import * as chai from 'chai'
import { AbuseState, AbuseUpdate, MyUser, User, UserRole, Video, VideoPlaylistType } from '@shared/models'
import { CustomConfig } from '@shared/models/server'
+import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
import {
addVideoCommentThread,
blockUser,
cleanupTests,
+ closeAllSequelize,
createUser,
deleteMe,
flushAndRunServer,
getVideoChannel,
getVideosList,
installPlugin,
+ killallServers,
login,
makePutBodyRequest,
rateVideo,
removeUser,
removeVideo,
reportAbuse,
+ reRunServer,
ServerInfo,
+ setTokenField,
testImage,
unblockUser,
updateAbuse,
waitJobs
} from '../../../../shared/extra-utils'
import { follow } from '../../../../shared/extra-utils/server/follows'
-import { logout, serverLogin, setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
+import { logout, refreshToken, setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
import { getMyVideos } from '../../../../shared/extra-utils/videos/videos'
import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
-import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
const expect = chai.expect
const client = { id: 'client', secret: server.client.secret }
const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
+ expect(res.body.code).to.equal('invalid_client')
expect(res.body.error).to.contain('client is invalid')
+ expect(res.body.type.startsWith('https://')).to.be.true
+ expect(res.body.type).to.contain('invalid_client')
})
it('Should not login with an invalid client secret', async function () {
const client = { id: server.client.id, secret: 'coucou' }
const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
+ expect(res.body.code).to.equal('invalid_client')
expect(res.body.error).to.contain('client is invalid')
+ expect(res.body.type.startsWith('https://')).to.be.true
+ expect(res.body.type).to.contain('invalid_client')
})
})
const user = { username: 'captain crochet', password: server.user.password }
const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
+ expect(res.body.code).to.equal('invalid_grant')
expect(res.body.error).to.contain('credentials are invalid')
+ expect(res.body.type.startsWith('https://')).to.be.true
+ expect(res.body.type).to.contain('invalid_grant')
})
it('Should not login with an invalid password', async function () {
const user = { username: server.user.username, password: 'mew_three' }
const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
+ expect(res.body.code).to.equal('invalid_grant')
expect(res.body.error).to.contain('credentials are invalid')
+ expect(res.body.type.startsWith('https://')).to.be.true
+ expect(res.body.type).to.contain('invalid_grant')
})
it('Should not be able to upload a video', async function () {
})
it('Should be able to login again', async function () {
- server.accessToken = await serverLogin(server)
+ const res = await login(server.url, server.client, server.user)
+ server.accessToken = res.body.access_token
+ server.refreshToken = res.body.refresh_token
+ })
+
+ it('Should be able to get my user information again', async function () {
+ await getMyUserInformation(server.url, server.accessToken)
})
- it('Should have an expired access token')
+ it('Should have an expired access token', async function () {
+ this.timeout(15000)
- it('Should refresh the token')
+ await setTokenField(server.internalServerNumber, server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
+ await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
+
+ killallServers([ server ])
+ await reRunServer(server)
+
+ await getMyUserInformation(server.url, server.accessToken, 401)
+ })
+
+ it('Should not be able to refresh an access token with an expired refresh token', async function () {
+ await refreshToken(server, server.refreshToken, 400)
+ })
+
+ it('Should refresh the token', async function () {
+ this.timeout(15000)
+
+ const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
+ await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', futureDate)
+
+ killallServers([ server ])
+ await reRunServer(server)
+
+ const res = await refreshToken(server, server.refreshToken)
+ server.accessToken = res.body.access_token
+ server.refreshToken = res.body.refresh_token
+ })
it('Should be able to get my user information again', async function () {
await getMyUserInformation(server.url, server.accessToken)
emailVerified: true,
videoQuota: 42,
role: UserRole.MODERATOR,
- adminFlags: UserAdminFlag.NONE
+ adminFlags: UserAdminFlag.NONE,
+ pluginAuth: 'toto'
})
const res = await getUserInformation(server.url, accessToken, userId)
- const user = res.body
+ const user = res.body as User
expect(user.username).to.equal('user_1')
expect(user.email).to.equal('updated2@example.com')
expect(user.roleLabel).to.equal('Moderator')
expect(user.id).to.be.a('number')
expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
+ expect(user.pluginAuth).to.equal('toto')
+ })
+
+ it('Should reset the auth plugin', async function () {
+ await updateUser({ url: server.url, userId, accessToken, pluginAuth: null })
+
+ const res = await getUserInformation(server.url, accessToken, userId)
+ const user = res.body as User
+ expect(user.pluginAuth).to.be.null
})
it('Should have removed the user token', async function () {
})
after(async function () {
+ await closeAllSequelize([ server ])
await cleanupTests([ server ])
})
})