UNPKG

openhim-core

Version:

The OpenHIM core application that provides logging and routing of http requests

openhim.org

jembi/openhim-core-js

129 lines (116 loc) 4.01 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
/* eslint-env mocha */ import should from 'should' import * as basicAuthentication from '../../src/middleware/basicAuthentication' import { ClientModel } from '../../src/model/clients' const buildEmptyCtx = function () { const ctx = {} ctx.req = {} ctx.req.headers = {} return ctx } const buildCtx = function (user, pass) { const authDetails = Buffer.from(`${user}:${pass}`).toString('base64') const ctx = buildEmptyCtx() ctx.req.headers.authorization = `basic ${authDetails}` return ctx } const bcryptClient = { clientID: 'user', clientDomain: 'openhim.jembi.org', name: 'TEST basic auth client', roles: [ 'PoC' ], passwordAlgorithm: 'bcrypt', passwordHash: '$2a$10$w8GyqInkl72LMIQNpMM/fenF6VsVukyya.c6fh/GRtrKq05C2.Zgy', cert: '' } const shaClient = { clientID: 'user', clientDomain: 'openhim.jembi.org', name: 'TEST basic auth client', roles: [ 'PoC' ], passwordAlgorithm: 'sha512', passwordHash: '28dce3506eca8bb3d9d5a9390135236e8746f15ca2d8c86b8d8e653da954e9e3632bf9d85484ee6e9b28a3ada30eec89add42012b185bd9a4a36a07ce08ce2ea', passwordSalt: '1234567890', cert: '' } describe('Basic Auth', () => { afterEach(async () => ClientModel.deleteMany({})) describe('with no credentials', () => it('ctx.authenticated should not exist', (done) => { const ctx = buildEmptyCtx() basicAuthentication.authenticateUser(ctx, () => { ({}.should.not.equal(ctx.authenticated)) return done() }) }) ) describe('with unknown user', () => it('ctx.authenticated should not exist', (done) => { const ctx = buildCtx('incorrect_user', 'incorrect_password') basicAuthentication.authenticateUser(ctx, () => { ({}.should.not.equal(ctx.authenticated)) return done() }) }) ) describe('default algorithm (bcrypt) with correct credentials', () => it('ctx.authenticated should exist and contain the client object from the database ', (done) => { const client = new ClientModel(bcryptClient) client.save((err, newAppDoc) => { if (err) { return done(err) } const ctx = buildCtx('user', 'password') basicAuthentication.authenticateUser(ctx, () => { should.exist(ctx.authenticated) should.exist(ctx.authenticated.clientID) ctx.authenticated.clientID.should.equal(bcryptClient.clientID) return done() }) }) }) ) describe('default algorithm (bcrypt) with incorrect credentials', () => it('ctx.authenticated should not exist', (done) => { const client = new ClientModel(bcryptClient) client.save((err, newAppDoc) => { if (err) { return done(err) } const ctx = buildCtx('user', 'incorrectPassword') basicAuthentication.authenticateUser(ctx, () => { should.not.exist(ctx.authenticated) return done() }) }) }) ) describe('crypto algorithm (sha) with correct credentials', () => it('ctx.authenticated should exist and contain the client object from the database ', (done) => { const client = new ClientModel(shaClient) client.save((err, newAppDoc) => { if (err) { return done(err) } const ctx = buildCtx('user', 'password') basicAuthentication.authenticateUser(ctx, () => { should.exist(ctx.authenticated) should.exist(ctx.authenticated.clientID) ctx.authenticated.clientID.should.equal(shaClient.clientID) return done() }) }) }) ) describe('crypto algorithm (sha) with incorrect credentials', () => it('ctx.authenticated should not exist', (done) => { const client = new ClientModel(shaClient) client.save((err, newAppDoc) => { if (err) { return done(err) } const ctx = buildCtx('user', 'incorrectPassword') basicAuthentication.authenticateUser(ctx, () => { should.not.exist(ctx.authenticated) return done() }) }) }) ) })