Allow single server instance in test suite (#7262)
* initial pass * reconfigureServer when needed * finish postgres tests * mongo tests * more tests * clean up * re-add skipped test * Fix transaction tests * handle batch * AuthenticationAdapter fix * More reconfiguration * clean up * properly terminate cli servers * handle Parse.Push * Flaky PushController * ensure reconfigureServer when changed * fix postgres tests * remove console.log * LiveQuery spec remove duplicates and listeners
This commit is contained in:
Diamond Lewis
GitHub
@@ -4,255 +4,257 @@ const fs = require('fs');
|
||||
const port = 12345;
|
||||
const sslport = 12346;
|
||||
|
||||
it('Should fail with missing options', done => {
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'testpw' })
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP auth configuration missing');
|
||||
done();
|
||||
describe('Ldap Auth', () => {
|
||||
it('Should fail with missing options', done => {
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'testpw' })
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP auth configuration missing');
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('Should return a resolved promise when validating the app id', done => {
|
||||
ldap.validateAppId().then(done).catch(done.fail);
|
||||
});
|
||||
|
||||
it('Should succeed with right credentials', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example').then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done)
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
|
||||
it('Should return a resolved promise when validating the app id', done => {
|
||||
ldap.validateAppId().then(done).catch(done.fail);
|
||||
});
|
||||
|
||||
it('Should succeed with right credentials', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example').then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done)
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
|
||||
it('Should succeed with right credentials when LDAPS is used and certifcate is not checked', done => {
|
||||
mockLdapServer(sslport, 'uid=testuser, o=example', false, true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldaps://localhost:${sslport}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
tlsOptions: { rejectUnauthorized: false },
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done)
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
it('Should succeed with right credentials when LDAPS is used and certifcate is not checked', done => {
|
||||
mockLdapServer(sslport, 'uid=testuser, o=example', false, true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldaps://localhost:${sslport}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
tlsOptions: { rejectUnauthorized: false },
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done)
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Should succeed when LDAPS is used and the presented certificate is the expected certificate', done => {
|
||||
mockLdapServer(sslport, 'uid=testuser, o=example', false, true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldaps://localhost:${sslport}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
tlsOptions: {
|
||||
ca: fs.readFileSync(__dirname + '/support/cert/cert.pem'),
|
||||
rejectUnauthorized: true,
|
||||
},
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done)
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
it('Should succeed when LDAPS is used and the presented certificate is the expected certificate', done => {
|
||||
mockLdapServer(sslport, 'uid=testuser, o=example', false, true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldaps://localhost:${sslport}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
tlsOptions: {
|
||||
ca: fs.readFileSync(__dirname + '/support/cert/cert.pem'),
|
||||
rejectUnauthorized: true,
|
||||
},
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done)
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Should fail when LDAPS is used and the presented certificate is not the expected certificate', done => {
|
||||
mockLdapServer(sslport, 'uid=testuser, o=example', false, true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldaps://localhost:${sslport}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
tlsOptions: {
|
||||
ca: fs.readFileSync(__dirname + '/support/cert/anothercert.pem'),
|
||||
rejectUnauthorized: true,
|
||||
},
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAPS: Certificate mismatch');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
it('Should fail when LDAPS is used and the presented certificate is not the expected certificate', done => {
|
||||
mockLdapServer(sslport, 'uid=testuser, o=example', false, true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldaps://localhost:${sslport}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
tlsOptions: {
|
||||
ca: fs.readFileSync(__dirname + '/support/cert/anothercert.pem'),
|
||||
rejectUnauthorized: true,
|
||||
},
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAPS: Certificate mismatch');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Should fail when LDAPS is used certifcate matches but credentials are wrong', done => {
|
||||
mockLdapServer(sslport, 'uid=testuser, o=example', false, true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldaps://localhost:${sslport}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
tlsOptions: {
|
||||
ca: fs.readFileSync(__dirname + '/support/cert/cert.pem'),
|
||||
rejectUnauthorized: true,
|
||||
},
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'wrong!' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP: Wrong username or password');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
it('Should fail when LDAPS is used certifcate matches but credentials are wrong', done => {
|
||||
mockLdapServer(sslport, 'uid=testuser, o=example', false, true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldaps://localhost:${sslport}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
tlsOptions: {
|
||||
ca: fs.readFileSync(__dirname + '/support/cert/cert.pem'),
|
||||
rejectUnauthorized: true,
|
||||
},
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'wrong!' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP: Wrong username or password');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Should fail with wrong credentials', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example').then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'wrong!' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP: Wrong username or password');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
it('Should fail with wrong credentials', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example').then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
};
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'wrong!' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP: Wrong username or password');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Should succeed if user is in given group', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example').then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
groupCn: 'powerusers',
|
||||
groupFilter: '(&(uniqueMember=uid={{id}}, o=example)(objectClass=groupOfUniqueNames))',
|
||||
};
|
||||
it('Should succeed if user is in given group', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example').then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
groupCn: 'powerusers',
|
||||
groupFilter: '(&(uniqueMember=uid={{id}}, o=example)(objectClass=groupOfUniqueNames))',
|
||||
};
|
||||
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done)
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done)
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Should fail if user is not in given group', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example').then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
groupCn: 'groupTheUserIsNotIn',
|
||||
groupFilter: '(&(uniqueMember=uid={{id}}, o=example)(objectClass=groupOfUniqueNames))',
|
||||
};
|
||||
it('Should fail if user is not in given group', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example').then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
groupCn: 'groupTheUserIsNotIn',
|
||||
groupFilter: '(&(uniqueMember=uid={{id}}, o=example)(objectClass=groupOfUniqueNames))',
|
||||
};
|
||||
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP: User not in group');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP: User not in group');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Should fail if the LDAP server does not allow searching inside the provided suffix', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example').then(server => {
|
||||
const options = {
|
||||
suffix: 'o=invalid',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
groupCn: 'powerusers',
|
||||
groupFilter: '(&(uniqueMember=uid={{id}}, o=example)(objectClass=groupOfUniqueNames))',
|
||||
};
|
||||
it('Should fail if the LDAP server does not allow searching inside the provided suffix', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example').then(server => {
|
||||
const options = {
|
||||
suffix: 'o=invalid',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
groupCn: 'powerusers',
|
||||
groupFilter: '(&(uniqueMember=uid={{id}}, o=example)(objectClass=groupOfUniqueNames))',
|
||||
};
|
||||
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP group search failed');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP group search failed');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Should fail if the LDAP server encounters an error while searching', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example', true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
groupCn: 'powerusers',
|
||||
groupFilter: '(&(uniqueMember=uid={{id}}, o=example)(objectClass=groupOfUniqueNames))',
|
||||
};
|
||||
it('Should fail if the LDAP server encounters an error while searching', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example', true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
groupCn: 'powerusers',
|
||||
groupFilter: '(&(uniqueMember=uid={{id}}, o=example)(objectClass=groupOfUniqueNames))',
|
||||
};
|
||||
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP group search failed');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
ldap
|
||||
.validateAuthData({ id: 'testuser', password: 'secret' }, options)
|
||||
.then(done.fail)
|
||||
.catch(err => {
|
||||
jequal(err.message, 'LDAP group search failed');
|
||||
done();
|
||||
})
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Should delete the password from authData after validation', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example', true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
};
|
||||
it('Should delete the password from authData after validation', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example', true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
};
|
||||
|
||||
const authData = { id: 'testuser', password: 'secret' };
|
||||
const authData = { id: 'testuser', password: 'secret' };
|
||||
|
||||
ldap
|
||||
.validateAuthData(authData, options)
|
||||
.then(() => {
|
||||
expect(authData).toEqual({ id: 'testuser' });
|
||||
done();
|
||||
})
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
ldap
|
||||
.validateAuthData(authData, options)
|
||||
.then(() => {
|
||||
expect(authData).toEqual({ id: 'testuser' });
|
||||
done();
|
||||
})
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Should not save the password in the user record after authentication', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example', true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
};
|
||||
reconfigureServer({ auth: { ldap: options } }).then(() => {
|
||||
const authData = { authData: { id: 'testuser', password: 'secret' } };
|
||||
Parse.User.logInWith('ldap', authData).then(returnedUser => {
|
||||
const query = new Parse.Query('User');
|
||||
query
|
||||
.equalTo('objectId', returnedUser.id)
|
||||
.first({ useMasterKey: true })
|
||||
.then(user => {
|
||||
expect(user.get('authData')).toEqual({ ldap: { id: 'testuser' } });
|
||||
expect(user.get('authData').ldap.password).toBeUndefined();
|
||||
done();
|
||||
})
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
it('Should not save the password in the user record after authentication', done => {
|
||||
mockLdapServer(port, 'uid=testuser, o=example', true).then(server => {
|
||||
const options = {
|
||||
suffix: 'o=example',
|
||||
url: `ldap://localhost:${port}`,
|
||||
dn: 'uid={{id}}, o=example',
|
||||
};
|
||||
reconfigureServer({ auth: { ldap: options } }).then(() => {
|
||||
const authData = { authData: { id: 'testuser', password: 'secret' } };
|
||||
Parse.User.logInWith('ldap', authData).then(returnedUser => {
|
||||
const query = new Parse.Query('User');
|
||||
query
|
||||
.equalTo('objectId', returnedUser.id)
|
||||
.first({ useMasterKey: true })
|
||||
.then(user => {
|
||||
expect(user.get('authData')).toEqual({ ldap: { id: 'testuser' } });
|
||||
expect(user.get('authData').ldap.password).toBeUndefined();
|
||||
done();
|
||||
})
|
||||
.catch(done.fail)
|
||||
.finally(() => server.close());
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user