[github/Chocobozzz/PeerTube.git] / server / tests / plugins / id-and-pass-auth.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import { expect } from 'chai'
import { wait } from '@shared/core-utils'
import { HttpStatusCode, UserRole } from '@shared/models'
import { cleanupTests, createSingleServer, PeerTubeServer, PluginsCommand, setAccessTokensToServers } from '@shared/server-commands'

describe('Test id and pass auth plugins', function () {
  let server: PeerTubeServer

  let crashAccessToken: string
  let crashRefreshToken: string

  let lagunaAccessToken: string
  let lagunaRefreshToken: string
  let lagunaId: number

  before(async function () {
    this.timeout(30000)

    server = await createSingleServer(1)
    await setAccessTokensToServers([ server ])

    for (const suffix of [ 'one', 'two', 'three' ]) {
      await server.plugins.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) })
    }
  })

  it('Should display the correct configuration', async function () {
    const config = await server.config.getConfig()

    const auths = config.plugin.registeredIdAndPassAuths
    expect(auths).to.have.lengthOf(8)

    const crashAuth = auths.find(a => a.authName === 'crash-auth')
    expect(crashAuth).to.exist
    expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one')
    expect(crashAuth.weight).to.equal(50)
  })

  it('Should not login', async function () {
    await server.login.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  })

  it('Should login Spyro, create the user and use the token', async function () {
    const accessToken = await server.login.getAccessToken({ username: 'spyro', password: 'spyro password' })

    const body = await server.users.getMyInfo({ token: accessToken })

    expect(body.username).to.equal('spyro')
    expect(body.account.displayName).to.equal('Spyro the Dragon')
    expect(body.role.id).to.equal(UserRole.USER)
  })

  it('Should login Crash, create the user and use the token', async function () {
    {
      const body = await server.login.login({ user: { username: 'crash', password: 'crash password' } })
      crashAccessToken = body.access_token
      crashRefreshToken = body.refresh_token
    }

    {
      const body = await server.users.getMyInfo({ token: crashAccessToken })

      expect(body.username).to.equal('crash')
      expect(body.account.displayName).to.equal('Crash Bandicoot')
      expect(body.role.id).to.equal(UserRole.MODERATOR)
    }
  })

  it('Should login the first Laguna, create the user and use the token', async function () {
    {
      const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } })
      lagunaAccessToken = body.access_token
      lagunaRefreshToken = body.refresh_token
    }

    {
      const body = await server.users.getMyInfo({ token: lagunaAccessToken })

      expect(body.username).to.equal('laguna')
      expect(body.account.displayName).to.equal('Laguna Loire')
      expect(body.role.id).to.equal(UserRole.USER)

      lagunaId = body.id
    }
  })

  it('Should refresh crash token, but not laguna token', async function () {
    {
      const resRefresh = await server.login.refreshToken({ refreshToken: crashRefreshToken })
      crashAccessToken = resRefresh.body.access_token
      crashRefreshToken = resRefresh.body.refresh_token

      const body = await server.users.getMyInfo({ token: crashAccessToken })
      expect(body.username).to.equal('crash')
    }

    {
      await server.login.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    }
  })

  it('Should update Crash profile', async function () {
    await server.users.updateMe({
      token: crashAccessToken,
      displayName: 'Beautiful Crash',
      description: 'Mutant eastern barred bandicoot'
    })

    const body = await server.users.getMyInfo({ token: crashAccessToken })

    expect(body.account.displayName).to.equal('Beautiful Crash')
    expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
  })

  it('Should logout Crash', async function () {
    await server.login.logout({ token: crashAccessToken })
  })

  it('Should have logged out Crash', async function () {
    await server.servers.waitUntilLog('On logout for auth 1 - 2')

    await server.users.getMyInfo({ token: crashAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
  })

  it('Should login Crash and keep the old existing profile', async function () {
    crashAccessToken = await server.login.getAccessToken({ username: 'crash', password: 'crash password' })

    const body = await server.users.getMyInfo({ token: crashAccessToken })

    expect(body.username).to.equal('crash')
    expect(body.account.displayName).to.equal('Beautiful Crash')
    expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
    expect(body.role.id).to.equal(UserRole.MODERATOR)
  })

  it('Should login Laguna and update the profile', async function () {
    {
      await server.users.update({ userId: lagunaId, videoQuota: 43000, videoQuotaDaily: 43100 })
      await server.users.updateMe({ token: lagunaAccessToken, displayName: 'laguna updated' })

      const body = await server.users.getMyInfo({ token: lagunaAccessToken })
      expect(body.username).to.equal('laguna')
      expect(body.account.displayName).to.equal('laguna updated')
      expect(body.videoQuota).to.equal(43000)
      expect(body.videoQuotaDaily).to.equal(43100)
    }

    {
      const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } })
      lagunaAccessToken = body.access_token
      lagunaRefreshToken = body.refresh_token
    }

    {
      const body = await server.users.getMyInfo({ token: lagunaAccessToken })
      expect(body.username).to.equal('laguna')
      expect(body.account.displayName).to.equal('Laguna Loire')
      expect(body.videoQuota).to.equal(42000)
      expect(body.videoQuotaDaily).to.equal(43100)
    }
  })

  it('Should reject token of laguna by the plugin hook', async function () {
    await wait(5000)

    await server.users.getMyInfo({ token: lagunaAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
  })

  it('Should reject an invalid username, email, role or display name', async function () {
    const command = server.login

    await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    await server.servers.waitUntilLog('valid username')

    await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    await server.servers.waitUntilLog('valid displayName')

    await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    await server.servers.waitUntilLog('valid role')

    await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    await server.servers.waitUntilLog('valid email')
  })

  it('Should unregister spyro-auth and do not login existing Spyro', async function () {
    await server.plugins.updateSettings({
      npmName: 'peertube-plugin-test-id-pass-auth-one',
      settings: { disableSpyro: true }
    })

    const command = server.login
    await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  })

  it('Should have disabled this auth', async function () {
    const config = await server.config.getConfig()

    const auths = config.plugin.registeredIdAndPassAuths
    expect(auths).to.have.lengthOf(7)

    const spyroAuth = auths.find(a => a.authName === 'spyro-auth')
    expect(spyroAuth).to.not.exist
  })

  it('Should uninstall the plugin one and do not login existing Crash', async function () {
    await server.plugins.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' })

    await server.login.login({
      user: { username: 'crash', password: 'crash password' },
      expectedStatus: HttpStatusCode.BAD_REQUEST_400
    })
  })

  it('Should display the correct configuration', async function () {
    const config = await server.config.getConfig()

    const auths = config.plugin.registeredIdAndPassAuths
    expect(auths).to.have.lengthOf(6)

    const crashAuth = auths.find(a => a.authName === 'crash-auth')
    expect(crashAuth).to.not.exist
  })

  it('Should display plugin auth information in users list', async function () {
    const { data } = await server.users.list()

    const root = data.find(u => u.username === 'root')
    const crash = data.find(u => u.username === 'crash')
    const laguna = data.find(u => u.username === 'laguna')

    expect(root.pluginAuth).to.be.null
    expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one')
    expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two')
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Commit	Line	Data
7fed6375 C	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
7fed6375 C	2
ae2abfd3	3	import { expect } from 'chai'
c55e3d72	4	import { wait } from '@shared/core-utils'
4c7e60bc	5	import { HttpStatusCode, UserRole } from '@shared/models'
c55e3d72	6	import { cleanupTests, createSingleServer, PeerTubeServer, PluginsCommand, setAccessTokensToServers } from '@shared/server-commands'
7fed6375 C	7
7fed6375 C	8	describe('Test id and pass auth plugins', function () {
254d3579	9	let server: PeerTubeServer
e307e4fc C	10
	11	let crashAccessToken: string
	12	let crashRefreshToken: string
	13
	14	let lagunaAccessToken: string
	15	let lagunaRefreshToken: string
60b880ac	16	let lagunaId: number
7fed6375 C	17
	18	before(async function () {
	19	this.timeout(30000)
	20
254d3579	21	server = await createSingleServer(1)
7fed6375 C	22	await setAccessTokensToServers([ server ])
7fed6375 C	23
e1c55031	24	for (const suffix of [ 'one', 'two', 'three' ]) {
89d241a7	25	await server.plugins.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) })
e1c55031	26	}
7fed6375 C	27	})
7fed6375 C	28
9107d791	29	it('Should display the correct configuration', async function () {
89d241a7	30	const config = await server.config.getConfig()
9107d791 C	31
	32	const auths = config.plugin.registeredIdAndPassAuths
	33	expect(auths).to.have.lengthOf(8)
	34
	35	const crashAuth = auths.find(a => a.authName === 'crash-auth')
	36	expect(crashAuth).to.exist
	37	expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one')
	38	expect(crashAuth.weight).to.equal(50)
	39	})
	40
e1c55031	41	it('Should not login', async function () {
89d241a7	42	await server.login.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
7fed6375 C	43	})
7fed6375 C	44
e1c55031	45	it('Should login Spyro, create the user and use the token', async function () {
89d241a7	46	const accessToken = await server.login.getAccessToken({ username: 'spyro', password: 'spyro password' })
7fed6375	47
89d241a7	48	const body = await server.users.getMyInfo({ token: accessToken })
e1c55031	49
e1c55031 C	50	expect(body.username).to.equal('spyro')
e1c55031 C	51	expect(body.account.displayName).to.equal('Spyro the Dragon')
9e5cf66b	52	expect(body.role.id).to.equal(UserRole.USER)
7fed6375 C	53	})
7fed6375 C	54
e1c55031	55	it('Should login Crash, create the user and use the token', async function () {
e307e4fc	56	{
89d241a7	57	const body = await server.login.login({ user: { username: 'crash', password: 'crash password' } })
41d1d075 C	58	crashAccessToken = body.access_token
41d1d075 C	59	crashRefreshToken = body.refresh_token
e307e4fc	60	}
e1c55031	61
e307e4fc	62	{
89d241a7	63	const body = await server.users.getMyInfo({ token: crashAccessToken })
7fed6375	64
e307e4fc C	65	expect(body.username).to.equal('crash')
e307e4fc C	66	expect(body.account.displayName).to.equal('Crash Bandicoot')
9e5cf66b	67	expect(body.role.id).to.equal(UserRole.MODERATOR)
e307e4fc	68	}
7fed6375 C	69	})
7fed6375 C	70
e1c55031	71	it('Should login the first Laguna, create the user and use the token', async function () {
e307e4fc	72	{
89d241a7	73	const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } })
41d1d075 C	74	lagunaAccessToken = body.access_token
41d1d075 C	75	lagunaRefreshToken = body.refresh_token
e307e4fc	76	}
7fed6375	77
e307e4fc	78	{
89d241a7	79	const body = await server.users.getMyInfo({ token: lagunaAccessToken })
e1c55031	80
e307e4fc	81	expect(body.username).to.equal('laguna')
60b880ac	82	expect(body.account.displayName).to.equal('Laguna Loire')
9e5cf66b	83	expect(body.role.id).to.equal(UserRole.USER)
60b880ac C	84
60b880ac C	85	lagunaId = body.id
e307e4fc C	86	}
	87	})
	88
	89	it('Should refresh crash token, but not laguna token', async function () {
	90	{
89d241a7	91	const resRefresh = await server.login.refreshToken({ refreshToken: crashRefreshToken })
e307e4fc C	92	crashAccessToken = resRefresh.body.access_token
	93	crashRefreshToken = resRefresh.body.refresh_token
	94
89d241a7	95	const body = await server.users.getMyInfo({ token: crashAccessToken })
7926c5f9	96	expect(body.username).to.equal('crash')
e307e4fc C	97	}
	98
	99	{
89d241a7	100	await server.login.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
e307e4fc	101	}
7fed6375 C	102	})
	103
	104	it('Should update Crash profile', async function () {
89d241a7	105	await server.users.updateMe({
7926c5f9	106	token: crashAccessToken,
e1c55031 C	107	displayName: 'Beautiful Crash',
	108	description: 'Mutant eastern barred bandicoot'
	109	})
7fed6375	110
89d241a7	111	const body = await server.users.getMyInfo({ token: crashAccessToken })
e1c55031	112
e1c55031 C	113	expect(body.account.displayName).to.equal('Beautiful Crash')
e1c55031 C	114	expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
7fed6375 C	115	})
	116
	117	it('Should logout Crash', async function () {
89d241a7	118	await server.login.logout({ token: crashAccessToken })
7fed6375 C	119	})
7fed6375 C	120
e1c55031	121	it('Should have logged out Crash', async function () {
89d241a7	122	await server.servers.waitUntilLog('On logout for auth 1 - 2')
e307e4fc	123
89d241a7	124	await server.users.getMyInfo({ token: crashAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
7fed6375 C	125	})
	126
	127	it('Should login Crash and keep the old existing profile', async function () {
89d241a7	128	crashAccessToken = await server.login.getAccessToken({ username: 'crash', password: 'crash password' })
7fed6375	129
89d241a7	130	const body = await server.users.getMyInfo({ token: crashAccessToken })
e1c55031	131
e1c55031 C	132	expect(body.username).to.equal('crash')
	133	expect(body.account.displayName).to.equal('Beautiful Crash')
	134	expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
9e5cf66b	135	expect(body.role.id).to.equal(UserRole.MODERATOR)
7fed6375 C	136	})
7fed6375 C	137
60b880ac C	138	it('Should login Laguna and update the profile', async function () {
	139	{
	140	await server.users.update({ userId: lagunaId, videoQuota: 43000, videoQuotaDaily: 43100 })
	141	await server.users.updateMe({ token: lagunaAccessToken, displayName: 'laguna updated' })
	142
	143	const body = await server.users.getMyInfo({ token: lagunaAccessToken })
	144	expect(body.username).to.equal('laguna')
	145	expect(body.account.displayName).to.equal('laguna updated')
	146	expect(body.videoQuota).to.equal(43000)
	147	expect(body.videoQuotaDaily).to.equal(43100)
	148	}
	149
	150	{
	151	const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } })
	152	lagunaAccessToken = body.access_token
	153	lagunaRefreshToken = body.refresh_token
	154	}
	155
	156	{
	157	const body = await server.users.getMyInfo({ token: lagunaAccessToken })
	158	expect(body.username).to.equal('laguna')
	159	expect(body.account.displayName).to.equal('Laguna Loire')
	160	expect(body.videoQuota).to.equal(42000)
	161	expect(body.videoQuotaDaily).to.equal(43100)
	162	}
	163	})
	164
055cfb11	165	it('Should reject token of laguna by the plugin hook', async function () {
e307e4fc C	166	await wait(5000)
e307e4fc C	167
89d241a7	168	await server.users.getMyInfo({ token: lagunaAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
e307e4fc C	169	})
e307e4fc C	170
98813e69	171	it('Should reject an invalid username, email, role or display name', async function () {
89d241a7	172	const command = server.login
41d1d075 C	173
41d1d075 C	174	await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
89d241a7	175	await server.servers.waitUntilLog('valid username')
98813e69	176
41d1d075	177	await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
60b880ac	178	await server.servers.waitUntilLog('valid displayName')
98813e69	179
41d1d075	180	await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
89d241a7	181	await server.servers.waitUntilLog('valid role')
98813e69	182
41d1d075	183	await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
89d241a7	184	await server.servers.waitUntilLog('valid email')
98813e69 C	185	})
98813e69 C	186
a4995eb7	187	it('Should unregister spyro-auth and do not login existing Spyro', async function () {
89d241a7	188	await server.plugins.updateSettings({
a4995eb7 C	189	npmName: 'peertube-plugin-test-id-pass-auth-one',
	190	settings: { disableSpyro: true }
	191	})
	192
89d241a7	193	const command = server.login
41d1d075 C	194	await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
41d1d075 C	195	await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
a4995eb7 C	196	})
	197
	198	it('Should have disabled this auth', async function () {
89d241a7	199	const config = await server.config.getConfig()
a4995eb7 C	200
	201	const auths = config.plugin.registeredIdAndPassAuths
	202	expect(auths).to.have.lengthOf(7)
	203
	204	const spyroAuth = auths.find(a => a.authName === 'spyro-auth')
	205	expect(spyroAuth).to.not.exist
	206	})
	207
7fed6375	208	it('Should uninstall the plugin one and do not login existing Crash', async function () {
89d241a7	209	await server.plugins.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' })
7fed6375	210
89d241a7	211	await server.login.login({
41d1d075 C	212	user: { username: 'crash', password: 'crash password' },
	213	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	214	})
7fed6375 C	215	})
7fed6375 C	216
9107d791	217	it('Should display the correct configuration', async function () {
89d241a7	218	const config = await server.config.getConfig()
9107d791 C	219
	220	const auths = config.plugin.registeredIdAndPassAuths
	221	expect(auths).to.have.lengthOf(6)
	222
	223	const crashAuth = auths.find(a => a.authName === 'crash-auth')
	224	expect(crashAuth).to.not.exist
	225	})
	226
8bb71f2e	227	it('Should display plugin auth information in users list', async function () {
89d241a7	228	const { data } = await server.users.list()
8bb71f2e	229
7926c5f9 C	230	const root = data.find(u => u.username === 'root')
	231	const crash = data.find(u => u.username === 'crash')
	232	const laguna = data.find(u => u.username === 'laguna')
8bb71f2e C	233
	234	expect(root.pluginAuth).to.be.null
	235	expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one')
	236	expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two')
	237	})
	238
7fed6375 C	239	after(async function () {
	240	await cleanupTests([ server ])
	241	})
	242	})