]>
Commit | Line | Data |
---|---|---|
7fed6375 C |
1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ |
2 | ||
ae2abfd3 | 3 | import { expect } from 'chai' |
c55e3d72 | 4 | import { wait } from '@shared/core-utils' |
4c7e60bc | 5 | import { HttpStatusCode, UserRole } from '@shared/models' |
c55e3d72 | 6 | import { cleanupTests, createSingleServer, PeerTubeServer, PluginsCommand, setAccessTokensToServers } from '@shared/server-commands' |
7fed6375 C |
7 | |
8 | describe('Test id and pass auth plugins', function () { | |
254d3579 | 9 | let server: PeerTubeServer |
e307e4fc C |
10 | |
11 | let crashAccessToken: string | |
12 | let crashRefreshToken: string | |
13 | ||
14 | let lagunaAccessToken: string | |
15 | let lagunaRefreshToken: string | |
60b880ac | 16 | let lagunaId: number |
7fed6375 C |
17 | |
18 | before(async function () { | |
19 | this.timeout(30000) | |
20 | ||
254d3579 | 21 | server = await createSingleServer(1) |
7fed6375 C |
22 | await setAccessTokensToServers([ server ]) |
23 | ||
e1c55031 | 24 | for (const suffix of [ 'one', 'two', 'three' ]) { |
89d241a7 | 25 | await server.plugins.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) }) |
e1c55031 | 26 | } |
7fed6375 C |
27 | }) |
28 | ||
9107d791 | 29 | it('Should display the correct configuration', async function () { |
89d241a7 | 30 | const config = await server.config.getConfig() |
9107d791 C |
31 | |
32 | const auths = config.plugin.registeredIdAndPassAuths | |
33 | expect(auths).to.have.lengthOf(8) | |
34 | ||
35 | const crashAuth = auths.find(a => a.authName === 'crash-auth') | |
36 | expect(crashAuth).to.exist | |
37 | expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one') | |
38 | expect(crashAuth.weight).to.equal(50) | |
39 | }) | |
40 | ||
e1c55031 | 41 | it('Should not login', async function () { |
89d241a7 | 42 | await server.login.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
7fed6375 C |
43 | }) |
44 | ||
e1c55031 | 45 | it('Should login Spyro, create the user and use the token', async function () { |
89d241a7 | 46 | const accessToken = await server.login.getAccessToken({ username: 'spyro', password: 'spyro password' }) |
7fed6375 | 47 | |
89d241a7 | 48 | const body = await server.users.getMyInfo({ token: accessToken }) |
e1c55031 | 49 | |
e1c55031 C |
50 | expect(body.username).to.equal('spyro') |
51 | expect(body.account.displayName).to.equal('Spyro the Dragon') | |
9e5cf66b | 52 | expect(body.role.id).to.equal(UserRole.USER) |
7fed6375 C |
53 | }) |
54 | ||
e1c55031 | 55 | it('Should login Crash, create the user and use the token', async function () { |
e307e4fc | 56 | { |
89d241a7 | 57 | const body = await server.login.login({ user: { username: 'crash', password: 'crash password' } }) |
41d1d075 C |
58 | crashAccessToken = body.access_token |
59 | crashRefreshToken = body.refresh_token | |
e307e4fc | 60 | } |
e1c55031 | 61 | |
e307e4fc | 62 | { |
89d241a7 | 63 | const body = await server.users.getMyInfo({ token: crashAccessToken }) |
7fed6375 | 64 | |
e307e4fc C |
65 | expect(body.username).to.equal('crash') |
66 | expect(body.account.displayName).to.equal('Crash Bandicoot') | |
9e5cf66b | 67 | expect(body.role.id).to.equal(UserRole.MODERATOR) |
e307e4fc | 68 | } |
7fed6375 C |
69 | }) |
70 | ||
e1c55031 | 71 | it('Should login the first Laguna, create the user and use the token', async function () { |
e307e4fc | 72 | { |
89d241a7 | 73 | const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } }) |
41d1d075 C |
74 | lagunaAccessToken = body.access_token |
75 | lagunaRefreshToken = body.refresh_token | |
e307e4fc | 76 | } |
7fed6375 | 77 | |
e307e4fc | 78 | { |
89d241a7 | 79 | const body = await server.users.getMyInfo({ token: lagunaAccessToken }) |
e1c55031 | 80 | |
e307e4fc | 81 | expect(body.username).to.equal('laguna') |
60b880ac | 82 | expect(body.account.displayName).to.equal('Laguna Loire') |
9e5cf66b | 83 | expect(body.role.id).to.equal(UserRole.USER) |
60b880ac C |
84 | |
85 | lagunaId = body.id | |
e307e4fc C |
86 | } |
87 | }) | |
88 | ||
89 | it('Should refresh crash token, but not laguna token', async function () { | |
90 | { | |
89d241a7 | 91 | const resRefresh = await server.login.refreshToken({ refreshToken: crashRefreshToken }) |
e307e4fc C |
92 | crashAccessToken = resRefresh.body.access_token |
93 | crashRefreshToken = resRefresh.body.refresh_token | |
94 | ||
89d241a7 | 95 | const body = await server.users.getMyInfo({ token: crashAccessToken }) |
7926c5f9 | 96 | expect(body.username).to.equal('crash') |
e307e4fc C |
97 | } |
98 | ||
99 | { | |
89d241a7 | 100 | await server.login.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
e307e4fc | 101 | } |
7fed6375 C |
102 | }) |
103 | ||
104 | it('Should update Crash profile', async function () { | |
89d241a7 | 105 | await server.users.updateMe({ |
7926c5f9 | 106 | token: crashAccessToken, |
e1c55031 C |
107 | displayName: 'Beautiful Crash', |
108 | description: 'Mutant eastern barred bandicoot' | |
109 | }) | |
7fed6375 | 110 | |
89d241a7 | 111 | const body = await server.users.getMyInfo({ token: crashAccessToken }) |
e1c55031 | 112 | |
e1c55031 C |
113 | expect(body.account.displayName).to.equal('Beautiful Crash') |
114 | expect(body.account.description).to.equal('Mutant eastern barred bandicoot') | |
7fed6375 C |
115 | }) |
116 | ||
117 | it('Should logout Crash', async function () { | |
89d241a7 | 118 | await server.login.logout({ token: crashAccessToken }) |
7fed6375 C |
119 | }) |
120 | ||
e1c55031 | 121 | it('Should have logged out Crash', async function () { |
89d241a7 | 122 | await server.servers.waitUntilLog('On logout for auth 1 - 2') |
e307e4fc | 123 | |
89d241a7 | 124 | await server.users.getMyInfo({ token: crashAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) |
7fed6375 C |
125 | }) |
126 | ||
127 | it('Should login Crash and keep the old existing profile', async function () { | |
89d241a7 | 128 | crashAccessToken = await server.login.getAccessToken({ username: 'crash', password: 'crash password' }) |
7fed6375 | 129 | |
89d241a7 | 130 | const body = await server.users.getMyInfo({ token: crashAccessToken }) |
e1c55031 | 131 | |
e1c55031 C |
132 | expect(body.username).to.equal('crash') |
133 | expect(body.account.displayName).to.equal('Beautiful Crash') | |
134 | expect(body.account.description).to.equal('Mutant eastern barred bandicoot') | |
9e5cf66b | 135 | expect(body.role.id).to.equal(UserRole.MODERATOR) |
7fed6375 C |
136 | }) |
137 | ||
60b880ac C |
138 | it('Should login Laguna and update the profile', async function () { |
139 | { | |
140 | await server.users.update({ userId: lagunaId, videoQuota: 43000, videoQuotaDaily: 43100 }) | |
141 | await server.users.updateMe({ token: lagunaAccessToken, displayName: 'laguna updated' }) | |
142 | ||
143 | const body = await server.users.getMyInfo({ token: lagunaAccessToken }) | |
144 | expect(body.username).to.equal('laguna') | |
145 | expect(body.account.displayName).to.equal('laguna updated') | |
146 | expect(body.videoQuota).to.equal(43000) | |
147 | expect(body.videoQuotaDaily).to.equal(43100) | |
148 | } | |
149 | ||
150 | { | |
151 | const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } }) | |
152 | lagunaAccessToken = body.access_token | |
153 | lagunaRefreshToken = body.refresh_token | |
154 | } | |
155 | ||
156 | { | |
157 | const body = await server.users.getMyInfo({ token: lagunaAccessToken }) | |
158 | expect(body.username).to.equal('laguna') | |
159 | expect(body.account.displayName).to.equal('Laguna Loire') | |
160 | expect(body.videoQuota).to.equal(42000) | |
161 | expect(body.videoQuotaDaily).to.equal(43100) | |
162 | } | |
163 | }) | |
164 | ||
055cfb11 | 165 | it('Should reject token of laguna by the plugin hook', async function () { |
e307e4fc C |
166 | await wait(5000) |
167 | ||
89d241a7 | 168 | await server.users.getMyInfo({ token: lagunaAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) |
e307e4fc C |
169 | }) |
170 | ||
98813e69 | 171 | it('Should reject an invalid username, email, role or display name', async function () { |
89d241a7 | 172 | const command = server.login |
41d1d075 C |
173 | |
174 | await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
89d241a7 | 175 | await server.servers.waitUntilLog('valid username') |
98813e69 | 176 | |
41d1d075 | 177 | await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
60b880ac | 178 | await server.servers.waitUntilLog('valid displayName') |
98813e69 | 179 | |
41d1d075 | 180 | await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
89d241a7 | 181 | await server.servers.waitUntilLog('valid role') |
98813e69 | 182 | |
41d1d075 | 183 | await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
89d241a7 | 184 | await server.servers.waitUntilLog('valid email') |
98813e69 C |
185 | }) |
186 | ||
a4995eb7 | 187 | it('Should unregister spyro-auth and do not login existing Spyro', async function () { |
89d241a7 | 188 | await server.plugins.updateSettings({ |
a4995eb7 C |
189 | npmName: 'peertube-plugin-test-id-pass-auth-one', |
190 | settings: { disableSpyro: true } | |
191 | }) | |
192 | ||
89d241a7 | 193 | const command = server.login |
41d1d075 C |
194 | await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
195 | await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
a4995eb7 C |
196 | }) |
197 | ||
198 | it('Should have disabled this auth', async function () { | |
89d241a7 | 199 | const config = await server.config.getConfig() |
a4995eb7 C |
200 | |
201 | const auths = config.plugin.registeredIdAndPassAuths | |
202 | expect(auths).to.have.lengthOf(7) | |
203 | ||
204 | const spyroAuth = auths.find(a => a.authName === 'spyro-auth') | |
205 | expect(spyroAuth).to.not.exist | |
206 | }) | |
207 | ||
7fed6375 | 208 | it('Should uninstall the plugin one and do not login existing Crash', async function () { |
89d241a7 | 209 | await server.plugins.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' }) |
7fed6375 | 210 | |
89d241a7 | 211 | await server.login.login({ |
41d1d075 C |
212 | user: { username: 'crash', password: 'crash password' }, |
213 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
214 | }) | |
7fed6375 C |
215 | }) |
216 | ||
9107d791 | 217 | it('Should display the correct configuration', async function () { |
89d241a7 | 218 | const config = await server.config.getConfig() |
9107d791 C |
219 | |
220 | const auths = config.plugin.registeredIdAndPassAuths | |
221 | expect(auths).to.have.lengthOf(6) | |
222 | ||
223 | const crashAuth = auths.find(a => a.authName === 'crash-auth') | |
224 | expect(crashAuth).to.not.exist | |
225 | }) | |
226 | ||
8bb71f2e | 227 | it('Should display plugin auth information in users list', async function () { |
89d241a7 | 228 | const { data } = await server.users.list() |
8bb71f2e | 229 | |
7926c5f9 C |
230 | const root = data.find(u => u.username === 'root') |
231 | const crash = data.find(u => u.username === 'crash') | |
232 | const laguna = data.find(u => u.username === 'laguna') | |
8bb71f2e C |
233 | |
234 | expect(root.pluginAuth).to.be.null | |
235 | expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one') | |
236 | expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two') | |
237 | }) | |
238 | ||
7fed6375 C |
239 | after(async function () { |
240 | await cleanupTests([ server ]) | |
241 | }) | |
242 | }) |