forked from jcs/rubywarden
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathidentity_spec.rb
147 lines (130 loc) · 4.21 KB
/
identity_spec.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
require_relative "spec_helper.rb"
describe "identity module" do
it "should return successful response to account creation" do
post "/api/accounts/register", {
:name => nil,
:email => "[email protected]",
:masterPasswordHash => Bitwarden.hashPassword("asdf",
:masterPasswordHint => nil,
:key => Bitwarden.makeEncKey(
Bitwarden.makeKey("adsf", "[email protected]")
),
}
last_response.status.must_equal 200
end
it "should not allow duplicate signups" do
2.times do |x|
post "/api/accounts/register", {
:name => nil,
:email => "[email protected]",
:masterPasswordHash => Bitwarden.hashPassword("asdf",
:masterPasswordHint => nil,
:key => Bitwarden.makeEncKey(
Bitwarden.makeKey("adsf", "[email protected]")
),
}
if x == 0
last_response.status.must_equal 200
else
last_response.status.wont_equal 200
end
end
end
it "validates required parameters" do
post "/api/accounts/register", {
:name => nil,
:email => "[email protected]",
:masterPasswordHash => "",
:masterPasswordHint => nil,
:key => Bitwarden.makeEncKey(
Bitwarden.makeKey("adsf", "[email protected]")
),
}
last_response.status.wont_equal 200
post "/api/accounts/register", {
:name => nil,
:email => "[email protected]",
:masterPasswordHash => Bitwarden.hashPassword("asdf",
:masterPasswordHint => nil,
:key => "junk",
}
last_response.status.wont_equal 200
end
it "actually creates the user account and allows logging in" do
post "/api/accounts/register", {
:name => nil,
:email => "[email protected]",
:masterPasswordHash => Bitwarden.hashPassword("asdf",
:masterPasswordHint => nil,
:key => Bitwarden.makeEncKey(
Bitwarden.makeKey("adsf", "[email protected]")
),
}
last_response.status.must_equal 200
(u = User.find_by_email("[email protected]")).wont_be_nil
u.uuid.wont_be_nil
u.password_hash.must_equal "PGC1vNJZUL3z5wTKAgpXsODf6KzIPcr0XCzTplceXQU="
post "/identity/connect/token", {
:grant_type => "password",
:username => "[email protected]",
:password => Bitwarden.hashPassword("asdf", "[email protected]"),
:scope => "api offline_access",
:client_id => "browser",
:deviceType => 3,
:deviceIdentifier => SecureRandom.uuid,
:deviceName => "firefox",
:devicePushToken => ""
}
last_response.status.must_equal 200
(access_token = last_json_response["access_token"]).wont_be_nil
get "/api/sync", {}, {
"HTTP_AUTHORIZATION" => "Bearer #{access_token}",
}
last_response.status.must_equal 200
end
it "enforces token validity period" do
post "/api/accounts/register", {
:name => nil,
:email => "[email protected]",
:masterPasswordHash => Bitwarden.hashPassword("asdf",
:masterPasswordHint => nil,
:key => Bitwarden.makeEncKey(
Bitwarden.makeKey("adsf", "[email protected]")
),
}
last_response.status.must_equal 200
post "/identity/connect/token", {
:grant_type => "password",
:username => "[email protected]",
:password => Bitwarden.hashPassword("asdf", "[email protected]"),
:scope => "api offline_access",
:client_id => "browser",
:deviceType => 3,
:deviceIdentifier => SecureRandom.uuid,
:deviceName => "firefox",
:devicePushToken => ""
}
access_token = last_json_response["access_token"]
get "/api/sync", {}, {
"HTTP_AUTHORIZATION" => "Bearer #{access_token}",
}
last_response.status.must_equal 200
d = Device.find_by_access_token(access_token)
d.regenerate_tokens!(1)
d.save
get "/api/sync", {}, {
"HTTP_AUTHORIZATION" => "Bearer #{d.access_token}",
}
last_response.status.must_equal 200
sleep 2
get "/api/sync", {}, {
"HTTP_AUTHORIZATION" => "Bearer #{d.access_token}",
}
last_response.status.wont_equal 200
end
end