1 files changed, 0 insertions, 197 deletions
diff --git a/server/tests/api/users/oauth.ts b/server/tests/api/users/oauth.ts
deleted file mode 100644
index 153615875..000000000
--- a/server/tests/api/users/oauth.ts
+++ /dev/null
@@ -1,197 +0,0 @@
-/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
-import { expect } from 'chai'
-import { SQLCommand } from '@server/tests/shared'
-import { wait } from '@shared/core-utils'
-import { HttpStatusCode, OAuth2ErrorCode, PeerTubeProblemDocument } from '@shared/models'
-import { cleanupTests, createSingleServer, killallServers, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
-describe('Test oauth', function () {
-  let server: PeerTubeServer
-  let sqlCommand: SQLCommand
-  before(async function () {
-    this.timeout(30000)
-    server = await createSingleServer(1, {
-      rates_limit: {
-        login: {
-          max: 30
-        }
-      }
-    })
-    await setAccessTokensToServers([ server ])
-    sqlCommand = new SQLCommand(server)
-  })
-  describe('OAuth client', function () {
-    function expectInvalidClient (body: PeerTubeProblemDocument) {
-      expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
-      expect(body.error).to.contain('client is invalid')
-      expect(body.type.startsWith('https://')).to.be.true
-      expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
-    }
-    it('Should create a new client')
-    it('Should return the first client')
-    it('Should remove the last client')
-    it('Should not login with an invalid client id', async function () {
-      const client = { id: 'client', secret: server.store.client.secret }
-      const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
-      expectInvalidClient(body)
-    })
-    it('Should not login with an invalid client secret', async function () {
-      const client = { id: server.store.client.id, secret: 'coucou' }
-      const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
-      expectInvalidClient(body)
-    })
-  })
-  describe('Login', function () {
-    function expectInvalidCredentials (body: PeerTubeProblemDocument) {
-      expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
-      expect(body.error).to.contain('credentials are invalid')
-      expect(body.type.startsWith('https://')).to.be.true
-      expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
-    }
-    it('Should not login with an invalid username', async function () {
-      const user = { username: 'captain crochet', password: server.store.user.password }
-      const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
-      expectInvalidCredentials(body)
-    })
-    it('Should not login with an invalid password', async function () {
-      const user = { username: server.store.user.username, password: 'mew_three' }
-      const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
-      expectInvalidCredentials(body)
-    })
-    it('Should be able to login', async function () {
-      await server.login.login({ expectedStatus: HttpStatusCode.OK_200 })
-    })
-    it('Should be able to login with an insensitive username', async function () {
-      const user = { username: 'RoOt', password: server.store.user.password }
-      await server.login.login({ user, expectedStatus: HttpStatusCode.OK_200 })
-      const user2 = { username: 'rOoT', password: server.store.user.password }
-      await server.login.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
-      const user3 = { username: 'ROOt', password: server.store.user.password }
-      await server.login.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
-    })
-  })
-  describe('Logout', function () {
-    it('Should logout (revoke token)', async function () {
-      await server.login.logout({ token: server.accessToken })
-    })
-    it('Should not be able to get the user information', async function () {
-      await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
-    })
-    it('Should not be able to upload a video', async function () {
-      await server.videos.upload({ attributes: { name: 'video' }, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
-    })
-    it('Should be able to login again', async function () {
-      const body = await server.login.login()
-      server.accessToken = body.access_token
-      server.refreshToken = body.refresh_token
-    })
-    it('Should be able to get my user information again', async function () {
-      await server.users.getMyInfo()
-    })
-    it('Should have an expired access token', async function () {
-      this.timeout(60000)
-      await sqlCommand.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
-      await sqlCommand.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
-      await killallServers([ server ])
-      await server.run()
-      await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
-    })
-    it('Should not be able to refresh an access token with an expired refresh token', async function () {
-      await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
-    })
-    it('Should refresh the token', async function () {
-      this.timeout(50000)
-      const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
-      await sqlCommand.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
-      await killallServers([ server ])
-      await server.run()
-      const res = await server.login.refreshToken({ refreshToken: server.refreshToken })
-      server.accessToken = res.body.access_token
-      server.refreshToken = res.body.refresh_token
-    })
-    it('Should be able to get my user information again', async function () {
-      await server.users.getMyInfo()
-    })
-  })
-  describe('Custom token lifetime', function () {
-    before(async function () {
-      this.timeout(120_000)
-      await server.kill()
-      await server.run({
-        oauth2: {
-          token_lifetime: {
-            access_token: '2 seconds',
-            refresh_token: '2 seconds'
-          }
-        }
-      })
-    })
-    it('Should have a very short access token lifetime', async function () {
-      this.timeout(50000)
-      const { access_token: accessToken } = await server.login.login()
-      await server.users.getMyInfo({ token: accessToken })
-      await wait(3000)
-      await server.users.getMyInfo({ token: accessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
-    })
-    it('Should have a very short refresh token lifetime', async function () {
-      this.timeout(50000)
-      const { refresh_token: refreshToken } = await server.login.login()
-      await server.login.refreshToken({ refreshToken })
-      await wait(3000)
-      await server.login.refreshToken({ refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
-    })
-  })
-  after(async function () {
-    await sqlCommand.cleanup()
-    await cleanupTests([ server ])
-  })
-})

diff --git a/server/tests/api/users/oauth.ts b/server/tests/api/users/oauth.ts deleted file mode 100644 index 153615875..000000000 --- a/server/tests/api/users/oauth.ts +++ /dev/null
@@ -1,197 +0,0 @@
1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2
3	import { expect } from 'chai'
4	import { SQLCommand } from '@server/tests/shared'
5	import { wait } from '@shared/core-utils'
6	import { HttpStatusCode, OAuth2ErrorCode, PeerTubeProblemDocument } from '@shared/models'
7	import { cleanupTests, createSingleServer, killallServers, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
8
9	describe('Test oauth', function () {
10	let server: PeerTubeServer
11	let sqlCommand: SQLCommand
12
13	before(async function () {
14	this.timeout(30000)
15
16	server = await createSingleServer(1, {
17	rates_limit: {
18	login: {
19	max: 30
20	}
21	}
22	})
23
24	await setAccessTokensToServers([ server ])
25
26	sqlCommand = new SQLCommand(server)
27	})
28
29	describe('OAuth client', function () {
30
31	function expectInvalidClient (body: PeerTubeProblemDocument) {
32	expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
33	expect(body.error).to.contain('client is invalid')
34	expect(body.type.startsWith('https://')).to.be.true
35	expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
36	}
37
38	it('Should create a new client')
39
40	it('Should return the first client')
41
42	it('Should remove the last client')
43
44	it('Should not login with an invalid client id', async function () {
45	const client = { id: 'client', secret: server.store.client.secret }
46	const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
47
48	expectInvalidClient(body)
49	})
50
51	it('Should not login with an invalid client secret', async function () {
52	const client = { id: server.store.client.id, secret: 'coucou' }
53	const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
54
55	expectInvalidClient(body)
56	})
57	})
58
59	describe('Login', function () {
60
61	function expectInvalidCredentials (body: PeerTubeProblemDocument) {
62	expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
63	expect(body.error).to.contain('credentials are invalid')
64	expect(body.type.startsWith('https://')).to.be.true
65	expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
66	}
67
68	it('Should not login with an invalid username', async function () {
69	const user = { username: 'captain crochet', password: server.store.user.password }
70	const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
71
72	expectInvalidCredentials(body)
73	})
74
75	it('Should not login with an invalid password', async function () {
76	const user = { username: server.store.user.username, password: 'mew_three' }
77	const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
78
79	expectInvalidCredentials(body)
80	})
81
82	it('Should be able to login', async function () {
83	await server.login.login({ expectedStatus: HttpStatusCode.OK_200 })
84	})
85
86	it('Should be able to login with an insensitive username', async function () {
87	const user = { username: 'RoOt', password: server.store.user.password }
88	await server.login.login({ user, expectedStatus: HttpStatusCode.OK_200 })
89
90	const user2 = { username: 'rOoT', password: server.store.user.password }
91	await server.login.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
92
93	const user3 = { username: 'ROOt', password: server.store.user.password }
94	await server.login.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
95	})
96	})
97
98	describe('Logout', function () {
99
100	it('Should logout (revoke token)', async function () {
101	await server.login.logout({ token: server.accessToken })
102	})
103
104	it('Should not be able to get the user information', async function () {
105	await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
106	})
107
108	it('Should not be able to upload a video', async function () {
109	await server.videos.upload({ attributes: { name: 'video' }, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
110	})
111
112	it('Should be able to login again', async function () {
113	const body = await server.login.login()
114	server.accessToken = body.access_token
115	server.refreshToken = body.refresh_token
116	})
117
118	it('Should be able to get my user information again', async function () {
119	await server.users.getMyInfo()
120	})
121
122	it('Should have an expired access token', async function () {
123	this.timeout(60000)
124
125	await sqlCommand.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
126	await sqlCommand.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
127
128	await killallServers([ server ])
129	await server.run()
130
131	await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
132	})
133
134	it('Should not be able to refresh an access token with an expired refresh token', async function () {
135	await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
136	})
137
138	it('Should refresh the token', async function () {
139	this.timeout(50000)
140
141	const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
142	await sqlCommand.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
143
144	await killallServers([ server ])
145	await server.run()
146
147	const res = await server.login.refreshToken({ refreshToken: server.refreshToken })
148	server.accessToken = res.body.access_token
149	server.refreshToken = res.body.refresh_token
150	})
151
152	it('Should be able to get my user information again', async function () {
153	await server.users.getMyInfo()
154	})
155	})
156
157	describe('Custom token lifetime', function () {
158	before(async function () {
159	this.timeout(120_000)
160
161	await server.kill()
162	await server.run({
163	oauth2: {
164	token_lifetime: {
165	access_token: '2 seconds',
166	refresh_token: '2 seconds'
167	}
168	}
169	})
170	})
171
172	it('Should have a very short access token lifetime', async function () {
173	this.timeout(50000)
174
175	const { access_token: accessToken } = await server.login.login()
176	await server.users.getMyInfo({ token: accessToken })
177
178	await wait(3000)
179	await server.users.getMyInfo({ token: accessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
180	})
181
182	it('Should have a very short refresh token lifetime', async function () {
183	this.timeout(50000)
184
185	const { refresh_token: refreshToken } = await server.login.login()
186	await server.login.refreshToken({ refreshToken })
187
188	await wait(3000)
189	await server.login.refreshToken({ refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
190	})
191	})
192
193	after(async function () {
194	await sqlCommand.cleanup()
195	await cleanupTests([ server ])
196	})
197	})