mirror of
https://gitee.com/nocobase/nocobase.git
synced 2025-05-05 05:29:26 +08:00
24601aa66f
* feat(auth): init auth package & collection * feat(auth): register * feat(auth): use authenticator * feat(auth): mapRoles * feat(auth): refactor * feat(auth): base auth class * feat(auth): add plugin * chore(auth): test * chore(auth): add test cases * feat(auth): authenticators pane * chore(auth): custom hook useAuthTypes * feat(auth): authenticator pane * chore(auth): store options schema using context * feat(auth): signInPage provider * feat(auth): signUpPage provider * chore(auth): solve build errors * chore(auth): add dependency * chore(auth): remove dependency cycles * chore(auth): add plugin-auth to preset * chore(auth): fix test * feat(auth): authenticator enable status * fix(test): fix test using new authentication * feat(auth): migration, set up basic auth * chore(auth): can set options ui by component * fix(test): workflow manunal.test * fix(test): typo * feat(auth): support multi-language * chore(auth): imporve code * chore(auth): hide button if no configuration * chore(auth): readme * chore(auth): remove allowSignup prop * chore(auth): move configure pane to edit form * fix(auth): jwt options bug * feat(auth): init sms-auth * chore(auth): at least authenticator required * chore(auth): add test * feat(auth): support sms auth * fix(auth): fix test * chore(auth): move findOrCreateUser to AuthModel * chore(auth): history compatible processing * feat(auth): support SAML auth * chore(auth): saml auth list * chore(saml-auth): improve ui * Merge branch 'main' into feat/authentication * chore(auth): improve code * fix(saml-auth): fix bug * fix(saml-auth): fix saml options * chore(saml-auth): compatible processing && ut * fix(auth): signin page bug * chore(auth): saml compatible processing * feat(auth): oidc-auth * fix(oidc-auth): bug * fix(oidc-auth): bug * fix(auth): fix test * chore(auth): filter enabled authenticator * chore(oidc): add field map * chore(auth): update readme * docs(auth): create sms-auth readme * feat(auth): allow signup config * test(auth): fix test * feat(auth): allow saml and oidc use http * chore(oidc-auth): extends timeout * docs(auth): update readme * feat(auth): support sort * docs(saml): update readme * feat(auth): support sort all authenticator * Merge branch 'main' into feat/authentication * Merge branch 'main' into feat/authentication * feat: improve code * docs(auth): add doc * Merge branch 'main' into feat/authentication * chore: update yarn.lock * feat: improve code * chore(acl): write role to acl if it exists in database and not found … (#2001) * chore(acl): write role to acl if it exists in database and not found in acl * fix: test * fix: eager load with nested association (#2002) * chore: upgrade vitest * chore: edit * refactor: auth class * fix: set options * chore(acl): write role to acl if it exists in database and not found … (#2001) * chore(acl): write role to acl if it exists in database and not found in acl * fix: test * fix: eager load with nested association (#2002) * chore: upgrade vitest * chore: add migrations * test: fix api-client test * chore: add sms-auth * feat: avoid no permission after auth type disabled * fix: translation --------- Co-authored-by: chenos <chenlinxh@gmail.com>
116 lines
2.8 KiB
TypeScript
116 lines
2.8 KiB
TypeScript
import { Database } from '@nocobase/database';
|
|
import { MockServer, mockServer } from '@nocobase/test';
|
|
import OIDCPlugin from '@nocobase/plugin-oidc';
|
|
import { authType } from '../../constants';
|
|
import { OIDCAuth } from '../oidc-auth';
|
|
|
|
describe('oidc', () => {
|
|
let app: MockServer;
|
|
let db: Database;
|
|
let agent;
|
|
|
|
beforeAll(async () => {
|
|
app = mockServer({
|
|
plugins: ['users', 'auth'],
|
|
});
|
|
app.plugin(OIDCPlugin);
|
|
await app.loadAndInstall({ clean: true });
|
|
db = app.db;
|
|
agent = app.agent();
|
|
|
|
const authenticatorRepo = db.getRepository('authenticators');
|
|
await authenticatorRepo.create({
|
|
values: {
|
|
name: 'oidc-auth',
|
|
authType: authType,
|
|
enabled: 1,
|
|
options: {
|
|
oidc: {
|
|
issuer: '',
|
|
clientId: '',
|
|
clientSecret: '',
|
|
},
|
|
},
|
|
},
|
|
});
|
|
});
|
|
|
|
afterAll(async () => {
|
|
await db.close();
|
|
});
|
|
|
|
afterEach(() => {
|
|
jest.restoreAllMocks();
|
|
});
|
|
|
|
it('should get auth url', async () => {
|
|
agent = app.agent();
|
|
jest.spyOn(OIDCAuth.prototype, 'createOIDCClient').mockResolvedValue({
|
|
authorizationUrl: ({ state }) => state,
|
|
} as any);
|
|
const res = await agent.set('X-Authenticator', 'oidc-auth').resource('oidc').getAuthUrl();
|
|
expect(res.body.data).toBeDefined();
|
|
const search = new URLSearchParams(res.body.data);
|
|
expect(search.get('token')).toBeDefined();
|
|
expect(search.get('name')).toBe('oidc-auth');
|
|
expect(res.headers['set-cookie']).toBeDefined();
|
|
const token = res.headers['set-cookie'][0].split(';')[0].split('=')[1];
|
|
expect(token).toBe(search.get('token'));
|
|
});
|
|
|
|
it('should sign in', async () => {
|
|
agent = app.agent();
|
|
jest.spyOn(OIDCAuth.prototype, 'createOIDCClient').mockResolvedValue({
|
|
callback: (uri, { code }) => ({
|
|
access_token: 'access_token',
|
|
}),
|
|
userinfo: () => ({
|
|
sub: 'user1',
|
|
}),
|
|
} as any);
|
|
|
|
const res = await agent
|
|
.set('X-Authenticator', 'oidc-auth')
|
|
.set('Cookie', ['nocobase_oidc=token'])
|
|
.resource('auth')
|
|
.signIn()
|
|
.send({
|
|
code: '',
|
|
state: 'token=token&name=oidc-auth',
|
|
});
|
|
|
|
expect(res.body.data.user).toBeDefined();
|
|
expect(res.body.data.user.nickname).toBe('user1');
|
|
});
|
|
});
|
|
|
|
it('field mapping', () => {
|
|
const auth = new OIDCAuth({
|
|
authenticator: null,
|
|
ctx: {
|
|
db: {
|
|
getCollection: () => ({}),
|
|
} as any,
|
|
} as any,
|
|
options: {
|
|
oidc: {
|
|
fieldMap: [
|
|
{
|
|
source: 'username',
|
|
target: 'nickname',
|
|
},
|
|
],
|
|
},
|
|
},
|
|
});
|
|
const userInfo = auth.mapField({
|
|
sub: 1,
|
|
username: 'user1',
|
|
});
|
|
expect(userInfo).toEqual({
|
|
sub: 1,
|
|
username: 'user1',
|
|
nickname: 'user1',
|
|
});
|
|
});
|