Gustavo master

config_sample.json

@@ -76,14 +76,28 @@
     "clientSecret": "{{GOOGLE_CLIENT_SECRET}}",
     "callbackURL": "http://localhost:3000/auth/google/callback"
   },
-  "aws": {
+  "facebook": {
+    "registerByToken": true,
+    "requestFields": "name,email,picture",
+    "fieldsMap": {
+      "name": "fullname",
+      "email": "email"
+    }
+  },
+  "aws":{
     "accessKeyId": "{{AWS_ACCESKEYID}}",
     "secretAccessKey": "{{AWS_SECRETACCESKEY}}",
     "region": "us-west-2",
     "buckets": {
       "avatars": "example-avatars"
     }
   },
+  "validators": {
+    "profile": {
+      "path": "",
+      "filename": "profile_create.json"
+    }
+  },
   "phoneVerification": {
     "pinSize": 4,
     "attempts": 3,
@@ -104,6 +118,7 @@
   },
   "emailVerification": {
     "subject": "Example email verification",
+    "from": "hello@example.com",
     "body": "<p>Thanks for register into Example, here is a link to activate your account click</p> <p><a href='{link}' >here</a></p> <p>If you have any problems on this process, please contact <a href='mailto:support@example.com'>support@example.com</a> and we will be pleased to help you.</p>",
     "compatibleEmailDevices": [
       "*iPhone*",
@@ -116,10 +131,14 @@
       "key": "user.{username}.transaction",
       "expireInSec": 86400
     },
-    "scheme": "mycomms"
+    "scheme":"mycomms",
+    "redirectUrl": "http://www.google.com"
   },
   "externalServices": {
-    "notifications": "http://localhost:3002"
+    "notifications": {
+      "base": "http://localhost:3002",
+      "pathEmail": "/api/notification/email"
+    }
   },
   "version": {
     "header": "x-example-version",
@@ -133,9 +152,11 @@
     "db": "mongodb://localhost/versionControl?w=1"
   },
   "allowedDomains": [
-    "*@a.com"
+    "*@a.com",
+    "*@facebook.com"
   ],
-  "password": {
+  "password":{
+    "validateOldPassword": false,
     "regexValidation": "(?=.*\\d)(?=.*[A-Z])(?=.*[a-z]).{8}",
     "message": "Your password must be at least 8 characters and must contain at least one capital, one lower and one number.",
     "generatedRegex": "([a-z][\\d][A-Z]){3,4}",
@@ -178,5 +199,8 @@
   },
   "directProxyUrls": [
     "\/upload$"
+  ],
+  "allowedHeaders": [
+    "x-custom-header"
   ]
 }

config_schema.json

@@ -40,6 +40,7 @@
       "properties": {
         "path": {"type": "string", "required": true},
         "username": {"type": "string", "required": true},
+        "email": {"type": "string", "required": false},
         "password": {"type": "string", "required": true}
       },
       "required": true

features/forgot_passwd.feature

@@ -6,9 +6,9 @@ Feature: client application requests recover password
     When the client makes a <METHOD> request to <PATH>
     Then the response status code is 204
 
-  Examples:
-  | METHOD | PATH                        |
-  | GET    | /user/:email/password       |
+    Examples:
+      | METHOD | PATH                  |
+      | GET    | /user/:email/password |
 
 
   @service
@@ -22,6 +22,6 @@ Feature: client application requests recover password
     And the response body contains json attribute "refreshToken"
     And the response body contains json attribute "expiresIn"
 
-  Examples:
-  | METHOD | PATH                        |
-  | GET    | /user/:email/password       |
+    Examples:
+      | METHOD | PATH                  |
+      | GET    | /user/:email/password |

features/proxy.feature

@@ -8,6 +8,18 @@ Feature: reverse proxy protects an applicacion behind cipherlayer
     Then the response status code is <STATUS>
     And the response body must be <RESPONSE_PAYLOAD>
     Examples:
-    | PATH          | METHOD  | STATUS | REQUEST_PAYLOAD | RESPONSE_PAYLOAD        |
-    | /test/get200  | GET     | 200    |                 | {"m":"GET", "s":"200"}  |
-    | /test/post200 | POST    | 200    | {"key":"value"} | {"m":"POST", "s":"200"} |
+      | PATH          | METHOD | STATUS | REQUEST_PAYLOAD | RESPONSE_PAYLOAD        |
+      | /test/get200  | GET    | 200    |                 | {"m":"GET", "s":"200"}  |
+      | /test/post200 | POST   | 200    | {"key":"value"} | {"m":"POST", "s":"200"} |
+
+  @service
+  Scenario Outline: A protected service returns a response header
+    Given a user with role user and a valid access token
+    And a protected service replies to a <METHOD> request with <REQUEST_PAYLOAD> to <PATH> with status <STATUS> and a body <RESPONSE_PAYLOAD> and header <ALLOWED_HEADER> and value <HEADER_VALUE>
+    When the application makes a <METHOD> with <REQUEST_PAYLOAD> to a protected <PATH>
+    Then the response status code is <STATUS>
+    And the response body must be <RESPONSE_PAYLOAD>
+    And the response headers contains the <ALLOWED_HEADER> with <HEADER_VALUE>
+    Examples:
+      | PATH         | METHOD | STATUS | REQUEST_PAYLOAD | RESPONSE_PAYLOAD       | ALLOWED_HEADER  | HEADER_VALUE |
+      | /test/get200 | GET    | 200    |                 | {"m":"GET", "s":"200"} | x-custom-header | test         |

features/restrictedArea.feature

@@ -17,9 +17,9 @@ Feature: client application logs in with admin role
     When the application makes a <METHOD> with <REQUEST_PAYLOAD> to a protected <PATH>
     Then the response status code is <STATUS>
     And the response body must be <RESPONSE_PAYLOAD>
-  Examples:
-    | PATH          | METHOD  | STATUS | REQUEST_PAYLOAD | RESPONSE_PAYLOAD       |
-    | /api/profile  | GET     | 200    |      {}         |       {"data":[]}      |
+    Examples:
+      | PATH         | METHOD | STATUS | REQUEST_PAYLOAD | RESPONSE_PAYLOAD |
+      | /api/profile | GET    | 200    | {}              | {"data":[]}      |
 
 
   @service
@@ -28,9 +28,9 @@ Feature: client application logs in with admin role
     And a protected service replies to a <METHOD> request with <REQUEST_PAYLOAD> to <PATH> with status <STATUS> and a body ""
     When the application makes a <METHOD> with <REQUEST_PAYLOAD> to a protected <PATH>
     Then the response status code is <STATUS>
-  Examples:
-    | PATH          | METHOD  | STATUS | REQUEST_PAYLOAD |
-    | /api/profile  | PUT     | 204    |      {}         |
+    Examples:
+      | PATH         | METHOD | STATUS | REQUEST_PAYLOAD |
+      | /api/profile | PUT    | 204    | {}              |
 
 
   @service
@@ -40,7 +40,7 @@ Feature: client application logs in with admin role
     When the application makes a <METHOD> with <REQUEST_PAYLOAD> to a protected <PATH>
     Then the response status code is <STATUS>
     And the response body must be <RESPONSE_PAYLOAD>
-  Examples:
-    | PATH          | METHOD  | STATUS | REQUEST_PAYLOAD | RESPONSE_PAYLOAD        |
-    | /api/profile  | GET     | 401    |                 | {"err":"unauthorized"}  |
-    | /api/profile  | PUT     | 401    | {"key":"value"} | {"err":"unauthorized"}  |
+    Examples:
+      | PATH         | METHOD | STATUS | REQUEST_PAYLOAD | RESPONSE_PAYLOAD       |
+      | /api/profile | GET    | 401    |                 | {"err":"unauthorized"} |
+      | /api/profile | PUT    | 401    | {"key":"value"} | {"err":"unauthorized"} |

features/step_definitions/client_pass_through.js

@@ -7,7 +7,7 @@ var config = require('../../config.json');
 module.exports = function(){
     this.When(/^the client makes a pass through (.*) with the following (.*) in the body$/, function (METHOD, PUBLIC_PAYLOAD, callback) {
 
-        var notifServiceURL = config.externalServices.notifications;
+        var notifServiceURL = config.externalServices.notifications.base;
 
         var options = {
             url: 'http://localhost:' + config.public_port + config.passThroughEndpoint.path,

features/step_definitions/login_invalid_username.js

@@ -6,6 +6,7 @@ var config = require('../../config.json');
 module.exports = function(){
   this.When(/^the client app requests log in the protected application with username substring/, function (callback) {
     var username = world.getUser().username;
+    console.log('Email', username);
     world.getUser().username = username.slice(0, username.length / 2);
 
     var options = {

features/step_definitions/method_request_to_path.js

@@ -5,6 +5,9 @@ var nock = require('nock');
 var request = require('request');
 var assert = require('assert');
 
+var NOTIFICATION_SERVICE_URL = config.externalServices.notifications.base;
+var NOTIFICATION_EMAIL_SERVICE_PATH = config.externalServices.notifications.pathEmail;
+
 var myStepDefinitionsWrapper = function () {
     this.When(/^the client makes a (.*) request to (.*)$/, function (METHOD, PATH, callback) {
 
@@ -20,12 +23,12 @@ var myStepDefinitionsWrapper = function () {
         };
         options.headers[config.version.header] = "test/1";
 
-        nock(config.externalServices.notifications)
-            .post('/notification/email')
+        nock(NOTIFICATION_SERVICE_URL)
+            .post(NOTIFICATION_EMAIL_SERVICE_PATH)
             .reply(204);
 
         request(options, function(err,res) {
-            assert.equal(err,null);
+          assert.equal(err,null);
             world.getResponse().statusCode = res.statusCode;
             world.getResponse().headers = res.headers;
             callback();

features/step_definitions/protected_service_call.js

@@ -27,6 +27,8 @@ module.exports = function(){
             } else {
                 world.getResponse().body = null;
             }
+
+            world.getResponse().headers = res.headers;
             callback();
         });
     });

features/step_definitions/protected_service_definiton.js

@@ -14,11 +14,24 @@ module.exports = function(){
         callback();
     });
 
+    this.Given(/^a protected service replies to a GET request with (.*) to (.*) with status (.*) and a body (.*) and header (.*) and value (.*)$/, function (REQUEST_PAYLOAD, PATH, STATUS, RESPONSE_PAYLOAD, ALLOWED_HEADER, HEADER_VALUE, callback){
+        var headers = {};
+        headers[ALLOWED_HEADER] = HEADER_VALUE;
+        nock('http://localhost:'+config.private_port, {
+            reqheaders: {
+                'Content-Type': 'application/json; charset=utf-8',
+                'x-user-id' : world.getUser().id
+            }
+        }).get(PATH).reply(Number(STATUS), JSON.parse(RESPONSE_PAYLOAD), headers);
+
+        callback();
+    });
+
     this.Given(/^a protected service replies to a POST request with (.*) to (.*) with status (.*) and a body (.*)$/, function (REQUEST_PAYLOAD, PATH, STATUS, RESPONSE_PAYLOAD, callback){
         nock('http://localhost:'+config.private_port)
             .post(PATH, JSON.parse(REQUEST_PAYLOAD))
             .reply(Number(STATUS), JSON.parse(RESPONSE_PAYLOAD));
-            
+
         callback();
     });
 

features/step_definitions/response_header_content.js

@@ -0,0 +1,9 @@
+var world = require('../support/world');
+var assert = require('assert');
+
+module.exports = function(){
+    this.Given(/^the response headers contains the (.*) with (.*)$/, function (ALLOWEDHEADER, HEADERVALUE, callback) {
+        assert.equal(world.getResponse().headers[ALLOWEDHEADER], HEADERVALUE);
+        callback();
+    });
+};

package.json

@@ -15,7 +15,7 @@
     "coverage-2": "cp coverage/lcov.info coverage/cucumber.lcov",
     "coverage-3": "node_modules/.bin/mocha tests --recursive --require blanket -R mocha-lcov-reporter > coverage/mocha.lcov",
     "coverage-4": "node_modules/.bin/lcov-result-merger 'coverage/*.lcov' 'coverage/merged.lcov'",
-    "coverage-5": "cat ./coverage/merged.lcov | ./node_modules/coveralls/bin/coveralls.js"
+    "coverage-5": "cat ./coverage/merged.lcov | ./node_modules/coveralls/bin/coveralls.js --verbose"
   },
   "dependencies": {
     "async": "^0.9.0",

scripts/add_users.js

@@ -0,0 +1,98 @@
+var async = require('async'),
+    fs = require('fs'),
+    nock = require('nock'),
+    userMng = require('../src/managers/user'),
+    config = require('../config.json'),
+    userDao = require('../src/managers/dao.js');
+/*
+ * Objects for `async.eachSeries`
+ */
+
+// Function to apply to each fixture
+var addFixture = function(fixture, callback) {
+
+    var data = fixture;
+
+    // Define user object to be passed to userMng
+    var pin = null;
+    var profileBody = {
+        id: data._id.$oid || data._id,
+        email: data.email,
+        password: data.password || (process.env.DEFAULT_PASS ? process.env.DEFAULT_PASS : "qwerty")
+    };
+
+    if(!profileBody.id || !profileBody.email || !profileBody.password) {
+        console.log("Missing mandatory parameter(s)");
+        return callback();
+    }
+    // Nock the createUser URL
+    nock('http://' + config.private_host + ':' + config.private_port + config.passThroughEndpoint.path, { reqheaders: {
+        'Content-Type': 'application/json; charset=utf-8'
+    }})
+        .post(config.passThroughEndpoint.path)
+        .reply(201,profileBody);
+
+    // Save user data to database
+    userMng().createUser(profileBody, pin, function(err) {
+        if(err) {
+
+            if (err.err === 'auth_proxy_user_error') {
+                console.log(profileBody.email + " " + err.des);
+                return callback();
+            }
+            return callback(err);
+        }
+        console.log(profileBody.email + " added");
+        return callback();
+    });
+
+};
+
+/*
+ * Main part of the script:
+ *  - Exports the function, or
+ *  - Executes the function if running from CLI
+ */
+var runLoadFixtures = module.exports = function(fixtureFile, callback) {
+
+            console.log("running Load Fixtures");
+
+
+            async.eachSeries(fixtureFile, addFixture, callback);
+
+};
+
+if (!module.parent) { // Run as CLI command exec
+    async.series([
+
+        // Start cipherLayer components (mongodb, redis...)
+        function connect(done) {
+            userDao.connect(done);
+        },
+
+        function drop(done) {
+            if(!process.env.DROP_DB) return done();
+            console.log("Dropping database");
+            userDao.deleteAllUsers(done);
+        },
+
+        function load(done) {
+            fixtureFile = require(__dirname + '/' + '../tests/fixtures/' + 'User.json');
+            runLoadFixtures(fixtureFile,done);
+        },
+
+        function disconnect(done) {
+            userDao.disconnect(done);
+        }
+
+    ], function(err) {
+        if (err) {
+            console.error(err);
+            process.exit(1);
+        }
+
+        console.info('Fixtures loaded');
+        process.exit();
+    });
+
+}

src/cipherlayer.js

@@ -115,7 +115,8 @@ function startListener(publicPort, internalPort, cbk){
                 "/auth/google",
                 "/auth/google/*",
                 "/user/activate*",
-                "/heartbeat"
+                "/heartbeat",
+                "/user/email/available"
             ];
             publicServer.use(versionControl(versionControlOptions));