aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/middlewares/oauth.ts18
-rw-r--r--server/tests/api/check-params/jobs.ts43
-rw-r--r--server/tests/utils/requests/check-api-params.ts9
3 files changed, 30 insertions, 40 deletions
diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts
index 12872c4a5..9976993e0 100644
--- a/server/middlewares/oauth.ts
+++ b/server/middlewares/oauth.ts
@@ -1,10 +1,10 @@
1import 'express-validator'
2import * as express from 'express' 1import * as express from 'express'
3import * as OAuthServer from 'express-oauth-server' 2import * as OAuthServer from 'express-oauth-server'
4import { logger } from '../helpers/logger' 3import 'express-validator'
5import { OAUTH_LIFETIME } from '../initializers' 4import { OAUTH_LIFETIME } from '../initializers'
6 5
7const oAuthServer = new OAuthServer({ 6const oAuthServer = new OAuthServer({
7 useErrorHandler: true,
8 accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN, 8 accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN,
9 refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN, 9 refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN,
10 model: require('../lib/oauth-model') 10 model: require('../lib/oauth-model')
@@ -13,14 +13,12 @@ const oAuthServer = new OAuthServer({
13function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) { 13function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
14 oAuthServer.authenticate()(req, res, err => { 14 oAuthServer.authenticate()(req, res, err => {
15 if (err) { 15 if (err) {
16 logger.error('Cannot authenticate.', err) 16 return res.status(err.status)
17 return res.sendStatus(500) 17 .json({
18 } 18 error: 'Authentication failed.',
19 19 code: err.name
20 if (res.statusCode === 401 || res.statusCode === 400 || res.statusCode === 503) { 20 })
21 return res.json({ 21 .end()
22 error: 'Authentication failed.'
23 }).end()
24 } 22 }
25 23
26 return next() 24 return next()
diff --git a/server/tests/api/check-params/jobs.ts b/server/tests/api/check-params/jobs.ts
index 3795d1d64..46b05cb4e 100644
--- a/server/tests/api/check-params/jobs.ts
+++ b/server/tests/api/check-params/jobs.ts
@@ -4,6 +4,8 @@ import 'mocha'
4import * as request from 'supertest' 4import * as request from 'supertest'
5 5
6import { createUser, flushTests, userLogin, killallServers, runServer, ServerInfo, setAccessTokensToServers } from '../../utils' 6import { createUser, flushTests, userLogin, killallServers, runServer, ServerInfo, setAccessTokensToServers } from '../../utils'
7import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
8import { makeGetRequest } from '../../utils/requests/requests'
7 9
8describe('Test jobs API validators', function () { 10describe('Test jobs API validators', function () {
9 const path = '/api/v1/jobs/' 11 const path = '/api/v1/jobs/'
@@ -31,45 +33,32 @@ describe('Test jobs API validators', function () {
31 33
32 describe('When listing jobs', function () { 34 describe('When listing jobs', function () {
33 it('Should fail with a bad start pagination', async function () { 35 it('Should fail with a bad start pagination', async function () {
34 await request(server.url) 36 await checkBadStartPagination(server.url, path, server.accessToken)
35 .get(path)
36 .query({ start: 'hello' })
37 .set('Accept', 'application/json')
38 .set('Authorization', 'Bearer ' + server.accessToken)
39 .expect(400)
40 }) 37 })
41 38
42 it('Should fail with a bad count pagination', async function () { 39 it('Should fail with a bad count pagination', async function () {
43 await request(server.url) 40 await checkBadCountPagination(server.url, path, server.accessToken)
44 .get(path)
45 .query({ count: 'hello' })
46 .set('Accept', 'application/json')
47 .set('Authorization', 'Bearer ' + server.accessToken)
48 .expect(400)
49 }) 41 })
50 42
51 it('Should fail with an incorrect sort', async function () { 43 it('Should fail with an incorrect sort', async function () {
52 await request(server.url) 44 await checkBadSortPagination(server.url, path, server.accessToken)
53 .get(path)
54 .query({ sort: 'hello' })
55 .set('Accept', 'application/json')
56 .set('Authorization', 'Bearer ' + server.accessToken)
57 .expect(400)
58 }) 45 })
59 46
60 it('Should fail with a non authenticated user', async function () { 47 it('Should fail with a non authenticated user', async function () {
61 await request(server.url) 48 await makeGetRequest({
62 .get(path) 49 url: server.url,
63 .set('Accept', 'application/json') 50 path,
64 .expect(401) 51 statusCodeExpected: 401
52 })
65 }) 53 })
66 54
67 it('Should fail with a non admin user', async function () { 55 it('Should fail with a non admin user', async function () {
68 await request(server.url) 56 await makeGetRequest({
69 .get(path) 57 url: server.url,
70 .set('Accept', 'application/json') 58 path,
71 .set('Authorization', 'Bearer ' + userAccessToken) 59 token: userAccessToken,
72 .expect(403) 60 statusCodeExpected: 403
61 })
73 }) 62 })
74 }) 63 })
75 64
diff --git a/server/tests/utils/requests/check-api-params.ts b/server/tests/utils/requests/check-api-params.ts
index fbd660629..7550eb3d8 100644
--- a/server/tests/utils/requests/check-api-params.ts
+++ b/server/tests/utils/requests/check-api-params.ts
@@ -1,27 +1,30 @@
1import { makeGetRequest } from './requests' 1import { makeGetRequest } from './requests'
2 2
3function checkBadStartPagination (url: string, path: string) { 3function checkBadStartPagination (url: string, path: string, token?: string) {
4 return makeGetRequest({ 4 return makeGetRequest({
5 url, 5 url,
6 path, 6 path,
7 token,
7 query: { start: 'hello' }, 8 query: { start: 'hello' },
8 statusCodeExpected: 400 9 statusCodeExpected: 400
9 }) 10 })
10} 11}
11 12
12function checkBadCountPagination (url: string, path: string) { 13function checkBadCountPagination (url: string, path: string, token?: string) {
13 return makeGetRequest({ 14 return makeGetRequest({
14 url, 15 url,
15 path, 16 path,
17 token,
16 query: { count: 'hello' }, 18 query: { count: 'hello' },
17 statusCodeExpected: 400 19 statusCodeExpected: 400
18 }) 20 })
19} 21}
20 22
21function checkBadSortPagination (url: string, path: string) { 23function checkBadSortPagination (url: string, path: string, token?: string) {
22 return makeGetRequest({ 24 return makeGetRequest({
23 url, 25 url,
24 path, 26 path,
27 token,
25 query: { sort: 'hello' }, 28 query: { sort: 'hello' },
26 statusCodeExpected: 400 29 statusCodeExpected: 400
27 }) 30 })