494 lines
14 KiB
JavaScript
494 lines
14 KiB
JavaScript
|
/**
|
||
|
* Config mocha
|
||
|
*/
|
||
|
|
||
|
mocha.timeout(60000);
|
||
|
mocha.globals(['jQuery*', '__auth0jp*']);
|
||
|
|
||
|
/**
|
||
|
* XHR support variables
|
||
|
*/
|
||
|
|
||
|
var xhrSupport = !(new Auth0({clientID: 'clientID', domain: 'domain'}))._useJSONP;
|
||
|
var xhrSupportPrefix = xhrSupport ? '' : 'not ';
|
||
|
|
||
|
/**
|
||
|
* Test User and Password
|
||
|
*/
|
||
|
|
||
|
describe('Auth0 - User And Passwords', function () {
|
||
|
var auth0 = new Auth0({
|
||
|
domain: 'mdocs.auth0.com',
|
||
|
callbackURL: 'http://localhost:3000/',
|
||
|
clientID: 'ptR6URmXef0OfBDHK0aCIy7iPKpdCG4t'
|
||
|
});
|
||
|
|
||
|
describe('Login', function () {
|
||
|
describe('with resource owner', function () {
|
||
|
|
||
|
it('should call the callback when user/pass is wrong', function (done) {
|
||
|
auth0.login({
|
||
|
connection: 'tests',
|
||
|
username: 'testttt@wrong.com',
|
||
|
password: '12345',
|
||
|
sso: false
|
||
|
}, function (err, profile) {
|
||
|
expect(err.status).to.equal(401);
|
||
|
expect(err.details.code).to.equal('invalid_user_password');
|
||
|
expect(profile).not.to.be.ok();
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
// Fails on IE8. Some bug with errors on XMLHttpRequest handling
|
||
|
// XXX: Fix it!
|
||
|
it.skip('should call the callback with err when the connection doesn\'t exists', function (done) {
|
||
|
auth0.login({
|
||
|
connection: 'testsw3eeasdsadsa',
|
||
|
username: 'testttt@wrong.com',
|
||
|
password: '12345',
|
||
|
sso: false
|
||
|
}, function (err, result) {
|
||
|
expect(err.status).to.equal(400);
|
||
|
expect(err.message).to.equal('invalid_connection');
|
||
|
expect(result).not.to.be.ok();
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should return the authentication result after successfull authentication', function (done) {
|
||
|
auth0.login({
|
||
|
connection: 'tests',
|
||
|
username: 'johnfoo@gmail.com',
|
||
|
password: '12345',
|
||
|
sso: false
|
||
|
}, function (err, result) {
|
||
|
// expect(profile.name).to.eql('John Foo');
|
||
|
// expect(profile.foo).to.eql('bar');
|
||
|
// expect(profile.identities.length).to.eql(1);
|
||
|
expect(result.idToken).to.exist;
|
||
|
expect(result.accessToken).to.exist;
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should return refresh_token after successfull authentication with offline_mode', function (done) {
|
||
|
auth0.login({
|
||
|
connection: 'tests',
|
||
|
username: 'johnfoo+1@gmail.com',
|
||
|
password: '12345',
|
||
|
offline_mode: true,
|
||
|
sso: false
|
||
|
}, function (err, result) {
|
||
|
// expect(profile.name).to.eql('John Foo');
|
||
|
// expect(profile.foo).to.eql('bar');
|
||
|
// expect(profile.identities.length).to.eql(1);
|
||
|
expect(result.idToken).to.exist;
|
||
|
expect(result.refreshToken).to.exist;
|
||
|
expect(result.accessToken).to.exist;
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should trim username before login', function (done) {
|
||
|
auth0.login({
|
||
|
connection: 'tests',
|
||
|
username: ' johnfoo+2@gmail.com ',
|
||
|
password: '12345',
|
||
|
sso: false
|
||
|
}, function (err, result) {
|
||
|
// expect(profile.name).to.eql('John Foo');
|
||
|
// expect(profile.foo).to.eql('bar');
|
||
|
// expect(profile.identities.length).to.eql(1);
|
||
|
expect(result.idToken).to.exist;
|
||
|
expect(result.accessToken).to.exist;
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
});
|
||
|
|
||
|
describe('with wsfed', function () {
|
||
|
|
||
|
it('should call the callback when user/pass is wrong', function (done) {
|
||
|
auth0.login({
|
||
|
connection: 'tests',
|
||
|
username: 'testttt@wrong.com',
|
||
|
password: '12345',
|
||
|
nonce: '1234'
|
||
|
}, function (err) {
|
||
|
expect(err.status).to.equal(401);
|
||
|
expect(err.details.code).to.equal('invalid_user_password');
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should call the callback with err when the connection doesn\'t exists', function (done) {
|
||
|
auth0.login({
|
||
|
connection: 'testsw3eeasdsadsa',
|
||
|
username: 'testtttt@wrong.com',
|
||
|
password: '12345',
|
||
|
nonce: '12345'
|
||
|
}, function (err) {
|
||
|
expect(err.status).to.equal(404);
|
||
|
expect(err.message).to.match(/connection not found/ig);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should render wsfed form after successfull authentication', function (done) {
|
||
|
auth0._renderAndSubmitWSFedForm = function (options, htmlForm) {
|
||
|
expect(htmlForm).to.match(/<form/);
|
||
|
done();
|
||
|
};
|
||
|
|
||
|
auth0.login({
|
||
|
connection: 'tests',
|
||
|
username: 'johnfoo@gmail.com',
|
||
|
password: '12345',
|
||
|
nonce: '12345'
|
||
|
});
|
||
|
});
|
||
|
|
||
|
});
|
||
|
});
|
||
|
|
||
|
describe('Signup', function () {
|
||
|
it('should fail when the username is null', function (done) {
|
||
|
auth0.signup({
|
||
|
connection: 'tests',
|
||
|
username: null,
|
||
|
password: '12345'
|
||
|
}, function (err) {
|
||
|
expect(err.status).to.equal(400);
|
||
|
expect(err.message).to.exist;
|
||
|
expect(err.details).to.exist;
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should handle server errors', function (done) {
|
||
|
auth0.signup({
|
||
|
connection: 'tests',
|
||
|
username: 'pepo@example.com',
|
||
|
password: '12345',
|
||
|
auto_login: false
|
||
|
}, function (err) {
|
||
|
expect(err.status).to.equal(401);
|
||
|
expect(err.message).to.exist;
|
||
|
expect(err.details).to.exist;
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
describe('with resource owner authentication', function () {
|
||
|
|
||
|
it('should return auth result after successfull signup', function (done) {
|
||
|
auth0.signup({
|
||
|
connection: 'tests',
|
||
|
username: 'johnfoo@gmail.com',
|
||
|
password: '12345',
|
||
|
sso: false
|
||
|
}, function (err, result) {
|
||
|
// expect(profile.name).to.eql('John Foo');
|
||
|
// expect(profile.identities.length).to.eql(1);
|
||
|
expect(result).to.be.ok();
|
||
|
expect(result.idToken).to.be.ok();
|
||
|
expect(result.accessToken).to.be.ok();
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should not return auth result after successfull signup if auto_login is false', function (done) {
|
||
|
auth0._renderAndSubmitWSFedForm = function () {
|
||
|
done(new Error('this should not be called'));
|
||
|
};
|
||
|
|
||
|
auth0.signup({
|
||
|
connection: 'tests',
|
||
|
username: 'johnfoo@gmail.com',
|
||
|
password: '12345',
|
||
|
auto_login: false,
|
||
|
sso: false
|
||
|
}, function (err, result) {
|
||
|
expect(result).to.be(undefined);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should trim username before signup', function (done) {
|
||
|
auth0.signup({
|
||
|
connection: 'tests',
|
||
|
username: 'johnfoo@gmail.com',
|
||
|
password: '12345',
|
||
|
sso: false
|
||
|
}, function (err, result) {
|
||
|
expect(err).to.be(null);
|
||
|
expect(result).to.be.ok();
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should handle username and email when requires_username enabled', function (done) {
|
||
|
var username = makeUsername(15);
|
||
|
|
||
|
auth0.signup({
|
||
|
connection: 'requires-username',
|
||
|
username: username,
|
||
|
email: username + '@gmail.com',
|
||
|
password: '12345',
|
||
|
sso: false
|
||
|
}, function (err, result) {
|
||
|
expect(err).to.be(null);
|
||
|
auth0.getUserInfo(result.accessToken, function(err, profile) {
|
||
|
expect(err).to.be(null);
|
||
|
expect(profile).to.have.property('username');
|
||
|
expect(profile).to.have.property('email');
|
||
|
expect(profile.username).to.be(username);
|
||
|
expect(profile.email).to.be(username + '@gmail.com');
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
|
||
|
});
|
||
|
|
||
|
describe('with wsfed authentication', function () {
|
||
|
|
||
|
it('should render wsfed form after successfull signup', function (done) {
|
||
|
auth0._renderAndSubmitWSFedForm = function (options, htmlForm) {
|
||
|
expect(htmlForm).to.match(/<form/);
|
||
|
done();
|
||
|
};
|
||
|
|
||
|
auth0.signup({
|
||
|
connection: 'tests',
|
||
|
username: 'johnfoo@gmail.com',
|
||
|
password: '12345',
|
||
|
nonce: '12345'
|
||
|
}, function (err) {
|
||
|
done(err);
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should not render wsfed form after successfull signup if auto_login is false', function (done) {
|
||
|
auth0._renderAndSubmitWSFedForm = function (options, htmlForm) {
|
||
|
done(new Error('this should not be called'));
|
||
|
};
|
||
|
|
||
|
auth0.signup({
|
||
|
connection: 'tests',
|
||
|
username: 'johnfoo@gmail.com',
|
||
|
password: '12345',
|
||
|
auto_login: false
|
||
|
}, function (err) {
|
||
|
done(err);
|
||
|
});
|
||
|
});
|
||
|
|
||
|
});
|
||
|
|
||
|
it('should error when username is missing when requires_username enabled', function (done) {
|
||
|
var username = makeUsername(15);
|
||
|
|
||
|
auth0.signup({
|
||
|
connection: 'requires-username',
|
||
|
email: username + '@gmail.com',
|
||
|
password: '12345'
|
||
|
}, function (err, profile) {
|
||
|
expect(err).to.not.be(null);
|
||
|
expect(err.status).to.be(400);
|
||
|
expect(err).to.have.property('message');
|
||
|
expect(err).to.have.property('details');
|
||
|
expect(err.message).to.match(/missing username/ig);
|
||
|
expect(profile).not.to.be.ok();
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
|
||
|
describe('Change Password', function () {
|
||
|
// TODO: add a test to check that the user can provide a username or email, when `requires_username` is enabled
|
||
|
|
||
|
it('should fail when there is no email', function (done) {
|
||
|
auth0.changePassword({
|
||
|
connection: 'tests',
|
||
|
password: '12345'
|
||
|
}, function (err) {
|
||
|
expect(err.status).to.equal(400);
|
||
|
expect(err).to.have.property('message');
|
||
|
expect(err).to.have.property('details');
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
//this timeout sometimes. I need to improve.
|
||
|
it('should return OK after successfull operation', function (done) {
|
||
|
auth0.changePassword({
|
||
|
connection: 'tests',
|
||
|
email: 'johnfoo@contoso.com',
|
||
|
password: '12345'
|
||
|
}, function (err) {
|
||
|
expect(err).to.be(null);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should present a proper error message for password strength errors (xhr ' + xhrSupportPrefix + ' supported)', function(done) {
|
||
|
// TODO test JSONP request
|
||
|
if (!xhrSupport) return done();
|
||
|
|
||
|
var server = sinon.fakeServer.create();
|
||
|
|
||
|
var response = {
|
||
|
'name': 'PasswordStrengthError',
|
||
|
'code': 'invalid_password',
|
||
|
'description': {
|
||
|
'rules': [{
|
||
|
'message': 'At least %d characters in length',
|
||
|
'format': [6],
|
||
|
'code': 'lengthAtLeast',
|
||
|
'verified': false
|
||
|
}],
|
||
|
'verified': false
|
||
|
},
|
||
|
'statusCode':400
|
||
|
};
|
||
|
|
||
|
server.respondWith('POST', 'https://' + auth0._domain + '/dbconnections/change_password',[
|
||
|
400,
|
||
|
{ 'Content-Type': 'application/json' },
|
||
|
JSON.stringify(response)
|
||
|
]);
|
||
|
|
||
|
auth0.changePassword({
|
||
|
connection: 'tests',
|
||
|
email: 'johnfoo@contoso.com',
|
||
|
password: '12345'
|
||
|
}, function (err) {
|
||
|
expect(err).to.not.be(null);
|
||
|
expect(err.message).to.eql('Password is not strong enough.');
|
||
|
expect(err.details).to.eql(response);
|
||
|
done();
|
||
|
});
|
||
|
|
||
|
|
||
|
server.respond();
|
||
|
server.restore();
|
||
|
})
|
||
|
});
|
||
|
|
||
|
describe('Validate User', function () {
|
||
|
it('should return "true" if the credentials are valid', function (done) {
|
||
|
auth0.validateUser({
|
||
|
connection: 'tests',
|
||
|
username: 'johnfoo@gmail.com',
|
||
|
password: '12345'
|
||
|
}, function (err, valid) {
|
||
|
expect(err).to.be(null);
|
||
|
expect(valid).to.equal(true);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should return "true" if the credentials with username and email are valid', function (done) {
|
||
|
auth0.validateUser({
|
||
|
connection: 'tests',
|
||
|
username: 'johnfoo',
|
||
|
email: 'johnfoo@gmail.com',
|
||
|
password: '12345'
|
||
|
}, function (err, valid) {
|
||
|
expect(err).to.be(null);
|
||
|
expect(valid).to.equal(false);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should return "false" if username is invalid', function (done) {
|
||
|
auth0.validateUser({
|
||
|
connection: 'tests',
|
||
|
username: 'invalid-user@gmail.com',
|
||
|
password: '12345'
|
||
|
}, function (err, valid) {
|
||
|
expect(err).to.be(null);
|
||
|
expect(valid).to.equal(false);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should return "false" if email is valid and username is invalid', function (done) {
|
||
|
auth0.validateUser({
|
||
|
connection: 'tests',
|
||
|
username: 'invalid-user',
|
||
|
email: 'johnfoo@gmail.com',
|
||
|
password: '12345'
|
||
|
}, function (err, valid) {
|
||
|
expect(err).to.be(null);
|
||
|
expect(valid).to.equal(false);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should return "false" if email is invalid and username is valid', function (done) {
|
||
|
auth0.validateUser({
|
||
|
connection: 'tests',
|
||
|
username: 'johnfoo',
|
||
|
email: 'invalid#email@gmail.com',
|
||
|
password: '12345'
|
||
|
}, function (err, valid) {
|
||
|
expect(err).to.be(null);
|
||
|
expect(valid).to.equal(false);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should return "false" if connection is invalid', function (done) {
|
||
|
auth0.validateUser({
|
||
|
connection: 'invalid-conn',
|
||
|
username: 'johnfoo@gmail.com',
|
||
|
password: '12345'
|
||
|
}, function (err, valid) {
|
||
|
expect(err).to.be(null);
|
||
|
expect(valid).to.equal(false);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should return error if connection is not specified', function (done) {
|
||
|
auth0.validateUser({
|
||
|
username: 'johnfoo@gmail.com',
|
||
|
password: '12345'
|
||
|
}, function (err) {
|
||
|
if (auth0._use)
|
||
|
expect(err.message).to.equal('connection parameter is mandatory');
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
|
||
|
it('should trim username before validation', function (done) {
|
||
|
auth0.validateUser({
|
||
|
connection: 'tests',
|
||
|
username: ' johnfoo@gmail.com ',
|
||
|
password: '12345'
|
||
|
}, function (err, valid) {
|
||
|
expect(err).to.be(null);
|
||
|
expect(valid).to.equal(true);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
|
||
|
});
|
||
|
|
||
|
|
||
|
function makeUsername(size) {
|
||
|
var uname = '';
|
||
|
var possible = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
|
||
|
|
||
|
for( var i=0; i < size; i++ ) {
|
||
|
uname += possible.charAt(Math.floor(Math.random() * possible.length));
|
||
|
}
|
||
|
|
||
|
return uname.toLowerCase();
|
||
|
}
|