2011-06-13 11:23:02 +08:00
|
|
|
require('../helper');
|
|
|
|
|
|
2012-06-02 04:06:33 +08:00
|
|
|
var _ = require('underscore')
|
2014-08-05 22:20:06 +08:00
|
|
|
, OAuthAuth = require('../../app/auth/oauth')
|
2014-08-06 18:51:55 +08:00
|
|
|
, MetadataDB = require('cartodb-redis')
|
2014-08-05 22:20:06 +08:00
|
|
|
, oAuth = require('../../app/auth/oauth').backend
|
2012-06-02 04:06:33 +08:00
|
|
|
, assert = require('assert')
|
|
|
|
|
, tests = module.exports = {}
|
|
|
|
|
, oauth_data_1 = {
|
|
|
|
|
oauth_consumer_key: "dpf43f3p2l4k3l03",
|
|
|
|
|
oauth_token: "nnch734d00sl2jdk",
|
|
|
|
|
oauth_signature_method: "HMAC-SHA1",
|
|
|
|
|
oauth_signature: "tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D",
|
|
|
|
|
oauth_timestamp:"1191242096",
|
|
|
|
|
oauth_nonce:"kllo9940pd9333jh"
|
|
|
|
|
}
|
|
|
|
|
, oauth_data_2 = { oauth_version:"1.0" }
|
|
|
|
|
, oauth_data = _.extend(oauth_data_1, oauth_data_2)
|
|
|
|
|
, real_oauth_header = 'OAuth realm="http://vizzuality.testhost.lan/",oauth_consumer_key="fZeNGv5iYayvItgDYHUbot1Ukb5rVyX6QAg8GaY2",oauth_token="l0lPbtP68ao8NfStCiA3V3neqfM03JKhToxhUQTR",oauth_signature_method="HMAC-SHA1", oauth_signature="o4hx4hWP6KtLyFwggnYB4yPK8xI%3D",oauth_timestamp="1313581372",oauth_nonce="W0zUmvyC4eVL8cBd4YwlH1nnPTbxW0QBYcWkXTwe4",oauth_version="1.0"'
|
|
|
|
|
, oauth_header_tokens = 'oauth_consumer_key="dpf43f3p2l4k3l03",oauth_token="nnch734d00sl2jdk",oauth_signature_method="HMAC-SHA1", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D",oauth_timestamp="1191242096",oauth_nonce="kllo9940pd9333jh",oauth_version="1.0"'
|
|
|
|
|
, full_oauth_header = 'OAuth realm="http://photos.example.net/"' + oauth_header_tokens;
|
2011-08-18 00:27:45 +08:00
|
|
|
|
2014-08-06 18:51:55 +08:00
|
|
|
var metadataBackend = MetadataDB({
|
|
|
|
|
host: global.settings.redis_host,
|
|
|
|
|
port: global.settings.redis_port,
|
|
|
|
|
max: global.settings.redisPool,
|
|
|
|
|
idleTimeoutMillis: global.settings.redisIdleTimeoutMillis,
|
|
|
|
|
reapIntervalMillis: global.settings.redisReapIntervalMillis
|
|
|
|
|
});
|
|
|
|
|
|
2012-07-13 04:54:12 +08:00
|
|
|
suite('oauth', function() {
|
|
|
|
|
|
|
|
|
|
test('test database number', function(){
|
2012-06-02 04:06:33 +08:00
|
|
|
assert.equal(oAuth.oauth_database, 3);
|
2012-07-13 04:54:12 +08:00
|
|
|
});
|
2011-06-13 11:23:02 +08:00
|
|
|
|
2012-07-13 04:54:12 +08:00
|
|
|
test('test oauth database key', function(){
|
2012-06-02 04:06:33 +08:00
|
|
|
assert.equal(oAuth.oauth_user_key, "rails:oauth_access_tokens:<%= oauth_access_key %>");
|
2012-07-13 04:54:12 +08:00
|
|
|
});
|
2011-06-13 11:23:02 +08:00
|
|
|
|
2012-07-13 04:54:12 +08:00
|
|
|
test('test parse tokens from full headers does not raise exception', function(){
|
2012-06-02 04:06:33 +08:00
|
|
|
var req = {query:{}, headers:{authorization:full_oauth_header}};
|
|
|
|
|
assert.doesNotThrow(function(){ oAuth.parseTokens(req) }, /incomplete oauth tokens in request/);
|
2012-07-13 04:54:12 +08:00
|
|
|
});
|
2011-08-18 00:27:45 +08:00
|
|
|
|
2012-07-13 04:54:12 +08:00
|
|
|
test('test parse all normal tokens raises no exception', function(){
|
2012-06-02 04:06:33 +08:00
|
|
|
var req = {query:oauth_data, headers:{}};
|
|
|
|
|
assert.doesNotThrow(function(){ oAuth.parseTokens(req) }, /incomplete oauth tokens in request/);
|
2012-07-13 04:54:12 +08:00
|
|
|
});
|
2011-08-18 00:27:45 +08:00
|
|
|
|
2012-07-13 04:54:12 +08:00
|
|
|
test('test headers take presedence over query parameters', function(){
|
2012-06-02 04:06:33 +08:00
|
|
|
var req = {query:{oauth_signature_method: "MY_HASH"}, headers:{authorization:full_oauth_header}};
|
|
|
|
|
var tokens = oAuth.parseTokens(req);
|
|
|
|
|
assert.equal(tokens.oauth_signature_method, "HMAC-SHA1");
|
2012-07-13 04:54:12 +08:00
|
|
|
});
|
2011-08-18 00:27:45 +08:00
|
|
|
|
2012-07-13 04:54:12 +08:00
|
|
|
test('test can access oauth hash for a user based on access token (oauth_token)', function(done){
|
2012-06-02 04:06:33 +08:00
|
|
|
var req = {query:{}, headers:{authorization:real_oauth_header}};
|
|
|
|
|
var tokens = oAuth.parseTokens(req);
|
2011-08-18 00:27:45 +08:00
|
|
|
|
2014-08-06 18:51:55 +08:00
|
|
|
oAuth.getOAuthHash(metadataBackend, tokens.oauth_token, function(err, data){
|
|
|
|
|
console.log(data);
|
2012-06-02 04:06:33 +08:00
|
|
|
assert.equal(tokens.oauth_consumer_key, data.consumer_key);
|
2012-07-13 04:54:12 +08:00
|
|
|
done();
|
2012-06-02 04:06:33 +08:00
|
|
|
});
|
2012-07-13 04:54:12 +08:00
|
|
|
});
|
2012-06-02 04:00:45 +08:00
|
|
|
|
2012-07-13 04:54:12 +08:00
|
|
|
test('test non existant oauth hash for a user based on oauth_token returns empty hash', function(done){
|
2012-06-02 04:06:33 +08:00
|
|
|
var req = {query:{}, headers:{authorization:full_oauth_header}};
|
|
|
|
|
var tokens = oAuth.parseTokens(req);
|
2012-06-02 04:00:45 +08:00
|
|
|
|
2014-08-06 18:51:55 +08:00
|
|
|
oAuth.getOAuthHash(metadataBackend, tokens.oauth_token, function(err, data){
|
2013-11-16 01:36:49 +08:00
|
|
|
assert.ok(!err, err);
|
2012-07-13 04:54:12 +08:00
|
|
|
assert.deepEqual(data, {});
|
|
|
|
|
done();
|
2012-06-02 04:06:33 +08:00
|
|
|
});
|
2012-07-13 04:54:12 +08:00
|
|
|
});
|
2012-06-02 04:00:45 +08:00
|
|
|
|
2012-07-13 04:54:12 +08:00
|
|
|
test('can return user for verified signature', function(done){
|
2012-06-02 04:06:33 +08:00
|
|
|
var req = {query:{},
|
|
|
|
|
headers:{authorization:real_oauth_header, host: 'vizzuality.testhost.lan' },
|
2014-08-06 18:51:55 +08:00
|
|
|
protocol: 'http',
|
2012-06-02 04:06:33 +08:00
|
|
|
method: 'GET',
|
2013-06-06 23:08:31 +08:00
|
|
|
path: '/api/v1/tables'
|
2012-06-02 04:06:33 +08:00
|
|
|
};
|
|
|
|
|
|
2014-08-06 18:51:55 +08:00
|
|
|
oAuth.verifyRequest(req, metadataBackend, function(err, data){
|
2013-05-15 14:52:26 +08:00
|
|
|
assert.ok(!err, err);
|
2012-07-13 04:54:12 +08:00
|
|
|
assert.equal(data, 1);
|
|
|
|
|
done();
|
2014-08-06 18:51:55 +08:00
|
|
|
});
|
2012-07-13 04:54:12 +08:00
|
|
|
});
|
2012-06-02 04:00:45 +08:00
|
|
|
|
2012-07-13 04:54:12 +08:00
|
|
|
test('returns null user for unverified signatures', function(done){
|
2012-06-02 04:06:33 +08:00
|
|
|
var req = {query:{},
|
|
|
|
|
headers:{authorization:real_oauth_header, host: 'vizzuality.testyhost.lan' },
|
2014-08-06 18:51:55 +08:00
|
|
|
protocol: 'http',
|
2012-06-02 04:06:33 +08:00
|
|
|
method: 'GET',
|
2013-06-06 23:08:31 +08:00
|
|
|
path: '/api/v1/tables'
|
2012-06-02 04:06:33 +08:00
|
|
|
};
|
|
|
|
|
|
2014-08-06 18:51:55 +08:00
|
|
|
oAuth.verifyRequest(req, metadataBackend, function(err, data){
|
2012-07-13 04:54:12 +08:00
|
|
|
assert.equal(data, null);
|
|
|
|
|
done();
|
2014-08-06 18:51:55 +08:00
|
|
|
});
|
2012-07-13 04:54:12 +08:00
|
|
|
});
|
2012-06-02 04:00:45 +08:00
|
|
|
|
2012-07-13 04:54:12 +08:00
|
|
|
test('returns null user for no oauth', function(done){
|
2012-06-02 04:06:33 +08:00
|
|
|
var req = {
|
|
|
|
|
query:{},
|
|
|
|
|
headers:{},
|
2014-08-06 18:51:55 +08:00
|
|
|
protocol: 'http',
|
2012-06-02 04:06:33 +08:00
|
|
|
method: 'GET',
|
2013-06-06 23:08:31 +08:00
|
|
|
path: '/api/v1/tables'
|
2012-06-02 04:06:33 +08:00
|
|
|
};
|
|
|
|
|
|
2014-08-06 18:51:55 +08:00
|
|
|
oAuth.verifyRequest(req, metadataBackend, function(err,data){
|
2012-07-13 04:54:12 +08:00
|
|
|
assert.equal(data, null);
|
|
|
|
|
done();
|
2012-06-02 04:06:33 +08:00
|
|
|
});
|
2012-07-13 04:54:12 +08:00
|
|
|
});
|
|
|
|
|
|
2014-08-05 22:20:06 +08:00
|
|
|
test('OAuthAuth reports it has credentials', function(done) {
|
|
|
|
|
var req = {query:{}, headers:{authorization:real_oauth_header}};
|
|
|
|
|
var oAuthAuth = new OAuthAuth(req);
|
|
|
|
|
assert.ok(oAuthAuth.hasCredentials());
|
|
|
|
|
done();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
test('OAuthAuth reports it has no credentials', function(done) {
|
|
|
|
|
var req = {query:{}, headers:{}};
|
|
|
|
|
var oAuthAuth = new OAuthAuth(req);
|
|
|
|
|
assert.equal(oAuthAuth.hasCredentials(), false);
|
|
|
|
|
done();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
2012-07-13 04:54:12 +08:00
|
|
|
});
|
