refactor(core)!: Remove basic-auth, external-jwt-auth, and no-auth options (#6362)
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
This commit is contained in:
Iván Ovejero
committed by
कारतोफ्फेलस्क्रिप्ट™
कारतोफ्फेलस्क्रिप्ट™
parent
a45a2c8c41
commit
8c008f5d22
@@ -123,15 +123,4 @@ describe('OwnerController', () => {
|
||||
expect(cookieOptions.value.sameSite).toBe('lax');
|
||||
});
|
||||
});
|
||||
|
||||
describe('skipSetup', () => {
|
||||
it('should skip setting up the instance owner', async () => {
|
||||
await controller.skipSetup();
|
||||
expect(settingsRepository.update).toHaveBeenCalledWith(
|
||||
{ key: 'userManagement.skipInstanceOwnerSetup' },
|
||||
{ value: JSON.stringify(true) },
|
||||
);
|
||||
expect(config.set).toHaveBeenCalledWith('userManagement.skipInstanceOwnerSetup', true);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
@@ -1,42 +0,0 @@
|
||||
import express from 'express';
|
||||
import request from 'supertest';
|
||||
import config from '@/config';
|
||||
import { setupBasicAuth } from '@/middlewares/basicAuth';
|
||||
|
||||
describe('Basic Auth Middleware', () => {
|
||||
let app: express.Application;
|
||||
|
||||
beforeAll(() => {
|
||||
app = express();
|
||||
config.set('security.basicAuth', { user: 'jim', password: 'n8n', hash: false, active: true });
|
||||
setupBasicAuth(app, config, new RegExp('^/skip-auth'));
|
||||
app.get('/test', (req, res) => res.send({ auth: true }));
|
||||
app.get('/skip-auth', (req, res) => res.send({ auth: false }));
|
||||
});
|
||||
|
||||
it('should not block calls to /skip-auth', async () => {
|
||||
const response = await request(app).get('/skip-auth');
|
||||
expect(response.statusCode).toEqual(200);
|
||||
expect(response.headers).not.toHaveProperty('www-authenticate');
|
||||
expect(response.body).toEqual({ auth: false });
|
||||
});
|
||||
|
||||
it('should block calls to /test if auth is absent', async () => {
|
||||
const response = await request(app).get('/test');
|
||||
expect(response.statusCode).toEqual(401);
|
||||
expect(response.headers).toHaveProperty('www-authenticate');
|
||||
});
|
||||
|
||||
it('should block calls to /test if auth is invalid', async () => {
|
||||
const response = await request(app).get('/test').auth('user', 'invalid');
|
||||
expect(response.statusCode).toEqual(401);
|
||||
expect(response.headers).toHaveProperty('www-authenticate');
|
||||
});
|
||||
|
||||
it('should allow access to /test if basic auth header is valid', async () => {
|
||||
const response = await request(app).get('/test').auth('jim', 'n8n');
|
||||
expect(response.statusCode).toEqual(200);
|
||||
expect(response.headers).not.toHaveProperty('www-authenticate');
|
||||
expect(response.body).toEqual({ auth: true });
|
||||
});
|
||||
});
|
||||
@@ -1,47 +0,0 @@
|
||||
import express from 'express';
|
||||
import request from 'supertest';
|
||||
import createJWKSMock from 'mock-jwks';
|
||||
import config from '@/config';
|
||||
import { setupExternalJWTAuth } from '@/middlewares/externalJWTAuth';
|
||||
|
||||
const testJWKUri = 'https://n8n.test/';
|
||||
const jwksMock = createJWKSMock(testJWKUri);
|
||||
|
||||
describe('External JWT Auth Middleware', () => {
|
||||
let app: express.Application;
|
||||
|
||||
beforeAll(() => {
|
||||
app = express();
|
||||
config.set('security.jwtAuth.jwtHeader', 'Authorization');
|
||||
config.set('security.jwtAuth.jwtHeaderValuePrefix', 'Bearer');
|
||||
config.set('security.jwtAuth.jwtIssuer', 'n8n');
|
||||
config.set('security.jwtAuth.jwksUri', `${testJWKUri}.well-known/jwks.json`);
|
||||
setupExternalJWTAuth(app, config, new RegExp('^/skip-auth'));
|
||||
app.get('/test', (req, res) => res.send({ auth: true }));
|
||||
app.get('/skip-auth', (req, res) => res.send({ auth: false }));
|
||||
|
||||
jwksMock.start();
|
||||
});
|
||||
|
||||
it('should not block calls to /skip-auth', async () => {
|
||||
const response = await request(app).get('/skip-auth');
|
||||
expect(response.statusCode).toEqual(200);
|
||||
expect(response.body).toEqual({ auth: false });
|
||||
});
|
||||
|
||||
it('should block calls to /test if auth is absent', async () =>
|
||||
request(app).get('/test').expect(403));
|
||||
|
||||
it('should block calls to /test if auth is invalid', async () => {
|
||||
const token = jwksMock.token({ iss: 'invalid' });
|
||||
const response = await request(app).get('/test').set('Authorization', `Bearer ${token}`);
|
||||
expect(response.statusCode).toEqual(403);
|
||||
});
|
||||
|
||||
it('should allow access to /test if JWT auth header is valid', async () => {
|
||||
const token = jwksMock.token({ iss: 'n8n' });
|
||||
const response = await request(app).get('/test').set('Authorization', `Bearer ${token}`);
|
||||
expect(response.statusCode).toEqual(200);
|
||||
expect(response.body).toEqual({ auth: true });
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user