2016-11-05 15:41:41 +05:30
|
|
|
import expect from 'unexpected';
|
2016-12-13 01:37:49 +05:30
|
|
|
import sinon from 'sinon';
|
2016-11-05 15:41:41 +05:30
|
|
|
|
2016-11-15 11:25:15 +05:30
|
|
|
import request from 'services/request';
|
2019-01-28 00:42:58 +05:30
|
|
|
import * as authentication from 'services/api/authentication';
|
|
|
|
|
import * as accounts from 'services/api/accounts';
|
2016-11-05 15:41:41 +05:30
|
|
|
|
|
|
|
|
describe('authentication api', () => {
|
2016-12-25 23:39:47 +05:30
|
|
|
describe('#login', () => {
|
|
|
|
|
const params = {
|
|
|
|
|
login: 'foo',
|
|
|
|
|
password: 'secret',
|
|
|
|
|
rememberMe: false
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
beforeEach(() => {
|
|
|
|
|
sinon.stub(request, 'post').named('request.post');
|
2017-08-23 00:09:08 +05:30
|
|
|
|
|
|
|
|
request.post.returns(Promise.resolve());
|
2016-12-25 23:39:47 +05:30
|
|
|
});
|
|
|
|
|
|
|
|
|
|
afterEach(() => {
|
|
|
|
|
request.post.restore();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should post to login api', () => {
|
|
|
|
|
authentication.login(params);
|
|
|
|
|
|
|
|
|
|
expect(request.post, 'to have a call satisfying', [
|
|
|
|
|
'/api/authentication/login', params, {}
|
|
|
|
|
]);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should disable any token', () => {
|
|
|
|
|
authentication.login(params);
|
|
|
|
|
|
|
|
|
|
expect(request.post, 'to have a call satisfying', [
|
|
|
|
|
'/api/authentication/login', params, {token: null}
|
|
|
|
|
]);
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
2016-11-05 15:41:41 +05:30
|
|
|
describe('#validateToken()', () => {
|
2019-01-28 00:42:58 +05:30
|
|
|
const validToken = 'foo';
|
|
|
|
|
const validRefreshToken = 'bar';
|
|
|
|
|
const user = { id: 1 };
|
|
|
|
|
const validateTokenArgs = [user.id, validToken, validRefreshToken];
|
2016-11-05 15:41:41 +05:30
|
|
|
|
|
|
|
|
beforeEach(() => {
|
2019-01-28 00:42:58 +05:30
|
|
|
sinon.stub(accounts, 'getInfo');
|
|
|
|
|
accounts.getInfo.returns(Promise.resolve(user));
|
2016-11-05 15:41:41 +05:30
|
|
|
});
|
|
|
|
|
|
|
|
|
|
afterEach(() => {
|
2019-01-28 00:42:58 +05:30
|
|
|
accounts.getInfo.restore();
|
2016-11-05 15:41:41 +05:30
|
|
|
});
|
|
|
|
|
|
2019-01-28 00:42:58 +05:30
|
|
|
it('should request accounts.getInfo', () =>
|
|
|
|
|
expect(authentication.validateToken(...validateTokenArgs), 'to be fulfilled')
|
2016-11-05 15:41:41 +05:30
|
|
|
.then(() => {
|
2019-01-28 00:42:58 +05:30
|
|
|
expect(accounts.getInfo, 'to have a call satisfying', [
|
|
|
|
|
user.id,
|
|
|
|
|
validToken,
|
2016-11-05 15:41:41 +05:30
|
|
|
]);
|
|
|
|
|
})
|
|
|
|
|
);
|
|
|
|
|
|
2017-01-06 11:34:14 +05:30
|
|
|
it('should resolve with both tokens and user object', () =>
|
2019-01-28 00:42:58 +05:30
|
|
|
expect(authentication.validateToken(...validateTokenArgs), 'to be fulfilled with', {
|
|
|
|
|
token: validToken,
|
|
|
|
|
refreshToken: validRefreshToken,
|
|
|
|
|
user,
|
2017-01-06 11:34:14 +05:30
|
|
|
})
|
2016-11-05 15:41:41 +05:30
|
|
|
);
|
|
|
|
|
|
|
|
|
|
it('rejects if token has a bad type', () =>
|
2019-01-28 00:42:58 +05:30
|
|
|
expect(authentication.validateToken(user.id, {}),
|
2016-11-05 15:41:41 +05:30
|
|
|
'to be rejected with', 'token must be a string'
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
|
2016-11-19 21:20:30 +05:30
|
|
|
it('should allow empty refreshToken', () =>
|
2019-01-28 00:42:58 +05:30
|
|
|
expect(authentication.validateToken(user.id, 'foo', null), 'to be fulfilled')
|
2016-11-05 15:41:41 +05:30
|
|
|
);
|
|
|
|
|
|
2019-01-28 00:42:58 +05:30
|
|
|
it('rejects if accounts.getInfo request is unexpectedly failed', () => {
|
2016-11-05 15:41:41 +05:30
|
|
|
const error = 'Something wrong';
|
2019-01-28 00:42:58 +05:30
|
|
|
accounts.getInfo.returns(Promise.reject(error));
|
2016-11-05 15:41:41 +05:30
|
|
|
|
2019-01-28 00:42:58 +05:30
|
|
|
return expect(authentication.validateToken(...validateTokenArgs),
|
2016-11-05 15:41:41 +05:30
|
|
|
'to be rejected with', error
|
|
|
|
|
);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('when token is expired', () => {
|
|
|
|
|
const expiredResponse = {
|
|
|
|
|
name: 'Unauthorized',
|
|
|
|
|
message: 'Token expired',
|
|
|
|
|
code: 0,
|
|
|
|
|
status: 401,
|
2019-01-28 00:42:58 +05:30
|
|
|
type: 'yii\\web\\UnauthorizedHttpException',
|
2016-11-05 15:41:41 +05:30
|
|
|
};
|
|
|
|
|
const newToken = 'baz';
|
|
|
|
|
|
|
|
|
|
beforeEach(() => {
|
|
|
|
|
sinon.stub(authentication, 'requestToken');
|
|
|
|
|
|
2019-01-28 00:42:58 +05:30
|
|
|
accounts.getInfo.onCall(0).returns(Promise.reject(expiredResponse));
|
|
|
|
|
authentication.requestToken.returns(Promise.resolve(newToken));
|
2016-11-05 15:41:41 +05:30
|
|
|
});
|
|
|
|
|
|
|
|
|
|
afterEach(() => {
|
2017-12-26 01:33:21 +05:30
|
|
|
authentication.requestToken.restore();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('resolves with new token and user object', () =>
|
2019-01-28 00:42:58 +05:30
|
|
|
expect(authentication.validateToken(...validateTokenArgs),
|
|
|
|
|
'to be fulfilled with', {token: newToken, refreshToken: validRefreshToken, user}
|
2017-12-26 01:33:21 +05:30
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
it('rejects if token request failed', () => {
|
|
|
|
|
const error = 'Something wrong';
|
|
|
|
|
authentication.requestToken.returns(Promise.reject(error));
|
|
|
|
|
|
2019-01-28 00:42:58 +05:30
|
|
|
return expect(authentication.validateToken(...validateTokenArgs),
|
2017-12-26 01:33:21 +05:30
|
|
|
'to be rejected with', error
|
|
|
|
|
);
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('when token is incorrect', () => {
|
|
|
|
|
const expiredResponse = {
|
|
|
|
|
name: 'Unauthorized',
|
|
|
|
|
message: 'Incorrect token',
|
|
|
|
|
code: 0,
|
|
|
|
|
status: 401,
|
2019-01-28 00:42:58 +05:30
|
|
|
type: 'yii\\web\\UnauthorizedHttpException',
|
2017-12-26 01:33:21 +05:30
|
|
|
};
|
|
|
|
|
const newToken = 'baz';
|
|
|
|
|
|
|
|
|
|
beforeEach(() => {
|
|
|
|
|
sinon.stub(authentication, 'requestToken');
|
|
|
|
|
|
2019-01-28 00:42:58 +05:30
|
|
|
accounts.getInfo.onCall(0).returns(Promise.reject(expiredResponse));
|
|
|
|
|
authentication.requestToken.returns(Promise.resolve(newToken));
|
2017-12-26 01:33:21 +05:30
|
|
|
});
|
|
|
|
|
|
|
|
|
|
afterEach(() => {
|
2016-11-05 15:41:41 +05:30
|
|
|
authentication.requestToken.restore();
|
|
|
|
|
});
|
|
|
|
|
|
2017-01-06 11:34:14 +05:30
|
|
|
it('resolves with new token and user object', () =>
|
2019-01-28 00:42:58 +05:30
|
|
|
expect(authentication.validateToken(...validateTokenArgs),
|
|
|
|
|
'to be fulfilled with', {token: newToken, refreshToken: validRefreshToken, user}
|
2016-11-05 15:41:41 +05:30
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
it('rejects if token request failed', () => {
|
|
|
|
|
const error = 'Something wrong';
|
|
|
|
|
authentication.requestToken.returns(Promise.reject(error));
|
|
|
|
|
|
2019-01-28 00:42:58 +05:30
|
|
|
return expect(authentication.validateToken(...validateTokenArgs),
|
2016-11-05 15:41:41 +05:30
|
|
|
'to be rejected with', error
|
|
|
|
|
);
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
});
|
2016-11-15 11:25:15 +05:30
|
|
|
|
|
|
|
|
describe('#logout', () => {
|
|
|
|
|
beforeEach(() => {
|
|
|
|
|
sinon.stub(request, 'post').named('request.post');
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
afterEach(() => {
|
|
|
|
|
request.post.restore();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should request logout api', () => {
|
|
|
|
|
authentication.logout();
|
|
|
|
|
|
|
|
|
|
expect(request.post, 'to have a call satisfying', [
|
|
|
|
|
'/api/authentication/logout', {}, {}
|
|
|
|
|
]);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('returns a promise', () => {
|
|
|
|
|
request.post.returns(Promise.resolve());
|
|
|
|
|
|
|
|
|
|
return expect(authentication.logout(), 'to be fulfilled');
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('overrides token if provided', () => {
|
|
|
|
|
const token = 'foo';
|
|
|
|
|
|
2019-01-28 00:42:58 +05:30
|
|
|
authentication.logout(token);
|
2016-11-15 11:25:15 +05:30
|
|
|
|
|
|
|
|
expect(request.post, 'to have a call satisfying', [
|
|
|
|
|
'/api/authentication/logout', {}, {token}
|
|
|
|
|
]);
|
|
|
|
|
});
|
|
|
|
|
});
|
2016-12-13 01:37:49 +05:30
|
|
|
|
|
|
|
|
describe('#requestToken', () => {
|
|
|
|
|
const refreshToken = 'refresh-token';
|
|
|
|
|
|
|
|
|
|
beforeEach(() => {
|
|
|
|
|
sinon.stub(request, 'post').named('request.post');
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
afterEach(() => {
|
|
|
|
|
request.post.restore();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should request refresh-token api', () => {
|
|
|
|
|
request.post.returns(Promise.resolve({}));
|
|
|
|
|
|
|
|
|
|
authentication.requestToken(refreshToken);
|
|
|
|
|
|
|
|
|
|
expect(request.post, 'to have a call satisfying', [
|
|
|
|
|
'/api/authentication/refresh-token', {
|
|
|
|
|
refresh_token: refreshToken // eslint-disable-line
|
|
|
|
|
}, {}
|
|
|
|
|
]);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should disable bearer auth for request', () => {
|
|
|
|
|
request.post.returns(Promise.resolve({}));
|
|
|
|
|
|
|
|
|
|
authentication.requestToken(refreshToken);
|
|
|
|
|
|
|
|
|
|
expect(request.post, 'to have a call satisfying', [
|
|
|
|
|
'/api/authentication/refresh-token', {
|
|
|
|
|
refresh_token: refreshToken // eslint-disable-line
|
|
|
|
|
}, {token: null}
|
|
|
|
|
]);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should resolve with token', () => {
|
|
|
|
|
const token = 'token';
|
|
|
|
|
|
|
|
|
|
request.post.returns(Promise.resolve({
|
|
|
|
|
access_token: token // eslint-disable-line
|
|
|
|
|
}));
|
|
|
|
|
|
|
|
|
|
return expect(authentication.requestToken(refreshToken),
|
2019-01-28 00:42:58 +05:30
|
|
|
'to be fulfilled with', token,
|
2016-12-13 01:37:49 +05:30
|
|
|
);
|
|
|
|
|
});
|
|
|
|
|
});
|
2016-11-05 15:41:41 +05:30
|
|
|
});
|
