Exemplo n.º 1
0
    it('relies SAML invalidate call even if access token is presented.', async () => {
      const request = requestFixture({ search: '?SAMLRequest=xxx%20yyy' });

      callWithInternalUser.withArgs('shield.samlInvalidate').resolves({ redirect: null });

      const authenticationResult = await provider.deauthenticate(request, {
        accessToken: 'x-saml-token',
        refreshToken: 'x-saml-refresh-token',
      });

      sinon.assert.calledOnce(callWithInternalUser);
      sinon.assert.calledWithExactly(callWithInternalUser, 'shield.samlInvalidate', {
        body: {
          queryString: 'SAMLRequest=xxx%20yyy',
          acs: 'test-protocol://test-hostname:1234/test-base-path/api/security/v1/saml',
        },
      });

      expect(authenticationResult.redirected()).toBe(true);
      expect(authenticationResult.redirectURL).toBe('/logged_out');
    });
Exemplo n.º 2
0
                promizr.reduceRight(list, reduceTotal, iterator).then(result => {
                    sinon.assert.calledThrice(spy);

                    spy.getCall(0).args[0].should.equal(reduceTotal);
                    spy.getCall(0).args[1].should.equal(list[2]);

                    spy.getCall(1).args[0].should.equal(reduceTotal - list[2]);
                    spy.getCall(1).args[1].should.equal(list[1]);

                    spy.getCall(2).args[0].should.equal(reduceTotal - list[2] - list[1]);
                    spy.getCall(2).args[1].should.equal(list[0]);
                }).then(done, done);
Exemplo n.º 3
0
    it('fails if SAML logout call fails.', async () => {
      const request = requestFixture();
      const accessToken = 'x-saml-token';
      const refreshToken = 'x-saml-refresh-token';

      const failureReason = new Error('Realm is misconfigured!');
      callWithInternalUser.withArgs('shield.samlLogout').rejects(failureReason);

      const authenticationResult = await provider.deauthenticate(request, {
        accessToken,
        refreshToken,
      });

      sinon.assert.calledOnce(callWithInternalUser);
      sinon.assert.calledWithExactly(callWithInternalUser, 'shield.samlLogout', {
        body: { token: accessToken, refresh_token: refreshToken },
      });

      expect(authenticationResult.failed()).toBe(true);
      expect(authenticationResult.error).toBe(failureReason);
    });
Exemplo n.º 4
0
    it('does not handle `authorization` header with unsupported schema even if state contains a valid token.', async () => {
      const request = requestFixture({ headers: { authorization: 'Basic some:credentials' } });

      const authenticationResult = await provider.authenticate(request, {
        accessToken: 'some-valid-token',
        refreshToken: 'some-valid-refresh-token',
      });

      sinon.assert.notCalled(callWithRequest);
      expect(request.headers.authorization).toBe('Basic some:credentials');
      expect(authenticationResult.notHandled()).toBe(true);
    });
Exemplo n.º 5
0
    it('succeeds if only `authorization` header is available.', async () => {
      const request = BasicCredentials.decorateRequest(requestFixture(), 'user', 'password');
      const user = { username: '******' };

      callWithRequest.withArgs(request, 'shield.authenticate').resolves(user);

      const authenticationResult = await provider.authenticate(request);

      expect(authenticationResult.succeeded()).toBe(true);
      expect(authenticationResult.user).toEqual(user);
      sinon.assert.calledOnce(callWithRequest);
    });
Exemplo n.º 6
0
    it('predicates are called with the same context and proper arguments', function () {
        const exampleContext = {some: 'context'},
            structure = {
                key0: sinon.stub().returns(true),
                key1: sinon.stub().returns(true)
            },
            exampleObject = {
                key0: 1,
                key1: 'string'
            };

        const extraArgs = [2, 3];
        const args = [exampleObject, ...extraArgs];
        isValidStructure.call(exampleContext, structure, ...args);
        isValidStructure(structure).call(exampleContext, ...args);

        sinon.assert.calledTwice(structure.key0);
        sinon.assert.calledTwice(structure.key1);

        sinon.assert.alwaysCalledOn(structure.key0, exampleContext);
        sinon.assert.alwaysCalledOn(structure.key1, exampleContext);

        sinon.assert.calledWith(structure.key0, 1, ...extraArgs);
        sinon.assert.calledWith(structure.key1, 'string', ...extraArgs);
    });
Exemplo n.º 7
0
    it('clears session if provider failed to authenticate request with 401 with active session.', async () => {
      const systemAPIRequest = requestFixture({ headers: { xCustomHeader: 'xxx' } });
      const notSystemAPIRequest = requestFixture({ headers: { xCustomHeader: 'yyy' } });

      session.get.withArgs(systemAPIRequest).resolves({
        state: { authorization: 'Basic xxx' },
        provider: 'basic',
      });

      session.get.withArgs(notSystemAPIRequest).resolves({
        state: { authorization: 'Basic yyy' },
        provider: 'basic',
      });

      session.clear.resolves();

      server.plugins.kibana.systemApi.isSystemApiRequest
        .withArgs(systemAPIRequest)
        .returns(true)
        .withArgs(notSystemAPIRequest)
        .returns(false);

      cluster.callWithRequest
        .withArgs(systemAPIRequest)
        .rejects(Boom.unauthorized('token expired'))
        .withArgs(notSystemAPIRequest)
        .rejects(Boom.unauthorized('invalid token'));

      const systemAPIAuthenticationResult = await authenticate(systemAPIRequest);
      expect(systemAPIAuthenticationResult.failed()).toBe(true);

      sinon.assert.calledOnce(session.clear);
      sinon.assert.calledWithExactly(session.clear, systemAPIRequest);

      const notSystemAPIAuthenticationResult = await authenticate(notSystemAPIRequest);
      expect(notSystemAPIAuthenticationResult.failed()).toBe(true);

      sinon.assert.calledTwice(session.clear);
      sinon.assert.calledWithExactly(session.clear, notSystemAPIRequest);
    });
Exemplo n.º 8
0
  it('should not create unnecessary subscriptions with computeds', function() {
    const kObsA = ko.observable("a");
    const kObsB = ko.observable("b");
    const spyA = sinon.spy((a: any) => a);
    const spyB = sinon.spy((a: any) => a);
    const gObsA = computed((use) => spyA(use(kObsA)));
    const gObsB = pureComputed((use) => spyB(use(kObsB)));

    // A computed notices a change immediately.
    assertResetSingleCall(spyA, undefined, "a");
    assert.equal(gObsA.get(), "a");
    kObsA("A");
    assertResetSingleCall(spyA, undefined, "A");
    assert.equal(gObsA.get(), "A");
    sinon.assert.notCalled(spyA);

    // pureComputed notices a change only when looked at.
    sinon.assert.notCalled(spyB);
    assert.equal(gObsB.get(), "b");
    assertResetSingleCall(spyB, undefined, "b");
    kObsB("B");
    sinon.assert.notCalled(spyB);
    assert.equal(gObsB.get(), "B");
    assertResetSingleCall(spyB, undefined, "B");

    // This is the crux of the matter: kObsB does not have a subscription.
    assert.equal(kObsA.getSubscriptionsCount(), 1);
    assert.equal(kObsB.getSubscriptionsCount(), 0);     // pureComputed doesn't subscribe when inactive

    // Now subscribe to both gObs computeds.
    const spyA2 = sinon.spy((a: any) => a);
    const spyB2 = sinon.spy((a: any) => a);
    const lisA = gObsA.addListener(spyA2);
    const lisB = gObsB.addListener(spyB2);
    assertResetSingleCall(spyB, undefined, "B");

    // Now pureComputed acts as computed and subscribes too.
    assert.equal(kObsA.getSubscriptionsCount(), 1);
    assert.equal(kObsB.getSubscriptionsCount(), 1);

    kObsA("aa");
    assertResetSingleCall(spyA, undefined, "aa");
    assertResetSingleCall(spyA2, undefined, "aa", "A");
    kObsB("bb");
    assertResetSingleCall(spyB, undefined, "bb");
    assertResetSingleCall(spyB2, undefined, "bb", "B");

    // When we unsubscribe, count should go back to 0.
    lisA.dispose();
    lisB.dispose();
    assert.equal(kObsA.getSubscriptionsCount(), 1);
    assert.equal(kObsB.getSubscriptionsCount(), 0);

    kObsA("AA");
    assertResetSingleCall(spyA, undefined, "AA");
    sinon.assert.notCalled(spyA2);
    kObsB("bb");
    sinon.assert.notCalled(spyB);
    sinon.assert.notCalled(spyB2);
  });
Exemplo n.º 9
0
  it('should work with nulls', function() {
    let f: Foo|null;
    let g: Foo|null;
    const obs = observable("");
    const comp = computed(obs, (use, val) => val ? Foo.create(use.owner, val) : null);
    f = comp.get();
    assert.strictEqual(f, null);
    sinon.assert.notCalled(fooConstruct);
    sinon.assert.notCalled(fooDispose);

    obs.set("b");     // This should trigger a re-evaluation of comp.
    g = comp.get();
    assertResetSingleCall(fooConstruct, g, "b");
    sinon.assert.notCalled(fooDispose);

    obs.set("");    // Triggers another reevaluation.
    f = comp.get();
    assert.strictEqual(f, null);
    sinon.assert.notCalled(fooConstruct);
    assertResetSingleCall(fooDispose, g);
    assert.isTrue(g && g.isDisposed());

    comp.dispose();
    sinon.assert.notCalled(fooConstruct);
    sinon.assert.notCalled(fooDispose);
  });
Exemplo n.º 10
0
  test('validates various props', () => {
    const validators = {
      a: sinon.stub(),
      b: sinon.stub(),
      c: sinon.stub(),
    };
    docValidator(validators)({ type: 'a', b: 'foo' });

    sinon.assert.notCalled(validators.c);

    expect(validators.a.args).toEqual([[{ type: 'a', b: 'foo' }]]);
    expect(validators.b.args).toEqual([[{ type: 'a', b: 'foo' }]]);
  });