authelia/server/test/routes/firstfactor/post.test.ts

124 lines
4.4 KiB
TypeScript
Raw Normal View History

2017-05-20 20:55:37 +00:00
import Sinon = require("sinon");
2017-05-20 20:55:37 +00:00
import BluebirdPromise = require("bluebird");
import Assert = require("assert");
import FirstFactorPost = require("../../../src/lib/routes/firstfactor/post");
import exceptions = require("../../../src/lib/Exceptions");
import AuthenticationSessionHandler = require("../../../src/lib/AuthenticationSession");
import { AuthenticationSession } from "../../../types/AuthenticationSession";
import Endpoints = require("../../../../shared/api");
import AuthenticationRegulatorMock = require("../../mocks/AuthenticationRegulator");
import { AccessControllerStub } from "../../mocks/AccessControllerStub";
import ExpressMock = require("../../mocks/express");
import { ServerVariablesMock, ServerVariablesMockBuilder } from "../../mocks/ServerVariablesMockBuilder";
import { ServerVariables } from "../../../src/lib/ServerVariables";
2017-05-20 20:55:37 +00:00
describe("test the first factor validation route", function () {
2017-05-21 10:14:59 +00:00
let req: ExpressMock.RequestMock;
let res: ExpressMock.ResponseMock;
2017-05-20 20:55:37 +00:00
let emails: string[];
let groups: string[];
let vars: ServerVariables;
let mocks: ServerVariablesMock;
2017-05-20 20:55:37 +00:00
beforeEach(function () {
emails = ["test_ok@example.com"];
groups = ["group1", "group2" ];
const s = ServerVariablesMockBuilder.build();
mocks = s.mocks;
vars = s.variables;
2017-05-20 20:55:37 +00:00
mocks.accessController.isAccessAllowedMock.returns(true);
mocks.regulator.regulateStub.returns(BluebirdPromise.resolve());
mocks.regulator.markStub.returns(BluebirdPromise.resolve());
2017-05-20 20:55:37 +00:00
req = {
body: {
username: "username",
password: "password"
},
query: {
redirect: "http://redirect.url"
},
2017-05-20 20:55:37 +00:00
session: {
},
headers: {
host: "home.example.com"
2017-05-20 20:55:37 +00:00
}
};
2017-05-20 23:15:34 +00:00
res = ExpressMock.ResponseMock();
2017-05-20 20:55:37 +00:00
});
it("should reply with 204 if success", function () {
mocks.ldapAuthenticator.authenticateStub.withArgs("username", "password")
.returns(BluebirdPromise.resolve({
emails: emails,
groups: groups
}));
let authSession: AuthenticationSession;
return AuthenticationSessionHandler.get(req as any, vars.logger)
.then(function (_authSession) {
authSession = _authSession;
return FirstFactorPost.default(vars)(req as any, res as any);
})
.then(function () {
Assert.equal("username", authSession.userid);
Assert(res.send.calledOnce);
2017-05-20 20:55:37 +00:00
});
});
it("should retrieve email from LDAP", function () {
mocks.ldapAuthenticator.authenticateStub.withArgs("username", "password")
.returns(BluebirdPromise.resolve([{ mail: ["test@example.com"] }]));
return FirstFactorPost.default(vars)(req as any, res as any);
2017-05-20 20:55:37 +00:00
});
it("should set first email address as user session variable", function () {
const emails = ["test_ok@example.com"];
let authSession: AuthenticationSession;
mocks.ldapAuthenticator.authenticateStub.withArgs("username", "password")
.returns(BluebirdPromise.resolve({
emails: emails,
groups: groups
}));
return AuthenticationSessionHandler.get(req as any, vars.logger)
.then(function (_authSession) {
authSession = _authSession;
return FirstFactorPost.default(vars)(req as any, res as any);
})
.then(function () {
Assert.equal("test_ok@example.com", authSession.email);
2017-05-20 20:55:37 +00:00
});
});
it("should return error message when LDAP authenticator throws", function () {
mocks.ldapAuthenticator.authenticateStub.withArgs("username", "password")
.returns(BluebirdPromise.reject(new exceptions.LdapBindError("Bad credentials")));
2017-10-14 23:34:23 +00:00
return FirstFactorPost.default(vars)(req as any, res as any)
.then(function () {
Assert.equal(res.status.getCall(0).args[0], 200);
Assert.equal(mocks.regulator.markStub.getCall(0).args[0], "username");
Assert.deepEqual(res.send.getCall(0).args[0], {
error: "Operation failed."
});
});
2017-05-20 20:55:37 +00:00
});
it("should return error message when regulator rejects authentication", function () {
2017-05-20 20:55:37 +00:00
const err = new exceptions.AuthenticationRegulationError("Authentication regulation...");
mocks.regulator.regulateStub.returns(BluebirdPromise.reject(err));
return FirstFactorPost.default(vars)(req as any, res as any)
.then(function () {
Assert.equal(res.status.getCall(0).args[0], 200);
Assert.deepEqual(res.send.getCall(0).args[0], {
error: "Operation failed."
});
});
});
2017-05-20 20:55:37 +00:00
});