From c7fa15cfa34d1566050619b701864c5b04d18cbb Mon Sep 17 00:00:00 2001 From: Clement Michaud Date: Sun, 14 May 2017 16:59:53 +0200 Subject: [PATCH 1/2] Remove base url from endpoint urls --- src/lib/setup_endpoints.js | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/src/lib/setup_endpoints.js b/src/lib/setup_endpoints.js index 8eb50763..fe81d87c 100644 --- a/src/lib/setup_endpoints.js +++ b/src/lib/setup_endpoints.js @@ -5,8 +5,6 @@ var routes = require('./routes'); var identity_check = require('./identity_check'); function setup_endpoints(app) { - var base_endpoint = '/authentication'; - /** * @apiDefine UserSession * @apiHeader {String} Cookie Cookie containing 'connect.sid', the user @@ -52,7 +50,7 @@ function setup_endpoints(app) { * @apiDescription Create a user session and serve the login page along with * a cookie. */ - app.get (base_endpoint + '/login', routes.login); + app.get ('/login', routes.login); /** * @api {get} /authentication/logout Server logout page @@ -65,7 +63,7 @@ function setup_endpoints(app) { * * @apiDescription Deauthenticate the user and redirect him. */ - app.get (base_endpoint + '/logout', routes.logout); + app.get ('/logout', routes.logout); /** * @api {post} /authentication/totp-register Request TOTP registration @@ -87,7 +85,7 @@ function setup_endpoints(app) { * @apiDescription Serves the TOTP registration page that displays the secret. * The secret is a QRCode and a base32 secret. */ - identity_check(app, base_endpoint + '/totp-register', routes.totp_register.icheck_interface); + identity_check(app, '/totp-register', routes.totp_register.icheck_interface); /** @@ -109,7 +107,7 @@ function setup_endpoints(app) { * @apiDescription Serves the U2F registration page that asks the user to * touch the token of the U2F device. */ - identity_check(app, base_endpoint + '/u2f-register', routes.u2f_register.icheck_interface); + identity_check(app, '/u2f-register', routes.u2f_register.icheck_interface); /** * @api {post} /authentication/reset-password Request for password reset @@ -130,9 +128,9 @@ function setup_endpoints(app) { * @apiDescription Serves password reset form that allow the user to provide * the new password. */ - identity_check(app, base_endpoint + '/reset-password', routes.reset_password.icheck_interface); + identity_check(app, '/reset-password', routes.reset_password.icheck_interface); - app.get (base_endpoint + '/reset-password-form', function(req, res) { res.render('reset-password-form'); }); + app.get ('/reset-password-form', function(req, res) { res.render('reset-password-form'); }); /** * @api {post} /authentication/new-password Set LDAP password @@ -145,7 +143,7 @@ function setup_endpoints(app) { * * @apiDescription Set a new password for the user. */ - app.post (base_endpoint + '/new-password', routes.reset_password.post); + app.post ('/new-password', routes.reset_password.post); /** * @api {post} /authentication/new-totp-secret Generate TOTP secret @@ -164,7 +162,7 @@ function setup_endpoints(app) { * * @apiDescription Generate a new TOTP secret and returns it. */ - app.post (base_endpoint + '/new-totp-secret', routes.totp_register.post); + app.post ('/new-totp-secret', routes.totp_register.post); /** * @api {get} /authentication/verify Verify user authentication @@ -179,7 +177,7 @@ function setup_endpoints(app) { * @apiDescription Verify that the user is authenticated, i.e., the two * factors have been validated */ - app.get (base_endpoint + '/verify', routes.verify); + app.get ('/verify', routes.verify); /** * @api {post} /authentication/1stfactor LDAP authentication @@ -199,7 +197,7 @@ function setup_endpoints(app) { * * @apiDescription Verify credentials against the LDAP. */ - app.post (base_endpoint + '/1stfactor', routes.first_factor); + app.post ('/1stfactor', routes.first_factor); /** * @api {post} /authentication/2ndfactor/totp TOTP authentication @@ -216,7 +214,7 @@ function setup_endpoints(app) { * * @apiDescription Verify TOTP token. The user is authenticated upon success. */ - app.post (base_endpoint + '/2ndfactor/totp', routes.second_factor.totp); + app.post ('/2ndfactor/totp', routes.second_factor.totp); /** * @api {get} /authentication/2ndfactor/u2f/sign_request U2F Start authentication @@ -231,7 +229,7 @@ function setup_endpoints(app) { * * @apiDescription Initiate an authentication request using a U2F device. */ - app.get (base_endpoint + '/2ndfactor/u2f/sign_request', routes.second_factor.u2f.sign_request); + app.get ('/2ndfactor/u2f/sign_request', routes.second_factor.u2f.sign_request); /** * @api {post} /authentication/2ndfactor/u2f/sign U2F Complete authentication @@ -246,7 +244,7 @@ function setup_endpoints(app) { * * @apiDescription Complete authentication request of the U2F device. */ - app.post (base_endpoint + '/2ndfactor/u2f/sign', routes.second_factor.u2f.sign); + app.post ('/2ndfactor/u2f/sign', routes.second_factor.u2f.sign); /** * @api {get} /authentication/2ndfactor/u2f/register_request U2F Start device registration @@ -261,7 +259,7 @@ function setup_endpoints(app) { * * @apiDescription Initiate a U2F device registration request. */ - app.get (base_endpoint + '/2ndfactor/u2f/register_request', routes.second_factor.u2f.register_request); + app.get ('/2ndfactor/u2f/register_request', routes.second_factor.u2f.register_request); /** * @api {post} /authentication/2ndfactor/u2f/register U2F Complete device registration @@ -277,6 +275,6 @@ function setup_endpoints(app) { * * @apiDescription Complete U2F registration request. */ - app.post (base_endpoint + '/2ndfactor/u2f/register', routes.second_factor.u2f.register); + app.post ('/2ndfactor/u2f/register', routes.second_factor.u2f.register); } From 6d24e82835d31f25e8f12e59183fa3bb40650e37 Mon Sep 17 00:00:00 2001 From: Clement Michaud Date: Sun, 14 May 2017 17:34:51 +0200 Subject: [PATCH 2/2] Remove '/authentication/' base path from endpoint URLs --- .travis.yml | 10 +++++++ example/nginx_conf/index.html | 5 +--- example/nginx_conf/nginx.conf | 21 ++++++------- src/lib/setup_endpoints.js | 34 ++++++++++----------- src/public_html/js/login.js | 14 ++++----- src/public_html/js/reset-password-form.js | 4 +-- src/public_html/js/reset-password.js | 4 +-- src/public_html/js/totp-register.js | 4 +-- src/public_html/js/u2f-register.js | 6 ++-- test/integration/test_server.js | 35 ++++++++++++++++++---- test/unitary/requests.js | 34 ++++++++++----------- test/unitary/test_server.js | 36 +++++++++++------------ 12 files changed, 119 insertions(+), 88 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0bb282dd..b1d4832f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -8,6 +8,15 @@ addons: apt: packages: - libgif-dev + hosts: + - auth.test.local + - home.test.local + - secret.test.local + - secret1.test.local + - secret2.test.local + - mx1.mail.test.local + - mx2.mail.test.local + before_install: npm install -g npm@'>=2.13.5' script: - npm test @@ -16,6 +25,7 @@ script: - docker-compose up -d - sleep 5 - ./scripts/check_services.sh +- npm run int-test after_success: - if [ "$TRAVIS_BRANCH" == "master" ]; then diff --git a/example/nginx_conf/index.html b/example/nginx_conf/index.html index 6eb9a534..c4e32c65 100644 --- a/example/nginx_conf/index.html +++ b/example/nginx_conf/index.html @@ -27,7 +27,7 @@ - You can also log off by visiting the following link. + You can also log off by visiting the following link.

List of users

Here is the list of credentials you can log in with to test access control. @@ -46,7 +46,6 @@
  • home.test.local
  • -
  • Groups policy
    • admin @@ -62,7 +61,6 @@
  • -
  • Users policy
    • harry @@ -78,6 +76,5 @@
  • - diff --git a/example/nginx_conf/nginx.conf b/example/nginx_conf/nginx.conf index 4cce9207..fc666447 100644 --- a/example/nginx_conf/nginx.conf +++ b/example/nginx_conf/nginx.conf @@ -32,26 +32,26 @@ http { error_page 401 = @error401; location @error401 { - return 302 https://auth.test.local:8080/authentication/login?redirect=$scheme://$http_host$request_uri; + return 302 https://auth.test.local:8080/login?redirect=$scheme://$http_host$request_uri; } - location /authentication/ { + location / { proxy_set_header X-Original-URI $request_uri; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; - proxy_pass http://auth/authentication/; + proxy_pass http://auth/; } - location /authentication/js/ { + location /js/ { proxy_pass http://auth/js/; } - location /authentication/img/ { + location /img/ { proxy_pass http://auth/img/; } - location /authentication/css/ { + location /css/ { proxy_pass http://auth/css/; } } @@ -70,19 +70,20 @@ http { error_page 401 = @error401; location @error401 { - return 302 https://auth.test.local:8080/authentication/login?redirect=$scheme://$http_host$request_uri; + return 302 https://auth.test.local:8080/login?redirect=$scheme://$http_host$request_uri; } - location /authentication/verify { + location /auth_verify { + internal; proxy_set_header X-Original-URI $request_uri; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; - proxy_pass http://auth/authentication/verify; + proxy_pass http://auth/verify; } location = /secret.html { - auth_request /authentication/verify; + auth_request /auth_verify; auth_request_set $user $upstream_http_x_remote_user; proxy_set_header X-Forwarded-User $user; diff --git a/src/lib/setup_endpoints.js b/src/lib/setup_endpoints.js index fe81d87c..efbed844 100644 --- a/src/lib/setup_endpoints.js +++ b/src/lib/setup_endpoints.js @@ -39,7 +39,7 @@ function setup_endpoints(app) { */ /** - * @api {get} /authentication/login Serve login page + * @api {get} /login Serve login page * @apiName Login * @apiGroup Pages * @apiVersion 1.0.0 @@ -53,7 +53,7 @@ function setup_endpoints(app) { app.get ('/login', routes.login); /** - * @api {get} /authentication/logout Server logout page + * @api {get} /logout Server logout page * @apiName Logout * @apiGroup Pages * @apiVersion 1.0.0 @@ -66,7 +66,7 @@ function setup_endpoints(app) { app.get ('/logout', routes.logout); /** - * @api {post} /authentication/totp-register Request TOTP registration + * @api {post} /totp-register Request TOTP registration * @apiName RequestTOTPRegistration * @apiGroup Registration * @apiVersion 1.0.0 @@ -74,7 +74,7 @@ function setup_endpoints(app) { * @apiUse IdentityValidationPost */ /** - * @api {get} /authentication/totp-register Serve TOTP registration page + * @api {get} /totp-register Serve TOTP registration page * @apiName ServeTOTPRegistrationPage * @apiGroup Registration * @apiVersion 1.0.0 @@ -89,7 +89,7 @@ function setup_endpoints(app) { /** - * @api {post} /authentication/u2f-register Request U2F registration + * @api {post} /u2f-register Request U2F registration * @apiName RequestU2FRegistration * @apiGroup Registration * @apiVersion 1.0.0 @@ -97,7 +97,7 @@ function setup_endpoints(app) { * @apiUse IdentityValidationPost */ /** - * @api {get} /authentication/u2f-register Serve U2F registration page + * @api {get} /u2f-register Serve U2F registration page * @apiName ServeU2FRegistrationPage * @apiGroup Pages * @apiVersion 1.0.0 @@ -110,7 +110,7 @@ function setup_endpoints(app) { identity_check(app, '/u2f-register', routes.u2f_register.icheck_interface); /** - * @api {post} /authentication/reset-password Request for password reset + * @api {post} /reset-password Request for password reset * @apiName RequestPasswordReset * @apiGroup Registration * @apiVersion 1.0.0 @@ -118,7 +118,7 @@ function setup_endpoints(app) { * @apiUse IdentityValidationPost */ /** - * @api {get} /authentication/reset-password Serve password reset form. + * @api {get} /reset-password Serve password reset form. * @apiName ServePasswordResetForm * @apiGroup Pages * @apiVersion 1.0.0 @@ -133,7 +133,7 @@ function setup_endpoints(app) { app.get ('/reset-password-form', function(req, res) { res.render('reset-password-form'); }); /** - * @api {post} /authentication/new-password Set LDAP password + * @api {post} /new-password Set LDAP password * @apiName SetLDAPPassword * @apiGroup Registration * @apiVersion 1.0.0 @@ -146,7 +146,7 @@ function setup_endpoints(app) { app.post ('/new-password', routes.reset_password.post); /** - * @api {post} /authentication/new-totp-secret Generate TOTP secret + * @api {post} /new-totp-secret Generate TOTP secret * @apiName GenerateTOTPSecret * @apiGroup Registration * @apiVersion 1.0.0 @@ -165,7 +165,7 @@ function setup_endpoints(app) { app.post ('/new-totp-secret', routes.totp_register.post); /** - * @api {get} /authentication/verify Verify user authentication + * @api {get} /verify Verify user authentication * @apiName VerifyAuthentication * @apiGroup Verification * @apiVersion 1.0.0 @@ -180,7 +180,7 @@ function setup_endpoints(app) { app.get ('/verify', routes.verify); /** - * @api {post} /authentication/1stfactor LDAP authentication + * @api {post} /1stfactor LDAP authentication * @apiName ValidateFirstFactor * @apiGroup Authentication * @apiVersion 1.0.0 @@ -200,7 +200,7 @@ function setup_endpoints(app) { app.post ('/1stfactor', routes.first_factor); /** - * @api {post} /authentication/2ndfactor/totp TOTP authentication + * @api {post} /2ndfactor/totp TOTP authentication * @apiName ValidateTOTPSecondFactor * @apiGroup Authentication * @apiVersion 1.0.0 @@ -217,7 +217,7 @@ function setup_endpoints(app) { app.post ('/2ndfactor/totp', routes.second_factor.totp); /** - * @api {get} /authentication/2ndfactor/u2f/sign_request U2F Start authentication + * @api {get} /2ndfactor/u2f/sign_request U2F Start authentication * @apiName StartU2FAuthentication * @apiGroup Authentication * @apiVersion 1.0.0 @@ -232,7 +232,7 @@ function setup_endpoints(app) { app.get ('/2ndfactor/u2f/sign_request', routes.second_factor.u2f.sign_request); /** - * @api {post} /authentication/2ndfactor/u2f/sign U2F Complete authentication + * @api {post} /2ndfactor/u2f/sign U2F Complete authentication * @apiName CompleteU2FAuthentication * @apiGroup Authentication * @apiVersion 1.0.0 @@ -247,7 +247,7 @@ function setup_endpoints(app) { app.post ('/2ndfactor/u2f/sign', routes.second_factor.u2f.sign); /** - * @api {get} /authentication/2ndfactor/u2f/register_request U2F Start device registration + * @api {get} /2ndfactor/u2f/register_request U2F Start device registration * @apiName StartU2FRegistration * @apiGroup Registration * @apiVersion 1.0.0 @@ -262,7 +262,7 @@ function setup_endpoints(app) { app.get ('/2ndfactor/u2f/register_request', routes.second_factor.u2f.register_request); /** - * @api {post} /authentication/2ndfactor/u2f/register U2F Complete device registration + * @api {post} /2ndfactor/u2f/register U2F Complete device registration * @apiName CompleteU2FRegistration * @apiGroup Registration * @apiVersion 1.0.0 diff --git a/src/public_html/js/login.js b/src/public_html/js/login.js index 5da20d41..d43ff222 100644 --- a/src/public_html/js/login.js +++ b/src/public_html/js/login.js @@ -36,7 +36,7 @@ function onLoginButtonClicked() { } function onResetPasswordButtonClicked() { - var r = '/authentication/reset-password-form'; + var r = '/reset-password-form'; window.location.replace(r); } @@ -54,7 +54,7 @@ function onTotpSignButtonClicked() { function onTotpRegisterButtonClicked() { $.ajax({ type: 'POST', - url: '/authentication/totp-register', + url: '/totp-register', data: JSON.stringify({ redirect: get_redirect_param() }), @@ -92,7 +92,7 @@ function onU2fRegistrationButtonClicked() { function askForU2fRegistration(fn) { $.ajax({ type: 'POST', - url: '/authentication/u2f-register', + url: '/u2f-register', data: JSON.stringify({ redirect: get_redirect_param() }), @@ -124,7 +124,7 @@ function finishU2fAuthentication(url, responseData, fn) { } function startU2fAuthentication(fn, timeout) { - $.get('/authentication/2ndfactor/u2f/sign_request', {}, null, 'json') + $.get('/2ndfactor/u2f/sign_request', {}, null, 'json') .done(function(signResponse) { var registeredKeys = signResponse.registeredKeys; $.notify('Please touch the token', 'info'); @@ -137,7 +137,7 @@ function startU2fAuthentication(fn, timeout) { if (response.errorCode) { fn(response); } else { - finishU2fAuthentication('/authentication/2ndfactor/u2f/sign', response, fn); + finishU2fAuthentication('/2ndfactor/u2f/sign', response, fn); } }, timeout @@ -149,7 +149,7 @@ function startU2fAuthentication(fn, timeout) { } function validateSecondFactorTotp(token, fn) { - $.post('/authentication/2ndfactor/totp', { + $.post('/2ndfactor/totp', { token: token, }) .done(function() { @@ -161,7 +161,7 @@ function validateSecondFactorTotp(token, fn) { } function validateFirstFactor(username, password, fn) { - $.post('/authentication/1stfactor', { + $.post('/1stfactor', { username: username, password: password, }) diff --git a/src/public_html/js/reset-password-form.js b/src/public_html/js/reset-password-form.js index f73a0eb2..80cd1d78 100644 --- a/src/public_html/js/reset-password-form.js +++ b/src/public_html/js/reset-password-form.js @@ -21,13 +21,13 @@ function onResetPasswordButtonClicked() { return; } - $.post('/authentication/reset-password', { + $.post('/reset-password', { userid: username, }) .done(function() { $.notify('An email has been sent. Click on the link to change your password', 'success'); setTimeout(function() { - window.location.replace('/authentication/login'); + window.location.replace('/login'); }, 1000); }) .fail(function() { diff --git a/src/public_html/js/reset-password.js b/src/public_html/js/reset-password.js index 85520c64..3adbea35 100644 --- a/src/public_html/js/reset-password.js +++ b/src/public_html/js/reset-password.js @@ -27,12 +27,12 @@ function onResetPasswordButtonClicked() { return; } - $.post('/authentication/new-password', { + $.post('/new-password', { password: password1, }) .done(function() { $.notify('Your password has been changed. Please login again', 'success'); - window.location.replace('/authentication/login'); + window.location.replace('/login'); }) .fail(function() { $.notify('An error occurred during password change.', 'warn'); diff --git a/src/public_html/js/totp-register.js b/src/public_html/js/totp-register.js index ca89aac9..3495aaf1 100644 --- a/src/public_html/js/totp-register.js +++ b/src/public_html/js/totp-register.js @@ -6,7 +6,7 @@ location.search.replace(/[?&]+([^=&]+)=([^&]*)/gi,function(s,k,v){params[k]=v}); function generateSecret(fn) { $.ajax({ type: 'POST', - url: '/authentication/new-totp-secret', + url: '/new-totp-secret', contentType: 'application/json', dataType: 'json', }) @@ -26,7 +26,7 @@ function onSecretGenerated(err, secret) { } function redirect() { - var redirect_uri = '/authentication/login'; + var redirect_uri = '/login'; if('redirect' in params) { redirect_uri = params['redirect']; } diff --git a/src/public_html/js/u2f-register.js b/src/public_html/js/u2f-register.js index 53614bf6..55e408ee 100644 --- a/src/public_html/js/u2f-register.js +++ b/src/public_html/js/u2f-register.js @@ -20,7 +20,7 @@ function finishRegister(url, responseData, fn) { } function startRegister(fn, timeout) { - $.get('/authentication/2ndfactor/u2f/register_request', {}, null, 'json') + $.get('/2ndfactor/u2f/register_request', {}, null, 'json') .done(function(startRegisterResponse) { u2f.register( startRegisterResponse.appId, @@ -30,7 +30,7 @@ function startRegister(fn, timeout) { if (response.errorCode) { fn(response.errorCode); } else { - finishRegister('/authentication/2ndfactor/u2f/register', response, fn); + finishRegister('/2ndfactor/u2f/register', response, fn); } }, timeout @@ -39,7 +39,7 @@ function startRegister(fn, timeout) { } function redirect() { - var redirect_uri = '/authentication/login'; + var redirect_uri = '/login'; if('redirect' in params) { redirect_uri = params['redirect']; } diff --git a/test/integration/test_server.js b/test/integration/test_server.js index bdfad745..d9134287 100644 --- a/test/integration/test_server.js +++ b/test/integration/test_server.js @@ -14,8 +14,13 @@ var AUTHELIA_HOST = 'nginx'; var DOMAIN = 'test.local'; var PORT = 8080; -var BASE_URL = util.format('https://%s.%s:%d', 'home', DOMAIN, PORT); -var BASE_AUTH_URL = util.format('https://%s.%s:%d/authentication', 'auth', DOMAIN, PORT); +var HOME_URL = util.format('https://%s.%s:%d', 'home', DOMAIN, PORT); +var SECRET_URL = util.format('https://%s.%s:%d', 'secret', DOMAIN, PORT); +var SECRET1_URL = util.format('https://%s.%s:%d', 'secret1', DOMAIN, PORT); +var SECRET2_URL = util.format('https://%s.%s:%d', 'secret2', DOMAIN, PORT); +var MX1_URL = util.format('https://%s.%s:%d', 'mx1.mail', DOMAIN, PORT); +var MX2_URL = util.format('https://%s.%s:%d', 'mx2.mail', DOMAIN, PORT); +var BASE_AUTH_URL = util.format('https://%s.%s:%d', 'auth', DOMAIN, PORT); describe('test the server', function() { var home_page; @@ -34,6 +39,24 @@ describe('test the server', function() { login_page_promise]); }); + function str_contains(str, pattern) { + return str.indexOf(pattern) != -1; + } + + function home_page_contains(pattern) { + return str_contains(home_page, pattern); + } + + it('should serve a correct home page', function() { + assert(home_page_contains(BASE_AUTH_URL + '/logout?redirect=' + HOME_URL + '/')); + assert(home_page_contains(HOME_URL + '/secret.html')); + assert(home_page_contains(SECRET_URL + '/secret.html')); + assert(home_page_contains(SECRET1_URL + '/secret.html')); + assert(home_page_contains(SECRET2_URL + '/secret.html')); + assert(home_page_contains(MX1_URL + '/secret.html')); + assert(home_page_contains(MX2_URL + '/secret.html')); + }); + it('should serve the login page', function(done) { getPromised(BASE_AUTH_URL + '/login?redirect=/') .then(function(data) { @@ -43,7 +66,7 @@ describe('test the server', function() { }); it('should serve the homepage', function(done) { - getPromised(BASE_URL + '/') + getPromised(HOME_URL + '/') .then(function(data) { assert.equal(data.statusCode, 200); done(); @@ -51,7 +74,7 @@ describe('test the server', function() { }); it('should redirect when logout', function(done) { - getPromised(BASE_AUTH_URL + '/logout?redirect=' + BASE_URL) + getPromised(BASE_AUTH_URL + '/logout?redirect=' + HOME_URL) .then(function(data) { assert.equal(data.statusCode, 200); assert.equal(data.body, home_page); @@ -60,7 +83,7 @@ describe('test the server', function() { }); it('should be redirected to the login page when accessing secret while not authenticated', function(done) { - var url = BASE_URL + '/secret.html'; + var url = HOME_URL + '/secret.html'; // console.log(url); getPromised(url) .then(function(data) { @@ -125,7 +148,7 @@ function postPromised(url, body) { } function getHomePage() { - return getPromised(BASE_URL + '/'); + return getPromised(HOME_URL + '/'); } function getLoginPage() { diff --git a/test/unitary/requests.js b/test/unitary/requests.js index 3b2b79f4..f66b16e4 100644 --- a/test/unitary/requests.js +++ b/test/unitary/requests.js @@ -9,7 +9,7 @@ module.exports = function(port) { function execute_reset_password(jar, transporter, user, new_password) { return request.postAsync({ - url: BASE_URL + '/authentication/reset-password', + url: BASE_URL + '/reset-password', jar: jar, form: { userid: user } }) @@ -20,14 +20,14 @@ module.exports = function(port) { var token = regexp.exec(html_content)[1]; // console.log(html_content, token); return request.getAsync({ - url: BASE_URL + '/authentication/reset-password?identity_token=' + token, + url: BASE_URL + '/reset-password?identity_token=' + token, jar: jar }) }) .then(function(res) { assert.equal(res.statusCode, 200); return request.postAsync({ - url: BASE_URL + '/authentication/new-password', + url: BASE_URL + '/new-password', jar: jar, form: { password: new_password @@ -38,7 +38,7 @@ module.exports = function(port) { function execute_register_totp(jar, transporter) { return request.postAsync({ - url: BASE_URL + '/authentication/totp-register', + url: BASE_URL + '/totp-register', jar: jar }) .then(function(res) { @@ -48,14 +48,14 @@ module.exports = function(port) { var token = regexp.exec(html_content)[1]; // console.log(html_content, token); return request.getAsync({ - url: BASE_URL + '/authentication/totp-register?identity_token=' + token, + url: BASE_URL + '/totp-register?identity_token=' + token, jar: jar }) }) .then(function(res) { assert.equal(res.statusCode, 200); return request.postAsync({ - url : BASE_URL + '/authentication/new-totp-secret', + url : BASE_URL + '/new-totp-secret', jar: jar, }) }) @@ -69,7 +69,7 @@ module.exports = function(port) { function execute_totp(jar, token) { return request.postAsync({ - url: BASE_URL + '/authentication/2ndfactor/totp', + url: BASE_URL + '/2ndfactor/totp', jar: jar, form: { token: token @@ -79,13 +79,13 @@ module.exports = function(port) { function execute_u2f_authentication(jar) { return request.getAsync({ - url: BASE_URL + '/authentication/2ndfactor/u2f/sign_request', + url: BASE_URL + '/2ndfactor/u2f/sign_request', jar: jar }) .then(function(res) { assert.equal(res.statusCode, 200); return request.postAsync({ - url: BASE_URL + '/authentication/2ndfactor/u2f/sign', + url: BASE_URL + '/2ndfactor/u2f/sign', jar: jar, form: { } @@ -94,16 +94,16 @@ module.exports = function(port) { } function execute_verification(jar) { - return request.getAsync({ url: BASE_URL + '/authentication/verify', jar: jar }) + return request.getAsync({ url: BASE_URL + '/verify', jar: jar }) } function execute_login(jar) { - return request.getAsync({ url: BASE_URL + '/authentication/login', jar: jar }) + return request.getAsync({ url: BASE_URL + '/login', jar: jar }) } function execute_u2f_registration(jar, transporter) { return request.postAsync({ - url: BASE_URL + '/authentication/u2f-register', + url: BASE_URL + '/u2f-register', jar: jar }) .then(function(res) { @@ -113,21 +113,21 @@ module.exports = function(port) { var token = regexp.exec(html_content)[1]; // console.log(html_content, token); return request.getAsync({ - url: BASE_URL + '/authentication/u2f-register?identity_token=' + token, + url: BASE_URL + '/u2f-register?identity_token=' + token, jar: jar }) }) .then(function(res) { assert.equal(res.statusCode, 200); return request.getAsync({ - url: BASE_URL + '/authentication/2ndfactor/u2f/register_request', + url: BASE_URL + '/2ndfactor/u2f/register_request', jar: jar, }); }) .then(function(res) { assert.equal(res.statusCode, 200); return request.postAsync({ - url: BASE_URL + '/authentication/2ndfactor/u2f/register', + url: BASE_URL + '/2ndfactor/u2f/register', jar: jar, form: { s: 'test' @@ -138,7 +138,7 @@ module.exports = function(port) { function execute_first_factor(jar) { return request.postAsync({ - url: BASE_URL + '/authentication/1stfactor', + url: BASE_URL + '/1stfactor', jar: jar, form: { username: 'test_ok', @@ -149,7 +149,7 @@ module.exports = function(port) { function execute_failing_first_factor(jar) { return request.postAsync({ - url: BASE_URL + '/authentication/1stfactor', + url: BASE_URL + '/1stfactor', jar: jar, form: { username: 'test_nok', diff --git a/test/unitary/test_server.js b/test/unitary/test_server.js index 33bf25c9..3a94d7aa 100644 --- a/test/unitary/test_server.js +++ b/test/unitary/test_server.js @@ -164,32 +164,32 @@ describe('test the server', function() { return Promise.all([p1, p2]);   } - it('should block /authentication/new-password', function() { - return should_post_and_reply_with_403(BASE_URL + '/authentication/new-password') + it('should block /new-password', function() { + return should_post_and_reply_with_403(BASE_URL + '/new-password') }); - it('should block /authentication/u2f-register', function() { - return should_get_and_post_reply_with_403(BASE_URL + '/authentication/u2f-register'); + it('should block /u2f-register', function() { + return should_get_and_post_reply_with_403(BASE_URL + '/u2f-register'); }); - it('should block /authentication/reset-password', function() { - return should_get_and_post_reply_with_403(BASE_URL + '/authentication/reset-password'); + it('should block /reset-password', function() { + return should_get_and_post_reply_with_403(BASE_URL + '/reset-password'); }); - it('should block /authentication/2ndfactor/u2f/register_request', function() { - return should_get_and_reply_with_403(BASE_URL + '/authentication/2ndfactor/u2f/register_request'); + it('should block /2ndfactor/u2f/register_request', function() { + return should_get_and_reply_with_403(BASE_URL + '/2ndfactor/u2f/register_request'); }); - it('should block /authentication/2ndfactor/u2f/register', function() { - return should_post_and_reply_with_403(BASE_URL + '/authentication/2ndfactor/u2f/register'); + it('should block /2ndfactor/u2f/register', function() { + return should_post_and_reply_with_403(BASE_URL + '/2ndfactor/u2f/register'); }); - it('should block /authentication/2ndfactor/u2f/sign_request', function() { - return should_get_and_reply_with_403(BASE_URL + '/authentication/2ndfactor/u2f/sign_request'); + it('should block /2ndfactor/u2f/sign_request', function() { + return should_get_and_reply_with_403(BASE_URL + '/2ndfactor/u2f/sign_request'); }); - it('should block /authentication/2ndfactor/u2f/sign', function() { - return should_post_and_reply_with_403(BASE_URL + '/authentication/2ndfactor/u2f/sign'); + it('should block /2ndfactor/u2f/sign', function() { + return should_post_and_reply_with_403(BASE_URL + '/2ndfactor/u2f/sign'); }); }); @@ -201,7 +201,7 @@ describe('test the server', function() { function test_reset_password_form() { it('should serve the reset password form page', function(done) { - request.getAsync(BASE_URL + '/authentication/reset-password-form') + request.getAsync(BASE_URL + '/reset-password-form') .then(function(response) { assert.equal(response.statusCode, 200); done(); @@ -211,7 +211,7 @@ describe('test the server', function() { function test_login() { it('should serve the login page', function(done) { - request.getAsync(BASE_URL + '/authentication/login') + request.getAsync(BASE_URL + '/login') .then(function(response) { assert.equal(response.statusCode, 200); done(); @@ -221,7 +221,7 @@ describe('test the server', function() { function test_logout() { it('should logout and redirect to /', function(done) { - request.getAsync(BASE_URL + '/authentication/logout') + request.getAsync(BASE_URL + '/logout') .then(function(response) { assert.equal(response.req.path, '/'); done(); @@ -231,7 +231,7 @@ describe('test the server', function() { function test_authentication() { it('should return status code 401 when user is not authenticated', function() { - return request.getAsync({ url: BASE_URL + '/authentication/verify' }) + return request.getAsync({ url: BASE_URL + '/verify' }) .then(function(response) { assert.equal(response.statusCode, 401); return Promise.resolve();