server/tests/plugins/id-and-pass-auth.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import { expect } from 'chai'
   5 import { cleanupTests, createSingleServer, PeerTubeServer, PluginsCommand, setAccessTokensToServers, wait } from '@shared/server-commands'
   6 import { HttpStatusCode, UserRole } from '@shared/models'
   7
   8 describe('Test id and pass auth plugins', function () {
   9   let server: PeerTubeServer
  10
  11   let crashAccessToken: string
  12   let crashRefreshToken: string
  13
  14   let lagunaAccessToken: string
  15   let lagunaRefreshToken: string
  16
  17   before(async function () {
  18     this.timeout(30000)
  19
  20     server = await createSingleServer(1)
  21     await setAccessTokensToServers([ server ])
  22
  23     for (const suffix of [ 'one', 'two', 'three' ]) {
  24       await server.plugins.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) })
  25     }
  26   })
  27
  28   it('Should display the correct configuration', async function () {
  29     const config = await server.config.getConfig()
  30
  31     const auths = config.plugin.registeredIdAndPassAuths
  32     expect(auths).to.have.lengthOf(8)
  33
  34     const crashAuth = auths.find(a => a.authName === 'crash-auth')
  35     expect(crashAuth).to.exist
  36     expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one')
  37     expect(crashAuth.weight).to.equal(50)
  38   })
  39
  40   it('Should not login', async function () {
  41     await server.login.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  42   })
  43
  44   it('Should login Spyro, create the user and use the token', async function () {
  45     const accessToken = await server.login.getAccessToken({ username: 'spyro', password: 'spyro password' })
  46
  47     const body = await server.users.getMyInfo({ token: accessToken })
  48
  49     expect(body.username).to.equal('spyro')
  50     expect(body.account.displayName).to.equal('Spyro the Dragon')
  51     expect(body.role).to.equal(UserRole.USER)
  52   })
  53
  54   it('Should login Crash, create the user and use the token', async function () {
  55     {
  56       const body = await server.login.login({ user: { username: 'crash', password: 'crash password' } })
  57       crashAccessToken = body.access_token
  58       crashRefreshToken = body.refresh_token
  59     }
  60
  61     {
  62       const body = await server.users.getMyInfo({ token: crashAccessToken })
  63
  64       expect(body.username).to.equal('crash')
  65       expect(body.account.displayName).to.equal('Crash Bandicoot')
  66       expect(body.role).to.equal(UserRole.MODERATOR)
  67     }
  68   })
  69
  70   it('Should login the first Laguna, create the user and use the token', async function () {
  71     {
  72       const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } })
  73       lagunaAccessToken = body.access_token
  74       lagunaRefreshToken = body.refresh_token
  75     }
  76
  77     {
  78       const body = await server.users.getMyInfo({ token: lagunaAccessToken })
  79
  80       expect(body.username).to.equal('laguna')
  81       expect(body.account.displayName).to.equal('laguna')
  82       expect(body.role).to.equal(UserRole.USER)
  83     }
  84   })
  85
  86   it('Should refresh crash token, but not laguna token', async function () {
  87     {
  88       const resRefresh = await server.login.refreshToken({ refreshToken: crashRefreshToken })
  89       crashAccessToken = resRefresh.body.access_token
  90       crashRefreshToken = resRefresh.body.refresh_token
  91
  92       const body = await server.users.getMyInfo({ token: crashAccessToken })
  93       expect(body.username).to.equal('crash')
  94     }
  95
  96     {
  97       await server.login.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  98     }
  99   })
 100
 101   it('Should update Crash profile', async function () {
 102     await server.users.updateMe({
 103       token: crashAccessToken,
 104       displayName: 'Beautiful Crash',
 105       description: 'Mutant eastern barred bandicoot'
 106     })
 107
 108     const body = await server.users.getMyInfo({ token: crashAccessToken })
 109
 110     expect(body.account.displayName).to.equal('Beautiful Crash')
 111     expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
 112   })
 113
 114   it('Should logout Crash', async function () {
 115     await server.login.logout({ token: crashAccessToken })
 116   })
 117
 118   it('Should have logged out Crash', async function () {
 119     await server.servers.waitUntilLog('On logout for auth 1 - 2')
 120
 121     await server.users.getMyInfo({ token: crashAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 122   })
 123
 124   it('Should login Crash and keep the old existing profile', async function () {
 125     crashAccessToken = await server.login.getAccessToken({ username: 'crash', password: 'crash password' })
 126
 127     const body = await server.users.getMyInfo({ token: crashAccessToken })
 128
 129     expect(body.username).to.equal('crash')
 130     expect(body.account.displayName).to.equal('Beautiful Crash')
 131     expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
 132     expect(body.role).to.equal(UserRole.MODERATOR)
 133   })
 134
 135   it('Should reject token of laguna by the plugin hook', async function () {
 136     this.timeout(10000)
 137
 138     await wait(5000)
 139
 140     await server.users.getMyInfo({ token: lagunaAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 141   })
 142
 143   it('Should reject an invalid username, email, role or display name', async function () {
 144     const command = server.login
 145
 146     await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 147     await server.servers.waitUntilLog('valid username')
 148
 149     await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 150     await server.servers.waitUntilLog('valid display name')
 151
 152     await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 153     await server.servers.waitUntilLog('valid role')
 154
 155     await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 156     await server.servers.waitUntilLog('valid email')
 157   })
 158
 159   it('Should unregister spyro-auth and do not login existing Spyro', async function () {
 160     await server.plugins.updateSettings({
 161       npmName: 'peertube-plugin-test-id-pass-auth-one',
 162       settings: { disableSpyro: true }
 163     })
 164
 165     const command = server.login
 166     await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 167     await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 168   })
 169
 170   it('Should have disabled this auth', async function () {
 171     const config = await server.config.getConfig()
 172
 173     const auths = config.plugin.registeredIdAndPassAuths
 174     expect(auths).to.have.lengthOf(7)
 175
 176     const spyroAuth = auths.find(a => a.authName === 'spyro-auth')
 177     expect(spyroAuth).to.not.exist
 178   })
 179
 180   it('Should uninstall the plugin one and do not login existing Crash', async function () {
 181     await server.plugins.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' })
 182
 183     await server.login.login({
 184       user: { username: 'crash', password: 'crash password' },
 185       expectedStatus: HttpStatusCode.BAD_REQUEST_400
 186     })
 187   })
 188
 189   it('Should display the correct configuration', async function () {
 190     const config = await server.config.getConfig()
 191
 192     const auths = config.plugin.registeredIdAndPassAuths
 193     expect(auths).to.have.lengthOf(6)
 194
 195     const crashAuth = auths.find(a => a.authName === 'crash-auth')
 196     expect(crashAuth).to.not.exist
 197   })
 198
 199   it('Should display plugin auth information in users list', async function () {
 200     const { data } = await server.users.list()
 201
 202     const root = data.find(u => u.username === 'root')
 203     const crash = data.find(u => u.username === 'crash')
 204     const laguna = data.find(u => u.username === 'laguna')
 205
 206     expect(root.pluginAuth).to.be.null
 207     expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one')
 208     expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two')
 209   })
 210
 211   after(async function () {
 212     await cleanupTests([ server ])
 213   })
 214 })