should = require "should"
http = require "http"
https = require "https"
fs = require "fs"
request = require "supertest"
config = require "../../lib/config/config"
config.authentication = config.get('authentication')
config.tlsClientLookup = config.get('tlsClientLookup')
Channel = require("../../lib/model/channels").Channel
Client = require("../../lib/model/clients").Client
Transaction = require("../../lib/model/transactions").Transaction
Keystore = require("../../lib/model/keystore").Keystore
testUtils = require "../testUtils"
server = require "../../lib/server"
FormData = require 'form-data'
describe "e2e Integration Tests", ->
describe "Authentication and authorisation tests", ->
describe "Mutual TLS", ->
mockServer = null
before (done) ->
config.authentication.enableMutualTLSAuthentication = true
config.authentication.enableBasicAuthentication = false
#Setup some test data
channel1 = new Channel
name: "TEST DATA - Mock endpoint"
urlPattern: "test/mock"
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 1232
primary: true
]
channel1.save (err) ->
testClientDoc1 =
clientID: "testApp"
clientDomain: "test-client.jembi.org"
name: "TEST Client"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordHash: ""
certFingerprint: "6D:BF:A5:BE:D7:F5:01:C2:EC:D0:BC:74:A4:12:5A:6F:36:C4:77:5C"
testClientDoc2 =
clientID: "testApp2"
clientDomain: "ca.openhim.org"
name: "TEST Client 2"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordHash: ""
certFingerprint: "18:B7:F9:52:FA:37:86:C5:F5:63:DA:8B:FA:E6:6B:4D:FB:A0:27:ED"
client1 = new Client testClientDoc1
client2 = new Client testClientDoc2
Client.remove {}, -> client1.save -> client2.save ->
# remove default keystore
Keystore.remove {}, ->
keystore = new Keystore
key: fs.readFileSync 'test/resources/server-tls/key.pem'
cert:
data: fs.readFileSync 'test/resources/server-tls/cert.pem'
fingerprint: '23:37:6A:5E:A9:13:A4:8C:66:C5:BB:9F:0E:0D:68:9B:99:80:10:FC'
ca: [
data: fs.readFileSync 'test/resources/client-tls/cert.pem'
fingerprint: '6D:BF:A5:BE:D7:F5:01:C2:EC:D0:BC:74:A4:12:5A:6F:36:C4:77:5C'
,
data: fs.readFileSync 'test/resources/trust-tls/chain/intermediate.cert.pem'
fingerprint: '3B:21:0A:F1:D2:ED:4F:9B:9C:02:71:DF:4E:14:1B:3E:32:F5:B9:BB'
,
data: fs.readFileSync 'test/resources/trust-tls/chain/ca.cert.pem'
fingerprint: '18:B7:F9:52:FA:37:86:C5:F5:63:DA:8B:FA:E6:6B:4D:FB:A0:27:ED'
]
keystore.save (err) ->
done err if err
mockServer = testUtils.createMockServer 201, "Mock response body\n", 1232, ->
done()
after (done) ->
Channel.remove { name: "TEST DATA - Mock endpoint" }, ->
Client.remove { clientID: "testApp" }, ->
Client.remove { clientID: "testApp2" }, ->
mockServer.close ->
done()
afterEach (done) ->
server.stop ->
done()
it "should forward a request to the configured routes if the client is authenticated and authorised", (done) ->
server.start httpPort: 5001, httpsPort: 5000, ->
options =
host: "localhost"
path: "/test/mock"
port: 5000
cert: fs.readFileSync "test/resources/client-tls/cert.pem"
key: fs.readFileSync "test/resources/client-tls/key.pem"
ca: [ fs.readFileSync "test/resources/server-tls/cert.pem" ]
req = https.request options, (res) ->
res.statusCode.should.be.exactly 201
done()
req.end()
it "should reject a request when using an invalid cert", (done) ->
server.start httpPort: 5001, httpsPort: 5000, ->
options =
host: "localhost"
path: "/test/mock"
port: 5000
cert: fs.readFileSync "test/resources/client-tls/invalid-cert.pem"
key: fs.readFileSync "test/resources/client-tls/invalid-key.pem"
ca: [ fs.readFileSync "test/resources/server-tls/cert.pem" ]
req = https.request options, (res) ->
res.statusCode.should.be.exactly 401
done()
req.end()
it "should authenticate a client further up the chain if 'in-chain' config is set", (done) ->
config.tlsClientLookup.type = "in-chain"
server.start httpPort: 5001, httpsPort: 5000, ->
options =
host: "localhost"
path: "/test/mock"
port: 5000
cert: fs.readFileSync "test/resources/trust-tls/chain/test.openhim.org.cert.pem"
key: fs.readFileSync "test/resources/trust-tls/chain/test.openhim.org.key.pem"
ca: [ fs.readFileSync "test/resources/server-tls/cert.pem" ]
req = https.request options, (res) ->
res.statusCode.should.be.exactly 201
done()
req.end()
it "should reject a request with an invalid cert if 'in-chain' config is set", (done) ->
config.tlsClientLookup.type = "in-chain"
server.start httpPort: 5001, httpsPort: 5000, ->
options =
host: "localhost"
path: "/test/mock"
port: 5000
cert: fs.readFileSync "test/resources/client-tls/invalid-cert.pem"
key: fs.readFileSync "test/resources/client-tls/invalid-key.pem"
ca: [ fs.readFileSync "test/resources/server-tls/cert.pem" ]
req = https.request options, (res) ->
res.statusCode.should.be.exactly 401
done()
req.end()
it "should NOT authenticate a client further up the chain if 'strict' config is set", (done) ->
config.tlsClientLookup.type = "strict"
server.start httpPort: 5001, httpsPort: 5000, ->
options =
host: "localhost"
path: "/test/mock"
port: 5000
cert: fs.readFileSync "test/resources/trust-tls/chain/test.openhim.org.cert.pem"
key: fs.readFileSync "test/resources/trust-tls/chain/test.openhim.org.key.pem"
ca: [ fs.readFileSync "test/resources/server-tls/cert.pem" ]
req = https.request options, (res) ->
res.statusCode.should.be.exactly 401
done()
req.end()
describe "Basic Authentication", ->
mockServer = null
before (done) ->
config.authentication.enableMutualTLSAuthentication = false
config.authentication.enableBasicAuthentication = true
#Setup some test data
channel1 = new Channel
name: "TEST DATA - Mock endpoint"
urlPattern: "test/mock"
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 1232
primary: true
]
channel1.save (err) ->
testAppDoc =
clientID: "testApp"
clientDomain: "openhim.jembi.org"
name: "TEST Client"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordAlgorithm: "bcrypt"
passwordHash: "$2a$10$w8GyqInkl72LMIQNpMM/fenF6VsVukyya.c6fh/GRtrKq05C2.Zgy"
cert: ""
client = new Client testAppDoc
client.save (error, newAppDoc) ->
mockServer = testUtils.createMockServer 200, "Mock response body 1\n", 1232, ->
done()
after (done) ->
Channel.remove { name: "TEST DATA - Mock endpoint" }, ->
Client.remove { clientID: "testApp" }, ->
mockServer.close ->
done()
afterEach (done) ->
server.stop ->
done()
describe "with no credentials", ->
it "should `throw` 401", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/mock")
.expect(401)
.end (err, res) ->
if err
done err
else
done()
describe "with incorrect credentials", ->
it "should `throw` 401", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/mock")
.auth("incorrect_user", "incorrect_password")
.expect(401)
.expect('WWW-Authenticate', 'Basic')
.end (err, res) ->
if err
done err
else
done()
describe "with correct credentials", ->
it "should return 200 OK", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/mock")
.auth("testApp", "password")
.expect(200)
.end (err, res) ->
if err
done err
else
done()
describe "POST and PUT tests", ->
mockServer = null
mockServerWithReturn = null
testDoc = "test message"
before (done) ->
config.authentication.enableMutualTLSAuthentication = false
config.authentication.enableBasicAuthentication = true
#Setup some test data
channel1 = new Channel
name: "TEST DATA - Mock endpoint"
urlPattern: "/test/mock"
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 1232
primary: true
]
channel2 = new Channel
name: "TEST DATA - Mock With Return endpoint"
urlPattern: "/gmo"
allow: [ "PoC" ]
routes: [
name: "test route return"
host: "localhost"
port: 1499
primary: true
]
channel3 = new Channel
name: "TEST DATA - Mock With Return endpoint public"
urlPattern: "/public"
allow: [ ]
authType: "public"
routes: [
name: "test route"
host: "localhost"
port: 1232
primary: true
]
channel4 = new Channel
name: "TEST DATA - Mock With Return endpoint private - whitelist"
urlPattern: "/private"
allow: [ ]
whitelist: ['::ffff:127.0.0.1', '127.0.0.1'] #localhost in IPV6
authType: "public"
routes: [
name: "test route"
host: "localhost"
port: 1232
primary: true
]
channel5 = new Channel
name: "TEST DATA - whitelist but un-authorised"
urlPattern: "/un-auth"
allow: [ 'private' ]
whitelist: ['::ffff:127.0.0.1', '127.0.0.1'] #localhost in IPV6
authType: "private"
routes: [
name: "test route"
host: "localhost"
port: 1232
primary: true
]
channel6 = new Channel
name: "TEST DATA - whitelist but authorised"
urlPattern: "/auth"
allow: [ 'PoC' ]
whitelist: ['::ffff:127.0.0.1', '127.0.0.1'] #localhost in IPV6
authType: "private"
routes: [
name: "test route"
host: "localhost"
port: 1232
primary: true
]
channel1.save (err) ->
channel2.save (err)->
channel3.save (err) ->
channel4.save (err) ->
channel5.save (err) ->
channel6.save (err) ->
testAppDoc =
clientID: "testApp"
clientDomain: "test-client.jembi.org"
name: "TEST Client"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordAlgorithm: "sha512"
passwordHash: "28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea"
passwordSalt: "1234567890"
cert: ""
client = new Client testAppDoc
client.save (error, newAppDoc) ->
# Create mock endpoint to forward requests to
mockServer = testUtils.createMockServerForPost(201, 400, testDoc)
mockServerWithReturn = testUtils.createMockServerForPostWithReturn(201, 400, testDoc)
mockServer.listen 1232, () ->
mockServerWithReturn.listen 1499, done
after (done) ->
Channel.remove {}, ->
Client.remove { clientID: "testApp" }, ->
mockServer.close ->
mockServerWithReturn.close ->
done()
afterEach (done) ->
server.stop ->
done()
it "should return 201 CREATED on POST", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.post("/test/mock")
.send(testDoc)
.auth("testApp", "password")
.expect(201)
.end (err, res) ->
if err
done err
else
done()
it "should return 201 CREATED on POST - Public Channel", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.post("/public")
.send(testDoc)
.expect(201)
.end (err, res) ->
if err
done err
else
done()
it "should return 201 CREATED on POST - Public Channel with whitelisted ip", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.post("/private")
.send(testDoc)
.expect(201)
.end (err, res) ->
if err
done err
else
done()
it "should deny access on POST - Private Channel with whitelisted IP but incorrect client role", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.post("/un-auth")
.send(testDoc)
.auth("testApp", "password")
.expect(401)
.end (err, res) ->
if err
done err
else
done()
it "should return 201 CREATED on POST - Private Channel with whitelisted IP and correct client role", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.post("/auth")
.send(testDoc)
.auth("testApp", "password")
.expect(201)
.end (err, res) ->
if err
done err
else
done()
it "should return 201 CREATED on PUT", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.put("/test/mock")
.send(testDoc)
.auth("testApp", "password")
.expect(201)
.end (err, res) ->
if err
done err
else
done()
it "should decompress gzip", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.put("/gmo")
.set('Accept-Encoding', '') #Unset encoding, because supertest defaults to gzip,deflate
.send(testDoc)
.auth("testApp", "password")
.expect(201)
.expect(testDoc, done)
it "should returned gzipped response", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.put("/gmo")
.set('Accept-Encoding', 'gzip')
.send(testDoc)
.auth("testApp", "password")
.expect(201)
.expect("content-encoding", "gzip")
.expect(testDoc)
.end (err, res) ->
if err
done err
else
done()
describe "HTTP header tests", ->
mockServer = null
testDoc = "test message"
before (done) ->
config.authentication.enableMutualTLSAuthentication = false
config.authentication.enableBasicAuthentication = true
#Setup some test data
channel1 = new Channel
name: "TEST DATA - Mock endpoint"
urlPattern: "test/mock"
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 6262
primary: true
]
channel1.save (err) ->
testAppDoc =
clientID: "testApp"
clientDomain: "test-client.jembi.org"
name: "TEST Client"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordAlgorithm: "sha512"
passwordHash: "28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea"
passwordSalt: "1234567890"
cert: ""
client = new Client testAppDoc
client.save (error, newAppDoc) ->
# Create mock endpoint to forward requests to
mockServer = testUtils.createMockServer 201, testDoc, 6262, ->
done()
after (done) ->
Channel.remove { name: "TEST DATA - Mock endpoint" }, ->
Client.remove { clientID: "testApp" }, ->
mockServer.close ->
done()
afterEach (done) ->
server.stop ->
done()
it "should keep HTTP headers of the response intact", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/mock")
.send(testDoc)
.auth("testApp", "password")
.expect(201)
.expect('Content-Type', 'text/plain; charset=utf-8')
.end (err, res) ->
if err
done err
else
done()
describe "HTTP body content matching - XML", ->
mockServer = null
testXMLDoc = """
Kigali
5
"""
before (done) ->
config.authentication.enableMutualTLSAuthentication = false
config.authentication.enableBasicAuthentication = true
#Setup some test data
channel1 = new Channel
name: "TEST DATA - Mock endpoint"
urlPattern: "test/mock"
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 1232
primary: true
]
matchContentTypes: [ "text/xml" ]
matchContentXpath: "string(/careServicesRequest/function/@uuid)"
matchContentValue: "4e8bbeb9-f5f5-11e2-b778-0800200c9a66"
channel1.save (err) ->
testAppDoc =
clientID: "testApp"
clientDomain: "test-client.jembi.org"
name: "TEST Client"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordAlgorithm: "sha512"
passwordHash: "28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea"
passwordSalt: "1234567890"
cert: ""
client = new Client testAppDoc
client.save (error, newAppDoc) ->
# Create mock endpoint to forward requests to
mockServer = testUtils.createMockServerForPost(201, 400, testXMLDoc)
mockServer.listen 1232, done
after (done) ->
Channel.remove { name: "TEST DATA - Mock endpoint" }, ->
Client.remove { clientID: "testApp" }, ->
mockServer.close ->
done()
afterEach (done) ->
server.stop ->
done()
it "should return 201 CREATED on POST", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.post("/test/mock")
.set("Content-Type", "text/xml")
.send(testXMLDoc)
.auth("testApp", "password")
.expect(201)
.end (err, res) ->
if err
done err
else
done()
it "should return 201 CREATED on PUT", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.put("/test/mock")
.set("Content-Type", "text/xml")
.send(testXMLDoc)
.auth("testApp", "password")
.expect(201)
.end (err, res) ->
if err
done err
else
done()
describe "HTTP body content matching - JSON", ->
mockServer = null
testJSONDoc = '''
{
"functionId": 1234,
"personId": "987",
"name": "John Smith"
}
'''
before (done) ->
config.authentication.enableMutualTLSAuthentication = false
config.authentication.enableBasicAuthentication = true
#Setup some test data
channel1 = new Channel
name: "TEST DATA - Mock endpoint"
urlPattern: "test/mock"
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 1232
primary: true
]
matchContentTypes: [ "text/x-json", "application/json" ]
matchContentJson: "functionId"
matchContentValue: "1234"
channel1.save (err) ->
testAppDoc =
clientID: "testApp"
clientDomain: "test-client.jembi.org"
name: "TEST Client"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordAlgorithm: "sha512"
passwordHash: "28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea"
passwordSalt: "1234567890"
cert: ""
client = new Client testAppDoc
client.save (error, newAppDoc) ->
# Create mock endpoint to forward requests to
mockServer = testUtils.createMockServerForPost(201, 400, testJSONDoc)
mockServer.listen 1232, done
after (done) ->
Channel.remove { name: "TEST DATA - Mock endpoint" }, ->
Client.remove { clientID: "testApp" }, ->
mockServer.close ->
done()
afterEach (done) ->
server.stop ->
done()
it "should return 201 CREATED on POST", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.post("/test/mock")
.set("Content-Type", "application/json")
.send(testJSONDoc)
.auth("testApp", "password")
.expect(201)
.end (err, res) ->
if err
done err
else
done()
it "should return 201 CREATED on PUT", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.put("/test/mock")
.set("Content-Type", "application/json")
.send(testJSONDoc)
.auth("testApp", "password")
.expect(201)
.end (err, res) ->
if err
done err
else
done()
describe "HTTP body content matching - RegEx", ->
mockServer = null
testRegExDoc = "facility: OMRS123"
before (done) ->
config.authentication.enableMutualTLSAuthentication = false
config.authentication.enableBasicAuthentication = true
#Setup some test data
channel1 = new Channel
name: "TEST DATA - Mock endpoint"
urlPattern: "test/mock"
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 1232
primary: true
]
matchContentRegex: "\\s[A-Z]{4}\\d{3}"
channel1.save (err) ->
testAppDoc =
clientID: "testApp"
clientDomain: "test-client.jembi.org"
name: "TEST Client"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordAlgorithm: "sha512"
passwordHash: "28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea"
passwordSalt: "1234567890"
cert: ""
client = new Client testAppDoc
client.save (error, newAppDoc) ->
# Create mock endpoint to forward requests to
mockServer = testUtils.createMockServerForPost(201, 400, testRegExDoc)
mockServer.listen 1232, done
after (done) ->
Channel.remove { name: "TEST DATA - Mock endpoint" }, ->
Client.remove { clientID: "testApp" }, ->
mockServer.close ->
done()
afterEach (done) ->
server.stop ->
done()
it "should return 201 CREATED on POST", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.post("/test/mock")
.send(testRegExDoc)
.auth("testApp", "password")
.expect(201)
.end (err, res) ->
if err
done err
else
done()
it "should return 201 CREATED on PUT", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.put("/test/mock")
.send(testRegExDoc)
.auth("testApp", "password")
.expect(201)
.end (err, res) ->
if err
done err
else
done()
describe "mediator tests", ->
mockServer = null
mediatorResponse =
status: "Successful"
response:
status: 200
headers: {}
body: ""
timestamp: new Date
orchestrations: [
name: "Lab API"
request:
path: "api/patient/lab"
headers:
"Content-Type": "text/plain"
body: ""
method: "POST"
timestamp: new Date
response:
status: 200
headers: {}
body: ""
timestamp: new Date
]
properties:
orderId: "TEST00001"
documentId: "1f49c3e0-3cec-4292-b495-5bd41433a048"
before (done) ->
config.authentication.enableMutualTLSAuthentication = false
config.authentication.enableBasicAuthentication = true
mediatorChannel = new Channel
name: "TEST DATA - Mock mediator endpoint"
urlPattern: "test/mediator"
allow: [ "PoC" ]
routes: [
name: "mediator route"
host: "localhost"
port: 1244
primary: true
]
mediatorChannel.save (err) ->
testAppDoc =
clientID: "mediatorTestApp"
clientDomain: "test-client.jembi.org"
name: "TEST Client"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordAlgorithm: "sha512"
passwordHash: "28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea"
passwordSalt: "1234567890"
cert: ""
client = new Client testAppDoc
client.save (error, newAppDoc) ->
mockServer = testUtils.createMockMediatorServer 200, mediatorResponse, 1244, -> done()
beforeEach (done) -> Transaction.remove {}, done
after (done) ->
Channel.remove { name: "TEST DATA - Mock mediator endpoint" }, ->
Client.remove { clientID: "mediatorTestApp" }, ->
mockServer.close ->
done()
afterEach (done) ->
server.stop ->
Transaction.remove {}, ->
done()
describe "mediator response processing", ->
it "should return the specified mediator response element as the actual response", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/mediator")
.auth("mediatorTestApp", "password")
.expect(200)
.expect(mediatorResponse.response.body, done)
it "should setup the correct metadata on the transaction as specified by the mediator response", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/mediator")
.auth("mediatorTestApp", "password")
.expect(200)
.end (err, res) ->
if err
done err
else
setTimeout ( ->
Transaction.findOne {}, (err, res) ->
res.status.should.be.equal mediatorResponse.status
res.orchestrations.length.should.be.exactly 1
res.orchestrations[0].name.should.be.equal mediatorResponse.orchestrations[0].name
should.exist res.properties
res.properties.orderId.should.be.equal mediatorResponse.properties.orderId
done()
), 150 * global.testTimeoutFactor
describe "Multipart form data tests", ->
mockServer = null
before (done) ->
config.authentication.enableMutualTLSAuthentication = false
config.authentication.enableBasicAuthentication = true
mediatorResponse =
status: "Successful"
response:
status: 200
headers: {}
body: ""
timestamp: new Date
orchestrations: [
name: "Lab API"
request:
path: "api/patient/lab"
headers:
"Content-Type": "text/plain"
body: ""
method: "POST"
timestamp: new Date
response:
status: 200
headers: {}
body: ""
timestamp: new Date
]
#Setup some test data
channel1 = new Channel
name: "TEST DATA - Mock endpoint - multipart"
urlPattern: "/test/multipart"
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 1276
primary: true
]
channel1.save (err) ->
testAppDoc =
clientID: "testAppMultipart"
clientDomain: "test-client.jembi.org"
name: "TEST Client"
roles: [
"OpenMRS_PoC"
"PoC"
]
passwordAlgorithm: "sha512"
passwordHash: "28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea"
passwordSalt: "1234567890"
cert: ""
client = new Client testAppDoc
client.save (error, newAppDoc) ->
mockServer = testUtils.createMockMediatorServer 200, mediatorResponse, 1276, ->
done()
after (done) ->
Channel.remove { name: "TEST DATA - Mock endpoint - multipart" }, ->
Client.remove { clientID: "testAppMultipart" }, ->
done()
afterEach (done) ->
server.stop ->
done()
it "should return 201 CREATED on POST", (done) ->
server.start httpPort: 5001, ->
form = new FormData()
form.append('my_field', 'my value')
form.append('unix', fs.readFileSync "test/resources/files/unix.txt")
form.append('mac', fs.readFileSync "test/resources/files/mac.txt")
form.append('msdos', fs.readFileSync "test/resources/files/msdos.txt")
form.submit
host: "localhost"
port: 5001
path: "/test/multipart"
auth: "testAppMultipart:password"
method: "post"
, (err, res) ->
res.statusCode.should.equal 200
res.on "data", (chunk) ->
# chunk.should.be.ok
if err
done err
else
done()
describe "URL rewriting e2e test", ->
mockServer = null
jsonResponse =
href: 'http://localhost:1232/test/mock'
before (done) ->
config.authentication.enableMutualTLSAuthentication = false
config.authentication.enableBasicAuthentication = true
# Setup some test data
channel1 = new Channel
name: "TEST DATA - Mock endpoint"
urlPattern: "test/mock"
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 1232
primary: true
]
rewriteUrls: true
channel1.save (err) ->
testAppDoc =
clientID: "testApp"
clientDomain: "test-client.jembi.org"
name: "TEST Client"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordAlgorithm: "sha512"
passwordHash: "28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea"
passwordSalt: "1234567890"
cert: ""
client = new Client testAppDoc
client.save (error, newAppDoc) ->
# Create mock endpoint to forward requests to
mockServer = testUtils.createMockServer 201, JSON.stringify(jsonResponse), 1232, -> done()
after (done) ->
Channel.remove { name: "TEST DATA - Mock endpoint" }, ->
Client.remove { clientID: "testApp" }, ->
mockServer.close ->
done()
afterEach (done) ->
server.stop ->
done()
it "should rewrite response urls", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/mock")
.auth("testApp", "password")
.expect(201)
.end (err, res) ->
if err
done err
else
response = JSON.parse res.text
response.href.should.be.exactly 'http://localhost:5001/test/mock'
done()
describe "Routes enabled/disabled tests", ->
mockServer1 = null
mockServer2 = null
channel1 = new Channel
name: "TEST DATA - Mock endpoint 1"
urlPattern: "^/test/channel1$"
allow: [ "PoC" ]
routes: [
{
name: "test route"
host: "localhost"
port: 1233
primary: true
}, {
name: "test route 2"
host: "localhost"
port: 1234
}
]
channel2 = new Channel
name: "TEST DATA - Mock endpoint 2"
urlPattern: "^/test/channel2$"
allow: [ "PoC" ]
routes: [
{
name: "test route"
host: "localhost"
port: 1233
status: 'disabled'
}, {
name: "test route 2"
host: "localhost"
port: 1234
primary: true
status: 'enabled'
}
]
channel3 = new Channel
name: "TEST DATA - Mock endpoint 3"
urlPattern: "^/test/channel3$"
allow: [ "PoC" ]
routes: [
{
name: "test route"
host: "localhost"
port: 1233
primary: true
status: 'enabled'
}, {
name: "test route 2"
host: "localhost"
port: 1234
primary: true
status: 'disabled'
}
]
before (done) ->
config.authentication.enableMutualTLSAuthentication = false
config.authentication.enableBasicAuthentication = true
channel1.save (err) -> channel2.save (err) -> channel3.save (err) ->
testAppDoc =
clientID: "testApp"
clientDomain: "test-client.jembi.org"
name: "TEST Client"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordAlgorithm: "sha512"
passwordHash: "28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea"
passwordSalt: "1234567890"
cert: ""
client = new Client testAppDoc
client.save (error, newAppDoc) ->
# Create mock endpoint to forward requests to
mockServer1 = testUtils.createMockServer 200, 'target1', 1233, ->
mockServer2 = testUtils.createMockServer 200, 'target2', 1234, -> done()
after (done) ->
Channel.remove { name: "TEST DATA - Mock endpoint 1" }, ->
Channel.remove { name: "TEST DATA - Mock endpoint 2" }, ->
Channel.remove { name: "TEST DATA - Mock endpoint 3" }, ->
Client.remove { clientID: "testApp" }, ->
mockServer1.close ->
mockServer2.close ->
done()
afterEach (done) -> server.stop -> Transaction.remove {}, done
beforeEach (done) -> Transaction.remove {}, done
it "should route transactions to routes that have no status specified (default: enabled)", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/channel1")
.auth("testApp", "password")
.expect(200)
.end (err, res) ->
if err
done err
else
res.text.should.be.exactly 'target1'
# routes are async
setTimeout ( ->
Transaction.findOne {}, (err, trx) ->
return done err if err
trx.routes.length.should.be.exactly 1
trx.routes[0].should.have.property 'name', 'test route 2'
trx.routes[0].response.body.should.be.exactly 'target2'
done()
), 150 * global.testTimeoutFactor
it "should NOT route transactions to disabled routes", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/channel2")
.auth("testApp", "password")
.expect(200)
.end (err, res) ->
if err
done err
else
res.text.should.be.exactly 'target2'
# routes are async
setTimeout ( ->
Transaction.findOne {}, (err, trx) ->
return done err if err
trx.routes.length.should.be.exactly 0
done()
), 150 * global.testTimeoutFactor
it "should ignore disabled primary routes (multiple primary routes)", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/channel3")
.auth("testApp", "password")
.expect(200)
.end (err, res) ->
if err
done err
else
res.text.should.be.exactly 'target1'
# routes are async
setTimeout ( ->
Transaction.findOne {}, (err, trx) ->
return done err if err
trx.routes.length.should.be.exactly 0
done()
), 150 * global.testTimeoutFactor
describe "Channel priority tests", ->
mockServer1 = null
mockServer2 = null
channel1 = new Channel
name: "TEST DATA - Mock endpoint 1"
urlPattern: "^/test/undefined/priority$"
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 1234
primary: true
]
channel2 = new Channel
name: "TEST DATA - Mock endpoint 2"
urlPattern: "^/.*$"
priority: 3
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 1233
primary: true
]
channel3 = new Channel
name: "TEST DATA - Mock endpoint 3"
urlPattern: "^/test/mock$"
priority: 2
allow: [ "PoC" ]
routes: [
name: "test route"
host: "localhost"
port: 1234
primary: true
]
before (done) ->
config.authentication.enableMutualTLSAuthentication = false
config.authentication.enableBasicAuthentication = true
channel1.save (err) -> channel2.save (err) -> channel3.save (err) ->
testAppDoc =
clientID: "testApp"
clientDomain: "test-client.jembi.org"
name: "TEST Client"
roles:
[
"OpenMRS_PoC"
"PoC"
]
passwordAlgorithm: "sha512"
passwordHash: "28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea"
passwordSalt: "1234567890"
cert: ""
client = new Client testAppDoc
client.save (error, newAppDoc) ->
# Create mock endpoint to forward requests to
mockServer1 = testUtils.createMockServer 200, 'target1', 1233, ->
mockServer2 = testUtils.createMockServer 200, 'target2', 1234, -> done()
after (done) ->
Channel.remove { name: "TEST DATA - Mock endpoint 1" }, ->
Channel.remove { name: "TEST DATA - Mock endpoint 2" }, ->
Channel.remove { name: "TEST DATA - Mock endpoint 3" }, ->
Channel.remove { name: "TEST DATA - Mock endpoint 4" }, ->
Client.remove { clientID: "testApp" }, ->
mockServer1.close ->
mockServer2.close ->
done()
afterEach (done) ->
server.stop ->
done()
it "should route to the channel with higher priority if multiple channels match a request", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/mock")
.auth("testApp", "password")
.expect(200)
.end (err, res) ->
if err
done err
else
res.text.should.be.exactly 'target2' #should route to target2 via channel3
done()
it "should treat a channel with an undefined priority with lowest priority", (done) ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/undefined/priority")
.auth("testApp", "password")
.expect(200)
.end (err, res) ->
if err
done err
else
res.text.should.be.exactly 'target1' #should route to target1 via channel2
done()
it "should deny access if multiple channels match but the top priority channel denies access", (done) ->
channel4 = new Channel
name: "TEST DATA - Mock endpoint 4"
urlPattern: "^/test/mock$"
priority: 1
allow: [ "something else" ]
routes: [
name: "test route"
host: "localhost"
port: 1234
primary: true
]
channel4.save () ->
server.start httpPort: 5001, ->
request("http://localhost:5001")
.get("/test/mock")
.auth("testApp", "password")
.expect(401)
.end (err, res) ->
if err
done err
else
done()