it('redirects to the home page if new SAML Response is for the same user.', async () => {
const request = requestFixture({ payload: { SAMLResponse: 'saml-response-xml' } });
const user = { username: '******', authentication_realm: { name: 'saml1' } };
callWithRequest.withArgs(request, 'shield.authenticate').resolves(user);
callWithInternalUser
.withArgs('shield.samlAuthenticate')
.resolves({ access_token: 'new-valid-token', refresh_token: 'new-valid-refresh-token' });
const deleteAccessTokenStub = callWithInternalUser
.withArgs('shield.deleteAccessToken')
.resolves({ invalidated_tokens: 1 });
const authenticationResult = await provider.authenticate(request, {
accessToken: 'existing-valid-token',
refreshToken: 'existing-valid-refresh-token',
});
sinon.assert.calledWithExactly(callWithInternalUser, 'shield.samlAuthenticate', {
body: { ids: [], content: 'saml-response-xml' },
});
sinon.assert.calledTwice(deleteAccessTokenStub);
sinon.assert.calledWithExactly(deleteAccessTokenStub, 'shield.deleteAccessToken', {
body: { token: 'existing-valid-token' },
});
sinon.assert.calledWithExactly(deleteAccessTokenStub, 'shield.deleteAccessToken', {
body: { refresh_token: 'existing-valid-refresh-token' },
});
expect(authenticationResult.redirected()).toBe(true);
expect(authenticationResult.redirectURL).toBe('/test-base-path/');
});
it('redirects to /login with optional search parameters if tokens are deleted successfully', async () => {
const request = requestFixture({ search: '?yep' });
const accessToken = 'foo';
const refreshToken = 'bar';
callWithInternalUser
.withArgs('shield.deleteAccessToken', { body: { token: accessToken } })
.returns({ created: true });
callWithInternalUser
.withArgs('shield.deleteAccessToken', { body: { refresh_token: refreshToken } })
.returns({ created: true });
const authenticationResult = await provider.deauthenticate(request, {
accessToken,
refreshToken,
});
sinon.assert.calledTwice(callWithInternalUser);
sinon.assert.calledWithExactly(callWithInternalUser, 'shield.deleteAccessToken', {
body: { token: accessToken },
});
sinon.assert.calledWithExactly(callWithInternalUser, 'shield.deleteAccessToken', {
body: { refresh_token: refreshToken },
});
expect(authenticationResult.redirected()).toBe(true);
expect(authenticationResult.redirectURL).toBe('/base-path/login?yep');
});
promizr.findSeries(list, iterator).then(e => {
sinon.assert.calledOnce(spy);
sinon.assert.calledWithExactly(spy, list[0]);
sinon.assert.calledOnce(iterator);
sinon.assert.calledWithExactly(iterator, list[0], 0, list);
}).then(done, done);
promizr.every(stopList, iterator).then(e => {
sinon.assert.calledOnce(spy);
sinon.assert.calledWithExactly(spy, stopList[1]);
sinon.assert.calledThrice(iterator);
sinon.assert.calledWithExactly(iterator, stopList[0], 0, stopList);
sinon.assert.calledWithExactly(iterator, stopList[1], 1, stopList);
sinon.assert.calledWithExactly(iterator, stopList[2], 2, stopList);
}).then(done, done);
promizr.eachSeries(list, iterator).catch<void>(e => {
e.should.equal(err);
sinon.assert.calledOnce(spy);
sinon.assert.calledWithExactly(spy, list[0]);
sinon.assert.calledTwice(iterator);
sinon.assert.calledWithExactly(iterator, list[0], 0, list);
sinon.assert.calledWithExactly(iterator, list[1], 1, list);
}).then(done, done);
promizr.reduceRight(list, reduceTotal, iterator).catch<void>(e => {
e.should.equal(err);
sinon.assert.calledOnce(spy);
sinon.assert.calledWithExactly(spy, reduceTotal, list[2]);
sinon.assert.calledTwice(iterator);
sinon.assert.calledWithExactly(iterator, reduceTotal, list[2]);
sinon.assert.calledWithExactly(iterator, reduceTotal - list[2], list[1]);
}).then(done, done);
promizr.concat(stopList, iterator).catch<void>(e => {
e.should.equal(err);
sinon.assert.calledOnce(spy);
sinon.assert.calledWithExactly(spy, stopList[1]);
sinon.assert.calledThrice(iterator);
sinon.assert.calledWithExactly(iterator, stopList[0], 0, stopList);
sinon.assert.calledWithExactly(iterator, stopList[1], 1, stopList);
sinon.assert.calledWithExactly(iterator, stopList[2], 2, stopList);
}).then(done, done);
.then(() => {
stubActionUserUpsert.restore();
response.redirect;
Sinon.assert.calledOnce(stubActionUserUpsert);
Sinon.assert.calledWithExactly(stubActionUserUpsert, googleUser);
request.session.user.should.be.equals(mongoUser);
request.session.access_token.should.be.equals(token);
Chai.assert.isUndefined(application.accessTokens[userId]);
Sinon.assert.calledOnce(response.redirect);
Sinon.assert.calledWithExactly(response.redirect, "/");
});
it('should allow reusing drivers for many apps', function(done) {
const sandbox = sinon.createSandbox();
const spy1 = sandbox.spy();
const spy2 = sandbox.spy();
type NiceSources = {
other: Stream<string>;
};
type NiceSinks = {
other: Stream<string>;
};
function app1(sources: NiceSources): NiceSinks {
return {
other: sources.other.mapTo('a').debug(spy1),
};
}
function app2(sources: NiceSources): NiceSinks {
return {
other: sources.other.mapTo('x').debug(spy2),
};
}
let sinkCompleted = 0;
function driver(sink: Stream<string>) {
sink.addListener({
complete: () => {
sinkCompleted++;
done(
new Error('complete should not be called before engine is before')
);
},
});
return xs.of('b');
}
const engine = setupReusable({other: driver});
const dispose1 = engine.run(app1(engine.sources));
sinon.assert.calledOnce(spy1);
sinon.assert.calledWithExactly(spy1, 'a');
sandbox.restore();
dispose1();
const dispose2 = engine.run(app2(engine.sources));
sinon.assert.calledOnce(spy2);
sinon.assert.calledWithExactly(spy2, 'x');
dispose2();
assert.strictEqual(sinkCompleted, 0);
done();
});
it("check main flow", () => {
const application = new App.Application();
const request: any = {
logout: Sinon.stub(),
session: {
access_token: "Access Token",
destroy: Sinon.stub().callsFake((callback: () => any) => callback()),
},
};
const response = {
redirect: Sinon.stub(),
};
const stubHttpsGet = Sinon.stub(Https, "get").callsFake((params, callback) => {
params.should.be.deep.equals({
host: "accounts.google.com",
method: "GET",
path: "/o/oauth2/logout?token=" + request.session.access_token,
protocol: "https:",
});
callback(null);
});
application.passportLogout(request, response);
stubHttpsGet.restore();
Sinon.assert.calledOnce(request.session.destroy);
Sinon.assert.calledOnce(request.logout);
Sinon.assert.calledOnce(response.redirect);
Sinon.assert.calledWithExactly(response.redirect, "/");
});
