3 files changed, 30 insertions, 40 deletions
diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts
index 12872c4a5..9976993e0 100644
--- a/server/middlewares/oauth.ts
+++ b/server/middlewares/oauth.ts
@@ -1,10 +1,10 @@
-import 'express-validator'
 import * as express from 'express'
 import * as OAuthServer from 'express-oauth-server'
-import { logger } from '../helpers/logger'
+import 'express-validator'
 import { OAUTH_LIFETIME } from '../initializers'
 const oAuthServer = new OAuthServer({
+  useErrorHandler: true,
  accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN,
  refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN,
  model: require('../lib/oauth-model')
@@ -13,14 +13,12 @@ const oAuthServer = new OAuthServer({
 function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
  oAuthServer.authenticate()(req, res, err => {
    if (err) {
-      logger.error('Cannot authenticate.', err)
+      return res.status(err.status)
-      return res.sendStatus(500)
+        .json({
-    }
+          error: 'Authentication failed.',
+          code: err.name
-    if (res.statusCode === 401 || res.statusCode === 400 || res.statusCode === 503) {
+        })
-      return res.json({
+        .end()
-        error: 'Authentication failed.'
-      }).end()
    }
    return next()
diff --git a/server/tests/api/check-params/jobs.ts b/server/tests/api/check-params/jobs.ts
index 3795d1d64..46b05cb4e 100644
--- a/server/tests/api/check-params/jobs.ts
+++ b/server/tests/api/check-params/jobs.ts
@@ -4,6 +4,8 @@ import 'mocha'
 import * as request from 'supertest'
 import { createUser, flushTests, userLogin, killallServers, runServer, ServerInfo, setAccessTokensToServers } from '../../utils'
+import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
+import { makeGetRequest } from '../../utils/requests/requests'
 describe('Test jobs API validators', function () {
  const path = '/api/v1/jobs/'
@@ -31,45 +33,32 @@ describe('Test jobs API validators', function () {
  describe('When listing jobs', function () {
    it('Should fail with a bad start pagination', async function () {
-      await request(server.url)
+      await checkBadStartPagination(server.url, path, server.accessToken)
-              .get(path)
-              .query({ start: 'hello' })
-              .set('Accept', 'application/json')
-              .set('Authorization', 'Bearer ' + server.accessToken)
-              .expect(400)
    })
    it('Should fail with a bad count pagination', async function () {
-      await request(server.url)
+      await checkBadCountPagination(server.url, path, server.accessToken)
-              .get(path)
-              .query({ count: 'hello' })
-              .set('Accept', 'application/json')
-              .set('Authorization', 'Bearer ' + server.accessToken)
-              .expect(400)
    })
    it('Should fail with an incorrect sort', async function () {
-      await request(server.url)
+      await checkBadSortPagination(server.url, path, server.accessToken)
-              .get(path)
-              .query({ sort: 'hello' })
-              .set('Accept', 'application/json')
-              .set('Authorization', 'Bearer ' + server.accessToken)
-              .expect(400)
    })
    it('Should fail with a non authenticated user', async function () {
-      await request(server.url)
+      await makeGetRequest({
-        .get(path)
+        url: server.url,
-        .set('Accept', 'application/json')
+        path,
-        .expect(401)
+        statusCodeExpected: 401
+      })
    })
    it('Should fail with a non admin user', async function () {
-      await request(server.url)
+      await makeGetRequest({
-        .get(path)
+        url: server.url,
-        .set('Accept', 'application/json')
+        path,
-        .set('Authorization', 'Bearer ' + userAccessToken)
+        token: userAccessToken,
-        .expect(403)
+        statusCodeExpected: 403
+      })
    })
  })
diff --git a/server/tests/utils/requests/check-api-params.ts b/server/tests/utils/requests/check-api-params.ts
index fbd660629..7550eb3d8 100644
--- a/server/tests/utils/requests/check-api-params.ts
+++ b/server/tests/utils/requests/check-api-params.ts
@@ -1,27 +1,30 @@
 import { makeGetRequest } from './requests'
-function checkBadStartPagination (url: string, path: string) {
+function checkBadStartPagination (url: string, path: string, token?: string) {
  return makeGetRequest({
    url,
    path,
+    token,
    query: { start: 'hello' },
    statusCodeExpected: 400
  })
 }
-function checkBadCountPagination (url: string, path: string) {
+function checkBadCountPagination (url: string, path: string, token?: string) {
  return makeGetRequest({
    url,
    path,
+    token,
    query: { count: 'hello' },
    statusCodeExpected: 400
  })
 }
-function checkBadSortPagination (url: string, path: string) {
+function checkBadSortPagination (url: string, path: string, token?: string) {
  return makeGetRequest({
    url,
    path,
+    token,
    query: { sort: 'hello' },
    statusCodeExpected: 400
  })

diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts index 12872c4a5..9976993e0 100644 --- a/server/middlewares/oauth.ts +++ b/server/middlewares/oauth.ts
@@ -1,10 +1,10 @@
1	import 'express-validator'
2	import * as express from 'express'	1	import * as express from 'express'
3	import * as OAuthServer from 'express-oauth-server'	2	import * as OAuthServer from 'express-oauth-server'
4	import { logger } from '../helpers/logger'	3	import 'express-validator'
5	import { OAUTH_LIFETIME } from '../initializers'	4	import { OAUTH_LIFETIME } from '../initializers'
6		5
7	const oAuthServer = new OAuthServer({	6	const oAuthServer = new OAuthServer({
		7	useErrorHandler: true,
8	accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN,	8	accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN,
9	refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN,	9	refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN,
10	model: require('../lib/oauth-model')	10	model: require('../lib/oauth-model')
@@ -13,14 +13,12 @@ const oAuthServer = new OAuthServer({
13	function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) {	13	function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
14	oAuthServer.authenticate()(req, res, err => {	14	oAuthServer.authenticate()(req, res, err => {
15	if (err) {	15	if (err) {
16	logger.error('Cannot authenticate.', err)	16	return res.status(err.status)
17	return res.sendStatus(500)	17	.json({
18	}	18	error: 'Authentication failed.',
19		19	code: err.name
20	if (res.statusCode === 401 \|\| res.statusCode === 400 \|\| res.statusCode === 503) {	20	})
21	return res.json({	21	.end()
22	error: 'Authentication failed.'
23	}).end()
24	}	22	}
25		23
26	return next()	24	return next()


diff --git a/server/tests/api/check-params/jobs.ts b/server/tests/api/check-params/jobs.ts index 3795d1d64..46b05cb4e 100644 --- a/server/tests/api/check-params/jobs.ts +++ b/server/tests/api/check-params/jobs.ts
@@ -4,6 +4,8 @@ import 'mocha'
4	import * as request from 'supertest'	4	import * as request from 'supertest'
5		5
6	import { createUser, flushTests, userLogin, killallServers, runServer, ServerInfo, setAccessTokensToServers } from '../../utils'	6	import { createUser, flushTests, userLogin, killallServers, runServer, ServerInfo, setAccessTokensToServers } from '../../utils'
		7	import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
		8	import { makeGetRequest } from '../../utils/requests/requests'
7		9
8	describe('Test jobs API validators', function () {	10	describe('Test jobs API validators', function () {
9	const path = '/api/v1/jobs/'	11	const path = '/api/v1/jobs/'
@@ -31,45 +33,32 @@ describe('Test jobs API validators', function () {
31		33
32	describe('When listing jobs', function () {	34	describe('When listing jobs', function () {
33	it('Should fail with a bad start pagination', async function () {	35	it('Should fail with a bad start pagination', async function () {
34	await request(server.url)	36	await checkBadStartPagination(server.url, path, server.accessToken)
35	.get(path)
36	.query({ start: 'hello' })
37	.set('Accept', 'application/json')
38	.set('Authorization', 'Bearer ' + server.accessToken)
39	.expect(400)
40	})	37	})
41		38
42	it('Should fail with a bad count pagination', async function () {	39	it('Should fail with a bad count pagination', async function () {
43	await request(server.url)	40	await checkBadCountPagination(server.url, path, server.accessToken)
44	.get(path)
45	.query({ count: 'hello' })
46	.set('Accept', 'application/json')
47	.set('Authorization', 'Bearer ' + server.accessToken)
48	.expect(400)
49	})	41	})
50		42
51	it('Should fail with an incorrect sort', async function () {	43	it('Should fail with an incorrect sort', async function () {
52	await request(server.url)	44	await checkBadSortPagination(server.url, path, server.accessToken)
53	.get(path)
54	.query({ sort: 'hello' })
55	.set('Accept', 'application/json')
56	.set('Authorization', 'Bearer ' + server.accessToken)
57	.expect(400)
58	})	45	})
59		46
60	it('Should fail with a non authenticated user', async function () {	47	it('Should fail with a non authenticated user', async function () {
61	await request(server.url)	48	await makeGetRequest({
62	.get(path)	49	url: server.url,
63	.set('Accept', 'application/json')	50	path,
64	.expect(401)	51	statusCodeExpected: 401
		52	})
65	})	53	})
66		54
67	it('Should fail with a non admin user', async function () {	55	it('Should fail with a non admin user', async function () {
68	await request(server.url)	56	await makeGetRequest({
69	.get(path)	57	url: server.url,
70	.set('Accept', 'application/json')	58	path,
71	.set('Authorization', 'Bearer ' + userAccessToken)	59	token: userAccessToken,
72	.expect(403)	60	statusCodeExpected: 403
		61	})
73	})	62	})
74	})	63	})
75		64


diff --git a/server/tests/utils/requests/check-api-params.ts b/server/tests/utils/requests/check-api-params.ts index fbd660629..7550eb3d8 100644 --- a/server/tests/utils/requests/check-api-params.ts +++ b/server/tests/utils/requests/check-api-params.ts
@@ -1,27 +1,30 @@
1	import { makeGetRequest } from './requests'	1	import { makeGetRequest } from './requests'
2		2
3	function checkBadStartPagination (url: string, path: string) {	3	function checkBadStartPagination (url: string, path: string, token?: string) {
4	return makeGetRequest({	4	return makeGetRequest({
5	url,	5	url,
6	path,	6	path,
		7	token,
7	query: { start: 'hello' },	8	query: { start: 'hello' },
8	statusCodeExpected: 400	9	statusCodeExpected: 400
9	})	10	})
10	}	11	}
11		12
12	function checkBadCountPagination (url: string, path: string) {	13	function checkBadCountPagination (url: string, path: string, token?: string) {
13	return makeGetRequest({	14	return makeGetRequest({
14	url,	15	url,
15	path,	16	path,
		17	token,
16	query: { count: 'hello' },	18	query: { count: 'hello' },
17	statusCodeExpected: 400	19	statusCodeExpected: 400
18	})	20	})
19	}	21	}
20		22
21	function checkBadSortPagination (url: string, path: string) {	23	function checkBadSortPagination (url: string, path: string, token?: string) {
22	return makeGetRequest({	24	return makeGetRequest({
23	url,	25	url,
24	path,	26	path,
		27	token,
25	query: { sort: 'hello' },	28	query: { sort: 'hello' },
26	statusCodeExpected: 400	29	statusCodeExpected: 400
27	})	30	})