Merge pull request #31 from clems4ever/no-base-url

Remove '/authentication/' base path from endpoint URLs
pull/36/head
Clément Michaud 2017-05-14 21:41:43 +02:00 committed by GitHub
commit 280c6ca21a
12 changed files with 134 additions and 105 deletions

View File

@ -8,6 +8,15 @@ addons:
apt:
packages:
- libgif-dev
hosts:
- auth.test.local
- home.test.local
- secret.test.local
- secret1.test.local
- secret2.test.local
- mx1.mail.test.local
- mx2.mail.test.local
before_install: npm install -g npm@'>=2.13.5'
script:
- npm test
@ -16,6 +25,7 @@ script:
- docker-compose up -d
- sleep 5
- ./scripts/check_services.sh
- npm run int-test
after_success:
- if [ "$TRAVIS_BRANCH" == "master" ]; then

View File

@ -27,7 +27,7 @@
</li>
</ul>
You can also log off by visiting the following <a href="https://auth.test.local:8080/authentication/logout?redirect=https://home.test.local:8080/">link</a>.
You can also log off by visiting the following <a href="https://auth.test.local:8080/logout?redirect=https://home.test.local:8080/">link</a>.
<h1>List of users</h1>
Here is the list of credentials you can log in with to test access control.
@ -46,7 +46,6 @@
<li>home.test.local</li>
</ul>
</li>
<li><strong>Groups policy</strong>
<ul>
<li>admin
@ -62,7 +61,6 @@
</li>
</ul>
</li>
<li><strong>Users policy</strong>
<ul>
<li>harry
@ -78,6 +76,5 @@
</ul>
</li>
</ul>
</body>
</html>

View File

@ -32,26 +32,26 @@ http {
error_page 401 = @error401;
location @error401 {
return 302 https://auth.test.local:8080/authentication/login?redirect=$scheme://$http_host$request_uri;
return 302 https://auth.test.local:8080/login?redirect=$scheme://$http_host$request_uri;
}
location /authentication/ {
location / {
proxy_set_header X-Original-URI $request_uri;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://auth/authentication/;
proxy_pass http://auth/;
}
location /authentication/js/ {
location /js/ {
proxy_pass http://auth/js/;
}
location /authentication/img/ {
location /img/ {
proxy_pass http://auth/img/;
}
location /authentication/css/ {
location /css/ {
proxy_pass http://auth/css/;
}
}
@ -70,19 +70,20 @@ http {
error_page 401 = @error401;
location @error401 {
return 302 https://auth.test.local:8080/authentication/login?redirect=$scheme://$http_host$request_uri;
return 302 https://auth.test.local:8080/login?redirect=$scheme://$http_host$request_uri;
}
location /authentication/verify {
location /auth_verify {
internal;
proxy_set_header X-Original-URI $request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://auth/authentication/verify;
proxy_pass http://auth/verify;
}
location = /secret.html {
auth_request /authentication/verify;
auth_request /auth_verify;
auth_request_set $user $upstream_http_x_remote_user;
proxy_set_header X-Forwarded-User $user;

View File

@ -5,8 +5,6 @@ var routes = require('./routes');
var identity_check = require('./identity_check');
function setup_endpoints(app) {
var base_endpoint = '/authentication';
/**
* @apiDefine UserSession
* @apiHeader {String} Cookie Cookie containing 'connect.sid', the user
@ -41,7 +39,7 @@ function setup_endpoints(app) {
*/
/**
* @api {get} /authentication/login Serve login page
* @api {get} /login Serve login page
* @apiName Login
* @apiGroup Pages
* @apiVersion 1.0.0
@ -52,10 +50,10 @@ function setup_endpoints(app) {
* @apiDescription Create a user session and serve the login page along with
* a cookie.
*/
app.get (base_endpoint + '/login', routes.login);
app.get ('/login', routes.login);
/**
* @api {get} /authentication/logout Server logout page
* @api {get} /logout Server logout page
* @apiName Logout
* @apiGroup Pages
* @apiVersion 1.0.0
@ -65,10 +63,10 @@ function setup_endpoints(app) {
*
* @apiDescription Deauthenticate the user and redirect him.
*/
app.get (base_endpoint + '/logout', routes.logout);
app.get ('/logout', routes.logout);
/**
* @api {post} /authentication/totp-register Request TOTP registration
* @api {post} /totp-register Request TOTP registration
* @apiName RequestTOTPRegistration
* @apiGroup Registration
* @apiVersion 1.0.0
@ -76,7 +74,7 @@ function setup_endpoints(app) {
* @apiUse IdentityValidationPost
*/
/**
* @api {get} /authentication/totp-register Serve TOTP registration page
* @api {get} /totp-register Serve TOTP registration page
* @apiName ServeTOTPRegistrationPage
* @apiGroup Registration
* @apiVersion 1.0.0
@ -87,11 +85,11 @@ function setup_endpoints(app) {
* @apiDescription Serves the TOTP registration page that displays the secret.
* The secret is a QRCode and a base32 secret.
*/
identity_check(app, base_endpoint + '/totp-register', routes.totp_register.icheck_interface);
identity_check(app, '/totp-register', routes.totp_register.icheck_interface);
/**
* @api {post} /authentication/u2f-register Request U2F registration
* @api {post} /u2f-register Request U2F registration
* @apiName RequestU2FRegistration
* @apiGroup Registration
* @apiVersion 1.0.0
@ -99,7 +97,7 @@ function setup_endpoints(app) {
* @apiUse IdentityValidationPost
*/
/**
* @api {get} /authentication/u2f-register Serve U2F registration page
* @api {get} /u2f-register Serve U2F registration page
* @apiName ServeU2FRegistrationPage
* @apiGroup Pages
* @apiVersion 1.0.0
@ -109,10 +107,10 @@ function setup_endpoints(app) {
* @apiDescription Serves the U2F registration page that asks the user to
* touch the token of the U2F device.
*/
identity_check(app, base_endpoint + '/u2f-register', routes.u2f_register.icheck_interface);
identity_check(app, '/u2f-register', routes.u2f_register.icheck_interface);
/**
* @api {post} /authentication/reset-password Request for password reset
* @api {post} /reset-password Request for password reset
* @apiName RequestPasswordReset
* @apiGroup Registration
* @apiVersion 1.0.0
@ -120,7 +118,7 @@ function setup_endpoints(app) {
* @apiUse IdentityValidationPost
*/
/**
* @api {get} /authentication/reset-password Serve password reset form.
* @api {get} /reset-password Serve password reset form.
* @apiName ServePasswordResetForm
* @apiGroup Pages
* @apiVersion 1.0.0
@ -130,12 +128,12 @@ function setup_endpoints(app) {
* @apiDescription Serves password reset form that allow the user to provide
* the new password.
*/
identity_check(app, base_endpoint + '/reset-password', routes.reset_password.icheck_interface);
identity_check(app, '/reset-password', routes.reset_password.icheck_interface);
app.get (base_endpoint + '/reset-password-form', function(req, res) { res.render('reset-password-form'); });
app.get ('/reset-password-form', function(req, res) { res.render('reset-password-form'); });
/**
* @api {post} /authentication/new-password Set LDAP password
* @api {post} /new-password Set LDAP password
* @apiName SetLDAPPassword
* @apiGroup Registration
* @apiVersion 1.0.0
@ -145,10 +143,10 @@ function setup_endpoints(app) {
*
* @apiDescription Set a new password for the user.
*/
app.post (base_endpoint + '/new-password', routes.reset_password.post);
app.post ('/new-password', routes.reset_password.post);
/**
* @api {post} /authentication/new-totp-secret Generate TOTP secret
* @api {post} /new-totp-secret Generate TOTP secret
* @apiName GenerateTOTPSecret
* @apiGroup Registration
* @apiVersion 1.0.0
@ -164,10 +162,10 @@ function setup_endpoints(app) {
*
* @apiDescription Generate a new TOTP secret and returns it.
*/
app.post (base_endpoint + '/new-totp-secret', routes.totp_register.post);
app.post ('/new-totp-secret', routes.totp_register.post);
/**
* @api {get} /authentication/verify Verify user authentication
* @api {get} /verify Verify user authentication
* @apiName VerifyAuthentication
* @apiGroup Verification
* @apiVersion 1.0.0
@ -179,10 +177,10 @@ function setup_endpoints(app) {
* @apiDescription Verify that the user is authenticated, i.e., the two
* factors have been validated
*/
app.get (base_endpoint + '/verify', routes.verify);
app.get ('/verify', routes.verify);
/**
* @api {post} /authentication/1stfactor LDAP authentication
* @api {post} /1stfactor LDAP authentication
* @apiName ValidateFirstFactor
* @apiGroup Authentication
* @apiVersion 1.0.0
@ -199,10 +197,10 @@ function setup_endpoints(app) {
*
* @apiDescription Verify credentials against the LDAP.
*/
app.post (base_endpoint + '/1stfactor', routes.first_factor);
app.post ('/1stfactor', routes.first_factor);
/**
* @api {post} /authentication/2ndfactor/totp TOTP authentication
* @api {post} /2ndfactor/totp TOTP authentication
* @apiName ValidateTOTPSecondFactor
* @apiGroup Authentication
* @apiVersion 1.0.0
@ -216,10 +214,10 @@ function setup_endpoints(app) {
*
* @apiDescription Verify TOTP token. The user is authenticated upon success.
*/
app.post (base_endpoint + '/2ndfactor/totp', routes.second_factor.totp);
app.post ('/2ndfactor/totp', routes.second_factor.totp);
/**
* @api {get} /authentication/2ndfactor/u2f/sign_request U2F Start authentication
* @api {get} /2ndfactor/u2f/sign_request U2F Start authentication
* @apiName StartU2FAuthentication
* @apiGroup Authentication
* @apiVersion 1.0.0
@ -231,10 +229,10 @@ function setup_endpoints(app) {
*
* @apiDescription Initiate an authentication request using a U2F device.
*/
app.get (base_endpoint + '/2ndfactor/u2f/sign_request', routes.second_factor.u2f.sign_request);
app.get ('/2ndfactor/u2f/sign_request', routes.second_factor.u2f.sign_request);
/**
* @api {post} /authentication/2ndfactor/u2f/sign U2F Complete authentication
* @api {post} /2ndfactor/u2f/sign U2F Complete authentication
* @apiName CompleteU2FAuthentication
* @apiGroup Authentication
* @apiVersion 1.0.0
@ -246,10 +244,10 @@ function setup_endpoints(app) {
*
* @apiDescription Complete authentication request of the U2F device.
*/
app.post (base_endpoint + '/2ndfactor/u2f/sign', routes.second_factor.u2f.sign);
app.post ('/2ndfactor/u2f/sign', routes.second_factor.u2f.sign);
/**
* @api {get} /authentication/2ndfactor/u2f/register_request U2F Start device registration
* @api {get} /2ndfactor/u2f/register_request U2F Start device registration
* @apiName StartU2FRegistration
* @apiGroup Registration
* @apiVersion 1.0.0
@ -261,10 +259,10 @@ function setup_endpoints(app) {
*
* @apiDescription Initiate a U2F device registration request.
*/
app.get (base_endpoint + '/2ndfactor/u2f/register_request', routes.second_factor.u2f.register_request);
app.get ('/2ndfactor/u2f/register_request', routes.second_factor.u2f.register_request);
/**
* @api {post} /authentication/2ndfactor/u2f/register U2F Complete device registration
* @api {post} /2ndfactor/u2f/register U2F Complete device registration
* @apiName CompleteU2FRegistration
* @apiGroup Registration
* @apiVersion 1.0.0
@ -277,6 +275,6 @@ function setup_endpoints(app) {
*
* @apiDescription Complete U2F registration request.
*/
app.post (base_endpoint + '/2ndfactor/u2f/register', routes.second_factor.u2f.register);
app.post ('/2ndfactor/u2f/register', routes.second_factor.u2f.register);
}

View File

@ -36,7 +36,7 @@ function onLoginButtonClicked() {
}
function onResetPasswordButtonClicked() {
var r = '/authentication/reset-password-form';
var r = '/reset-password-form';
window.location.replace(r);
}
@ -54,7 +54,7 @@ function onTotpSignButtonClicked() {
function onTotpRegisterButtonClicked() {
$.ajax({
type: 'POST',
url: '/authentication/totp-register',
url: '/totp-register',
data: JSON.stringify({
redirect: get_redirect_param()
}),
@ -92,7 +92,7 @@ function onU2fRegistrationButtonClicked() {
function askForU2fRegistration(fn) {
$.ajax({
type: 'POST',
url: '/authentication/u2f-register',
url: '/u2f-register',
data: JSON.stringify({
redirect: get_redirect_param()
}),
@ -124,7 +124,7 @@ function finishU2fAuthentication(url, responseData, fn) {
}
function startU2fAuthentication(fn, timeout) {
$.get('/authentication/2ndfactor/u2f/sign_request', {}, null, 'json')
$.get('/2ndfactor/u2f/sign_request', {}, null, 'json')
.done(function(signResponse) {
var registeredKeys = signResponse.registeredKeys;
$.notify('Please touch the token', 'info');
@ -137,7 +137,7 @@ function startU2fAuthentication(fn, timeout) {
if (response.errorCode) {
fn(response);
} else {
finishU2fAuthentication('/authentication/2ndfactor/u2f/sign', response, fn);
finishU2fAuthentication('/2ndfactor/u2f/sign', response, fn);
}
},
timeout
@ -149,7 +149,7 @@ function startU2fAuthentication(fn, timeout) {
}
function validateSecondFactorTotp(token, fn) {
$.post('/authentication/2ndfactor/totp', {
$.post('/2ndfactor/totp', {
token: token,
})
.done(function() {
@ -161,7 +161,7 @@ function validateSecondFactorTotp(token, fn) {
}
function validateFirstFactor(username, password, fn) {
$.post('/authentication/1stfactor', {
$.post('/1stfactor', {
username: username,
password: password,
})

View File

@ -21,13 +21,13 @@ function onResetPasswordButtonClicked() {
return;
}
$.post('/authentication/reset-password', {
$.post('/reset-password', {
userid: username,
})
.done(function() {
$.notify('An email has been sent. Click on the link to change your password', 'success');
setTimeout(function() {
window.location.replace('/authentication/login');
window.location.replace('/login');
}, 1000);
})
.fail(function() {

View File

@ -27,12 +27,12 @@ function onResetPasswordButtonClicked() {
return;
}
$.post('/authentication/new-password', {
$.post('/new-password', {
password: password1,
})
.done(function() {
$.notify('Your password has been changed. Please login again', 'success');
window.location.replace('/authentication/login');
window.location.replace('/login');
})
.fail(function() {
$.notify('An error occurred during password change.', 'warn');

View File

@ -6,7 +6,7 @@ location.search.replace(/[?&]+([^=&]+)=([^&]*)/gi,function(s,k,v){params[k]=v});
function generateSecret(fn) {
$.ajax({
type: 'POST',
url: '/authentication/new-totp-secret',
url: '/new-totp-secret',
contentType: 'application/json',
dataType: 'json',
})
@ -26,7 +26,7 @@ function onSecretGenerated(err, secret) {
}
function redirect() {
var redirect_uri = '/authentication/login';
var redirect_uri = '/login';
if('redirect' in params) {
redirect_uri = params['redirect'];
}

View File

@ -20,7 +20,7 @@ function finishRegister(url, responseData, fn) {
}
function startRegister(fn, timeout) {
$.get('/authentication/2ndfactor/u2f/register_request', {}, null, 'json')
$.get('/2ndfactor/u2f/register_request', {}, null, 'json')
.done(function(startRegisterResponse) {
u2f.register(
startRegisterResponse.appId,
@ -30,7 +30,7 @@ function startRegister(fn, timeout) {
if (response.errorCode) {
fn(response.errorCode);
} else {
finishRegister('/authentication/2ndfactor/u2f/register', response, fn);
finishRegister('/2ndfactor/u2f/register', response, fn);
}
},
timeout
@ -39,7 +39,7 @@ function startRegister(fn, timeout) {
}
function redirect() {
var redirect_uri = '/authentication/login';
var redirect_uri = '/login';
if('redirect' in params) {
redirect_uri = params['redirect'];
}

View File

@ -14,8 +14,13 @@ var AUTHELIA_HOST = 'nginx';
var DOMAIN = 'test.local';
var PORT = 8080;
var BASE_URL = util.format('https://%s.%s:%d', 'home', DOMAIN, PORT);
var BASE_AUTH_URL = util.format('https://%s.%s:%d/authentication', 'auth', DOMAIN, PORT);
var HOME_URL = util.format('https://%s.%s:%d', 'home', DOMAIN, PORT);
var SECRET_URL = util.format('https://%s.%s:%d', 'secret', DOMAIN, PORT);
var SECRET1_URL = util.format('https://%s.%s:%d', 'secret1', DOMAIN, PORT);
var SECRET2_URL = util.format('https://%s.%s:%d', 'secret2', DOMAIN, PORT);
var MX1_URL = util.format('https://%s.%s:%d', 'mx1.mail', DOMAIN, PORT);
var MX2_URL = util.format('https://%s.%s:%d', 'mx2.mail', DOMAIN, PORT);
var BASE_AUTH_URL = util.format('https://%s.%s:%d', 'auth', DOMAIN, PORT);
describe('test the server', function() {
var home_page;
@ -34,6 +39,24 @@ describe('test the server', function() {
login_page_promise]);
});
function str_contains(str, pattern) {
return str.indexOf(pattern) != -1;
}
function home_page_contains(pattern) {
return str_contains(home_page, pattern);
}
it('should serve a correct home page', function() {
assert(home_page_contains(BASE_AUTH_URL + '/logout?redirect=' + HOME_URL + '/'));
assert(home_page_contains(HOME_URL + '/secret.html'));
assert(home_page_contains(SECRET_URL + '/secret.html'));
assert(home_page_contains(SECRET1_URL + '/secret.html'));
assert(home_page_contains(SECRET2_URL + '/secret.html'));
assert(home_page_contains(MX1_URL + '/secret.html'));
assert(home_page_contains(MX2_URL + '/secret.html'));
});
it('should serve the login page', function(done) {
getPromised(BASE_AUTH_URL + '/login?redirect=/')
.then(function(data) {
@ -43,7 +66,7 @@ describe('test the server', function() {
});
it('should serve the homepage', function(done) {
getPromised(BASE_URL + '/')
getPromised(HOME_URL + '/')
.then(function(data) {
assert.equal(data.statusCode, 200);
done();
@ -51,7 +74,7 @@ describe('test the server', function() {
});
it('should redirect when logout', function(done) {
getPromised(BASE_AUTH_URL + '/logout?redirect=' + BASE_URL)
getPromised(BASE_AUTH_URL + '/logout?redirect=' + HOME_URL)
.then(function(data) {
assert.equal(data.statusCode, 200);
assert.equal(data.body, home_page);
@ -60,7 +83,7 @@ describe('test the server', function() {
});
it('should be redirected to the login page when accessing secret while not authenticated', function(done) {
var url = BASE_URL + '/secret.html';
var url = HOME_URL + '/secret.html';
// console.log(url);
getPromised(url)
.then(function(data) {
@ -125,7 +148,7 @@ function postPromised(url, body) {
}
function getHomePage() {
return getPromised(BASE_URL + '/');
return getPromised(HOME_URL + '/');
}
function getLoginPage() {

View File

@ -9,7 +9,7 @@ module.exports = function(port) {
function execute_reset_password(jar, transporter, user, new_password) {
return request.postAsync({
url: BASE_URL + '/authentication/reset-password',
url: BASE_URL + '/reset-password',
jar: jar,
form: { userid: user }
})
@ -20,14 +20,14 @@ module.exports = function(port) {
var token = regexp.exec(html_content)[1];
// console.log(html_content, token);
return request.getAsync({
url: BASE_URL + '/authentication/reset-password?identity_token=' + token,
url: BASE_URL + '/reset-password?identity_token=' + token,
jar: jar
})
})
.then(function(res) {
assert.equal(res.statusCode, 200);
return request.postAsync({
url: BASE_URL + '/authentication/new-password',
url: BASE_URL + '/new-password',
jar: jar,
form: {
password: new_password
@ -38,7 +38,7 @@ module.exports = function(port) {
function execute_register_totp(jar, transporter) {
return request.postAsync({
url: BASE_URL + '/authentication/totp-register',
url: BASE_URL + '/totp-register',
jar: jar
})
.then(function(res) {
@ -48,14 +48,14 @@ module.exports = function(port) {
var token = regexp.exec(html_content)[1];
// console.log(html_content, token);
return request.getAsync({
url: BASE_URL + '/authentication/totp-register?identity_token=' + token,
url: BASE_URL + '/totp-register?identity_token=' + token,
jar: jar
})
})
.then(function(res) {
assert.equal(res.statusCode, 200);
return request.postAsync({
url : BASE_URL + '/authentication/new-totp-secret',
url : BASE_URL + '/new-totp-secret',
jar: jar,
})
})
@ -69,7 +69,7 @@ module.exports = function(port) {
function execute_totp(jar, token) {
return request.postAsync({
url: BASE_URL + '/authentication/2ndfactor/totp',
url: BASE_URL + '/2ndfactor/totp',
jar: jar,
form: {
token: token
@ -79,13 +79,13 @@ module.exports = function(port) {
function execute_u2f_authentication(jar) {
return request.getAsync({
url: BASE_URL + '/authentication/2ndfactor/u2f/sign_request',
url: BASE_URL + '/2ndfactor/u2f/sign_request',
jar: jar
})
.then(function(res) {
assert.equal(res.statusCode, 200);
return request.postAsync({
url: BASE_URL + '/authentication/2ndfactor/u2f/sign',
url: BASE_URL + '/2ndfactor/u2f/sign',
jar: jar,
form: {
}
@ -94,16 +94,16 @@ module.exports = function(port) {
}
function execute_verification(jar) {
return request.getAsync({ url: BASE_URL + '/authentication/verify', jar: jar })
return request.getAsync({ url: BASE_URL + '/verify', jar: jar })
}
function execute_login(jar) {
return request.getAsync({ url: BASE_URL + '/authentication/login', jar: jar })
return request.getAsync({ url: BASE_URL + '/login', jar: jar })
}
function execute_u2f_registration(jar, transporter) {
return request.postAsync({
url: BASE_URL + '/authentication/u2f-register',
url: BASE_URL + '/u2f-register',
jar: jar
})
.then(function(res) {
@ -113,21 +113,21 @@ module.exports = function(port) {
var token = regexp.exec(html_content)[1];
// console.log(html_content, token);
return request.getAsync({
url: BASE_URL + '/authentication/u2f-register?identity_token=' + token,
url: BASE_URL + '/u2f-register?identity_token=' + token,
jar: jar
})
})
.then(function(res) {
assert.equal(res.statusCode, 200);
return request.getAsync({
url: BASE_URL + '/authentication/2ndfactor/u2f/register_request',
url: BASE_URL + '/2ndfactor/u2f/register_request',
jar: jar,
});
})
.then(function(res) {
assert.equal(res.statusCode, 200);
return request.postAsync({
url: BASE_URL + '/authentication/2ndfactor/u2f/register',
url: BASE_URL + '/2ndfactor/u2f/register',
jar: jar,
form: {
s: 'test'
@ -138,7 +138,7 @@ module.exports = function(port) {
function execute_first_factor(jar) {
return request.postAsync({
url: BASE_URL + '/authentication/1stfactor',
url: BASE_URL + '/1stfactor',
jar: jar,
form: {
username: 'test_ok',
@ -149,7 +149,7 @@ module.exports = function(port) {
function execute_failing_first_factor(jar) {
return request.postAsync({
url: BASE_URL + '/authentication/1stfactor',
url: BASE_URL + '/1stfactor',
jar: jar,
form: {
username: 'test_nok',

View File

@ -164,32 +164,32 @@ describe('test the server', function() {
return Promise.all([p1, p2]);
  }
it('should block /authentication/new-password', function() {
return should_post_and_reply_with_403(BASE_URL + '/authentication/new-password')
it('should block /new-password', function() {
return should_post_and_reply_with_403(BASE_URL + '/new-password')
});
it('should block /authentication/u2f-register', function() {
return should_get_and_post_reply_with_403(BASE_URL + '/authentication/u2f-register');
it('should block /u2f-register', function() {
return should_get_and_post_reply_with_403(BASE_URL + '/u2f-register');
});
it('should block /authentication/reset-password', function() {
return should_get_and_post_reply_with_403(BASE_URL + '/authentication/reset-password');
it('should block /reset-password', function() {
return should_get_and_post_reply_with_403(BASE_URL + '/reset-password');
});
it('should block /authentication/2ndfactor/u2f/register_request', function() {
return should_get_and_reply_with_403(BASE_URL + '/authentication/2ndfactor/u2f/register_request');
it('should block /2ndfactor/u2f/register_request', function() {
return should_get_and_reply_with_403(BASE_URL + '/2ndfactor/u2f/register_request');
});
it('should block /authentication/2ndfactor/u2f/register', function() {
return should_post_and_reply_with_403(BASE_URL + '/authentication/2ndfactor/u2f/register');
it('should block /2ndfactor/u2f/register', function() {
return should_post_and_reply_with_403(BASE_URL + '/2ndfactor/u2f/register');
});
it('should block /authentication/2ndfactor/u2f/sign_request', function() {
return should_get_and_reply_with_403(BASE_URL + '/authentication/2ndfactor/u2f/sign_request');
it('should block /2ndfactor/u2f/sign_request', function() {
return should_get_and_reply_with_403(BASE_URL + '/2ndfactor/u2f/sign_request');
});
it('should block /authentication/2ndfactor/u2f/sign', function() {
return should_post_and_reply_with_403(BASE_URL + '/authentication/2ndfactor/u2f/sign');
it('should block /2ndfactor/u2f/sign', function() {
return should_post_and_reply_with_403(BASE_URL + '/2ndfactor/u2f/sign');
});
});
@ -201,7 +201,7 @@ describe('test the server', function() {
function test_reset_password_form() {
it('should serve the reset password form page', function(done) {
request.getAsync(BASE_URL + '/authentication/reset-password-form')
request.getAsync(BASE_URL + '/reset-password-form')
.then(function(response) {
assert.equal(response.statusCode, 200);
done();
@ -211,7 +211,7 @@ describe('test the server', function() {
function test_login() {
it('should serve the login page', function(done) {
request.getAsync(BASE_URL + '/authentication/login')
request.getAsync(BASE_URL + '/login')
.then(function(response) {
assert.equal(response.statusCode, 200);
done();
@ -221,7 +221,7 @@ describe('test the server', function() {
function test_logout() {
it('should logout and redirect to /', function(done) {
request.getAsync(BASE_URL + '/authentication/logout')
request.getAsync(BASE_URL + '/logout')
.then(function(response) {
assert.equal(response.req.path, '/');
done();
@ -231,7 +231,7 @@ describe('test the server', function() {
function test_authentication() {
it('should return status code 401 when user is not authenticated', function() {
return request.getAsync({ url: BASE_URL + '/authentication/verify' })
return request.getAsync({ url: BASE_URL + '/verify' })
.then(function(response) {
assert.equal(response.statusCode, 401);
return Promise.resolve();