From 9c9d4bf563ee4c1ab04d9646f1def36dfadd78db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Kol=C3=A1rik?= Date: Fri, 30 Aug 2024 20:53:46 +0200 Subject: [PATCH] test: update auth related tests --- migrations/create-tables.js.sql | 118 ++++++++++-------- .../middleware/authenticate.test.ts | 7 ++ test/tests/integration/ratelimit.test.ts | 3 +- test/tests/unit/auth.test.ts | 8 +- 4 files changed, 78 insertions(+), 58 deletions(-) diff --git a/migrations/create-tables.js.sql b/migrations/create-tables.js.sql index e55d49e0..cebcb449 100644 --- a/migrations/create-tables.js.sql +++ b/migrations/create-tables.js.sql @@ -1,58 +1,70 @@ CREATE TABLE IF NOT EXISTS directus_users ( - id CHAR(36), - github_username VARCHAR(255) -); + id CHAR(36) PRIMARY KEY, + github_username VARCHAR(255) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; CREATE TABLE IF NOT EXISTS gp_adopted_probes ( - id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY, - user_created CHAR(36), - date_created TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - user_updated CHAR(36), - date_updated TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - userId VARCHAR(255) NOT NULL, - ip VARCHAR(255) NOT NULL, + id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY, + user_created CHAR(36), + date_created TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + user_updated CHAR(36), + date_updated TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + userId VARCHAR(255) NOT NULL, + ip VARCHAR(255) NOT NULL, altIps LONGTEXT COLLATE utf8mb4_bin DEFAULT '[]' NOT NULL, - uuid VARCHAR(255), - lastSyncDate DATE NOT NULL, - isCustomCity TINYINT(1) DEFAULT 0, - tags LONGTEXT COLLATE utf8mb4_bin DEFAULT '[]' NOT NULL, - status VARCHAR(255) NOT NULL, - isIPv4Supported BOOLEAN, - isIPv6Supported BOOLEAN, - version VARCHAR(255) NOT NULL, - nodeVersion VARCHAR(255) NOT NULL, - hardwareDevice VARCHAR(255) NULL, - country VARCHAR(255) NOT NULL, - city VARCHAR(255), - state VARCHAR(255), - latitude FLOAT(10, 5), - longitude FLOAT(10, 5), - asn INTEGER NOT NULL, - network VARCHAR(255) NOT NULL, - countryOfCustomCity VARCHAR(255) + uuid VARCHAR(255), + lastSyncDate DATE NOT NULL, + isCustomCity TINYINT(1) DEFAULT 0, + tags LONGTEXT COLLATE utf8mb4_bin DEFAULT '[]' NOT NULL, + status VARCHAR(255) NOT NULL, + isIPv4Supported BOOLEAN, + isIPv6Supported BOOLEAN, + version VARCHAR(255) NOT NULL, + nodeVersion VARCHAR(255) NOT NULL, + hardwareDevice VARCHAR(255) NULL, + country VARCHAR(255) NOT NULL, + city VARCHAR(255), + state VARCHAR(255), + latitude FLOAT(10, 5), + longitude FLOAT(10, 5), + asn INTEGER NOT NULL, + network VARCHAR(255) NOT NULL, + countryOfCustomCity VARCHAR(255) ); CREATE TABLE IF NOT EXISTS directus_notifications ( - id CHAR(10), - recipient CHAR(36), - timestamp TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - subject VARCHAR(255), - message TEXT + id CHAR(10), + recipient CHAR(36), + timestamp TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + subject VARCHAR(255), + message TEXT ); -CREATE TABLE IF NOT EXISTS gp_tokens ( - id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY, - user_created CHAR(36), - name VARCHAR(255), - value VARCHAR(255), - origins LONGTEXT, - expire DATE, - date_last_used DATE -); +CREATE TABLE `gp_tokens` ( + `date_created` timestamp NULL DEFAULT NULL, + `date_last_used` date DEFAULT NULL, + `date_updated` timestamp NULL DEFAULT NULL, + `expire` date DEFAULT NULL, + `id` int(10) unsigned NOT NULL AUTO_INCREMENT, + `name` varchar(255) NOT NULL, + `origins` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL DEFAULT '[]' CHECK (json_valid(`origins`)), + `user_created` char(36) DEFAULT NULL, + `user_updated` char(36) DEFAULT NULL, + `value` varchar(255) DEFAULT NULL, + `scopes` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL DEFAULT '[]' CHECK (json_valid(`scopes`)), + `type` varchar(255) DEFAULT 'access_token', + `parent` int(10) unsigned DEFAULT NULL, + PRIMARY KEY (`id`), + UNIQUE KEY `gp_tokens_value_unique` (`value`), + KEY `gp_tokens_user_created_foreign` (`user_created`), + KEY `gp_tokens_user_updated_foreign` (`user_updated`), + KEY `value_index` (`value`), + KEY `gp_tokens_parent_foreign` (`parent`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; CREATE TABLE IF NOT EXISTS gp_credits ( - id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY, - date_created TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY, + date_created TIMESTAMP DEFAULT CURRENT_TIMESTAMP, AMOUNT INT, user_id VARCHAR(36) NOT NULL, CONSTRAINT gp_credits_user_id_unique UNIQUE (user_id), @@ -60,15 +72,15 @@ CREATE TABLE IF NOT EXISTS gp_credits ( ); CREATE TABLE IF NOT EXISTS gp_location_overrides ( - id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY, - user_created CHAR(36), - date_created TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - user_updated CHAR(36), - date_updated TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - ip_range VARCHAR(255) NOT NULL, - city VARCHAR(255) NOT NULL, - state VARCHAR(255), - country VARCHAR(255), + id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY, + user_created CHAR(36), + date_created TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + user_updated CHAR(36), + date_updated TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + ip_range VARCHAR(255) NOT NULL, + city VARCHAR(255) NOT NULL, + state VARCHAR(255), + country VARCHAR(255), latitude FLOAT(10, 5), longitude FLOAT(10, 5) ); diff --git a/test/tests/integration/middleware/authenticate.test.ts b/test/tests/integration/middleware/authenticate.test.ts index ad318c74..6556fa80 100644 --- a/test/tests/integration/middleware/authenticate.test.ts +++ b/test/tests/integration/middleware/authenticate.test.ts @@ -48,6 +48,7 @@ describe('authenticate', () => { it('should accept if valid token was passed', async () => { await client(GP_TOKENS_TABLE).insert({ + name: 'test token', user_created: '89da69bd-a236-4ab7-9c5d-b5f52ce09959', value: '/bSluuDrAPX9zIiZZ/hxEKARwOg+e//EdJgCFpmApbg=', }); @@ -65,6 +66,7 @@ describe('authenticate', () => { it('should accept if origin is correct', async () => { await client(GP_TOKENS_TABLE).insert({ + name: 'test token', user_created: '89da69bd-a236-4ab7-9c5d-b5f52ce09959', value: '/bSluuDrAPX9zIiZZ/hxEKARwOg+e//EdJgCFpmApbg=', origins: JSON.stringify([ 'https://jsdelivr.com' ]), @@ -84,6 +86,7 @@ describe('authenticate', () => { it('should update "date_last_used" field', async () => { await client(GP_TOKENS_TABLE).insert({ + name: 'test token', user_created: '89da69bd-a236-4ab7-9c5d-b5f52ce09959', value: '/bSluuDrAPX9zIiZZ/hxEKARwOg+e//EdJgCFpmApbg=', }); @@ -109,6 +112,7 @@ describe('authenticate', () => { it('should get token from db if it is not synced yet', async () => { await client(GP_TOKENS_TABLE).insert({ + name: 'test token', user_created: '89da69bd-a236-4ab7-9c5d-b5f52ce09959', value: '/bSluuDrAPX9zIiZZ/hxEKARwOg+e//EdJgCFpmApbg=', }); @@ -134,6 +138,7 @@ describe('authenticate', () => { it('should reject if token is expired', async () => { await client(GP_TOKENS_TABLE).insert({ + name: 'test token', user_created: '89da69bd-a236-4ab7-9c5d-b5f52ce09959', value: '/bSluuDrAPX9zIiZZ/hxEKARwOg+e//EdJgCFpmApbg=', expire: new Date('01-01-2024'), @@ -152,6 +157,7 @@ describe('authenticate', () => { it('should reject if previously not synced token is expired', async () => { await client(GP_TOKENS_TABLE).insert({ + name: 'test token', user_created: '89da69bd-a236-4ab7-9c5d-b5f52ce09959', value: '/bSluuDrAPX9zIiZZ/hxEKARwOg+e//EdJgCFpmApbg=', expire: new Date('01-01-2024'), @@ -168,6 +174,7 @@ describe('authenticate', () => { it('should reject if origin is wrong', async () => { await client(GP_TOKENS_TABLE).insert({ + name: 'test token', user_created: '89da69bd-a236-4ab7-9c5d-b5f52ce09959', value: '/bSluuDrAPX9zIiZZ/hxEKARwOg+e//EdJgCFpmApbg=', origins: JSON.stringify([ 'https://jsdelivr.com' ]), diff --git a/test/tests/integration/ratelimit.test.ts b/test/tests/integration/ratelimit.test.ts index 67127003..1ba2a7c6 100644 --- a/test/tests/integration/ratelimit.test.ts +++ b/test/tests/integration/ratelimit.test.ts @@ -38,6 +38,7 @@ describe('rate limiter', () => { await waitForProbesUpdate(); await client(GP_TOKENS_TABLE).insert({ + name: 'test token', user_created: '89da69bd-a236-4ab7-9c5d-b5f52ce09959', value: 'Xj6kuKFEQ6zI60mr+ckHG7yQcIFGMJFzvtK9PBQ69y8=', // token: qz5kdukfcr3vggv3xbujvjwvirkpkkpx }); @@ -56,7 +57,7 @@ describe('rate limiter', () => { describe('headers', () => { it('should NOT include headers (GET)', async () => { - const response = await requestAgent.get('/v1/').send().expect(200) as Response; + const response = await requestAgent.get('/v1/').send().expect(404) as Response; expect(response.headers['x-ratelimit-limit']).to.not.exist; expect(response.headers['x-ratelimit-consumed']).to.not.exist; diff --git a/test/tests/unit/auth.test.ts b/test/tests/unit/auth.test.ts index 1b79648f..abf429c9 100644 --- a/test/tests/unit/auth.test.ts +++ b/test/tests/unit/auth.test.ts @@ -37,7 +37,7 @@ describe('Auth', () => { await clock.tickAsync(60_000); const user1 = await auth.validate('hf2fnprguymlgliirdk7qv23664c2xcr', 'https://jsdelivr.com'); - expect(user1).to.equal('user1'); + expect(user1).to.deep.equal({ userId: 'user1', scopes: [] }); const user2 = await auth.validate('vumzijbzihrskmc2hj34yw22batpibmt', 'https://jsdelivr.com'); expect(user2).to.equal(null); @@ -53,7 +53,7 @@ describe('Auth', () => { const user1afterSync = await auth.validate('hf2fnprguymlgliirdk7qv23664c2xcr', 'https://jsdelivr.com'); expect(user1afterSync).to.equal(null); const user2afterSync = await auth.validate('vumzijbzihrskmc2hj34yw22batpibmt', 'https://jsdelivr.com'); - expect(user2afterSync).to.equal('user2'); + expect(user2afterSync).to.deep.equal({ userId: 'user2', scopes: [] }); auth.unscheduleSync(); }); @@ -72,7 +72,7 @@ describe('Auth', () => { await auth.validate('hf2fnprguymlgliirdk7qv23664c2xcr', 'https://jsdelivr.com'); await auth.validate('hf2fnprguymlgliirdk7qv23664c2xcr', 'https://jsdelivr.com'); - expect(user).to.equal('user1'); + expect(user).to.deep.equal({ userId: 'user1', scopes: [] }); expect(selectStub.callCount).to.equal(1); }); @@ -89,7 +89,7 @@ describe('Auth', () => { await auth.validate('hf2fnprguymlgliirdk7qv23664c2xcr', 'https://jsdelivr.com'); await auth.validate('hf2fnprguymlgliirdk7qv23664c2xcr', 'https://jsdelivr.com'); - expect(user).to.equal('user1'); + expect(user).to.deep.equal({ userId: 'user1', scopes: [] }); expect(selectStub.callCount).to.equal(1); });