X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=test%2Flib%2Fauthenticator.js;h=6cac48faabc9b73fba373739777ac7fe8daa7751;hb=392502c5cc0cb12cf3c00ecd06c5c69b3e00d7e3;hp=5da64397118439ff57cff5e414a83c8bfb3d6da7;hpb=70645846baf3aa9ecb7f6f49de143a4282128a73;p=squeep-authentication-module

diff --git a/test/lib/authenticator.js b/test/lib/authenticator.js
index 5da6439..6cac48f 100644
--- a/test/lib/authenticator.js
+++ b/test/lib/authenticator.js
@@ -10,8 +10,6 @@ const Errors = require('../../lib/errors');
 const Enum = require('../../lib/enum');
 const Config = require('../stub-config');
 
-const noExpectedException = 'did not receive expected exception';
-
 describe('Authenticator', function () {
   let authenticator, credential, ctx, identifier, password, options;
   function _authMechanismRequired(a, m) {
@@ -35,12 +33,9 @@ describe('Authenticator', function () {
 
   it('covers no auth mechanisms', function () {
     options.authenticator.authnEnabled = [];
-    try {
-      authenticator = new Authenticator(stubLogger, stubDb, options);
-      assert.fail(noExpectedException);
-    } catch (e) {
-      assert.strictEqual(e.message, 'no authentication mechanisms available');
-    }
+    assert.throws(() => new Authenticator(stubLogger, stubDb, options), {
+      message: 'no authentication mechanisms available',
+    });
   });
 
   it('covers empty realm', function () {
@@ -171,12 +166,7 @@ describe('Authenticator', function () {
       _authMechanismRequired(authenticator, 'pam');
       const expected = new Error('blah');
       authenticator.authn.pam.pamAuthenticatePromise.rejects(expected);
-      try {
-        await authenticator._isValidPAMIdentifier(identifier, credential);
-        assert.fail(noExpectedException);
-      } catch (e) {
-        assert.deepStrictEqual(e, expected);
-      }
+      assert.rejects(() => authenticator._isValidPAMIdentifier(identifier, credential), expected);
     });
     it('covers forbidden', async function () {
       identifier = 'root';
@@ -228,16 +218,13 @@ describe('Authenticator', function () {
 
   describe('requestBasic', function () {
     it('covers', function () {
-      try {
-        const res = {
-          setHeader: () => {},
-        };
-        authenticator.requestBasic(res);
-        assert.fail(noExpectedException);
-      } catch (e) {
-        assert(e instanceof Errors.ResponseError);
-        assert.strictEqual(e.statusCode, Enum.ErrorResponse.Unauthorized.statusCode);
-      }
+      const res = {
+        setHeader: () => {},
+      };
+      assert.throws(() => authenticator.requestBasic(res), {
+        name: 'ResponseError',
+        statusCode: Enum.ErrorResponse.Unauthorized.statusCode,
+      });
     });
   }); // requestBasic
 
@@ -305,15 +292,22 @@ describe('Authenticator', function () {
       const result = await authenticator.sessionCheck(req, res, ctx, loginPath, required, profilesAllowed);
       assert.strictEqual(result, true);
     });
+    it('covers valid insecure cookie session', async function () {
+      authenticator.secureAuthOnly = false;
+      req.getHeader.returns(cookie);
+      sinon.stub(authenticator, 'isValidCookieAuth').resolves(true);
+      ctx.session = {
+        authenticatedIdentifier: 'user',
+      };
+      const result = await authenticator.sessionCheck(req, res, ctx, loginPath, required, profilesAllowed);
+      assert.strictEqual(result, true);
+    });
     it('rejects insecure connection', async function () {
       ctx.clientProtocol = 'http';
-      try {
-        await authenticator.sessionCheck(req, res, ctx, loginPath, required, profilesAllowed);
-        assert.fail(noExpectedException);
-      } catch (e) {
-        assert(e instanceof Errors.ResponseError);
-        assert.strictEqual(e.statusCode, Enum.ErrorResponse.Forbidden.statusCode);
-      }
+      assert.rejects(() => authenticator.sessionCheck(req, res, ctx, loginPath, required, profilesAllowed), {
+        name: 'ResponseError',
+        sttausCode: Enum.ErrorResponse.Forbidden.statusCode,
+      });
     });
     it('ignores insecure connection if auth not required', async function () {
       ctx.clientProtocol = 'http';
@@ -437,14 +431,12 @@ describe('Authenticator', function () {
       req.getHeader.returns('Basic Zm9vOmJhcg==');
       sinon.stub(authenticator, 'sessionCheck').resolves(false);
       sinon.stub(authenticator, 'isValidAuthorization').resolves(false);
-      try {
-        await authenticator.apiRequiredLocal(req, res, ctx);
-        assert.fail(noExpectedException);
-      } catch (e) {
-        assert.strictEqual(e.statusCode, 401);
-        assert(!authenticator.sessionCheck.called);
-        assert(authenticator.isValidAuthorization.called);
-      }
+      assert.rejects(() => authenticator.apiRequiredLocal(req, res, ctx), {
+        name: 'ResponseError',
+        statusCode: 401,
+      });
+      assert(!authenticator.sessionCheck.called);
+      assert(authenticator.isValidAuthorization.called);
     });
     it('covers missing basic auth, valid session', async function () {
       req.getHeader.returns();
@@ -458,15 +450,13 @@ describe('Authenticator', function () {
     it('covers missing basic auth, ignores session', async function () {
       req.getHeader.returns();
       sinon.stub(authenticator, 'isValidAuthorization').resolves(true);
-      try {
-        await authenticator.apiRequiredLocal(req, res, ctx, false);
-        assert.fail(noExpectedException);
-      } catch (e) {
-        assert.strictEqual(e.statusCode, 401);
-        assert(!authenticator.sessionCheck.called);
-        assert(!authenticator.isValidAuthorization.called);
-        assert(res.setHeader.called);
-      }
+      assert.rejects(authenticator.apiRequiredLocal(req, res, ctx, false), {
+        name: 'ResponseError',
+        statusCode: 401,
+      });
+      assert(!authenticator.sessionCheck.called);
+      assert(!authenticator.isValidAuthorization.called);
+      assert(res.setHeader.called);
     });
   }); // apiRequiredLocal