]>
Commit | Line | Data |
---|---|---|
1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ | |
2 | ||
3 | import 'mocha' | |
4 | import { expect } from 'chai' | |
5 | import { wait } from '@shared/core-utils' | |
6 | import { HttpStatusCode, UserRole } from '@shared/models' | |
7 | import { cleanupTests, createSingleServer, PeerTubeServer, PluginsCommand, setAccessTokensToServers } from '@shared/server-commands' | |
8 | ||
9 | describe('Test id and pass auth plugins', function () { | |
10 | let server: PeerTubeServer | |
11 | ||
12 | let crashAccessToken: string | |
13 | let crashRefreshToken: string | |
14 | ||
15 | let lagunaAccessToken: string | |
16 | let lagunaRefreshToken: string | |
17 | ||
18 | before(async function () { | |
19 | this.timeout(30000) | |
20 | ||
21 | server = await createSingleServer(1) | |
22 | await setAccessTokensToServers([ server ]) | |
23 | ||
24 | for (const suffix of [ 'one', 'two', 'three' ]) { | |
25 | await server.plugins.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) }) | |
26 | } | |
27 | }) | |
28 | ||
29 | it('Should display the correct configuration', async function () { | |
30 | const config = await server.config.getConfig() | |
31 | ||
32 | const auths = config.plugin.registeredIdAndPassAuths | |
33 | expect(auths).to.have.lengthOf(8) | |
34 | ||
35 | const crashAuth = auths.find(a => a.authName === 'crash-auth') | |
36 | expect(crashAuth).to.exist | |
37 | expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one') | |
38 | expect(crashAuth.weight).to.equal(50) | |
39 | }) | |
40 | ||
41 | it('Should not login', async function () { | |
42 | await server.login.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
43 | }) | |
44 | ||
45 | it('Should login Spyro, create the user and use the token', async function () { | |
46 | const accessToken = await server.login.getAccessToken({ username: 'spyro', password: 'spyro password' }) | |
47 | ||
48 | const body = await server.users.getMyInfo({ token: accessToken }) | |
49 | ||
50 | expect(body.username).to.equal('spyro') | |
51 | expect(body.account.displayName).to.equal('Spyro the Dragon') | |
52 | expect(body.role).to.equal(UserRole.USER) | |
53 | }) | |
54 | ||
55 | it('Should login Crash, create the user and use the token', async function () { | |
56 | { | |
57 | const body = await server.login.login({ user: { username: 'crash', password: 'crash password' } }) | |
58 | crashAccessToken = body.access_token | |
59 | crashRefreshToken = body.refresh_token | |
60 | } | |
61 | ||
62 | { | |
63 | const body = await server.users.getMyInfo({ token: crashAccessToken }) | |
64 | ||
65 | expect(body.username).to.equal('crash') | |
66 | expect(body.account.displayName).to.equal('Crash Bandicoot') | |
67 | expect(body.role).to.equal(UserRole.MODERATOR) | |
68 | } | |
69 | }) | |
70 | ||
71 | it('Should login the first Laguna, create the user and use the token', async function () { | |
72 | { | |
73 | const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } }) | |
74 | lagunaAccessToken = body.access_token | |
75 | lagunaRefreshToken = body.refresh_token | |
76 | } | |
77 | ||
78 | { | |
79 | const body = await server.users.getMyInfo({ token: lagunaAccessToken }) | |
80 | ||
81 | expect(body.username).to.equal('laguna') | |
82 | expect(body.account.displayName).to.equal('laguna') | |
83 | expect(body.role).to.equal(UserRole.USER) | |
84 | } | |
85 | }) | |
86 | ||
87 | it('Should refresh crash token, but not laguna token', async function () { | |
88 | { | |
89 | const resRefresh = await server.login.refreshToken({ refreshToken: crashRefreshToken }) | |
90 | crashAccessToken = resRefresh.body.access_token | |
91 | crashRefreshToken = resRefresh.body.refresh_token | |
92 | ||
93 | const body = await server.users.getMyInfo({ token: crashAccessToken }) | |
94 | expect(body.username).to.equal('crash') | |
95 | } | |
96 | ||
97 | { | |
98 | await server.login.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
99 | } | |
100 | }) | |
101 | ||
102 | it('Should update Crash profile', async function () { | |
103 | await server.users.updateMe({ | |
104 | token: crashAccessToken, | |
105 | displayName: 'Beautiful Crash', | |
106 | description: 'Mutant eastern barred bandicoot' | |
107 | }) | |
108 | ||
109 | const body = await server.users.getMyInfo({ token: crashAccessToken }) | |
110 | ||
111 | expect(body.account.displayName).to.equal('Beautiful Crash') | |
112 | expect(body.account.description).to.equal('Mutant eastern barred bandicoot') | |
113 | }) | |
114 | ||
115 | it('Should logout Crash', async function () { | |
116 | await server.login.logout({ token: crashAccessToken }) | |
117 | }) | |
118 | ||
119 | it('Should have logged out Crash', async function () { | |
120 | await server.servers.waitUntilLog('On logout for auth 1 - 2') | |
121 | ||
122 | await server.users.getMyInfo({ token: crashAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
123 | }) | |
124 | ||
125 | it('Should login Crash and keep the old existing profile', async function () { | |
126 | crashAccessToken = await server.login.getAccessToken({ username: 'crash', password: 'crash password' }) | |
127 | ||
128 | const body = await server.users.getMyInfo({ token: crashAccessToken }) | |
129 | ||
130 | expect(body.username).to.equal('crash') | |
131 | expect(body.account.displayName).to.equal('Beautiful Crash') | |
132 | expect(body.account.description).to.equal('Mutant eastern barred bandicoot') | |
133 | expect(body.role).to.equal(UserRole.MODERATOR) | |
134 | }) | |
135 | ||
136 | it('Should reject token of laguna by the plugin hook', async function () { | |
137 | this.timeout(10000) | |
138 | ||
139 | await wait(5000) | |
140 | ||
141 | await server.users.getMyInfo({ token: lagunaAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
142 | }) | |
143 | ||
144 | it('Should reject an invalid username, email, role or display name', async function () { | |
145 | const command = server.login | |
146 | ||
147 | await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
148 | await server.servers.waitUntilLog('valid username') | |
149 | ||
150 | await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
151 | await server.servers.waitUntilLog('valid display name') | |
152 | ||
153 | await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
154 | await server.servers.waitUntilLog('valid role') | |
155 | ||
156 | await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
157 | await server.servers.waitUntilLog('valid email') | |
158 | }) | |
159 | ||
160 | it('Should unregister spyro-auth and do not login existing Spyro', async function () { | |
161 | await server.plugins.updateSettings({ | |
162 | npmName: 'peertube-plugin-test-id-pass-auth-one', | |
163 | settings: { disableSpyro: true } | |
164 | }) | |
165 | ||
166 | const command = server.login | |
167 | await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
168 | await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
169 | }) | |
170 | ||
171 | it('Should have disabled this auth', async function () { | |
172 | const config = await server.config.getConfig() | |
173 | ||
174 | const auths = config.plugin.registeredIdAndPassAuths | |
175 | expect(auths).to.have.lengthOf(7) | |
176 | ||
177 | const spyroAuth = auths.find(a => a.authName === 'spyro-auth') | |
178 | expect(spyroAuth).to.not.exist | |
179 | }) | |
180 | ||
181 | it('Should uninstall the plugin one and do not login existing Crash', async function () { | |
182 | await server.plugins.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' }) | |
183 | ||
184 | await server.login.login({ | |
185 | user: { username: 'crash', password: 'crash password' }, | |
186 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
187 | }) | |
188 | }) | |
189 | ||
190 | it('Should display the correct configuration', async function () { | |
191 | const config = await server.config.getConfig() | |
192 | ||
193 | const auths = config.plugin.registeredIdAndPassAuths | |
194 | expect(auths).to.have.lengthOf(6) | |
195 | ||
196 | const crashAuth = auths.find(a => a.authName === 'crash-auth') | |
197 | expect(crashAuth).to.not.exist | |
198 | }) | |
199 | ||
200 | it('Should display plugin auth information in users list', async function () { | |
201 | const { data } = await server.users.list() | |
202 | ||
203 | const root = data.find(u => u.username === 'root') | |
204 | const crash = data.find(u => u.username === 'crash') | |
205 | const laguna = data.find(u => u.username === 'laguna') | |
206 | ||
207 | expect(root.pluginAuth).to.be.null | |
208 | expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one') | |
209 | expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two') | |
210 | }) | |
211 | ||
212 | after(async function () { | |
213 | await cleanupTests([ server ]) | |
214 | }) | |
215 | }) |