Add ability for auth plugins to hook tokens validity

author: Chocobozzz <me@florianbigard.com> 2020-04-24 11:33:01 +0200
committer: Chocobozzz <chocobozzz@cpy.re> 2020-05-04 16:21:39 +0200
commit: e307e4fce39853d445d086f92b8c556c363ee15d (patch)
tree: 0f3faaf3c73222db0fb55b72260c787aeeeb05eb /server/tests/plugins/id-and-pass-auth.ts
parent: e1c5503114deef954731904695cd40dccfcef555 (diff)
download: PeerTube-e307e4fce39853d445d086f92b8c556c363ee15d.tar.gz
PeerTube-e307e4fce39853d445d086f92b8c556c363ee15d.tar.zst
PeerTube-e307e4fce39853d445d086f92b8c556c363ee15d.zip
1 files changed, 64 insertions, 21 deletions
diff --git a/server/tests/plugins/id-and-pass-auth.ts b/server/tests/plugins/id-and-pass-auth.ts
index 45fa7856c..0268d35a0 100644
--- a/server/tests/plugins/id-and-pass-auth.ts
+++ b/server/tests/plugins/id-and-pass-auth.ts
@@ -10,14 +10,21 @@ import {
  setAccessTokensToServers,
  uninstallPlugin,
  updateMyUser,
-  userLogin
+  userLogin,
+  wait,
+  login, refreshToken
 } from '../../../shared/extra-utils'
 import { User, UserRole } from '@shared/models'
 import { expect } from 'chai'
 describe('Test id and pass auth plugins', function () {
  let server: ServerInfo
-  let crashToken: string
+  let crashAccessToken: string
+  let crashRefreshToken: string
+  let lagunaAccessToken: string
+  let lagunaRefreshToken: string
  before(async function () {
    this.timeout(30000)
@@ -50,36 +57,64 @@ describe('Test id and pass auth plugins', function () {
  })
  it('Should login Crash, create the user and use the token', async function () {
-    crashToken = await userLogin(server, { username: 'crash', password: 'crash password' })
+    {
+      const res = await login(server.url, server.client, { username: 'crash', password: 'crash password' })
+      crashAccessToken = res.body.access_token
+      crashRefreshToken = res.body.refresh_token
+    }
-    const res = await getMyUserInformation(server.url, crashToken)
+    {
+      const res = await getMyUserInformation(server.url, crashAccessToken)
-    const body: User = res.body
+      const body: User = res.body
-    expect(body.username).to.equal('crash')
+      expect(body.username).to.equal('crash')
-    expect(body.account.displayName).to.equal('Crash Bandicoot')
+      expect(body.account.displayName).to.equal('Crash Bandicoot')
-    expect(body.role).to.equal(UserRole.MODERATOR)
+      expect(body.role).to.equal(UserRole.MODERATOR)
+    }
  })
  it('Should login the first Laguna, create the user and use the token', async function () {
-    const accessToken = await userLogin(server, { username: 'laguna', password: 'laguna password' })
+    {
+      const res = await login(server.url, server.client, { username: 'laguna', password: 'laguna password' })
+      lagunaAccessToken = res.body.access_token
+      lagunaRefreshToken = res.body.refresh_token
+    }
-    const res = await getMyUserInformation(server.url, accessToken)
+    {
+      const res = await getMyUserInformation(server.url, lagunaAccessToken)
-    const body: User = res.body
+      const body: User = res.body
-    expect(body.username).to.equal('laguna')
+      expect(body.username).to.equal('laguna')
-    expect(body.account.displayName).to.equal('laguna')
+      expect(body.account.displayName).to.equal('laguna')
-    expect(body.role).to.equal(UserRole.USER)
+      expect(body.role).to.equal(UserRole.USER)
+    }
+  })
+  it('Should refresh crash token, but not laguna token', async function () {
+    {
+      const resRefresh = await refreshToken(server, crashRefreshToken)
+      crashAccessToken = resRefresh.body.access_token
+      crashRefreshToken = resRefresh.body.refresh_token
+      const res = await getMyUserInformation(server.url, crashAccessToken)
+      const user: User = res.body
+      expect(user.username).to.equal('crash')
+    }
+    {
+      await refreshToken(server, lagunaRefreshToken, 400)
+    }
  })
  it('Should update Crash profile', async function () {
    await updateMyUser({
      url: server.url,
-      accessToken: crashToken,
+      accessToken: crashAccessToken,
      displayName: 'Beautiful Crash',
      description: 'Mutant eastern barred bandicoot'
    })
-    const res = await getMyUserInformation(server.url, crashToken)
+    const res = await getMyUserInformation(server.url, crashAccessToken)
    const body: User = res.body
    expect(body.account.displayName).to.equal('Beautiful Crash')
@@ -87,19 +122,19 @@ describe('Test id and pass auth plugins', function () {
  })
  it('Should logout Crash', async function () {
-    await logout(server.url, crashToken)
+    await logout(server.url, crashAccessToken)
  })
  it('Should have logged out Crash', async function () {
-    await getMyUserInformation(server.url, crashToken, 401)
    await waitUntilLog(server, 'On logout for auth 1 - 2')
+    await getMyUserInformation(server.url, crashAccessToken, 401)
  })
  it('Should login Crash and keep the old existing profile', async function () {
-    crashToken = await userLogin(server, { username: 'crash', password: 'crash password' })
+    crashAccessToken = await userLogin(server, { username: 'crash', password: 'crash password' })
-    const res = await getMyUserInformation(server.url, crashToken)
+    const res = await getMyUserInformation(server.url, crashAccessToken)
    const body: User = res.body
    expect(body.username).to.equal('crash')
@@ -108,6 +143,14 @@ describe('Test id and pass auth plugins', function () {
    expect(body.role).to.equal(UserRole.MODERATOR)
  })
+  it('Should correctly auth token of laguna', async function () {
+    this.timeout(10000)
+    await wait(5000)
+    await getMyUserInformation(server.url, lagunaAccessToken, 401)
+  })
  it('Should uninstall the plugin one and do not login existing Crash', async function () {
    await uninstallPlugin({
      url: server.url,
author	Chocobozzz <me@florianbigard.com>	2020-04-24 11:33:01 +0200
committer	Chocobozzz <chocobozzz@cpy.re>	2020-05-04 16:21:39 +0200
commit	e307e4fce39853d445d086f92b8c556c363ee15d (patch)
tree	0f3faaf3c73222db0fb55b72260c787aeeeb05eb /server/tests/plugins/id-and-pass-auth.ts
parent	e1c5503114deef954731904695cd40dccfcef555 (diff)
download	PeerTube-e307e4fce39853d445d086f92b8c556c363ee15d.tar.gz PeerTube-e307e4fce39853d445d086f92b8c556c363ee15d.tar.zst PeerTube-e307e4fce39853d445d086f92b8c556c363ee15d.zip

diff --git a/server/tests/plugins/id-and-pass-auth.ts b/server/tests/plugins/id-and-pass-auth.ts index 45fa7856c..0268d35a0 100644 --- a/server/tests/plugins/id-and-pass-auth.ts +++ b/server/tests/plugins/id-and-pass-auth.ts
@@ -10,14 +10,21 @@ import {
10	setAccessTokensToServers,	10	setAccessTokensToServers,
11	uninstallPlugin,	11	uninstallPlugin,
12	updateMyUser,	12	updateMyUser,
13	userLogin	13	userLogin,
		14	wait,
		15	login, refreshToken
14	} from '../../../shared/extra-utils'	16	} from '../../../shared/extra-utils'
15	import { User, UserRole } from '@shared/models'	17	import { User, UserRole } from '@shared/models'
16	import { expect } from 'chai'	18	import { expect } from 'chai'
17		19
18	describe('Test id and pass auth plugins', function () {	20	describe('Test id and pass auth plugins', function () {
19	let server: ServerInfo	21	let server: ServerInfo
20	let crashToken: string	22
		23	let crashAccessToken: string
		24	let crashRefreshToken: string
		25
		26	let lagunaAccessToken: string
		27	let lagunaRefreshToken: string
21		28
22	before(async function () {	29	before(async function () {
23	this.timeout(30000)	30	this.timeout(30000)
@@ -50,36 +57,64 @@ describe('Test id and pass auth plugins', function () {
50	})	57	})
51		58
52	it('Should login Crash, create the user and use the token', async function () {	59	it('Should login Crash, create the user and use the token', async function () {
53	crashToken = await userLogin(server, { username: 'crash', password: 'crash password' })	60	{
		61	const res = await login(server.url, server.client, { username: 'crash', password: 'crash password' })
		62	crashAccessToken = res.body.access_token
		63	crashRefreshToken = res.body.refresh_token
		64	}
54		65
55	const res = await getMyUserInformation(server.url, crashToken)	66	{
		67	const res = await getMyUserInformation(server.url, crashAccessToken)
56		68
57	const body: User = res.body	69	const body: User = res.body
58	expect(body.username).to.equal('crash')	70	expect(body.username).to.equal('crash')
59	expect(body.account.displayName).to.equal('Crash Bandicoot')	71	expect(body.account.displayName).to.equal('Crash Bandicoot')
60	expect(body.role).to.equal(UserRole.MODERATOR)	72	expect(body.role).to.equal(UserRole.MODERATOR)
		73	}
61	})	74	})
62		75
63	it('Should login the first Laguna, create the user and use the token', async function () {	76	it('Should login the first Laguna, create the user and use the token', async function () {
64	const accessToken = await userLogin(server, { username: 'laguna', password: 'laguna password' })	77	{
		78	const res = await login(server.url, server.client, { username: 'laguna', password: 'laguna password' })
		79	lagunaAccessToken = res.body.access_token
		80	lagunaRefreshToken = res.body.refresh_token
		81	}
65		82
66	const res = await getMyUserInformation(server.url, accessToken)	83	{
		84	const res = await getMyUserInformation(server.url, lagunaAccessToken)
67		85
68	const body: User = res.body	86	const body: User = res.body
69	expect(body.username).to.equal('laguna')	87	expect(body.username).to.equal('laguna')
70	expect(body.account.displayName).to.equal('laguna')	88	expect(body.account.displayName).to.equal('laguna')
71	expect(body.role).to.equal(UserRole.USER)	89	expect(body.role).to.equal(UserRole.USER)
		90	}
		91	})
		92
		93	it('Should refresh crash token, but not laguna token', async function () {
		94	{
		95	const resRefresh = await refreshToken(server, crashRefreshToken)
		96	crashAccessToken = resRefresh.body.access_token
		97	crashRefreshToken = resRefresh.body.refresh_token
		98
		99	const res = await getMyUserInformation(server.url, crashAccessToken)
		100	const user: User = res.body
		101	expect(user.username).to.equal('crash')
		102	}
		103
		104	{
		105	await refreshToken(server, lagunaRefreshToken, 400)
		106	}
72	})	107	})
73		108
74	it('Should update Crash profile', async function () {	109	it('Should update Crash profile', async function () {
75	await updateMyUser({	110	await updateMyUser({
76	url: server.url,	111	url: server.url,
77	accessToken: crashToken,	112	accessToken: crashAccessToken,
78	displayName: 'Beautiful Crash',	113	displayName: 'Beautiful Crash',
79	description: 'Mutant eastern barred bandicoot'	114	description: 'Mutant eastern barred bandicoot'
80	})	115	})
81		116
82	const res = await getMyUserInformation(server.url, crashToken)	117	const res = await getMyUserInformation(server.url, crashAccessToken)
83		118
84	const body: User = res.body	119	const body: User = res.body
85	expect(body.account.displayName).to.equal('Beautiful Crash')	120	expect(body.account.displayName).to.equal('Beautiful Crash')
@@ -87,19 +122,19 @@ describe('Test id and pass auth plugins', function () {
87	})	122	})
88		123
89	it('Should logout Crash', async function () {	124	it('Should logout Crash', async function () {
90	await logout(server.url, crashToken)	125	await logout(server.url, crashAccessToken)
91	})	126	})
92		127
93	it('Should have logged out Crash', async function () {	128	it('Should have logged out Crash', async function () {
94	await getMyUserInformation(server.url, crashToken, 401)
95
96	await waitUntilLog(server, 'On logout for auth 1 - 2')	129	await waitUntilLog(server, 'On logout for auth 1 - 2')
		130
		131	await getMyUserInformation(server.url, crashAccessToken, 401)
97	})	132	})
98		133
99	it('Should login Crash and keep the old existing profile', async function () {	134	it('Should login Crash and keep the old existing profile', async function () {
100	crashToken = await userLogin(server, { username: 'crash', password: 'crash password' })	135	crashAccessToken = await userLogin(server, { username: 'crash', password: 'crash password' })
101		136
102	const res = await getMyUserInformation(server.url, crashToken)	137	const res = await getMyUserInformation(server.url, crashAccessToken)
103		138
104	const body: User = res.body	139	const body: User = res.body
105	expect(body.username).to.equal('crash')	140	expect(body.username).to.equal('crash')
@@ -108,6 +143,14 @@ describe('Test id and pass auth plugins', function () {
108	expect(body.role).to.equal(UserRole.MODERATOR)	143	expect(body.role).to.equal(UserRole.MODERATOR)
109	})	144	})
110		145
		146	it('Should correctly auth token of laguna', async function () {
		147	this.timeout(10000)
		148
		149	await wait(5000)
		150
		151	await getMyUserInformation(server.url, lagunaAccessToken, 401)
		152	})
		153
111	it('Should uninstall the plugin one and do not login existing Crash', async function () {	154	it('Should uninstall the plugin one and do not login existing Crash', async function () {
112	await uninstallPlugin({	155	await uninstallPlugin({
113	url: server.url,	156	url: server.url,