Skip to content

Commit

Permalink
Adding JWT Authentication Functionality
Browse files Browse the repository at this point in the history 
stopping point
added tests for action loginJwt

Added some more tests for the actions class

JWT Token Authentication - Fixes apache#1468
  • Loading branch information
@pablodavidortega
pablodavidortega committed Jan 9, 2025
1 parent 87a7377 commit 74d63ea
Show file tree
Hide file tree
Showing 17 changed files with 892 additions and 40 deletions.
3 changes: 3 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,3 +49,6 @@ coverage
# IDEs
.idea/
.vscode
/docker/formatted.key
/docker/test_private_key.pem
/docker/test_public_key.pem
238 changes: 238 additions & 0 deletions app/addons/auth/__tests__/actions.test.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,238 @@
// Licensed under the Apache License, Version 2.0 (the "License"); you may not
// use this file except in compliance with the License. You may obtain a copy of
// the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
// License for the specific language governing permissions and limitations under
// the License.

import FauxtonAPI from "../../../core/api";
import FauxtonJwt from "../fauxtonjwt";
import Api from '../api';
import {loginJwt, login} from "../actions";
import utils from "../../../../test/mocha/testUtils";
import sinon, {stub} from "sinon";

const {restore} = utils;

describe('Auth -- Actions', () => {

describe('loginJwt', () => {

const authenticatedResponse = {
"ok": true,
"userCtx": {
"name": "tester",
"roles": [
"manage-account",
"view-profile",
"_admin"
]
},
"info": {
"authentication_handlers": [
"cookie",
"jwt",
"default"
],
"authenticated": "jwt"
}
};

const jwtNotSetupResponse = {
"ok": true,
"userCtx": {
"name": null,
"roles": []
},
"info": {
"authentication_handlers": [
"cookie",
"default",
]
}
};

const unathenticatedResponse = {
"ok": true,
"userCtx": {
"name": null,
"roles": []
},
"info": {
"authentication_handlers": [
"cookie",
"default",
"jwt"
]
}
};

let loginStub;
let loginJwtStub;
let deleteJwtCookieStub;
let addNotificationStub;
let navigateStub;

beforeEach(() => {
loginJwtStub = stub(Api, "loginJwt");
loginStub = stub(Api, "login");
deleteJwtCookieStub = stub(FauxtonJwt, "deleteJwtCookie");
addNotificationStub = stub(FauxtonAPI, "addNotification");
navigateStub = stub(FauxtonAPI, "navigate");
});

afterEach(() => {
restore(loginJwtStub);
restore(loginStub);
restore(addNotificationStub);
restore(deleteJwtCookieStub);
restore(navigateStub);
});

it('loginJwt logs in if userCtx present', async () => {
loginJwtStub.returns(Promise.resolve(authenticatedResponse));

const mockToken = "mockToken";

await loginJwt(mockToken);

expect(loginJwtStub.calledOnce).toBeTruthy();
expect(loginStub.notCalled).toBeTruthy();
expect(addNotificationStub.calledOnce).toBeTruthy();
expect(navigateStub.calledOnce).toBeTruthy();
sinon.assert.calledWithExactly(
navigateStub,
'/');
});

it('loginJwt is not called if token is empty', async () => {
loginJwtStub.returns(Promise.resolve(authenticatedResponse));

const mockToken = "";

await loginJwt(mockToken);

expect(loginJwtStub.notCalled).toBeTruthy();
expect(loginStub.notCalled).toBeTruthy();
expect(addNotificationStub.calledOnce).toBeTruthy();
expect(navigateStub.notCalled).toBeTruthy();
});

it('loginJwt does not navigate if jwt auth is not enabled', async () => {
loginJwtStub.returns(Promise.resolve(jwtNotSetupResponse));

const mockToken = "mockToken";

await loginJwt(mockToken);

expect(loginJwtStub.calledOnce).toBeTruthy();
expect(loginStub.notCalled).toBeTruthy();
expect(deleteJwtCookieStub.calledOnce).toBeTruthy();
expect(addNotificationStub.calledOnce).toBeTruthy();
expect(navigateStub.notCalled).toBeTruthy();
});

it('loginJwt does not navigate if jwt auth is not successful', async () => {
loginJwtStub.returns(Promise.resolve(unathenticatedResponse));

const mockToken = "mockToken";

await loginJwt(mockToken);

expect(loginJwtStub.calledOnce).toBeTruthy();
expect(loginStub.notCalled).toBeTruthy();
expect(deleteJwtCookieStub.calledOnce).toBeTruthy();
expect(addNotificationStub.calledOnce).toBeTruthy();
expect(navigateStub.notCalled).toBeTruthy();
});
});

describe('login', () => {

const authenticatedResponse = {
"ok": true,
"userCtx": {
"name": "tester",
"roles": [
"_admin"
]
},
"info": {
"authentication_handlers": [
"cookie",
"default"
],
"authenticated": "cookie"
}
};

let loginStub;
let loginJwtStub;
let addNotificationStub;
let navigateStub;

beforeEach(() => {
loginJwtStub = stub(Api, "loginJwt");
loginStub = stub(Api, "login");
addNotificationStub = stub(FauxtonAPI, "addNotification");
navigateStub = stub(FauxtonAPI, "navigate");
});

afterEach(() => {
restore(loginJwtStub);
restore(loginStub);
restore(addNotificationStub);
restore(navigateStub);
});

it('login logs in if there is no error', async () => {
loginStub.returns(Promise.resolve(authenticatedResponse));

const mockUser = "mockUser";
const mockPassword = "mockPassword";

await login(mockUser, mockPassword);

expect(loginJwtStub.notCalled).toBeTruthy();
expect(loginStub.calledOnce).toBeTruthy();
expect(addNotificationStub.calledOnce).toBeTruthy();
expect(navigateStub.calledOnce).toBeTruthy();
sinon.assert.calledWithExactly(
navigateStub,
'/');
});

it('login does not log in if username is blank', async () => {
loginStub.returns(Promise.resolve(authenticatedResponse));

const mockUser = "";
const mockPassword = "mockPassword";

await login(mockUser, mockPassword);

expect(loginJwtStub.notCalled).toBeTruthy();
expect(loginStub.notCalled).toBeTruthy();
expect(addNotificationStub.calledOnce).toBeTruthy();
expect(navigateStub.notCalled).toBeTruthy();
});

it('login does not log in if password is blank', async () => {
loginStub.returns(Promise.resolve(authenticatedResponse));

const mockUser = "mockUser";
const mockPassword = "";

await login(mockUser, mockPassword);

expect(loginJwtStub.notCalled).toBeTruthy();
expect(loginStub.notCalled).toBeTruthy();
expect(addNotificationStub.calledOnce).toBeTruthy();
expect(navigateStub.notCalled).toBeTruthy();
});
});
});
61 changes: 61 additions & 0 deletions app/addons/auth/__tests__/api.test.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
import FauxtonJwt from "../fauxtonjwt";
import Helpers from "../../../helpers";
import utils from "../../../../test/mocha/testUtils";
import sinon, {stub} from "sinon";
import {loginJwt, logout} from "../api";
import * as ajax from "../../../core/ajax";

const {restore} = utils;

jest.mock("../../../core/ajax");

describe('Api -- Actions', () => {

const sessionUrl = "http://testurl/_session";

describe('loginJwt', () => {

let setJwtCookieStub;
let deleteJwtCookieStub;
let getServerUrlStub;

beforeEach(() => {
setJwtCookieStub = stub(FauxtonJwt, "setJwtCookie");
deleteJwtCookieStub = stub(FauxtonJwt, "deleteJwtCookie");
getServerUrlStub = stub(Helpers, "getServerUrl");
ajax.get.mockReturnValue(Promise.resolve({}));
ajax.deleteFormEncoded.mockReturnValue(Promise.resolve({}));
});

afterEach(() => {
restore(setJwtCookieStub);
restore(deleteJwtCookieStub);
restore(getServerUrlStub);
});

it('loginJwt sets jwt auth as token and calls _session endpoint using global get method', async () => {
const mockToken = "mockToken";
getServerUrlStub.returns(sessionUrl);
await loginJwt(mockToken);
expect(setJwtCookieStub.calledOnce).toBeTruthy();
expect(getServerUrlStub.calledOnce).toBeTruthy();
sinon.assert.calledWithExactly(
setJwtCookieStub,
mockToken);
sinon.assert.calledWithExactly(
getServerUrlStub,
'/_session');
});


it('logout deletes cookie from browser and calls global delete _session endpoint', async () => {
getServerUrlStub.returns(sessionUrl);
await logout();
expect(deleteJwtCookieStub.calledOnce).toBeTruthy();
expect(getServerUrlStub.calledOnce).toBeTruthy();
sinon.assert.calledWithExactly(
getServerUrlStub,
'/_session');
});
});
});
19 changes: 18 additions & 1 deletion app/addons/auth/__tests__/components.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,22 +22,38 @@ describe('Auth -- Components', () => {

describe('LoginForm', () => {
let stub;
let stubJwt;

beforeEach(() => {
stub = sinon.stub(Actions, 'login');
stubJwt = sinon.stub(Actions, 'loginJwt');
});

afterEach(() => {
Actions.login.restore();
Actions.loginJwt.restore();
});

it('should trigger login event when form submitted', () => {
const loginForm = mount(<LoginForm/>);
expect(loginForm.find('select#auth-method').prop('value')).toEqual('basic');
loginForm.find('#login').simulate('submit');
expect(stub.calledOnce).toBeTruthy();
expect(stubJwt.notCalled).toBeTruthy();
});

it('in case of nothing in state, should pass actual values to Actions.login()', () => {
it('should change login type when dropdown option is chosen', () => {
const loginForm = mount(<LoginForm/>);
const dropdown = loginForm.find('select#auth-method');
expect(loginForm.find('select').prop('value')).toEqual('basic');
dropdown.simulate('change', {target: {value: 'token'}});
expect(loginForm.find('select').prop('value')).toEqual('token');
loginForm.find('#login').simulate('submit');
expect(stub.notCalled).toBeTruthy();
expect(stubJwt.calledOnce).toBeTruthy();
});

it('in case of nothing in state, should pass actual basic auth values to Actions.login()', () => {
const username = 'bob';
const password = 'smith';

Expand All @@ -55,6 +71,7 @@ describe('Auth -- Components', () => {
expect(stub.args[0][1]).toBe(password);
});


});

describe('ChangePasswordForm', () => {
Expand Down
Loading

0 comments on commit 74d63ea

Please sign in to comment.