authelia/server/test/routes/secondfactor/totp/sign/post.test.ts


import BluebirdPromise = require("bluebird");
import Sinon = require("sinon");
import assert = require("assert");
import winston = require("winston");

import exceptions = require("../../../../../src/lib/Exceptions");
import AuthenticationSession = require("../../../../../src/lib/AuthenticationSession");
import SignPost = require("../../../../../src/lib/routes/secondfactor/totp/sign/post");
import { ServerVariables } from "../../../../../src/lib/ServerVariables";

import ExpressMock = require("../../../../mocks/express");
import { UserDataStoreStub } from "../../../../mocks/storage/UserDataStoreStub";
import { ServerVariablesMock, ServerVariablesMockBuilder } from "../../../../mocks/ServerVariablesMockBuilder";

describe("test totp route", function () {
  let req: ExpressMock.RequestMock;
  let res: ExpressMock.ResponseMock;
  let authSession: AuthenticationSession.AuthenticationSession;
  let vars: ServerVariables;
  let mocks: ServerVariablesMock;

  beforeEach(function () {
    const s = ServerVariablesMockBuilder.build();
    vars = s.variables;
    mocks = s.mocks;
    const app_get = Sinon.stub();
    req = {
      app: {
        get: Sinon.stub().returns({ logger: winston })
      },
      body: {
        token: "abc"
      },
      session: {},
      query: {
        redirect: "http://redirect"
      }
    };
    res = ExpressMock.ResponseMock();
    AuthenticationSession.reset(req as any);

    const doc = {
      userid: "user",
      secret: {
        base32: "ABCDEF"
      }
    };
    mocks.userDataStore.retrieveTOTPSecretStub.returns(BluebirdPromise.resolve(doc));
    return AuthenticationSession.get(req as any)
      .then(function (_authSession: AuthenticationSession.AuthenticationSession) {
        authSession = _authSession;
        authSession.userid = "user";
        authSession.first_factor = true;
        authSession.second_factor = false;
      });
  });


  it("should send status code 200 when totp is valid", function () {
    mocks.totpHandler.validateStub.returns(true);
    return SignPost.default(vars)(req as any, res as any)
      .then(function () {
        assert.equal(true, authSession.second_factor);
        return BluebirdPromise.resolve();
      });
  });

  it("should send error message when totp is not valid", function () {
    mocks.totpHandler.validateStub.returns(false);
    return SignPost.default(vars)(req as any, res as any)
      .then(function () {
        assert.equal(false, authSession.second_factor);
        assert.equal(res.status.getCall(0).args[0], 200);
        assert.deepEqual(res.send.getCall(0).args[0], {
          error: "Operation failed."
        });
        return BluebirdPromise.resolve();
      });
  });

  it("should send status code 401 when session has not been initiated", function () {
    mocks.totpHandler.validateStub.returns(true);
    req.session = {};
    return SignPost.default(vars)(req as any, res as any)
      .then(function () { return BluebirdPromise.reject(new Error("It should fail")); })
      .catch(function () {
        assert.equal(401, res.status.getCall(0).args[0]);
        return BluebirdPromise.resolve();
      });
  });
});
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00
			`import BluebirdPromise = require("bluebird");`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`import Sinon = require("sinon");`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00			`import assert = require("assert");`
			`import winston = require("winston");`

Split client and server Client and server now have their own tsconfig so that the transpilation is only done on the part that is being modified. It also allows faster transpilation since tests are now excluded from tsconfig. They are compiled by ts-node during unit tests execution. 2017-10-06 22:09:42 +00:00			`import exceptions = require("../../../../../src/lib/Exceptions");`
			`import AuthenticationSession = require("../../../../../src/lib/AuthenticationSession");`
			`import SignPost = require("../../../../../src/lib/routes/secondfactor/totp/sign/post");`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`import { ServerVariables } from "../../../../../src/lib/ServerVariables";`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00
			`import ExpressMock = require("../../../../mocks/express");`
Add Mongo as scalable and resilient storage backend 2017-07-19 19:06:12 +00:00			`import { UserDataStoreStub } from "../../../../mocks/storage/UserDataStoreStub";`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`import { ServerVariablesMock, ServerVariablesMockBuilder } from "../../../../mocks/ServerVariablesMockBuilder";`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00
			`describe("test totp route", function () {`
			`let req: ExpressMock.RequestMock;`
			`let res: ExpressMock.ResponseMock;`
			`let authSession: AuthenticationSession.AuthenticationSession;`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`let vars: ServerVariables;`
			`let mocks: ServerVariablesMock;`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00
			`beforeEach(function () {`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`const s = ServerVariablesMockBuilder.build();`
			`vars = s.variables;`
			`mocks = s.mocks;`
			`const app_get = Sinon.stub();`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00			`req = {`
			`app: {`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`get: Sinon.stub().returns({ logger: winston })`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00			`},`
			`body: {`
			`token: "abc"`
			`},`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`session: {},`
			`query: {`
			`redirect: "http://redirect"`
			`}`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00			`};`
			`res = ExpressMock.ResponseMock();`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`AuthenticationSession.reset(req as any);`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00
			`const doc = {`
			`userid: "user",`
			`secret: {`
			`base32: "ABCDEF"`
			`}`
			`};`
Add Mongo as scalable and resilient storage backend 2017-07-19 19:06:12 +00:00			`mocks.userDataStore.retrieveTOTPSecretStub.returns(BluebirdPromise.resolve(doc));`
Add logs to detect redis connection issues earlier Before this fix, the application was simply crashing during execution when connection to redis was failing. Now, it is correctly handled with failing promises and logs have been enabled to clearly see the problem 2017-09-21 20:07:34 +00:00			`return AuthenticationSession.get(req as any)`
			`.then(function (_authSession: AuthenticationSession.AuthenticationSession) {`
			`authSession = _authSession;`
			`authSession.userid = "user";`
			`authSession.first_factor = true;`
			`authSession.second_factor = false;`
			`});`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00			`});`


			`it("should send status code 200 when totp is valid", function () {`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`mocks.totpHandler.validateStub.returns(true);`
			`return SignPost.default(vars)(req as any, res as any)`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00			`.then(function () {`
			`assert.equal(true, authSession.second_factor);`
			`return BluebirdPromise.resolve();`
			`});`
			`});`

Fix unhandled rejections in unit tests 2017-10-14 23:34:23 +00:00			`it("should send error message when totp is not valid", function () {`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`mocks.totpHandler.validateStub.returns(false);`
			`return SignPost.default(vars)(req as any, res as any)`
Fix unhandled rejections in unit tests 2017-10-14 23:34:23 +00:00			`.then(function () {`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00			`assert.equal(false, authSession.second_factor);`
Fix unhandled rejections in unit tests 2017-10-14 23:34:23 +00:00			`assert.equal(res.status.getCall(0).args[0], 200);`
			`assert.deepEqual(res.send.getCall(0).args[0], {`
			`error: "Operation failed."`
			`});`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00			`return BluebirdPromise.resolve();`
			`});`
			`});`

			`it("should send status code 401 when session has not been initiated", function () {`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`mocks.totpHandler.validateStub.returns(true);`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00			`req.session = {};`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-16 22:35:34 +00:00			`return SignPost.default(vars)(req as any, res as any)`
Refactor client to make it responsive and testable 2017-05-25 13:09:29 +00:00			`.then(function () { return BluebirdPromise.reject(new Error("It should fail")); })`
			`.catch(function () {`
			`assert.equal(401, res.status.getCall(0).args[0]);`
			`return BluebirdPromise.resolve();`
			`});`
			`});`
			`});`