diff options
Diffstat (limited to 'server')
-rw-r--r-- | server/lib/oauth-model.ts | 2 | ||||
-rw-r--r-- | server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js | 48 | ||||
-rw-r--r-- | server/tests/plugins/external-auth.ts | 52 |
3 files changed, 96 insertions, 6 deletions
diff --git a/server/lib/oauth-model.ts b/server/lib/oauth-model.ts index dbcba897a..e5ea4636e 100644 --- a/server/lib/oauth-model.ts +++ b/server/lib/oauth-model.ts | |||
@@ -123,7 +123,7 @@ async function getUser (usernameOrEmail?: string, password?: string) { | |||
123 | 123 | ||
124 | const user = await UserModel.loadByUsernameOrEmail(usernameOrEmail) | 124 | const user = await UserModel.loadByUsernameOrEmail(usernameOrEmail) |
125 | // If we don't find the user, or if the user belongs to a plugin | 125 | // If we don't find the user, or if the user belongs to a plugin |
126 | if (!user || user.pluginAuth !== null) return null | 126 | if (!user || user.pluginAuth !== null || !password) return null |
127 | 127 | ||
128 | const passwordMatch = await user.isPasswordMatch(password) | 128 | const passwordMatch = await user.isPasswordMatch(password) |
129 | if (passwordMatch !== true) return null | 129 | if (passwordMatch !== true) return null |
diff --git a/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js b/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js index 126905ffc..1604a7c41 100644 --- a/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js +++ b/server/tests/fixtures/peertube-plugin-test-external-auth-two/main.js | |||
@@ -17,6 +17,54 @@ async function register ({ | |||
17 | } | 17 | } |
18 | }) | 18 | }) |
19 | } | 19 | } |
20 | |||
21 | { | ||
22 | const result = registerExternalAuth({ | ||
23 | authName: 'external-auth-4', | ||
24 | authDisplayName: () => 'External Auth 4', | ||
25 | onAuthRequest: (req, res) => { | ||
26 | result.userAuthenticated({ | ||
27 | req, | ||
28 | res, | ||
29 | username: 'kefka2', | ||
30 | email: 'kefka@example.com', | ||
31 | displayName: 'Kefka duplication' | ||
32 | }) | ||
33 | } | ||
34 | }) | ||
35 | } | ||
36 | |||
37 | { | ||
38 | const result = registerExternalAuth({ | ||
39 | authName: 'external-auth-5', | ||
40 | authDisplayName: () => 'External Auth 5', | ||
41 | onAuthRequest: (req, res) => { | ||
42 | result.userAuthenticated({ | ||
43 | req, | ||
44 | res, | ||
45 | username: 'kefka', | ||
46 | email: 'kefka@example.com', | ||
47 | displayName: 'Kefka duplication' | ||
48 | }) | ||
49 | } | ||
50 | }) | ||
51 | } | ||
52 | |||
53 | { | ||
54 | const result = registerExternalAuth({ | ||
55 | authName: 'external-auth-6', | ||
56 | authDisplayName: () => 'External Auth 6', | ||
57 | onAuthRequest: (req, res) => { | ||
58 | result.userAuthenticated({ | ||
59 | req, | ||
60 | res, | ||
61 | username: 'existing_user', | ||
62 | email: 'existing_user@example.com', | ||
63 | displayName: 'Existing user' | ||
64 | }) | ||
65 | } | ||
66 | }) | ||
67 | } | ||
20 | } | 68 | } |
21 | 69 | ||
22 | async function unregister () { | 70 | async function unregister () { |
diff --git a/server/tests/plugins/external-auth.ts b/server/tests/plugins/external-auth.ts index 312561538..a85672782 100644 --- a/server/tests/plugins/external-auth.ts +++ b/server/tests/plugins/external-auth.ts | |||
@@ -18,7 +18,8 @@ import { | |||
18 | updateMyUser, | 18 | updateMyUser, |
19 | wait, | 19 | wait, |
20 | userLogin, | 20 | userLogin, |
21 | updatePluginSettings | 21 | updatePluginSettings, |
22 | createUser | ||
22 | } from '../../../shared/extra-utils' | 23 | } from '../../../shared/extra-utils' |
23 | import { cleanupTests, flushAndRunServer, ServerInfo, waitUntilLog } from '../../../shared/extra-utils/server/servers' | 24 | import { cleanupTests, flushAndRunServer, ServerInfo, waitUntilLog } from '../../../shared/extra-utils/server/servers' |
24 | 25 | ||
@@ -29,6 +30,7 @@ async function loginExternal (options: { | |||
29 | username: string | 30 | username: string |
30 | query?: any | 31 | query?: any |
31 | statusCodeExpected?: number | 32 | statusCodeExpected?: number |
33 | statusCodeExpectedStep2?: number | ||
32 | }) { | 34 | }) { |
33 | const res = await getExternalAuth({ | 35 | const res = await getExternalAuth({ |
34 | url: options.server.url, | 36 | url: options.server.url, |
@@ -47,7 +49,8 @@ async function loginExternal (options: { | |||
47 | const resLogin = await loginUsingExternalToken( | 49 | const resLogin = await loginUsingExternalToken( |
48 | options.server, | 50 | options.server, |
49 | options.username, | 51 | options.username, |
50 | externalAuthToken as string | 52 | externalAuthToken as string, |
53 | options.statusCodeExpectedStep2 | ||
51 | ) | 54 | ) |
52 | 55 | ||
53 | return resLogin.body | 56 | return resLogin.body |
@@ -85,7 +88,7 @@ describe('Test external auth plugins', function () { | |||
85 | const config: ServerConfig = res.body | 88 | const config: ServerConfig = res.body |
86 | 89 | ||
87 | const auths = config.plugin.registeredExternalAuths | 90 | const auths = config.plugin.registeredExternalAuths |
88 | expect(auths).to.have.lengthOf(3) | 91 | expect(auths).to.have.lengthOf(6) |
89 | 92 | ||
90 | const auth2 = auths.find((a) => a.authName === 'external-auth-2') | 93 | const auth2 = auths.find((a) => a.authName === 'external-auth-2') |
91 | expect(auth2).to.exist | 94 | expect(auth2).to.exist |
@@ -288,7 +291,7 @@ describe('Test external auth plugins', function () { | |||
288 | const config: ServerConfig = res.body | 291 | const config: ServerConfig = res.body |
289 | 292 | ||
290 | const auths = config.plugin.registeredExternalAuths | 293 | const auths = config.plugin.registeredExternalAuths |
291 | expect(auths).to.have.lengthOf(2) | 294 | expect(auths).to.have.lengthOf(5) |
292 | 295 | ||
293 | const auth1 = auths.find(a => a.authName === 'external-auth-2') | 296 | const auth1 = auths.find(a => a.authName === 'external-auth-2') |
294 | expect(auth1).to.not.exist | 297 | expect(auth1).to.not.exist |
@@ -311,6 +314,45 @@ describe('Test external auth plugins', function () { | |||
311 | username: 'cyan', | 314 | username: 'cyan', |
312 | statusCodeExpected: 404 | 315 | statusCodeExpected: 404 |
313 | }) | 316 | }) |
317 | |||
318 | await userLogin(server, { username: 'cyan', password: null }, 400) | ||
319 | await userLogin(server, { username: 'cyan', password: '' }, 400) | ||
320 | await userLogin(server, { username: 'cyan', password: 'fake' }, 400) | ||
321 | }) | ||
322 | |||
323 | it('Should not login kefka with another plugin', async function () { | ||
324 | await loginExternal({ | ||
325 | server, | ||
326 | npmName: 'test-external-auth-two', | ||
327 | authName: 'external-auth-4', | ||
328 | username: 'kefka2', | ||
329 | statusCodeExpectedStep2: 400 | ||
330 | }) | ||
331 | |||
332 | await loginExternal({ | ||
333 | server, | ||
334 | npmName: 'test-external-auth-two', | ||
335 | authName: 'external-auth-4', | ||
336 | username: 'kefka', | ||
337 | statusCodeExpectedStep2: 400 | ||
338 | }) | ||
339 | }) | ||
340 | |||
341 | it('Should not login an existing user', async function () { | ||
342 | await createUser({ | ||
343 | url: server.url, | ||
344 | accessToken: server.accessToken, | ||
345 | username: 'existing_user', | ||
346 | password: 'super_password' | ||
347 | }) | ||
348 | |||
349 | await loginExternal({ | ||
350 | server, | ||
351 | npmName: 'test-external-auth-two', | ||
352 | authName: 'external-auth-6', | ||
353 | username: 'existing_user', | ||
354 | statusCodeExpectedStep2: 400 | ||
355 | }) | ||
314 | }) | 356 | }) |
315 | 357 | ||
316 | it('Should display the correct configuration', async function () { | 358 | it('Should display the correct configuration', async function () { |
@@ -319,7 +361,7 @@ describe('Test external auth plugins', function () { | |||
319 | const config: ServerConfig = res.body | 361 | const config: ServerConfig = res.body |
320 | 362 | ||
321 | const auths = config.plugin.registeredExternalAuths | 363 | const auths = config.plugin.registeredExternalAuths |
322 | expect(auths).to.have.lengthOf(1) | 364 | expect(auths).to.have.lengthOf(4) |
323 | 365 | ||
324 | const auth2 = auths.find((a) => a.authName === 'external-auth-2') | 366 | const auth2 = auths.find((a) => a.authName === 'external-auth-2') |
325 | expect(auth2).to.not.exist | 367 | expect(auth2).to.not.exist |