mirror of
https://github.com/directus/directus.git
synced 2026-02-04 08:45:11 -05:00
00865fbd84
* Refactor storage logic to testable setup * Add tests to get storage config * Add tests for register drivers * Tests for index * Organize imports * Add missing getStorage * Setup boilerplate for cloudinary drive * Add build script * Add cloudinary configuration * WIP tweaks for R&D * Start storage abstraction v2 * Make storage manager single file * Add test coverage * Organize imports * Setup local driver boilerplate * [WIP] Start on local driver 2.0 * Add more methods * Lunchtime * Add put method * Add list method * [WIP] Try using storage in api * Use node16 module-resolution * Lets not mess with apply-query rn * I love CJS. Death to CJS. * Use dynamic imports * Make things work * Add path normalizer * Add azure storage driver * Update lock * Start on tests * Add getBuffer test * Add getStat tests * Add tests for exists * Add tests for move * Add tests for copy * Add tests for put * Add tests for delete * Add test coverage for list * Add removeLeading option to normalizePath * Use removeLeading option * Start on gcs * Add fullpath test * Add getStream * Add getBuffer * Add getStat * Add exists * Add move * Add copy * Add put * Add delete * Finish DriverGCS * Cleanup tests a bit * Start s3 * Add getStream * Add getBuffer * Please Wryn * Add #exists * Use randomize data * No more hardcoded values 🙅♀️ * Add tests for copy * Add tests for put * Add put/copy/delete * Add tests for delete * WIP list * Remove duplicate fullPath check * Finish AWS tests * Listen to wryn * Mission critical tweak * Add randomization, cleanup tests * Check src vs dest full path * Start on Cloudinary * Add parameter signature helper * Fix ESM building of shared * Fix ESM building of shared * Improve tests * Update pnpm * Remove old build commands * Generated d.ts files * Fix export naming * Move ESM only utils to new @directus/utils * Update lockfile * Fix type exports * Implement getStream * Cleanup tests * Simplify api * Simplify API * Simplify api * Simplify API * Add read/stat * Cleanup / add exists * Add move * Add write * Move uploadChunk to separate method * Add test for #uploadChunk * Add tests for write * Add copy * Add delete * Add list * Add list error handling * Remove old drive packages * Start updating API usage of storage * Use Readable instead of NodeJS.ReadableStream * Use readable instead of buffer * Restore shared to main * Update lockfile * Use a streaming pipeline for sharp metadata * Add basic e2e test for local upload and delete * Fix integer filesize in SQLite * fixed environment mocking in unit tests * applied the same env mocking to other tests * Update api/src/storage/register-drivers.ts Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch> * Use sha256 by default * Add base read test for /assets * Replace exifr with exif-reader * Fix tests for storage/index * Install faking lib for tests * Add test for register-drivers * Add tests for register-locations * Finish tests * Organize imports * Resolve Azris comments * Fix outdated tests Certainly not the cleanest, but I need to do a bigger pass on all these tests to get them up to date with the latest team requirements. Gonna do that in a separate PR.. * Test for sha256 * Attempt 1 at fixing toString errorr I'm not seeing this issue locally, so we'll spam a couple commits here to get things going * Use node 18 in tests?! * Fix localhost resolution with 127.0.0.1 * Mock getEnv() * Use @directus/tsconfig instead of duplicated conf * Does this fix it? * OK fun detour * Recreate lockfile * Update config files * Use multipart uploads in S3 * Cleanup imports * File Storage 2.0: Make metadata extraction backward-compatible (#16868) * Reinstall packages using pnpm instead of manually removing them (#16871) * Added extra environment setting for sharp processing of invalid images (#16811) * Added extra environment setting for sharp processing of invalid images * renamed environment var to `ASSETS_INVALID_IMAGE_SENSITIVITY_LEVEL` * Remove unused excludes from tsconfig * Remove copy/paste leftover * Update packages/utils/readme.md Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch> * Update packages/utils/package.json Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch> Co-authored-by: ian <licitdev@gmail.com> Co-authored-by: Brainslug <tim@brainslug.nl> Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch> Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
151 lines
4.9 KiB
TypeScript
151 lines
4.9 KiB
TypeScript
import { getUrl } from '@common/config';
|
|
import request from 'supertest';
|
|
import vendors from '@common/get-dbs-to-test';
|
|
|
|
describe('/auth/login/saml', () => {
|
|
const authCookies: Record<string, string> = {};
|
|
|
|
describe('GET /', () => {
|
|
describe('when incorrect credential is provided', () => {
|
|
describe('returns no authenticated cookie', () => {
|
|
it.each(vendors)('%s', async (vendor) => {
|
|
// Action
|
|
const loginPage = await request('http://127.0.0.1:8880')
|
|
.get(`/simplesaml/module.php/core/authenticate.php?as=example-userpass`)
|
|
.expect(302);
|
|
|
|
const cookies = loginPage.headers['set-cookie'].map((cookie: string) => cookie.split(';')[0]).join(';');
|
|
|
|
const AuthState = decodeURIComponent(String(loginPage.headers.location)).split('AuthState=')[1];
|
|
|
|
const response = await request('http://127.0.0.1:8880')
|
|
.post(`/simplesaml/module.php/core/loginuserpass.php?`)
|
|
.set('Cookie', cookies)
|
|
.set('Content-Type', 'application/x-www-form-urlencoded')
|
|
.send({
|
|
username: 'user1',
|
|
password: 'user2pass',
|
|
AuthState,
|
|
})
|
|
.expect(200);
|
|
|
|
authCookies[vendor] = response.headers['set-cookie'].map((cookie: string) => cookie.split(';')[0]).join(';');
|
|
|
|
// Assert
|
|
expect(authCookies[vendor]).toMatch(/PHPSESSIDIDP/);
|
|
expect(authCookies[vendor]).not.toMatch(/SimpleSAMLAuthTokenIdp/);
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('when correct credential is provided', () => {
|
|
describe('returns authenticated cookie', () => {
|
|
it.each(vendors)('%s', async (vendor) => {
|
|
// Action
|
|
const loginPage = await request('http://127.0.0.1:8880')
|
|
.get(`/simplesaml/module.php/core/authenticate.php?as=example-userpass`)
|
|
.expect(302);
|
|
|
|
const cookies = loginPage.headers['set-cookie'].map((cookie: string) => cookie.split(';')[0]).join(';');
|
|
|
|
const AuthState = decodeURIComponent(String(loginPage.headers.location)).split('AuthState=')[1];
|
|
|
|
const response = await request('http://127.0.0.1:8880')
|
|
.post(`/simplesaml/module.php/core/loginuserpass.php?`)
|
|
.set('Cookie', cookies)
|
|
.set('Content-Type', 'application/x-www-form-urlencoded')
|
|
.send({
|
|
username: 'user1',
|
|
password: 'user1pass',
|
|
AuthState,
|
|
})
|
|
.expect(303);
|
|
|
|
authCookies[vendor] = response.headers['set-cookie'].map((cookie: string) => cookie.split(';')[0]).join(';');
|
|
|
|
// Assert
|
|
expect(authCookies[vendor]).toMatch(/PHPSESSIDIDP/);
|
|
expect(authCookies[vendor]).toMatch(/SimpleSAMLAuthTokenIdp/);
|
|
});
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('POST /acs', () => {
|
|
describe('when no redirect is provided', () => {
|
|
describe('returns directus refresh token in JSON', () => {
|
|
it.each(vendors)('%s', async (vendor) => {
|
|
// Action
|
|
const samlLogin = await request(getUrl(vendor)).get('/auth/login/saml').expect(302);
|
|
const samlRedirectUrl = String(samlLogin.headers.location).split('/simplesaml/');
|
|
|
|
const authResponse = await request(samlRedirectUrl[0])
|
|
.get(`/simplesaml/${samlRedirectUrl[1]}`)
|
|
.set('Cookie', authCookies[vendor]);
|
|
|
|
expect(authResponse.statusCode).toBe(200);
|
|
|
|
const SAMLResponse = authResponse.text
|
|
.split('<input type="hidden" name="SAMLResponse" value="')[1]
|
|
.split('" />')[0];
|
|
|
|
const acsResponse = await request(getUrl(vendor))
|
|
.post('/auth/login/saml/acs')
|
|
.send({
|
|
SAMLResponse,
|
|
})
|
|
.expect(200);
|
|
|
|
// Assert
|
|
expect(acsResponse.body.data).toEqual(
|
|
expect.objectContaining({
|
|
access_token: expect.any(String),
|
|
expires: expect.any(Number),
|
|
refresh_token: expect.any(String),
|
|
})
|
|
);
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('when redirect is provided', () => {
|
|
describe('returns directus refresh token in cookie', () => {
|
|
it.each(vendors)('%s', async (vendor) => {
|
|
// Action
|
|
const samlLogin = await request(getUrl(vendor))
|
|
.get(`/auth/login/saml?redirect=${getUrl(vendor)}/admin/login?continue`)
|
|
.expect(302);
|
|
const samlRedirectUrl = String(samlLogin.headers.location).split('/simplesaml/');
|
|
|
|
const authResponse = await request(samlRedirectUrl[0])
|
|
.get(`/simplesaml/${samlRedirectUrl[1]}`)
|
|
.set('Cookie', authCookies[vendor]);
|
|
|
|
expect(authResponse.statusCode).toBe(200);
|
|
|
|
const SAMLResponse = authResponse.text
|
|
.split('<input type="hidden" name="SAMLResponse" value="')[1]
|
|
.split('" />')[0];
|
|
|
|
const RelayState = authResponse.text
|
|
.split('<input type="hidden" name="RelayState" value="')[1]
|
|
.split('" />')[0];
|
|
|
|
const acsResponse = await request(getUrl(vendor))
|
|
.post('/auth/login/saml/acs')
|
|
.send({
|
|
SAMLResponse,
|
|
RelayState,
|
|
})
|
|
.expect(302);
|
|
|
|
const cookies = acsResponse.headers['set-cookie'].map((cookie: string) => cookie.split(';')[0]).join(';');
|
|
|
|
// Assert
|
|
expect(cookies).toMatch(/directus_refresh_token/);
|
|
});
|
|
});
|
|
});
|
|
});
|
|
});
|