From e307e4fce39853d445d086f92b8c556c363ee15d Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Fri, 24 Apr 2020 11:33:01 +0200 Subject: Add ability for auth plugins to hook tokens validity --- server/tests/plugins/id-and-pass-auth.ts | 85 ++++++++++++++++++++++++-------- 1 file changed, 64 insertions(+), 21 deletions(-) (limited to 'server/tests/plugins') diff --git a/server/tests/plugins/id-and-pass-auth.ts b/server/tests/plugins/id-and-pass-auth.ts index 45fa7856c..0268d35a0 100644 --- a/server/tests/plugins/id-and-pass-auth.ts +++ b/server/tests/plugins/id-and-pass-auth.ts @@ -10,14 +10,21 @@ import { setAccessTokensToServers, uninstallPlugin, updateMyUser, - userLogin + userLogin, + wait, + login, refreshToken } from '../../../shared/extra-utils' import { User, UserRole } from '@shared/models' import { expect } from 'chai' describe('Test id and pass auth plugins', function () { let server: ServerInfo - let crashToken: string + + let crashAccessToken: string + let crashRefreshToken: string + + let lagunaAccessToken: string + let lagunaRefreshToken: string before(async function () { this.timeout(30000) @@ -50,36 +57,64 @@ describe('Test id and pass auth plugins', function () { }) it('Should login Crash, create the user and use the token', async function () { - crashToken = await userLogin(server, { username: 'crash', password: 'crash password' }) + { + const res = await login(server.url, server.client, { username: 'crash', password: 'crash password' }) + crashAccessToken = res.body.access_token + crashRefreshToken = res.body.refresh_token + } - const res = await getMyUserInformation(server.url, crashToken) + { + const res = await getMyUserInformation(server.url, crashAccessToken) - const body: User = res.body - expect(body.username).to.equal('crash') - expect(body.account.displayName).to.equal('Crash Bandicoot') - expect(body.role).to.equal(UserRole.MODERATOR) + const body: User = res.body + expect(body.username).to.equal('crash') + expect(body.account.displayName).to.equal('Crash Bandicoot') + expect(body.role).to.equal(UserRole.MODERATOR) + } }) it('Should login the first Laguna, create the user and use the token', async function () { - const accessToken = await userLogin(server, { username: 'laguna', password: 'laguna password' }) + { + const res = await login(server.url, server.client, { username: 'laguna', password: 'laguna password' }) + lagunaAccessToken = res.body.access_token + lagunaRefreshToken = res.body.refresh_token + } - const res = await getMyUserInformation(server.url, accessToken) + { + const res = await getMyUserInformation(server.url, lagunaAccessToken) - const body: User = res.body - expect(body.username).to.equal('laguna') - expect(body.account.displayName).to.equal('laguna') - expect(body.role).to.equal(UserRole.USER) + const body: User = res.body + expect(body.username).to.equal('laguna') + expect(body.account.displayName).to.equal('laguna') + expect(body.role).to.equal(UserRole.USER) + } + }) + + it('Should refresh crash token, but not laguna token', async function () { + { + const resRefresh = await refreshToken(server, crashRefreshToken) + crashAccessToken = resRefresh.body.access_token + crashRefreshToken = resRefresh.body.refresh_token + + const res = await getMyUserInformation(server.url, crashAccessToken) + const user: User = res.body + expect(user.username).to.equal('crash') + } + + { + await refreshToken(server, lagunaRefreshToken, 400) + } }) it('Should update Crash profile', async function () { await updateMyUser({ url: server.url, - accessToken: crashToken, + accessToken: crashAccessToken, displayName: 'Beautiful Crash', description: 'Mutant eastern barred bandicoot' }) - const res = await getMyUserInformation(server.url, crashToken) + const res = await getMyUserInformation(server.url, crashAccessToken) const body: User = res.body expect(body.account.displayName).to.equal('Beautiful Crash') @@ -87,19 +122,19 @@ describe('Test id and pass auth plugins', function () { }) it('Should logout Crash', async function () { - await logout(server.url, crashToken) + await logout(server.url, crashAccessToken) }) it('Should have logged out Crash', async function () { - await getMyUserInformation(server.url, crashToken, 401) - await waitUntilLog(server, 'On logout for auth 1 - 2') + + await getMyUserInformation(server.url, crashAccessToken, 401) }) it('Should login Crash and keep the old existing profile', async function () { - crashToken = await userLogin(server, { username: 'crash', password: 'crash password' }) + crashAccessToken = await userLogin(server, { username: 'crash', password: 'crash password' }) - const res = await getMyUserInformation(server.url, crashToken) + const res = await getMyUserInformation(server.url, crashAccessToken) const body: User = res.body expect(body.username).to.equal('crash') @@ -108,6 +143,14 @@ describe('Test id and pass auth plugins', function () { expect(body.role).to.equal(UserRole.MODERATOR) }) + it('Should correctly auth token of laguna', async function () { + this.timeout(10000) + + await wait(5000) + + await getMyUserInformation(server.url, lagunaAccessToken, 401) + }) + it('Should uninstall the plugin one and do not login existing Crash', async function () { await uninstallPlugin({ url: server.url, -- cgit v1.2.3