authelia/test/unitary/test_data_persistence.js


var server = require('../../src/lib/server');

var Promise = require('bluebird');
var request = Promise.promisifyAll(require('request'));
var assert = require('assert');
var speakeasy = require('speakeasy');
var sinon = require('sinon');
var tmp = require('tmp');
var nedb = require('nedb');
var session = require('express-session');

var PORT = 8050;
var BASE_URL = 'http://localhost:' + PORT;

var requests = require('./requests')(PORT);


describe('test data persistence', function() {
  var u2f;
  var tmpDir;
  var ldap_client = {
    bind: sinon.stub(),
    search: sinon.stub()
  };
  var config;

  before(function() {
    u2f = {};
    u2f.startRegistration = sinon.stub();
    u2f.finishRegistration = sinon.stub();
    u2f.startAuthentication = sinon.stub();
    u2f.finishAuthentication = sinon.stub();

    var search_doc = {
      object: {
        mail: 'test_ok@example.com'
      }
    };
 
    var search_res = {};
    search_res.on = sinon.spy(function(event, fn) {
      if(event != 'error') fn(search_doc);
    });

    ldap_client.bind.withArgs('cn=test_ok,ou=users,dc=example,dc=com', 
                              'password').yields(undefined);
    ldap_client.bind.withArgs('cn=test_nok,ou=users,dc=example,dc=com', 
                              'password').yields('error');
    ldap_client.search.yields(undefined, search_res);

    tmpDir = tmp.dirSync({ unsafeCleanup: true });
    config = {
      port: PORT,
      totp_secret: 'totp_secret',
      ldap_url: 'ldap://127.0.0.1:389',
      ldap_user_search_base: 'ou=users,dc=example,dc=com',
      session_secret: 'session_secret',
      session_max_age: 50000,
      store_directory: tmpDir.name,
      notifier: { gmail: { user: 'user@example.com', pass: 'password' } }
    };
  });

  after(function() {
    tmpDir.removeCallback();
  });

  it('should save a u2f meta and reload it after a restart of the server', function() {
    var server;
    var sign_request = {};
    var sign_status = {};
    var registration_request = {};
    var registration_status = {};
    u2f.startRegistration.returns(Promise.resolve(sign_request));
    u2f.finishRegistration.returns(Promise.resolve(sign_status));
    u2f.startAuthentication.returns(Promise.resolve(registration_request));
    u2f.finishAuthentication.returns(Promise.resolve(registration_status));

    var nodemailer = {};
    var transporter = {
      sendMail: sinon.stub().yields()
    };
    nodemailer.createTransport = sinon.spy(function() {
      return transporter;
    });

    var deps = {};
    deps.u2f = u2f;
    deps.nedb = nedb;
    deps.nodemailer = nodemailer;
    deps.session = session;

    var j1 = request.jar();
    var j2 = request.jar();

    return start_server(config, ldap_client, deps)
    .then(function(s) {
      server = s;
      return requests.login(j1);
    })
    .then(function(res) {
      return requests.first_factor(j1);
    }) 
    .then(function() {
      return requests.u2f_registration(j1, transporter);
    })
    .then(function() {
      return requests.u2f_authentication(j1);
    })
    .then(function() {
      return stop_server(server);
    })
    .then(function() {
      return start_server(config, ldap_client, deps)
    })
    .then(function(s) {
      server = s;
      return requests.login(j2);
    })
    .then(function() {
      return requests.first_factor(j2);
    }) 
    .then(function() {
      return requests.u2f_authentication(j2);
    })
    .then(function(res) {
      assert.equal(204, res.statusCode);
      server.close();
      return Promise.resolve();
    })
    .catch(function(err) {
      console.error(err);
      return Promise.reject(err);
    });
  });

  function start_server(config, ldap_client, deps) {
    return new Promise(function(resolve, reject) {
      var s = server.run(config, ldap_client, deps);
      resolve(s);
    });
  }

  function stop_server(s) {
    return new Promise(function(resolve, reject) {
      s.close();
      resolve();
    });
  }
});
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00
			`var server = require('../../src/lib/server');`

Implement password reset 2017-01-27 00:20:03 +00:00			`var Promise = require('bluebird');`
			`var request = Promise.promisifyAll(require('request'));`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`var assert = require('assert');`
			`var speakeasy = require('speakeasy');`
			`var sinon = require('sinon');`
			`var tmp = require('tmp');`
Implement password reset 2017-01-27 00:20:03 +00:00			`var nedb = require('nedb');`
Handle SSO over multiple subdomains 2017-03-15 22:07:57 +00:00			`var session = require('express-session');`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00
			`var PORT = 8050;`
			`var BASE_URL = 'http://localhost:' + PORT;`

Implement password reset 2017-01-27 00:20:03 +00:00			`var requests = require('./requests')(PORT);`


Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`describe('test data persistence', function() {`
			`var u2f;`
			`var tmpDir;`
			`var ldap_client = {`
Registration process sends an email to allow user to register its U2F device 2017-01-22 16:54:45 +00:00			`bind: sinon.stub(),`
			`search: sinon.stub()`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`};`
			`var config;`

			`before(function() {`
			`u2f = {};`
			`u2f.startRegistration = sinon.stub();`
			`u2f.finishRegistration = sinon.stub();`
			`u2f.startAuthentication = sinon.stub();`
			`u2f.finishAuthentication = sinon.stub();`

Registration process sends an email to allow user to register its U2F device 2017-01-22 16:54:45 +00:00			`var search_doc = {`
			`object: {`
			`mail: 'test_ok@example.com'`
			`}`
			`};`

			`var search_res = {};`
			`search_res.on = sinon.spy(function(event, fn) {`
			`if(event != 'error') fn(search_doc);`
			`});`

Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`ldap_client.bind.withArgs('cn=test_ok,ou=users,dc=example,dc=com',`
			`'password').yields(undefined);`
			`ldap_client.bind.withArgs('cn=test_nok,ou=users,dc=example,dc=com',`
			`'password').yields('error');`
Registration process sends an email to allow user to register its U2F device 2017-01-22 16:54:45 +00:00			`ldap_client.search.yields(undefined, search_res);`

Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`tmpDir = tmp.dirSync({ unsafeCleanup: true });`
			`config = {`
			`port: PORT,`
			`totp_secret: 'totp_secret',`
			`ldap_url: 'ldap://127.0.0.1:389',`
Add an LDAP user search filter in the configuration filte to specify the user attribute to search for in LDAP 2017-03-16 00:25:55 +00:00			`ldap_user_search_base: 'ou=users,dc=example,dc=com',`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`session_secret: 'session_secret',`
			`session_max_age: 50000,`
Registration process sends an email to allow user to register its U2F device 2017-01-22 16:54:45 +00:00			`store_directory: tmpDir.name,`
Create a filesystem notifier for simple getting started 2017-01-28 18:59:15 +00:00			`notifier: { gmail: { user: 'user@example.com', pass: 'password' } }`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`};`
			`});`

			`after(function() {`
			`tmpDir.removeCallback();`
			`});`

			`it('should save a u2f meta and reload it after a restart of the server', function() {`
			`var server;`
			`var sign_request = {};`
			`var sign_status = {};`
			`var registration_request = {};`
			`var registration_status = {};`
			`u2f.startRegistration.returns(Promise.resolve(sign_request));`
			`u2f.finishRegistration.returns(Promise.resolve(sign_status));`
			`u2f.startAuthentication.returns(Promise.resolve(registration_request));`
			`u2f.finishAuthentication.returns(Promise.resolve(registration_status));`
Implement password reset 2017-01-27 00:20:03 +00:00
			`var nodemailer = {};`
			`var transporter = {`
			`sendMail: sinon.stub().yields()`
			`};`
			`nodemailer.createTransport = sinon.spy(function() {`
			`return transporter;`
			`});`

			`var deps = {};`
			`deps.u2f = u2f;`
			`deps.nedb = nedb;`
			`deps.nodemailer = nodemailer;`
Handle SSO over multiple subdomains 2017-03-15 22:07:57 +00:00			`deps.session = session;`
Implement password reset 2017-01-27 00:20:03 +00:00
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`var j1 = request.jar();`
			`var j2 = request.jar();`
Implement password reset 2017-01-27 00:20:03 +00:00
			`return start_server(config, ldap_client, deps)`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`.then(function(s) {`
			`server = s;`
Implement password reset 2017-01-27 00:20:03 +00:00			`return requests.login(j1);`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`})`
			`.then(function(res) {`
Implement password reset 2017-01-27 00:20:03 +00:00			`return requests.first_factor(j1);`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`})`
			`.then(function() {`
Implement password reset 2017-01-27 00:20:03 +00:00			`return requests.u2f_registration(j1, transporter);`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`})`
			`.then(function() {`
Implement password reset 2017-01-27 00:20:03 +00:00			`return requests.u2f_authentication(j1);`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`})`
			`.then(function() {`
			`return stop_server(server);`
			`})`
			`.then(function() {`
Implement password reset 2017-01-27 00:20:03 +00:00			`return start_server(config, ldap_client, deps)`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`})`
			`.then(function(s) {`
			`server = s;`
Implement password reset 2017-01-27 00:20:03 +00:00			`return requests.login(j2);`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`})`
			`.then(function() {`
Implement password reset 2017-01-27 00:20:03 +00:00			`return requests.first_factor(j2);`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`})`
			`.then(function() {`
Implement password reset 2017-01-27 00:20:03 +00:00			`return requests.u2f_authentication(j2);`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`})`
			`.then(function(res) {`
			`assert.equal(204, res.statusCode);`
			`server.close();`
			`return Promise.resolve();`
			`})`
			`.catch(function(err) {`
			`console.error(err);`
			`return Promise.reject(err);`
			`});`
			`});`

Implement password reset 2017-01-27 00:20:03 +00:00			`function start_server(config, ldap_client, deps) {`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`return new Promise(function(resolve, reject) {`
Implement password reset 2017-01-27 00:20:03 +00:00			`var s = server.run(config, ldap_client, deps);`
Use filesystem data store to save u2f meta info 2017-01-21 19:24:35 +00:00			`resolve(s);`
			`});`
			`}`

			`function stop_server(s) {`
			`return new Promise(function(resolve, reject) {`
			`s.close();`
			`resolve();`
			`});`
			`}`
			`});`