var sinon = require('sinon'); var identity_check = require('../../src/lib/identity_check'); var exceptions = require('../../src/lib/exceptions'); var assert = require('assert'); var winston = require('winston'); var Promise = require('bluebird'); describe('test identity check process', function() { var req, res, app, icheck_interface; var user_data_store; var email_sender; beforeEach(function() { req = {}; res = {}; app = {}; icheck_interface = {}; icheck_interface.pre_check_callback = sinon.stub(); user_data_store = {}; user_data_store.issue_identity_check_token = sinon.stub(); user_data_store.issue_identity_check_token.returns(Promise.resolve()); user_data_store.consume_identity_check_token = sinon.stub(); user_data_store.consume_identity_check_token.returns(Promise.resolve({ userid: 'user' })); email_sender = {}; email_sender.send = sinon.stub(); email_sender.send = sinon.stub().returns(Promise.resolve()); req.headers = {}; req.session = {}; req.session.auth_session = {}; req.query = {}; req.app = {}; req.app.get = sinon.stub(); req.app.get.withArgs('logger').returns(winston); req.app.get.withArgs('user data store').returns(user_data_store); req.app.get.withArgs('email sender').returns(email_sender); res.status = sinon.spy(); res.send = sinon.spy(); res.redirect = sinon.spy(); res.render = sinon.spy(); app.get = sinon.spy(); app.post = sinon.spy(); }); it('should register a POST and GET endpoint', function() { var app = {}; app.get = sinon.spy(); app.post = sinon.spy(); var endpoint = '/test'; var icheck_interface = {}; identity_check(app, endpoint, icheck_interface); assert(app.get.calledOnce); assert(app.get.calledWith(endpoint)); assert(app.post.calledOnce); assert(app.post.calledWith(endpoint)); }); describe('test POST', test_post_handler); describe('test GET', test_get_handler); function test_post_handler() { it('should send 403 if pre check rejects', function(done) { var endpoint = '/protected'; icheck_interface.pre_check_callback.returns(Promise.reject('No access')); identity_check(app, endpoint, icheck_interface); res.send = sinon.spy(function() { assert.equal(res.status.getCall(0).args[0], 403); done(); }); var handler = app.post.getCall(0).args[1]; handler(req, res); }); it('should send 400 if email is missing in provided identity', function(done) { var endpoint = '/protected'; var identity = { userid: 'abc' }; icheck_interface.pre_check_callback.returns(Promise.resolve(identity)); identity_check(app, endpoint, icheck_interface); res.send = sinon.spy(function() { assert.equal(res.status.getCall(0).args[0], 400); done(); }); var handler = app.post.getCall(0).args[1]; handler(req, res); }); it('should send 400 if userid is missing in provided identity', function(done) { var endpoint = '/protected'; var identity = { email: 'abc@example.com' }; icheck_interface.pre_check_callback.returns(Promise.resolve(identity)); identity_check(app, endpoint, icheck_interface); res.send = sinon.spy(function() { assert.equal(res.status.getCall(0).args[0], 400); done(); }); var handler = app.post.getCall(0).args[1]; handler(req, res); }); it('should issue a token, send an email and return 204', function(done) { var endpoint = '/protected'; var identity = { userid: 'user', email: 'abc@example.com' }; req.headers.host = 'localhost'; req.headers['x-original-uri'] = '/auth/test'; icheck_interface.pre_check_callback.returns(Promise.resolve(identity)); identity_check(app, endpoint, icheck_interface); res.send = sinon.spy(function() { assert.equal(res.status.getCall(0).args[0], 204); assert(email_sender.send.calledOnce); assert(user_data_store.issue_identity_check_token.calledOnce); assert.equal(user_data_store.issue_identity_check_token.getCall(0).args[0], 'user'); assert.equal(user_data_store.issue_identity_check_token.getCall(0).args[3], 240000); assert(email_sender.send.getCall(0).args[2].startsWith('