hapi-triton-auth - npm Package Compare versions

Comparing version 2.1.0 to 3.0.0

lib/sso.js

@@ -30,3 +30,3 @@ 'use strict';
         const profile = await this.getProfile(token);
-        state = { token, profile };
+        state = { token, profile: { id: profile.id, login: profile.login } };
         h.state(this._settings.cookieName, state);
@@ -33,0 +33,0 @@ } catch (ex) {

package.json

 {
   "name": "hapi-triton-auth",
-  "version": "2.1.0",
+  "version": "3.0.0",
   "description": "hapi auth plugin for Triton SSO",
@@ -19,3 +19,4 @@ "repository": "git://github.com/joyent/hapi-triton-auth",
     "hapi": "^17.x.x",
-    "lab": "15.x.x"
+    "lab": "15.x.x",
+    "thin-mint": "1.x.x"
   },
@@ -22,0 +23,0 @@ "dependencies": {

test/index.js

 'use strict';
 
 const Path = require('path');
+const Boom = require('boom');
 const Code = require('code');
 const Hapi = require('hapi');
 const Lab = require('lab');
+const ThinMint = require('thin-mint');
 const SSO = require('../');
@@ -33,3 +35,3 @@
 
-it('will protect a route', async () => {
+it('allows access to a route for valid cloudapi accounts', async () => {
   const account = {
@@ -102,2 +104,128 @@ id: 'b89d9dd3-62ce-4f6f-eb0d-f78e57d515d9',
 
+it('prevents access to a route for invalid cloudapi accounts', async () => {
+  const apiServer = Hapi.server();
+  apiServer.route({
+    method: 'GET',
+    path: '/my',
+    handler: function (request, h) {
+      return Boom.unauthorized();
+    }
+  });
+
+  await apiServer.start();
+
+  const sdcServer = Hapi.server();
+  sdcServer.route({
+    method: 'GET',
+    path: '/session',
+    handler: (request, h) => {
+      return { uuid: 'foo' };
+    }
+  });
+  await sdcServer.start();
+
+  const server = Hapi.server();
+  const options = {
+    baseUrl: 'http://localhost',
+    ssoUrl: `http://localhost:${sdcServer.info.port}`,
+    apiBaseUrl: `http://localhost:${apiServer.info.port}`,
+    permissions: { portal: true },
+    keyPath,
+    keyId
+  };
+
+  await server.register({ plugin: SSO, options });
+
+  server.route({
+    method: 'GET',
+    path: '/',
+    config: {
+      auth: 'sso',
+      handler: function (request, h) {
+        return '';
+      }
+    }
+  });
+
+  await server.initialize();
+  const res = await server.inject('/');
+  expect(res.statusCode).to.equal(302);
+  expect(res.headers.location).to.contain('sig=');
+
+  const authRes = await server.inject('/?token=something');
+  expect(authRes.statusCode).to.equal(302);
+  await sdcServer.stop();
+  await apiServer.stop();
+});
+
+it('allows access to a route for a valid sub user', async () => {
+  const account = {
+    id: 'b89d9dd3-62ce-4f6f-eb0d-f78e57d515d9',
+    login: 'barbar',
+    email: 'barbar@example.com',
+    companyName: 'Example Inc',
+    firstName: 'BarBar',
+    lastName: 'Jinks',
+    phone: '123-456-7890',
+    updated: '2015-12-21T11:48:54.884Z',
+    created: '2015-12-21T11:48:54.884Z'
+  };
+
+  const apiServer = Hapi.server();
+  apiServer.route({
+    method: 'GET',
+    path: '/my',
+    handler: function (request, h) {
+      return account;
+    }
+  });
+
+  await apiServer.start();
+
+  const sdcServer = Hapi.server();
+  sdcServer.route({
+    method: 'GET',
+    path: '/session',
+    handler: (request, h) => {
+      return { uuid: 'foo' };
+    }
+  });
+  await sdcServer.start();
+
+  const server = Hapi.server();
+  const options = {
+    baseUrl: 'http://localhost',
+    ssoUrl: `http://localhost:${sdcServer.info.port}`,
+    apiBaseUrl: `http://localhost:${apiServer.info.port}`,
+    permissions: { portal: true },
+    keyPath,
+    keyId
+  };
+
+  await server.register({ plugin: SSO, options });
+
+  server.route({
+    method: 'GET',
+    path: '/',
+    config: {
+      auth: 'sso',
+      handler: function (request, h) {
+        expect(request.auth.credentials.token[0]).to.equal('something');
+        expect(request.auth.credentials.token[1]).to.equal('somethingelse');
+        return request.auth.credentials.profile.id;
+      }
+    }
+  });
+
+  await server.initialize();
+  const res = await server.inject('/');
+  expect(res.statusCode).to.equal(302);
+  expect(res.headers.location).to.contain('sig=');
+
+  const authRes = await server.inject('/?token=something&token=somethingelse');
+  expect(authRes.payload).to.equal(account.id);
+  await sdcServer.stop();
+  await apiServer.stop();
+});
+
 it('will login the local user if in dev mode', async () => {
@@ -309,3 +437,3 @@ const account = {
     cookie: {
-      ttl: 12000   // 2 minutes
+      ttl: 120000   // 2 minutes
     },
@@ -332,3 +460,2 @@ baseUrl: 'http://localhost',
 
-  const expires = new Date(new Date() + 12000).toUTCString();
   await server.initialize();
@@ -339,5 +466,8 @@ const res = await server.inject('/');
   const authRes = await server.inject('/?token=something');
+  const expires = new Date().getTime() + 120000;
   expect(authRes.payload).to.equal(account.id);
-  // ignore the milliseconds and GMT part
-  expect(authRes.headers['set-cookie'][0]).to.contain(`Expires=${expires.substr(0, expires.length - 8)}`);
+  const cookie = new ThinMint(authRes.headers['set-cookie'][0]);
+  const tolerance = 1000; // Allow some tolerance for slow CI machines.
+  expect(Math.abs(cookie.expiration - expires)).to.be.lessThan(tolerance);
+
   await ssoServer.stop();
@@ -344,0 +474,0 @@ await apiServer.stop();

No alert changes

Improved metrics

Total package byte prevSize

40055

increased by8.9%

Lines of code

599

increased by23%

Worsened metrics

Dev dependency count

5

increased by25%

No dependency changes