UNPKG

passport-ldapauth/test/strategy-test.js

Version:

4.93 kBJavaScriptView Raw

1var should       = require('chai').Should(),
  LdapStrategy = require('passport-ldapauth').Strategy,
  request      = require('supertest'),
  ldapserver   = require('./ldapserver'),
  appserver    = require('./appserver');
6
7var LDAP_PORT = 1389;
8
9var expressapp = null;
10
11// Base options that are cloned where needed to edit
12var BASE_OPTS = {
server: {
  url: 'ldap://localhost:' +  LDAP_PORT.toString(),
  adminDn: 'cn=root',
  adminPassword: 'secret',
  searchBase: 'ou=passport-ldapauth',
  searchFilter: '(uid={{username}})'
}
20},
21BASE_TEST_OPTS = {
no_callback: false
23};
24
25var start_servers = function(opts, test_opts) {
return function(cb) {
  ldapserver.start(LDAP_PORT, function() {
    appserver.start(opts, test_opts, function(app) {
      expressapp = app;
      cb();
    });
  });
}
34}
35
36var stop_servers = function(cb) {
appserver.close(function() {
  ldapserver.close(function() {
    cb();
  });
});
42};
43
44describe("LDAP authentication strategy", function() {
45
describe("by itself", function() {
47
  it("should throw an error if no arguments are provided", function(cb) {
    (function() {
      new LdapStrategy();
    }).should.throw(Error);
    cb();
  });
54
  it("should throw an error if options are not provided", function(cb) {
    (function() {
      new LdapStrategy(function() {});
    }).should.throw(Error);
    cb();
  });
61
  it("should throw an error if options are not accepted by ldapauth", function(cb) {
    var s = new LdapStrategy({}, function() {});
    (function() {
      s.authenticate({body: {username: 'valid', password: 'valid'}});
    }).should.throw(Error);
    cb();
  });
69
  it("should initialize without a verify callback", function(cb) {
    (function() {
      new LdapStrategy({server: {}})
    }).should.not.throw(Error);
    cb();
  });
76
});
78
describe("with basic settings", function() {
80
  before(start_servers(BASE_OPTS, BASE_TEST_OPTS));
82
  after(stop_servers);
84
  it("should return unauthorized if credentials are not given", function(cb) {
    request(expressapp)
      .post('/login')
      .send({})
      .expect(401)
      .end(cb);
  });
92
  it("should allow access with valid credentials", function(cb) {
    request(expressapp)
      .post('/login')
      .send({username: 'valid', password: 'valid'})
      .expect(200)
      .end(cb);
  });
100
  it("should allow access with valid credentials in query string", function(cb) {
    request(expressapp)
      .post('/login?username=valid&password=valid')
      .expect(200)
      .end(cb);
  });
107
  it("should return unauthorized with invalid credentials", function(cb) {
    request(expressapp)
      .post('/login')
      .send({username: 'valid', password: 'invvalid'})
      .expect(401)
      .end(cb);
  });
115
  it("should return unauthorized with non-existing user", function(cb) {
    request(expressapp)
      .post('/login')
      .send({username: 'nonexisting', password: 'invvalid'})
      .expect(401)
      .end(cb);
  });
});
124
describe("without a verify callback", function() {
  before(start_servers(BASE_OPTS, {no_callback: true}));
127
  after(stop_servers);
129
  it("should still authenticate", function(cb) {
    request(expressapp)
      .post('/login')
      .send({username: 'valid', password: 'valid'})
      .expect(200)
      .end(cb);
  });
137
  it("should reject invalid event", function(cb) {
    request(expressapp)
      .post('/login')
      .send({username: 'valid', password: 'invalid'})
      .expect(401)
      .end(cb);
  });
});
146
describe("with optional options", function() {
148
  afterEach(stop_servers);
150
  it("should read given fields instead of defaults", function(cb) {
    var OPTS = JSON.parse(JSON.stringify(BASE_OPTS));
    OPTS.usernameField = 'ldapuname';
    OPTS.passwordField = 'ldappwd';
155
    start_servers(OPTS, BASE_TEST_OPTS)(function() {
      request(expressapp)
        .post('/login')
        .send({ldapuname: 'valid', ldappwd: 'valid'})
        .expect(200)
        .end(cb);
    });
  });
164
  it("should pass request to verify callback if defined so", function(cb) {
    var OPTS = JSON.parse(JSON.stringify(BASE_OPTS));
    OPTS.passReqToCallback = true;
168
    start_servers(OPTS, BASE_TEST_OPTS)(function() {
      var req = {body: {username: 'valid', password: 'valid', testkey: 1}},
          s   = new LdapStrategy(OPTS, function(req, user, done) {
            req.should.have.keys('body');
            req.body.should.have.keys(['username', 'password', 'testkey']);
            done(null, user);
          });
176
      s.success = function(user) {
        should.exist(user);
        user.uid.should.equal('valid');
        cb();
      };
182
      s.authenticate(req);
    });
  });
});
187});

1	`var should = require('chai').Should(),`
2	`LdapStrategy = require('passport-ldapauth').Strategy,`
3	`request = require('supertest'),`
4	`ldapserver = require('./ldapserver'),`
5	`appserver = require('./appserver');`
6
7	`var LDAP_PORT = 1389;`
8
9	`var expressapp = null;`
10
11	`// Base options that are cloned where needed to edit`
12	`var BASE_OPTS = {`
13	`server: {`
14	`url: 'ldap://localhost:' + LDAP_PORT.toString(),`
15	`adminDn: 'cn=root',`
16	`adminPassword: 'secret',`
17	`searchBase: 'ou=passport-ldapauth',`
18	`searchFilter: '(uid={{username}})'`
19	`}`
20	`},`
21	`BASE_TEST_OPTS = {`
22	`no_callback: false`
23	`};`
24
25	`var start_servers = function(opts, test_opts) {`
26	`return function(cb) {`
27	`ldapserver.start(LDAP_PORT, function() {`
28	`appserver.start(opts, test_opts, function(app) {`
29	`expressapp = app;`
30	`cb();`
31	`});`
32	`});`
33	`}`
34	`}`
35
36	`var stop_servers = function(cb) {`
37	`appserver.close(function() {`
38	`ldapserver.close(function() {`
39	`cb();`
40	`});`
41	`});`
42	`};`
43
44	`describe("LDAP authentication strategy", function() {`
45
46	`describe("by itself", function() {`
47
48	`it("should throw an error if no arguments are provided", function(cb) {`
49	`(function() {`
50	`new LdapStrategy();`
51	`}).should.throw(Error);`
52	`cb();`
53	`});`
54
55	`it("should throw an error if options are not provided", function(cb) {`
56	`(function() {`
57	`new LdapStrategy(function() {});`
58	`}).should.throw(Error);`
59	`cb();`
60	`});`
61
62	`it("should throw an error if options are not accepted by ldapauth", function(cb) {`
63	`var s = new LdapStrategy({}, function() {});`
64	`(function() {`
65	`s.authenticate({body: {username: 'valid', password: 'valid'}});`
66	`}).should.throw(Error);`
67	`cb();`
68	`});`
69
70	`it("should initialize without a verify callback", function(cb) {`
71	`(function() {`
72	`new LdapStrategy({server: {}})`
73	`}).should.not.throw(Error);`
74	`cb();`
75	`});`
76
77	`});`
78
79	`describe("with basic settings", function() {`
80
81	`before(start_servers(BASE_OPTS, BASE_TEST_OPTS));`
82
83	`after(stop_servers);`
84
85	`it("should return unauthorized if credentials are not given", function(cb) {`
86	`request(expressapp)`
87	`.post('/login')`
88	`.send({})`
89	`.expect(401)`
90	`.end(cb);`
91	`});`
92
93	`it("should allow access with valid credentials", function(cb) {`
94	`request(expressapp)`
95	`.post('/login')`
96	`.send({username: 'valid', password: 'valid'})`
97	`.expect(200)`
98	`.end(cb);`
99	`});`
100
101	`it("should allow access with valid credentials in query string", function(cb) {`
102	`request(expressapp)`
103	`.post('/login?username=valid&password=valid')`
104	`.expect(200)`
105	`.end(cb);`
106	`});`
107
108	`it("should return unauthorized with invalid credentials", function(cb) {`
109	`request(expressapp)`
110	`.post('/login')`
111	`.send({username: 'valid', password: 'invvalid'})`
112	`.expect(401)`
113	`.end(cb);`
114	`});`
115
116	`it("should return unauthorized with non-existing user", function(cb) {`
117	`request(expressapp)`
118	`.post('/login')`
119	`.send({username: 'nonexisting', password: 'invvalid'})`
120	`.expect(401)`
121	`.end(cb);`
122	`});`
123	`});`
124
125	`describe("without a verify callback", function() {`
126	`before(start_servers(BASE_OPTS, {no_callback: true}));`
127
128	`after(stop_servers);`
129
130	`it("should still authenticate", function(cb) {`
131	`request(expressapp)`
132	`.post('/login')`
133	`.send({username: 'valid', password: 'valid'})`
134	`.expect(200)`
135	`.end(cb);`
136	`});`
137
138	`it("should reject invalid event", function(cb) {`
139	`request(expressapp)`
140	`.post('/login')`
141	`.send({username: 'valid', password: 'invalid'})`
142	`.expect(401)`
143	`.end(cb);`
144	`});`
145	`});`
146
147	`describe("with optional options", function() {`
148
149	`afterEach(stop_servers);`
150
151	`it("should read given fields instead of defaults", function(cb) {`
152	`var OPTS = JSON.parse(JSON.stringify(BASE_OPTS));`
153	`OPTS.usernameField = 'ldapuname';`
154	`OPTS.passwordField = 'ldappwd';`
155
156	`start_servers(OPTS, BASE_TEST_OPTS)(function() {`
157	`request(expressapp)`
158	`.post('/login')`
159	`.send({ldapuname: 'valid', ldappwd: 'valid'})`
160	`.expect(200)`
161	`.end(cb);`
162	`});`
163	`});`
164
165	`it("should pass request to verify callback if defined so", function(cb) {`
166	`var OPTS = JSON.parse(JSON.stringify(BASE_OPTS));`
167	`OPTS.passReqToCallback = true;`
168
169	`start_servers(OPTS, BASE_TEST_OPTS)(function() {`
170	`var req = {body: {username: 'valid', password: 'valid', testkey: 1}},`
171	`s = new LdapStrategy(OPTS, function(req, user, done) {`
172	`req.should.have.keys('body');`
173	`req.body.should.have.keys(['username', 'password', 'testkey']);`
174	`done(null, user);`
175	`});`
176
177	`s.success = function(user) {`
178	`should.exist(user);`
179	`user.uid.should.equal('valid');`
180	`cb();`
181	`};`
182
183	`s.authenticate(req);`
184	`});`
185	`});`
186	`});`
187	`});`