Merge pull request #821 from chilts/i799-tests-for-customs-server

Fixes #799 - Adds tests for customs.js which hits the fxa-customs-server

customs.js

@@ -37,7 +37,10 @@
       },
       function (err) {
         log.error({ op: 'customs.check.1', email: email, action: action, err: err })
-        // allow the request through
+        // If this happens, either:
+        // - (1) the url in config doesn't point to a real customs server
+        // - (2) the customs server returned an internal server error
+        // Either way, allow the request through so we fail open.
       }
     )
   }
@@ -55,6 +58,10 @@
       function () {},
       function (err) {
         log.error({ op: 'customs.flag.1', email: email, err: err })
+        // If this happens, either:
+        // - (1) the url in config doesn't point to a real customs server
+        // - (2) the customs server returned an internal server error
+        // Either way, allow the request through so we fail open.
       }
     )
   }
@@ -71,6 +78,10 @@
       function () {},
       function (err) {
         log.error({ op: 'customs.reset.1', email: email, err: err })
+        // If this happens, either:
+        // - (1) the url in config doesn't point to a real customs server
+        // - (2) the customs server returned an internal server error
+        // Either way, allow the request through so we fail open.
       }
     )
   }

package.json

@@ -59,6 +59,7 @@
     "hawk": "2.3.0",
     "load-grunt-tasks": "0.6.0",
     "mailparser": "0.4.6",
+    "nock": "0.48.0",
     "simplesmtp": "0.3.33",
     "sjcl": "1.0.1",
     "tap": "0.4.12"

test/local/customs.js

@@ -0,0 +1,193 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+var test = require('../ptaptest')
+var log = {
+  trace: function () {},
+  error: console.error,
+}
+var error = require('../../error.js')
+var nock = require('nock')
+
+var Customs = require('../../customs.js')(log, error)
+
+var CUSTOMS_URL_REAL = 'http://localhost:7000'
+var CUSTOMS_URL_MISSING = 'http://localhost:7001'
+
+var customsNoUrl
+var customsWithUrl
+var customsInvalidUrl
+
+var customsServer = nock(CUSTOMS_URL_REAL)
+  .defaultReplyHeaders({
+    'Content-Type': 'application/json'
+  })
+
+test(
+  "can create a customs object with url as 'none'",
+  function (t) {
+    t.plan(7)
+
+    customsNoUrl = new Customs('none')
+
+    t.ok(customsNoUrl, 'got a customs object with a none url')
+
+    var email = newEmail()
+    var ip = newIp()
+    var action = newAction()
+
+    return customsNoUrl.check(email, ip, action)
+      .then(function(result) {
+        t.equal(result, undefined, 'Nothing is returned when /check succeeds')
+        t.pass('Passed /check (no url)')
+      }, function(error) {
+        t.fail('We should have failed open (no url provided) for /check')
+      })
+      .then(function() {
+        return customsNoUrl.flag(ip, email)
+      })
+      .then(function(result) {
+        t.equal(result, undefined, 'Nothing is returned when /failedLoginAttempt succeeds')
+        t.pass('Passed /failedLoginAttempt')
+      }, function(error) {
+        t.fail('We should have failed open for /failedLoginAttempt')
+      })
+      .then(function() {
+        return customsNoUrl.reset(email)
+      })
+      .then(function(result) {
+        t.equal(result, undefined, 'Nothing is returned when /passwordReset succeeds')
+        t.pass('Passed /passwordReset')
+      }, function(error) {
+        t.fail('We should have failed open (no url provided) for /failedLoginAttempt')
+      })
+  }
+)
+
+test(
+  'can create a customs object with a url',
+  function (t) {
+    t.plan(14)
+
+    customsWithUrl = new Customs(CUSTOMS_URL_REAL)
+
+    t.ok(customsWithUrl, 'got a customs object with a valid url')
+
+    var email = newEmail()
+    var ip = newIp()
+    var action = newAction()
+
+    customsServer
+      .post('/check').reply(200, '{"block":false,"retryAfter":0}')
+      .post('/failedLoginAttempt').reply(200, '{"lockout":false}')
+      .post('/passwordReset').reply(200, '{}')
+      .post('/check').reply(200, '{"block":true,"retryAfter":10001}')
+
+    return customsWithUrl.check(email, ip, action)
+      .then(function(result) {
+        t.equal(result, undefined, 'Nothing is returned when /check succeeds')
+        t.pass('Passed /check (with url)')
+      }, function(error) {
+        t.fail('We should not have failed here for /check : err=' + error)
+      })
+      .then(function() {
+        return customsWithUrl.flag(ip, email)
+      })
+      .then(function(result) {
+        t.equal(result, undefined, 'Nothing is returned when /failedLoginAttempt succeeds')
+        t.pass('Passed /failedLoginAttempt (no url)')
+      }, function(error) {
+        t.fail('We should have failed open (no url provided) for /failedLoginAttempt')
+      })
+      .then(function() {
+        return customsWithUrl.reset(email)
+      })
+      .then(function(result) {
+        t.equal(result, undefined, 'Nothing is returned when /passwordReset succeeds')
+        t.pass('Passed /passwordReset')
+      }, function(error) {
+        t.fail('We should have failed open (no url provided) for /failedLoginAttempt')
+      })
+      .then(function() {
+        return customsWithUrl.check(email, ip, action)
+      })
+      .then(function(result) {
+        t.fail('This should have failed the check since it should be blocked')
+      }, function(error) {
+        t.pass('Since we faked a block, we should have arrived here')
+        t.equal(error.errno, 114, 'Error number is correct')
+        t.equal(error.message, 'Client has sent too many requests', 'Error message is correct')
+        t.ok(error.isBoom, 'The error causes a boom')
+        t.equal(error.output.statusCode, 429, 'Status Code is correct')
+        t.equal(error.output.payload.retryAfter, 10001, 'retryAfter is correct')
+        t.equal(error.output.headers['retry-after'], 10001, 'retryAfter header is correct')
+      })
+
+  }
+)
+
+test(
+  "can create a customs object with non-existant customs service'",
+  function (t) {
+    t.plan(7)
+
+    customsInvalidUrl = new Customs(CUSTOMS_URL_MISSING)
+
+    t.ok(customsInvalidUrl, 'got a customs object with a non-existant service url')
+
+    var email = newEmail()
+    var ip = newIp()
+    var action = newAction()
+
+    return customsInvalidUrl.check(email, ip, action)
+      .then(function(result) {
+        t.equal(result, undefined, 'Nothing is returned when /check succeeds even when service is non-existant')
+        t.pass('Passed /check (no url)')
+      }, function(error) {
+        t.fail('We should have failed open (non-existant service url provided) for /check')
+      })
+      .then(function() {
+        return customsInvalidUrl.flag(ip, email)
+      })
+      .then(function(result) {
+        t.equal(result, undefined, 'Nothing is returned when /failedLoginAttempt succeeds')
+        t.pass('Passed /failedLoginAttempt')
+      }, function(error) {
+        t.fail('We should have failed open (no url provided) for /failedLoginAttempt')
+      })
+      .then(function() {
+        return customsInvalidUrl.reset(email)
+      })
+      .then(function(result) {
+        t.equal(result, undefined, 'Nothing is returned when /passwordReset succeeds')
+        t.pass('Passed /passwordReset')
+      }, function(error) {
+        t.fail('We should have failed open (no url provided) for /failedLoginAttempt')
+      })
+  }
+)
+
+function newEmail() {
+  return Math.random().toString().substr(2) + '@example.com'
+}
+
+function newIp() {
+  return [
+    '' + Math.floor(Math.random() * 256),
+    '' + Math.floor(Math.random() * 256),
+    '' + Math.floor(Math.random() * 256),
+    '' + Math.floor(Math.random() * 256),
+  ].join('.')
+}
+
+var EMAIL_ACTIONS = [
+  'accountCreate',
+  'recoveryEmailResendCode',
+  'passwordForgotSendCode',
+  'passwordForgotResendCode'
+]
+
+function newAction() {
+  return EMAIL_ACTIONS[Math.floor(Math.random() * EMAIL_ACTIONS.length)]
+}