2020-06-23 17:30:45 +00:00
|
|
|
const RealTimeClient = require('./helpers/RealTimeClient')
|
2023-11-29 14:50:21 +00:00
|
|
|
const FixturesManager = require('./helpers/FixturesManager')
|
2021-07-12 16:47:18 +00:00
|
|
|
const Settings = require('@overleaf/settings')
|
2024-06-12 09:51:37 +00:00
|
|
|
const signature = require('cookie-signature')
|
2020-06-23 17:30:45 +00:00
|
|
|
const { expect } = require('chai')
|
2020-06-06 12:37:40 +00:00
|
|
|
|
2020-06-23 17:30:45 +00:00
|
|
|
describe('SessionSockets', function () {
|
2023-11-29 14:50:21 +00:00
|
|
|
beforeEach(function (done) {
|
|
|
|
FixturesManager.setUpProject(
|
|
|
|
{
|
|
|
|
privilegeLevel: 'owner',
|
|
|
|
},
|
|
|
|
(err, options) => {
|
|
|
|
if (err) return done(err)
|
|
|
|
|
|
|
|
this.checkSocket = function (fn) {
|
|
|
|
RealTimeClient.connect(options.project_id, fn)
|
|
|
|
}
|
|
|
|
done()
|
|
|
|
}
|
|
|
|
)
|
2020-06-23 17:30:45 +00:00
|
|
|
})
|
2020-06-06 12:37:40 +00:00
|
|
|
|
2020-06-23 17:30:45 +00:00
|
|
|
describe('without cookies', function () {
|
2023-11-29 14:50:21 +00:00
|
|
|
beforeEach(function () {
|
2024-06-12 09:51:37 +00:00
|
|
|
RealTimeClient.cookie = null
|
2020-06-23 17:30:45 +00:00
|
|
|
})
|
2020-06-06 12:37:40 +00:00
|
|
|
|
2024-06-12 09:51:37 +00:00
|
|
|
it('should return a lookup error', function (done) {
|
|
|
|
this.checkSocket(error => {
|
2020-06-23 17:30:45 +00:00
|
|
|
expect(error).to.exist
|
|
|
|
expect(error.message).to.equal('invalid session')
|
2024-06-12 09:51:37 +00:00
|
|
|
done()
|
2020-06-23 17:30:45 +00:00
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|
2020-06-06 12:37:40 +00:00
|
|
|
|
2020-06-23 17:30:45 +00:00
|
|
|
describe('with a different cookie', function () {
|
2023-11-29 14:50:21 +00:00
|
|
|
beforeEach(function () {
|
2024-06-12 09:51:37 +00:00
|
|
|
RealTimeClient.cookie = 'some.key=someValue'
|
2020-06-23 17:30:45 +00:00
|
|
|
})
|
2020-06-06 12:37:40 +00:00
|
|
|
|
2024-06-12 09:51:37 +00:00
|
|
|
it('should return a lookup error', function (done) {
|
|
|
|
this.checkSocket(error => {
|
2020-06-23 17:30:45 +00:00
|
|
|
expect(error).to.exist
|
|
|
|
expect(error.message).to.equal('invalid session')
|
2024-06-12 09:51:37 +00:00
|
|
|
done()
|
2020-06-23 17:30:45 +00:00
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|
2020-06-06 12:37:40 +00:00
|
|
|
|
2020-06-23 17:30:45 +00:00
|
|
|
describe('with an invalid cookie', function () {
|
2023-11-29 14:50:21 +00:00
|
|
|
beforeEach(function (done) {
|
2021-07-13 11:04:45 +00:00
|
|
|
RealTimeClient.setSession({}, error => {
|
2020-06-23 17:30:45 +00:00
|
|
|
if (error) {
|
|
|
|
return done(error)
|
|
|
|
}
|
|
|
|
RealTimeClient.cookie = `${
|
|
|
|
Settings.cookieName
|
|
|
|
}=${RealTimeClient.cookie.slice(17, 49)}`
|
2024-06-12 09:51:37 +00:00
|
|
|
done()
|
2020-06-23 17:30:45 +00:00
|
|
|
})
|
|
|
|
})
|
2020-06-06 12:37:40 +00:00
|
|
|
|
2024-06-12 09:51:37 +00:00
|
|
|
it('should return a lookup error', function (done) {
|
|
|
|
this.checkSocket(error => {
|
2020-06-23 17:30:45 +00:00
|
|
|
expect(error).to.exist
|
|
|
|
expect(error.message).to.equal('invalid session')
|
2024-06-12 09:51:37 +00:00
|
|
|
done()
|
2020-06-23 17:30:45 +00:00
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|
2020-06-06 12:37:40 +00:00
|
|
|
|
2020-06-23 17:30:45 +00:00
|
|
|
describe('with a valid cookie and no matching session', function () {
|
2023-11-29 14:50:21 +00:00
|
|
|
beforeEach(function () {
|
2024-06-12 09:51:37 +00:00
|
|
|
RealTimeClient.cookie = `${Settings.cookieName}=unknownId`
|
2020-06-23 17:30:45 +00:00
|
|
|
})
|
2020-06-06 12:37:40 +00:00
|
|
|
|
2024-06-12 09:51:37 +00:00
|
|
|
it('should return a lookup error', function (done) {
|
|
|
|
this.checkSocket(error => {
|
2020-06-23 17:30:45 +00:00
|
|
|
expect(error).to.exist
|
|
|
|
expect(error.message).to.equal('invalid session')
|
2024-06-12 09:51:37 +00:00
|
|
|
done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
describe('with a valid cookie and a matching session', function () {
|
|
|
|
it('should not return an error', function (done) {
|
|
|
|
this.checkSocket(error => {
|
|
|
|
expect(error).to.not.exist
|
|
|
|
done()
|
2020-06-23 17:30:45 +00:00
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|
2020-06-06 12:37:40 +00:00
|
|
|
|
2024-06-12 09:51:37 +00:00
|
|
|
describe('with a cookie signed by the fallback key and a matching session', function () {
|
|
|
|
beforeEach(function () {
|
|
|
|
RealTimeClient.cookie =
|
|
|
|
RealTimeClient.cookieSignedWith.sessionSecretFallback
|
|
|
|
})
|
|
|
|
it('should not return an error', function (done) {
|
|
|
|
this.checkSocket(error => {
|
2020-06-23 17:30:45 +00:00
|
|
|
expect(error).to.not.exist
|
2024-06-12 09:51:37 +00:00
|
|
|
done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
describe('with a cookie signed by the upcoming key and a matching session', function () {
|
|
|
|
beforeEach(function () {
|
|
|
|
RealTimeClient.cookie =
|
|
|
|
RealTimeClient.cookieSignedWith.sessionSecretUpcoming
|
|
|
|
})
|
|
|
|
it('should not return an error', function (done) {
|
|
|
|
this.checkSocket(error => {
|
|
|
|
expect(error).to.not.exist
|
|
|
|
done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
describe('with a cookie signed with an unrecognized secret and a matching session', function () {
|
|
|
|
beforeEach(function () {
|
|
|
|
const [sessionKey] = RealTimeClient.cookie.split('.')
|
|
|
|
// sign the session key with a unrecognized secret
|
|
|
|
RealTimeClient.cookie = signature.sign(
|
|
|
|
sessionKey,
|
|
|
|
'unrecognised-session-secret'
|
|
|
|
)
|
|
|
|
})
|
|
|
|
it('should return a lookup error', function (done) {
|
|
|
|
this.checkSocket(error => {
|
|
|
|
expect(error).to.exist
|
|
|
|
expect(error.message).to.equal('invalid session')
|
|
|
|
done()
|
2020-06-23 17:30:45 +00:00
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|