server/tests/plugins/id-and-pass-auth.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import { expect } from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import { cleanupTests, createSingleServer, PluginsCommand, PeerTubeServer, setAccessTokensToServers, wait } from '@shared/extra-utils'
   7 import { UserRole } from '@shared/models'
   8
   9 describe('Test id and pass auth plugins', function () {
  10   let server: PeerTubeServer
  11
  12   let crashAccessToken: string
  13   let crashRefreshToken: string
  14
  15   let lagunaAccessToken: string
  16   let lagunaRefreshToken: string
  17
  18   before(async function () {
  19     this.timeout(30000)
  20
  21     server = await createSingleServer(1)
  22     await setAccessTokensToServers([ server ])
  23
  24     for (const suffix of [ 'one', 'two', 'three' ]) {
  25       await server.plugins.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) })
  26     }
  27   })
  28
  29   it('Should display the correct configuration', async function () {
  30     const config = await server.config.getConfig()
  31
  32     const auths = config.plugin.registeredIdAndPassAuths
  33     expect(auths).to.have.lengthOf(8)
  34
  35     const crashAuth = auths.find(a => a.authName === 'crash-auth')
  36     expect(crashAuth).to.exist
  37     expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one')
  38     expect(crashAuth.weight).to.equal(50)
  39   })
  40
  41   it('Should not login', async function () {
  42     await server.login.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  43   })
  44
  45   it('Should login Spyro, create the user and use the token', async function () {
  46     const accessToken = await server.login.getAccessToken({ username: 'spyro', password: 'spyro password' })
  47
  48     const body = await server.users.getMyInfo({ token: accessToken })
  49
  50     expect(body.username).to.equal('spyro')
  51     expect(body.account.displayName).to.equal('Spyro the Dragon')
  52     expect(body.role).to.equal(UserRole.USER)
  53   })
  54
  55   it('Should login Crash, create the user and use the token', async function () {
  56     {
  57       const body = await server.login.login({ user: { username: 'crash', password: 'crash password' } })
  58       crashAccessToken = body.access_token
  59       crashRefreshToken = body.refresh_token
  60     }
  61
  62     {
  63       const body = await server.users.getMyInfo({ token: crashAccessToken })
  64
  65       expect(body.username).to.equal('crash')
  66       expect(body.account.displayName).to.equal('Crash Bandicoot')
  67       expect(body.role).to.equal(UserRole.MODERATOR)
  68     }
  69   })
  70
  71   it('Should login the first Laguna, create the user and use the token', async function () {
  72     {
  73       const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } })
  74       lagunaAccessToken = body.access_token
  75       lagunaRefreshToken = body.refresh_token
  76     }
  77
  78     {
  79       const body = await server.users.getMyInfo({ token: lagunaAccessToken })
  80
  81       expect(body.username).to.equal('laguna')
  82       expect(body.account.displayName).to.equal('laguna')
  83       expect(body.role).to.equal(UserRole.USER)
  84     }
  85   })
  86
  87   it('Should refresh crash token, but not laguna token', async function () {
  88     {
  89       const resRefresh = await server.login.refreshToken({ refreshToken: crashRefreshToken })
  90       crashAccessToken = resRefresh.body.access_token
  91       crashRefreshToken = resRefresh.body.refresh_token
  92
  93       const body = await server.users.getMyInfo({ token: crashAccessToken })
  94       expect(body.username).to.equal('crash')
  95     }
  96
  97     {
  98       await server.login.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  99     }
 100   })
 101
 102   it('Should update Crash profile', async function () {
 103     await server.users.updateMe({
 104       token: crashAccessToken,
 105       displayName: 'Beautiful Crash',
 106       description: 'Mutant eastern barred bandicoot'
 107     })
 108
 109     const body = await server.users.getMyInfo({ token: crashAccessToken })
 110
 111     expect(body.account.displayName).to.equal('Beautiful Crash')
 112     expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
 113   })
 114
 115   it('Should logout Crash', async function () {
 116     await server.login.logout({ token: crashAccessToken })
 117   })
 118
 119   it('Should have logged out Crash', async function () {
 120     await server.servers.waitUntilLog('On logout for auth 1 - 2')
 121
 122     await server.users.getMyInfo({ token: crashAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 123   })
 124
 125   it('Should login Crash and keep the old existing profile', async function () {
 126     crashAccessToken = await server.login.getAccessToken({ username: 'crash', password: 'crash password' })
 127
 128     const body = await server.users.getMyInfo({ token: crashAccessToken })
 129
 130     expect(body.username).to.equal('crash')
 131     expect(body.account.displayName).to.equal('Beautiful Crash')
 132     expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
 133     expect(body.role).to.equal(UserRole.MODERATOR)
 134   })
 135
 136   it('Should reject token of laguna by the plugin hook', async function () {
 137     this.timeout(10000)
 138
 139     await wait(5000)
 140
 141     await server.users.getMyInfo({ token: lagunaAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 142   })
 143
 144   it('Should reject an invalid username, email, role or display name', async function () {
 145     const command = server.login
 146
 147     await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 148     await server.servers.waitUntilLog('valid username')
 149
 150     await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 151     await server.servers.waitUntilLog('valid display name')
 152
 153     await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 154     await server.servers.waitUntilLog('valid role')
 155
 156     await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 157     await server.servers.waitUntilLog('valid email')
 158   })
 159
 160   it('Should unregister spyro-auth and do not login existing Spyro', async function () {
 161     await server.plugins.updateSettings({
 162       npmName: 'peertube-plugin-test-id-pass-auth-one',
 163       settings: { disableSpyro: true }
 164     })
 165
 166     const command = server.login
 167     await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 168     await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 169   })
 170
 171   it('Should have disabled this auth', async function () {
 172     const config = await server.config.getConfig()
 173
 174     const auths = config.plugin.registeredIdAndPassAuths
 175     expect(auths).to.have.lengthOf(7)
 176
 177     const spyroAuth = auths.find(a => a.authName === 'spyro-auth')
 178     expect(spyroAuth).to.not.exist
 179   })
 180
 181   it('Should uninstall the plugin one and do not login existing Crash', async function () {
 182     await server.plugins.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' })
 183
 184     await server.login.login({
 185       user: { username: 'crash', password: 'crash password' },
 186       expectedStatus: HttpStatusCode.BAD_REQUEST_400
 187     })
 188   })
 189
 190   it('Should display the correct configuration', async function () {
 191     const config = await server.config.getConfig()
 192
 193     const auths = config.plugin.registeredIdAndPassAuths
 194     expect(auths).to.have.lengthOf(6)
 195
 196     const crashAuth = auths.find(a => a.authName === 'crash-auth')
 197     expect(crashAuth).to.not.exist
 198   })
 199
 200   it('Should display plugin auth information in users list', async function () {
 201     const { data } = await server.users.list()
 202
 203     const root = data.find(u => u.username === 'root')
 204     const crash = data.find(u => u.username === 'crash')
 205     const laguna = data.find(u => u.username === 'laguna')
 206
 207     expect(root.pluginAuth).to.be.null
 208     expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one')
 209     expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two')
 210   })
 211
 212   after(async function () {
 213     await cleanupTests([ server ])
 214   })
 215 })