localhost:' + config.get('simpleAuthPort');
var USERNAME = 'admin', PASSWORD = 'password', EMAIL ='silly@me.com';
var APP_0 = {
id: 'app0',
appStoreId: '',
manifest: { version: '0.1.0' },
location: 'test0',
portBindings: {},
accessRestriction: 'user-foobar,user-someone',
oauthProxy: true
};
var APP_1 = {
id: 'app1',
appStoreId: '',
manifest: { version: '0.1.0' },
location: 'test1',
portBindings: {},
accessRestriction: 'user-foobar,user-' + USERNAME + ',user-someone',
oauthProxy: true
};
var CLIENT_0 = {
id: 'someclientid',
appId: 'someappid',
clientSecret: 'someclientsecret',
redirectURI: '',
scope: 'user,profile'
};
var CLIENT_1 = {
id: 'someclientid1',
appId: APP_0.id,
clientSecret: 'someclientsecret1',
redirectURI: '',
scope: 'user,profile'
};
var CLIENT_2 = {
id: 'someclientid2',
appId: APP_1.id,
clientSecret: 'someclientsecret1',
redirectURI: '',
scope: 'user,profile'
};
before(function (done) {
async.series([
server.start.bind(server),
simpleauth.start.bind(simpleauth),
database._clear,
function createAdmin(callback) {
var scope1 = nock(config.apiServerOrigin()).get('/api/v1/boxes/' + config.fqdn() + '/setup/verify?setupToken=somesetuptoken').reply(200, {});
var scope2 = nock(config.apiServerOrigin()).post('/api/v1/boxes/' + config.fqdn() + '/setup/done?setupToken=somesetuptoken').reply(201, {});
request.post(SERVER_URL + '/api/v1/cloudron/activate')
.query({ setupToken: 'somesetuptoken' })
.send({ username: USERNAME, password: PASSWORD, email: EMAIL })
.end(function (error, result) {
expect(error).to.not.be.ok();
expect(result).to.be.ok();
expect(result.statusCode).to.eql(201);
expect(scope1.isDone()).to.be.ok();
expect(scope2.isDone()).to.be.ok();
callback();
});
},
clientdb.add.bind(null, CLIENT_0.id, CLIENT_0.appId, CLIENT_0.clientSecret, CLIENT_0.redirectURI, CLIENT_0.scope),
clientdb.add.bind(null, CLIENT_1.id, CLIENT_1.appId, CLIENT_1.clientSecret, CLIENT_1.redirectURI, CLIENT_1.scope),
clientdb.add.bind(null, CLIENT_2.id, CLIENT_2.appId, CLIENT_2.clientSecret, CLIENT_2.redirectURI, CLIENT_2.scope),
appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.oauthProxy),
appdb.add.bind(null, APP_1.id, APP_1.appStoreId, APP_1.manifest, APP_1.location, APP_1.portBindings, APP_1.accessRestriction, APP_1.oauthProxy)
], done);
});
after(function (done) {
async.series([
database._clear,
simpleauth.stop.bind(simpleauth),
server.stop.bind(server)
], done);
});
describe('login', function () {
it('cannot login without clientId', function (done) {
@@ -117,7 +152,7 @@ describe('SimpleAuth API', function () {
it('cannot login with unkown clientId', function (done) {
var body = {
clientId: CLIENT.id+CLIENT.id,
clientId: CLIENT_0.id+CLIENT_0.id,
username: USERNAME,
password: PASSWORD
};
@@ -133,7 +168,7 @@ describe('SimpleAuth API', function () {
it('cannot login with unkown user', function (done) {
var body = {
clientId: CLIENT.id,
clientId: CLIENT_0.id,
username: USERNAME+USERNAME,
password: PASSWORD
};
@@ -149,7 +184,7 @@ describe('SimpleAuth API', function () {
it('cannot login with empty password', function (done) {
var body = {
clientId: CLIENT.id,
clientId: CLIENT_0.id,
username: USERNAME,
password: ''
};
@@ -163,9 +198,9 @@ describe('SimpleAuth API', function () {
});
});
it('cannot login with wrgon password', function (done) {
it('cannot login with wrong password', function (done) {
var body = {
clientId: CLIENT.id,
clientId: CLIENT_0.id,
username: USERNAME,
password: PASSWORD+PASSWORD
};
@@ -181,7 +216,54 @@ describe('SimpleAuth API', function () {
it('succeeds', function (done) {
var body = {
clientId: CLIENT.id,
clientId: CLIENT_0.id,
username: USERNAME,
password: PASSWORD
};
request.post(SIMPLE_AUTH_ORIGIN + '/api/v1/login')
.send(body)
.end(function (error, result) {
expect(error).to.be(null);
expect(result.statusCode).to.equal(200);
expect(result.body.accessToken).to.be.a('string');
expect(result.body.user).to.be.an('object');
expect(result.body.user.id).to.be.a('string');
expect(result.body.user.username).to.be.a('string');
expect(result.body.user.email).to.be.a('string');
expect(result.body.user.admin).to.be.a('boolean');
request.get(SERVER_URL + '/api/v1/profile')
.query({ access_token: result.body.accessToken })
.end(function (error, result) {
expect(error).to.be(null);
expect(result.body).to.be.an('object');
expect(result.body.username).to.eql(USERNAME);
done();
});
});
});
xit('cannot login for disallowed app', function (done) {
var body = {
clientId: CLIENT_1.id,
username: USERNAME,
password: PASSWORD
};
request.post(SIMPLE_AUTH_ORIGIN + '/api/v1/login')
.send(body)
.end(function (error, result) {
expect(error).to.be(null);
expect(result.statusCode).to.equal(401);
done();
});
});
xit('can login for allowed app', function (done) {
var body = {
clientId: CLIENT_2.id,
username: USERNAME,
password: PASSWORD
};
@@ -216,7 +298,7 @@ describe('SimpleAuth API', function () {
before(function (done) {
var body = {
clientId: CLIENT.id,
clientId: CLIENT_0.id,
username: USERNAME,
password: PASSWORD
};