[github/Chocobozzz/PeerTube.git] / server / tests / plugins / id-and-pass-auth.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import { expect } from 'chai'
import { HttpStatusCode } from '@shared/core-utils'
import {
  cleanupTests,
  flushAndRunServer,
  getMyUserInformation,
  getUsersList,
  PluginsCommand,
  ServerInfo,
  setAccessTokensToServers,
  updateMyUser,
  wait
} from '@shared/extra-utils'
import { User, UserRole } from '@shared/models'

describe('Test id and pass auth plugins', function () {
  let server: ServerInfo

  let crashAccessToken: string
  let crashRefreshToken: string

  let lagunaAccessToken: string
  let lagunaRefreshToken: string

  before(async function () {
    this.timeout(30000)

    server = await flushAndRunServer(1)
    await setAccessTokensToServers([ server ])

    for (const suffix of [ 'one', 'two', 'three' ]) {
      await server.pluginsCommand.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) })
    }
  })

  it('Should display the correct configuration', async function () {
    const config = await server.configCommand.getConfig()

    const auths = config.plugin.registeredIdAndPassAuths
    expect(auths).to.have.lengthOf(8)

    const crashAuth = auths.find(a => a.authName === 'crash-auth')
    expect(crashAuth).to.exist
    expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one')
    expect(crashAuth.weight).to.equal(50)
  })

  it('Should not login', async function () {
    await server.loginCommand.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  })

  it('Should login Spyro, create the user and use the token', async function () {
    const accessToken = await server.loginCommand.getAccessToken({ username: 'spyro', password: 'spyro password' })

    const res = await getMyUserInformation(server.url, accessToken)

    const body: User = res.body
    expect(body.username).to.equal('spyro')
    expect(body.account.displayName).to.equal('Spyro the Dragon')
    expect(body.role).to.equal(UserRole.USER)
  })

  it('Should login Crash, create the user and use the token', async function () {
    {
      const body = await server.loginCommand.login({ user: { username: 'crash', password: 'crash password' } })
      crashAccessToken = body.access_token
      crashRefreshToken = body.refresh_token
    }

    {
      const res = await getMyUserInformation(server.url, crashAccessToken)

      const body: User = res.body
      expect(body.username).to.equal('crash')
      expect(body.account.displayName).to.equal('Crash Bandicoot')
      expect(body.role).to.equal(UserRole.MODERATOR)
    }
  })

  it('Should login the first Laguna, create the user and use the token', async function () {
    {
      const body = await server.loginCommand.login({ user: { username: 'laguna', password: 'laguna password' } })
      lagunaAccessToken = body.access_token
      lagunaRefreshToken = body.refresh_token
    }

    {
      const res = await getMyUserInformation(server.url, lagunaAccessToken)

      const body: User = res.body
      expect(body.username).to.equal('laguna')
      expect(body.account.displayName).to.equal('laguna')
      expect(body.role).to.equal(UserRole.USER)
    }
  })

  it('Should refresh crash token, but not laguna token', async function () {
    {
      const resRefresh = await server.loginCommand.refreshToken({ refreshToken: crashRefreshToken })
      crashAccessToken = resRefresh.body.access_token
      crashRefreshToken = resRefresh.body.refresh_token

      const res = await getMyUserInformation(server.url, crashAccessToken)
      const user: User = res.body
      expect(user.username).to.equal('crash')
    }

    {
      await server.loginCommand.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    }
  })

  it('Should update Crash profile', async function () {
    await updateMyUser({
      url: server.url,
      accessToken: crashAccessToken,
      displayName: 'Beautiful Crash',
      description: 'Mutant eastern barred bandicoot'
    })

    const res = await getMyUserInformation(server.url, crashAccessToken)

    const body: User = res.body
    expect(body.account.displayName).to.equal('Beautiful Crash')
    expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
  })

  it('Should logout Crash', async function () {
    await server.loginCommand.logout({ token: crashAccessToken })
  })

  it('Should have logged out Crash', async function () {
    await server.serversCommand.waitUntilLog('On logout for auth 1 - 2')

    await getMyUserInformation(server.url, crashAccessToken, 401)
  })

  it('Should login Crash and keep the old existing profile', async function () {
    crashAccessToken = await server.loginCommand.getAccessToken({ username: 'crash', password: 'crash password' })

    const res = await getMyUserInformation(server.url, crashAccessToken)

    const body: User = res.body
    expect(body.username).to.equal('crash')
    expect(body.account.displayName).to.equal('Beautiful Crash')
    expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
    expect(body.role).to.equal(UserRole.MODERATOR)
  })

  it('Should reject token of laguna by the plugin hook', async function () {
    this.timeout(10000)

    await wait(5000)

    await getMyUserInformation(server.url, lagunaAccessToken, 401)
  })

  it('Should reject an invalid username, email, role or display name', async function () {
    const command = server.loginCommand

    await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    await server.serversCommand.waitUntilLog('valid username')

    await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    await server.serversCommand.waitUntilLog('valid display name')

    await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    await server.serversCommand.waitUntilLog('valid role')

    await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    await server.serversCommand.waitUntilLog('valid email')
  })

  it('Should unregister spyro-auth and do not login existing Spyro', async function () {
    await server.pluginsCommand.updateSettings({
      npmName: 'peertube-plugin-test-id-pass-auth-one',
      settings: { disableSpyro: true }
    })

    const command = server.loginCommand
    await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  })

  it('Should have disabled this auth', async function () {
    const config = await server.configCommand.getConfig()

    const auths = config.plugin.registeredIdAndPassAuths
    expect(auths).to.have.lengthOf(7)

    const spyroAuth = auths.find(a => a.authName === 'spyro-auth')
    expect(spyroAuth).to.not.exist
  })

  it('Should uninstall the plugin one and do not login existing Crash', async function () {
    await server.pluginsCommand.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' })

    await server.loginCommand.login({
      user: { username: 'crash', password: 'crash password' },
      expectedStatus: HttpStatusCode.BAD_REQUEST_400
    })
  })

  it('Should display the correct configuration', async function () {
    const config = await server.configCommand.getConfig()

    const auths = config.plugin.registeredIdAndPassAuths
    expect(auths).to.have.lengthOf(6)

    const crashAuth = auths.find(a => a.authName === 'crash-auth')
    expect(crashAuth).to.not.exist
  })

  it('Should display plugin auth information in users list', async function () {
    const res = await getUsersList(server.url, server.accessToken)

    const users: User[] = res.body.data

    const root = users.find(u => u.username === 'root')
    const crash = users.find(u => u.username === 'crash')
    const laguna = users.find(u => u.username === 'laguna')

    expect(root.pluginAuth).to.be.null
    expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one')
    expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two')
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Commit	Line	Data
7fed6375 C	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import 'mocha'
ae2abfd3	4	import { expect } from 'chai'
41d1d075	5	import { HttpStatusCode } from '@shared/core-utils'
e1c55031	6	import {
ae2abfd3 C	7	cleanupTests,
ae2abfd3 C	8	flushAndRunServer,
e1c55031	9	getMyUserInformation,
ae2abfd3	10	getUsersList,
ae2abfd3	11	PluginsCommand,
ae2abfd3	12	ServerInfo,
e1c55031	13	setAccessTokensToServers,
e1c55031	14	updateMyUser,
6c5065a0	15	wait
ae2abfd3	16	} from '@shared/extra-utils'
65e6e260	17	import { User, UserRole } from '@shared/models'
7fed6375 C	18
	19	describe('Test id and pass auth plugins', function () {
	20	let server: ServerInfo
e307e4fc C	21
	22	let crashAccessToken: string
	23	let crashRefreshToken: string
	24
	25	let lagunaAccessToken: string
	26	let lagunaRefreshToken: string
7fed6375 C	27
	28	before(async function () {
	29	this.timeout(30000)
	30
	31	server = await flushAndRunServer(1)
	32	await setAccessTokensToServers([ server ])
	33
e1c55031	34	for (const suffix of [ 'one', 'two', 'three' ]) {
ae2abfd3	35	await server.pluginsCommand.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) })
e1c55031	36	}
7fed6375 C	37	})
7fed6375 C	38
9107d791	39	it('Should display the correct configuration', async function () {
65e6e260	40	const config = await server.configCommand.getConfig()
9107d791 C	41
	42	const auths = config.plugin.registeredIdAndPassAuths
	43	expect(auths).to.have.lengthOf(8)
	44
	45	const crashAuth = auths.find(a => a.authName === 'crash-auth')
	46	expect(crashAuth).to.exist
	47	expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one')
	48	expect(crashAuth.weight).to.equal(50)
	49	})
	50
e1c55031	51	it('Should not login', async function () {
41d1d075	52	await server.loginCommand.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
7fed6375 C	53	})
7fed6375 C	54
e1c55031	55	it('Should login Spyro, create the user and use the token', async function () {
41d1d075	56	const accessToken = await server.loginCommand.getAccessToken({ username: 'spyro', password: 'spyro password' })
7fed6375	57
e1c55031 C	58	const res = await getMyUserInformation(server.url, accessToken)
	59
	60	const body: User = res.body
	61	expect(body.username).to.equal('spyro')
	62	expect(body.account.displayName).to.equal('Spyro the Dragon')
	63	expect(body.role).to.equal(UserRole.USER)
7fed6375 C	64	})
7fed6375 C	65
e1c55031	66	it('Should login Crash, create the user and use the token', async function () {
e307e4fc	67	{
41d1d075 C	68	const body = await server.loginCommand.login({ user: { username: 'crash', password: 'crash password' } })
	69	crashAccessToken = body.access_token
	70	crashRefreshToken = body.refresh_token
e307e4fc	71	}
e1c55031	72
e307e4fc C	73	{
e307e4fc C	74	const res = await getMyUserInformation(server.url, crashAccessToken)
7fed6375	75
e307e4fc C	76	const body: User = res.body
	77	expect(body.username).to.equal('crash')
	78	expect(body.account.displayName).to.equal('Crash Bandicoot')
	79	expect(body.role).to.equal(UserRole.MODERATOR)
	80	}
7fed6375 C	81	})
7fed6375 C	82
e1c55031	83	it('Should login the first Laguna, create the user and use the token', async function () {
e307e4fc	84	{
41d1d075 C	85	const body = await server.loginCommand.login({ user: { username: 'laguna', password: 'laguna password' } })
	86	lagunaAccessToken = body.access_token
	87	lagunaRefreshToken = body.refresh_token
e307e4fc	88	}
7fed6375	89
e307e4fc C	90	{
e307e4fc C	91	const res = await getMyUserInformation(server.url, lagunaAccessToken)
e1c55031	92
e307e4fc C	93	const body: User = res.body
	94	expect(body.username).to.equal('laguna')
	95	expect(body.account.displayName).to.equal('laguna')
	96	expect(body.role).to.equal(UserRole.USER)
	97	}
	98	})
	99
	100	it('Should refresh crash token, but not laguna token', async function () {
	101	{
41d1d075	102	const resRefresh = await server.loginCommand.refreshToken({ refreshToken: crashRefreshToken })
e307e4fc C	103	crashAccessToken = resRefresh.body.access_token
	104	crashRefreshToken = resRefresh.body.refresh_token
	105
	106	const res = await getMyUserInformation(server.url, crashAccessToken)
	107	const user: User = res.body
	108	expect(user.username).to.equal('crash')
	109	}
	110
	111	{
41d1d075	112	await server.loginCommand.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
e307e4fc	113	}
7fed6375 C	114	})
	115
	116	it('Should update Crash profile', async function () {
e1c55031 C	117	await updateMyUser({
e1c55031 C	118	url: server.url,
e307e4fc	119	accessToken: crashAccessToken,
e1c55031 C	120	displayName: 'Beautiful Crash',
	121	description: 'Mutant eastern barred bandicoot'
	122	})
7fed6375	123
e307e4fc	124	const res = await getMyUserInformation(server.url, crashAccessToken)
e1c55031 C	125
	126	const body: User = res.body
	127	expect(body.account.displayName).to.equal('Beautiful Crash')
	128	expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
7fed6375 C	129	})
	130
	131	it('Should logout Crash', async function () {
41d1d075	132	await server.loginCommand.logout({ token: crashAccessToken })
7fed6375 C	133	})
7fed6375 C	134
e1c55031	135	it('Should have logged out Crash', async function () {
6c5065a0	136	await server.serversCommand.waitUntilLog('On logout for auth 1 - 2')
e307e4fc C	137
e307e4fc C	138	await getMyUserInformation(server.url, crashAccessToken, 401)
7fed6375 C	139	})
	140
	141	it('Should login Crash and keep the old existing profile', async function () {
41d1d075	142	crashAccessToken = await server.loginCommand.getAccessToken({ username: 'crash', password: 'crash password' })
7fed6375	143
e307e4fc	144	const res = await getMyUserInformation(server.url, crashAccessToken)
e1c55031 C	145
	146	const body: User = res.body
	147	expect(body.username).to.equal('crash')
	148	expect(body.account.displayName).to.equal('Beautiful Crash')
	149	expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
	150	expect(body.role).to.equal(UserRole.MODERATOR)
7fed6375 C	151	})
7fed6375 C	152
055cfb11	153	it('Should reject token of laguna by the plugin hook', async function () {
e307e4fc C	154	this.timeout(10000)
	155
	156	await wait(5000)
	157
	158	await getMyUserInformation(server.url, lagunaAccessToken, 401)
	159	})
	160
98813e69	161	it('Should reject an invalid username, email, role or display name', async function () {
41d1d075 C	162	const command = server.loginCommand
	163
	164	await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
6c5065a0	165	await server.serversCommand.waitUntilLog('valid username')
98813e69	166
41d1d075	167	await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
6c5065a0	168	await server.serversCommand.waitUntilLog('valid display name')
98813e69	169
41d1d075	170	await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
6c5065a0	171	await server.serversCommand.waitUntilLog('valid role')
98813e69	172
41d1d075	173	await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
6c5065a0	174	await server.serversCommand.waitUntilLog('valid email')
98813e69 C	175	})
98813e69 C	176
a4995eb7	177	it('Should unregister spyro-auth and do not login existing Spyro', async function () {
ae2abfd3	178	await server.pluginsCommand.updateSettings({
a4995eb7 C	179	npmName: 'peertube-plugin-test-id-pass-auth-one',
	180	settings: { disableSpyro: true }
	181	})
	182
41d1d075 C	183	const command = server.loginCommand
	184	await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
	185	await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
a4995eb7 C	186	})
	187
	188	it('Should have disabled this auth', async function () {
65e6e260	189	const config = await server.configCommand.getConfig()
a4995eb7 C	190
	191	const auths = config.plugin.registeredIdAndPassAuths
	192	expect(auths).to.have.lengthOf(7)
	193
	194	const spyroAuth = auths.find(a => a.authName === 'spyro-auth')
	195	expect(spyroAuth).to.not.exist
	196	})
	197
7fed6375	198	it('Should uninstall the plugin one and do not login existing Crash', async function () {
ae2abfd3	199	await server.pluginsCommand.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' })
7fed6375	200
41d1d075 C	201	await server.loginCommand.login({
	202	user: { username: 'crash', password: 'crash password' },
	203	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	204	})
7fed6375 C	205	})
7fed6375 C	206
9107d791	207	it('Should display the correct configuration', async function () {
65e6e260	208	const config = await server.configCommand.getConfig()
9107d791 C	209
	210	const auths = config.plugin.registeredIdAndPassAuths
	211	expect(auths).to.have.lengthOf(6)
	212
	213	const crashAuth = auths.find(a => a.authName === 'crash-auth')
	214	expect(crashAuth).to.not.exist
	215	})
	216
8bb71f2e C	217	it('Should display plugin auth information in users list', async function () {
	218	const res = await getUsersList(server.url, server.accessToken)
	219
	220	const users: User[] = res.body.data
	221
	222	const root = users.find(u => u.username === 'root')
	223	const crash = users.find(u => u.username === 'crash')
	224	const laguna = users.find(u => u.username === 'laguna')
	225
	226	expect(root.pluginAuth).to.be.null
	227	expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one')
	228	expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two')
	229	})
	230
7fed6375 C	231	after(async function () {
	232	await cleanupTests([ server ])
	233	})
	234	})