-/* eslint-env mocha */
-/* eslint-disable sonarjs/no-duplicate-string */
-/* eslint-disable jsdoc/require-jsdoc */
'use strict';
-const assert = require('assert');
+const assert = require('node:assert');
const sinon = require('sinon');
const Authenticator = require('../../lib/authenticator');
const stubLogger = require('../stub-logger');
authenticator = new Authenticator(stubLogger, stubDb, options);
});
+ it('covers invalid sameSite', function () {
+ options.authenticator.sessionCookieSameSite = 'Sometimes';
+ assert.throws(() => new Authenticator(stubLogger, stubDb, options), RangeError);
+ });
+
describe('createIdentifier', function () {
let dbCtx;
beforeEach(function () {
}); // _validateAuthDataCredential
describe('isValidBasic', function () {
+ const b64 = (x) => Buffer.from(x).toString('base64');
it('succeeds', async function () {
_authMechanismRequired(authenticator, 'argon2');
authenticator.db.authenticationGet.resolves({
identifier,
credential,
});
- const authString = `${identifier}:${password}`;
+ const authString = b64(`${identifier}:${password}`);
const result = await authenticator.isValidBasic(authString, ctx);
assert.strictEqual(result, true);
assert.strictEqual(ctx.authenticationId, identifier);
identifier,
credential,
});
- const authString = `${identifier}:wrongPassword}`;
+ const authString = b64(`${identifier}:wrongPassword}`);
const result = await authenticator.isValidBasic(authString, ctx);
assert.strictEqual(result, false);
assert.strictEqual(ctx.authenticationId, undefined);
});
it('covers no entry', async function() {
authenticator.db.authenticationGet.resolves();
- const authString = `${identifier}:wrongPassword}`;
+ const authString = b64(`${identifier}:wrongPassword}`);
const result = await authenticator.isValidBasic(authString, ctx);
assert.strictEqual(result, false);
assert.strictEqual(ctx.authenticationId, undefined);
identifier,
credential: '$other$kind_of_credential',
});
- const authString = `${identifier}:wrongPassword}`;
+ const authString = b64(`${identifier}:wrongPassword}`);
const result = await authenticator.isValidBasic(authString, ctx);
assert.strictEqual(result, false);
assert.strictEqual(ctx.authenticationId, undefined);
it('covers missing basic auth, ignores session', async function () {
req.getHeader.returns();
sinon.stub(authenticator, 'isValidAuthorization').resolves(true);
- assert.rejects(authenticator.apiRequiredLocal(req, res, ctx, false), {
+ assert.rejects(() => authenticator.apiRequiredLocal(req, res, ctx, false), {
name: 'ResponseError',
statusCode: 401,
});
assert(!authenticator.isValidAuthorization.called);
assert(res.setHeader.called);
});
+ it('covers errors', async function () {
+ sinon.stub(authenticator, 'isValidAuthorization').rejects();
+ req.getHeader.returns('Basic Zm9vOmJhcg==');
+ assert.rejects(() => authenticator.apiRequiredLocal(req, res, ctx));
+ });
}); // apiRequiredLocal
}); // Authenticator