1 | 'use strict'
|
2 |
|
3 |
|
4 |
|
5 | const expect = require('chai').expect
|
6 | const ActiveDirectory = require('../index')
|
7 | const config = require('./config')
|
8 |
|
9 | let server = require('./mockServer')
|
10 |
|
11 | describe('Authentication', function () {
|
12 | let ad
|
13 | const settings = require('./settings').authenticate
|
14 | const LDAP_INVALID_CREDENTIALS = 49
|
15 |
|
16 | before(function (done) {
|
17 | server(function (s) {
|
18 | ad = new ActiveDirectory(config)
|
19 | server = s
|
20 | done()
|
21 | })
|
22 | })
|
23 |
|
24 | describe('#authenticate()', function () {
|
25 | it('should return true if the username (distinguishedName) and password are correct', function (done) {
|
26 | ad.authenticate(settings.username.dn, settings.password, function (err, auth) {
|
27 | expect(err).to.be.null
|
28 | expect(auth).to.be.true
|
29 | done()
|
30 | })
|
31 | })
|
32 |
|
33 | it('should return true if the username (userPrincipalName) and password are correct', function (done) {
|
34 | ad.authenticate(settings.username.userPrincipalName, settings.password, function (err, auth) {
|
35 | expect(err).to.be.null
|
36 | expect(auth).to.be.true
|
37 | done()
|
38 | })
|
39 | })
|
40 |
|
41 | it('should return true if the username (DOMAIN\\username) and password are correct', function (done) {
|
42 | ad.authenticate(settings.username.domainUsername, settings.password, function (err, auth) {
|
43 | expect(err).to.be.null
|
44 | expect(auth).to.be.true
|
45 | done()
|
46 | })
|
47 | })
|
48 |
|
49 | it('should return empty or null err if the username and password are correct', function (done) {
|
50 | ad.authenticate(settings.username.domainUsername, settings.password, function (err, auth) {
|
51 | expect(err).to.be.null
|
52 | expect(auth).to.be.true
|
53 | done()
|
54 | })
|
55 | })
|
56 |
|
57 | it('should return false if username is null', function (done) {
|
58 | ad.authenticate(null, settings.password, function (err, auth) {
|
59 | expect(err).to.be.an('object')
|
60 | expect(err.code).to.exist
|
61 | expect(err.code).to.equal(LDAP_INVALID_CREDENTIALS)
|
62 | expect(auth).to.be.false
|
63 | done()
|
64 | })
|
65 | })
|
66 |
|
67 | it('should return false if username is an empty string.', function (done) {
|
68 | ad.authenticate('', settings.password, function (err, auth) {
|
69 | expect(err).to.be.an('object')
|
70 | expect(err.code).to.exist
|
71 | expect(err.code).to.equal(LDAP_INVALID_CREDENTIALS)
|
72 | expect(auth).to.be.false
|
73 | done()
|
74 | })
|
75 | })
|
76 |
|
77 | it('should return err with LDAP_INVALID_CREDENTIALS if username and password are incorrect', function (done) {
|
78 | ad.authenticate('CN=invalid,DC=domain,DC=com', '!!!INVALID PASSWORD!!!', function (err, auth) {
|
79 | expect(err).to.be.an('object')
|
80 | expect(err.code).to.exist
|
81 | expect(err.code).to.equal(LDAP_INVALID_CREDENTIALS)
|
82 | expect(auth).to.be.false
|
83 | done()
|
84 | })
|
85 | })
|
86 | })
|
87 | })
|