mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-13 14:39:52 +03:00
275 lines
8.8 KiB
JavaScript
275 lines
8.8 KiB
JavaScript
|
/*globals describe, before, beforeEach, afterEach, it*/
|
||
|
/*jshint expr:true*/
|
||
|
var sinon = require('sinon'),
|
||
|
should = require('should'),
|
||
|
Promise = require('bluebird'),
|
||
|
|
||
|
oAuth = require('../../../server/middleware/oauth'),
|
||
|
Models = require('../../../server/models');
|
||
|
|
||
|
// To stop jshint complaining
|
||
|
should.equal(true, true);
|
||
|
|
||
|
describe('OAuth', function () {
|
||
|
var next, req, res, sandbox;
|
||
|
|
||
|
before(function (done) {
|
||
|
// Loads all the models
|
||
|
Models.init().then(done).catch(done);
|
||
|
});
|
||
|
|
||
|
beforeEach(function () {
|
||
|
sandbox = sinon.sandbox.create();
|
||
|
req = {};
|
||
|
res = {};
|
||
|
next = sandbox.spy();
|
||
|
});
|
||
|
|
||
|
afterEach(function () {
|
||
|
sandbox.restore();
|
||
|
});
|
||
|
|
||
|
describe('Generate Token from Password', function () {
|
||
|
beforeEach(function () {
|
||
|
sandbox.stub(Models.Accesstoken, 'destroyAllExpired')
|
||
|
.returns(new Promise.resolve());
|
||
|
sandbox.stub(Models.Refreshtoken, 'destroyAllExpired')
|
||
|
.returns(new Promise.resolve());
|
||
|
});
|
||
|
|
||
|
it('Successfully generate access token.', function (done) {
|
||
|
req.body = {};
|
||
|
req.client = {
|
||
|
slug: 'test'
|
||
|
};
|
||
|
|
||
|
req.body.grant_type = 'password';
|
||
|
req.body.username = 'username';
|
||
|
req.body.password = 'password';
|
||
|
res.setHeader = {};
|
||
|
res.end = {};
|
||
|
|
||
|
sandbox.stub(Models.Client, 'findOne')
|
||
|
.withArgs({slug: 'test'}).returns(new Promise.resolve({
|
||
|
id: 1
|
||
|
}));
|
||
|
sandbox.stub(Models.User, 'check')
|
||
|
.withArgs({email: 'username', password: 'password'}).returns(new Promise.resolve({
|
||
|
id: 1
|
||
|
}));
|
||
|
sandbox.stub(Models.Accesstoken, 'add')
|
||
|
.returns(new Promise.resolve());
|
||
|
|
||
|
sandbox.stub(Models.Refreshtoken, 'add')
|
||
|
.returns(new Promise.resolve());
|
||
|
|
||
|
sandbox.stub(res, 'setHeader', function () {});
|
||
|
|
||
|
sandbox.stub(res, 'end', function (json) {
|
||
|
try {
|
||
|
json.should.exist;
|
||
|
json = JSON.parse(json);
|
||
|
json.should.have.property('access_token');
|
||
|
json.should.have.property('refresh_token');
|
||
|
json.should.have.property('expires_in');
|
||
|
json.should.have.property('token_type', 'Bearer');
|
||
|
next.called.should.eql(false);
|
||
|
done();
|
||
|
} catch (err) {
|
||
|
done(err);
|
||
|
}
|
||
|
});
|
||
|
oAuth.init();
|
||
|
oAuth.generateAccessToken(req, res, next);
|
||
|
});
|
||
|
|
||
|
it('Can\'t generate access token without client.', function (done) {
|
||
|
req.body = {};
|
||
|
req.client = {
|
||
|
slug: 'test'
|
||
|
};
|
||
|
|
||
|
req.body.grant_type = 'password';
|
||
|
req.body.username = 'username';
|
||
|
req.body.password = 'password';
|
||
|
res.setHeader = {};
|
||
|
res.end = {};
|
||
|
|
||
|
sandbox.stub(Models.Client, 'findOne')
|
||
|
.withArgs({slug: 'test'}).returns(new Promise.resolve());
|
||
|
|
||
|
oAuth.init();
|
||
|
oAuth.generateAccessToken(req, res, function (err) {
|
||
|
err.errorType.should.eql('NoPermissionError');
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('Handles database error.', function (done) {
|
||
|
req.body = {};
|
||
|
req.client = {
|
||
|
slug: 'test'
|
||
|
};
|
||
|
|
||
|
req.body.grant_type = 'password';
|
||
|
req.body.username = 'username';
|
||
|
req.body.password = 'password';
|
||
|
res.setHeader = {};
|
||
|
res.end = {};
|
||
|
|
||
|
sandbox.stub(Models.Client, 'findOne')
|
||
|
.withArgs({slug: 'test'}).returns(new Promise.resolve({
|
||
|
id: 1
|
||
|
}));
|
||
|
sandbox.stub(Models.User, 'check')
|
||
|
.withArgs({email: 'username', password: 'password'}).returns(new Promise.resolve({
|
||
|
id: 1
|
||
|
}));
|
||
|
sandbox.stub(Models.Accesstoken, 'add')
|
||
|
.returns(new Promise.reject({
|
||
|
message: 'DB error'
|
||
|
}));
|
||
|
|
||
|
oAuth.init();
|
||
|
oAuth.generateAccessToken(req, res, function (err) {
|
||
|
err.message.should.eql('DB error');
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
|
||
|
describe('Generate Token from Refreshtoken', function () {
|
||
|
beforeEach(function () {
|
||
|
sandbox.stub(Models.Accesstoken, 'destroyAllExpired')
|
||
|
.returns(new Promise.resolve());
|
||
|
sandbox.stub(Models.Refreshtoken, 'destroyAllExpired')
|
||
|
.returns(new Promise.resolve());
|
||
|
});
|
||
|
|
||
|
it('Successfully generate access token.', function (done) {
|
||
|
req.body = {};
|
||
|
req.client = {
|
||
|
slug: 'test'
|
||
|
};
|
||
|
|
||
|
req.body.grant_type = 'refresh_token';
|
||
|
req.body.refresh_token = 'token';
|
||
|
res.setHeader = {};
|
||
|
res.end = {};
|
||
|
|
||
|
sandbox.stub(Models.Refreshtoken, 'findOne')
|
||
|
.withArgs({token: 'token'}).returns(new Promise.resolve({
|
||
|
toJSON: function () {
|
||
|
return {
|
||
|
expires: Date.now() + 3600
|
||
|
};
|
||
|
}
|
||
|
}));
|
||
|
|
||
|
sandbox.stub(Models.Accesstoken, 'add')
|
||
|
.returns(new Promise.resolve());
|
||
|
|
||
|
sandbox.stub(Models.Refreshtoken, 'edit')
|
||
|
.returns(new Promise.resolve());
|
||
|
|
||
|
sandbox.stub(res, 'setHeader', function () {});
|
||
|
|
||
|
sandbox.stub(res, 'end', function (json) {
|
||
|
try {
|
||
|
json.should.exist;
|
||
|
json = JSON.parse(json);
|
||
|
json.should.have.property('access_token');
|
||
|
json.should.have.property('expires_in');
|
||
|
json.should.have.property('token_type', 'Bearer');
|
||
|
next.called.should.eql(false);
|
||
|
done();
|
||
|
} catch (err) {
|
||
|
done(err);
|
||
|
}
|
||
|
});
|
||
|
oAuth.init();
|
||
|
oAuth.generateAccessToken(req, res, next);
|
||
|
});
|
||
|
|
||
|
it('Can\'t generate access token without valid refresh token.', function (done) {
|
||
|
req.body = {};
|
||
|
req.client = {
|
||
|
slug: 'test'
|
||
|
};
|
||
|
|
||
|
req.body.grant_type = 'refresh_token';
|
||
|
req.body.refresh_token = 'token';
|
||
|
res.setHeader = {};
|
||
|
res.end = {};
|
||
|
|
||
|
sandbox.stub(Models.Refreshtoken, 'findOne')
|
||
|
.withArgs({token: 'token'}).returns(new Promise.resolve());
|
||
|
|
||
|
oAuth.init();
|
||
|
oAuth.generateAccessToken(req, res, function (err) {
|
||
|
err.errorType.should.eql('NoPermissionError');
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('Can\'t generate access token with expired refresh token.', function (done) {
|
||
|
req.body = {};
|
||
|
req.client = {
|
||
|
slug: 'test'
|
||
|
};
|
||
|
|
||
|
req.body.grant_type = 'refresh_token';
|
||
|
req.body.refresh_token = 'token';
|
||
|
res.setHeader = {};
|
||
|
res.end = {};
|
||
|
|
||
|
sandbox.stub(Models.Refreshtoken, 'findOne')
|
||
|
.withArgs({token: 'token'}).returns(new Promise.resolve({
|
||
|
toJSON: function () {
|
||
|
return {
|
||
|
expires: Date.now() - 3600
|
||
|
};
|
||
|
}
|
||
|
}));
|
||
|
|
||
|
oAuth.init();
|
||
|
oAuth.generateAccessToken(req, res, function (err) {
|
||
|
err.errorType.should.eql('UnauthorizedError');
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('Handles database error.', function (done) {
|
||
|
req.body = {};
|
||
|
req.client = {
|
||
|
slug: 'test'
|
||
|
};
|
||
|
|
||
|
req.body.grant_type = 'refresh_token';
|
||
|
req.body.refresh_token = 'token';
|
||
|
res.setHeader = {};
|
||
|
res.end = {};
|
||
|
|
||
|
sandbox.stub(Models.Refreshtoken, 'findOne')
|
||
|
.withArgs({token: 'token'}).returns(new Promise.resolve({
|
||
|
toJSON: function () {
|
||
|
return {
|
||
|
expires: Date.now() + 3600
|
||
|
};
|
||
|
}
|
||
|
}));
|
||
|
|
||
|
sandbox.stub(Models.Accesstoken, 'add')
|
||
|
.returns(new Promise.reject({
|
||
|
message: 'DB error'
|
||
|
}));
|
||
|
|
||
|
oAuth.init();
|
||
|
oAuth.generateAccessToken(req, res, function (err) {
|
||
|
err.message.should.eql('DB error');
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
});
|