mirror of
https://github.com/verdaccio/verdaccio.git
synced 2025-01-06 22:40:26 -05:00
a68d247a44
* feat: add support for jwt on api * test: add unit test for sign token with jwt add multiple scenarios with configuration file * chore: add JWT verification on middleware * chore: restore headless * chore: restore middleware header validation * refactor: fix login whether user exists * refactor: JWT is signed asynchronously * refactor: better structure and new naming convention * test: add unit test for token signature * test: add unit test for creating user with JWT enabled #168 * docs: add security section jwt * refactor: renable web auth middleware * test(auth): add legacy disabled scenario * chore: update gitignore * chore: add some es6 sugar * feat: enable JWT token signature for new installations * chore: add yaml files to git I forgot add this before 😷 * chore: trace log on auth in case we want more output
121 lines
3.5 KiB
JavaScript
121 lines
3.5 KiB
JavaScript
// @flow
|
|
|
|
import Auth from '../../../src/lib/auth';
|
|
// $FlowFixMe
|
|
import configExample from '../partials/config/index';
|
|
// $FlowFixMe
|
|
import configPlugins from '../partials/config/plugin';
|
|
import AppConfig from '../../../src/lib/config';
|
|
import {setup} from '../../../src/lib/logger';
|
|
|
|
import type {IAuth} from '../../../types/index';
|
|
import type {Config} from '@verdaccio/types';
|
|
|
|
const authConfig = Object.assign({}, configExample);
|
|
// avoid noisy log output
|
|
authConfig.logs = [{type: 'stdout', format: 'pretty', level: 'error'}];
|
|
|
|
setup(configExample.logs);
|
|
|
|
describe('AuthTest', () => {
|
|
|
|
test('should be defined', () => {
|
|
const config: Config = new AppConfig(authConfig);
|
|
const auth: IAuth = new Auth(config);
|
|
|
|
expect(auth).toBeDefined();
|
|
});
|
|
|
|
describe('test authenticate method', () => {
|
|
test('should utilize plugin', () => {
|
|
const config: Config = new AppConfig(configPlugins);
|
|
const auth: IAuth = new Auth(config);
|
|
|
|
expect(auth).toBeDefined();
|
|
|
|
const callback = jest.fn();
|
|
const result = [ "test" ];
|
|
|
|
// $FlowFixMe
|
|
auth.authenticate(1, null, callback);
|
|
// $FlowFixMe
|
|
auth.authenticate(null, result, callback);
|
|
|
|
expect(callback.mock.calls).toHaveLength(2);
|
|
expect(callback.mock.calls[0][0]).toBe(1);
|
|
expect(callback.mock.calls[0][1]).toBeUndefined();
|
|
expect(callback.mock.calls[1][0]).toBeNull();
|
|
expect(callback.mock.calls[1][1].real_groups).toBe(result);
|
|
});
|
|
|
|
test('should skip falsy values', () => {
|
|
const config: Config = new AppConfig(configPlugins);
|
|
const auth: IAuth = new Auth(config);
|
|
|
|
expect(auth).toBeDefined();
|
|
|
|
const callback = jest.fn();
|
|
let index = 0;
|
|
|
|
// as defined by https://developer.mozilla.org/en-US/docs/Glossary/Falsy
|
|
for (const value of [ false, 0, "", null, undefined, NaN ]) {
|
|
// $FlowFixMe
|
|
auth.authenticate(null, value, callback);
|
|
const call = callback.mock.calls[index++];
|
|
expect(call[0]).toBeDefined();
|
|
expect(call[1]).toBeUndefined();
|
|
}
|
|
});
|
|
|
|
test('should error truthy non-array', () => {
|
|
const config: Config = new AppConfig(configPlugins);
|
|
const auth: IAuth = new Auth(config);
|
|
|
|
expect(auth).toBeDefined();
|
|
|
|
const callback = jest.fn();
|
|
|
|
for (const value of [ true, 1, "test", { } ]) {
|
|
expect(function ( ) {
|
|
// $FlowFixMe
|
|
auth.authenticate(null, value, callback);
|
|
}).toThrow(TypeError);
|
|
expect(callback.mock.calls).toHaveLength(0);
|
|
}
|
|
});
|
|
|
|
test('should skip empty array', () => {
|
|
const config: Config = new AppConfig(configPlugins);
|
|
const auth: IAuth = new Auth(config);
|
|
|
|
expect(auth).toBeDefined();
|
|
|
|
const callback = jest.fn();
|
|
const value = [ ];
|
|
|
|
// $FlowFixMe
|
|
auth.authenticate(null, value, callback);
|
|
expect(callback.mock.calls).toHaveLength(1);
|
|
expect(callback.mock.calls[0][0]).toBeDefined();
|
|
expect(callback.mock.calls[0][1]).toBeUndefined();
|
|
});
|
|
|
|
test('should accept valid array', () => {
|
|
const config: Config = new AppConfig(configPlugins);
|
|
const auth: IAuth = new Auth(config);
|
|
|
|
expect(auth).toBeDefined();
|
|
|
|
const callback = jest.fn();
|
|
let index = 0;
|
|
|
|
for (const value of [ [ "" ], [ "1" ], [ "0" ], ["000"] ]) {
|
|
// $FlowFixMe
|
|
auth.authenticate(null, value, callback);
|
|
const call = callback.mock.calls[index++];
|
|
expect(call[0]).toBeNull();
|
|
expect(call[1].real_groups).toBe(value);
|
|
}
|
|
});
|
|
})
|
|
});
|