[6a3a178] | 1 | var helpers = require('./helpers'),
|
---|
| 2 | should = require('should'),
|
---|
| 3 | needle = require('./../'),
|
---|
| 4 | server;
|
---|
| 5 |
|
---|
| 6 | var port = 7707;
|
---|
| 7 |
|
---|
| 8 | describe('Basic Auth', function() {
|
---|
| 9 |
|
---|
| 10 | before(function(done) {
|
---|
| 11 | server = helpers.server({ port: port }, done);
|
---|
| 12 | })
|
---|
| 13 |
|
---|
| 14 | after(function(done) {
|
---|
| 15 | server.close(done);
|
---|
| 16 | })
|
---|
| 17 |
|
---|
| 18 | ///////////////// helpers
|
---|
| 19 |
|
---|
| 20 | var get_auth = function(header) {
|
---|
| 21 | var token = header.split(/\s+/).pop();
|
---|
| 22 | return token && Buffer.from(token, 'base64').toString().split(':');
|
---|
| 23 | }
|
---|
| 24 |
|
---|
| 25 | describe('when neither username or password are passed', function() {
|
---|
| 26 |
|
---|
| 27 | it('doesnt send any Authorization headers', function(done) {
|
---|
| 28 | needle.get('localhost:' + port, { parse: true }, function(err, resp) {
|
---|
| 29 | var sent_headers = resp.body.headers;
|
---|
| 30 | Object.keys(sent_headers).should.not.containEql('authorization');
|
---|
| 31 | done();
|
---|
| 32 | })
|
---|
| 33 | })
|
---|
| 34 |
|
---|
| 35 | })
|
---|
| 36 |
|
---|
| 37 | describe('when username is an empty string, and password is a valid string', function() {
|
---|
| 38 |
|
---|
| 39 | var opts = { username: '', password: 'foobar', parse: true };
|
---|
| 40 |
|
---|
| 41 | it('doesnt send any Authorization headers', function(done) {
|
---|
| 42 | needle.get('localhost:' + port, { parse: true }, function(err, resp) {
|
---|
| 43 | var sent_headers = resp.body.headers;
|
---|
| 44 | Object.keys(sent_headers).should.not.containEql('authorization');
|
---|
| 45 | done();
|
---|
| 46 | })
|
---|
| 47 | })
|
---|
| 48 |
|
---|
| 49 | });
|
---|
| 50 |
|
---|
| 51 | describe('when username is a valid string, but no username is passed', function() {
|
---|
| 52 |
|
---|
| 53 | var opts = { username: 'foobar', parse: true };
|
---|
| 54 |
|
---|
| 55 | it('sends Authorization header', function(done) {
|
---|
| 56 | needle.get('localhost:' + port, opts, function(err, resp) {
|
---|
| 57 | var sent_headers = resp.body.headers;
|
---|
| 58 | Object.keys(sent_headers).should.containEql('authorization');
|
---|
| 59 | done();
|
---|
| 60 | })
|
---|
| 61 | })
|
---|
| 62 |
|
---|
| 63 | it('Basic Auth only includes username, without colon', function(done) {
|
---|
| 64 | needle.get('localhost:' + port, opts, function(err, resp) {
|
---|
| 65 | var sent_headers = resp.body.headers;
|
---|
| 66 | var auth = get_auth(sent_headers['authorization']);
|
---|
| 67 | auth[0].should.equal('foobar');
|
---|
| 68 | auth.should.have.lengthOf(1);
|
---|
| 69 | done();
|
---|
| 70 | })
|
---|
| 71 | })
|
---|
| 72 |
|
---|
| 73 | })
|
---|
| 74 |
|
---|
| 75 | describe('when username is a valid string, and password is null', function() {
|
---|
| 76 |
|
---|
| 77 | var opts = { username: 'foobar', password: null, parse: true };
|
---|
| 78 |
|
---|
| 79 | it('sends Authorization header', function(done) {
|
---|
| 80 | needle.get('localhost:' + port, opts, function(err, resp) {
|
---|
| 81 | var sent_headers = resp.body.headers;
|
---|
| 82 | Object.keys(sent_headers).should.containEql('authorization');
|
---|
| 83 | done();
|
---|
| 84 | })
|
---|
| 85 | })
|
---|
| 86 |
|
---|
| 87 | it('Basic Auth only includes both username and password', function(done) {
|
---|
| 88 | needle.get('localhost:' + port, opts, function(err, resp) {
|
---|
| 89 | var sent_headers = resp.body.headers;
|
---|
| 90 | var auth = get_auth(sent_headers['authorization']);
|
---|
| 91 | auth[0].should.equal('foobar');
|
---|
| 92 | auth[1].should.equal('');
|
---|
| 93 | done();
|
---|
| 94 | })
|
---|
| 95 | })
|
---|
| 96 |
|
---|
| 97 | })
|
---|
| 98 |
|
---|
| 99 | describe('when username is a valid string, and password is an empty string', function() {
|
---|
| 100 |
|
---|
| 101 | var opts = { username: 'foobar', password: '', parse: true };
|
---|
| 102 |
|
---|
| 103 | it('sends Authorization header', function(done) {
|
---|
| 104 | needle.get('localhost:' + port, opts, function(err, resp) {
|
---|
| 105 | var sent_headers = resp.body.headers;
|
---|
| 106 | Object.keys(sent_headers).should.containEql('authorization');
|
---|
| 107 | done();
|
---|
| 108 | })
|
---|
| 109 | })
|
---|
| 110 |
|
---|
| 111 | it('Basic Auth only includes both username and password', function(done) {
|
---|
| 112 | needle.get('localhost:' + port, opts, function(err, resp) {
|
---|
| 113 | var sent_headers = resp.body.headers;
|
---|
| 114 | var auth = get_auth(sent_headers['authorization']);
|
---|
| 115 | auth[0].should.equal('foobar');
|
---|
| 116 | auth[1].should.equal('');
|
---|
| 117 | auth.should.have.lengthOf(2);
|
---|
| 118 | done();
|
---|
| 119 | })
|
---|
| 120 | })
|
---|
| 121 |
|
---|
| 122 | })
|
---|
| 123 |
|
---|
| 124 | describe('when username AND password are non empty strings', function() {
|
---|
| 125 |
|
---|
| 126 | var opts = { username: 'foobar', password: 'jakub', parse: true };
|
---|
| 127 |
|
---|
| 128 | it('sends Authorization header', function(done) {
|
---|
| 129 | needle.get('localhost:' + port, opts, function(err, resp) {
|
---|
| 130 | var sent_headers = resp.body.headers;
|
---|
| 131 | Object.keys(sent_headers).should.containEql('authorization');
|
---|
| 132 | done();
|
---|
| 133 | })
|
---|
| 134 | })
|
---|
| 135 |
|
---|
| 136 | it('Basic Auth only includes both user and password', function(done) {
|
---|
| 137 | needle.get('localhost:' + port, opts, function(err, resp) {
|
---|
| 138 | var sent_headers = resp.body.headers;
|
---|
| 139 | var auth = get_auth(sent_headers['authorization']);
|
---|
| 140 | auth[0].should.equal('foobar');
|
---|
| 141 | auth[1].should.equal('jakub');
|
---|
| 142 | auth.should.have.lengthOf(2);
|
---|
| 143 | done();
|
---|
| 144 | })
|
---|
| 145 | })
|
---|
| 146 |
|
---|
| 147 | })
|
---|
| 148 |
|
---|
| 149 | describe('URL with @ but not username/pass', function() {
|
---|
| 150 | it('doesnt send Authorization header', function(done) {
|
---|
| 151 | var url = 'localhost:' + port + '/abc/@def/xyz.zip';
|
---|
| 152 |
|
---|
| 153 | needle.get(url, {}, function(err, resp) {
|
---|
| 154 | var sent_headers = resp.body.headers;
|
---|
| 155 | Object.keys(sent_headers).should.not.containEql('authorization');
|
---|
| 156 | done();
|
---|
| 157 | })
|
---|
| 158 | })
|
---|
| 159 |
|
---|
| 160 | it('sends user:pass headers if passed via options', function(done) {
|
---|
| 161 | var url = 'localhost:' + port + '/abc/@def/xyz.zip';
|
---|
| 162 |
|
---|
| 163 | needle.get(url, { username: 'foo' }, function(err, resp) {
|
---|
| 164 | var sent_headers = resp.body.headers;
|
---|
| 165 | Object.keys(sent_headers).should.containEql('authorization');
|
---|
| 166 | sent_headers['authorization'].should.eql('Basic Zm9v')
|
---|
| 167 | done();
|
---|
| 168 | })
|
---|
| 169 | })
|
---|
| 170 | })
|
---|
| 171 |
|
---|
| 172 | describe('when username/password are included in URL', function() {
|
---|
| 173 | var opts = { parse: true };
|
---|
| 174 |
|
---|
| 175 | it('sends Authorization header', function(done) {
|
---|
| 176 | needle.get('foobar:jakub@localhost:' + port, opts, function(err, resp) {
|
---|
| 177 | var sent_headers = resp.body.headers;
|
---|
| 178 | Object.keys(sent_headers).should.containEql('authorization');
|
---|
| 179 | done();
|
---|
| 180 | })
|
---|
| 181 | })
|
---|
| 182 |
|
---|
| 183 | it('Basic Auth only includes both user and password', function(done) {
|
---|
| 184 | needle.get('foobar:jakub@localhost:' + port, opts, function(err, resp) {
|
---|
| 185 | var sent_headers = resp.body.headers;
|
---|
| 186 | var auth = get_auth(sent_headers['authorization']);
|
---|
| 187 | auth[0].should.equal('foobar');
|
---|
| 188 | auth[1].should.equal('jakub');
|
---|
| 189 | auth.should.have.lengthOf(2);
|
---|
| 190 | done();
|
---|
| 191 | })
|
---|
| 192 | })
|
---|
| 193 |
|
---|
| 194 | })
|
---|
| 195 |
|
---|
| 196 | })
|
---|