4 const assert
= require('assert');
5 const sinon
= require('sinon');
6 const Authenticator
= require('../../src/authenticator');
7 const stubLogger
= require('../stub-logger');
8 const stubDb
= require('../stub-db');
9 const Errors
= require('../../src/errors');
10 const Enum
= require('../../src/enum');
12 const noExpectedException
= 'did not receive expected exception';
14 describe('Authenticator', function () {
15 let authenticator
, credential
, ctx
, identifier
, password
, options
;
16 beforeEach(function () {
23 authenticator
= new Authenticator(stubLogger
, stubDb
, options
);
24 identifier
= 'username';
25 credential
= '$argon2id$v=19$m=4096,t=3,p=1$1a6zRlX4BI4$sZGcQ72BTpDOlxUI/j3DmE1PMcu+Cs5liZ/D6kk79Ew';
27 password
= 'badPassword';
29 afterEach(function () {
33 describe('isValidBasic', function () {
34 it('succeeds', async
function () {
35 sinon
.stub(authenticator
.db
, 'authenticationGet').resolves({
39 const authString
= `${identifier}:${password}`;
40 const result
= await authenticator
.isValidBasic(authString
, ctx
);
41 assert
.strictEqual(result
, true);
42 assert
.strictEqual(ctx
.authenticationId
, identifier
);
44 it('fails', async
function () {
45 sinon
.stub(authenticator
.db
, 'authenticationGet').resolves({
49 const authString
= `${identifier}:wrongPassword}`;
50 const result
= await authenticator
.isValidBasic(authString
, ctx
);
51 assert
.strictEqual(result
, false);
52 assert
.strictEqual(ctx
.authenticationId
, undefined);
54 it('covers no entry', async
function() {
55 sinon
.stub(authenticator
.db
, 'authenticationGet').resolves();
56 const authString
= `${identifier}:wrongPassword}`;
57 const result
= await authenticator
.isValidBasic(authString
, ctx
);
58 assert
.strictEqual(result
, false);
59 assert
.strictEqual(ctx
.authenticationId
, undefined);
61 it('covers unknown password hash', async
function () {
62 sinon
.stub(authenticator
.db
, 'authenticationGet').resolves({
64 credential: '$other$kind_of_credential',
66 const authString
= `${identifier}:wrongPassword}`;
67 const result
= await authenticator
.isValidBasic(authString
, ctx
);
68 assert
.strictEqual(result
, false);
69 assert
.strictEqual(ctx
.authenticationId
, undefined);
73 describe('isValidAuthorization', function () {
74 it('handles basic', async
function () {
75 const expected
= true;
76 const authorizationHeader
= 'basic Zm9vOmJhcg==';
77 sinon
.stub(authenticator
, 'isValidBasic').resolves(expected
);
78 const result
= await authenticator
.isValidAuthorization(authorizationHeader
, ctx
);
79 assert
.strictEqual(result
, expected
);
81 it('handles other', async
function () {
82 const expected
= false;
83 const authorizationHeader
= 'bearer Zm9vOmJhcg==';
84 const result
= await authenticator
.isValidAuthorization(authorizationHeader
, ctx
);
85 assert
.strictEqual(result
, expected
);
87 }); // isValidAuthorization
89 describe('requestBasic', function () {
90 it('covers', function () {
95 authenticator
.requestBasic(res
);
96 assert
.fail(noExpectedException
);
98 assert(e
instanceof Errors
.ResponseError
);
99 assert
.strictEqual(e
.statusCode
, Enum
.ErrorResponse
.Unauthorized
.statusCode
);
104 describe('required', function () {
106 beforeEach(function () {
107 ctx
.clientProtocol
= 'https';
109 getHeader: sinon
.stub(),
112 setHeader: sinon
.stub(),
115 it('succeeds', async
function() {
116 req
.getHeader
.returns('auth header');
117 sinon
.stub(authenticator
, 'isValidAuthorization').resolves(true);
118 const result
= await authenticator
.required(req
, res
, ctx
);
119 assert
.strictEqual(result
, true);
121 it('rejects insecure connection', async
function () {
122 ctx
.clientProtocol
= 'http';
124 await authenticator
.required(req
, res
, ctx
);
125 assert
.fail(noExpectedException
);
127 assert(e
instanceof Errors
.ResponseError
);
128 assert
.strictEqual(e
.statusCode
, Enum
.ErrorResponse
.Forbidden
.statusCode
);
131 it('rejects invalid auth', async
function () {
133 req
.getHeader
.returns('auth header');
134 sinon
.stub(authenticator
, 'isValidAuthorization').resolves(false);
135 await authenticator
.required(req
, res
, ctx
);
136 assert
.fail(noExpectedException
);
138 assert(e
instanceof Errors
.ResponseError
);
139 assert
.strictEqual(e
.statusCode
, Enum
.ErrorResponse
.Unauthorized
.statusCode
);