X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;ds=sidebyside;f=test%2Flib%2Fauthenticator.js;h=9fa220097d09b0112fc1649defb7e67efe0c3fca;hb=5028bec16711c1306859abcdb005051e79fb3768;hp=067d0cae7a889a1eded72506527e29f08d1bc161;hpb=c13db4d55a8cf25c109dfcbb88a2d7828b791147;p=squeep-authentication-module diff --git a/test/lib/authenticator.js b/test/lib/authenticator.js index 067d0ca..9fa2200 100644 --- a/test/lib/authenticator.js +++ b/test/lib/authenticator.js @@ -18,7 +18,7 @@ describe('Authenticator', function () { if (!a.authn[m]) { // eslint-disable-line security/detect-object-injection this.skip(); } - }; + } beforeEach(function () { options = Config('test'); @@ -117,6 +117,12 @@ describe('Authenticator', function () { assert.strictEqual(result, false); assert.strictEqual(ctx.authenticationId, undefined); }); + it('covers non-string credential', async function () { + credential = '$argon2id$v=19$m=4096,t=3,p=1$SbAlHo5x2HM0PvMAWYHqww$gNn/o+B6+IWsnrVupPkTAiiK9tvwV+eM/HoXG41bnzM'; + const result = await authenticator.isValidIdentifierCredential(identifier, undefined, ctx); + assert.strictEqual(result, false); + assert.strictEqual(ctx.authenticationId, undefined); + }); it('covers unknown password hash', async function () { authenticator.db.authenticationGet.resolves({ identifier, @@ -299,6 +305,16 @@ describe('Authenticator', function () { const result = await authenticator.sessionCheck(req, res, ctx, loginPath, required, profilesAllowed); assert.strictEqual(result, true); }); + it('covers valid insecure cookie session', async function () { + authenticator.secureAuthOnly = false; + req.getHeader.returns(cookie); + sinon.stub(authenticator, 'isValidCookieAuth').resolves(true); + ctx.session = { + authenticatedIdentifier: 'user', + }; + const result = await authenticator.sessionCheck(req, res, ctx, loginPath, required, profilesAllowed); + assert.strictEqual(result, true); + }); it('rejects insecure connection', async function () { ctx.clientProtocol = 'http'; try {