mirror of
https://github.com/Alfresco/alfresco-ng2-components.git
synced 2025-05-12 17:04:57 +00:00
305 lines
9.7 KiB
TypeScript
305 lines
9.7 KiB
TypeScript
/*!
|
|
* @license
|
|
* Copyright © 2005-2025 Hyland Software, Inc. and its affiliates. All rights reserved.
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
import assert from 'assert';
|
|
import { ProcessAuth } from '../src';
|
|
import { SuperagentHttpClient } from '../src/superagentHttpClient';
|
|
import { BpmAuthMock } from './mockObjects';
|
|
|
|
describe('Bpm Auth test', () => {
|
|
const hostBpm = 'https://127.0.0.1:9999';
|
|
let authBpmMock: BpmAuthMock;
|
|
|
|
beforeEach(() => {
|
|
authBpmMock = new BpmAuthMock(hostBpm);
|
|
});
|
|
|
|
it('should remember username on login', () => {
|
|
const auth = new ProcessAuth({});
|
|
auth.login('johndoe', 'password');
|
|
assert.equal(auth.authentications.basicAuth.username, 'johndoe');
|
|
});
|
|
|
|
it('should forget username on logout', (done) => {
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
authBpmMock.get200Response();
|
|
|
|
processAuth.login('admin', 'admin').then(() => {
|
|
assert.equal(processAuth.authentications.basicAuth.username, 'admin');
|
|
|
|
authBpmMock.get200ResponseLogout();
|
|
|
|
processAuth.logout().then(() => {
|
|
assert.equal(processAuth.authentications.basicAuth.username, null);
|
|
done();
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('With Authentication', () => {
|
|
it('login should return the Ticket if all is ok', (done) => {
|
|
authBpmMock.get200Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
processAuth.login('admin', 'admin').then((data) => {
|
|
assert.equal(data, 'Basic YWRtaW46YWRtaW4=');
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('login password should be removed after login', (done) => {
|
|
authBpmMock.get200Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
processAuth.login('admin', 'admin').then((data) => {
|
|
assert.equal(data, 'Basic YWRtaW46YWRtaW4=');
|
|
assert.notEqual(processAuth.authentications.basicAuth.password, 'admin');
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('isLoggedIn should return true if the api is logged in', (done) => {
|
|
authBpmMock.get200Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
processAuth.login('admin', 'admin').then(() => {
|
|
assert.equal(processAuth.isLoggedIn(), true);
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('isLoggedIn should return false if the api is logged out', (done) => {
|
|
authBpmMock.get200Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
processAuth.login('admin', 'admin');
|
|
|
|
authBpmMock.get200ResponseLogout();
|
|
|
|
processAuth.logout().then(() => {
|
|
assert.equal(processAuth.isLoggedIn(), false);
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('isLoggedIn should return false if the host change', (done) => {
|
|
authBpmMock.get200Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
processAuth.login('admin', 'admin').then(() => {
|
|
assert.equal(processAuth.isLoggedIn(), true);
|
|
processAuth.changeHost();
|
|
assert.equal(processAuth.isLoggedIn(), false);
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('login should return an error if wrong credential are used 401 the login fails', (done) => {
|
|
authBpmMock.get401Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
processAuth.login('wrong', 'name').then(
|
|
() => {},
|
|
(error) => {
|
|
assert.equal(error.status, 401);
|
|
done();
|
|
}
|
|
);
|
|
});
|
|
|
|
describe('Events ', () => {
|
|
it('login should fire an event if is unauthorized 401', (done) => {
|
|
authBpmMock.get401Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
const loginPromise = processAuth.login('wrong', 'name');
|
|
|
|
loginPromise.catch(() => {});
|
|
loginPromise.on('unauthorized', () => {
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('login should fire an event if is forbidden 403', (done) => {
|
|
authBpmMock.get403Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
const loginPromise = processAuth.login('wrong', 'name');
|
|
loginPromise.catch(() => {});
|
|
loginPromise.on('forbidden', () => {
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('The Api Should fire success event if is all ok 201', (done) => {
|
|
authBpmMock.get200Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
const loginPromise = processAuth.login('admin', 'admin');
|
|
|
|
loginPromise.catch(() => {});
|
|
loginPromise.on('success', () => {
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('The Api Should fire logout event if the logout is successfull', (done) => {
|
|
authBpmMock.get200Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
processAuth.login('admin', 'admin');
|
|
|
|
authBpmMock.get200ResponseLogout();
|
|
|
|
const promise = processAuth.logout();
|
|
promise.on('logout', () => {
|
|
done();
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('With Ticket Authentication', () => {
|
|
it('Ticket should be present in the client', () => {
|
|
const processAuth = new ProcessAuth({
|
|
ticketBpm: 'Basic YWRtaW46YWRtaW4=',
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
assert.equal('Basic YWRtaW46YWRtaW4=', processAuth.authentications.basicAuth.ticket);
|
|
});
|
|
});
|
|
|
|
describe('Logout Api', () => {
|
|
let processAuth: ProcessAuth;
|
|
|
|
beforeEach((done) => {
|
|
authBpmMock.get200Response();
|
|
|
|
processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
processAuth.login('admin', 'admin').then(() => {
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('Ticket should be absent in the client and the resolve promise should be called', (done) => {
|
|
authBpmMock.get200ResponseLogout();
|
|
|
|
processAuth.logout().then(() => {
|
|
assert.equal(processAuth.getTicket(), null);
|
|
done();
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('CSRF Token', () => {
|
|
let originalMethod: any;
|
|
let setCsrfTokenCalled = false;
|
|
|
|
beforeEach(() => {
|
|
originalMethod = SuperagentHttpClient.prototype.setCsrfToken;
|
|
setCsrfTokenCalled = false;
|
|
|
|
SuperagentHttpClient.prototype.setCsrfToken = () => {
|
|
setCsrfTokenCalled = true;
|
|
};
|
|
});
|
|
|
|
afterEach(() => {
|
|
SuperagentHttpClient.prototype.setCsrfToken = originalMethod;
|
|
setCsrfTokenCalled = false;
|
|
});
|
|
|
|
it('should be enabled by default', (done) => {
|
|
authBpmMock.get200Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app'
|
|
});
|
|
|
|
processAuth.login('admin', 'admin').then(() => {
|
|
assert.equal(setCsrfTokenCalled, true);
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('should be disabled if disableCsrf is true', (done) => {
|
|
authBpmMock.get200Response();
|
|
|
|
const processAuth = new ProcessAuth({
|
|
hostBpm,
|
|
contextRootBpm: 'activiti-app',
|
|
disableCsrf: true
|
|
});
|
|
|
|
processAuth.login('admin', 'admin').then(() => {
|
|
assert.equal(setCsrfTokenCalled, false);
|
|
done();
|
|
});
|
|
});
|
|
});
|
|
});
|
|
});
|