]>
Commit | Line | Data |
---|---|---|
7fed6375 C |
1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ |
2 | ||
3 | import 'mocha' | |
ae2abfd3 | 4 | import { expect } from 'chai' |
41d1d075 | 5 | import { HttpStatusCode } from '@shared/core-utils' |
e1c55031 | 6 | import { |
ae2abfd3 C |
7 | cleanupTests, |
8 | flushAndRunServer, | |
e1c55031 | 9 | getMyUserInformation, |
ae2abfd3 | 10 | getUsersList, |
ae2abfd3 | 11 | PluginsCommand, |
ae2abfd3 | 12 | ServerInfo, |
e1c55031 | 13 | setAccessTokensToServers, |
e1c55031 | 14 | updateMyUser, |
6c5065a0 | 15 | wait |
ae2abfd3 | 16 | } from '@shared/extra-utils' |
65e6e260 | 17 | import { User, UserRole } from '@shared/models' |
7fed6375 C |
18 | |
19 | describe('Test id and pass auth plugins', function () { | |
20 | let server: ServerInfo | |
e307e4fc C |
21 | |
22 | let crashAccessToken: string | |
23 | let crashRefreshToken: string | |
24 | ||
25 | let lagunaAccessToken: string | |
26 | let lagunaRefreshToken: string | |
7fed6375 C |
27 | |
28 | before(async function () { | |
29 | this.timeout(30000) | |
30 | ||
31 | server = await flushAndRunServer(1) | |
32 | await setAccessTokensToServers([ server ]) | |
33 | ||
e1c55031 | 34 | for (const suffix of [ 'one', 'two', 'three' ]) { |
ae2abfd3 | 35 | await server.pluginsCommand.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) }) |
e1c55031 | 36 | } |
7fed6375 C |
37 | }) |
38 | ||
9107d791 | 39 | it('Should display the correct configuration', async function () { |
65e6e260 | 40 | const config = await server.configCommand.getConfig() |
9107d791 C |
41 | |
42 | const auths = config.plugin.registeredIdAndPassAuths | |
43 | expect(auths).to.have.lengthOf(8) | |
44 | ||
45 | const crashAuth = auths.find(a => a.authName === 'crash-auth') | |
46 | expect(crashAuth).to.exist | |
47 | expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one') | |
48 | expect(crashAuth.weight).to.equal(50) | |
49 | }) | |
50 | ||
e1c55031 | 51 | it('Should not login', async function () { |
41d1d075 | 52 | await server.loginCommand.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
7fed6375 C |
53 | }) |
54 | ||
e1c55031 | 55 | it('Should login Spyro, create the user and use the token', async function () { |
41d1d075 | 56 | const accessToken = await server.loginCommand.getAccessToken({ username: 'spyro', password: 'spyro password' }) |
7fed6375 | 57 | |
e1c55031 C |
58 | const res = await getMyUserInformation(server.url, accessToken) |
59 | ||
60 | const body: User = res.body | |
61 | expect(body.username).to.equal('spyro') | |
62 | expect(body.account.displayName).to.equal('Spyro the Dragon') | |
63 | expect(body.role).to.equal(UserRole.USER) | |
7fed6375 C |
64 | }) |
65 | ||
e1c55031 | 66 | it('Should login Crash, create the user and use the token', async function () { |
e307e4fc | 67 | { |
41d1d075 C |
68 | const body = await server.loginCommand.login({ user: { username: 'crash', password: 'crash password' } }) |
69 | crashAccessToken = body.access_token | |
70 | crashRefreshToken = body.refresh_token | |
e307e4fc | 71 | } |
e1c55031 | 72 | |
e307e4fc C |
73 | { |
74 | const res = await getMyUserInformation(server.url, crashAccessToken) | |
7fed6375 | 75 | |
e307e4fc C |
76 | const body: User = res.body |
77 | expect(body.username).to.equal('crash') | |
78 | expect(body.account.displayName).to.equal('Crash Bandicoot') | |
79 | expect(body.role).to.equal(UserRole.MODERATOR) | |
80 | } | |
7fed6375 C |
81 | }) |
82 | ||
e1c55031 | 83 | it('Should login the first Laguna, create the user and use the token', async function () { |
e307e4fc | 84 | { |
41d1d075 C |
85 | const body = await server.loginCommand.login({ user: { username: 'laguna', password: 'laguna password' } }) |
86 | lagunaAccessToken = body.access_token | |
87 | lagunaRefreshToken = body.refresh_token | |
e307e4fc | 88 | } |
7fed6375 | 89 | |
e307e4fc C |
90 | { |
91 | const res = await getMyUserInformation(server.url, lagunaAccessToken) | |
e1c55031 | 92 | |
e307e4fc C |
93 | const body: User = res.body |
94 | expect(body.username).to.equal('laguna') | |
95 | expect(body.account.displayName).to.equal('laguna') | |
96 | expect(body.role).to.equal(UserRole.USER) | |
97 | } | |
98 | }) | |
99 | ||
100 | it('Should refresh crash token, but not laguna token', async function () { | |
101 | { | |
41d1d075 | 102 | const resRefresh = await server.loginCommand.refreshToken({ refreshToken: crashRefreshToken }) |
e307e4fc C |
103 | crashAccessToken = resRefresh.body.access_token |
104 | crashRefreshToken = resRefresh.body.refresh_token | |
105 | ||
106 | const res = await getMyUserInformation(server.url, crashAccessToken) | |
107 | const user: User = res.body | |
108 | expect(user.username).to.equal('crash') | |
109 | } | |
110 | ||
111 | { | |
41d1d075 | 112 | await server.loginCommand.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
e307e4fc | 113 | } |
7fed6375 C |
114 | }) |
115 | ||
116 | it('Should update Crash profile', async function () { | |
e1c55031 C |
117 | await updateMyUser({ |
118 | url: server.url, | |
e307e4fc | 119 | accessToken: crashAccessToken, |
e1c55031 C |
120 | displayName: 'Beautiful Crash', |
121 | description: 'Mutant eastern barred bandicoot' | |
122 | }) | |
7fed6375 | 123 | |
e307e4fc | 124 | const res = await getMyUserInformation(server.url, crashAccessToken) |
e1c55031 C |
125 | |
126 | const body: User = res.body | |
127 | expect(body.account.displayName).to.equal('Beautiful Crash') | |
128 | expect(body.account.description).to.equal('Mutant eastern barred bandicoot') | |
7fed6375 C |
129 | }) |
130 | ||
131 | it('Should logout Crash', async function () { | |
41d1d075 | 132 | await server.loginCommand.logout({ token: crashAccessToken }) |
7fed6375 C |
133 | }) |
134 | ||
e1c55031 | 135 | it('Should have logged out Crash', async function () { |
6c5065a0 | 136 | await server.serversCommand.waitUntilLog('On logout for auth 1 - 2') |
e307e4fc C |
137 | |
138 | await getMyUserInformation(server.url, crashAccessToken, 401) | |
7fed6375 C |
139 | }) |
140 | ||
141 | it('Should login Crash and keep the old existing profile', async function () { | |
41d1d075 | 142 | crashAccessToken = await server.loginCommand.getAccessToken({ username: 'crash', password: 'crash password' }) |
7fed6375 | 143 | |
e307e4fc | 144 | const res = await getMyUserInformation(server.url, crashAccessToken) |
e1c55031 C |
145 | |
146 | const body: User = res.body | |
147 | expect(body.username).to.equal('crash') | |
148 | expect(body.account.displayName).to.equal('Beautiful Crash') | |
149 | expect(body.account.description).to.equal('Mutant eastern barred bandicoot') | |
150 | expect(body.role).to.equal(UserRole.MODERATOR) | |
7fed6375 C |
151 | }) |
152 | ||
055cfb11 | 153 | it('Should reject token of laguna by the plugin hook', async function () { |
e307e4fc C |
154 | this.timeout(10000) |
155 | ||
156 | await wait(5000) | |
157 | ||
158 | await getMyUserInformation(server.url, lagunaAccessToken, 401) | |
159 | }) | |
160 | ||
98813e69 | 161 | it('Should reject an invalid username, email, role or display name', async function () { |
41d1d075 C |
162 | const command = server.loginCommand |
163 | ||
164 | await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
6c5065a0 | 165 | await server.serversCommand.waitUntilLog('valid username') |
98813e69 | 166 | |
41d1d075 | 167 | await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
6c5065a0 | 168 | await server.serversCommand.waitUntilLog('valid display name') |
98813e69 | 169 | |
41d1d075 | 170 | await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
6c5065a0 | 171 | await server.serversCommand.waitUntilLog('valid role') |
98813e69 | 172 | |
41d1d075 | 173 | await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
6c5065a0 | 174 | await server.serversCommand.waitUntilLog('valid email') |
98813e69 C |
175 | }) |
176 | ||
a4995eb7 | 177 | it('Should unregister spyro-auth and do not login existing Spyro', async function () { |
ae2abfd3 | 178 | await server.pluginsCommand.updateSettings({ |
a4995eb7 C |
179 | npmName: 'peertube-plugin-test-id-pass-auth-one', |
180 | settings: { disableSpyro: true } | |
181 | }) | |
182 | ||
41d1d075 C |
183 | const command = server.loginCommand |
184 | await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
185 | await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
a4995eb7 C |
186 | }) |
187 | ||
188 | it('Should have disabled this auth', async function () { | |
65e6e260 | 189 | const config = await server.configCommand.getConfig() |
a4995eb7 C |
190 | |
191 | const auths = config.plugin.registeredIdAndPassAuths | |
192 | expect(auths).to.have.lengthOf(7) | |
193 | ||
194 | const spyroAuth = auths.find(a => a.authName === 'spyro-auth') | |
195 | expect(spyroAuth).to.not.exist | |
196 | }) | |
197 | ||
7fed6375 | 198 | it('Should uninstall the plugin one and do not login existing Crash', async function () { |
ae2abfd3 | 199 | await server.pluginsCommand.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' }) |
7fed6375 | 200 | |
41d1d075 C |
201 | await server.loginCommand.login({ |
202 | user: { username: 'crash', password: 'crash password' }, | |
203 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
204 | }) | |
7fed6375 C |
205 | }) |
206 | ||
9107d791 | 207 | it('Should display the correct configuration', async function () { |
65e6e260 | 208 | const config = await server.configCommand.getConfig() |
9107d791 C |
209 | |
210 | const auths = config.plugin.registeredIdAndPassAuths | |
211 | expect(auths).to.have.lengthOf(6) | |
212 | ||
213 | const crashAuth = auths.find(a => a.authName === 'crash-auth') | |
214 | expect(crashAuth).to.not.exist | |
215 | }) | |
216 | ||
8bb71f2e C |
217 | it('Should display plugin auth information in users list', async function () { |
218 | const res = await getUsersList(server.url, server.accessToken) | |
219 | ||
220 | const users: User[] = res.body.data | |
221 | ||
222 | const root = users.find(u => u.username === 'root') | |
223 | const crash = users.find(u => u.username === 'crash') | |
224 | const laguna = users.find(u => u.username === 'laguna') | |
225 | ||
226 | expect(root.pluginAuth).to.be.null | |
227 | expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one') | |
228 | expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two') | |
229 | }) | |
230 | ||
7fed6375 C |
231 | after(async function () { |
232 | await cleanupTests([ server ]) | |
233 | }) | |
234 | }) |