diff --git a/test/public-api/tokens.e2e-spec.ts b/test/public-api/tokens.e2e-spec.ts new file mode 100644 index 000000000..6ffb3e9e5 --- /dev/null +++ b/test/public-api/tokens.e2e-spec.ts @@ -0,0 +1,130 @@ +/* + * SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file) + * + * SPDX-License-Identifier: AGPL-3.0-only + */ +import { INestApplication } from '@nestjs/common'; +import { ConfigModule, ConfigService } from '@nestjs/config'; +import { Test } from '@nestjs/testing'; +import { TypeOrmModule } from '@nestjs/typeorm'; +import request from 'supertest'; + +import { PrivateApiModule } from '../../src/api/private/private-api.module'; +import { AuthModule } from '../../src/auth/auth.module'; +import { MockAuthGuard } from '../../src/auth/mock-auth.guard'; +import { TokenAuthGuard } from '../../src/auth/token.strategy'; +import { AuthConfig } from '../../src/config/auth.config'; +import appConfigMock from '../../src/config/mock/app.config.mock'; +import authConfigMock from '../../src/config/mock/auth.config.mock'; +import customizationConfigMock from '../../src/config/mock/customization.config.mock'; +import externalServicesConfigMock from '../../src/config/mock/external-services.config.mock'; +import mediaConfigMock from '../../src/config/mock/media.config.mock'; +import { GroupsModule } from '../../src/groups/groups.module'; +import { HistoryModule } from '../../src/history/history.module'; +import { IdentityService } from '../../src/identity/identity.service'; +import { LoggerModule } from '../../src/logger/logger.module'; +import { MediaModule } from '../../src/media/media.module'; +import { NotesModule } from '../../src/notes/notes.module'; +import { PermissionsModule } from '../../src/permissions/permissions.module'; +import { User } from '../../src/users/user.entity'; +import { UsersModule } from '../../src/users/users.module'; +import { UsersService } from '../../src/users/users.service'; +import { setupSessionMiddleware } from '../../src/utils/session'; + +describe('Tokens', () => { + let app: INestApplication; + let userService: UsersService; + let identityService: IdentityService; + let user: User; + let agent: request.SuperAgentTest; + let keyId: string; + + beforeAll(async () => { + const moduleRef = await Test.createTestingModule({ + imports: [ + ConfigModule.forRoot({ + isGlobal: true, + load: [ + appConfigMock, + authConfigMock, + mediaConfigMock, + customizationConfigMock, + externalServicesConfigMock, + ], + }), + PrivateApiModule, + NotesModule, + PermissionsModule, + GroupsModule, + TypeOrmModule.forRoot({ + type: 'sqlite', + database: './hedgedoc-e2e-private-me.sqlite', + autoLoadEntities: true, + synchronize: true, + dropSchema: true, + }), + LoggerModule, + AuthModule, + UsersModule, + MediaModule, + HistoryModule, + ], + }) + .overrideGuard(TokenAuthGuard) + .useClass(MockAuthGuard) + .compile(); + const config = moduleRef.get(ConfigService); + identityService = moduleRef.get(IdentityService); + app = moduleRef.createNestApplication(); + userService = moduleRef.get(UsersService); + user = await userService.createUser('hardcoded', 'Testy'); + await identityService.createLocalIdentity(user, 'test'); + const authConfig = config.get('authConfig') as AuthConfig; + setupSessionMiddleware(app, authConfig); + await app.init(); + agent = request.agent(app.getHttpServer()); + await agent + .post('/auth/local/login') + .send({ username: 'hardcoded', password: 'test' }) + .expect(201); + }); + + it(`POST /tokens`, async () => { + const tokenName = 'testToken'; + const response = await agent + .post('/tokens') + .send({ + label: tokenName, + }) + .expect('Content-Type', /json/) + .expect(201); + keyId = response.body.keyId; + expect(response.body.label).toBe(tokenName); + expect(response.body.validUntil).toBe(null); + expect(response.body.lastUsed).toBe(null); + expect(response.body.secret.length).toBe(84); + }); + + it(`GET /tokens`, async () => { + const tokenName = 'testToken'; + const response = await agent + .get('/tokens/') + .expect('Content-Type', /json/) + .expect(200); + expect(response.body[0].label).toBe(tokenName); + expect(response.body[0].validUntil).toBe(null); + expect(response.body[0].lastUsed).toBe(null); + expect(response.body[0].secret).not.toBeDefined(); + }); + it(`DELETE /tokens/:keyid`, async () => { + const response = await agent.delete('/tokens/' + keyId).expect(204); + expect(response.body).toStrictEqual({}); + }); + it(`GET /tokens 2`, async () => { + const response = await agent + .get('/tokens/') + .expect('Content-Type', /json/) + .expect(200); + expect(response.body).toStrictEqual([]); + }); +});