UNPKG

openhim-core

Version:

The OpenHIM core application that provides logging and routing of http requests

openhim.org

jembi/openhim-core-js

104 lines (90 loc) 3.47 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
should = require "should" request = require "supertest" basicAuthentication = require '../../lib/middleware/basicAuthentication' Client = require("../../lib/model/clients").Client buildEmptyCtx = () -> ctx = {} ctx.req = {} ctx.req.headers = {} return ctx buildCtx = (user, pass) -> authDetails = new Buffer("#{user}:#{pass}").toString("base64") ctx = buildEmptyCtx() ctx.req.headers.authorization = "basic " + authDetails return ctx bcryptClient = clientID: "user" clientDomain: "openhim.jembi.org" name: "TEST basic auth client" roles: [ "PoC" ] passwordAlgorithm: "bcrypt" passwordHash: "$2a$10$w8GyqInkl72LMIQNpMM/fenF6VsVukyya.c6fh/GRtrKq05C2.Zgy" cert: "" shaClient = clientID: "user" clientDomain: "openhim.jembi.org" name: "TEST basic auth client" roles: [ "PoC" ] passwordAlgorithm: "sha512" passwordHash: "28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea" passwordSalt: "1234567890" cert: "" describe "Basic Auth", -> before (done) -> Client.remove({}, done) afterEach (done) -> Client.remove({}, done) describe "with no credentials", -> it "ctx.authenticated should not exist", (done) -> ctx = buildEmptyCtx() basicAuthentication.authenticateUser ctx, -> {}.should.not.equal ctx.authenticated done() describe "with unknown user", -> it "ctx.authenticated should not exist", (done) -> ctx = buildCtx("incorrect_user", "incorrect_password") basicAuthentication.authenticateUser ctx, -> {}.should.not.equal ctx.authenticated done() describe "default algorithm (bcrypt) with correct credentials", -> it "ctx.authenticated should exist and contain the client object from the database ", (done) -> client = new Client bcryptClient client.save (error, newAppDoc) -> ctx = buildCtx("user", "password") basicAuthentication.authenticateUser ctx, -> should.exist ctx.authenticated should.exist ctx.authenticated.clientID ctx.authenticated.clientID.should.equal bcryptClient.clientID done() describe "default algorithm (bcrypt) with incorrect credentials", -> it "ctx.authenticated should not exist", (done) -> client = new Client bcryptClient client.save (error, newAppDoc) -> ctx = buildCtx("user", "incorrectPassword") basicAuthentication.authenticateUser ctx, -> should.not.exist ctx.authenticated done() describe "crypto algorithm (sha) with correct credentials", -> it "ctx.authenticated should exist and contain the client object from the database ", (done) -> client = new Client shaClient client.save (error, newAppDoc) -> ctx = buildCtx("user", "password") basicAuthentication.authenticateUser ctx, -> should.exist ctx.authenticated should.exist ctx.authenticated.clientID ctx.authenticated.clientID.should.equal shaClient.clientID done() describe "crypto algorithm (sha) with incorrect credentials", -> it "ctx.authenticated should not exist", (done) -> client = new Client shaClient client.save (error, newAppDoc) -> ctx = buildCtx("user", "incorrectPassword") basicAuthentication.authenticateUser ctx, -> should.not.exist ctx.authenticated done()