import {J,handleResponse,ResponseData,newResponseData} from "../../utils"; import {Response} from "supertest"; import {AppMaster} from "@onebro/appmaster"; import {S4} from "@onebro/oba-common"; export const obAuthAcctsApiTests = () => J.desc("Auth Accts",() => { const authApiPath = "/ob-auth/v1/en",authApiID = "00-ob-auth"; let m:AppMaster,app:any,data:ResponseData,user:any; it("init w/o errors",async () => { const o = await require("../../utils/init"); m = o.master; app = o.app; data = newResponseData();},1E9); it("Test: GET /test-only [200]",async (done) => { await app .get(authApiPath+"/test-only") .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); done();});},1E9); it("Register: POST /register [201 - Create New Acct] ",async (done) => { await app .post(authApiPath+"/register") .send({ email:`jackswift${S4()}@aol.com`.toLocaleLowerCase(), location:{info:"Houston, TX, USA"}, role:"USER"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .expect("Content-Type",/json/) .expect(201) .expect((res:Response) => { data = handleResponse(data,res); J.is(data.cookies["_ob_auth_11"]); user = res.body; //console.log(user); done();});},1E9); it("Register: POST /register [422 - Existing Email]",async (done) => { await app .post(authApiPath+"/register") .send({ email:user.username, loc:{info:"Houston, TX, USA"}, role:"USER"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .expect("Content-Type",/json/) .expect(422) .expect((res:Response) => { data = handleResponse(data,res); J.true(/unique/i.test(res.body.errors.email.message)); done();});},1E9); it("AutoSet User: GET /set [200 - Unverified User]",async (done) => { await app .get(authApiPath+"/set") .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); user = res.body; done();});},1E9); it("Verify: POST /verify [401 - Missing Token]",async (done) => { await app .post(authApiPath+"/verify") .send({code:"XOX-333"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .expect("Content-Type",/json/) .expect(401) .expect((res:Response) => { data = handleResponse(data,res); J.true(/authorized/i.test(res.body.message)); done();});},1E9); it("Verify: POST /verify [401 - Invalid Token]",async (done) => { await app .post(authApiPath+"/verify") .send({code:"ugyfffkgf"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer liaihdasdihisahdihalihdisah") .expect("Content-Type",/json/) .expect(401) .expect((res:Response) => { data = handleResponse(data,res); J.true(/authorized/i.test(res.body.message)); J.true(/malformed/i.test(res.body.info)); done();});},1E9); it("Verify: POST /verify [401 - Malformed Token]",async (done) => { await app .post(authApiPath+"/verify") .send({code:"ugyfffkgf"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer "+user.token.substr(-1)) .expect("Content-Type",/json/) .expect(401) .expect((res:Response) => { data = handleResponse(data,res); J.true(/authorized/i.test(res.body.message)); J.true(/jwt malformed/i.test(res.body.info)); done();});},1E9); it("Verify: POST /verify [422 - Mismatch Verificaition Code]",async (done) => { await app .post(authApiPath+"/verify") .send({code:"ugyfffkgf"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer "+user.token) .expect("Content-Type",/json/) .expect(422) .expect((res:Response) => { data = handleResponse(data,res); J.true(/mismatch/i.test(res.body.message)); done();});},1E9); it("Verify: POST /verify [200 - Email Verification Successful]",async (done) => { await app .post(authApiPath+"/verify") .send({code:"XOX-333"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer "+user.token) .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); user = res.body; done();});},1E9); it("Create Acct: POST /acct [200 - Created name,yob,hande & pin]",async (done) => { await app .post(authApiPath+"/acct") .send({ name:{first:"Jack",last:"Swift"}, handle:"jackswift", pin:"0000", yob:"1980", contact:{phn:"1-346-888-8888",method:"email"}, location:{info:"Houston,Tx, USA"}, info:{ssn:"123-45-6789",dob:"09/29/1999"}}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer "+user.token) .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); user = res.body; //console.log(user); done();});},1E9); it("Login: POST /login [422 - Invalid Pin]",async (done) => { await app .post(authApiPath+"/login") .send({pin:"9999"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer "+user.token) .expect("Content-Type",/json/) .expect(422) .expect((res:Response) => { data = handleResponse(data,res); J.true(/mismatch/i.test(res.body.message)); done();});},1E9); it("Login: POST /login [200 - Verified User]",async (done) => { await app .post(authApiPath+"/login") .send({pin:"0000"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer "+user.token) .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); user = res.body; //console.log(user); done();});},1E9); it("Update Acct: POST /acct [200 - Updated handle,pin & addl info]",async (done) => { await app .put(authApiPath+"/acct") .send({ //handle:"jackswift", pin:"9999", contact:{phn:"1-888-888-8888",method:"email"}, location:{info:"Atlanta, Ga, USA"},}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer "+user.token) .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); user = res.body; //console.log(user); done();});},1E9); it("Forgot Pin: GET /login [200]",async (done) => { await app .get(authApiPath+"/login") .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); user = res.body; done();});},1E9); it("Reset Pin: PUT /login? [200]",async (done) => { await app .put(authApiPath+"/login?resetme=okiedokie&ts="+Date.now()) .send({pin:"0000"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer "+user.token) .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); user = res.body; //console.log(user); //J.is(user.lastReset); //await instance(new Date(user.lastReset),Date); done();});},1E9); it("Login: POST /login [200 - Reset Successful]",async (done) => { await app .post(authApiPath+"/login") .send({pin:"0000"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer "+user.token) .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); user = res.body; done();});},1E9); it("Logout: DELETE /login [200]",async (done) => { await app .delete(authApiPath+"/login") .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer "+user.token) .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); user = res.body; data.cookieArr = []; done();});},1E9); it("Test: GET /test-only [200]",async (done) => { await app .get(authApiPath+"/test-only") .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); done();});},1E9); it("Set User: POST /set [200 - Returning User]",async (done) => { await app .post(authApiPath+"/set") .send({username:"jackswift"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); user = res.body; done();});},1E9); it("Login: POST /login [200 - Returning User]",async (done) => { await app .post(authApiPath+"/login") .send({pin:"0000"}) .set("Origin","https://oba-dev-apps.com") .set("oba-CLIENT-ID",authApiID) .set("oba-CLIENT-KEY","1873487748") .set("XSRF-TOKEN",data.csrfToken) .set("Cookie",data.cookieArr) .set("Accept","application/json") .set("Authorization","Bearer "+user.token) .expect("Content-Type",/json/) .expect(200) .expect((res:Response) => { data = handleResponse(data,res); user = res.body; //console.log(user); done();});},1E9); }); /* New Tests: - attempt to set user without cookie or post body {username} -> 401 error - attempt to verify, login or reset without authtkn -> 401 error - lock acct and then reverify, unlock, reset then login - admin disable,enable,lock,unlock accts,update one,update many,remove many */