Add other tests to external auth

author: Chocobozzz <me@florianbigard.com> 2020-05-11 18:29:06 +0200
committer: Chocobozzz <me@florianbigard.com> 2020-05-11 18:32:58 +0200
commit: d253bfaaa5f42b1fba71dc70de2932fbfdca5421 (patch)
tree: 33fe01c5d19c8165219852566d3f9d0a6f1f6140
parent: 5ff523664fda3acf83e319a7c08cd14af0025e99 (diff)
download: PeerTube-d253bfaaa5f42b1fba71dc70de2932fbfdca5421.tar.gz
PeerTube-d253bfaaa5f42b1fba71dc70de2932fbfdca5421.tar.zst
PeerTube-d253bfaaa5f42b1fba71dc70de2932fbfdca5421.zip
3 files changed, 96 insertions, 6 deletions
diff --git a/server/lib/oauth-model.ts b/server/lib/oauth-model.ts
index dbcba897a..e5ea4636e 100644
--- a/server/lib/oauth-model.ts
+++ b/server/lib/oauth-model.ts
@@ -123,7 +123,7 @@ async function getUser (usernameOrEmail?: string, password?: string) {
  const user = await UserModel.loadByUsernameOrEmail(usernameOrEmail)
  // If we don't find the user, or if the user belongs to a plugin
-  if (!user || user.pluginAuth !== null) return null
+  if (!user || user.pluginAuth !== null || !password) return null
  const passwordMatch = await user.isPasswordMatch(password)
  if (passwordMatch !== true) return null
diff --git a/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js b/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js
index 126905ffc..1604a7c41 100644
--- a/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js
+++ b/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js
@@ -17,6 +17,54 @@ async function register ({
      }
    })
  }
+  {
+    const result = registerExternalAuth({
+      authName: 'external-auth-4',
+      authDisplayName: () => 'External Auth 4',
+      onAuthRequest: (req, res) => {
+        result.userAuthenticated({
+          req,
+          res,
+          username: 'kefka2',
+          email: 'kefka@example.com',
+          displayName: 'Kefka duplication'
+        })
+      }
+    })
+  }
+  {
+    const result = registerExternalAuth({
+      authName: 'external-auth-5',
+      authDisplayName: () => 'External Auth 5',
+      onAuthRequest: (req, res) => {
+        result.userAuthenticated({
+          req,
+          res,
+          username: 'kefka',
+          email: 'kefka@example.com',
+          displayName: 'Kefka duplication'
+        })
+      }
+    })
+  }
+  {
+    const result = registerExternalAuth({
+      authName: 'external-auth-6',
+      authDisplayName: () => 'External Auth 6',
+      onAuthRequest: (req, res) => {
+        result.userAuthenticated({
+          req,
+          res,
+          username: 'existing_user',
+          email: 'existing_user@example.com',
+          displayName: 'Existing user'
+        })
+      }
+    })
+  }
 }
 async function unregister () {
diff --git a/server/tests/plugins/external-auth.ts b/server/tests/plugins/external-auth.ts
index 312561538..a85672782 100644
--- a/server/tests/plugins/external-auth.ts
+++ b/server/tests/plugins/external-auth.ts
@@ -18,7 +18,8 @@ import {
  updateMyUser,
  wait,
  userLogin,
-  updatePluginSettings
+  updatePluginSettings,
+  createUser
 } from '../../../shared/extra-utils'
 import { cleanupTests, flushAndRunServer, ServerInfo, waitUntilLog } from '../../../shared/extra-utils/server/servers'
@@ -29,6 +30,7 @@ async function loginExternal (options: {
  username: string
  query?: any
  statusCodeExpected?: number
+  statusCodeExpectedStep2?: number
 }) {
  const res = await getExternalAuth({
    url: options.server.url,
@@ -47,7 +49,8 @@ async function loginExternal (options: {
  const resLogin = await loginUsingExternalToken(
    options.server,
    options.username,
-    externalAuthToken as string
+    externalAuthToken as string,
+    options.statusCodeExpectedStep2
  )
  return resLogin.body
@@ -85,7 +88,7 @@ describe('Test external auth plugins', function () {
    const config: ServerConfig = res.body
    const auths = config.plugin.registeredExternalAuths
-    expect(auths).to.have.lengthOf(3)
+    expect(auths).to.have.lengthOf(6)
    const auth2 = auths.find((a) => a.authName === 'external-auth-2')
    expect(auth2).to.exist
@@ -288,7 +291,7 @@ describe('Test external auth plugins', function () {
    const config: ServerConfig = res.body
    const auths = config.plugin.registeredExternalAuths
-    expect(auths).to.have.lengthOf(2)
+    expect(auths).to.have.lengthOf(5)
    const auth1 = auths.find(a => a.authName === 'external-auth-2')
    expect(auth1).to.not.exist
@@ -311,6 +314,45 @@ describe('Test external auth plugins', function () {
      username: 'cyan',
      statusCodeExpected: 404
    })
+    await userLogin(server, { username: 'cyan', password: null }, 400)
+    await userLogin(server, { username: 'cyan', password: '' }, 400)
+    await userLogin(server, { username: 'cyan', password: 'fake' }, 400)
+  })
+  it('Should not login kefka with another plugin', async function () {
+    await loginExternal({
+      server,
+      npmName: 'test-external-auth-two',
+      authName: 'external-auth-4',
+      username: 'kefka2',
+      statusCodeExpectedStep2: 400
+    })
+    await loginExternal({
+      server,
+      npmName: 'test-external-auth-two',
+      authName: 'external-auth-4',
+      username: 'kefka',
+      statusCodeExpectedStep2: 400
+    })
+  })
+  it('Should not login an existing user', async function () {
+    await createUser({
+      url: server.url,
+      accessToken: server.accessToken,
+      username: 'existing_user',
+      password: 'super_password'
+    })
+    await loginExternal({
+      server,
+      npmName: 'test-external-auth-two',
+      authName: 'external-auth-6',
+      username: 'existing_user',
+      statusCodeExpectedStep2: 400
+    })
  })
  it('Should display the correct configuration', async function () {
@@ -319,7 +361,7 @@ describe('Test external auth plugins', function () {
    const config: ServerConfig = res.body
    const auths = config.plugin.registeredExternalAuths
-    expect(auths).to.have.lengthOf(1)
+    expect(auths).to.have.lengthOf(4)
    const auth2 = auths.find((a) => a.authName === 'external-auth-2')
    expect(auth2).to.not.exist
author	Chocobozzz <me@florianbigard.com>	2020-05-11 18:29:06 +0200
committer	Chocobozzz <me@florianbigard.com>	2020-05-11 18:32:58 +0200
commit	d253bfaaa5f42b1fba71dc70de2932fbfdca5421 (patch)
tree	33fe01c5d19c8165219852566d3f9d0a6f1f6140
parent	5ff523664fda3acf83e319a7c08cd14af0025e99 (diff)
download	PeerTube-d253bfaaa5f42b1fba71dc70de2932fbfdca5421.tar.gz PeerTube-d253bfaaa5f42b1fba71dc70de2932fbfdca5421.tar.zst PeerTube-d253bfaaa5f42b1fba71dc70de2932fbfdca5421.zip

diff --git a/server/lib/oauth-model.ts b/server/lib/oauth-model.ts index dbcba897a..e5ea4636e 100644 --- a/server/lib/oauth-model.ts +++ b/server/lib/oauth-model.ts
@@ -123,7 +123,7 @@ async function getUser (usernameOrEmail?: string, password?: string) {
123		123
124	const user = await UserModel.loadByUsernameOrEmail(usernameOrEmail)	124	const user = await UserModel.loadByUsernameOrEmail(usernameOrEmail)
125	// If we don't find the user, or if the user belongs to a plugin	125	// If we don't find the user, or if the user belongs to a plugin
126	if (!user \|\| user.pluginAuth !== null) return null	126	if (!user \|\| user.pluginAuth !== null \|\| !password) return null
127		127
128	const passwordMatch = await user.isPasswordMatch(password)	128	const passwordMatch = await user.isPasswordMatch(password)
129	if (passwordMatch !== true) return null	129	if (passwordMatch !== true) return null


diff --git a/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js b/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js index 126905ffc..1604a7c41 100644 --- a/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js +++ b/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js
@@ -17,6 +17,54 @@ async function register ({
17	}	17	}
18	})	18	})
19	}	19	}
		20
		21	{
		22	const result = registerExternalAuth({
		23	authName: 'external-auth-4',
		24	authDisplayName: () => 'External Auth 4',
		25	onAuthRequest: (req, res) => {
		26	result.userAuthenticated({
		27	req,
		28	res,
		29	username: 'kefka2',
		30	email: 'kefka@example.com',
		31	displayName: 'Kefka duplication'
		32	})
		33	}
		34	})
		35	}
		36
		37	{
		38	const result = registerExternalAuth({
		39	authName: 'external-auth-5',
		40	authDisplayName: () => 'External Auth 5',
		41	onAuthRequest: (req, res) => {
		42	result.userAuthenticated({
		43	req,
		44	res,
		45	username: 'kefka',
		46	email: 'kefka@example.com',
		47	displayName: 'Kefka duplication'
		48	})
		49	}
		50	})
		51	}
		52
		53	{
		54	const result = registerExternalAuth({
		55	authName: 'external-auth-6',
		56	authDisplayName: () => 'External Auth 6',
		57	onAuthRequest: (req, res) => {
		58	result.userAuthenticated({
		59	req,
		60	res,
		61	username: 'existing_user',
		62	email: 'existing_user@example.com',
		63	displayName: 'Existing user'
		64	})
		65	}
		66	})
		67	}
20	}	68	}
21		69
22	async function unregister () {	70	async function unregister () {


diff --git a/server/tests/plugins/external-auth.ts b/server/tests/plugins/external-auth.ts index 312561538..a85672782 100644 --- a/server/tests/plugins/external-auth.ts +++ b/server/tests/plugins/external-auth.ts
@@ -18,7 +18,8 @@ import {
18	updateMyUser,	18	updateMyUser,
19	wait,	19	wait,
20	userLogin,	20	userLogin,
21	updatePluginSettings	21	updatePluginSettings,
		22	createUser
22	} from '../../../shared/extra-utils'	23	} from '../../../shared/extra-utils'
23	import { cleanupTests, flushAndRunServer, ServerInfo, waitUntilLog } from '../../../shared/extra-utils/server/servers'	24	import { cleanupTests, flushAndRunServer, ServerInfo, waitUntilLog } from '../../../shared/extra-utils/server/servers'
24		25
@@ -29,6 +30,7 @@ async function loginExternal (options: {
29	username: string	30	username: string
30	query?: any	31	query?: any
31	statusCodeExpected?: number	32	statusCodeExpected?: number
		33	statusCodeExpectedStep2?: number
32	}) {	34	}) {
33	const res = await getExternalAuth({	35	const res = await getExternalAuth({
34	url: options.server.url,	36	url: options.server.url,
@@ -47,7 +49,8 @@ async function loginExternal (options: {
47	const resLogin = await loginUsingExternalToken(	49	const resLogin = await loginUsingExternalToken(
48	options.server,	50	options.server,
49	options.username,	51	options.username,
50	externalAuthToken as string	52	externalAuthToken as string,
		53	options.statusCodeExpectedStep2
51	)	54	)
52		55
53	return resLogin.body	56	return resLogin.body
@@ -85,7 +88,7 @@ describe('Test external auth plugins', function () {
85	const config: ServerConfig = res.body	88	const config: ServerConfig = res.body
86		89
87	const auths = config.plugin.registeredExternalAuths	90	const auths = config.plugin.registeredExternalAuths
88	expect(auths).to.have.lengthOf(3)	91	expect(auths).to.have.lengthOf(6)
89		92
90	const auth2 = auths.find((a) => a.authName === 'external-auth-2')	93	const auth2 = auths.find((a) => a.authName === 'external-auth-2')
91	expect(auth2).to.exist	94	expect(auth2).to.exist
@@ -288,7 +291,7 @@ describe('Test external auth plugins', function () {
288	const config: ServerConfig = res.body	291	const config: ServerConfig = res.body
289		292
290	const auths = config.plugin.registeredExternalAuths	293	const auths = config.plugin.registeredExternalAuths
291	expect(auths).to.have.lengthOf(2)	294	expect(auths).to.have.lengthOf(5)
292		295
293	const auth1 = auths.find(a => a.authName === 'external-auth-2')	296	const auth1 = auths.find(a => a.authName === 'external-auth-2')
294	expect(auth1).to.not.exist	297	expect(auth1).to.not.exist
@@ -311,6 +314,45 @@ describe('Test external auth plugins', function () {
311	username: 'cyan',	314	username: 'cyan',
312	statusCodeExpected: 404	315	statusCodeExpected: 404
313	})	316	})
		317
		318	await userLogin(server, { username: 'cyan', password: null }, 400)
		319	await userLogin(server, { username: 'cyan', password: '' }, 400)
		320	await userLogin(server, { username: 'cyan', password: 'fake' }, 400)
		321	})
		322
		323	it('Should not login kefka with another plugin', async function () {
		324	await loginExternal({
		325	server,
		326	npmName: 'test-external-auth-two',
		327	authName: 'external-auth-4',
		328	username: 'kefka2',
		329	statusCodeExpectedStep2: 400
		330	})
		331
		332	await loginExternal({
		333	server,
		334	npmName: 'test-external-auth-two',
		335	authName: 'external-auth-4',
		336	username: 'kefka',
		337	statusCodeExpectedStep2: 400
		338	})
		339	})
		340
		341	it('Should not login an existing user', async function () {
		342	await createUser({
		343	url: server.url,
		344	accessToken: server.accessToken,
		345	username: 'existing_user',
		346	password: 'super_password'
		347	})
		348
		349	await loginExternal({
		350	server,
		351	npmName: 'test-external-auth-two',
		352	authName: 'external-auth-6',
		353	username: 'existing_user',
		354	statusCodeExpectedStep2: 400
		355	})
314	})	356	})
315		357
316	it('Should display the correct configuration', async function () {	358	it('Should display the correct configuration', async function () {
@@ -319,7 +361,7 @@ describe('Test external auth plugins', function () {
319	const config: ServerConfig = res.body	361	const config: ServerConfig = res.body
320		362
321	const auths = config.plugin.registeredExternalAuths	363	const auths = config.plugin.registeredExternalAuths
322	expect(auths).to.have.lengthOf(1)	364	expect(auths).to.have.lengthOf(4)
323		365
324	const auth2 = auths.find((a) => a.authName === 'external-auth-2')	366	const auth2 = auths.find((a) => a.authName === 'external-auth-2')
325	expect(auth2).to.not.exist	367	expect(auth2).to.not.exist