2019-12-08 00:32:00 +05:30
|
|
|
import expect from 'app/test/unexpected';
|
2020-01-18 02:07:52 +05:30
|
|
|
import sinon, { SinonFakeServer } from 'sinon';
|
2016-11-05 15:41:41 +05:30
|
|
|
|
2019-12-08 00:32:00 +05:30
|
|
|
import request from 'app/services/request';
|
|
|
|
import * as authentication from 'app/services/api/authentication';
|
|
|
|
import * as accounts from 'app/services/api/accounts';
|
2016-11-05 15:41:41 +05:30
|
|
|
|
|
|
|
describe('authentication api', () => {
|
2020-05-24 04:38:24 +05:30
|
|
|
let server: SinonFakeServer;
|
2019-02-05 02:44:58 +05:30
|
|
|
|
|
|
|
beforeEach(() => {
|
2020-05-24 04:38:24 +05:30
|
|
|
server = sinon.fakeServer.create({
|
|
|
|
autoRespond: true,
|
|
|
|
});
|
2019-02-05 02:44:58 +05:30
|
|
|
});
|
|
|
|
|
|
|
|
afterEach(() => {
|
2020-05-24 04:38:24 +05:30
|
|
|
server.restore();
|
2019-02-05 02:44:58 +05:30
|
|
|
});
|
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
describe('#login', () => {
|
|
|
|
const params = {
|
|
|
|
login: 'foo',
|
|
|
|
password: 'secret',
|
|
|
|
rememberMe: false,
|
|
|
|
};
|
2016-12-25 23:39:47 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
beforeEach(() => {
|
|
|
|
sinon.stub(request, 'post').named('request.post');
|
2016-12-25 23:39:47 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
(request.post as any).returns(Promise.resolve());
|
|
|
|
});
|
2016-12-25 23:39:47 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
afterEach(() => {
|
|
|
|
(request.post as any).restore();
|
|
|
|
});
|
2016-12-25 23:39:47 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
it('should post to login api', () => {
|
|
|
|
authentication.login(params);
|
2016-12-25 23:39:47 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
expect(request.post, 'to have a call satisfying', ['/api/authentication/login', params, {}]);
|
|
|
|
});
|
2016-11-05 15:41:41 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
it('should disable any token', () => {
|
|
|
|
authentication.login(params);
|
2016-11-05 15:41:41 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
expect(request.post, 'to have a call satisfying', ['/api/authentication/login', params, { token: null }]);
|
|
|
|
});
|
2019-11-27 14:33:32 +05:30
|
|
|
});
|
2016-11-05 15:41:41 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
describe('#validateToken()', () => {
|
|
|
|
const validToken = 'foo';
|
|
|
|
const validRefreshToken = 'bar';
|
|
|
|
const user = { id: 1 };
|
|
|
|
const validateTokenArgs: [number, string, string] = [user.id, validToken, validRefreshToken];
|
|
|
|
|
|
|
|
beforeEach(() => {
|
|
|
|
sinon.stub(accounts, 'getInfo');
|
|
|
|
(accounts.getInfo as any).returns(Promise.resolve(user));
|
|
|
|
});
|
|
|
|
|
|
|
|
afterEach(() => {
|
|
|
|
(accounts.getInfo as any).restore();
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should request accounts.getInfo', () =>
|
|
|
|
expect(authentication.validateToken(...validateTokenArgs), 'to be fulfilled').then(() => {
|
|
|
|
expect(accounts.getInfo, 'to have a call satisfying', [user.id, validToken]);
|
|
|
|
}));
|
|
|
|
|
|
|
|
it('should resolve with both tokens and user object', () =>
|
|
|
|
expect(authentication.validateToken(...validateTokenArgs), 'to be fulfilled with', {
|
|
|
|
token: validToken,
|
|
|
|
refreshToken: validRefreshToken,
|
|
|
|
user,
|
|
|
|
}));
|
|
|
|
|
|
|
|
it('rejects if token has a bad type', () =>
|
|
|
|
expect(authentication.validateToken(user.id, {} as any), 'to be rejected with', 'token must be a string'));
|
|
|
|
|
|
|
|
it('should allow empty refreshToken', () =>
|
|
|
|
expect(authentication.validateToken(user.id, 'foo', null), 'to be fulfilled'));
|
|
|
|
|
|
|
|
it('rejects if accounts.getInfo request is unexpectedly failed', () => {
|
|
|
|
const error = 'Something wrong';
|
|
|
|
(accounts.getInfo as any).returns(Promise.reject(error));
|
|
|
|
|
|
|
|
return expect(authentication.validateToken(...validateTokenArgs), 'to be rejected with', error);
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('when token is expired', () => {
|
|
|
|
const expiredResponse = {
|
|
|
|
name: 'Unauthorized',
|
|
|
|
message: 'Token expired',
|
|
|
|
code: 0,
|
|
|
|
status: 401,
|
|
|
|
type: 'yii\\web\\UnauthorizedHttpException',
|
|
|
|
};
|
|
|
|
const newToken = 'baz';
|
|
|
|
|
|
|
|
beforeEach(() => {
|
|
|
|
sinon.stub(authentication, 'requestToken');
|
|
|
|
|
|
|
|
(accounts.getInfo as any).onCall(0).returns(Promise.reject(expiredResponse));
|
|
|
|
(authentication.requestToken as any).returns(Promise.resolve(newToken));
|
|
|
|
});
|
|
|
|
|
|
|
|
afterEach(() => {
|
|
|
|
(authentication.requestToken as any).restore();
|
|
|
|
});
|
|
|
|
|
|
|
|
it('resolves with new token and user object', async () => {
|
|
|
|
server.respondWith(
|
|
|
|
'POST',
|
|
|
|
'/api/authentication/refresh-token',
|
|
|
|
JSON.stringify({
|
|
|
|
access_token: newToken,
|
|
|
|
refresh_token: validRefreshToken,
|
|
|
|
success: true,
|
|
|
|
expires_in: 50000,
|
|
|
|
}),
|
|
|
|
);
|
|
|
|
|
|
|
|
await expect(authentication.validateToken(...validateTokenArgs), 'to be fulfilled with', {
|
|
|
|
token: newToken,
|
|
|
|
refreshToken: validRefreshToken,
|
|
|
|
user,
|
|
|
|
});
|
|
|
|
|
|
|
|
expect(server.requests[0].requestBody, 'to equal', `refresh_token=${validRefreshToken}`);
|
|
|
|
});
|
|
|
|
|
|
|
|
it('rejects if token request failed', () => {
|
|
|
|
const error = { error: 'Unexpected error example' };
|
|
|
|
server.respondWith('POST', '/api/authentication/refresh-token', [500, [], JSON.stringify(error)]);
|
|
|
|
|
|
|
|
return expect(authentication.validateToken(...validateTokenArgs), 'to be rejected with', error);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('when token is incorrect', () => {
|
|
|
|
const expiredResponse = {
|
|
|
|
name: 'Unauthorized',
|
|
|
|
message: 'Incorrect token',
|
|
|
|
code: 0,
|
|
|
|
status: 401,
|
|
|
|
type: 'yii\\web\\UnauthorizedHttpException',
|
|
|
|
};
|
|
|
|
const newToken = 'baz';
|
|
|
|
|
|
|
|
beforeEach(() => {
|
|
|
|
(accounts.getInfo as any).onCall(0).returns(Promise.reject(expiredResponse));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('resolves with new token and user object', async () => {
|
|
|
|
server.respondWith(
|
|
|
|
'POST',
|
|
|
|
'/api/authentication/refresh-token',
|
|
|
|
JSON.stringify({
|
|
|
|
access_token: newToken,
|
|
|
|
refresh_token: validRefreshToken,
|
|
|
|
success: true,
|
|
|
|
expires_in: 50000,
|
|
|
|
}),
|
|
|
|
);
|
|
|
|
|
|
|
|
await expect(authentication.validateToken(...validateTokenArgs), 'to be fulfilled with', {
|
|
|
|
token: newToken,
|
|
|
|
refreshToken: validRefreshToken,
|
|
|
|
user,
|
|
|
|
});
|
|
|
|
|
|
|
|
expect(server.requests[0].requestBody, 'to equal', `refresh_token=${validRefreshToken}`);
|
|
|
|
});
|
|
|
|
|
|
|
|
it('rejects if token request failed', () => {
|
|
|
|
const error = { error: 'Unexpected error example' };
|
|
|
|
server.respondWith('POST', '/api/authentication/refresh-token', [500, [], JSON.stringify(error)]);
|
|
|
|
|
|
|
|
return expect(authentication.validateToken(...validateTokenArgs), 'to be rejected with', error);
|
|
|
|
});
|
|
|
|
});
|
2016-11-05 15:41:41 +05:30
|
|
|
});
|
2016-11-15 11:25:15 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
describe('#logout', () => {
|
|
|
|
beforeEach(() => {
|
|
|
|
sinon.stub(request, 'post').named('request.post');
|
|
|
|
});
|
2016-11-15 11:25:15 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
afterEach(() => {
|
|
|
|
(request.post as any).restore();
|
|
|
|
});
|
2016-11-15 11:25:15 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
it('should request logout api', () => {
|
|
|
|
authentication.logout();
|
2016-11-15 11:25:15 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
expect(request.post, 'to have a call satisfying', ['/api/authentication/logout', {}, {}]);
|
|
|
|
});
|
2016-11-15 11:25:15 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
it('returns a promise', () => {
|
|
|
|
(request.post as any).returns(Promise.resolve());
|
2016-11-15 11:25:15 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
return expect(authentication.logout(), 'to be fulfilled');
|
|
|
|
});
|
2016-11-15 11:25:15 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
it('overrides token if provided', () => {
|
|
|
|
const token = 'foo';
|
2016-11-15 11:25:15 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
authentication.logout(token);
|
2016-11-15 11:25:15 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
expect(request.post, 'to have a call satisfying', ['/api/authentication/logout', {}, { token }]);
|
|
|
|
});
|
2016-11-15 11:25:15 +05:30
|
|
|
});
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
describe('#requestToken', () => {
|
|
|
|
const refreshToken = 'refresh-token';
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
beforeEach(() => {
|
|
|
|
sinon.stub(request, 'post').named('request.post');
|
|
|
|
});
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
afterEach(() => {
|
|
|
|
(request.post as any).restore();
|
|
|
|
});
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
it('should request refresh-token api', () => {
|
|
|
|
(request.post as any).returns(Promise.resolve({}));
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
authentication.requestToken(refreshToken);
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
expect(request.post, 'to have a call satisfying', [
|
|
|
|
'/api/authentication/refresh-token',
|
|
|
|
{
|
|
|
|
refresh_token: refreshToken, // eslint-disable-line
|
|
|
|
},
|
|
|
|
{},
|
|
|
|
]);
|
|
|
|
});
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
it('should disable bearer auth for request', () => {
|
|
|
|
(request.post as any).returns(Promise.resolve({}));
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
authentication.requestToken(refreshToken);
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
expect(request.post, 'to have a call satisfying', [
|
|
|
|
'/api/authentication/refresh-token',
|
|
|
|
{
|
|
|
|
refresh_token: refreshToken, // eslint-disable-line
|
|
|
|
},
|
|
|
|
{ token: null },
|
|
|
|
]);
|
|
|
|
});
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
it('should resolve with token', () => {
|
|
|
|
const token = 'token';
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
(request.post as any).returns(
|
|
|
|
Promise.resolve({
|
|
|
|
access_token: token, // eslint-disable-line
|
|
|
|
}),
|
|
|
|
);
|
2016-12-13 01:37:49 +05:30
|
|
|
|
2020-05-24 04:38:24 +05:30
|
|
|
return expect(authentication.requestToken(refreshToken), 'to be fulfilled with', token);
|
|
|
|
});
|
2016-12-13 01:37:49 +05:30
|
|
|
});
|
2016-11-05 15:41:41 +05:30
|
|
|
});
|