inteligr8/alfresco-ng2-components
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-ng2-components.git synced 2025-05-12 17:04:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
alfresco-ng2-components/lib/js-api/test/bpmAuth.spec.ts
Vito Albano 5d64c7f0ed
Ng17 migration (#10295) 
* Migrate to NG17

* [ci:force] - fixed deps

* [ci:force] - fixed build for testing 1

* Fixed build for all the packages

* [ci:force] - fixing lint

* [ci:force] - Fixed lint

* AAE-26163 Fix infinite loop when authentication error event occured (#10272)

* AAE-26163 Logout user after 3 login attempts failed, avoiding infinite loop when an authentication error occured, like when a user machine clock is significantly out of sync

* AAE-26163 Wait to discovery document to be loaded and user not authenticated to perform a ssoLogin, logout user if login fails after 3 attempts

* AAE-26163 Fix missed id_token_hint invoking logout when a login error occured due to a clock significantly out of sync

* AAE-26163 Add fake observable to unit test

* AAE-26163 Show oauth event logs if showDebugInformation is enabled, remove auth items if access token is not valid

* AAE-26163 Improve tryLogin error message

* AAE-26163 Check if token has expired to fix case when user access the application after the token is expired and with a clock significantly out of sync

* AAE-26163 Test logout when clock is out of sync

* AAE-26163 Create a service to check if local machine time is out of sync

* AAE-26163 Update oauthErrorEvent$ and combinedOAuthErrorsStream$ to return errors

* AAE-26163 Output error within combined oauth error event subscription

* AAE-26163 Fix lint problems

* AAE-26163 Logout user when token refresh error happens for the second time, if the token is not refreshed properly after first refresh error

* AAE-26163 Logout user once an oauth error event occur due to clock out of sync

* AAE-26163 Fix retry login error message if the OAuthErrorEvent doesn t return reason

* AAE-26163 Fix the issue where the logout API call is canceled by the authorize call when login fails due to clock synchronization problems, causing an infinite loop.

* remove console.log

* AAE-26163 Fix retry login error message if the OAuthErrorEvent reason is an empty object

* Cherry picked commit from oidc and run fix lint

* [MIGRATION] - fixed build and lint

* [MIGRATION] - Added injectionContext to avoid error NG0203 for unit tests

* [MIGRATION] - Moving mocha to jest

* [MIGRATION] - Fixing failing migrated tests

* [MIGRATION] - Migrating to Jest - working but some tests fails

* Trying to fix js-api unit tests

* Removing testing lib to sync with develop

* Fixed two excluded unit tests

* Removed unused project parts

* Removed unused project parts

* Reduced tserrors on building storybook

* Fixed sonarqube errors

* Removing temporarily eslint rule from publishing

* [MIGRATION] - Fixed lint

* [MIGRATION] - Fixed type

* [MIGRATION] - Rebased

* [MIGRATION] - Readded removed action

* [MIGRATION] - Checking deps

* [MIGRATION] - updated lock

* [ACS-9052] manage versions close button is too low (#10466)

* [ci:force] - Fixed lint

* [ACS-9052] Fixed close button in version manager position

* [ACS-9052] Reverted unwanted changes

---------

Co-authored-by: VitoAlbano <vito.albano.123@gmail.com>

* [MIGRATION] - fixed storybook builds

* [MIGRATION] - Checking if now eslint is releasable

* [MIGRATION] - Changing the building executor for eslint-rules

* Readded rule for peer deps

* Fixed wrong rule

* [ACS-9075] Fixed incorrect buttons labels color (#10489)

* Update package.json

* Fix ACA pipeline

* [ACS-9084] Fixed incorrect color for notification bell icon (#10513)

* Change dialog label padding

* [AAE-26767] - Fixed lint

* [AAE-26767] - Fixed lint

* updated dependencies

* AAE-30733 Fix incorrect alignment of icons in permission list header

* [MIGRATION] - sync package-lock

* [MIGRATION] - Fixed package on core lib

* [MIGRATION] - Removed unused lock

* Fixed licence

* [MIGRATION] - sync lock file

* [MIGRATION] - fixed lint issues

* [ACS-9271][ACA] Login page input labels are cut if the input is not empty (#10637)

* AAE-31453 Override card-view-textitem readonly color

---------

Co-authored-by: Amedeo Lepore <amedeo.lepore@hyland.com>
Co-authored-by: Ehsan Rezaei <ehsan.rezaei@hyland.com>
Co-authored-by: AleksanderSklorz <115619721+AleksanderSklorz@users.noreply.github.com>
Co-authored-by: DominikIwanek <dominik.iwanek@hyland.com>
Co-authored-by: swapnil-verma-gl <92505353+swapnil-verma-gl@users.noreply.github.com>
Co-authored-by: Wojciech Duda <69160975+wojd0@users.noreply.github.com>
Co-authored-by: dominikiwanekhyland <141320833+dominikiwanekhyland@users.noreply.github.com>
2025-02-12 11:58:57 +00:00

303 lines
9.6 KiB
TypeScript
Raw Blame History

/*!
* @license
* Copyright © 2005-2025 Hyland Software, Inc. and its affiliates. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import assert from 'assert';
import { ProcessAuth } from '../src';
import { SuperagentHttpClient } from '../src/superagentHttpClient';
import { BpmAuthMock } from './mockObjects';
describe('Bpm Auth test', () => {
const hostBpm = 'https://127.0.0.1:9999';
let authBpmMock: BpmAuthMock;
beforeEach(() => {
authBpmMock = new BpmAuthMock(hostBpm);
});
it('should remember username on login', () => {
const auth = new ProcessAuth({});
auth.login('johndoe', 'password');
assert.equal(auth.authentications.basicAuth.username, 'johndoe');
});
it('should forget username on logout', (done) => {
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
authBpmMock.get200Response();
processAuth.login('admin', 'admin').then(() => {
assert.equal(processAuth.authentications.basicAuth.username, 'admin');
authBpmMock.get200ResponseLogout();
processAuth.logout().then(() => {
assert.equal(processAuth.authentications.basicAuth.username, null);
done();
});
});
});
describe('With Authentication', () => {
it('login should return the Ticket if all is ok', async () => {
authBpmMock.get200Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
const data = await processAuth.login('admin', 'admin');
assert.equal(data, 'Basic YWRtaW46YWRtaW4=');
});
it('login password should be removed after login', (done) => {
authBpmMock.get200Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
processAuth.login('admin', 'admin').then((data) => {
assert.equal(data, 'Basic YWRtaW46YWRtaW4=');
assert.notEqual(processAuth.authentications.basicAuth.password, 'admin');
done();
});
});
it('isLoggedIn should return true if the api is logged in', (done) => {
authBpmMock.get200Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
processAuth.login('admin', 'admin').then(() => {
assert.equal(processAuth.isLoggedIn(), true);
done();
});
});
it('isLoggedIn should return false if the api is logged out', (done) => {
authBpmMock.get200Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
processAuth.login('admin', 'admin');
authBpmMock.get200ResponseLogout();
processAuth.logout().then(() => {
assert.equal(processAuth.isLoggedIn(), false);
done();
});
});
it('isLoggedIn should return false if the host change', (done) => {
authBpmMock.get200Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
processAuth.login('admin', 'admin').then(() => {
assert.equal(processAuth.isLoggedIn(), true);
processAuth.changeHost();
assert.equal(processAuth.isLoggedIn(), false);
done();
});
});
it('login should return an error if wrong credential are used 401 the login fails', (done) => {
authBpmMock.get401Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
processAuth.login('wrong', 'name').then(
() => {},
(error) => {
assert.equal(error.status, 401);
done();
}
);
});
describe('Events ', () => {
it('login should fire an event if is unauthorized 401', (done) => {
authBpmMock.get401Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
const loginPromise = processAuth.login('wrong', 'name');
loginPromise.catch(() => {});
loginPromise.on('unauthorized', () => {
done();
});
});
it('login should fire an event if is forbidden 403', (done) => {
authBpmMock.get403Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
const loginPromise = processAuth.login('wrong', 'name');
loginPromise.catch(() => {});
loginPromise.on('forbidden', () => {
done();
});
});
it('The Api Should fire success event if is all ok 201', (done) => {
authBpmMock.get200Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
const loginPromise = processAuth.login('admin', 'admin');
loginPromise.catch(() => {});
loginPromise.on('success', () => {
done();
});
});
it('The Api Should fire logout event if the logout is successfull', (done) => {
authBpmMock.get200Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
processAuth.login('admin', 'admin');
authBpmMock.get200ResponseLogout();
const promise = processAuth.logout();
promise.on('logout', () => {
done();
});
});
});
describe('With Ticket Authentication', () => {
it('Ticket should be present in the client', () => {
const processAuth = new ProcessAuth({
ticketBpm: 'Basic YWRtaW46YWRtaW4=',
hostBpm,
contextRootBpm: 'activiti-app'
});
assert.equal('Basic YWRtaW46YWRtaW4=', processAuth.authentications.basicAuth.ticket);
});
});
describe('Logout Api', () => {
let processAuth: ProcessAuth;
beforeEach((done) => {
authBpmMock.get200Response();
processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
processAuth.login('admin', 'admin').then(() => {
done();
});
});
it('Ticket should be absent in the client and the resolve promise should be called', (done) => {
authBpmMock.get200ResponseLogout();
processAuth.logout().then(() => {
assert.equal(processAuth.getTicket(), null);
done();
});
});
});
describe('CSRF Token', () => {
let originalMethod: any;
let setCsrfTokenCalled = false;
beforeEach(() => {
originalMethod = SuperagentHttpClient.prototype.setCsrfToken;
setCsrfTokenCalled = false;
SuperagentHttpClient.prototype.setCsrfToken = () => {
setCsrfTokenCalled = true;
};
});
afterEach(() => {
SuperagentHttpClient.prototype.setCsrfToken = originalMethod;
setCsrfTokenCalled = false;
});
it('should be enabled by default', (done) => {
authBpmMock.get200Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app'
});
processAuth.login('admin', 'admin').then(() => {
assert.equal(setCsrfTokenCalled, true);
done();
});
});
it('should be disabled if disableCsrf is true', (done) => {
authBpmMock.get200Response();
const processAuth = new ProcessAuth({
hostBpm,
contextRootBpm: 'activiti-app',
disableCsrf: true
});
processAuth.login('admin', 'admin').then(() => {
assert.equal(setCsrfTokenCalled, false);
done();
});
});
});
});
});
Reference in New Issue View Git Blame Copy Permalink