285 lines
7.4 KiB
JavaScript
285 lines
7.4 KiB
JavaScript
import { config } from '../../src/config.js'
|
|
import { server, setup, shutdown } from '../../src/index.js'
|
|
import { generateKeyPairSync } from 'crypto'
|
|
import { existsSync, writeFileSync } from 'fs'
|
|
|
|
beforeAll(() => {
|
|
if(!existsSync(config.signing.private)) {
|
|
const { publicKey, privateKey } = generateKeyPairSync('rsa', {
|
|
modulusLength: 4096,
|
|
publicKeyEncoding: {
|
|
type: "pkcs1",
|
|
format: "pem"
|
|
},
|
|
privateKeyEncoding: {
|
|
type: "pkcs1",
|
|
format: "pem"
|
|
}
|
|
})
|
|
writeFileSync('public.pem', publicKey)
|
|
writeFileSync('private.key', privateKey)
|
|
}
|
|
|
|
if(process.env['CI']) {
|
|
config.database.url = 'mongodb://setup-database:27017/yggdrasil?readPreference=primary&appname=MongoDB%20Compass&directConnection=true&ssl=false'
|
|
}
|
|
return setup()
|
|
})
|
|
|
|
const login = async () => {
|
|
const { accessToken, clientToken, selectedProfile, user } = JSON.parse((await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/authenticate',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
username: 'i@lama.icu',
|
|
password: '123456',
|
|
clientToken: 'UNIT_TEST',
|
|
requestUser: true,
|
|
agent: {
|
|
name: 'minecraft',
|
|
version: 1
|
|
}
|
|
}
|
|
})).body)
|
|
|
|
return { accessToken, clientToken, selectedProfile, user }
|
|
}
|
|
|
|
test('/authserver/authenticate', async function() {
|
|
const response = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/authenticate',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
username: 'i@lama.icu',
|
|
password: '123456',
|
|
clientToken: 'UNIT_TEST',
|
|
requestUser: true,
|
|
agent: {
|
|
name: 'minecraft',
|
|
version: 1
|
|
}
|
|
}
|
|
})
|
|
|
|
expect(response.statusCode).toBe(200)
|
|
})
|
|
|
|
test('/authserver/refresh', async function() {
|
|
const credentals = await login()
|
|
const refresh1 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/refresh',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals.accessToken,
|
|
clientToken: credentals.clientToken,
|
|
}
|
|
})
|
|
|
|
const newToken = JSON.parse(refresh1.body).accessToken
|
|
|
|
expect(refresh1.statusCode).toBe(200)
|
|
|
|
const refresh2 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/refresh',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals.accessToken,
|
|
clientToken: credentals.clientToken,
|
|
}
|
|
})
|
|
|
|
expect(refresh2.statusCode).toBe(401)
|
|
|
|
const refresh3 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/refresh',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals.accessToken,
|
|
clientToken: Math.random() + "",
|
|
}
|
|
})
|
|
|
|
expect(refresh3.statusCode).toBe(401)
|
|
|
|
const refresh4 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/refresh',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: newToken,
|
|
}
|
|
})
|
|
|
|
expect(refresh4.statusCode).toBe(200)
|
|
})
|
|
|
|
test('/authserver/validate', async function() {
|
|
const credentals = await login()
|
|
const validate1 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/validate',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals.accessToken,
|
|
clientToken: credentals.clientToken,
|
|
}
|
|
})
|
|
|
|
expect(validate1.statusCode).toBe(204)
|
|
|
|
const validate2 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/validate',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals.accessToken,
|
|
clientToken: credentals.clientToken + "hjfidhsw",
|
|
}
|
|
})
|
|
|
|
expect(validate2.statusCode).toBe(401)
|
|
|
|
const validate3 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/validate',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals.accessToken + "hjfidhsw",
|
|
clientToken: credentals.clientToken,
|
|
}
|
|
})
|
|
|
|
expect(validate3.statusCode).toBe(401)
|
|
|
|
const validate4 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/validate',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals.accessToken,
|
|
}
|
|
})
|
|
|
|
expect(validate4.statusCode).toBe(204)
|
|
})
|
|
|
|
test('/authserver/invalidate', async function() {
|
|
let credentals = await login()
|
|
const invalidate1 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/invalidate',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals.accessToken,
|
|
clientToken: credentals.clientToken,
|
|
}
|
|
})
|
|
|
|
expect(invalidate1.statusCode).toBe(204)
|
|
|
|
const credentals2 = await login()
|
|
const invalidate2 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/validate',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals2.accessToken,
|
|
clientToken: credentals2.clientToken + "hjfidhsw",
|
|
}
|
|
})
|
|
|
|
expect(invalidate2.statusCode).toBe(401)
|
|
|
|
const validate = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/validate',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals.accessToken,
|
|
clientToken: credentals.clientToken,
|
|
}
|
|
})
|
|
|
|
expect(validate.statusCode).toBe(401)
|
|
})
|
|
|
|
test('/authserver/signout', async function() {
|
|
const credentals1 = await login()
|
|
const credentals2 = await login()
|
|
const signout = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/signout',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
username: 'i@lama.icu',
|
|
password: '123456',
|
|
}
|
|
})
|
|
|
|
expect(signout.statusCode).toBe(204)
|
|
|
|
const validate1 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/validate',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals1.accessToken,
|
|
clientToken: credentals1.clientToken,
|
|
}
|
|
})
|
|
|
|
const validate2 = await server.inject({
|
|
method: 'POST',
|
|
url: '/authserver/validate',
|
|
headers: {
|
|
'Content-Type': 'application/json'
|
|
},
|
|
payload: {
|
|
accessToken: credentals2.accessToken,
|
|
clientToken: credentals2.clientToken,
|
|
}
|
|
})
|
|
|
|
expect(validate1.statusCode).toBe(401)
|
|
expect(validate2.statusCode).toBe(401)
|
|
})
|
|
|
|
afterAll(() => {
|
|
return shutdown()
|
|
})
|