authelia/server/test/ServerConfiguration.test.ts


import Assert = require("assert");
import Sinon = require("sinon");
import nedb = require("nedb");
import express = require("express");
import winston = require("winston");
import speakeasy = require("speakeasy");
import u2f = require("u2f");
import session = require("express-session");

import { AppConfiguration, UserConfiguration } from "../src/lib/configuration/Configuration";
import { GlobalDependencies } from "../types/Dependencies";
import Server from "../src/lib/Server";


describe("test server configuration", function () {
  let deps: GlobalDependencies;
  let sessionMock: Sinon.SinonSpy;

  before(function () {
    sessionMock = Sinon.spy(session);

    deps = {
      speakeasy: speakeasy,
      u2f: u2f,
      nedb: nedb,
      winston: winston,
      ldapjs: {
        createClient: Sinon.spy(function () {
          return {
            on: Sinon.spy(),
            bind: Sinon.spy(),
          };
        })
      },
      session: sessionMock as any,
      ConnectRedis: Sinon.spy(),
      dovehash: Sinon.spy() as any
    };
  });


  it("should set cookie scope to domain set in the config", function () {
    const config: UserConfiguration = {
      session: {
        domain: "example.com",
        secret: "secret"
      },
      ldap: {
        url: "http://ldap",
        user: "user",
        password: "password",
        base_dn: "dc=example,dc=com"
      },
      notifier: {
        email: {
          username: "user@example.com",
          password: "password",
          sender: "test@authelia.com",
          service: "gmail"
        }
      },
      regulation: {
        max_retries: 3,
        ban_time: 5 * 60,
        find_time: 5 * 60
      },
      storage: {
        local: {
          in_memory: true
        }
      }
    };

    const server = new Server(deps);
    server.start(config, deps)
      .then(function () {
        Assert(sessionMock.calledOnce);
        Assert.equal(sessionMock.getCall(0).args[0].cookie.domain, "example.com");
      });
  });
});
Migrate server to typescript 2017-05-17 04:17:46 +07:00
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-17 05:35:34 +07:00			`import Assert = require("assert");`
Open and close ldap client after each operation to avoid issues with idle connections and ECONNRESET exceptions 2017-07-16 22:37:13 +07:00			`import Sinon = require("sinon");`
Migrate server to typescript 2017-05-17 04:17:46 +07:00			`import nedb = require("nedb");`
Move TOTP Validator and Generator to typescript 2017-05-21 00:16:57 +07:00			`import express = require("express");`
			`import winston = require("winston");`
			`import speakeasy = require("speakeasy");`
Refactor client to make it responsive and testable 2017-05-25 20:09:29 +07:00			`import u2f = require("u2f");`
Move TOTP Validator and Generator to typescript 2017-05-21 00:16:57 +07:00			`import session = require("express-session");`
Migrate server to typescript 2017-05-17 04:17:46 +07:00
Split client and server Client and server now have their own tsconfig so that the transpilation is only done on the part that is being modified. It also allows faster transpilation since tests are now excluded from tsconfig. They are compiled by ts-node during unit tests execution. 2017-10-07 05:09:42 +07:00			`import { AppConfiguration, UserConfiguration } from "../src/lib/configuration/Configuration";`
Improve logging format for clarity Previously, logs were not very friendly and it was hard to track a request because of the lack of request ID. Now every log message comes with a header containing: method, path request ID, session ID, IP of the user, date. Moreover, the configurations displayed in the logs have their secrets hidden from this commit. 2017-10-08 05:46:57 +07:00			`import { GlobalDependencies } from "../types/Dependencies";`
Split client and server Client and server now have their own tsconfig so that the transpilation is only done on the part that is being modified. It also allows faster transpilation since tests are now excluded from tsconfig. They are compiled by ts-node during unit tests execution. 2017-10-07 05:09:42 +07:00			`import Server from "../src/lib/Server";`
Migrate server to typescript 2017-05-17 04:17:46 +07:00

			`describe("test server configuration", function () {`
			`let deps: GlobalDependencies;`
Open and close ldap client after each operation to avoid issues with idle connections and ECONNRESET exceptions 2017-07-16 22:37:13 +07:00			`let sessionMock: Sinon.SinonSpy;`
Migrate server to typescript 2017-05-17 04:17:46 +07:00
			`before(function () {`
Open and close ldap client after each operation to avoid issues with idle connections and ECONNRESET exceptions 2017-07-16 22:37:13 +07:00			`sessionMock = Sinon.spy(session);`
Migrate server to typescript 2017-05-17 04:17:46 +07:00
			`deps = {`
			`speakeasy: speakeasy,`
			`u2f: u2f,`
			`nedb: nedb,`
			`winston: winston,`
			`ldapjs: {`
Open and close ldap client after each operation to avoid issues with idle connections and ECONNRESET exceptions 2017-07-16 22:37:13 +07:00			`createClient: Sinon.spy(function () {`
Fix LDAP binding non working on servers with restricted ACL rules and add unit tests 2017-06-15 05:22:16 +07:00			`return {`
Open and close ldap client after each operation to avoid issues with idle connections and ECONNRESET exceptions 2017-07-16 22:37:13 +07:00			`on: Sinon.spy(),`
			`bind: Sinon.spy(),`
Fix LDAP binding non working on servers with restricted ACL rules and add unit tests 2017-06-15 05:22:16 +07:00			`};`
Migrate server to typescript 2017-05-17 04:17:46 +07:00			`})`
			`},`
Add redis option to the express-session middleware 2017-06-30 00:41:05 +07:00			`session: sessionMock as any,`
Open and close ldap client after each operation to avoid issues with idle connections and ECONNRESET exceptions 2017-07-16 22:37:13 +07:00			`ConnectRedis: Sinon.spy(),`
			`dovehash: Sinon.spy() as any`
Migrate server to typescript 2017-05-17 04:17:46 +07:00			`};`
			`});`


			`it("should set cookie scope to domain set in the config", function () {`
Add Mongo as scalable and resilient storage backend 2017-07-20 02:06:12 +07:00			`const config: UserConfiguration = {`
Migrate server to typescript 2017-05-17 04:17:46 +07:00			`session: {`
			`domain: "example.com",`
			`secret: "secret"`
			`},`
			`ldap: {`
			`url: "http://ldap",`
			`user: "user",`
Add Mongo as scalable and resilient storage backend 2017-07-20 02:06:12 +07:00			`password: "password",`
			`base_dn: "dc=example,dc=com"`
Migrate server to typescript 2017-05-17 04:17:46 +07:00			`},`
			`notifier: {`
Less restrictive email handler - replace gmail with generic 2017-10-25 15:28:56 +07:00			`email: {`
Move notifiers to typescript 2017-05-20 14:49:05 +07:00			`username: "user@example.com",`
Specify the sender email in Gmail and Smtp notifier configuration Sender email address can now be specified in configuration and applies to GMail notifier and SMTP notifier. 2017-10-10 05:07:12 +07:00			`password: "password",`
Less restrictive email handler - replace gmail with generic 2017-10-25 15:28:56 +07:00			`sender: "test@authelia.com",`
			`service: "gmail"`
Migrate server to typescript 2017-05-17 04:17:46 +07:00			`}`
Add Mongo as scalable and resilient storage backend 2017-07-20 02:06:12 +07:00			`},`
Parameterize authentication regulation via configuration file. Both for flexibility and for testing purposes. 2017-09-03 06:25:43 +07:00			`regulation: {`
			`max_retries: 3,`
			`ban_time: 5 * 60,`
			`find_time: 5 * 60`
			`},`
Add Mongo as scalable and resilient storage backend 2017-07-20 02:06:12 +07:00			`storage: {`
			`local: {`
			`in_memory: true`
			`}`
Migrate server to typescript 2017-05-17 04:17:46 +07:00			`}`
Add Mongo as scalable and resilient storage backend 2017-07-20 02:06:12 +07:00			`};`
Migrate server to typescript 2017-05-17 04:17:46 +07:00
Improve logging format for clarity Previously, logs were not very friendly and it was hard to track a request because of the lack of request ID. Now every log message comes with a header containing: method, path request ID, session ID, IP of the user, date. Moreover, the configurations displayed in the logs have their secrets hidden from this commit. 2017-10-08 05:46:57 +07:00			`const server = new Server(deps);`
Refactor endpoints to get server variables as input parameters This refactoring aims to ease testability and clean up a lot of soft touchy typings in test code. This is the first step of this refactoring introducing the concept and implementing missing interfaces and stubs. At the end of the day, ServerVariablesHandler should completely disappear and every variable should be injected in the endpoint handler builder itself. 2017-10-17 05:35:34 +07:00			`server.start(config, deps)`
			`.then(function () {`
			`Assert(sessionMock.calledOnce);`
			`Assert.equal(sessionMock.getCall(0).args[0].cookie.domain, "example.com");`
			`});`
Migrate server to typescript 2017-05-17 04:17:46 +07:00			`});`
			`});`