authelia/test/suites/Standalone/scenarii/BackendProtection.ts

51 lines
2.7 KiB
TypeScript
Raw Normal View History

import { POST_Expect403, GET_Expect403 } from "../../../helpers/utils/Requests";
2019-02-10 05:20:37 +07:00
export default function() {
// POST
it('should return 403 error when posting to https://login.example.com:8080/api/secondfactor/totp', async function() {
await POST_Expect403('https://login.example.com:8080/api/secondfactor/totp', { token: 'MALICIOUS_TOKEN' });
2019-02-10 05:20:37 +07:00
});
it('should return 403 error when posting to https://login.example.com:8080/api/secondfactor/u2f/sign', async function() {
await POST_Expect403('https://login.example.com:8080/api/secondfactor/u2f/sign');
2019-02-10 05:20:37 +07:00
});
it('should return 403 error when posting to https://login.example.com:8080/api/secondfactor/u2f/register', async function() {
await POST_Expect403('https://login.example.com:8080/api/secondfactor/u2f/register');
2019-02-10 05:20:37 +07:00
});
it('should return 403 error on GET to https://login.example.com:8080/api/secondfactor/u2f/sign_request', async function() {
await POST_Expect403('https://login.example.com:8080/api/secondfactor/u2f/sign_request');
});
it('should return 403 error when posting to https://login.example.com:8080/api/secondfactor/preferences', async function() {
await POST_Expect403('https://login.example.com:8080/api/secondfactor/preferences');
2019-02-10 05:20:37 +07:00
});
it('should return 403 error on GET to https://login.example.com:8080/api/secondfactor/preferences', async function() {
await GET_Expect403('https://login.example.com:8080/api/secondfactor/preferences');
});
it('should return 403 error on GET to https://login.example.com:8080/api/secondfactor/available', async function() {
await GET_Expect403('https://login.example.com:8080/api/secondfactor/available');
2019-02-10 05:20:37 +07:00
});
describe('Identity validation endpoints blocked to unauthenticated users', function() {
it('should return 403 error on POST to https://login.example.com:8080/api/secondfactor/u2f/identity/start', async function() {
await POST_Expect403('https://login.example.com:8080/api/secondfactor/u2f/identity/start');
2019-02-10 05:20:37 +07:00
});
it('should return 403 error on POST to https://login.example.com:8080/api/secondfactor/u2f/identity/finish', async function() {
await POST_Expect403('https://login.example.com:8080/api/secondfactor/u2f/identity/finish');
2019-02-10 05:20:37 +07:00
});
it('should return 403 error on POST to https://login.example.com:8080/api/secondfactor/totp/identity/start', async function() {
await POST_Expect403('https://login.example.com:8080/api/secondfactor/totp/identity/start');
2019-02-10 05:20:37 +07:00
});
it('should return 403 error on POST to https://login.example.com:8080/api/secondfactor/totp/identity/finish', async function() {
await POST_Expect403('https://login.example.com:8080/api/secondfactor/totp/identity/finish');
2019-02-10 05:20:37 +07:00
});
});
}