it('opens authentication page', function () {
dbx = new DropboxBase({ clientId: 'CLIENT_ID' });
var redirect_url = 'https://www.dropbox.com/1/oauth2/redirect_receiver';
var url = dbx.getAuthenticationUrl(redirect_url);
var browser = {
addEventListener: sinon.spy(),
removeEventListener: sinon.spy(),
};
global.window = {
open: function(url, target) {},
};
var windowMock = sinon.mock(global.window);
windowMock.expects('open')
.withArgs(url, '_blank')
.returns(browser);
var successCallback = sinon.spy();
var errorCallback = sinon.spy();
dbx.authenticateWithCordova(
successCallback,
errorCallback);
sinon.assert.neverCalledWith(successCallback);
sinon.assert.neverCalledWith(errorCallback);
windowMock.verify();
});
it('registers and unregisters events', function () {
dbx = new DropboxBase({ clientId: 'CLIENT_ID' });
var browser = {
addEventListener: sinon.spy(),
removeEventListener: sinon.spy()
};
global.window = {
open: sinon.stub()
};
global.window.open
.returns(browser);
var successCallback = sinon.spy();
var errorCallback = sinon.spy();
dbx.authenticateWithCordova(
successCallback,
errorCallback
);
sinon.assert.calledWith(browser.addEventListener, 'loaderror');
sinon.assert.calledWith(browser.addEventListener, 'loadstop');
sinon.assert.calledWith(browser.addEventListener, 'exit');
var onExit = browser.addEventListener.getCall(2).args[1];
onExit({ });
sinon.assert.calledWith(browser.removeEventListener, 'loaderror');
sinon.assert.calledWith(browser.removeEventListener, 'loadstop');
sinon.assert.calledWith(browser.removeEventListener, 'exit');
sinon.assert.neverCalledWith(successCallback);
sinon.assert.neverCalledWith(errorCallback);
});
it('should log a warning if SSL is not configured', function () {
config.get.withArgs('xpack.security.encryptionKey').returns(validKey);
config.get.withArgs('xpack.security.secureCookies').returns(false);
expect(() => validateConfig(config, log)).not.to.throwError();
sinon.assert.neverCalledWith(config.set, 'xpack.security.encryptionKey');
sinon.assert.neverCalledWith(config.set, 'xpack.security.secureCookies');
sinon.assert.calledWithMatch(log, /Session cookies will be transmitted over insecure connections/);
});
it('should log a warning if SSL is not configured yet secure cookies are being used', function () {
config.get.withArgs('xpack.security.encryptionKey').returns(validKey);
config.get.withArgs('xpack.security.secureCookies').returns(true);
expect(() => validateConfig(config, log)).not.to.throwError();
sinon.assert.neverCalledWith(config.set, 'xpack.security.encryptionKey');
sinon.assert.neverCalledWith(config.set, 'xpack.security.secureCookies');
sinon.assert.calledWithMatch(log, /SSL must be configured outside of Kibana/);
});
it('logs license status changes.', async () => {
sinon.assert.calledWithExactly(
mockServer.log,
['license', 'info', 'xpack'],
sinon.match('Imported license information from Elasticsearch for the [data] cluster: ' +
'mode: gold | status: active | expiry date: '
)
);
mockServer.log.resetHistory();
await xPackInfo.refreshNow();
// Response is still the same, so nothing should be logged.
sinon.assert.neverCalledWith(mockServer.log, ['license', 'info', 'xpack']);
// Change mode/status of the license and the change should be logged.
mockElasticsearchCluster.callWithInternalUser.returns(
getMockXPackInfoAPIResponse({ status: 'expired', mode: 'platinum' })
);
await xPackInfo.refreshNow();
sinon.assert.calledWithExactly(
mockServer.log,
['license', 'info', 'xpack'],
sinon.match('Imported changed license information from Elasticsearch for the [data] cluster: ' +
'mode: platinum | status: expired | expiry date: '
)
);
});
it('calls the error callback when authentication failed', function () {
dbx = new DropboxBase({ clientId: 'CLIENT_ID' });
var redirect_url = 'https://www.dropbox.com/1/oauth2/redirect_receiver';
var browser = {
addEventListener: sinon.spy(),
removeEventListener: sinon.spy(),
close: sinon.spy()
};
global.window = {
open: sinon.stub(),
setTimeout: sinon.spy()
};
global.window.open
.returns(browser);
var successCallback = sinon.spy();
var errorCallback = sinon.spy();
dbx.authenticateWithCordova(
successCallback,
errorCallback
);
var onLoadStop = browser.addEventListener.getCall(1).args[1];
onLoadStop({ url: redirect_url + '#error_description=ERROR_DESCRIPTION&error=ERROR_TYPE' });
var timeOut = global.window.setTimeout.getCall(0).args[0];
timeOut();
sinon.assert.called(browser.close);
sinon.assert.neverCalledWith(successCallback);
sinon.assert.calledWith(errorCallback);
});
it('calls error callback when loading the autentication page failed', function () {
dbx = new DropboxBase({ clientId: 'CLIENT_ID' });
var browser = {
addEventListener: sinon.spy(),
removeEventListener: sinon.spy(),
close: sinon.spy()
};
global.window = {
open: sinon.stub(),
setTimeout: sinon.spy()
};
global.window.open
.returns(browser);
var successCallback = sinon.spy();
var errorCallback = sinon.spy();
dbx.authenticateWithCordova(
successCallback,
errorCallback
);
var onLoadError = browser.addEventListener.getCall(0).args[1];
onLoadError({});
var timeOut = global.window.setTimeout.getCall(0).args[0];
timeOut();
sinon.assert.called(browser.close);
sinon.assert.neverCalledWith(successCallback);
sinon.assert.calledWith(errorCallback);
});
it('triggers readyToRun event on .send()', () => {
const job = new Job(pool);
sinon.spy(job, 'emit');
job.run(noop);
sinon.assert.neverCalledWith(job.emit, 'readyToRun');
job.send();
sinon.assert.calledWith(job.emit, 'readyToRun');
});
it('should set xpack.security.secureCookies if SSL is configured', function () {
config.get.withArgs('server.ssl.key').returns('foo');
config.get.withArgs('server.ssl.certificate').returns('bar');
config.get.withArgs('xpack.security.encryptionKey').returns(validKey);
expect(() => validateConfig(config, log)).not.to.throwError();
sinon.assert.neverCalledWith(config.set, 'xpack.security.encryptionKey');
sinon.assert.calledWith(config.set, 'xpack.security.secureCookies', true);
sinon.assert.notCalled(log);
});
it(`returns user data and doesn't log deprecation warning if checkPrivileges result is unauthorized.`, async () => {
const user = { username: '******' };
authenticateStub.returns(
Promise.resolve(AuthenticationResult.succeeded(user))
);
const checkPrivilegesStub = sinon.stub().returns({ result: CHECK_PRIVILEGES_RESULT.UNAUTHORIZED });
checkPrivilegesWithRequestStub.returns(checkPrivilegesStub);
await loginRoute.handler(request, replyStub);
sinon.assert.calledWithExactly(checkPrivilegesWithRequestStub, request);
sinon.assert.calledWithExactly(checkPrivilegesStub, [serverStub.plugins.security.authorization.actions.login]);
sinon.assert.neverCalledWith(serverStub.log, ['warning', 'deprecated', 'security'], getDeprecationMessage(user.username));
sinon.assert.notCalled(replyStub);
sinon.assert.calledOnce(replyStub.continue);
sinon.assert.calledWithExactly(replyStub.continue, { credentials: user });
});
it('fails if token from the state is rejected because of unknown reason.', async () => {
const request = requestFixture();
const failureReason = new Error('Token is not valid!');
callWithRequest
.withArgs(request, 'shield.authenticate')
.returns(Promise.reject(failureReason));
const authenticationResult = await provider.authenticate(request, {
accessToken: 'some-invalid-token',
refreshToken: 'some-invalid-refresh-token'
});
expect(request.headers).to.not.have.property('authorization');
expect(authenticationResult.failed()).to.be(true);
expect(authenticationResult.error).to.be(failureReason);
sinon.assert.neverCalledWith(callWithRequest, 'shield.samlRefreshAccessToken');
});
it('should not log a normal payload', sinon.test(function() {
var spy = sinon.spy();
xhr.onCreate = spy;
var payload = {
key1: 'value1',
key2: 'value2'
};
segment.normalize = function() { return payload; };
segment.enqueue('/i', {});
sinon.assert.neverCalledWith(segment.debug, 'message must be less than 32kb %O', payload);
assert(spy.calledOnce);
var req = spy.getCall(0).args[0];
assert.strictEqual(JSON.parse(req.requestBody).key1, 'value1');
assert.strictEqual(JSON.parse(req.requestBody).key2, 'value2');
}));
it('calls the success callback with the access token as a parameter', function () {
dbx = new DropboxBase({ clientId: 'CLIENT_ID' });
var redirect_url = 'https://www.dropbox.com/1/oauth2/redirect_receiver';
var browser = {
addEventListener: sinon.spy(),
removeEventListener: sinon.spy(),
close: sinon.spy()
};
global.window = {
open: sinon.stub(),
setTimeout: sinon.spy()
};
global.window.open
.returns(browser);
var successCallback = sinon.spy();
var errorCallback = sinon.spy();
dbx.authenticateWithCordova(
successCallback,
errorCallback
);
var onLoadStop = browser.addEventListener.getCall(1).args[1];
var ACCESS_TOKEN = 'ACCESS_TOKEN';
onLoadStop({ url: redirect_url + '#access_token=' + ACCESS_TOKEN + '&token_type=TOKEN_TYPE' });
var timeOut = global.window.setTimeout.getCall(0).args[0];
timeOut();
sinon.assert.called(browser.close);
sinon.assert.calledWithExactly(successCallback, ACCESS_TOKEN);
sinon.assert.neverCalledWith(errorCallback);
});
clientHandler.getClients(clientExpression).forEach((client) => {
if (had) sinon.assert.calledWith(client.connectionStateChanged, state)
else sinon.assert.neverCalledWith(client.connectionStateChanged, state)
})
noticeBoard.postNotice(MOCK_TYPE, {}, function(err, notice) {
sinon.assert.neverCalledWith(noticeBoard.emit, 'newNotice/test_type');
done();
});
.fail(function() {
sinon.assert.neverCalledWith(spy, sinon.match({browserId: 'browser'}));
});
noticeBoard.deleteNotice(MOCK_NOTICEID, function(err) {
sinon.assert.neverCalledWith(noticeBoard.emit, 'newNotice/test');
done();
});