X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fplugins%2Fexternal-auth.ts;h=437777e90e7a2dfb72f4a975f3809b074319a228;hb=60bab7b540de3709f3392a0ea964524c13c7e404;hp=5addb45c7826be08d5c2b2cf34556792ab481c6b;hpb=903353d67a8d0fdda8465ed6c57b77a9a5afbe92;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/tests/plugins/external-auth.ts b/server/tests/plugins/external-auth.ts index 5addb45c7..437777e90 100644 --- a/server/tests/plugins/external-auth.ts +++ b/server/tests/plugins/external-auth.ts @@ -1,45 +1,32 @@ /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ -import 'mocha' import { expect } from 'chai' -import { ServerConfig, User, UserRole } from '@shared/models' +import { wait } from '@shared/core-utils' +import { HttpStatusCode, UserRole } from '@shared/models' import { + cleanupTests, + createSingleServer, decodeQueryString, - getConfig, - getExternalAuth, - getMyUserInformation, - getPluginTestPath, - installPlugin, - loginUsingExternalToken, - logout, - refreshToken, - setAccessTokensToServers, - uninstallPlugin, - updateMyUser, - wait, - userLogin, - updatePluginSettings, - createUser -} from '../../../shared/extra-utils' -import { cleanupTests, flushAndRunServer, ServerInfo, waitUntilLog } from '../../../shared/extra-utils/server/servers' -import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes' + PeerTubeServer, + PluginsCommand, + setAccessTokensToServers +} from '@shared/server-commands' async function loginExternal (options: { - server: ServerInfo + server: PeerTubeServer npmName: string authName: string username: string query?: any - statusCodeExpected?: HttpStatusCode - statusCodeExpectedStep2?: HttpStatusCode + expectedStatus?: HttpStatusCode + expectedStatusStep2?: HttpStatusCode }) { - const res = await getExternalAuth({ - url: options.server.url, + const res = await options.server.plugins.getExternalAuth({ npmName: options.npmName, npmVersion: '0.0.1', authName: options.authName, query: options.query, - statusCodeExpected: options.statusCodeExpected || HttpStatusCode.FOUND_302 + expectedStatus: options.expectedStatus || HttpStatusCode.FOUND_302 }) if (res.status !== HttpStatusCode.FOUND_302) return @@ -47,18 +34,17 @@ async function loginExternal (options: { const location = res.header.location const { externalAuthToken } = decodeQueryString(location) - const resLogin = await loginUsingExternalToken( - options.server, - options.username, - externalAuthToken as string, - options.statusCodeExpectedStep2 - ) + const resLogin = await options.server.login.loginUsingExternalToken({ + username: options.username, + externalAuthToken: externalAuthToken as string, + expectedStatus: options.expectedStatusStep2 + }) return resLogin.body } describe('Test external auth plugins', function () { - let server: ServerInfo + let server: PeerTubeServer let cyanAccessToken: string let cyanRefreshToken: string @@ -71,25 +57,26 @@ describe('Test external auth plugins', function () { before(async function () { this.timeout(30000) - server = await flushAndRunServer(1) + server = await createSingleServer(1, { + rates_limit: { + login: { + max: 30 + } + } + }) + await setAccessTokensToServers([ server ]) for (const suffix of [ 'one', 'two', 'three' ]) { - await installPlugin({ - url: server.url, - accessToken: server.accessToken, - path: getPluginTestPath('-external-auth-' + suffix) - }) + await server.plugins.install({ path: PluginsCommand.getPluginTestPath('-external-auth-' + suffix) }) } }) it('Should display the correct configuration', async function () { - const res = await getConfig(server.url) - - const config: ServerConfig = res.body + const config = await server.config.getConfig() const auths = config.plugin.registeredExternalAuths - expect(auths).to.have.lengthOf(8) + expect(auths).to.have.lengthOf(9) const auth2 = auths.find((a) => a.authName === 'external-auth-2') expect(auth2).to.exist @@ -98,15 +85,14 @@ describe('Test external auth plugins', function () { }) it('Should redirect for a Cyan login', async function () { - const res = await getExternalAuth({ - url: server.url, + const res = await server.plugins.getExternalAuth({ npmName: 'test-external-auth-one', npmVersion: '0.0.1', authName: 'external-auth-1', query: { username: 'cyan' }, - statusCodeExpected: HttpStatusCode.FOUND_302 + expectedStatus: HttpStatusCode.FOUND_302 }) const location = res.header.location @@ -121,13 +107,17 @@ describe('Test external auth plugins', function () { }) it('Should reject auto external login with a missing or invalid token', async function () { - await loginUsingExternalToken(server, 'cyan', '', HttpStatusCode.BAD_REQUEST_400) - await loginUsingExternalToken(server, 'cyan', 'blabla', HttpStatusCode.BAD_REQUEST_400) + const command = server.login + + await command.loginUsingExternalToken({ username: 'cyan', externalAuthToken: '', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) + await command.loginUsingExternalToken({ username: 'cyan', externalAuthToken: 'blabla', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) }) it('Should reject auto external login with a missing or invalid username', async function () { - await loginUsingExternalToken(server, '', externalAuthToken, HttpStatusCode.BAD_REQUEST_400) - await loginUsingExternalToken(server, '', externalAuthToken, HttpStatusCode.BAD_REQUEST_400) + const command = server.login + + await command.loginUsingExternalToken({ username: '', externalAuthToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) + await command.loginUsingExternalToken({ username: '', externalAuthToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) }) it('Should reject auto external login with an expired token', async function () { @@ -135,9 +125,13 @@ describe('Test external auth plugins', function () { await wait(5000) - await loginUsingExternalToken(server, 'cyan', externalAuthToken, HttpStatusCode.BAD_REQUEST_400) + await server.login.loginUsingExternalToken({ + username: 'cyan', + externalAuthToken, + expectedStatus: HttpStatusCode.BAD_REQUEST_400 + }) - await waitUntilLog(server, 'expired external auth token', 2) + await server.servers.waitUntilLog('expired external auth token', 4) }) it('Should auto login Cyan, create the user and use the token', async function () { @@ -157,13 +151,11 @@ describe('Test external auth plugins', function () { } { - const res = await getMyUserInformation(server.url, cyanAccessToken) - - const body: User = res.body + const body = await server.users.getMyInfo({ token: cyanAccessToken }) expect(body.username).to.equal('cyan') expect(body.account.displayName).to.equal('cyan') expect(body.email).to.equal('cyan@example.com') - expect(body.role).to.equal(UserRole.USER) + expect(body.role.id).to.equal(UserRole.USER) } }) @@ -181,55 +173,49 @@ describe('Test external auth plugins', function () { } { - const res = await getMyUserInformation(server.url, kefkaAccessToken) - - const body: User = res.body + const body = await server.users.getMyInfo({ token: kefkaAccessToken }) expect(body.username).to.equal('kefka') expect(body.account.displayName).to.equal('Kefka Palazzo') expect(body.email).to.equal('kefka@example.com') - expect(body.role).to.equal(UserRole.ADMINISTRATOR) + expect(body.role.id).to.equal(UserRole.ADMINISTRATOR) } }) it('Should refresh Cyan token, but not Kefka token', async function () { { - const resRefresh = await refreshToken(server, cyanRefreshToken) + const resRefresh = await server.login.refreshToken({ refreshToken: cyanRefreshToken }) cyanAccessToken = resRefresh.body.access_token cyanRefreshToken = resRefresh.body.refresh_token - const res = await getMyUserInformation(server.url, cyanAccessToken) - const user: User = res.body - expect(user.username).to.equal('cyan') + const body = await server.users.getMyInfo({ token: cyanAccessToken }) + expect(body.username).to.equal('cyan') } { - await refreshToken(server, kefkaRefreshToken, HttpStatusCode.BAD_REQUEST_400) + await server.login.refreshToken({ refreshToken: kefkaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) } }) it('Should update Cyan profile', async function () { - await updateMyUser({ - url: server.url, - accessToken: cyanAccessToken, + await server.users.updateMe({ + token: cyanAccessToken, displayName: 'Cyan Garamonde', description: 'Retainer to the king of Doma' }) - const res = await getMyUserInformation(server.url, cyanAccessToken) - - const body: User = res.body + const body = await server.users.getMyInfo({ token: cyanAccessToken }) expect(body.account.displayName).to.equal('Cyan Garamonde') expect(body.account.description).to.equal('Retainer to the king of Doma') }) it('Should logout Cyan', async function () { - await logout(server.url, cyanAccessToken) + await server.login.logout({ token: cyanAccessToken }) }) it('Should have logged out Cyan', async function () { - await waitUntilLog(server, 'On logout cyan') + await server.servers.waitUntilLog('On logout cyan') - await getMyUserInformation(server.url, cyanAccessToken, HttpStatusCode.UNAUTHORIZED_401) + await server.users.getMyInfo({ token: cyanAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should login Cyan and keep the old existing profile', async function () { @@ -247,22 +233,19 @@ describe('Test external auth plugins', function () { cyanAccessToken = res.access_token } - const res = await getMyUserInformation(server.url, cyanAccessToken) - - const body: User = res.body + const body = await server.users.getMyInfo({ token: cyanAccessToken }) expect(body.username).to.equal('cyan') expect(body.account.displayName).to.equal('Cyan Garamonde') expect(body.account.description).to.equal('Retainer to the king of Doma') - expect(body.role).to.equal(UserRole.USER) + expect(body.role.id).to.equal(UserRole.USER) }) it('Should not update an external auth email', async function () { - await updateMyUser({ - url: server.url, - accessToken: cyanAccessToken, + await server.users.updateMe({ + token: cyanAccessToken, email: 'toto@example.com', currentPassword: 'toto', - statusCodeExpected: HttpStatusCode.BAD_REQUEST_400 + expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) }) @@ -271,18 +254,16 @@ describe('Test external auth plugins', function () { await wait(5000) - await getMyUserInformation(server.url, kefkaAccessToken, HttpStatusCode.UNAUTHORIZED_401) + await server.users.getMyInfo({ token: kefkaAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should unregister external-auth-2 and do not login existing Kefka', async function () { - await updatePluginSettings({ - url: server.url, - accessToken: server.accessToken, + await server.plugins.updateSettings({ npmName: 'peertube-plugin-test-external-auth-one', settings: { disableKefka: true } }) - await userLogin(server, { username: 'kefka', password: 'fake' }, HttpStatusCode.BAD_REQUEST_400) + await server.login.login({ user: { username: 'kefka', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) await loginExternal({ server, @@ -292,28 +273,22 @@ describe('Test external auth plugins', function () { username: 'kefka' }, username: 'kefka', - statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) it('Should have disabled this auth', async function () { - const res = await getConfig(server.url) - - const config: ServerConfig = res.body + const config = await server.config.getConfig() const auths = config.plugin.registeredExternalAuths - expect(auths).to.have.lengthOf(7) + expect(auths).to.have.lengthOf(8) const auth1 = auths.find(a => a.authName === 'external-auth-2') expect(auth1).to.not.exist }) it('Should uninstall the plugin one and do not login Cyan', async function () { - await uninstallPlugin({ - url: server.url, - accessToken: server.accessToken, - npmName: 'peertube-plugin-test-external-auth-one' - }) + await server.plugins.uninstall({ npmName: 'peertube-plugin-test-external-auth-one' }) await loginExternal({ server, @@ -323,12 +298,12 @@ describe('Test external auth plugins', function () { username: 'cyan' }, username: 'cyan', - statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + expectedStatus: HttpStatusCode.NOT_FOUND_404 }) - await userLogin(server, { username: 'cyan', password: null }, HttpStatusCode.BAD_REQUEST_400) - await userLogin(server, { username: 'cyan', password: '' }, HttpStatusCode.BAD_REQUEST_400) - await userLogin(server, { username: 'cyan', password: 'fake' }, HttpStatusCode.BAD_REQUEST_400) + await server.login.login({ user: { username: 'cyan', password: null }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) + await server.login.login({ user: { username: 'cyan', password: '' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) + await server.login.login({ user: { username: 'cyan', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) }) it('Should not login kefka with another plugin', async function () { @@ -337,7 +312,7 @@ describe('Test external auth plugins', function () { npmName: 'test-external-auth-two', authName: 'external-auth-4', username: 'kefka2', - statusCodeExpectedStep2: HttpStatusCode.BAD_REQUEST_400 + expectedStatusStep2: HttpStatusCode.BAD_REQUEST_400 }) await loginExternal({ @@ -345,34 +320,49 @@ describe('Test external auth plugins', function () { npmName: 'test-external-auth-two', authName: 'external-auth-4', username: 'kefka', - statusCodeExpectedStep2: HttpStatusCode.BAD_REQUEST_400 + expectedStatusStep2: HttpStatusCode.BAD_REQUEST_400 }) }) - it('Should not login an existing user', async function () { - await createUser({ - url: server.url, - accessToken: server.accessToken, - username: 'existing_user', - password: 'super_password' - }) + it('Should not login an existing user email', async function () { + await server.users.create({ username: 'existing_user', password: 'super_password' }) await loginExternal({ server, npmName: 'test-external-auth-two', authName: 'external-auth-6', username: 'existing_user', - statusCodeExpectedStep2: HttpStatusCode.BAD_REQUEST_400 + expectedStatusStep2: HttpStatusCode.BAD_REQUEST_400 }) }) - it('Should display the correct configuration', async function () { - const res = await getConfig(server.url) + it('Should be able to login an existing user username and channel', async function () { + await server.users.create({ username: 'existing_user2' }) + await server.users.create({ username: 'existing_user2-1_channel' }) + + // Test twice to ensure we don't generate a username on every login + for (let i = 0; i < 2; i++) { + const res = await loginExternal({ + server, + npmName: 'test-external-auth-two', + authName: 'external-auth-7', + username: 'existing_user2' + }) + + const token = res.access_token - const config: ServerConfig = res.body + const myInfo = await server.users.getMyInfo({ token }) + expect(myInfo.username).to.equal('existing_user2-1') + + expect(myInfo.videoChannels[0].name).to.equal('existing_user2-1_channel-1') + } + }) + + it('Should display the correct configuration', async function () { + const config = await server.config.getConfig() const auths = config.plugin.registeredExternalAuths - expect(auths).to.have.lengthOf(6) + expect(auths).to.have.lengthOf(7) const auth2 = auths.find((a) => a.authName === 'external-auth-2') expect(auth2).to.not.exist @@ -390,9 +380,8 @@ describe('Test external auth plugins', function () { username: 'cid' }) - const resLogout = await logout(server.url, resLogin.access_token) - - expect(resLogout.body.redirectUrl).to.equal('https://example.com/redirectUrl') + const { redirectUrl } = await server.login.logout({ token: resLogin.access_token }) + expect(redirectUrl).to.equal('https://example.com/redirectUrl') }) it('Should call the plugin\'s onLogout method with the request', async function () { @@ -403,8 +392,7 @@ describe('Test external auth plugins', function () { username: 'cid' }) - const resLogout = await logout(server.url, resLogin.access_token) - - expect(resLogout.body.redirectUrl).to.equal('https://example.com/redirectUrl?access_token=' + resLogin.access_token) + const { redirectUrl } = await server.login.logout({ token: resLogin.access_token }) + expect(redirectUrl).to.equal('https://example.com/redirectUrl?access_token=' + resLogin.access_token) }) })