Add integration test and unit test for passport saml.

jbelmont · Feb 8, 2017 · 1b85296 · 1b85296
1 parent b12fe4a
commit 1b85296
Show file tree

Hide file tree

Showing 7 changed files with 121 additions and 12 deletions.
diff --git a/app.js b/app.js
@@ -1,4 +1,5 @@
 const restify = require('restify');
+const passport = require('passport');
 const {readFileSync} = require('fs');
 const {join} = require('path');
 
@@ -21,9 +22,14 @@ app.listen(port, () => {
   console.log('server listening on port number', port);
 });
 
+const env = process.env.NODE_ENV || 'development';
+const config = require('./constants')[env];
+require('./config/passport')(passport, config);
+
 // Load api endpoints.
 require('./routes')(app);
 require('./auth')(app);
 require('./admin/createToken')(app);
+require('./auth/samlRoute')(app, config, passport);
 
 module.exports = app;
diff --git a/auth/samlRoute.js b/auth/samlRoute.js
@@ -0,0 +1,22 @@
+'use strict';
+
+module.exports = (app, config, passport) => {
+  app.post(config.passport.saml.path,
+    passport.authenticate(config.passport.strategy,
+      {
+        failureRedirect: '/',
+        failureFlash: true
+      }),
+    (req, res) => {
+      res.redirect('/');
+    }
+  );
+
+  app.get('/api/v1/saml',
+    passport.authenticate(config.passport.strategy,
+      {
+        successRedirect: '/',
+        failureRedirect: '/'
+      })
+  );
+};
diff --git a/config/passport.js b/config/passport.js
@@ -0,0 +1,29 @@
+const SamlStrategy = require('passport-saml-restify').Strategy;
+
+module.exports = (passport, config) => {
+
+  passport.serializeUser((user, done) => {
+    done(null, user);
+  });
+
+  passport.deserializeUser((user, done) => {
+    done(null, user);
+  });
+
+  passport.use(new SamlStrategy({
+    path: config.passport.saml.path,
+    entryPoint: config.passport.saml.entryPoint,
+    issuer: config.passport.saml.issuer,
+    cert: config.passport.saml.cert
+  },
+  (profile, done) => {
+    return done(null,
+      {
+        id: profile.uid,
+        email: profile.email,
+        displayName: profile.cn,
+        firstName: profile.givenName,
+        lastName: profile.sn
+      });
+  }));
+};
diff --git a/constants/index.js b/constants/index.js
@@ -2,13 +2,30 @@ module.exports = {
   responseCodes: {
     created: 201,
     ok: 200,
-    unauthorized: 401
+    unauthorized: 401,
+    found: 302
   },
   requestURL: 'https://localhost:3000',
   endPoints: {
     createTokenUrl: '/api/v1/createToken',
     basicAuthUrl: '/api/v1/basicAuth',
     digestSchemeUrl: '/api/v1/digestScheme',
+    samlUrl: '/api/v1/saml',
     indexRouteUrl: '/'
+  },
+  development: {
+    app: {
+      name: 'SSO with SAML and Oauth',
+      port: process.env.PORT || 3000
+    },
+    passport: {
+      strategy: 'saml',
+      saml: {
+        path: process.env.SAML_PATH || '/api/v1/saml',
+        entryPoint: process.env.SAML_ENTRY_POINT || 'https://localhost:3000/api/v1/saml',
+        issuer: 'passport-saml',
+        cert: process.env.SAML_CERT || null
+      }
+    }
   }
 };
diff --git a/package.json b/package.json
@@ -36,15 +36,16 @@
   },
   "homepage": "https://github.com/Code-Craftsmanship-Saturdays/sso-with-oauth-and-saml#readme",
   "dependencies": {
+    "chromedriver": "^2.25.1",
     "dotenv": "^2.0.0",
     "jsonwebtoken": "^7.2.1",
+    "passport": "^0.3.2",
     "passport-saml-restify": "^1.0.5",
-    "chromedriver": "^2.25.1",
     "restify": "^4.3.0",
     "restify-jwt": "^0.4.0",
     "rethinkdb": "^2.3.3",
-    "winston": "^2.3.0",
-    "snyk": "^1.24.6"
+    "snyk": "^1.24.6",
+    "winston": "^2.3.0"
   },
   "devDependencies": {
     "ava": "^0.17.0",

diff --git a/test/integration-tests/saml.test.js b/test/integration-tests/saml.test.js
@@ -1,9 +1,37 @@
 'use strict';
 
+const { spawn } = require('child_process');
+spawn('rethinkdb');
+
 const test = require('ava');
-// const SAML = require('../lib/passport-saml-restify/saml.js').SAML;
+require('../../app');
+
+const {
+    responseCodes,
+    requestURL,
+    endPoints
+} = require('../../constants');
+
+const samlUrl = endPoints['samlUrl'];
+
+const request = require('supertest');
+
+// Stop tls rejections.
+process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
 
-// add endpoint test here
-test('saml endpoint', t => {
-  t.pass('pass');
+test.cb('saml endpoint', t => {
+  t.plan(1);
+  const found = responseCodes['found'];
+  const req = request.agent(requestURL);
+  req
+    .get(samlUrl)
+    .set({
+      'Authorization': 'Digest username="rambo", realm="https://localhost:3000/api/v1/digestScheme"'
+    })
+    .expect(res => {
+      t.is(res.status, found, '302 Status Code should be returned');
+    })
+    .end(() => {
+      t.end();
+    });
 });
diff --git a/test/unit-tests/saml.test.js b/test/unit-tests/saml.test.js
@@ -17,12 +17,18 @@ test.before('setup SAML entrypoint', () => {
   };
 });
 
-test.cb('get the right host', t => {
-  t.plan(1);
+test.cb('getAuthorizeUrl should return url and properties', t => {
+  t.plan(4);
   saml.getAuthorizeUrl(req, (err, target) => {
-    const actual = url.parse(target).host;
+    const actual = url.parse(target);
     const expected = 'localhost:3000';
-    t.is(actual, expected, `should equal ${expected}`);
+
+    t.is(actual['host'], expected, `should equal ${actual['host']}`);
+    t.is(actual['protocol'], 'https:', `should equal ${actual['protocol']}`);
+    t.is(actual['pathname'], '/api/v1/saml', `should equal ${actual['pathname']}`);
+
+    const queryKey = Object.keys(url.parse(target, true).query)[0];
+    t.is(queryKey, 'SAMLRequest');
     t.end();
   });
 });