diff --git a/src/routes/test/cloudron-test.js b/src/routes/test/cloudron-test.js index 1fff8957d..30ace0e18 100644 --- a/src/routes/test/cloudron-test.js +++ b/src/routes/test/cloudron-test.js @@ -9,6 +9,7 @@ let async = require('async'), config = require('../../config.js'), database = require('../../database.js'), expect = require('expect.js'), + hat = require('../../hat.js'), http = require('http'), nock = require('nock'), os = require('os'), @@ -162,11 +163,11 @@ describe('Cloudron', function () { expect(result).to.be.ok(); expect(result.statusCode).to.eql(201); - token_1 = tokendb.generateToken(); + token_1 = hat(8 * 32); userId_1 = result.body.id; // HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...) - tokendb.add(token_1, userId_1, 'test-client-id', Date.now() + 100000, 'cloudron', '', callback); + tokendb.add({ id: 'tid-1', accessToken: token_1, identifier: userId_1, clientId: 'test-client-id', expires: Date.now() + 100000, scope: 'cloudron', name: '' }, callback); }); } ], done); diff --git a/src/routes/test/eventlog-test.js b/src/routes/test/eventlog-test.js index 5265fe193..a63c9da17 100644 --- a/src/routes/test/eventlog-test.js +++ b/src/routes/test/eventlog-test.js @@ -12,6 +12,7 @@ var accesscontrol = require('../../accesscontrol.js'), database = require('../../database.js'), eventlogdb = require('../../eventlogdb.js'), expect = require('expect.js'), + hat = require('../../hat.js'), superagent = require('superagent'), server = require('../../server.js'), tokendb = require('../../tokendb.js'); @@ -72,10 +73,10 @@ function setup(done) { }, function (callback) { - token_1 = tokendb.generateToken(); + token_1 = hat(8 * 32); // HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...) - tokendb.add(token_1, USER_1_ID, 'test-client-id', Date.now() + 100000, accesscontrol.SCOPE_PROFILE, '', callback); + tokendb.add({ id: 'tid-0', accessToken: token_1, identifier: USER_1_ID, clientId: 'test-client-id', expires: Date.now() + 100000, scope: accesscontrol.SCOPE_PROFILE, name: '' }, callback); }, function (callback) { diff --git a/src/routes/test/groups-test.js b/src/routes/test/groups-test.js index 5021a3de0..bd3457523 100644 --- a/src/routes/test/groups-test.js +++ b/src/routes/test/groups-test.js @@ -11,9 +11,9 @@ var accesscontrol = require('../../accesscontrol.js'), config = require('../../config.js'), database = require('../../database.js'), expect = require('expect.js'), - groups = require('../../groups.js'), - superagent = require('superagent'), + hat = require('../../hat.js'), server = require('../../server.js'), + superagent = require('superagent'), tokendb = require('../../tokendb.js'); var SERVER_URL = 'http://localhost:' + config.get('port'); @@ -66,11 +66,11 @@ function setup(done) { expect(result).to.be.ok(); expect(result.statusCode).to.eql(201); - token_1 = tokendb.generateToken(); + token_1 = hat(8 * 32); userId_1 = result.body.id; // HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...) - tokendb.add(token_1, userId_1, 'test-client-id', Date.now() + 100000, accesscontrol.SCOPE_PROFILE, '', callback); + tokendb.add({ id: 'tid-1', accessToken: token_1, identifier: userId_1, clientId: 'test-client-id', expires: Date.now() + 100000, scope: accesscontrol.SCOPE_PROFILE, name: '' }, callback); }); } ], done); diff --git a/src/routes/test/profile-test.js b/src/routes/test/profile-test.js index eac617ba8..7fa2e17b4 100644 --- a/src/routes/test/profile-test.js +++ b/src/routes/test/profile-test.js @@ -6,9 +6,11 @@ 'use strict'; -var config = require('../../config.js'), +var accesscontrol = require('../../accesscontrol.js'), + config = require('../../config.js'), database = require('../../database.js'), expect = require('expect.js'), + hat = require('../../hat.js'), mailer = require('../../mailer.js'), superagent = require('superagent'), server = require('../../server.js'), @@ -110,10 +112,10 @@ describe('Profile API', function () { }); it('fails with expired token', function (done) { - var token = tokendb.generateToken(); + var token = hat(8 * 32); var expires = Date.now() - 2000; // 1 sec - tokendb.add(token, user_0.id, null, expires, 'profile', 'tokenname', function (error) { + tokendb.add({ id: 'tid-3', accessToken: token, identifier: user_0.id, clientId: null, expires: expires, scope: accesscontrol.SCOPE_PROFILE, name: 'fromtest' }, function (error) { expect(error).to.not.be.ok(); superagent.get(SERVER_URL + '/api/v1/profile').query({ access_token: token }).end(function (error, result) { diff --git a/src/routes/test/users-test.js b/src/routes/test/users-test.js index 1d1b59557..106391edb 100644 --- a/src/routes/test/users-test.js +++ b/src/routes/test/users-test.js @@ -12,6 +12,7 @@ var accesscontrol = require('../../accesscontrol.js'), domains = require('../../domains.js'), tokendb = require('../../tokendb.js'), expect = require('expect.js'), + hat = require('../../hat.js'), groups = require('../../groups.js'), mail = require('../../mail.js'), mailer = require('../../mailer.js'), @@ -84,7 +85,7 @@ function checkMails(number, done) { describe('Users API', function () { var user_0, user_1, user_2, user_4; var token = null, userToken = null; - var token_1 = tokendb.generateToken(); + var token_1 = hat(8 * 32); before(setup); after(cleanup); @@ -173,15 +174,24 @@ describe('Users API', function () { }); it('cannot get userInfo with expired token', function (done) { - var token = tokendb.generateToken(); var expires = Date.now() + 2000; // 1 sec - tokendb.add(token, user_0.id, null, expires, accesscontrol.SCOPE_PROFILE, 'tokenname', function (error) { + let token = { + id: 'tid-0', + accessToken: hat(8 * 32), + identifier: user_0.id, + clientId: null, + expires: expires, + scope: accesscontrol.SCOPE_PROFILE, + name: 'tokenname' + }; + + tokendb.add(token, function (error) { expect(error).to.not.be.ok(); setTimeout(function () { superagent.get(SERVER_URL + '/api/v1/users/' + user_0.username) - .query({ access_token: token }) + .query({ access_token: token.accessToken }) .end(function (error, result) { expect(result.statusCode).to.equal(401); done(); @@ -287,7 +297,7 @@ describe('Users API', function () { user_1 = result.body; // HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...) - tokendb.add(token_1, user_1.id, 'test-client-id', Date.now() + 10000, accesscontrol.SCOPE_PROFILE, 'fromtest', done); + tokendb.add({ id: 'tid-3', accessToken: token_1, identifier: user_1.id, clientId: 'test-client-id', expires: Date.now() + 10000, scope: accesscontrol.SCOPE_PROFILE, name: 'fromtest' }, done); }); }); @@ -697,10 +707,10 @@ describe('Users API', function () { user_4 = result.body; - userToken = tokendb.generateToken(); + userToken = hat(8 * 32); var expires = Date.now() + 2000; // 1 sec - tokendb.add(userToken, user_4.id, null, expires, accesscontrol.SCOPE_PROFILE, '', done); + tokendb.add({ id: 'tid-2', accessToken: userToken, identifier: user_4.id, clientId: null, expires: expires, scope: accesscontrol.SCOPE_PROFILE, name: '' }, done); }); }); diff --git a/src/test/janitor-test.js b/src/test/janitor-test.js index 316eca2d8..97ce8d4e7 100644 --- a/src/test/janitor-test.js +++ b/src/test/janitor-test.js @@ -11,6 +11,7 @@ var async = require('async'), database = require('../database'), DatabaseError = require('../databaseerror.js'), expect = require('expect.js'), + hat = require('../hat.js'), janitor = require('../janitor.js'), tokendb = require('../tokendb.js'); @@ -29,7 +30,8 @@ describe('janitor', function () { }; var TOKEN_0 = { - accessToken: tokendb.generateToken(), + id: 'tid-0', + accessToken: hat(8 * 32), identifier: '0', clientId: 'clientid-0', expires: Date.now() + 60 * 60 * 1000, @@ -37,7 +39,8 @@ describe('janitor', function () { name: 'clientid0' }; var TOKEN_1 = { - accessToken: tokendb.generateToken(), + id: 'tid-1', + accessToken: hat(8 * 32), identifier: '1', clientId: 'clientid-1', expires: Date.now() - 1000, @@ -51,8 +54,8 @@ describe('janitor', function () { database._clear, authcodedb.add.bind(null, AUTHCODE_0.authCode, AUTHCODE_0.clientId, AUTHCODE_0.userId, AUTHCODE_0.expiresAt), authcodedb.add.bind(null, AUTHCODE_1.authCode, AUTHCODE_1.clientId, AUTHCODE_1.userId, AUTHCODE_1.expiresAt), - tokendb.add.bind(null, TOKEN_0.accessToken, TOKEN_0.identifier, TOKEN_0.clientId, TOKEN_0.expires, TOKEN_0.scope, TOKEN_0.name), - tokendb.add.bind(null, TOKEN_1.accessToken, TOKEN_1.identifier, TOKEN_1.clientId, TOKEN_1.expires, TOKEN_1.scope, TOKEN_1.name) + tokendb.add.bind(null, TOKEN_0), + tokendb.add.bind(null, TOKEN_1) ], done); });