1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
3 import { expect } from 'chai'
4 import { SQLCommand } from '@server/tests/shared'
5 import { wait } from '@shared/core-utils'
6 import { HttpStatusCode, OAuth2ErrorCode, PeerTubeProblemDocument } from '@shared/models'
7 import { cleanupTests, createSingleServer, killallServers, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
9 describe('Test oauth', function () {
10 let server: PeerTubeServer
11 let sqlCommand: SQLCommand
13 before(async function () {
16 server = await createSingleServer(1, {
24 await setAccessTokensToServers([ server ])
26 sqlCommand = new SQLCommand(server)
29 describe('OAuth client', function () {
31 function expectInvalidClient (body: PeerTubeProblemDocument) {
32 expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
33 expect(body.error).to.contain('client is invalid')
34 expect(body.type.startsWith('https://')).to.be.true
35 expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
38 it('Should create a new client')
40 it('Should return the first client')
42 it('Should remove the last client')
44 it('Should not login with an invalid client id', async function () {
45 const client = { id: 'client', secret: server.store.client.secret }
46 const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
48 expectInvalidClient(body)
51 it('Should not login with an invalid client secret', async function () {
52 const client = { id: server.store.client.id, secret: 'coucou' }
53 const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
55 expectInvalidClient(body)
59 describe('Login', function () {
61 function expectInvalidCredentials (body: PeerTubeProblemDocument) {
62 expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
63 expect(body.error).to.contain('credentials are invalid')
64 expect(body.type.startsWith('https://')).to.be.true
65 expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
68 it('Should not login with an invalid username', async function () {
69 const user = { username: 'captain crochet', password: server.store.user.password }
70 const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
72 expectInvalidCredentials(body)
75 it('Should not login with an invalid password', async function () {
76 const user = { username: server.store.user.username, password: 'mew_three' }
77 const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
79 expectInvalidCredentials(body)
82 it('Should be able to login', async function () {
83 await server.login.login({ expectedStatus: HttpStatusCode.OK_200 })
86 it('Should be able to login with an insensitive username', async function () {
87 const user = { username: 'RoOt', password: server.store.user.password }
88 await server.login.login({ user, expectedStatus: HttpStatusCode.OK_200 })
90 const user2 = { username: 'rOoT', password: server.store.user.password }
91 await server.login.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
93 const user3 = { username: 'ROOt', password: server.store.user.password }
94 await server.login.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
98 describe('Logout', function () {
100 it('Should logout (revoke token)', async function () {
101 await server.login.logout({ token: server.accessToken })
104 it('Should not be able to get the user information', async function () {
105 await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
108 it('Should not be able to upload a video', async function () {
109 await server.videos.upload({ attributes: { name: 'video' }, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
112 it('Should be able to login again', async function () {
113 const body = await server.login.login()
114 server.accessToken = body.access_token
115 server.refreshToken = body.refresh_token
118 it('Should be able to get my user information again', async function () {
119 await server.users.getMyInfo()
122 it('Should have an expired access token', async function () {
125 await sqlCommand.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
126 await sqlCommand.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
128 await killallServers([ server ])
131 await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
134 it('Should not be able to refresh an access token with an expired refresh token', async function () {
135 await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
138 it('Should refresh the token', async function () {
141 const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
142 await sqlCommand.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
144 await killallServers([ server ])
147 const res = await server.login.refreshToken({ refreshToken: server.refreshToken })
148 server.accessToken = res.body.access_token
149 server.refreshToken = res.body.refresh_token
152 it('Should be able to get my user information again', async function () {
153 await server.users.getMyInfo()
157 describe('Custom token lifetime', function () {
158 before(async function () {
159 this.timeout(120_000)
165 access_token: '2 seconds',
166 refresh_token: '2 seconds'
172 it('Should have a very short access token lifetime', async function () {
175 const { access_token: accessToken } = await server.login.login()
176 await server.users.getMyInfo({ token: accessToken })
179 await server.users.getMyInfo({ token: accessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
182 it('Should have a very short refresh token lifetime', async function () {
185 const { refresh_token: refreshToken } = await server.login.login()
186 await server.login.refreshToken({ refreshToken })
189 await server.login.refreshToken({ refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
193 after(async function () {
194 await sqlCommand.cleanup()
195 await cleanupTests([ server ])