124 lines
4.4 KiB
TypeScript
124 lines
4.4 KiB
TypeScript
|
||
import Sinon = require("sinon");
|
||
import BluebirdPromise = require("bluebird");
|
||
import Assert = require("assert");
|
||
import FirstFactorPost = require("../../../src/lib/routes/firstfactor/post");
|
||
import exceptions = require("../../../src/lib/Exceptions");
|
||
import AuthenticationSessionHandler = require("../../../src/lib/AuthenticationSession");
|
||
import { AuthenticationSession } from "../../../types/AuthenticationSession";
|
||
import Endpoints = require("../../../../shared/api");
|
||
import AuthenticationRegulatorMock = require("../../mocks/AuthenticationRegulator");
|
||
import { AccessControllerStub } from "../../mocks/AccessControllerStub";
|
||
import ExpressMock = require("../../mocks/express");
|
||
import { ServerVariablesMock, ServerVariablesMockBuilder } from "../../mocks/ServerVariablesMockBuilder";
|
||
import { ServerVariables } from "../../../src/lib/ServerVariables";
|
||
|
||
describe("test the first factor validation route", function () {
|
||
let req: ExpressMock.RequestMock;
|
||
let res: ExpressMock.ResponseMock;
|
||
let emails: string[];
|
||
let groups: string[];
|
||
let vars: ServerVariables;
|
||
let mocks: ServerVariablesMock;
|
||
|
||
beforeEach(function () {
|
||
emails = ["test_ok@example.com"];
|
||
groups = ["group1", "group2" ];
|
||
const s = ServerVariablesMockBuilder.build();
|
||
mocks = s.mocks;
|
||
vars = s.variables;
|
||
|
||
mocks.accessController.isAccessAllowedMock.returns(true);
|
||
mocks.regulator.regulateStub.returns(BluebirdPromise.resolve());
|
||
mocks.regulator.markStub.returns(BluebirdPromise.resolve());
|
||
|
||
req = {
|
||
body: {
|
||
username: "username",
|
||
password: "password"
|
||
},
|
||
query: {
|
||
redirect: "http://redirect.url"
|
||
},
|
||
session: {
|
||
},
|
||
headers: {
|
||
host: "home.example.com"
|
||
}
|
||
};
|
||
|
||
res = ExpressMock.ResponseMock();
|
||
});
|
||
|
||
it("should reply with 204 if success", function () {
|
||
mocks.ldapAuthenticator.authenticateStub.withArgs("username", "password")
|
||
.returns(BluebirdPromise.resolve({
|
||
emails: emails,
|
||
groups: groups
|
||
}));
|
||
let authSession: AuthenticationSession;
|
||
return AuthenticationSessionHandler.get(req as any, vars.logger)
|
||
.then(function (_authSession) {
|
||
authSession = _authSession;
|
||
return FirstFactorPost.default(vars)(req as any, res as any);
|
||
})
|
||
.then(function () {
|
||
Assert.equal("username", authSession.userid);
|
||
Assert(res.send.calledOnce);
|
||
});
|
||
});
|
||
|
||
it("should retrieve email from LDAP", function () {
|
||
mocks.ldapAuthenticator.authenticateStub.withArgs("username", "password")
|
||
.returns(BluebirdPromise.resolve([{ mail: ["test@example.com"] }]));
|
||
return FirstFactorPost.default(vars)(req as any, res as any);
|
||
});
|
||
|
||
it("should set first email address as user session variable", function () {
|
||
const emails = ["test_ok@example.com"];
|
||
let authSession: AuthenticationSession;
|
||
mocks.ldapAuthenticator.authenticateStub.withArgs("username", "password")
|
||
.returns(BluebirdPromise.resolve({
|
||
emails: emails,
|
||
groups: groups
|
||
}));
|
||
|
||
return AuthenticationSessionHandler.get(req as any, vars.logger)
|
||
.then(function (_authSession) {
|
||
authSession = _authSession;
|
||
return FirstFactorPost.default(vars)(req as any, res as any);
|
||
})
|
||
.then(function () {
|
||
Assert.equal("test_ok@example.com", authSession.email);
|
||
});
|
||
});
|
||
|
||
it("should return error message when LDAP authenticator throws", function () {
|
||
mocks.ldapAuthenticator.authenticateStub.withArgs("username", "password")
|
||
.returns(BluebirdPromise.reject(new exceptions.LdapBindError("Bad credentials")));
|
||
|
||
return FirstFactorPost.default(vars)(req as any, res as any)
|
||
.then(function () {
|
||
Assert.equal(res.status.getCall(0).args[0], 200);
|
||
Assert.equal(mocks.regulator.markStub.getCall(0).args[0], "username");
|
||
Assert.deepEqual(res.send.getCall(0).args[0], {
|
||
error: "Operation failed."
|
||
});
|
||
});
|
||
});
|
||
|
||
it("should return error message when regulator rejects authentication", function () {
|
||
const err = new exceptions.AuthenticationRegulationError("Authentication regulation...");
|
||
mocks.regulator.regulateStub.returns(BluebirdPromise.reject(err));
|
||
return FirstFactorPost.default(vars)(req as any, res as any)
|
||
.then(function () {
|
||
Assert.equal(res.status.getCall(0).args[0], 200);
|
||
Assert.deepEqual(res.send.getCall(0).args[0], {
|
||
error: "Operation failed."
|
||
});
|
||
});
|
||
});
|
||
});
|
||
|
||
|