server/tests/plugins/id-and-pass-auth.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import { expect } from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   cleanupTests,
   8   flushAndRunServer,
   9   getMyUserInformation,
  10   getUsersList,
  11   PluginsCommand,
  12   ServerInfo,
  13   setAccessTokensToServers,
  14   updateMyUser,
  15   wait
  16 } from '@shared/extra-utils'
  17 import { User, UserRole } from '@shared/models'
  18
  19 describe('Test id and pass auth plugins', function () {
  20   let server: ServerInfo
  21
  22   let crashAccessToken: string
  23   let crashRefreshToken: string
  24
  25   let lagunaAccessToken: string
  26   let lagunaRefreshToken: string
  27
  28   before(async function () {
  29     this.timeout(30000)
  30
  31     server = await flushAndRunServer(1)
  32     await setAccessTokensToServers([ server ])
  33
  34     for (const suffix of [ 'one', 'two', 'three' ]) {
  35       await server.pluginsCommand.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) })
  36     }
  37   })
  38
  39   it('Should display the correct configuration', async function () {
  40     const config = await server.configCommand.getConfig()
  41
  42     const auths = config.plugin.registeredIdAndPassAuths
  43     expect(auths).to.have.lengthOf(8)
  44
  45     const crashAuth = auths.find(a => a.authName === 'crash-auth')
  46     expect(crashAuth).to.exist
  47     expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one')
  48     expect(crashAuth.weight).to.equal(50)
  49   })
  50
  51   it('Should not login', async function () {
  52     await server.loginCommand.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  53   })
  54
  55   it('Should login Spyro, create the user and use the token', async function () {
  56     const accessToken = await server.loginCommand.getAccessToken({ username: 'spyro', password: 'spyro password' })
  57
  58     const res = await getMyUserInformation(server.url, accessToken)
  59
  60     const body: User = res.body
  61     expect(body.username).to.equal('spyro')
  62     expect(body.account.displayName).to.equal('Spyro the Dragon')
  63     expect(body.role).to.equal(UserRole.USER)
  64   })
  65
  66   it('Should login Crash, create the user and use the token', async function () {
  67     {
  68       const body = await server.loginCommand.login({ user: { username: 'crash', password: 'crash password' } })
  69       crashAccessToken = body.access_token
  70       crashRefreshToken = body.refresh_token
  71     }
  72
  73     {
  74       const res = await getMyUserInformation(server.url, crashAccessToken)
  75
  76       const body: User = res.body
  77       expect(body.username).to.equal('crash')
  78       expect(body.account.displayName).to.equal('Crash Bandicoot')
  79       expect(body.role).to.equal(UserRole.MODERATOR)
  80     }
  81   })
  82
  83   it('Should login the first Laguna, create the user and use the token', async function () {
  84     {
  85       const body = await server.loginCommand.login({ user: { username: 'laguna', password: 'laguna password' } })
  86       lagunaAccessToken = body.access_token
  87       lagunaRefreshToken = body.refresh_token
  88     }
  89
  90     {
  91       const res = await getMyUserInformation(server.url, lagunaAccessToken)
  92
  93       const body: User = res.body
  94       expect(body.username).to.equal('laguna')
  95       expect(body.account.displayName).to.equal('laguna')
  96       expect(body.role).to.equal(UserRole.USER)
  97     }
  98   })
  99
 100   it('Should refresh crash token, but not laguna token', async function () {
 101     {
 102       const resRefresh = await server.loginCommand.refreshToken({ refreshToken: crashRefreshToken })
 103       crashAccessToken = resRefresh.body.access_token
 104       crashRefreshToken = resRefresh.body.refresh_token
 105
 106       const res = await getMyUserInformation(server.url, crashAccessToken)
 107       const user: User = res.body
 108       expect(user.username).to.equal('crash')
 109     }
 110
 111     {
 112       await server.loginCommand.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 113     }
 114   })
 115
 116   it('Should update Crash profile', async function () {
 117     await updateMyUser({
 118       url: server.url,
 119       accessToken: crashAccessToken,
 120       displayName: 'Beautiful Crash',
 121       description: 'Mutant eastern barred bandicoot'
 122     })
 123
 124     const res = await getMyUserInformation(server.url, crashAccessToken)
 125
 126     const body: User = res.body
 127     expect(body.account.displayName).to.equal('Beautiful Crash')
 128     expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
 129   })
 130
 131   it('Should logout Crash', async function () {
 132     await server.loginCommand.logout({ token: crashAccessToken })
 133   })
 134
 135   it('Should have logged out Crash', async function () {
 136     await server.serversCommand.waitUntilLog('On logout for auth 1 - 2')
 137
 138     await getMyUserInformation(server.url, crashAccessToken, 401)
 139   })
 140
 141   it('Should login Crash and keep the old existing profile', async function () {
 142     crashAccessToken = await server.loginCommand.getAccessToken({ username: 'crash', password: 'crash password' })
 143
 144     const res = await getMyUserInformation(server.url, crashAccessToken)
 145
 146     const body: User = res.body
 147     expect(body.username).to.equal('crash')
 148     expect(body.account.displayName).to.equal('Beautiful Crash')
 149     expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
 150     expect(body.role).to.equal(UserRole.MODERATOR)
 151   })
 152
 153   it('Should reject token of laguna by the plugin hook', async function () {
 154     this.timeout(10000)
 155
 156     await wait(5000)
 157
 158     await getMyUserInformation(server.url, lagunaAccessToken, 401)
 159   })
 160
 161   it('Should reject an invalid username, email, role or display name', async function () {
 162     const command = server.loginCommand
 163
 164     await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 165     await server.serversCommand.waitUntilLog('valid username')
 166
 167     await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 168     await server.serversCommand.waitUntilLog('valid display name')
 169
 170     await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 171     await server.serversCommand.waitUntilLog('valid role')
 172
 173     await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 174     await server.serversCommand.waitUntilLog('valid email')
 175   })
 176
 177   it('Should unregister spyro-auth and do not login existing Spyro', async function () {
 178     await server.pluginsCommand.updateSettings({
 179       npmName: 'peertube-plugin-test-id-pass-auth-one',
 180       settings: { disableSpyro: true }
 181     })
 182
 183     const command = server.loginCommand
 184     await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 185     await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 186   })
 187
 188   it('Should have disabled this auth', async function () {
 189     const config = await server.configCommand.getConfig()
 190
 191     const auths = config.plugin.registeredIdAndPassAuths
 192     expect(auths).to.have.lengthOf(7)
 193
 194     const spyroAuth = auths.find(a => a.authName === 'spyro-auth')
 195     expect(spyroAuth).to.not.exist
 196   })
 197
 198   it('Should uninstall the plugin one and do not login existing Crash', async function () {
 199     await server.pluginsCommand.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' })
 200
 201     await server.loginCommand.login({
 202       user: { username: 'crash', password: 'crash password' },
 203       expectedStatus: HttpStatusCode.BAD_REQUEST_400
 204     })
 205   })
 206
 207   it('Should display the correct configuration', async function () {
 208     const config = await server.configCommand.getConfig()
 209
 210     const auths = config.plugin.registeredIdAndPassAuths
 211     expect(auths).to.have.lengthOf(6)
 212
 213     const crashAuth = auths.find(a => a.authName === 'crash-auth')
 214     expect(crashAuth).to.not.exist
 215   })
 216
 217   it('Should display plugin auth information in users list', async function () {
 218     const res = await getUsersList(server.url, server.accessToken)
 219
 220     const users: User[] = res.body.data
 221
 222     const root = users.find(u => u.username === 'root')
 223     const crash = users.find(u => u.username === 'crash')
 224     const laguna = users.find(u => u.username === 'laguna')
 225
 226     expect(root.pluginAuth).to.be.null
 227     expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one')
 228     expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two')
 229   })
 230
 231   after(async function () {
 232     await cleanupTests([ server ])
 233   })
 234 })