sasjs/server
1
0
Fork 0
mirror of https://github.com/sasjs/server.git synced 2026-01-09 07:20:05 +00:00
Code Issues Projects Releases Wiki Activity

test(client): new route /client + specs added

Browse Source
This commit is contained in:
Saad Jutt
2021-11-03 01:35:52 +05:00
parent d7337ce456
commit d6aeb378de
9 changed files with 201 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
routes.rest
View File

@@ -12,13 +12,23 @@ Content-Type: application/json
"username": "username2", "username": "username2",
"password": "some password" "password": "some password"
} }
### ###
POST http://localhost:5000/SASjsApi/auth/authorize POST http://localhost:5000/SASjsApi/client
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRfaWQiOiJjbGllbnRJRDEiLCJ1c2VybmFtZSI6InNlY3JldHVzZXIiLCJpc2FkbWluIjp0cnVlLCJpc2FjdGl2ZSI6dHJ1ZSwiaWF0IjoxNjM1ODAzOTc3LCJleHAiOjE2MzU4OTAzNzd9.f-FLgLwryKvB5XrihdzaGZajO3d5E5OHEEuJI_03GRI
Content-Type: application/json Content-Type: application/json
{ {
"username": "username1", "client_id": "newClientID",
"password": "some password", "client_secret": "newClientSecret"
}
###
POST https://sas.analytium.co.uk:5002/SASjsApi/auth/authorize
Content-Type: application/json
{
"username": "secretuser",
"password": "secretpassword",
"client_id": "clientID1" "client_id": "clientID1"
} }
@@ -34,3 +44,14 @@ Content-Type: application/json
### ###
DELETE http://localhost:5000/SASjsApi/auth/logout DELETE http://localhost:5000/SASjsApi/auth/logout
Users
"username": "username1",
"password": "some password",
"username": "username2",
"password": "some password",
Admins
"username": "secretuser",
"password": "secretpassword",

6
src/controllers/createClient.ts
View File

@@ -1,7 +1,7 @@
import Client from '../model/Client' import Client from '../model/Client'
export const createClient = async (data: any) => { export const createClient = async (data: any) => {
const { clientid, clientsecret } = data const { client_id: clientid, client_secret: clientsecret } = data
// Checking if client is already in the database // Checking if client is already in the database
const clientExist = await Client.findOne({ clientid }) const clientExist = await Client.findOne({ clientid })
@@ -16,7 +16,7 @@ export const createClient = async (data: any) => {
const savedClient = await client.save() const savedClient = await client.save()
return { return {
clientid: savedClient.clientid, client_id: savedClient.clientid,
clientsecret: savedClient.clientsecret client_secret: savedClient.clientsecret
} }
} }

22
src/routes/api/client.ts Normal file
View File

@@ -0,0 +1,22 @@
import express from 'express'
import { createClient } from '../../controllers/createClient'
import { registerClientValidation } from '../../utils'
const clientRouter = express.Router()
clientRouter.post('/', async (req, res) => {
const { error, value: data } = registerClientValidation(req.body)
if (error) return res.status(400).send(error.details[0].message)
try {
const savedClient = await createClient(data)
res.send({
client_id: savedClient.client_id,
client_secret: savedClient.client_secret
})
} catch (err: any) {
res.status(403).send(err.toString())
}
})
export default clientRouter

2
src/routes/api/index.ts
View File

@@ -6,6 +6,7 @@ import { InfoJWT } from '../../types'
import driveRouter from './drive' import driveRouter from './drive'
import stpRouter from './stp' import stpRouter from './stp'
import userRouter from './user' import userRouter from './user'
import clientRouter from './client'
import authRouter, { connectDB } from './auth' import authRouter, { connectDB } from './auth'
dotenv.config() dotenv.config()
@@ -16,6 +17,7 @@ const router = express.Router()
router.use('/drive', authenticateToken, driveRouter) router.use('/drive', authenticateToken, driveRouter)
router.use('/stp', authenticateToken, stpRouter) router.use('/stp', authenticateToken, stpRouter)
router.use('/user', authenticateToken, verifyAdmin, userRouter) router.use('/user', authenticateToken, verifyAdmin, userRouter)
router.use('/client', authenticateToken, verifyAdmin, clientRouter)
router.use('/auth', authRouter) router.use('/auth', authRouter)
function authenticateToken(req: any, res: any, next: any) { function authenticateToken(req: any, res: any, next: any) {

36
src/routes/api/spec/auth.spec.ts
View File

@@ -8,8 +8,8 @@ import { generateAuthCode, populateClients, saveCode } from '../auth'
import { InfoJWT } from '../../../types' import { InfoJWT } from '../../../types'
const client = { const client = {
clientid: 'someclientID', client_id: 'someclientID',
clientsecret: 'someclientSecret' client_secret: 'someclientSecret'
} }
const user = { const user = {
displayname: 'Test User', displayname: 'Test User',
@@ -51,7 +51,7 @@ describe('auth', () => {
.send({ .send({
username: user.username, username: user.username,
password: user.password, password: user.password,
client_id: client.clientid client_id: client.client_id
}) })
.expect(200) .expect(200)
@@ -63,7 +63,7 @@ describe('auth', () => {
.post('/SASjsApi/auth/authorize') .post('/SASjsApi/auth/authorize')
.send({ .send({
password: user.password, password: user.password,
client_id: client.clientid client_id: client.client_id
}) })
.expect(400) .expect(400)
@@ -76,7 +76,7 @@ describe('auth', () => {
.post('/SASjsApi/auth/authorize') .post('/SASjsApi/auth/authorize')
.send({ .send({
username: user.username, username: user.username,
client_id: client.clientid client_id: client.client_id
}) })
.expect(400) .expect(400)
@@ -103,7 +103,7 @@ describe('auth', () => {
.send({ .send({
username: user.username, username: user.username,
password: user.password, password: user.password,
client_id: client.clientid client_id: client.client_id
}) })
.expect(403) .expect(403)
@@ -119,7 +119,7 @@ describe('auth', () => {
.send({ .send({
username: user.username, username: user.username,
password: 'WrongPassword', password: 'WrongPassword',
client_id: client.clientid client_id: client.client_id
}) })
.expect(403) .expect(403)
@@ -146,7 +146,7 @@ describe('auth', () => {
describe('token', () => { describe('token', () => {
const userInfo: InfoJWT = { const userInfo: InfoJWT = {
client_id: client.clientid, client_id: client.client_id,
username: user.username, username: user.username,
isadmin: user.isadmin, isadmin: user.isadmin,
isactive: user.isactive isactive: user.isactive
@@ -166,8 +166,8 @@ describe('auth', () => {
const res = await request(app) const res = await request(app)
.post('/SASjsApi/auth/token') .post('/SASjsApi/auth/token')
.send({ .send({
client_id: client.clientid, client_id: client.client_id,
client_secret: client.clientsecret, client_secret: client.client_secret,
code code
}) })
.expect(200) .expect(200)
@@ -180,8 +180,8 @@ describe('auth', () => {
const res = await request(app) const res = await request(app)
.post('/SASjsApi/auth/token') .post('/SASjsApi/auth/token')
.send({ .send({
client_id: client.clientid, client_id: client.client_id,
client_secret: client.clientsecret client_secret: client.client_secret
}) })
.expect(400) .expect(400)
@@ -195,7 +195,7 @@ describe('auth', () => {
const res = await request(app) const res = await request(app)
.post('/SASjsApi/auth/token') .post('/SASjsApi/auth/token')
.send({ .send({
client_secret: client.clientsecret, client_secret: client.client_secret,
code code
}) })
.expect(400) .expect(400)
@@ -210,7 +210,7 @@ describe('auth', () => {
const res = await request(app) const res = await request(app)
.post('/SASjsApi/auth/token') .post('/SASjsApi/auth/token')
.send({ .send({
client_id: client.clientid, client_id: client.client_id,
code code
}) })
.expect(400) .expect(400)
@@ -223,8 +223,8 @@ describe('auth', () => {
const res = await request(app) const res = await request(app)
.post('/SASjsApi/auth/token') .post('/SASjsApi/auth/token')
.send({ .send({
client_id: client.clientid, client_id: client.client_id,
client_secret: client.clientsecret, client_secret: client.client_secret,
code: 'InvalidCode' code: 'InvalidCode'
}) })
.expect(403) .expect(403)
@@ -239,7 +239,7 @@ describe('auth', () => {
.post('/SASjsApi/auth/token') .post('/SASjsApi/auth/token')
.send({ .send({
client_id: 'WrongClientID', client_id: 'WrongClientID',
client_secret: client.clientsecret, client_secret: client.client_secret,
code code
}) })
.expect(403) .expect(403)
@@ -253,7 +253,7 @@ describe('auth', () => {
const res = await request(app) const res = await request(app)
.post('/SASjsApi/auth/token') .post('/SASjsApi/auth/token')
.send({ .send({
client_id: client.clientid, client_id: client.client_id,
client_secret: 'WrongClientSecret', client_secret: 'WrongClientSecret',
code code
}) })

122
src/routes/api/spec/client.spec.ts Normal file
View File

@@ -0,0 +1,122 @@
import mongoose, { Mongoose } from 'mongoose'
import { MongoMemoryServer } from 'mongodb-memory-server'
import request from 'supertest'
import app from '../../../app'
import { createClient } from '../../../controllers/createClient'
import { generateAccessToken } from '../auth'
const client = {
client_id: 'newClientID',
client_secret: 'newClientSecret'
}
describe('user', () => {
let con: Mongoose
let mongoServer: MongoMemoryServer
beforeAll(async () => {
mongoServer = await MongoMemoryServer.create()
con = await mongoose.connect(mongoServer.getUri())
})
afterAll(async () => {
await con.connection.dropDatabase()
await con.connection.close()
await mongoServer.stop()
})
describe('create', () => {
const adminAccessToken = generateAccessToken({
client_id: 'someClientID',
username: 'someAdminUsername',
isadmin: true,
isactive: true
})
afterEach(async () => {
const collections = mongoose.connection.collections
const collection = collections['clients']
await collection.deleteMany({})
})
it('should respond with new client', async () => {
const res = await request(app)
.post('/SASjsApi/client')
.auth(adminAccessToken, { type: 'bearer' })
.send(client)
.expect(200)
expect(res.body.client_id).toEqual(client.client_id)
expect(res.body.client_secret).toEqual(client.client_secret)
})
it('should respond with Unauthorized if access token is not present', async () => {
const res = await request(app)
.post('/SASjsApi/client')
.send(client)
.expect(401)
expect(res.text).toEqual('Unauthorized')
expect(res.body).toEqual({})
})
it('should respond with Forbideen if access token is not of an admin account', async () => {
const accessToken = generateAccessToken({
client_id: 'someClientID',
username: 'someUsername',
isadmin: false,
isactive: true
})
const res = await request(app)
.post('/SASjsApi/client')
.auth(accessToken, { type: 'bearer' })
.send(client)
.expect(403)
expect(res.text).toEqual('Admin account required')
expect(res.body).toEqual({})
})
it('should respond with Forbidden if client_id is already present', async () => {
await createClient(client)
const res = await request(app)
.post('/SASjsApi/client')
.auth(adminAccessToken, { type: 'bearer' })
.send(client)
.expect(403)
expect(res.text).toEqual('Error: Client ID already exists.')
expect(res.body).toEqual({})
})
it('should respond with Bad Request if client_id is missing', async () => {
const res = await request(app)
.post('/SASjsApi/client')
.auth(adminAccessToken, { type: 'bearer' })
.send({
...client,
client_id: undefined
})
.expect(400)
expect(res.text).toEqual(`"client_id" is required`)
expect(res.body).toEqual({})
})
it('should respond with Bad Request if client_secret is missing', async () => {
const res = await request(app)
.post('/SASjsApi/client')
.auth(adminAccessToken, { type: 'bearer' })
.send({
...client,
client_secret: undefined
})
.expect(400)
expect(res.text).toEqual(`"client_secret" is required`)
expect(res.body).toEqual({})
})
})
})

4
src/routes/api/spec/user.spec.ts
View File

@@ -3,9 +3,7 @@ import { MongoMemoryServer } from 'mongodb-memory-server'
import request from 'supertest' import request from 'supertest'
import app from '../../../app' import app from '../../../app'
import { createUser } from '../../../controllers/createUser' import { createUser } from '../../../controllers/createUser'
import { createClient } from '../../../controllers/createClient' import { generateAccessToken } from '../auth'
import { generateAccessToken, populateClients } from '../auth'
import { InfoJWT } from '../../../types'
const client = { const client = {
clientid: 'someclientID', clientid: 'someclientID',

4
src/routes/api/user.ts
View File

@@ -1,11 +1,11 @@
import express from 'express' import express from 'express'
import { createUser } from '../../controllers/createUser' import { createUser } from '../../controllers/createUser'
import { registerValidation } from '../../utils' import { registerUserValidation } from '../../utils'
const userRouter = express.Router() const userRouter = express.Router()
userRouter.post('/', async (req, res) => { userRouter.post('/', async (req, res) => {
const { error, value: data } = registerValidation(req.body) const { error, value: data } = registerUserValidation(req.body)
if (error) return res.status(400).send(error.details[0].message) if (error) return res.status(400).send(error.details[0].message)
try { try {

8
src/utils/validation.ts
View File

@@ -17,7 +17,7 @@ export const tokenValidation = (data: any): Joi.ValidationResult =>
code: Joi.string().required() code: Joi.string().required()
}).validate(data) }).validate(data)
export const registerValidation = (data: any): Joi.ValidationResult => export const registerUserValidation = (data: any): Joi.ValidationResult =>
Joi.object({ Joi.object({
displayname: Joi.string().min(6).required(), displayname: Joi.string().min(6).required(),
username: usernameSchema, username: usernameSchema,
@@ -25,3 +25,9 @@ export const registerValidation = (data: any): Joi.ValidationResult =>
isadmin: Joi.boolean(), isadmin: Joi.boolean(),
isactive: Joi.boolean() isactive: Joi.boolean()
}).validate(data) }).validate(data)
export const registerClientValidation = (data: any): Joi.ValidationResult =>
Joi.object({
client_id: Joi.string().required(),
client_secret: Joi.string().required()
}).validate(data)