From e0a607b14e9360a344d8090bdbe3076fa2fa311c Mon Sep 17 00:00:00 2001
From: Mikhail Shustov <restrry@gmail.com>
Date: Thu, 23 May 2019 13:45:48 +0200
Subject: [PATCH] update tests

---
 src/core/server/http/http_server.test.ts      | 105 +++++++++++++++++-
 src/core/server/http/http_service.mock.ts     |   4 +
 .../integration_tests/http_service.test.ts    |  46 ++++++--
 3 files changed, 146 insertions(+), 9 deletions(-)

diff --git a/src/core/server/http/http_server.test.ts b/src/core/server/http/http_server.test.ts
index 0cd697eef0ec89..0f1a85a336b048 100644
--- a/src/core/server/http/http_server.test.ts
+++ b/src/core/server/http/http_server.test.ts
@@ -601,7 +601,7 @@ test('registers auth request interceptor only once', async () => {
   expect(doRegister()).rejects.toThrowError('Auth interceptor was already registered');
 });
 
-test('registers onRequest interceptor several times', async () => {
+test('registers registerOnPostAuth interceptor several times', async () => {
   const { registerOnPostAuth } = await server.setup(config);
   const doRegister = () => registerOnPostAuth(() => null as any);
 
@@ -751,3 +751,106 @@ test('Should support disabling auth for a route', async () => {
 
   expect(authenticate).not.toHaveBeenCalled();
 });
+
+describe('#auth.isAuthenticated()', () => {
+  it('returns true if has been authorized', async () => {
+    const { registerAuth, registerRouter, server: innerServer, auth } = await server.setup(config);
+
+    const router = new Router('');
+    router.get({ path: '/', validate: false }, async (req, res) =>
+      res.ok({ isAuthenticated: auth.isAuthenticated(req) })
+    );
+    registerRouter(router);
+
+    await registerAuth((req, sessionStorage, t) => t.authenticated({}), cookieOptions);
+
+    await server.start(config);
+    await supertest(innerServer.listener)
+      .get('/')
+      .expect(200, { isAuthenticated: true });
+  });
+
+  it('returns false if has not been authorized', async () => {
+    const { registerAuth, registerRouter, server: innerServer, auth } = await server.setup(config);
+
+    const router = new Router('');
+    router.get({ path: '/', validate: false, authRequired: false }, async (req, res) =>
+      res.ok({ isAuthenticated: auth.isAuthenticated(req) })
+    );
+    registerRouter(router);
+
+    await registerAuth((req, sessionStorage, t) => t.authenticated({}), cookieOptions);
+
+    await server.start(config);
+    await supertest(innerServer.listener)
+      .get('/')
+      .expect(200, { isAuthenticated: false });
+  });
+
+  it('returns false if no authorization mechanism has been registered', async () => {
+    const { registerRouter, server: innerServer, auth } = await server.setup(config);
+
+    const router = new Router('');
+    router.get({ path: '/', validate: false, authRequired: false }, async (req, res) =>
+      res.ok({ isAuthenticated: auth.isAuthenticated(req) })
+    );
+    registerRouter(router);
+
+    await server.start(config);
+    await supertest(innerServer.listener)
+      .get('/')
+      .expect(200, { isAuthenticated: false });
+  });
+});
+
+describe('#auth.get()', () => {
+  it('Should return authenticated status and allow associate auth state with request', async () => {
+    const user = { id: '42' };
+    const { registerRouter, registerAuth, server: innerServer, auth } = await server.setup(config);
+    await registerAuth((req, sessionStorage, t) => {
+      sessionStorage.set({ value: user });
+      return t.authenticated(user);
+    }, cookieOptions);
+
+    const router = new Router('');
+    router.get({ path: '/', validate: false }, async (req, res) => res.ok(auth.get(req)));
+    registerRouter(router);
+    await server.start(config);
+
+    await supertest(innerServer.listener)
+      .get('/')
+      .expect(200, { state: user, status: 'authenticated' });
+  });
+
+  it('Should return correct authentication unknown status', async () => {
+    const { registerRouter, server: innerServer, auth } = await server.setup(config);
+    const router = new Router('');
+    router.get({ path: '/', validate: false }, async (req, res) => res.ok(auth.get(req)));
+
+    registerRouter(router);
+    await server.start(config);
+    await supertest(innerServer.listener)
+      .get('/')
+      .expect(200, { status: 'unknown' });
+  });
+
+  it('Should return correct unauthenticated status', async () => {
+    const authenticate = jest.fn();
+
+    const { registerRouter, registerAuth, server: innerServer, auth } = await server.setup(config);
+    await registerAuth(authenticate, cookieOptions);
+    const router = new Router('');
+    router.get({ path: '/', validate: false, authRequired: false }, async (req, res) =>
+      res.ok(auth.get(req))
+    );
+
+    registerRouter(router);
+    await server.start(config);
+
+    await supertest(innerServer.listener)
+      .get('/')
+      .expect(200, { status: 'unauthenticated' });
+
+    expect(authenticate).not.toHaveBeenCalled();
+  });
+});
diff --git a/src/core/server/http/http_service.mock.ts b/src/core/server/http/http_service.mock.ts
index 3e06f4b1f4fa78..6d49ac3010ef02 100644
--- a/src/core/server/http/http_service.mock.ts
+++ b/src/core/server/http/http_service.mock.ts
@@ -31,6 +31,10 @@ const createSetupContractMock = () => {
     setBasePathFor: jest.fn(),
     // we can mock some hapi server method when we need it
     server: {} as Server,
+    auth: {
+      get: jest.fn(),
+      isAuthenticated: jest.fn(),
+    },
   };
   return setupContract;
 };
diff --git a/src/core/server/http/integration_tests/http_service.test.ts b/src/core/server/http/integration_tests/http_service.test.ts
index 226d264b74d26a..93fe20a80e1209 100644
--- a/src/core/server/http/integration_tests/http_service.test.ts
+++ b/src/core/server/http/integration_tests/http_service.test.ts
@@ -61,14 +61,14 @@ describe('http service', () => {
           if (req.headers.authorization) {
             const user = { id: '42' };
             sessionStorage.set({ value: user, expires: Date.now() + sessionDurationMs });
-            return t.authenticated({ credentials: user });
+            return t.authenticated(user);
           } else {
             return t.rejected(Boom.unauthorized());
           }
         };
 
         const { http } = await root.setup();
-        http.registerAuth(authenticate, cookieOptions);
+        await http.registerAuth(authenticate, cookieOptions);
         http.registerRouter(router);
         await root.start();
 
@@ -94,14 +94,14 @@ describe('http service', () => {
           if (req.headers.authorization) {
             const user = { id: '42' };
             sessionStorage.set({ value: user, expires: Date.now() + sessionDurationMs });
-            return t.authenticated({ credentials: user });
+            return t.authenticated(user);
           } else {
             return t.rejected(Boom.unauthorized());
           }
         };
 
         const { http } = await root.setup();
-        http.registerAuth(authenticate, cookieOptions);
+        await http.registerAuth(authenticate, cookieOptions);
         await root.start();
 
         await kbnTestServer.request
@@ -117,7 +117,7 @@ describe('http service', () => {
         };
 
         const { http } = await root.setup();
-        http.registerAuth(authenticate, cookieOptions);
+        await http.registerAuth(authenticate, cookieOptions);
         await root.start();
 
         const response = await kbnTestServer.request.get(root, '/').expect(302);
@@ -129,14 +129,14 @@ describe('http service', () => {
           if (req.headers.authorization) {
             const user = { id: '42' };
             sessionStorage.set({ value: user, expires: Date.now() + sessionDurationMs });
-            return t.authenticated({ credentials: user });
+            return t.authenticated(user);
           } else {
             return t.rejected(Boom.unauthorized());
           }
         };
 
         const { http } = await root.setup();
-        http.registerAuth(authenticate, cookieOptions);
+        await http.registerAuth(authenticate, cookieOptions);
         await root.start();
 
         const legacyUrl = '/legacy';
@@ -154,13 +154,43 @@ describe('http service', () => {
         expect(response.header['set-cookie']).toBe(undefined);
       });
 
+      it('Should pass associated auth state to Legacy platform', async () => {
+        const user = { id: '42' };
+        const authenticate: AuthenticationHandler<Storage> = async (req, sessionStorage, t) => {
+          if (req.headers.authorization) {
+            sessionStorage.set({ value: user, expires: Date.now() + sessionDurationMs });
+            return t.authenticated(user);
+          } else {
+            return t.rejected(Boom.unauthorized());
+          }
+        };
+
+        const { http } = await root.setup();
+        await http.registerAuth(authenticate, cookieOptions);
+        await root.start();
+
+        const legacyUrl = '/legacy';
+        const kbnServer = kbnTestServer.getKbnServer(root);
+        kbnServer.server.route({
+          method: 'GET',
+          path: legacyUrl,
+          handler: kbnServer.newPlatform.setup.core.http.auth.get,
+        });
+
+        const response = await kbnTestServer.request.get(root, legacyUrl).expect(200);
+        expect(response.body.state).toEqual(user);
+        expect(response.body.status).toEqual('authenticated');
+
+        expect(response.header['set-cookie']).toBe(undefined);
+      });
+
       it(`Shouldn't expose internal error details`, async () => {
         const authenticate: AuthenticationHandler<Storage> = async (req, sessionStorage, t) => {
           throw new Error('sensitive info');
         };
 
         const { http } = await root.setup();
-        http.registerAuth(authenticate, cookieOptions);
+        await http.registerAuth(authenticate, cookieOptions);
         await root.start();
 
         await kbnTestServer.request.get(root, '/').expect({