From bf05c4b00194a30e9e86e6ebe6552298788a7d8b Mon Sep 17 00:00:00 2001 From: Jon Swenson Date: Fri, 12 Jan 2018 21:58:39 -0500 Subject: [PATCH] Assignment9 good hapi process monitoring & extending hapi request lifecycle * important: use below to install good or get funky errors. `npm i good@8.0.0-rc1` * configure good console to write log reports to a logfile. Configure confidence file for good to log: test, production, and default. * Catch invalid attempts to access the ./private route. Extend the `onPreResponse` step of the lifecycle for the ./private route. So when invalid tokens are used to access ./private, the event is logged to the logfile. * Add `{ debug: false }` config to Confidence file for tests. Otherwise, the tests print out hapi-auth-bearer-token error reports. --- .gitignore | 1 + README.md | 97 ++++++++++++++++++++++++++-- lib/config.js | 47 +++++++++++++- lib/index.js | 6 +- lib/version.js | 47 ++++++++++++-- package-lock.json | 160 +++++++++++++++++++++++++++++++++++++--------- package.json | 7 +- test/version.js | 47 ++++++++++++-- 8 files changed, 361 insertions(+), 51 deletions(-) diff --git a/.gitignore b/.gitignore index a6a8ed3..71dedd5 100644 --- a/.gitignore +++ b/.gitignore @@ -15,5 +15,6 @@ config.json coverage.* .settings test/fixtures/awesomeLog.json +test/fixtures/awesome_log log package-lock.json diff --git a/README.md b/README.md index bac1262..92874dc 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,94 @@ # university rewrite -* lesson1 -* lesson2 -* lesson3 -* lesson4 -* lesson5 + +### lesson1 + +basic hapi server + + +### lesson2 + +basic plugin ./version.js + + +### lesson3 + +100% test coverage and .travis.yml + + +### lesson4 + +hapi-auth-bearer-token + +* add hapi-auth-bearer-token to the application. +* register the auth strategy in it's own plugin './authtoken.js' +* all routes must have valid token to be accessed + - currently only one route exists. +* adjusted project values to reflect assignment4 +* 100% test coverage routes now need a valid token. + + +### lesson5 + +Configuring tls + +* add tls set up to server configuration. + + +### lesson6 + +Using authStragies & prerequisites + +* build ./authenticate and ./private points. +* use prerequisite extensions to execute authentication logic. +* Make simple database.js data store to authenticate user records with. +* Apply default authStrategy to ./private point. +* No authStrategy for ./authenticate point. + + +### lesson7 + +catabox-redis + +* generate bearer-token upon successful authentication (cryptiles). +* Set bearer-token in catbox-cache along with user record. +* Expire the token after xxxxx time. Set expiresIn: value with + server.options. +* scopes for user record ['admin', 'member'] +* create ./private point which requires admin scope for access. +* pre-empt one user from generating multiple tokens. + + +### lesson8 + +confidence + +* Build confidence object in ./lib/configs.js +* Configure the object to be filtered by the `env` criteria +* (environment). +The environments will be production, test, default. + - production: configurations for deployment. + - test: configs for testing. + - default: configs for running on local enviroment. +* docs: https://github.com/hapijs/confidence +* TLS and confidence: + - confidence manipulates the tls certs if they are + loaded in the Confidence object. To solve the issue + load tls certs into configs object after confidence + generates it. + + +### lesson9 + +good hapi process monitoring & extending hapi request lifecycle + +* important: use below to install good or get funky errors.
+ `npm i good@8.0.0-rc1` +* configure good console to write log reports to a logfile. + Configure confidence file for good to log: test, production, and default. +* Catch invalid attempts to access the ./private route. + Extend the `onPreResponse` step of the lifecycle for the ./private route. + So when invalid tokens are used to access ./private, the event is + logged to the logfile. +* Add `{ debug: false }` config to Confidence file for tests. + Otherwise, the tests print out hapi-auth-bearer-token error reports. diff --git a/lib/config.js b/lib/config.js index 80cb496..858a1bc 100644 --- a/lib/config.js +++ b/lib/config.js @@ -10,6 +10,7 @@ exports.Config = { port: 443 }, test: { + debug: false, port: 8000 }, $default: { @@ -21,16 +22,60 @@ exports.Config = { production: { authToken: { expiresIn: 6000 + }, + good: { + ops: { + interval: 1000 + }, + reporters: { + file: [{ + module: 'good-squeeze', + name: 'Squeeze', + args: [{ ops: '*', log: '*', response: '*', error: '*' }] + }, { + module: 'good-squeeze', + name: 'SafeJson', + args: [ + null, + { seperator: ',' } + ] + }, { + module: 'good-file', + args: ['./log/good_log'] + }] + } } }, test: { authToken: { - expiresIn: 50 + expiresIn: 22 } }, $default: { authToken: { expiresIn: ((1000 * 60) * 2) + }, + good: { + ops: { + interval: 1000 + }, + reporters: { + myFileReporter: [{ + module: 'good-squeeze', + name: 'Squeeze', + args: [{ ops: '*', log: '*', response: '*', error: '*' }] + }, { + module: 'good-squeeze', + name: 'SafeJson', + args: [ + null, + { seperator: ',' } + ] + }, { + module: 'good-file', + args: ['./test/fixtures/awesome_log'] + }] + } } } } diff --git a/lib/index.js b/lib/index.js index 8e7091b..bf2aa99 100644 --- a/lib/index.js +++ b/lib/index.js @@ -1,6 +1,5 @@ 'use strict'; - // Load modules const Hapi = require('hapi'); @@ -8,6 +7,7 @@ const Hoek = require('hoek'); const HapiAuthBearerToken = require('hapi-auth-bearer-token'); const AuthTokenStrategy = require('./authtoken'); const Cache = require('./cache'); +const Good = require('good'); // Load custom plugins @@ -15,7 +15,6 @@ const Version = require('./version'); const internals = {}; - internals.init = async (serverOptions, pluginOptions) => { Hoek.assert(typeof serverOptions === 'object', new Error('server options be supplied.')); // @todo add strict validation @@ -24,7 +23,8 @@ internals.init = async (serverOptions, pluginOptions) => { { plugin: HapiAuthBearerToken, options: {} }, { plugin: AuthTokenStrategy, options: {} }, { plugin: Version, options: { message: 'lesson7' } }, - { plugin: Cache, options: { expiresIn: pluginOptions.authToken.expiresIn } } + { plugin: Cache, options: { expiresIn: pluginOptions.authToken.expiresIn } }, + { plugin: Good, options: pluginOptions.good } ]; try { diff --git a/lib/version.js b/lib/version.js index 7d86bbb..f802132 100644 --- a/lib/version.js +++ b/lib/version.js @@ -60,7 +60,7 @@ exports.plugin = { // * set cache records here (catbox-redis) lesson7. // * prempt multiple authtokens - // if user already authenticated. If yes, return current authtoken. + // if user already authenticated then return current authtoken. // * generate token with cryptiles. const activeuser = await request.server.app.active.get(request.payload.username); @@ -72,10 +72,25 @@ exports.plugin = { const randomAuthToken = Cryptiles.randomString(36); - await request.server.app.authtokens.set(randomAuthToken, { username: result.userRecord.username, email: result.userRecord.email, scope: result.userRecord.scope }); - await request.server.app.active.set(result.userRecord.username, { authtoken: randomAuthToken,username: result.userRecord.username, email: result.userRecord.email, scope: result.userRecord.scope }); + const authTokenCacheRecord = { + username: result.userRecord.username, + email: result.userRecord.email, + scope: result.userRecord.scope + }; + + await request.server.app.authtokens.set(randomAuthToken, authTokenCacheRecord); + + const activeCacheRecord = { + authtoken: randomAuthToken, + username: result.userRecord.username, + email: result.userRecord.email, + scope: result.userRecord.scope + }; + + await request.server.app.active.set(result.userRecord.username, activeCacheRecord); const welcome = { result: 'welcome', message: 'successful authentication', token: randomAuthToken }; + return welcome; } @@ -92,7 +107,6 @@ exports.plugin = { pre: [{ method: authenticatePreperation, assign: 'welcome' }] } }); - // curl -H "Content-Type: application/json" -X POST -d '{"username":"foofoo","password":"12345678"}' https://localhost:8000/authenticate // // ./private @@ -103,14 +117,37 @@ exports.plugin = { return 'privateData'; }; + const onPreResponseStep = function (request, h) { + + const response = request.response; + + if ( + (response.isBoom) && + (response.message === 'Authentication data missing credentials information') + ) { + + // Attempt was made to access private data with bad credentials + + request.server.log(['authentication', 'error', 'abuse'], 'Authentication data missing credentials information'); + } + + return h.continue; + + }; + server.route({ method: 'GET', path: '/private', config: { description: 'private data for authenticated `admin` users.', auth: { strategy: 'default', scope: ['admin'] }, - handler: privateHandle + handler: privateHandle, + ext: { + onPreResponse: { method: onPreResponseStep } + } } }); } }; + +// curl -H "Content-Type: application/json" -X POST -d '{"username":"foofoo","password":"12345678"}' https://localhost:8000/authenticate diff --git a/package-lock.json b/package-lock.json index 5f7e61c..c6ac83b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -213,8 +213,7 @@ "balanced-match": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", - "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=", - "dev": true + "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=" }, "big-time": { "version": "2.0.0", @@ -258,7 +257,6 @@ "version": "1.1.8", "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.8.tgz", "integrity": "sha1-wHshHHyVLsH479Uad+8NHTmQopI=", - "dev": true, "requires": { "balanced-match": "1.0.0", "concat-map": "0.0.1" @@ -454,8 +452,7 @@ "concat-map": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", - "dev": true + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" }, "concat-stream": { "version": "1.6.0", @@ -567,8 +564,7 @@ "core-util-is": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=", - "dev": true + "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" }, "cross-spawn": { "version": "5.1.0", @@ -644,6 +640,25 @@ "esutils": "2.0.2" } }, + "duplexify": { + "version": "3.5.3", + "resolved": "https://registry.npmjs.org/duplexify/-/duplexify-3.5.3.tgz", + "integrity": "sha512-g8ID9OroF9hKt2POf8YLayy+9594PzmM3scI00/uBXocX3TWNgoB67hjzkFe9ITAbQOne/lLdBxHXvYUM4ZgGA==", + "requires": { + "end-of-stream": "1.4.1", + "inherits": "2.0.3", + "readable-stream": "2.3.3", + "stream-shift": "1.0.0" + } + }, + "end-of-stream": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.1.tgz", + "integrity": "sha512-1MkrZNvWTKCaigbn+W15elq2BB/L22nqrSY5DKlo3X6+vclJm8Bb5djXJBmEX6fS3+zCh/F4VBK5Z2KxJt4s2Q==", + "requires": { + "once": "1.4.0" + } + }, "error-ex": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.1.tgz", @@ -808,6 +823,11 @@ "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", "dev": true }, + "fast-safe-stringify": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/fast-safe-stringify/-/fast-safe-stringify-1.1.13.tgz", + "integrity": "sha1-oB6c2cnkkXFcmKdaQtXwu9EH/3Y=" + }, "figures": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/figures/-/figures-2.0.0.tgz", @@ -859,11 +879,22 @@ "resolved": "https://registry.npmjs.org/flexbuffer/-/flexbuffer-0.0.6.tgz", "integrity": "sha1-A5/fI/iCPkQMOPMnfm/vEXQhWzA=" }, + "fs-extra": { + "version": "0.26.7", + "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-0.26.7.tgz", + "integrity": "sha1-muH92UiXeY7at20JGM9C0MMYT6k=", + "requires": { + "graceful-fs": "4.1.11", + "jsonfile": "2.4.0", + "klaw": "1.3.1", + "path-is-absolute": "1.0.1", + "rimraf": "2.6.2" + } + }, "fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", - "dev": true + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" }, "functional-red-black-tree": { "version": "1.0.1", @@ -880,7 +911,6 @@ "version": "7.1.2", "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz", "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==", - "dev": true, "requires": { "fs.realpath": "1.0.0", "inflight": "1.0.6", @@ -910,6 +940,41 @@ "pinkie-promise": "2.0.1" } }, + "good": { + "version": "8.0.0-rc1", + "resolved": "https://registry.npmjs.org/good/-/good-8.0.0-rc1.tgz", + "integrity": "sha512-DWktEDo7XmCqjQM9puNb75JPtOhKi8/k/wH+cY4ydQQynfdW6T3Kyvt+nS6tUpStY+prVPA1nvsMTcS4eSMELA==", + "requires": { + "hoek": "5.0.2", + "joi": "13.0.2", + "oppsy": "2.0.0", + "pumpify": "1.3.6" + } + }, + "good-file": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/good-file/-/good-file-6.0.1.tgz", + "integrity": "sha1-pCYNIjJYXVLzBUdWst3ifeQml8s=", + "requires": { + "fs-extra": "0.26.7" + } + }, + "good-squeeze": { + "version": "5.0.2", + "resolved": "https://registry.npmjs.org/good-squeeze/-/good-squeeze-5.0.2.tgz", + "integrity": "sha1-qOWCQrSgsyzb3zF7YOc6Gafwh5s=", + "requires": { + "fast-safe-stringify": "1.1.13", + "hoek": "4.2.0" + }, + "dependencies": { + "hoek": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/hoek/-/hoek-4.2.0.tgz", + "integrity": "sha512-v0XCLxICi9nPfYrS9RL8HbYnXi9obYAeLbSP00BmnZwCK9+Ih9WOjoZ8YoHCoav2csqn4FOz4Orldsy2dmDwmQ==" + } + } + }, "graceful-fs": { "version": "4.1.11", "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.11.tgz", @@ -1053,7 +1118,6 @@ "version": "1.0.6", "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dev": true, "requires": { "once": "1.4.0", "wrappy": "1.0.2" @@ -1062,8 +1126,7 @@ "inherits": { "version": "2.0.3", "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz", - "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=", - "dev": true + "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=" }, "inquirer": { "version": "3.3.0", @@ -1211,8 +1274,7 @@ "isarray": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", - "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=", - "dev": true + "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=" }, "isemail": { "version": "3.0.0", @@ -1275,6 +1337,14 @@ "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=", "dev": true }, + "jsonfile": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-2.4.0.tgz", + "integrity": "sha1-NzaitCi4e72gzIO1P6PWM6NcKug=", + "requires": { + "graceful-fs": "4.1.11" + } + }, "jsonify": { "version": "0.0.0", "resolved": "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz", @@ -1290,6 +1360,14 @@ "is-buffer": "1.1.6" } }, + "klaw": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/klaw/-/klaw-1.3.1.tgz", + "integrity": "sha1-QIhDO0azsbolnXh4XY6W9zugJDk=", + "requires": { + "graceful-fs": "4.1.11" + } + }, "lab": { "version": "15.1.2", "resolved": "https://registry.npmjs.org/lab/-/lab-15.1.2.tgz", @@ -1477,7 +1555,6 @@ "version": "3.0.4", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", - "dev": true, "requires": { "brace-expansion": "1.1.8" } @@ -1555,7 +1632,6 @@ "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dev": true, "requires": { "wrappy": "1.0.2" } @@ -1569,6 +1645,14 @@ "mimic-fn": "1.1.0" } }, + "oppsy": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/oppsy/-/oppsy-2.0.0.tgz", + "integrity": "sha1-OhlFF63CTDxhzcVvNfRTfpOjXjQ=", + "requires": { + "hoek": "5.0.2" + } + }, "optimist": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.6.1.tgz", @@ -1634,8 +1718,7 @@ "path-is-absolute": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "dev": true + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=" }, "path-is-inside": { "version": "1.0.2", @@ -1707,8 +1790,7 @@ "process-nextick-args": { "version": "1.0.7", "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-1.0.7.tgz", - "integrity": "sha1-FQ4gt1ZZCtP5EJPyWk8q2L/zC6M=", - "dev": true + "integrity": "sha1-FQ4gt1ZZCtP5EJPyWk8q2L/zC6M=" }, "progress": { "version": "2.0.0", @@ -1722,6 +1804,25 @@ "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM=", "dev": true }, + "pump": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/pump/-/pump-2.0.0.tgz", + "integrity": "sha512-6MYypjOvtiXhBSTOD0Zs5eNjCGfnqi5mPsCsW+dgKTxrZzQMZQNpBo3XRkLx7id753f3EeyHLBqzqqUymIolgw==", + "requires": { + "end-of-stream": "1.4.1", + "once": "1.4.0" + } + }, + "pumpify": { + "version": "1.3.6", + "resolved": "https://registry.npmjs.org/pumpify/-/pumpify-1.3.6.tgz", + "integrity": "sha512-BurGAcvezsINL5US9T9wGHHcLNrG6MCp//ECtxron3vcR+Rfx5Anqq7HbZXNJvFQli8FGVsWCAvywEJFV5Hx/Q==", + "requires": { + "duplexify": "3.5.3", + "inherits": "2.0.3", + "pump": "2.0.0" + } + }, "punycode": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.0.tgz", @@ -1750,7 +1851,6 @@ "version": "2.3.3", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.3.tgz", "integrity": "sha512-m+qzzcn7KUxEmd1gMbchF+Y2eIUbieUaxkWtptyHywrX0rE8QEYqPC07Vuy4Wm32/xE16NcdBctb8S0Xe/5IeQ==", - "dev": true, "requires": { "core-util-is": "1.0.2", "inherits": "2.0.3", @@ -1827,7 +1927,6 @@ "version": "2.6.2", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.2.tgz", "integrity": "sha512-lreewLK/BlghmxtfH36YYVg1i8IAce4TI7oao75I1g245+6BctqTVQiBP3YUJ9C6DQOXJmkYR9X9fCLtCOJc5w==", - "dev": true, "requires": { "glob": "7.1.2" } @@ -1859,8 +1958,7 @@ "safe-buffer": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz", - "integrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg==", - "dev": true + "integrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg==" }, "seedrandom": { "version": "2.4.3", @@ -1969,6 +2067,11 @@ "joi": "13.0.2" } }, + "stream-shift": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.0.tgz", + "integrity": "sha1-1cdSgl5TZ+eG944Y5EXqIjoVWVI=" + }, "string-width": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz", @@ -1983,7 +2086,6 @@ "version": "1.0.3", "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz", "integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==", - "dev": true, "requires": { "safe-buffer": "5.1.1" } @@ -2134,8 +2236,7 @@ "util-deprecate": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", - "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=", - "dev": true + "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" }, "validate-npm-package-license": { "version": "3.0.1", @@ -2221,8 +2322,7 @@ "wrappy": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", - "dev": true + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" }, "wreck": { "version": "14.0.2", diff --git a/package.json b/package.json index 215e83d..191eeec 100644 --- a/package.json +++ b/package.json @@ -29,8 +29,11 @@ "dependencies": { "boom": "7.x.x", "catbox-redis": "4.x.x", - "confidence": "^3.0.2", - "cryptiles": "^4.1.1", + "confidence": "3.x.x", + "cryptiles": "4.x.x", + "good": "^8.0.0-rc1", + "good-file": "^6.0.1", + "good-squeeze": "5.x.x", "hapi": "17.x.x", "hapi-auth-bearer-token": "6.x.x", "hoek": "^5.0.2" diff --git a/test/version.js b/test/version.js index 610797a..0fe31e2 100644 --- a/test/version.js +++ b/test/version.js @@ -17,7 +17,7 @@ const it = lab.test; const internals = {}; -// Confidence Configs +// Confidence Configs const { Config } = require('../lib/config'); const Store = new Confidence.Store(Config); @@ -99,7 +99,7 @@ describe('/version', () => { return setTimeoutPromise(200, 'foobar').then(async (value) => { - // setTimeoutPromise allows for tokens in rediscache to + // setTimeoutPromise allows for tokens in rediscache to // expire before the next test begins. const server = await University.init(internals.config.server, internals.config.plugins); @@ -162,9 +162,6 @@ describe('/version', () => { const University = require('../lib'); - // curl -H "Authorization: Bearer 12345678" -X GET https://localhost:8000/private - // curl -k -X GET -H "Authorization: Bearer 12345678" https://localhost:8000/version - const setTimeoutPromise = Util.promisify(setTimeout); return setTimeoutPromise(150).then(async () => { @@ -190,6 +187,42 @@ describe('/version', () => { }); }); + it('fails to access ./private. good server.log reports.', () => { + + const University = require('../lib'); + + + const setTimeoutPromise = Util.promisify(setTimeout); + + return setTimeoutPromise(150).then(async () => { + + const server = await University.init(internals.config.server, internals.config.plugins); + + expect(server).to.be.an.object(); + + server.events.on('log', (event, tags) => { + + if (tags.error) { + expect(tags.authentication).to.equal(true); + expect(tags.abuse).to.equal(true); + expect(event.data).to.equal('Authentication data missing credentials information'); + } + }); + + // http-auth-bearer-token creates a console error repsponse. + // It prints out to the console. Turn these console reports off by setting `debug: false` (./lib/config.js) + + const request = { method: 'GET', url: '/private', headers: { authorization: 'Bearer ' + 'badToken' } }; + + const res = await server.inject(request); + + expect(res.result.statusCode).to.equal(500); + expect(res.result.error).to.equal('Internal Server Error'); + + await server.stop({ timeout: 4 }); + }); + }); + it('denies non-admin user access to ./private route', () => { const University = require('../lib'); @@ -224,5 +257,9 @@ describe('/version', () => { }); }); +// curl -H "Authorization: Bearer 12345678" -X GET https://localhost:8000/private +// curl -k -X GET -H "Authorization: Bearer 12345678" https://localhost:8000/version +// curl -H "Authorization: Bearer 12345678" -X GET https://localhost:8000/private +// curl -k -X GET -H "Authorization: Bearer 12345678" https://localhost:8000/version // curl -k -H "Content-Type: application/json" -X POST -d '{"username":"foofoo","password":"12345678"}' https://localhost:8000/authenticate // curl -k -X GET -H "Authorization: Bearer 12345678" https://localhost:8000/version