@icure/api 8.0.8 → 8.0.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/model/models.d.ts +1 -0
- package/icc-api/model/models.js +1 -0
- package/icc-api/model/models.js.map +1 -1
- package/icc-x-api/crypto/BaseExchangeDataManager.js +1 -1
- package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/BaseExchangeKeysManager.js +7 -3
- package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
- package/icc-x-api/crypto/ExchangeDataManager.js +3 -2
- package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/KeyRecovery.js +6 -5
- package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
- package/icc-x-api/crypto/RSA.d.ts +4 -1
- package/icc-x-api/crypto/RSA.js +6 -1
- package/icc-x-api/crypto/RSA.js.map +1 -1
- package/icc-x-api/crypto/SecureDelegationsManager.js +2 -1
- package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
- package/icc-x-api/crypto/ShamirKeysManager.js +8 -9
- package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
- package/icc-x-api/crypto/TransferKeysManager.js +4 -3
- package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
- package/icc-x-api/crypto/UserEncryptionKeysManager.js +4 -4
- package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -1
- package/icc-x-api/crypto/UserSignatureKeysManager.js +9 -5
- package/icc-x-api/crypto/UserSignatureKeysManager.js.map +1 -1
- package/icc-x-api/crypto/utils.d.ts +13 -4
- package/icc-x-api/crypto/utils.js +27 -9
- package/icc-x-api/crypto/utils.js.map +1 -1
- package/icc-x-api/icc-accesslog-x-api.js +16 -14
- package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
- package/icc-x-api/icc-calendar-item-x-api.d.ts +2 -2
- package/icc-x-api/icc-calendar-item-x-api.js +17 -17
- package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
- package/icc-x-api/icc-classification-x-api.js +12 -11
- package/icc-x-api/icc-classification-x-api.js.map +1 -1
- package/icc-x-api/icc-contact-x-api.d.ts +2 -2
- package/icc-x-api/icc-contact-x-api.js +23 -20
- package/icc-x-api/icc-contact-x-api.js.map +1 -1
- package/icc-x-api/icc-data-owner-x-api.js +1 -1
- package/icc-x-api/icc-data-owner-x-api.js.map +1 -1
- package/icc-x-api/icc-document-x-api.js +17 -16
- package/icc-x-api/icc-document-x-api.js.map +1 -1
- package/icc-x-api/icc-form-x-api.js +13 -12
- package/icc-x-api/icc-form-x-api.js.map +1 -1
- package/icc-x-api/icc-helement-x-api.js +18 -16
- package/icc-x-api/icc-helement-x-api.js.map +1 -1
- package/icc-x-api/icc-icure-maintenance-x-api.js +4 -3
- package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
- package/icc-x-api/icc-invoice-x-api.js +12 -11
- package/icc-x-api/icc-invoice-x-api.js.map +1 -1
- package/icc-x-api/icc-maintenance-task-x-api.js +11 -11
- package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
- package/icc-x-api/icc-message-x-api.js +14 -14
- package/icc-x-api/icc-message-x-api.js.map +1 -1
- package/icc-x-api/icc-patient-x-api.js +28 -27
- package/icc-x-api/icc-patient-x-api.js.map +1 -1
- package/icc-x-api/icc-receipt-x-api.js +11 -10
- package/icc-x-api/icc-receipt-x-api.js.map +1 -1
- package/icc-x-api/icc-recovery-x-api.js +3 -2
- package/icc-x-api/icc-recovery-x-api.js.map +1 -1
- package/icc-x-api/icc-time-table-x-api.js +9 -8
- package/icc-x-api/icc-time-table-x-api.js.map +1 -1
- package/icc-x-api/icc-topic-x-api.js +13 -13
- package/icc-x-api/icc-topic-x-api.js.map +1 -1
- package/icc-x-api/storage/IcureStorageFacade.js +4 -1
- package/icc-x-api/storage/IcureStorageFacade.js.map +1 -1
- package/icc-x-api/utils/EntityWithDelegationTypeName.d.ts +17 -1
- package/icc-x-api/utils/EntityWithDelegationTypeName.js +33 -15
- package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -1
- package/package.json +1 -1
- package/test/icc-api/api/IccAnonymousAccessApi.d.ts +1 -0
- package/test/icc-api/api/IccAnonymousAccessApi.js +58 -0
- package/test/icc-api/api/IccAnonymousAccessApi.js.map +1 -0
- package/test/icc-api/api/IccDocumentApi.d.ts +1 -0
- package/test/icc-api/api/IccDocumentApi.js +208 -0
- package/test/icc-api/api/IccDocumentApi.js.map +1 -0
- package/test/icc-api/api/IccGroupApi.d.ts +1 -0
- package/test/icc-api/api/IccGroupApi.js +50 -0
- package/test/icc-api/api/IccGroupApi.js.map +1 -0
- package/test/icc-api/api/IccRecoveryDataApi.d.ts +1 -0
- package/test/icc-api/api/IccRecoveryDataApi.js +95 -0
- package/test/icc-api/api/IccRecoveryDataApi.js.map +1 -0
- package/test/icc-api/api/IccRoleApi.d.ts +1 -0
- package/test/icc-api/api/IccRoleApi.js +34 -0
- package/test/icc-api/api/IccRoleApi.js.map +1 -0
- package/test/icc-api/api/IccUserApi.d.ts +1 -0
- package/test/icc-api/api/IccUserApi.js +96 -0
- package/test/icc-api/api/IccUserApi.js.map +1 -0
- package/test/icc-api/e2e/IccCalendarItemApi.d.ts +1 -0
- package/test/icc-api/e2e/IccCalendarItemApi.js +46 -0
- package/test/icc-api/e2e/IccCalendarItemApi.js.map +1 -0
- package/test/icc-api/model/modelHelpersTest.d.ts +1 -0
- package/test/icc-api/model/modelHelpersTest.js +45 -0
- package/test/icc-api/model/modelHelpersTest.js.map +1 -0
- package/test/icc-x-api/auth/group-switch-test.d.ts +1 -0
- package/test/icc-x-api/auth/group-switch-test.js +81 -0
- package/test/icc-x-api/auth/group-switch-test.js.map +1 -0
- package/test/icc-x-api/auth/jwt-concurrency-test.d.ts +2 -0
- package/test/icc-x-api/auth/jwt-concurrency-test.js +113 -0
- package/test/icc-x-api/auth/jwt-concurrency-test.js.map +1 -0
- package/test/icc-x-api/auth/smart-auth-provider-test.d.ts +1 -0
- package/test/icc-x-api/auth/smart-auth-provider-test.js +224 -0
- package/test/icc-x-api/auth/smart-auth-provider-test.js.map +1 -0
- package/test/icc-x-api/autofix-anonymity-test.d.ts +1 -0
- package/test/icc-x-api/autofix-anonymity-test.js +108 -0
- package/test/icc-x-api/autofix-anonymity-test.js.map +1 -0
- package/test/icc-x-api/confidential-entities-test.d.ts +1 -0
- package/test/icc-x-api/confidential-entities-test.js +110 -0
- package/test/icc-x-api/confidential-entities-test.js.map +1 -0
- package/test/icc-x-api/crud/comprehensive-crud-test.d.ts +1 -0
- package/test/icc-x-api/crud/comprehensive-crud-test.js +276 -0
- package/test/icc-x-api/crud/comprehensive-crud-test.js.map +1 -0
- package/test/icc-x-api/crud/entities-crud-test-interface.d.ts +16 -0
- package/test/icc-x-api/crud/entities-crud-test-interface.js +422 -0
- package/test/icc-x-api/crud/entities-crud-test-interface.js.map +1 -0
- package/test/icc-x-api/crypto/anonymous-delegations-test.d.ts +1 -0
- package/test/icc-x-api/crypto/anonymous-delegations-test.js +588 -0
- package/test/icc-x-api/crypto/anonymous-delegations-test.js.map +1 -0
- package/test/icc-x-api/crypto/concurrency.d.ts +1 -0
- package/test/icc-x-api/crypto/concurrency.js +35 -0
- package/test/icc-x-api/crypto/concurrency.js.map +1 -0
- package/test/icc-x-api/crypto/crypto-utils.d.ts +1 -0
- package/test/icc-x-api/crypto/crypto-utils.js +80 -0
- package/test/icc-x-api/crypto/crypto-utils.js.map +1 -0
- package/test/icc-x-api/crypto/cryptoTest.d.ts +2 -0
- package/test/icc-x-api/crypto/cryptoTest.js +302 -0
- package/test/icc-x-api/crypto/cryptoTest.js.map +1 -0
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.d.ts +1 -0
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js +166 -0
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js.map +1 -0
- package/test/icc-x-api/crypto/exchange-data-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/exchange-data-manager-test.js +690 -0
- package/test/icc-x-api/crypto/exchange-data-manager-test.js.map +1 -0
- package/test/icc-x-api/crypto/full-crypto-test.d.ts +1 -0
- package/test/icc-x-api/crypto/full-crypto-test.js +457 -0
- package/test/icc-x-api/crypto/full-crypto-test.js.map +1 -0
- package/test/icc-x-api/crypto/secure-delegations-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js +266 -0
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js.map +1 -0
- package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.d.ts +1 -0
- package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.js +393 -0
- package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.js.map +1 -0
- package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.d.ts +1 -0
- package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.js +213 -0
- package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.js.map +1 -0
- package/test/icc-x-api/crypto/shamir.d.ts +2 -0
- package/test/icc-x-api/crypto/shamir.js +166 -0
- package/test/icc-x-api/crypto/shamir.js.map +1 -0
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.d.ts +1 -0
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.js +71 -0
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.js.map +1 -0
- package/test/icc-x-api/crypto/signature-keys-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/signature-keys-manager-test.js +44 -0
- package/test/icc-x-api/crypto/signature-keys-manager-test.js.map +1 -0
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js +246 -0
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js.map +1 -0
- package/test/icc-x-api/entity-with-attachments-api-test.d.ts +1 -0
- package/test/icc-x-api/entity-with-attachments-api-test.js +142 -0
- package/test/icc-x-api/entity-with-attachments-api-test.js.map +1 -0
- package/test/icc-x-api/filters/filters.d.ts +1 -0
- package/test/icc-x-api/filters/filters.js +49 -0
- package/test/icc-x-api/filters/filters.js.map +1 -0
- package/test/icc-x-api/icc-accesslog-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-accesslog-x-api.js +106 -0
- package/test/icc-x-api/icc-accesslog-x-api.js.map +1 -0
- package/test/icc-x-api/icc-auth-api.d.ts +1 -0
- package/test/icc-x-api/icc-auth-api.js +47 -0
- package/test/icc-x-api/icc-auth-api.js.map +1 -0
- package/test/icc-x-api/icc-calendar-item-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-calendar-item-x-api.js +150 -0
- package/test/icc-x-api/icc-calendar-item-x-api.js.map +1 -0
- package/test/icc-x-api/icc-contact-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-contact-x-api.js +279 -0
- package/test/icc-x-api/icc-contact-x-api.js.map +1 -0
- package/test/icc-x-api/icc-form-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-form-x-api.js +98 -0
- package/test/icc-x-api/icc-form-x-api.js.map +1 -0
- package/test/icc-x-api/icc-helement-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-helement-x-api-test.js +153 -0
- package/test/icc-x-api/icc-helement-x-api-test.js.map +1 -0
- package/test/icc-x-api/icc-invoice-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-invoice-x-api.js +99 -0
- package/test/icc-x-api/icc-invoice-x-api.js.map +1 -0
- package/test/icc-x-api/icc-maintenance-task-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-maintenance-task-x-api-test.js +221 -0
- package/test/icc-x-api/icc-maintenance-task-x-api-test.js.map +1 -0
- package/test/icc-x-api/icc-message-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-message-x-api.js +328 -0
- package/test/icc-x-api/icc-message-x-api.js.map +1 -0
- package/test/icc-x-api/icc-patient-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-patient-x-api-test.js +158 -0
- package/test/icc-x-api/icc-patient-x-api-test.js.map +1 -0
- package/test/icc-x-api/icc-recovery-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-recovery-x-api.js +170 -0
- package/test/icc-x-api/icc-recovery-x-api.js.map +1 -0
- package/test/icc-x-api/icc-time-table-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-time-table-x-api.js +100 -0
- package/test/icc-x-api/icc-time-table-x-api.js.map +1 -0
- package/test/icc-x-api/icc-topic-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-topic-x-api.js +269 -0
- package/test/icc-x-api/icc-topic-x-api.js.map +1 -0
- package/test/icc-x-api/icc-user-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-user-x-api-test.js +99 -0
- package/test/icc-x-api/icc-user-x-api-test.js.map +1 -0
- package/test/icc-x-api/patient-user.d.ts +2 -0
- package/test/icc-x-api/patient-user.js +104 -0
- package/test/icc-x-api/patient-user.js.map +1 -0
- package/test/icc-x-api/storage/storage.d.ts +1 -0
- package/test/icc-x-api/storage/storage.js +48 -0
- package/test/icc-x-api/storage/storage.js.map +1 -0
- package/test/icc-x-api/test-api-no-parent.d.ts +1 -0
- package/test/icc-x-api/test-api-no-parent.js +79 -0
- package/test/icc-x-api/test-api-no-parent.js.map +1 -0
- package/test/icc-x-api/test-legacy-data-support.d.ts +1 -0
- package/test/icc-x-api/test-legacy-data-support.js +376 -0
- package/test/icc-x-api/test-legacy-data-support.js.map +1 -0
- package/test/icc-x-api/utils/graph-test.d.ts +1 -0
- package/test/icc-x-api/utils/graph-test.js +54 -0
- package/test/icc-x-api/utils/graph-test.js.map +1 -0
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.d.ts +1 -0
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.js +364 -0
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.js.map +1 -0
- package/test/support/CSM-185.d.ts +1 -0
- package/test/support/CSM-185.js +124 -0
- package/test/support/CSM-185.js.map +1 -0
- package/test/support/CSM-243.d.ts +1 -0
- package/test/support/CSM-243.js +120 -0
- package/test/support/CSM-243.js.map +1 -0
- package/test/support/CSM-87.d.ts +0 -0
- package/test/support/CSM-87.js +21 -0
- package/test/support/CSM-87.js.map +1 -0
- package/test/support/CSM-93.d.ts +1 -0
- package/test/support/CSM-93.js +112 -0
- package/test/support/CSM-93.js.map +1 -0
- package/test/utils/FakeDataOwnerApi.d.ts +32 -0
- package/test/utils/FakeDataOwnerApi.js +136 -0
- package/test/utils/FakeDataOwnerApi.js.map +1 -0
- package/test/utils/FakeEncryptionKeysManager.d.ts +35 -0
- package/test/utils/FakeEncryptionKeysManager.js +87 -0
- package/test/utils/FakeEncryptionKeysManager.js.map +1 -0
- package/test/utils/FakeExchangeDataApi.d.ts +30 -0
- package/test/utils/FakeExchangeDataApi.js +74 -0
- package/test/utils/FakeExchangeDataApi.js.map +1 -0
- package/test/utils/FakeExchangeDataManager.d.ts +40 -0
- package/test/utils/FakeExchangeDataManager.js +89 -0
- package/test/utils/FakeExchangeDataManager.js.map +1 -0
- package/test/utils/FakeExchangeDataMapManager.d.ts +12 -0
- package/test/utils/FakeExchangeDataMapManager.js +38 -0
- package/test/utils/FakeExchangeDataMapManager.js.map +1 -0
- package/test/utils/FakeGenericApi.d.ts +16 -0
- package/test/utils/FakeGenericApi.js +65 -0
- package/test/utils/FakeGenericApi.js.map +1 -0
- package/test/utils/FakeSignatureKeysManager.d.ts +16 -0
- package/test/utils/FakeSignatureKeysManager.js +54 -0
- package/test/utils/FakeSignatureKeysManager.js.map +1 -0
- package/test/utils/TestApi.d.ts +3 -0
- package/test/utils/TestApi.js +30 -0
- package/test/utils/TestApi.js.map +1 -0
- package/test/utils/TestCollectionUtils.d.ts +1 -0
- package/test/utils/TestCollectionUtils.js +109 -0
- package/test/utils/TestCollectionUtils.js.map +1 -0
- package/test/utils/TestCryptoStrategies.d.ts +42 -0
- package/test/utils/TestCryptoStrategies.js +80 -0
- package/test/utils/TestCryptoStrategies.js.map +1 -0
- package/test/utils/TestStorage.d.ts +23 -0
- package/test/utils/TestStorage.js +61 -0
- package/test/utils/TestStorage.js.map +1 -0
- package/test/utils/test_utils.d.ts +76 -0
- package/test/utils/test_utils.js +419 -0
- package/test/utils/test_utils.js.map +1 -0
|
@@ -0,0 +1,113 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.sleep = void 0;
|
|
13
|
+
require("isomorphic-fetch");
|
|
14
|
+
const mocha_1 = require("mocha");
|
|
15
|
+
const test_utils_1 = require("../../utils/test_utils");
|
|
16
|
+
const TestApi_1 = require("../../utils/TestApi");
|
|
17
|
+
const icc_x_api_1 = require("../../../icc-x-api");
|
|
18
|
+
const crypto_1 = require("crypto");
|
|
19
|
+
const chai_1 = require("chai");
|
|
20
|
+
const icc_api_1 = require("../../../icc-api");
|
|
21
|
+
const AuthenticationProvider_1 = require("../../../icc-x-api/auth/AuthenticationProvider");
|
|
22
|
+
const types_1 = require("@icure/test-setup/types");
|
|
23
|
+
(0, test_utils_1.setLocalStorage)(fetch);
|
|
24
|
+
let env;
|
|
25
|
+
function sleep(ms) {
|
|
26
|
+
return new Promise((resolve) => setTimeout(resolve, ms));
|
|
27
|
+
}
|
|
28
|
+
exports.sleep = sleep;
|
|
29
|
+
describe('Jwt authentication concurrency test', () => {
|
|
30
|
+
(0, mocha_1.before)(function () {
|
|
31
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
32
|
+
this.timeout(600000);
|
|
33
|
+
const initializer = yield (0, test_utils_1.getEnvironmentInitializer)();
|
|
34
|
+
env = yield initializer.execute((0, types_1.getEnvVariables)());
|
|
35
|
+
});
|
|
36
|
+
});
|
|
37
|
+
it('Can login simultaneously with the same user', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
38
|
+
const api = yield (0, TestApi_1.TestApi)(env.iCureUrl, env.dataOwnerDetails[test_utils_1.hcp1Username].user, env.dataOwnerDetails[test_utils_1.hcp1Username].password, crypto_1.webcrypto);
|
|
39
|
+
const users = yield Promise.all([...Array(5)].map(() => __awaiter(void 0, void 0, void 0, function* () {
|
|
40
|
+
return yield api.userApi.getCurrentUser();
|
|
41
|
+
})));
|
|
42
|
+
users.forEach((u) => {
|
|
43
|
+
(0, chai_1.expect)(u.login).to.be.equal(env.dataOwnerDetails[test_utils_1.hcp1Username].user);
|
|
44
|
+
});
|
|
45
|
+
}));
|
|
46
|
+
it('After logging in, can make requests asynchronously', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
47
|
+
const api = yield (0, TestApi_1.TestApi)(env.iCureUrl, env.dataOwnerDetails[test_utils_1.hcp1Username].user, env.dataOwnerDetails[test_utils_1.hcp1Username].password, crypto_1.webcrypto);
|
|
48
|
+
yield api.userApi.getCurrentUser();
|
|
49
|
+
const users = yield Promise.all([...Array(5)].map(() => __awaiter(void 0, void 0, void 0, function* () {
|
|
50
|
+
return yield api.userApi.getCurrentUser();
|
|
51
|
+
})));
|
|
52
|
+
users.forEach((u) => {
|
|
53
|
+
(0, chai_1.expect)(u.login).to.be.equal(env.dataOwnerDetails[test_utils_1.hcp1Username].user);
|
|
54
|
+
});
|
|
55
|
+
}));
|
|
56
|
+
it('It can refresh the token asynchronously', function () {
|
|
57
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
58
|
+
if (!process.env.TEST_ENVIRONMENT || process.env.TEST_ENVIRONMENT === 'acceptance') {
|
|
59
|
+
this.skip();
|
|
60
|
+
}
|
|
61
|
+
const api = yield (0, TestApi_1.TestApi)(env.iCureUrl, env.dataOwnerDetails[test_utils_1.hcp1Username].user, env.dataOwnerDetails[test_utils_1.hcp1Username].password, crypto_1.webcrypto);
|
|
62
|
+
yield api.userApi.getCurrentUser();
|
|
63
|
+
yield sleep(20000);
|
|
64
|
+
const users = yield Promise.all([...Array(5)].map(() => __awaiter(this, void 0, void 0, function* () {
|
|
65
|
+
return yield api.userApi.getCurrentUser();
|
|
66
|
+
})));
|
|
67
|
+
users.forEach((u) => {
|
|
68
|
+
(0, chai_1.expect)(u.login).to.be.equal(env.dataOwnerDetails[test_utils_1.hcp1Username].user);
|
|
69
|
+
});
|
|
70
|
+
});
|
|
71
|
+
});
|
|
72
|
+
it('Can instantiate a x-api without provider and get a 401', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
73
|
+
const xUserApi = new icc_x_api_1.IccUserXApi(env.iCureUrl, {}, new AuthenticationProvider_1.NoAuthenticationProvider(), null);
|
|
74
|
+
xUserApi
|
|
75
|
+
.getCurrentUser()
|
|
76
|
+
.then(() => {
|
|
77
|
+
(0, chai_1.expect)(false).to.be.eq(true, 'I should not get here');
|
|
78
|
+
})
|
|
79
|
+
.catch((e) => {
|
|
80
|
+
(0, chai_1.expect)(e.statusCode).to.be.eq(401);
|
|
81
|
+
});
|
|
82
|
+
}));
|
|
83
|
+
it('Can instantiate a user-x-api with JWT provider and make requests', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
84
|
+
const authApi = new icc_api_1.IccAuthApi(env.iCureUrl, {});
|
|
85
|
+
const provider = new AuthenticationProvider_1.JwtAuthenticationProvider(authApi, env.dataOwnerDetails[test_utils_1.hcp1Username].user, env.dataOwnerDetails[test_utils_1.hcp1Username].password);
|
|
86
|
+
const xUserApi = new icc_x_api_1.IccUserXApi(env.iCureUrl, {}, provider, null);
|
|
87
|
+
const users = yield Promise.all([...Array(5)].map(() => __awaiter(void 0, void 0, void 0, function* () {
|
|
88
|
+
return yield xUserApi.getCurrentUser();
|
|
89
|
+
})));
|
|
90
|
+
users.forEach((u) => {
|
|
91
|
+
(0, chai_1.expect)(u.login).to.be.equal(env.dataOwnerDetails[test_utils_1.hcp1Username].user);
|
|
92
|
+
});
|
|
93
|
+
const tokens = yield provider.getIcureTokens();
|
|
94
|
+
(0, chai_1.expect)(tokens).to.not.be.undefined;
|
|
95
|
+
const tokenOnlyProvider = new AuthenticationProvider_1.JwtAuthenticationProvider(authApi, undefined, undefined, undefined, tokens);
|
|
96
|
+
const xUserApiTokenOnly = new icc_x_api_1.IccUserXApi(env.iCureUrl, {}, tokenOnlyProvider, null);
|
|
97
|
+
const usersTokenOnly = yield Promise.all([...Array(5)].map(() => __awaiter(void 0, void 0, void 0, function* () {
|
|
98
|
+
return yield xUserApiTokenOnly.getCurrentUser();
|
|
99
|
+
})));
|
|
100
|
+
usersTokenOnly.forEach((u) => {
|
|
101
|
+
(0, chai_1.expect)(u.login).to.be.equal(env.dataOwnerDetails[test_utils_1.hcp1Username].user);
|
|
102
|
+
});
|
|
103
|
+
}));
|
|
104
|
+
it('Can instantiate a user-x-api with Basic provider and make requests', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
105
|
+
const a = new AuthenticationProvider_1.BasicAuthenticationProvider(env.dataOwnerDetails[test_utils_1.hcp1Username].user, env.dataOwnerDetails[test_utils_1.hcp1Username].password);
|
|
106
|
+
const xUserApi = new icc_x_api_1.IccUserXApi(env.iCureUrl, {}, a, null);
|
|
107
|
+
const currentUser = yield xUserApi.getCurrentUser();
|
|
108
|
+
(0, chai_1.expect)(currentUser.login).to.be.equal(env.dataOwnerDetails[test_utils_1.hcp1Username].user);
|
|
109
|
+
const fetchedUser = yield xUserApi.getUser(currentUser.id);
|
|
110
|
+
(0, chai_1.expect)(fetchedUser.id).to.be.equal(currentUser.id);
|
|
111
|
+
}));
|
|
112
|
+
});
|
|
113
|
+
//# sourceMappingURL=jwt-concurrency-test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"jwt-concurrency-test.js","sourceRoot":"","sources":["../../../../test/icc-x-api/auth/jwt-concurrency-test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,4BAAyB;AACzB,iCAA8B;AAC9B,uDAAiG;AACjG,iDAA6C;AAC7C,kDAAgD;AAChD,mCAAkC;AAClC,+BAA6B;AAG7B,8CAA6C;AAC7C,2FAAiJ;AACjJ,mDAAmE;AAEnE,IAAA,4BAAe,EAAC,KAAK,CAAC,CAAA;AACtB,IAAI,GAAa,CAAA;AAEjB,SAAgB,KAAK,CAAC,EAAU;IAC9B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAA;AAC1D,CAAC;AAFD,sBAEC;AAED,QAAQ,CAAC,qCAAqC,EAAE,GAAG,EAAE;IACnD,IAAA,cAAM,EAAC;;YACL,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;YACpB,MAAM,WAAW,GAAG,MAAM,IAAA,sCAAyB,GAAE,CAAA;YACrD,GAAG,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,IAAA,uBAAe,GAAE,CAAC,CAAA;QACpD,CAAC;KAAA,CAAC,CAAA;IAEF,EAAE,CAAC,6CAA6C,EAAE,GAAS,EAAE;QAC3D,MAAM,GAAG,GAAG,MAAM,IAAA,iBAAO,EACvB,GAAG,CAAC,QAAQ,EACZ,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,IAAI,EACvC,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,QAAQ,EAC3C,kBAA8B,CAC/B,CAAA;QACD,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,GAAG,CAC7B,CAAC,GAAG,KAAK,CAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAS,EAAE;YACnC,OAAO,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;QAC3C,CAAC,CAAA,CAAC,CACH,CAAA;QACD,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;YAClB,IAAA,aAAM,EAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,IAAI,CAAC,CAAA;QACtE,CAAC,CAAC,CAAA;IACJ,CAAC,CAAA,CAAC,CAAA;IAEF,EAAE,CAAC,oDAAoD,EAAE,GAAS,EAAE;QAClE,MAAM,GAAG,GAAG,MAAM,IAAA,iBAAO,EACvB,GAAG,CAAC,QAAQ,EACZ,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,IAAI,EACvC,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,QAAQ,EAC3C,kBAA8B,CAC/B,CAAA;QAED,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;QAElC,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,GAAG,CAC7B,CAAC,GAAG,KAAK,CAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAS,EAAE;YACnC,OAAO,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;QAC3C,CAAC,CAAA,CAAC,CACH,CAAA;QACD,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;YAClB,IAAA,aAAM,EAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,IAAI,CAAC,CAAA;QACtE,CAAC,CAAC,CAAA;IACJ,CAAC,CAAA,CAAC,CAAA;IAEF,EAAE,CAAC,yCAAyC,EAAE;;YAC5C,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,YAAY,EAAE;gBAClF,IAAI,CAAC,IAAI,EAAE,CAAA;aACZ;YACD,MAAM,GAAG,GAAG,MAAM,IAAA,iBAAO,EACvB,GAAG,CAAC,QAAQ,EACZ,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,IAAI,EACvC,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,QAAQ,EAC3C,kBAA8B,CAC/B,CAAA;YACD,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;YAElC,MAAM,KAAK,CAAC,KAAK,CAAC,CAAA;YAElB,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,GAAG,CAC7B,CAAC,GAAG,KAAK,CAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAS,EAAE;gBACnC,OAAO,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;YAC3C,CAAC,CAAA,CAAC,CACH,CAAA;YACD,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;gBAClB,IAAA,aAAM,EAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,IAAI,CAAC,CAAA;YACtE,CAAC,CAAC,CAAA;QACJ,CAAC;KAAA,CAAC,CAAA;IAEF,EAAE,CAAC,wDAAwD,EAAE,GAAS,EAAE;QACtE,MAAM,QAAQ,GAAG,IAAI,uBAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,IAAI,iDAAwB,EAAE,EAAE,IAAW,CAAC,CAAA;QAC/F,QAAQ;aACL,cAAc,EAAE;aAChB,IAAI,CAAC,GAAG,EAAE;YACT,IAAA,aAAM,EAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAA;QACvD,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,CAAW,EAAE,EAAE;YACrB,IAAA,aAAM,EAAC,CAAC,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAA;QACpC,CAAC,CAAC,CAAA;IACN,CAAC,CAAA,CAAC,CAAA;IAEF,EAAE,CAAC,kEAAkE,EAAE,GAAS,EAAE;QAChF,MAAM,OAAO,GAAG,IAAI,oBAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;QAChD,MAAM,QAAQ,GAAG,IAAI,kDAAyB,CAAC,OAAO,EAAE,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,QAAQ,CAAC,CAAA;QAC7I,MAAM,QAAQ,GAAG,IAAI,uBAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAW,CAAC,CAAA;QAEzE,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,GAAG,CAC7B,CAAC,GAAG,KAAK,CAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAS,EAAE;YACnC,OAAO,MAAM,QAAQ,CAAC,cAAc,EAAE,CAAA;QACxC,CAAC,CAAA,CAAC,CACH,CAAA;QACD,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;YAClB,IAAA,aAAM,EAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,IAAI,CAAC,CAAA;QACtE,CAAC,CAAC,CAAA;QAEF,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,cAAc,EAAE,CAAA;QAC9C,IAAA,aAAM,EAAC,MAAM,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;QAClC,MAAM,iBAAiB,GAAG,IAAI,kDAAyB,CAAC,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;QACzG,MAAM,iBAAiB,GAAG,IAAI,uBAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,iBAAiB,EAAE,IAAW,CAAC,CAAA;QAE3F,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,GAAG,CACtC,CAAC,GAAG,KAAK,CAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAS,EAAE;YACnC,OAAO,MAAM,iBAAiB,CAAC,cAAc,EAAE,CAAA;QACjD,CAAC,CAAA,CAAC,CACH,CAAA;QACD,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;YAC3B,IAAA,aAAM,EAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,IAAI,CAAC,CAAA;QACtE,CAAC,CAAC,CAAA;IACJ,CAAC,CAAA,CAAC,CAAA;IAEF,EAAE,CAAC,oEAAoE,EAAE,GAAS,EAAE;QAClF,MAAM,CAAC,GAAG,IAAI,oDAA2B,CAAC,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,QAAQ,CAAC,CAAA;QAC/H,MAAM,QAAQ,GAAG,IAAI,uBAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,CAAC,EAAE,IAAW,CAAC,CAAA;QAElE,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,cAAc,EAAE,CAAA;QACnD,IAAA,aAAM,EAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,yBAAY,CAAC,CAAC,IAAI,CAAC,CAAA;QAE9E,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,EAAG,CAAC,CAAA;QAC3D,IAAA,aAAM,EAAC,WAAW,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;IACpD,CAAC,CAAA,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA","sourcesContent":["import 'isomorphic-fetch'\nimport { before } from 'mocha'\nimport { getEnvironmentInitializer, hcp1Username, setLocalStorage } from '../../utils/test_utils'\nimport { TestApi } from '../../utils/TestApi'\nimport { IccUserXApi } from '../../../icc-x-api'\nimport { webcrypto } from 'crypto'\nimport { expect } from 'chai'\nimport { XHR } from '../../../icc-api/api/XHR'\nimport XHRError = XHR.XHRError\nimport { IccAuthApi } from '../../../icc-api'\nimport { NoAuthenticationProvider, BasicAuthenticationProvider, JwtAuthenticationProvider } from '../../../icc-x-api/auth/AuthenticationProvider'\nimport { getEnvVariables, TestVars } from '@icure/test-setup/types'\n\nsetLocalStorage(fetch)\nlet env: TestVars\n\nexport function sleep(ms: number): Promise<any> {\n return new Promise((resolve) => setTimeout(resolve, ms))\n}\n\ndescribe('Jwt authentication concurrency test', () => {\n before(async function () {\n this.timeout(600000)\n const initializer = await getEnvironmentInitializer()\n env = await initializer.execute(getEnvVariables())\n })\n\n it('Can login simultaneously with the same user', async () => {\n const api = await TestApi(\n env.iCureUrl,\n env.dataOwnerDetails[hcp1Username].user,\n env.dataOwnerDetails[hcp1Username].password,\n webcrypto as unknown as Crypto\n )\n const users = await Promise.all(\n [...Array<number>(5)].map(async () => {\n return await api.userApi.getCurrentUser()\n })\n )\n users.forEach((u) => {\n expect(u.login).to.be.equal(env.dataOwnerDetails[hcp1Username].user)\n })\n })\n\n it('After logging in, can make requests asynchronously', async () => {\n const api = await TestApi(\n env.iCureUrl,\n env.dataOwnerDetails[hcp1Username].user,\n env.dataOwnerDetails[hcp1Username].password,\n webcrypto as unknown as Crypto\n )\n\n await api.userApi.getCurrentUser()\n\n const users = await Promise.all(\n [...Array<number>(5)].map(async () => {\n return await api.userApi.getCurrentUser()\n })\n )\n users.forEach((u) => {\n expect(u.login).to.be.equal(env.dataOwnerDetails[hcp1Username].user)\n })\n })\n\n it('It can refresh the token asynchronously', async function () {\n if (!process.env.TEST_ENVIRONMENT || process.env.TEST_ENVIRONMENT === 'acceptance') {\n this.skip()\n }\n const api = await TestApi(\n env.iCureUrl,\n env.dataOwnerDetails[hcp1Username].user,\n env.dataOwnerDetails[hcp1Username].password,\n webcrypto as unknown as Crypto\n )\n await api.userApi.getCurrentUser()\n\n await sleep(20000)\n\n const users = await Promise.all(\n [...Array<number>(5)].map(async () => {\n return await api.userApi.getCurrentUser()\n })\n )\n users.forEach((u) => {\n expect(u.login).to.be.equal(env.dataOwnerDetails[hcp1Username].user)\n })\n })\n\n it('Can instantiate a x-api without provider and get a 401', async () => {\n const xUserApi = new IccUserXApi(env.iCureUrl, {}, new NoAuthenticationProvider(), null as any)\n xUserApi\n .getCurrentUser()\n .then(() => {\n expect(false).to.be.eq(true, 'I should not get here')\n })\n .catch((e: XHRError) => {\n expect(e.statusCode).to.be.eq(401)\n })\n })\n\n it('Can instantiate a user-x-api with JWT provider and make requests', async () => {\n const authApi = new IccAuthApi(env.iCureUrl, {})\n const provider = new JwtAuthenticationProvider(authApi, env.dataOwnerDetails[hcp1Username].user, env.dataOwnerDetails[hcp1Username].password)\n const xUserApi = new IccUserXApi(env.iCureUrl, {}, provider, null as any)\n\n const users = await Promise.all(\n [...Array<number>(5)].map(async () => {\n return await xUserApi.getCurrentUser()\n })\n )\n users.forEach((u) => {\n expect(u.login).to.be.equal(env.dataOwnerDetails[hcp1Username].user)\n })\n\n const tokens = await provider.getIcureTokens()\n expect(tokens).to.not.be.undefined\n const tokenOnlyProvider = new JwtAuthenticationProvider(authApi, undefined, undefined, undefined, tokens)\n const xUserApiTokenOnly = new IccUserXApi(env.iCureUrl, {}, tokenOnlyProvider, null as any)\n\n const usersTokenOnly = await Promise.all(\n [...Array<number>(5)].map(async () => {\n return await xUserApiTokenOnly.getCurrentUser()\n })\n )\n usersTokenOnly.forEach((u) => {\n expect(u.login).to.be.equal(env.dataOwnerDetails[hcp1Username].user)\n })\n })\n\n it('Can instantiate a user-x-api with Basic provider and make requests', async () => {\n const a = new BasicAuthenticationProvider(env.dataOwnerDetails[hcp1Username].user, env.dataOwnerDetails[hcp1Username].password)\n const xUserApi = new IccUserXApi(env.iCureUrl, {}, a, null as any)\n\n const currentUser = await xUserApi.getCurrentUser()\n expect(currentUser.login).to.be.equal(env.dataOwnerDetails[hcp1Username].user)\n\n const fetchedUser = await xUserApi.getUser(currentUser.id!)\n expect(fetchedUser.id).to.be.equal(currentUser.id)\n })\n})\n"]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
import 'isomorphic-fetch';
|
|
@@ -0,0 +1,224 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
const types_1 = require("@icure/test-setup/types");
|
|
13
|
+
const mocha_1 = require("mocha");
|
|
14
|
+
const test_utils_1 = require("../../utils/test_utils");
|
|
15
|
+
const icc_x_api_1 = require("../../../icc-x-api");
|
|
16
|
+
const icc_api_1 = require("../../../icc-api");
|
|
17
|
+
require("isomorphic-fetch");
|
|
18
|
+
const SmartAuthProvider_1 = require("../../../icc-x-api/auth/SmartAuthProvider");
|
|
19
|
+
const chai_1 = require("chai");
|
|
20
|
+
const crypto_1 = require("crypto");
|
|
21
|
+
var initMasterApi = test_utils_1.TestUtils.initMasterApi;
|
|
22
|
+
const assert_1 = require("assert");
|
|
23
|
+
const otpauth_1 = require("otpauth");
|
|
24
|
+
(0, test_utils_1.setLocalStorage)(fetch);
|
|
25
|
+
let env;
|
|
26
|
+
let authApi;
|
|
27
|
+
describe('Smart authentication provider', () => {
|
|
28
|
+
(0, mocha_1.before)(function () {
|
|
29
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
30
|
+
this.timeout(600000);
|
|
31
|
+
const initializer = yield (0, test_utils_1.getEnvironmentInitializer)();
|
|
32
|
+
env = yield initializer.execute((0, types_1.getEnvVariables)());
|
|
33
|
+
authApi = new icc_api_1.IccAuthApi(env.iCureUrl, {}, new icc_x_api_1.NoAuthenticationProvider(), fetch);
|
|
34
|
+
});
|
|
35
|
+
});
|
|
36
|
+
function userApiWithProvider(authProvider) {
|
|
37
|
+
return new icc_api_1.IccUserApi(env.iCureUrl, {}, authProvider, fetch);
|
|
38
|
+
}
|
|
39
|
+
it('Should automatically ask for secret to get a new token, and reasks the secret if it is not valid', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
40
|
+
const { credentials } = yield (0, test_utils_1.createNewHcpApi)(env);
|
|
41
|
+
let calls = 0;
|
|
42
|
+
const authProvider = SmartAuthProvider_1.SmartAuthProvider.initialise(authApi, credentials.user, {
|
|
43
|
+
getSecret: (acceptedSecrets, previousAttempts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
44
|
+
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.PASSWORD);
|
|
45
|
+
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN);
|
|
46
|
+
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.SHORT_LIVED_TOKEN);
|
|
47
|
+
(0, chai_1.expect)(acceptedSecrets).to.not.include(SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN);
|
|
48
|
+
if (calls == 0) {
|
|
49
|
+
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
50
|
+
}
|
|
51
|
+
else if (calls == 1) {
|
|
52
|
+
(0, chai_1.expect)(previousAttempts).to.have.length(1);
|
|
53
|
+
(0, chai_1.expect)(previousAttempts[0].value).to.equal('wrong');
|
|
54
|
+
(0, chai_1.expect)(previousAttempts[0].secretType).to.equal(SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN);
|
|
55
|
+
}
|
|
56
|
+
else
|
|
57
|
+
(0, assert_1.fail)(`Unexpected number of calls: ${calls}`);
|
|
58
|
+
return calls++ == 0
|
|
59
|
+
? { value: 'wrong', secretType: SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN } // pragma: allowlist secret
|
|
60
|
+
: { value: credentials.password, secretType: SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN };
|
|
61
|
+
}),
|
|
62
|
+
});
|
|
63
|
+
const userApi = userApiWithProvider(authProvider);
|
|
64
|
+
const user = yield userApi.getCurrentUser();
|
|
65
|
+
(0, chai_1.expect)(user.healthcarePartyId).to.equal(credentials.dataOwnerId);
|
|
66
|
+
(0, chai_1.expect)(calls).to.equal(2);
|
|
67
|
+
}));
|
|
68
|
+
(0, test_utils_1.itNoLite)('Should automatically ask for a more powerful secret to perform elevated-security operations if the available secret/token is not good enough', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
69
|
+
const { credentials, api } = yield (0, test_utils_1.createNewHcpApi)(env);
|
|
70
|
+
const initialUser = yield api.userApi.getCurrentUser();
|
|
71
|
+
const masterApi = yield initMasterApi(env);
|
|
72
|
+
const userToken = (0, crypto_1.randomUUID)();
|
|
73
|
+
const userPw = (0, crypto_1.randomUUID)();
|
|
74
|
+
const userWithLongTokenAndPw = yield masterApi.userApi.modifyUser(Object.assign(Object.assign({}, initialUser), { passwordHash: userPw, authenticationTokens: {
|
|
75
|
+
'test-long-lived-token': {
|
|
76
|
+
token: userToken,
|
|
77
|
+
creationTime: Date.now(),
|
|
78
|
+
validity: 60 * 60 * 24 * 7,
|
|
79
|
+
},
|
|
80
|
+
} }));
|
|
81
|
+
let calls = 0;
|
|
82
|
+
const authProvider = SmartAuthProvider_1.SmartAuthProvider.initialise(authApi, credentials.user, {
|
|
83
|
+
getSecret: (acceptedSecrets, previousAttempts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
84
|
+
if (calls == 0) {
|
|
85
|
+
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.PASSWORD);
|
|
86
|
+
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN);
|
|
87
|
+
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.SHORT_LIVED_TOKEN);
|
|
88
|
+
(0, chai_1.expect)(acceptedSecrets).to.not.include(SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN);
|
|
89
|
+
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
90
|
+
calls++;
|
|
91
|
+
return { value: userToken, secretType: SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN };
|
|
92
|
+
}
|
|
93
|
+
else if (calls == 1) {
|
|
94
|
+
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.PASSWORD);
|
|
95
|
+
(0, chai_1.expect)(acceptedSecrets).to.not.include(SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN);
|
|
96
|
+
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.SHORT_LIVED_TOKEN);
|
|
97
|
+
(0, chai_1.expect)(acceptedSecrets).to.not.include(SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN);
|
|
98
|
+
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
99
|
+
calls++;
|
|
100
|
+
return { value: userPw, secretType: SmartAuthProvider_1.AuthSecretType.PASSWORD };
|
|
101
|
+
}
|
|
102
|
+
else
|
|
103
|
+
throw new Error(`Unexpected number of calls: ${calls}`);
|
|
104
|
+
}),
|
|
105
|
+
});
|
|
106
|
+
const userApi = userApiWithProvider(authProvider);
|
|
107
|
+
(0, chai_1.expect)((yield userApi.getCurrentUser()).rev).to.equal(userWithLongTokenAndPw.rev);
|
|
108
|
+
(0, chai_1.expect)(calls).to.equal(1);
|
|
109
|
+
const newPw = (0, crypto_1.randomUUID)();
|
|
110
|
+
const userWithNewPw = yield userApi.modifyUser(Object.assign(Object.assign({}, userWithLongTokenAndPw), { passwordHash: newPw }));
|
|
111
|
+
(0, chai_1.expect)(userWithNewPw.rev).to.not.equal(userWithLongTokenAndPw.rev);
|
|
112
|
+
(0, chai_1.expect)(calls).to.equal(2);
|
|
113
|
+
const retrievedWithNewPw = yield userApiWithProvider(new icc_x_api_1.BasicAuthenticationProvider(credentials.user, newPw)).getCurrentUser();
|
|
114
|
+
(0, chai_1.expect)(retrievedWithNewPw.rev).to.equal(userWithNewPw.rev);
|
|
115
|
+
const couldRetrieveWithOldPw = yield userApiWithProvider(new icc_x_api_1.BasicAuthenticationProvider(credentials.user, userPw))
|
|
116
|
+
.getCurrentUser()
|
|
117
|
+
.then(() => true, () => false);
|
|
118
|
+
(0, chai_1.expect)(couldRetrieveWithOldPw).to.be.false;
|
|
119
|
+
}));
|
|
120
|
+
(0, test_utils_1.itNoLite)('Should automatically ask for TOTP after password if user has 2fa enabled', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
121
|
+
const { credentials, api } = yield (0, test_utils_1.createNewHcpApi)(env);
|
|
122
|
+
const initialUser = yield api.userApi.getCurrentUser();
|
|
123
|
+
const masterApi = yield initMasterApi(env);
|
|
124
|
+
const totpSecret = 'AAPX7PW2RJIGZ3D4'; // pragma: allowlist secret (fake secret generated only for test)
|
|
125
|
+
const totp = new otpauth_1.TOTP({
|
|
126
|
+
algorithm: 'SHA1',
|
|
127
|
+
digits: 6,
|
|
128
|
+
period: 30,
|
|
129
|
+
secret: totpSecret,
|
|
130
|
+
});
|
|
131
|
+
const userPw = (0, crypto_1.randomUUID)();
|
|
132
|
+
yield masterApi.userApi.enable2fa(initialUser.id, totpSecret);
|
|
133
|
+
const userWithPwAnd2fa = yield masterApi.userApi.modifyUser(Object.assign(Object.assign({}, initialUser), { passwordHash: userPw }));
|
|
134
|
+
let calls = 0;
|
|
135
|
+
const authProvider = SmartAuthProvider_1.SmartAuthProvider.initialise(authApi, credentials.user, {
|
|
136
|
+
getSecret: (acceptedSecrets, previousAttempts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
137
|
+
if (calls == 0) {
|
|
138
|
+
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.PASSWORD);
|
|
139
|
+
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN);
|
|
140
|
+
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.SHORT_LIVED_TOKEN);
|
|
141
|
+
(0, chai_1.expect)(acceptedSecrets).to.not.include(SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN);
|
|
142
|
+
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
143
|
+
calls++;
|
|
144
|
+
return { value: userPw, secretType: SmartAuthProvider_1.AuthSecretType.PASSWORD };
|
|
145
|
+
}
|
|
146
|
+
else if (calls == 1 || calls == 2) {
|
|
147
|
+
(0, chai_1.expect)(acceptedSecrets).to.have.members([SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN]);
|
|
148
|
+
if (calls == 1)
|
|
149
|
+
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
150
|
+
if (calls == 2)
|
|
151
|
+
(0, chai_1.expect)(previousAttempts).to.have.length(1);
|
|
152
|
+
return calls++ == 1
|
|
153
|
+
? { value: totp.generate() + '13', secretType: SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN }
|
|
154
|
+
: { value: totp.generate(), secretType: SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN };
|
|
155
|
+
}
|
|
156
|
+
else
|
|
157
|
+
throw new Error(`Unexpected number of calls: ${calls}`);
|
|
158
|
+
}),
|
|
159
|
+
});
|
|
160
|
+
const userApi = userApiWithProvider(authProvider);
|
|
161
|
+
(0, chai_1.expect)((yield userApi.getCurrentUser()).rev).to.equal(userWithPwAnd2fa.rev);
|
|
162
|
+
(0, chai_1.expect)(calls).to.equal(3);
|
|
163
|
+
}));
|
|
164
|
+
(0, test_utils_1.itNoLite)('Should ask for TOTP directly if password is cached', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
165
|
+
const { credentials, api } = yield (0, test_utils_1.createNewHcpApi)(env);
|
|
166
|
+
const initialUser = yield api.userApi.getCurrentUser();
|
|
167
|
+
const masterApi = yield initMasterApi(env);
|
|
168
|
+
const totpSecret = 'AAPX7PW2RJIGZ3D4'; // pragma: allowlist secret (fake secret generated only for test)
|
|
169
|
+
const totp = new otpauth_1.TOTP({
|
|
170
|
+
algorithm: 'SHA1',
|
|
171
|
+
digits: 6,
|
|
172
|
+
period: 30,
|
|
173
|
+
secret: totpSecret,
|
|
174
|
+
});
|
|
175
|
+
const userPw = (0, crypto_1.randomUUID)();
|
|
176
|
+
yield masterApi.userApi.enable2fa(initialUser.id, totpSecret);
|
|
177
|
+
const userWithPwAnd2fa = yield masterApi.userApi.modifyUser(Object.assign(Object.assign({}, initialUser), { passwordHash: userPw }));
|
|
178
|
+
let calls = 0;
|
|
179
|
+
const authProvider = SmartAuthProvider_1.SmartAuthProvider.initialise(authApi, credentials.user, {
|
|
180
|
+
getSecret: (acceptedSecrets, previousAttempts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
181
|
+
(0, chai_1.expect)(acceptedSecrets).to.have.members([SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN]);
|
|
182
|
+
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
183
|
+
(0, chai_1.expect)(calls++).to.equal(0);
|
|
184
|
+
return { value: totp.generate(), secretType: SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN };
|
|
185
|
+
}),
|
|
186
|
+
}, {
|
|
187
|
+
initialSecret: { plainSecret: userPw },
|
|
188
|
+
});
|
|
189
|
+
const userApi = userApiWithProvider(authProvider);
|
|
190
|
+
(0, chai_1.expect)((yield userApi.getCurrentUser()).rev).to.equal(userWithPwAnd2fa.rev);
|
|
191
|
+
(0, chai_1.expect)(calls).to.equal(1);
|
|
192
|
+
}));
|
|
193
|
+
(0, test_utils_1.itNoLite)('Switched provider should keep cached secrets and should be able to have elevated security context', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
194
|
+
var _a;
|
|
195
|
+
const details = yield (0, test_utils_1.createUserInMultipleGroups)(env);
|
|
196
|
+
let calls = 0;
|
|
197
|
+
const authProvider = SmartAuthProvider_1.SmartAuthProvider.initialise(authApi, details.userLogin, {
|
|
198
|
+
getSecret: (acceptedSecrets, previousAttempts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
199
|
+
(0, chai_1.expect)(acceptedSecrets).to.have.include(SmartAuthProvider_1.AuthSecretType.PASSWORD);
|
|
200
|
+
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
201
|
+
(0, chai_1.expect)(calls++).to.equal(0);
|
|
202
|
+
return { value: details.userPw12, secretType: SmartAuthProvider_1.AuthSecretType.PASSWORD };
|
|
203
|
+
}),
|
|
204
|
+
});
|
|
205
|
+
const defaultGroupUserApi = userApiWithProvider(authProvider);
|
|
206
|
+
const defaultGroupUser = yield defaultGroupUserApi.getCurrentUser();
|
|
207
|
+
const otherGroupId = details.group1.id == defaultGroupUser.groupId ? details.group2.id : details.group1.id;
|
|
208
|
+
const matches = yield defaultGroupUserApi.getMatchingUsers();
|
|
209
|
+
const switchedUserApi = userApiWithProvider(yield authProvider.switchGroup(otherGroupId, matches));
|
|
210
|
+
const switchedUser = yield switchedUserApi.getCurrentUser();
|
|
211
|
+
(0, chai_1.expect)(switchedUser.id).to.not.equal(defaultGroupUser.id);
|
|
212
|
+
(0, chai_1.expect)(switchedUser.groupId).to.equal(otherGroupId);
|
|
213
|
+
const updatedDefault = yield switchedUserApi.modifyUser(Object.assign(Object.assign({}, switchedUser), { authenticationTokens: {
|
|
214
|
+
'new-token': {
|
|
215
|
+
token: (0, crypto_1.randomUUID)(),
|
|
216
|
+
creationTime: Date.now(),
|
|
217
|
+
validity: 60 * 60 * 24 * 7,
|
|
218
|
+
},
|
|
219
|
+
} }));
|
|
220
|
+
(0, chai_1.expect)(updatedDefault.rev).to.not.equal(switchedUser.rev);
|
|
221
|
+
(0, chai_1.expect)(Object.keys((_a = updatedDefault.authenticationTokens) !== null && _a !== void 0 ? _a : {})).to.not.be.empty;
|
|
222
|
+
}));
|
|
223
|
+
});
|
|
224
|
+
//# sourceMappingURL=smart-auth-provider-test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"smart-auth-provider-test.js","sourceRoot":"","sources":["../../../../test/icc-x-api/auth/smart-auth-provider-test.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,mDAAmE;AACnE,iCAA8B;AAC9B,uDAAqJ;AACrJ,kDAAkH;AAClH,8CAAyD;AACzD,4BAAyB;AACzB,iFAAgH;AAChH,+BAA6B;AAC7B,mCAAmC;AACnC,IAAO,aAAa,GAAG,sBAAS,CAAC,aAAa,CAAA;AAC9C,mCAA6B;AAC7B,qCAA8B;AAC9B,IAAA,4BAAe,EAAC,KAAK,CAAC,CAAA;AAEtB,IAAI,GAAa,CAAA;AACjB,IAAI,OAAmB,CAAA;AAEvB,QAAQ,CAAC,+BAA+B,EAAE,GAAG,EAAE;IAC7C,IAAA,cAAM,EAAC;;YACL,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;YACpB,MAAM,WAAW,GAAG,MAAM,IAAA,sCAAyB,GAAE,CAAA;YACrD,GAAG,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,IAAA,uBAAe,GAAE,CAAC,CAAA;YAClD,OAAO,GAAG,IAAI,oBAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,IAAI,oCAAwB,EAAE,EAAE,KAAK,CAAC,CAAA;QACnF,CAAC;KAAA,CAAC,CAAA;IAEF,SAAS,mBAAmB,CAAC,YAAoC;QAC/D,OAAO,IAAI,oBAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,YAAY,EAAE,KAAK,CAAC,CAAA;IAC9D,CAAC;IAED,EAAE,CAAC,kGAAkG,EAAE,GAAS,EAAE;QAChH,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,IAAA,4BAAe,EAAC,GAAG,CAAC,CAAA;QAClD,IAAI,KAAK,GAAG,CAAC,CAAA;QACb,MAAM,YAAY,GAAG,qCAAiB,CAAC,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,IAAI,EAAE;YAC3E,SAAS,EAAE,CAAO,eAAiC,EAAE,gBAAqC,EAAE,EAAE;gBAC5F,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,QAAQ,CAAC,CAAA;gBAC3D,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,gBAAgB,CAAC,CAAA;gBACnE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,iBAAiB,CAAC,CAAA;gBACpE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAA;gBACtF,IAAI,KAAK,IAAI,CAAC,EAAE;oBACd,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;iBACrC;qBAAM,IAAI,KAAK,IAAI,CAAC,EAAE;oBACrB,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;oBAC1C,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;oBACnD,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,kCAAc,CAAC,gBAAgB,CAAC,CAAA;iBACjF;;oBAAM,IAAA,aAAI,EAAC,+BAA+B,KAAK,EAAE,CAAC,CAAA;gBACnD,OAAO,KAAK,EAAE,IAAI,CAAC;oBACjB,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,kCAAc,CAAC,gBAAgB,EAAE,CAAC,2BAA2B;oBAC7F,CAAC,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,kCAAc,CAAC,gBAAgB,EAAE,CAAA;YAClF,CAAC,CAAA;SACF,CAAC,CAAA;QACF,MAAM,OAAO,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAA;QACjD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,cAAc,EAAE,CAAA;QAC3C,IAAA,aAAM,EAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,WAAW,CAAC,CAAA;QAChE,IAAA,aAAM,EAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAC3B,CAAC,CAAA,CAAC,CAAA;IAEF,IAAA,qBAAQ,EACN,8IAA8I,EAC9I,GAAS,EAAE;QACT,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,GAAG,MAAM,IAAA,4BAAe,EAAC,GAAG,CAAC,CAAA;QACvD,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;QACtD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;QAC1C,MAAM,SAAS,GAAG,IAAA,mBAAU,GAAE,CAAA;QAC9B,MAAM,MAAM,GAAG,IAAA,mBAAU,GAAE,CAAA;QAC3B,MAAM,sBAAsB,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,UAAU,iCAC5D,WAAW,KACd,YAAY,EAAE,MAAM,EACpB,oBAAoB,EAAE;gBACpB,uBAAuB,EAAE;oBACvB,KAAK,EAAE,SAAS;oBAChB,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE;oBACxB,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC;iBAC3B;aACF,IACD,CAAA;QACF,IAAI,KAAK,GAAG,CAAC,CAAA;QACb,MAAM,YAAY,GAAG,qCAAiB,CAAC,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,IAAI,EAAE;YAC3E,SAAS,EAAE,CAAO,eAAiC,EAAE,gBAAqC,EAAE,EAAE;gBAC5F,IAAI,KAAK,IAAI,CAAC,EAAE;oBACd,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,QAAQ,CAAC,CAAA;oBAC3D,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,gBAAgB,CAAC,CAAA;oBACnE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,iBAAiB,CAAC,CAAA;oBACpE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAA;oBACtF,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;oBACpC,KAAK,EAAE,CAAA;oBACP,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,kCAAc,CAAC,gBAAgB,EAAE,CAAA;iBACzE;qBAAM,IAAI,KAAK,IAAI,CAAC,EAAE;oBACrB,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,QAAQ,CAAC,CAAA;oBAC3D,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,kCAAc,CAAC,gBAAgB,CAAC,CAAA;oBACvE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,iBAAiB,CAAC,CAAA;oBACpE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAA;oBACtF,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;oBACpC,KAAK,EAAE,CAAA;oBACP,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,kCAAc,CAAC,QAAQ,EAAE,CAAA;iBAC9D;;oBAAM,MAAM,IAAI,KAAK,CAAC,+BAA+B,KAAK,EAAE,CAAC,CAAA;YAChE,CAAC,CAAA;SACF,CAAC,CAAA;QACF,MAAM,OAAO,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAA;QACjD,IAAA,aAAM,EAAC,CAAC,MAAM,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAA;QACjF,IAAA,aAAM,EAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACzB,MAAM,KAAK,GAAG,IAAA,mBAAU,GAAE,CAAA;QAC1B,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,UAAU,iCAAM,sBAAsB,KAAE,YAAY,EAAE,KAAK,IAAG,CAAA;QAClG,IAAA,aAAM,EAAC,aAAa,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAA;QAClE,IAAA,aAAM,EAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACzB,MAAM,kBAAkB,GAAG,MAAM,mBAAmB,CAAC,IAAI,uCAA2B,CAAC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,cAAc,EAAE,CAAA;QAC/H,IAAA,aAAM,EAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAC1D,MAAM,sBAAsB,GAAG,MAAM,mBAAmB,CAAC,IAAI,uCAA2B,CAAC,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;aAChH,cAAc,EAAE;aAChB,IAAI,CACH,GAAG,EAAE,CAAC,IAAI,EACV,GAAG,EAAE,CAAC,KAAK,CACZ,CAAA;QACH,IAAA,aAAM,EAAC,sBAAsB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;IAC5C,CAAC,CAAA,CACF,CAAA;IAED,IAAA,qBAAQ,EAAC,0EAA0E,EAAE,GAAS,EAAE;QAC9F,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,GAAG,MAAM,IAAA,4BAAe,EAAC,GAAG,CAAC,CAAA;QACvD,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;QACtD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;QAC1C,MAAM,UAAU,GAAG,kBAAkB,CAAA,CAAC,iEAAiE;QACvG,MAAM,IAAI,GAAG,IAAI,cAAI,CAAC;YACpB,SAAS,EAAE,MAAM;YACjB,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,UAAU;SACnB,CAAC,CAAA;QACF,MAAM,MAAM,GAAG,IAAA,mBAAU,GAAE,CAAA;QAC3B,MAAM,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,EAAG,EAAE,UAAU,CAAC,CAAA;QAC9D,MAAM,gBAAgB,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,UAAU,iCACtD,WAAW,KACd,YAAY,EAAE,MAAM,IACpB,CAAA;QACF,IAAI,KAAK,GAAG,CAAC,CAAA;QACb,MAAM,YAAY,GAAG,qCAAiB,CAAC,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,IAAI,EAAE;YAC3E,SAAS,EAAE,CAAO,eAAiC,EAAE,gBAAqC,EAAE,EAAE;gBAC5F,IAAI,KAAK,IAAI,CAAC,EAAE;oBACd,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,QAAQ,CAAC,CAAA;oBAC3D,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,gBAAgB,CAAC,CAAA;oBACnE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,iBAAiB,CAAC,CAAA;oBACpE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAA;oBACtF,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;oBACpC,KAAK,EAAE,CAAA;oBACP,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,kCAAc,CAAC,QAAQ,EAAE,CAAA;iBAC9D;qBAAM,IAAI,KAAK,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,EAAE;oBACnC,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAC,CAAA;oBACzF,IAAI,KAAK,IAAI,CAAC;wBAAE,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;oBACpD,IAAI,KAAK,IAAI,CAAC;wBAAE,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;oBAC1D,OAAO,KAAK,EAAE,IAAI,CAAC;wBACjB,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,kCAAc,CAAC,+BAA+B,EAAE;wBAC/F,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,UAAU,EAAE,kCAAc,CAAC,+BAA+B,EAAE,CAAA;iBAC3F;;oBAAM,MAAM,IAAI,KAAK,CAAC,+BAA+B,KAAK,EAAE,CAAC,CAAA;YAChE,CAAC,CAAA;SACF,CAAC,CAAA;QACF,MAAM,OAAO,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAA;QACjD,IAAA,aAAM,EAAC,CAAC,MAAM,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAA;QAC3E,IAAA,aAAM,EAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAC3B,CAAC,CAAA,CAAC,CAAA;IAEF,IAAA,qBAAQ,EAAC,oDAAoD,EAAE,GAAS,EAAE;QACxE,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,GAAG,MAAM,IAAA,4BAAe,EAAC,GAAG,CAAC,CAAA;QACvD,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;QACtD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;QAC1C,MAAM,UAAU,GAAG,kBAAkB,CAAA,CAAC,iEAAiE;QACvG,MAAM,IAAI,GAAG,IAAI,cAAI,CAAC;YACpB,SAAS,EAAE,MAAM;YACjB,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,UAAU;SACnB,CAAC,CAAA;QACF,MAAM,MAAM,GAAG,IAAA,mBAAU,GAAE,CAAA;QAC3B,MAAM,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,EAAG,EAAE,UAAU,CAAC,CAAA;QAC9D,MAAM,gBAAgB,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,UAAU,iCACtD,WAAW,KACd,YAAY,EAAE,MAAM,IACpB,CAAA;QACF,IAAI,KAAK,GAAG,CAAC,CAAA;QACb,MAAM,YAAY,GAAG,qCAAiB,CAAC,UAAU,CAC/C,OAAO,EACP,WAAW,CAAC,IAAI,EAChB;YACE,SAAS,EAAE,CAAO,eAAiC,EAAE,gBAAqC,EAAE,EAAE;gBAC5F,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAC,CAAA;gBACzF,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;gBACpC,IAAA,aAAM,EAAC,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;gBAC3B,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,UAAU,EAAE,kCAAc,CAAC,+BAA+B,EAAE,CAAA;YAC/F,CAAC,CAAA;SACF,EACD;YACE,aAAa,EAAE,EAAE,WAAW,EAAE,MAAM,EAAE;SACvC,CACF,CAAA;QACD,MAAM,OAAO,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAA;QACjD,IAAA,aAAM,EAAC,CAAC,MAAM,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAA;QAC3E,IAAA,aAAM,EAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAC3B,CAAC,CAAA,CAAC,CAAA;IAEF,IAAA,qBAAQ,EAAC,mGAAmG,EAAE,GAAS,EAAE;;QACvH,MAAM,OAAO,GAAG,MAAM,IAAA,uCAA0B,EAAC,GAAG,CAAC,CAAA;QACrD,IAAI,KAAK,GAAG,CAAC,CAAA;QACb,MAAM,YAAY,GAAG,qCAAiB,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,SAAS,EAAE;YAC5E,SAAS,EAAE,CAAO,eAAiC,EAAE,gBAAqC,EAAE,EAAE;gBAC5F,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,kCAAc,CAAC,QAAQ,CAAC,CAAA;gBAChE,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;gBACpC,IAAA,aAAM,EAAC,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;gBAC3B,OAAO,EAAE,KAAK,EAAE,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,kCAAc,CAAC,QAAQ,EAAE,CAAA;YACzE,CAAC,CAAA;SACF,CAAC,CAAA;QACF,MAAM,mBAAmB,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAA;QAC7D,MAAM,gBAAgB,GAAG,MAAM,mBAAmB,CAAC,cAAc,EAAE,CAAA;QACnE,MAAM,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAA;QAC1G,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,gBAAgB,EAAE,CAAA;QAC5D,MAAM,eAAe,GAAG,mBAAmB,CAAC,MAAM,YAAY,CAAC,WAAW,CAAC,YAAa,EAAE,OAAO,CAAC,CAAC,CAAA;QACnG,MAAM,YAAY,GAAG,MAAM,eAAe,CAAC,cAAc,EAAE,CAAA;QAC3D,IAAA,aAAM,EAAC,YAAY,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAA;QACzD,IAAA,aAAM,EAAC,YAAY,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;QACnD,MAAM,cAAc,GAAG,MAAM,eAAe,CAAC,UAAU,iCAClD,YAAY,KACf,oBAAoB,EAAE;gBACpB,WAAW,EAAE;oBACX,KAAK,EAAE,IAAA,mBAAU,GAAE;oBACnB,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE;oBACxB,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC;iBAC3B;aACF,IACD,CAAA;QACF,IAAA,aAAM,EAAC,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACzD,IAAA,aAAM,EAAC,MAAM,CAAC,IAAI,CAAC,MAAA,cAAc,CAAC,oBAAoB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAA;IAChF,CAAC,CAAA,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA","sourcesContent":["import { getEnvVariables, TestVars } from '@icure/test-setup/types'\nimport { before } from 'mocha'\nimport { createNewHcpApi, createUserInMultipleGroups, getEnvironmentInitializer, itNoLite, setLocalStorage, TestUtils } from '../../utils/test_utils'\nimport { AuthenticationProvider, BasicAuthenticationProvider, NoAuthenticationProvider } from '../../../icc-x-api'\nimport { IccAuthApi, IccUserApi } from '../../../icc-api'\nimport 'isomorphic-fetch'\nimport { AuthSecretDetails, AuthSecretType, SmartAuthProvider } from '../../../icc-x-api/auth/SmartAuthProvider'\nimport { expect } from 'chai'\nimport { randomUUID } from 'crypto'\nimport initMasterApi = TestUtils.initMasterApi\nimport { fail } from 'assert'\nimport { TOTP } from 'otpauth'\nsetLocalStorage(fetch)\n\nlet env: TestVars\nlet authApi: IccAuthApi\n\ndescribe('Smart authentication provider', () => {\n before(async function () {\n this.timeout(600000)\n const initializer = await getEnvironmentInitializer()\n env = await initializer.execute(getEnvVariables())\n authApi = new IccAuthApi(env.iCureUrl, {}, new NoAuthenticationProvider(), fetch)\n })\n\n function userApiWithProvider(authProvider: AuthenticationProvider): IccUserApi {\n return new IccUserApi(env.iCureUrl, {}, authProvider, fetch)\n }\n\n it('Should automatically ask for secret to get a new token, and reasks the secret if it is not valid', async () => {\n const { credentials } = await createNewHcpApi(env)\n let calls = 0\n const authProvider = SmartAuthProvider.initialise(authApi, credentials.user, {\n getSecret: async (acceptedSecrets: AuthSecretType[], previousAttempts: AuthSecretDetails[]) => {\n expect(acceptedSecrets).to.include(AuthSecretType.PASSWORD)\n expect(acceptedSecrets).to.include(AuthSecretType.LONG_LIVED_TOKEN)\n expect(acceptedSecrets).to.include(AuthSecretType.SHORT_LIVED_TOKEN)\n expect(acceptedSecrets).to.not.include(AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN)\n if (calls == 0) {\n expect(previousAttempts).to.be.empty\n } else if (calls == 1) {\n expect(previousAttempts).to.have.length(1)\n expect(previousAttempts[0].value).to.equal('wrong')\n expect(previousAttempts[0].secretType).to.equal(AuthSecretType.LONG_LIVED_TOKEN)\n } else fail(`Unexpected number of calls: ${calls}`)\n return calls++ == 0\n ? { value: 'wrong', secretType: AuthSecretType.LONG_LIVED_TOKEN } // pragma: allowlist secret\n : { value: credentials.password, secretType: AuthSecretType.LONG_LIVED_TOKEN }\n },\n })\n const userApi = userApiWithProvider(authProvider)\n const user = await userApi.getCurrentUser()\n expect(user.healthcarePartyId).to.equal(credentials.dataOwnerId)\n expect(calls).to.equal(2)\n })\n\n itNoLite(\n 'Should automatically ask for a more powerful secret to perform elevated-security operations if the available secret/token is not good enough',\n async () => {\n const { credentials, api } = await createNewHcpApi(env)\n const initialUser = await api.userApi.getCurrentUser()\n const masterApi = await initMasterApi(env)\n const userToken = randomUUID()\n const userPw = randomUUID()\n const userWithLongTokenAndPw = await masterApi.userApi.modifyUser({\n ...initialUser,\n passwordHash: userPw,\n authenticationTokens: {\n 'test-long-lived-token': {\n token: userToken,\n creationTime: Date.now(),\n validity: 60 * 60 * 24 * 7,\n },\n },\n })\n let calls = 0\n const authProvider = SmartAuthProvider.initialise(authApi, credentials.user, {\n getSecret: async (acceptedSecrets: AuthSecretType[], previousAttempts: AuthSecretDetails[]) => {\n if (calls == 0) {\n expect(acceptedSecrets).to.include(AuthSecretType.PASSWORD)\n expect(acceptedSecrets).to.include(AuthSecretType.LONG_LIVED_TOKEN)\n expect(acceptedSecrets).to.include(AuthSecretType.SHORT_LIVED_TOKEN)\n expect(acceptedSecrets).to.not.include(AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN)\n expect(previousAttempts).to.be.empty\n calls++\n return { value: userToken, secretType: AuthSecretType.LONG_LIVED_TOKEN }\n } else if (calls == 1) {\n expect(acceptedSecrets).to.include(AuthSecretType.PASSWORD)\n expect(acceptedSecrets).to.not.include(AuthSecretType.LONG_LIVED_TOKEN)\n expect(acceptedSecrets).to.include(AuthSecretType.SHORT_LIVED_TOKEN)\n expect(acceptedSecrets).to.not.include(AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN)\n expect(previousAttempts).to.be.empty\n calls++\n return { value: userPw, secretType: AuthSecretType.PASSWORD }\n } else throw new Error(`Unexpected number of calls: ${calls}`)\n },\n })\n const userApi = userApiWithProvider(authProvider)\n expect((await userApi.getCurrentUser()).rev).to.equal(userWithLongTokenAndPw.rev)\n expect(calls).to.equal(1)\n const newPw = randomUUID()\n const userWithNewPw = await userApi.modifyUser({ ...userWithLongTokenAndPw, passwordHash: newPw })\n expect(userWithNewPw.rev).to.not.equal(userWithLongTokenAndPw.rev)\n expect(calls).to.equal(2)\n const retrievedWithNewPw = await userApiWithProvider(new BasicAuthenticationProvider(credentials.user, newPw)).getCurrentUser()\n expect(retrievedWithNewPw.rev).to.equal(userWithNewPw.rev)\n const couldRetrieveWithOldPw = await userApiWithProvider(new BasicAuthenticationProvider(credentials.user, userPw))\n .getCurrentUser()\n .then(\n () => true,\n () => false\n )\n expect(couldRetrieveWithOldPw).to.be.false\n }\n )\n\n itNoLite('Should automatically ask for TOTP after password if user has 2fa enabled', async () => {\n const { credentials, api } = await createNewHcpApi(env)\n const initialUser = await api.userApi.getCurrentUser()\n const masterApi = await initMasterApi(env)\n const totpSecret = 'AAPX7PW2RJIGZ3D4' // pragma: allowlist secret (fake secret generated only for test)\n const totp = new TOTP({\n algorithm: 'SHA1',\n digits: 6,\n period: 30,\n secret: totpSecret,\n })\n const userPw = randomUUID()\n await masterApi.userApi.enable2fa(initialUser.id!, totpSecret)\n const userWithPwAnd2fa = await masterApi.userApi.modifyUser({\n ...initialUser,\n passwordHash: userPw,\n })\n let calls = 0\n const authProvider = SmartAuthProvider.initialise(authApi, credentials.user, {\n getSecret: async (acceptedSecrets: AuthSecretType[], previousAttempts: AuthSecretDetails[]) => {\n if (calls == 0) {\n expect(acceptedSecrets).to.include(AuthSecretType.PASSWORD)\n expect(acceptedSecrets).to.include(AuthSecretType.LONG_LIVED_TOKEN)\n expect(acceptedSecrets).to.include(AuthSecretType.SHORT_LIVED_TOKEN)\n expect(acceptedSecrets).to.not.include(AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN)\n expect(previousAttempts).to.be.empty\n calls++\n return { value: userPw, secretType: AuthSecretType.PASSWORD }\n } else if (calls == 1 || calls == 2) {\n expect(acceptedSecrets).to.have.members([AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN])\n if (calls == 1) expect(previousAttempts).to.be.empty\n if (calls == 2) expect(previousAttempts).to.have.length(1)\n return calls++ == 1\n ? { value: totp.generate() + '13', secretType: AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN }\n : { value: totp.generate(), secretType: AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN }\n } else throw new Error(`Unexpected number of calls: ${calls}`)\n },\n })\n const userApi = userApiWithProvider(authProvider)\n expect((await userApi.getCurrentUser()).rev).to.equal(userWithPwAnd2fa.rev)\n expect(calls).to.equal(3)\n })\n\n itNoLite('Should ask for TOTP directly if password is cached', async () => {\n const { credentials, api } = await createNewHcpApi(env)\n const initialUser = await api.userApi.getCurrentUser()\n const masterApi = await initMasterApi(env)\n const totpSecret = 'AAPX7PW2RJIGZ3D4' // pragma: allowlist secret (fake secret generated only for test)\n const totp = new TOTP({\n algorithm: 'SHA1',\n digits: 6,\n period: 30,\n secret: totpSecret,\n })\n const userPw = randomUUID()\n await masterApi.userApi.enable2fa(initialUser.id!, totpSecret)\n const userWithPwAnd2fa = await masterApi.userApi.modifyUser({\n ...initialUser,\n passwordHash: userPw,\n })\n let calls = 0\n const authProvider = SmartAuthProvider.initialise(\n authApi,\n credentials.user,\n {\n getSecret: async (acceptedSecrets: AuthSecretType[], previousAttempts: AuthSecretDetails[]) => {\n expect(acceptedSecrets).to.have.members([AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN])\n expect(previousAttempts).to.be.empty\n expect(calls++).to.equal(0)\n return { value: totp.generate(), secretType: AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN }\n },\n },\n {\n initialSecret: { plainSecret: userPw },\n }\n )\n const userApi = userApiWithProvider(authProvider)\n expect((await userApi.getCurrentUser()).rev).to.equal(userWithPwAnd2fa.rev)\n expect(calls).to.equal(1)\n })\n\n itNoLite('Switched provider should keep cached secrets and should be able to have elevated security context', async () => {\n const details = await createUserInMultipleGroups(env)\n let calls = 0\n const authProvider = SmartAuthProvider.initialise(authApi, details.userLogin, {\n getSecret: async (acceptedSecrets: AuthSecretType[], previousAttempts: AuthSecretDetails[]) => {\n expect(acceptedSecrets).to.have.include(AuthSecretType.PASSWORD)\n expect(previousAttempts).to.be.empty\n expect(calls++).to.equal(0)\n return { value: details.userPw12, secretType: AuthSecretType.PASSWORD }\n },\n })\n const defaultGroupUserApi = userApiWithProvider(authProvider)\n const defaultGroupUser = await defaultGroupUserApi.getCurrentUser()\n const otherGroupId = details.group1.id == defaultGroupUser.groupId ? details.group2.id : details.group1.id\n const matches = await defaultGroupUserApi.getMatchingUsers()\n const switchedUserApi = userApiWithProvider(await authProvider.switchGroup(otherGroupId!, matches))\n const switchedUser = await switchedUserApi.getCurrentUser()\n expect(switchedUser.id).to.not.equal(defaultGroupUser.id)\n expect(switchedUser.groupId).to.equal(otherGroupId)\n const updatedDefault = await switchedUserApi.modifyUser({\n ...switchedUser,\n authenticationTokens: {\n 'new-token': {\n token: randomUUID(),\n creationTime: Date.now(),\n validity: 60 * 60 * 24 * 7,\n },\n },\n })\n expect(updatedDefault.rev).to.not.equal(switchedUser.rev)\n expect(Object.keys(updatedDefault.authenticationTokens ?? {})).to.not.be.empty\n })\n})\n"]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
import 'isomorphic-fetch';
|
|
@@ -0,0 +1,108 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
const mocha_1 = require("mocha");
|
|
13
|
+
const test_utils_1 = require("../utils/test_utils");
|
|
14
|
+
const types_1 = require("@icure/test-setup/types");
|
|
15
|
+
const DataOwnerTypeEnum_1 = require("../../icc-api/model/DataOwnerTypeEnum");
|
|
16
|
+
const icc_x_api_1 = require("../../icc-x-api");
|
|
17
|
+
const chai_1 = require("chai");
|
|
18
|
+
const TestStorage_1 = require("../utils/TestStorage");
|
|
19
|
+
const crypto_1 = require("crypto");
|
|
20
|
+
require("isomorphic-fetch");
|
|
21
|
+
(0, test_utils_1.setLocalStorage)(fetch);
|
|
22
|
+
let env;
|
|
23
|
+
describe('Autofix anonymity tests', () => {
|
|
24
|
+
(0, mocha_1.before)(function () {
|
|
25
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
26
|
+
this.timeout(600000);
|
|
27
|
+
const initializer = yield (0, test_utils_1.getEnvironmentInitializer)();
|
|
28
|
+
env = yield initializer.execute((0, types_1.getEnvVariables)());
|
|
29
|
+
});
|
|
30
|
+
});
|
|
31
|
+
function initApi(dataOwnerType, isAnonymous) {
|
|
32
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
33
|
+
const cryptoStrats = {
|
|
34
|
+
dataOwnerRequiresAnonymousDelegation(dataOwner) {
|
|
35
|
+
if (isAnonymous)
|
|
36
|
+
return dataOwner.type == dataOwnerType;
|
|
37
|
+
else
|
|
38
|
+
return false;
|
|
39
|
+
},
|
|
40
|
+
generateNewKeyForDataOwner(self, cryptoPrimitives) {
|
|
41
|
+
throw new Error('This method should not be necessary for this test');
|
|
42
|
+
},
|
|
43
|
+
recoverAndVerifySelfHierarchyKeys(keysData, cryptoPrimitives) {
|
|
44
|
+
throw new Error('This method should not be necessary for this test');
|
|
45
|
+
},
|
|
46
|
+
verifyDelegatePublicKeys(delegate, publicKeys, cryptoPrimitives) {
|
|
47
|
+
return Promise.resolve(publicKeys);
|
|
48
|
+
},
|
|
49
|
+
};
|
|
50
|
+
let userDetails;
|
|
51
|
+
if (dataOwnerType == DataOwnerTypeEnum_1.DataOwnerTypeEnum.Patient) {
|
|
52
|
+
userDetails = (yield (0, test_utils_1.createNewPatientApi)(env)).credentials;
|
|
53
|
+
}
|
|
54
|
+
else if (dataOwnerType == DataOwnerTypeEnum_1.DataOwnerTypeEnum.Hcp) {
|
|
55
|
+
userDetails = (yield (0, test_utils_1.createNewHcpApi)(env)).credentials;
|
|
56
|
+
}
|
|
57
|
+
else
|
|
58
|
+
throw new Error('Unsupported data owner type');
|
|
59
|
+
const storage = yield (0, TestStorage_1.testStorageWithKeys)([
|
|
60
|
+
{
|
|
61
|
+
dataOwnerId: userDetails.dataOwnerId,
|
|
62
|
+
pairs: [{ keyPair: { publicKey: userDetails.publicKey, privateKey: userDetails.privateKey }, shaVersion: icc_x_api_1.ShaVersion.Sha1 }],
|
|
63
|
+
},
|
|
64
|
+
]);
|
|
65
|
+
const api = yield icc_x_api_1.IcureApi.initialise(env.iCureUrl, { username: userDetails.user, password: userDetails.password }, cryptoStrats, crypto_1.webcrypto, fetch, {
|
|
66
|
+
keyStorage: storage.keyStorage,
|
|
67
|
+
entryKeysFactory: storage.keyFactory,
|
|
68
|
+
storage: storage.storage,
|
|
69
|
+
});
|
|
70
|
+
(0, chai_1.expect)((yield api.dataOwnerApi.getCurrentDataOwnerStub()).type).to.eq(dataOwnerType);
|
|
71
|
+
return api;
|
|
72
|
+
});
|
|
73
|
+
}
|
|
74
|
+
function doTest(dataOwnerType, isAnonymous) {
|
|
75
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
76
|
+
const api = yield initApi(dataOwnerType, isAnonymous);
|
|
77
|
+
const user = yield api.userApi.getCurrentUser();
|
|
78
|
+
const createdWithNewInstance = yield api.patientApi.createPatientWithUser(user, yield api.patientApi.newInstance(user, { firstName: 'q', lastName: 'q' }));
|
|
79
|
+
const createdByBackend = yield api.agendaApi.createAgenda({ id: api.cryptoApi.primitives.randomUuid(), name: 'whatever' });
|
|
80
|
+
if (isAnonymous) {
|
|
81
|
+
(0, chai_1.expect)(createdWithNewInstance.author).to.eq('*');
|
|
82
|
+
(0, chai_1.expect)(createdWithNewInstance.responsible).to.eq('*');
|
|
83
|
+
(0, chai_1.expect)(createdByBackend.author).to.eq('*');
|
|
84
|
+
(0, chai_1.expect)(createdByBackend.responsible).to.eq('*');
|
|
85
|
+
}
|
|
86
|
+
else {
|
|
87
|
+
const doId = api.dataOwnerApi.getDataOwnerIdOf(user);
|
|
88
|
+
(0, chai_1.expect)(createdWithNewInstance.author).to.eq(user.id);
|
|
89
|
+
(0, chai_1.expect)(createdWithNewInstance.responsible).to.eq(doId);
|
|
90
|
+
(0, chai_1.expect)(createdByBackend.author).to.eq(user.id);
|
|
91
|
+
(0, chai_1.expect)(createdByBackend.responsible).to.eq(doId);
|
|
92
|
+
}
|
|
93
|
+
});
|
|
94
|
+
}
|
|
95
|
+
it('Entity created by a patient should omit author and responsible if crypto strategies require anonymous delegations for the user', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
96
|
+
yield doTest(DataOwnerTypeEnum_1.DataOwnerTypeEnum.Patient, true);
|
|
97
|
+
}));
|
|
98
|
+
it('Entity created by a patient should autofix author and responsible if crypto strategies does not require anonymous delegations for the user', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
99
|
+
yield doTest(DataOwnerTypeEnum_1.DataOwnerTypeEnum.Patient, false);
|
|
100
|
+
}));
|
|
101
|
+
it('Entity created by a HCP should omit author and responsible if crypto strategies require anonymous delegations for the user', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
102
|
+
yield doTest(DataOwnerTypeEnum_1.DataOwnerTypeEnum.Hcp, true);
|
|
103
|
+
}));
|
|
104
|
+
it('Entity created by a HCP should autofix author and responsible if crypto strategies does not require anonymous delegations for the user', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
105
|
+
yield doTest(DataOwnerTypeEnum_1.DataOwnerTypeEnum.Hcp, false);
|
|
106
|
+
}));
|
|
107
|
+
});
|
|
108
|
+
//# sourceMappingURL=autofix-anonymity-test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"autofix-anonymity-test.js","sourceRoot":"","sources":["../../../test/icc-x-api/autofix-anonymity-test.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,iCAA8B;AAC9B,oDAAsH;AACtH,mDAAgF;AAChF,6EAAyE;AACzE,+CAAmG;AACnG,+BAA6B;AAG7B,sDAA0D;AAC1D,mCAAkC;AAElC,4BAAyB;AAEzB,IAAA,4BAAe,EAAC,KAAK,CAAC,CAAA;AAEtB,IAAI,GAAa,CAAA;AAEjB,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,IAAA,cAAM,EAAC;;YACL,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;YACpB,MAAM,WAAW,GAAG,MAAM,IAAA,sCAAyB,GAAE,CAAA;YACrD,GAAG,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,IAAA,uBAAe,GAAE,CAAC,CAAA;QACpD,CAAC;KAAA,CAAC,CAAA;IAEF,SAAe,OAAO,CAAC,aAAgC,EAAE,WAAoB;;YAC3E,MAAM,YAAY,GAAqB;gBACrC,oCAAoC,CAAC,SAAkC;oBACrE,IAAI,WAAW;wBAAE,OAAO,SAAS,CAAC,IAAI,IAAI,aAAa,CAAA;;wBAClD,OAAO,KAAK,CAAA;gBACnB,CAAC;gBACD,0BAA0B,CAAC,IAAuB,EAAE,gBAAkC;oBACpF,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;gBACtE,CAAC;gBACD,iCAAiC,CAC/B,QAIG,EACH,gBAAkC;oBAIlC,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;gBACtE,CAAC;gBACD,wBAAwB,CAAC,QAAiC,EAAE,UAAoB,EAAE,gBAAkC;oBAClH,OAAO,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;gBACpC,CAAC;aACF,CAAA;YACD,IAAI,WAAwB,CAAA;YAC5B,IAAI,aAAa,IAAI,qCAAiB,CAAC,OAAO,EAAE;gBAC9C,WAAW,GAAG,CAAC,MAAM,IAAA,gCAAmB,EAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAA;aAC3D;iBAAM,IAAI,aAAa,IAAI,qCAAiB,CAAC,GAAG,EAAE;gBACjD,WAAW,GAAG,CAAC,MAAM,IAAA,4BAAe,EAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAA;aACvD;;gBAAM,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;YACrD,MAAM,OAAO,GAAG,MAAM,IAAA,iCAAmB,EAAC;gBACxC;oBACE,WAAW,EAAE,WAAW,CAAC,WAAW;oBACpC,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,WAAW,CAAC,SAAS,EAAE,UAAU,EAAE,WAAW,CAAC,UAAU,EAAE,EAAE,UAAU,EAAE,sBAAU,CAAC,IAAI,EAAE,CAAC;iBAC5H;aACF,CAAC,CAAA;YACF,MAAM,GAAG,GAAG,MAAM,oBAAQ,CAAC,UAAU,CACnC,GAAG,CAAC,QAAQ,EACZ,EAAE,QAAQ,EAAE,WAAW,CAAC,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,QAAQ,EAAE,EAC9D,YAAY,EACZ,kBAAgB,EAChB,KAAK,EACL;gBACE,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,gBAAgB,EAAE,OAAO,CAAC,UAAU;gBACpC,OAAO,EAAE,OAAO,CAAC,OAAO;aACzB,CACF,CAAA;YACD,IAAA,aAAM,EAAC,CAAC,MAAM,GAAG,CAAC,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,aAAa,CAAC,CAAA;YACpF,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAED,SAAe,MAAM,CAAC,aAAgC,EAAE,WAAoB;;YAC1E,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,aAAa,EAAE,WAAW,CAAC,CAAA;YACrD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;YAC/C,MAAM,sBAAsB,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,qBAAqB,CACvE,IAAI,EACJ,MAAM,GAAG,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAC1E,CAAA;YACD,MAAM,gBAAgB,GAAG,MAAM,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAA;YAC1H,IAAI,WAAW,EAAE;gBACf,IAAA,aAAM,EAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAA;gBAChD,IAAA,aAAM,EAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAA;gBACrD,IAAA,aAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAA;gBAC1C,IAAA,aAAM,EAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAA;aAChD;iBAAM;gBACL,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;gBACpD,IAAA,aAAM,EAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBACpD,IAAA,aAAM,EAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAA;gBACtD,IAAA,aAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAC9C,IAAA,aAAM,EAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAA;aACjD;QACH,CAAC;KAAA;IAED,EAAE,CAAC,gIAAgI,EAAE,GAAS,EAAE;QAC9I,MAAM,MAAM,CAAC,qCAAiB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;IAC/C,CAAC,CAAA,CAAC,CAAA;IAEF,EAAE,CAAC,4IAA4I,EAAE,GAAS,EAAE;QAC1J,MAAM,MAAM,CAAC,qCAAiB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAChD,CAAC,CAAA,CAAC,CAAA;IAEF,EAAE,CAAC,4HAA4H,EAAE,GAAS,EAAE;QAC1I,MAAM,MAAM,CAAC,qCAAiB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;IAC3C,CAAC,CAAA,CAAC,CAAA;IAEF,EAAE,CAAC,wIAAwI,EAAE,GAAS,EAAE;QACtJ,MAAM,MAAM,CAAC,qCAAiB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAA;IAC5C,CAAC,CAAA,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA","sourcesContent":["import { before } from 'mocha'\nimport { createNewHcpApi, createNewPatientApi, getEnvironmentInitializer, setLocalStorage } from '../utils/test_utils'\nimport { getEnvVariables, TestVars, UserDetails } from '@icure/test-setup/types'\nimport { DataOwnerTypeEnum } from '../../icc-api/model/DataOwnerTypeEnum'\nimport { CryptoPrimitives, CryptoStrategies, IcureApi, KeyPair, ShaVersion } from '../../icc-x-api'\nimport { expect } from 'chai'\nimport { CryptoActorStubWithType } from '../../icc-api/model/CryptoActorStub'\nimport { DataOwnerWithType } from '../../icc-api/model/DataOwnerWithType'\nimport { testStorageWithKeys } from '../utils/TestStorage'\nimport { webcrypto } from 'crypto'\n\nimport 'isomorphic-fetch'\n\nsetLocalStorage(fetch)\n\nlet env: TestVars\n\ndescribe('Autofix anonymity tests', () => {\n before(async function () {\n this.timeout(600000)\n const initializer = await getEnvironmentInitializer()\n env = await initializer.execute(getEnvVariables())\n })\n\n async function initApi(dataOwnerType: DataOwnerTypeEnum, isAnonymous: boolean): Promise<IcureApi> {\n const cryptoStrats: CryptoStrategies = {\n dataOwnerRequiresAnonymousDelegation(dataOwner: CryptoActorStubWithType): boolean {\n if (isAnonymous) return dataOwner.type == dataOwnerType\n else return false\n },\n generateNewKeyForDataOwner(self: DataOwnerWithType, cryptoPrimitives: CryptoPrimitives): Promise<KeyPair<CryptoKey> | boolean> {\n throw new Error('This method should not be necessary for this test')\n },\n recoverAndVerifySelfHierarchyKeys(\n keysData: {\n dataOwner: DataOwnerWithType\n unknownKeys: string[]\n unavailableKeys: string[]\n }[],\n cryptoPrimitives: CryptoPrimitives\n ): Promise<{\n [p: string]: { recoveredKeys: { [p: string]: KeyPair<CryptoKey> }; keyAuthenticity: { [p: string]: boolean } }\n }> {\n throw new Error('This method should not be necessary for this test')\n },\n verifyDelegatePublicKeys(delegate: CryptoActorStubWithType, publicKeys: string[], cryptoPrimitives: CryptoPrimitives): Promise<string[]> {\n return Promise.resolve(publicKeys)\n },\n }\n let userDetails: UserDetails\n if (dataOwnerType == DataOwnerTypeEnum.Patient) {\n userDetails = (await createNewPatientApi(env)).credentials\n } else if (dataOwnerType == DataOwnerTypeEnum.Hcp) {\n userDetails = (await createNewHcpApi(env)).credentials\n } else throw new Error('Unsupported data owner type')\n const storage = await testStorageWithKeys([\n {\n dataOwnerId: userDetails.dataOwnerId,\n pairs: [{ keyPair: { publicKey: userDetails.publicKey, privateKey: userDetails.privateKey }, shaVersion: ShaVersion.Sha1 }],\n },\n ])\n const api = await IcureApi.initialise(\n env.iCureUrl,\n { username: userDetails.user, password: userDetails.password },\n cryptoStrats,\n webcrypto as any,\n fetch,\n {\n keyStorage: storage.keyStorage,\n entryKeysFactory: storage.keyFactory,\n storage: storage.storage,\n }\n )\n expect((await api.dataOwnerApi.getCurrentDataOwnerStub()).type).to.eq(dataOwnerType)\n return api\n }\n\n async function doTest(dataOwnerType: DataOwnerTypeEnum, isAnonymous: boolean) {\n const api = await initApi(dataOwnerType, isAnonymous)\n const user = await api.userApi.getCurrentUser()\n const createdWithNewInstance = await api.patientApi.createPatientWithUser(\n user,\n await api.patientApi.newInstance(user, { firstName: 'q', lastName: 'q' })\n )\n const createdByBackend = await api.agendaApi.createAgenda({ id: api.cryptoApi.primitives.randomUuid(), name: 'whatever' })\n if (isAnonymous) {\n expect(createdWithNewInstance.author).to.eq('*')\n expect(createdWithNewInstance.responsible).to.eq('*')\n expect(createdByBackend.author).to.eq('*')\n expect(createdByBackend.responsible).to.eq('*')\n } else {\n const doId = api.dataOwnerApi.getDataOwnerIdOf(user)\n expect(createdWithNewInstance.author).to.eq(user.id)\n expect(createdWithNewInstance.responsible).to.eq(doId)\n expect(createdByBackend.author).to.eq(user.id)\n expect(createdByBackend.responsible).to.eq(doId)\n }\n }\n\n it('Entity created by a patient should omit author and responsible if crypto strategies require anonymous delegations for the user', async () => {\n await doTest(DataOwnerTypeEnum.Patient, true)\n })\n\n it('Entity created by a patient should autofix author and responsible if crypto strategies does not require anonymous delegations for the user', async () => {\n await doTest(DataOwnerTypeEnum.Patient, false)\n })\n\n it('Entity created by a HCP should omit author and responsible if crypto strategies require anonymous delegations for the user', async () => {\n await doTest(DataOwnerTypeEnum.Hcp, true)\n })\n\n it('Entity created by a HCP should autofix author and responsible if crypto strategies does not require anonymous delegations for the user', async () => {\n await doTest(DataOwnerTypeEnum.Hcp, false)\n })\n})\n"]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
import 'isomorphic-fetch';
|