197 lines
6 KiB
JavaScript
197 lines
6 KiB
JavaScript
|
var helpers = require('./helpers'),
|
||
|
should = require('should'),
|
||
|
needle = require('./../'),
|
||
|
server;
|
||
|
|
||
|
var port = 7707;
|
||
|
|
||
|
describe('Basic Auth', function() {
|
||
|
|
||
|
before(function(done) {
|
||
|
server = helpers.server({ port: port }, done);
|
||
|
})
|
||
|
|
||
|
after(function(done) {
|
||
|
server.close(done);
|
||
|
})
|
||
|
|
||
|
///////////////// helpers
|
||
|
|
||
|
var get_auth = function(header) {
|
||
|
var token = header.split(/\s+/).pop();
|
||
|
return token && Buffer.from(token, 'base64').toString().split(':');
|
||
|
}
|
||
|
|
||
|
describe('when neither username or password are passed', function() {
|
||
|
|
||
|
it('doesnt send any Authorization headers', function(done) {
|
||
|
needle.get('localhost:' + port, { parse: true }, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
Object.keys(sent_headers).should.not.containEql('authorization');
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
})
|
||
|
|
||
|
describe('when username is an empty string, and password is a valid string', function() {
|
||
|
|
||
|
var opts = { username: '', password: 'foobar', parse: true };
|
||
|
|
||
|
it('doesnt send any Authorization headers', function(done) {
|
||
|
needle.get('localhost:' + port, { parse: true }, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
Object.keys(sent_headers).should.not.containEql('authorization');
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
});
|
||
|
|
||
|
describe('when username is a valid string, but no username is passed', function() {
|
||
|
|
||
|
var opts = { username: 'foobar', parse: true };
|
||
|
|
||
|
it('sends Authorization header', function(done) {
|
||
|
needle.get('localhost:' + port, opts, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
Object.keys(sent_headers).should.containEql('authorization');
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
it('Basic Auth only includes username, without colon', function(done) {
|
||
|
needle.get('localhost:' + port, opts, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
var auth = get_auth(sent_headers['authorization']);
|
||
|
auth[0].should.equal('foobar');
|
||
|
auth.should.have.lengthOf(1);
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
})
|
||
|
|
||
|
describe('when username is a valid string, and password is null', function() {
|
||
|
|
||
|
var opts = { username: 'foobar', password: null, parse: true };
|
||
|
|
||
|
it('sends Authorization header', function(done) {
|
||
|
needle.get('localhost:' + port, opts, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
Object.keys(sent_headers).should.containEql('authorization');
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
it('Basic Auth only includes both username and password', function(done) {
|
||
|
needle.get('localhost:' + port, opts, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
var auth = get_auth(sent_headers['authorization']);
|
||
|
auth[0].should.equal('foobar');
|
||
|
auth[1].should.equal('');
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
})
|
||
|
|
||
|
describe('when username is a valid string, and password is an empty string', function() {
|
||
|
|
||
|
var opts = { username: 'foobar', password: '', parse: true };
|
||
|
|
||
|
it('sends Authorization header', function(done) {
|
||
|
needle.get('localhost:' + port, opts, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
Object.keys(sent_headers).should.containEql('authorization');
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
it('Basic Auth only includes both username and password', function(done) {
|
||
|
needle.get('localhost:' + port, opts, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
var auth = get_auth(sent_headers['authorization']);
|
||
|
auth[0].should.equal('foobar');
|
||
|
auth[1].should.equal('');
|
||
|
auth.should.have.lengthOf(2);
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
})
|
||
|
|
||
|
describe('when username AND password are non empty strings', function() {
|
||
|
|
||
|
var opts = { username: 'foobar', password: 'jakub', parse: true };
|
||
|
|
||
|
it('sends Authorization header', function(done) {
|
||
|
needle.get('localhost:' + port, opts, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
Object.keys(sent_headers).should.containEql('authorization');
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
it('Basic Auth only includes both user and password', function(done) {
|
||
|
needle.get('localhost:' + port, opts, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
var auth = get_auth(sent_headers['authorization']);
|
||
|
auth[0].should.equal('foobar');
|
||
|
auth[1].should.equal('jakub');
|
||
|
auth.should.have.lengthOf(2);
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
})
|
||
|
|
||
|
describe('URL with @ but not username/pass', function() {
|
||
|
it('doesnt send Authorization header', function(done) {
|
||
|
var url = 'localhost:' + port + '/abc/@def/xyz.zip';
|
||
|
|
||
|
needle.get(url, {}, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
Object.keys(sent_headers).should.not.containEql('authorization');
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
it('sends user:pass headers if passed via options', function(done) {
|
||
|
var url = 'localhost:' + port + '/abc/@def/xyz.zip';
|
||
|
|
||
|
needle.get(url, { username: 'foo' }, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
Object.keys(sent_headers).should.containEql('authorization');
|
||
|
sent_headers['authorization'].should.eql('Basic Zm9v')
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
})
|
||
|
|
||
|
describe('when username/password are included in URL', function() {
|
||
|
var opts = { parse: true };
|
||
|
|
||
|
it('sends Authorization header', function(done) {
|
||
|
needle.get('foobar:jakub@localhost:' + port, opts, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
Object.keys(sent_headers).should.containEql('authorization');
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
it('Basic Auth only includes both user and password', function(done) {
|
||
|
needle.get('foobar:jakub@localhost:' + port, opts, function(err, resp) {
|
||
|
var sent_headers = resp.body.headers;
|
||
|
var auth = get_auth(sent_headers['authorization']);
|
||
|
auth[0].should.equal('foobar');
|
||
|
auth[1].should.equal('jakub');
|
||
|
auth.should.have.lengthOf(2);
|
||
|
done();
|
||
|
})
|
||
|
})
|
||
|
|
||
|
})
|
||
|
|
||
|
})
|