2016-12-17 01:06:40 +00:00
2016-12-17 23:07:56 +00:00
var server = require ( '../../src/lib/server' ) ;
var Jwt = require ( '../../src/lib/jwt' ) ;
2016-12-17 01:06:40 +00:00
var request = require ( 'request' ) ;
var assert = require ( 'assert' ) ;
var speakeasy = require ( 'speakeasy' ) ;
var sinon = require ( 'sinon' ) ;
2017-01-19 00:01:37 +00:00
var Promise = require ( 'bluebird' ) ;
var request = Promise . promisifyAll ( request ) ;
2016-12-17 01:06:40 +00:00
2016-12-17 23:07:56 +00:00
var BASE _URL = 'http://localhost:8090' ;
2016-12-17 01:06:40 +00:00
describe ( 'test the server' , function ( ) {
var jwt = new Jwt ( 'jwt_secret' ) ;
var ldap _client = {
2016-12-17 18:36:41 +00:00
bind : sinon . stub ( )
2016-12-17 01:06:40 +00:00
} ;
before ( function ( ) {
var config = {
2016-12-17 23:07:56 +00:00
port : 8090 ,
2016-12-17 01:06:40 +00:00
totp _secret : 'totp_secret' ,
ldap _url : 'ldap://127.0.0.1:389' ,
ldap _users _dn : 'ou=users,dc=example,dc=com' ,
jwt _secret : 'jwt_secret' ,
jwt _expiration _time : '1h'
} ;
// ldap_client.bind.yields(undefined);
ldap _client . bind . withArgs ( 'cn=test_ok,ou=users,dc=example,dc=com' ,
'password' ) . yields ( undefined ) ;
2016-12-17 18:36:41 +00:00
ldap _client . bind . withArgs ( 'cn=test_nok,ou=users,dc=example,dc=com' ,
'password' ) . yields ( 'error' ) ;
2016-12-17 01:06:40 +00:00
server . run ( config , ldap _client ) ;
} ) ;
2016-12-17 18:36:41 +00:00
describe ( 'test GET /login' , function ( ) {
test _login ( )
} ) ;
describe ( 'test GET /logout' , function ( ) {
test _logout ( )
} ) ;
describe ( 'test GET /_auth' , function ( ) {
test _get _auth ( jwt ) ;
} ) ;
2017-01-19 00:01:37 +00:00
describe ( 'test POST /_auth/1stfactor' , function ( ) {
test _post _auth _1st _factor ( ) ;
2016-12-17 18:36:41 +00:00
} ) ;
} ) ;
function test _login ( ) {
2016-12-17 01:06:40 +00:00
it ( 'should serve the login page' , function ( done ) {
2016-12-17 23:07:56 +00:00
request . get ( BASE _URL + '/login' )
2016-12-17 01:06:40 +00:00
. on ( 'response' , function ( response ) {
assert . equal ( response . statusCode , 200 ) ;
done ( ) ;
} )
} ) ;
2016-12-17 18:36:41 +00:00
}
function test _logout ( ) {
it ( 'should logout and redirect to /' , function ( done ) {
2016-12-17 23:07:56 +00:00
request . get ( BASE _URL + '/logout' )
2016-12-17 18:36:41 +00:00
. on ( 'response' , function ( response ) {
assert . equal ( response . req . path , '/' ) ;
done ( ) ;
} )
} ) ;
}
function test _get _auth ( jwt ) {
2016-12-17 01:06:40 +00:00
it ( 'should return status code 401 when user is not authenticated' , function ( done ) {
2016-12-17 23:07:56 +00:00
request . get ( BASE _URL + '/_auth' )
2016-12-17 01:06:40 +00:00
. on ( 'response' , function ( response ) {
assert . equal ( response . statusCode , 401 ) ;
done ( ) ;
} )
} ) ;
it ( 'should return status code 204 when user is authenticated' , function ( done ) {
var j = request . jar ( ) ;
var r = request . defaults ( { jar : j } ) ;
var token = jwt . sign ( { user : 'test' } , '1h' ) ;
var cookie = r . cookie ( 'access_token=' + token ) ;
2016-12-17 23:07:56 +00:00
j . setCookie ( cookie , BASE _URL + '/_auth' ) ;
2016-12-17 01:06:40 +00:00
2016-12-17 23:07:56 +00:00
r . get ( BASE _URL + '/_auth' )
2016-12-17 01:06:40 +00:00
. on ( 'response' , function ( response ) {
assert . equal ( response . statusCode , 204 ) ;
done ( ) ;
} )
} ) ;
2016-12-17 18:36:41 +00:00
}
2016-12-17 01:06:40 +00:00
2017-01-19 00:01:37 +00:00
function test _post _auth _1st _factor ( ) {
it ( 'should return status code 204 when ldap bind is successful' , function ( ) {
request . postAsync ( BASE _URL + '/_auth/1stfactor' , {
2016-12-17 01:06:40 +00:00
form : {
2017-01-19 00:01:37 +00:00
username : 'username' ,
password : 'password'
2016-12-17 18:36:41 +00:00
}
2017-01-19 00:01:37 +00:00
} )
. then ( function ( response ) {
assert . equal ( response . statusCode , 204 ) ;
return Promise . resolve ( ) ;
2016-12-17 18:36:41 +00:00
} ) ;
} ) ;
}
2017-01-19 00:01:37 +00:00
// function test_post_auth_totp() {
// it('should return the JWT token when authentication is successful', function(done) {
// var clock = sinon.useFakeTimers();
// var real_token = speakeasy.totp({
// secret: 'totp_secret',
// encoding: 'base32'
// });
// var expectedJwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoidGVzdF9vayIsImlhdCI6MCwiZXhwIjozNjAwfQ.ihvaljGjO5h3iSO_h3PkNNSCYeePyB8Hr5lfVZZYyrQ';
//
// request.post(BASE_URL + '/_auth/totp', {
// form: {
// username: 'test_ok',
// password: 'password',
// token: real_token
// }
// },
// function (error, response, body) {
// if (!error && response.statusCode == 200) {
// assert.equal(body, expectedJwt);
// clock.restore();
// done();
// }
// });
// });
//
// it('should return invalid authentication status code', function(done) {
// var clock = sinon.useFakeTimers();
// var real_token = speakeasy.totp({
// secret: 'totp_secret',
// encoding: 'base32'
// });
// var data = {
// form: {
// username: 'test_nok',
// password: 'password',
// token: real_token
// }
// }
//
// request.post(BASE_URL + '/_auth/totp', data, function (error, response, body) {
// if(response.statusCode == 401) {
// clock.restore();
// done();
// }
// });
// });
// }
