diff --git a/services/sync/modules/service.js b/services/sync/modules/service.js index ebc1df547b9e..8f95a4b08699 100644 --- a/services/sync/modules/service.js +++ b/services/sync/modules/service.js @@ -828,6 +828,9 @@ WeaveSvc.prototype = { let url = this.userAPI + username; let res = new Resource(url); res.authenticator = new Weave.NoOpAuthenticator(); + + // Hint to server to allow scripted user creation or otherwise + // ignore captcha. if (Svc.Prefs.isSet("admin-secret")) res.setHeader("X-Weave-Secret", Svc.Prefs.get("admin-secret", "")); diff --git a/services/sync/tests/unit/test_service_changePassword.js b/services/sync/tests/unit/test_service_changePassword.js new file mode 100644 index 000000000000..9da6a33569e0 --- /dev/null +++ b/services/sync/tests/unit/test_service_changePassword.js @@ -0,0 +1,57 @@ +Cu.import("resource://services-sync/service.js"); +Cu.import("resource://services-sync/constants.js"); + +function run_test() { + var requestBody; + function send(statusCode, status, body) { + return function(request, response) { + requestBody = readBytesFromInputStream(request.bodyInputStream); + response.setStatusLine(request.httpVersion, statusCode, status); + response.bodyOutputStream.write(body, body.length); + }; + } + + let server; + + try { + + Weave.Service.serverURL = "http://localhost:8080/"; + Weave.Service.username = "johndoe"; + Weave.Service.password = "ilovejane"; + + _("changePassword() returns false for a network error, the password won't change."); + let res = Weave.Service.changePassword("ILoveJane83"); + do_check_false(res); + do_check_eq(Weave.Service.password, "ilovejane"); + + _("Let's fire up the server and actually change the password."); + server = httpd_setup({ + "/user/1.0/johndoe/password": send(200, "OK", ""), + "/user/1.0/janedoe/password": send(401, "Unauthorized", "Forbidden!") + }); + + res = Weave.Service.changePassword("ILoveJane83"); + do_check_true(res); + do_check_eq(Weave.Service.password, "ILoveJane83"); + + _("Make sure the password has been persisted in the login manager."); + let logins = Weave.Svc.Login.findLogins({}, PWDMGR_HOST, null, + PWDMGR_PASSWORD_REALM); + do_check_eq(logins[0].password, "ILoveJane83"); + + _("changePassword() returns false for a server error, the password won't change."); + Weave.Svc.Login.removeAllLogins(); + Weave.Service.username = "janedoe"; + Weave.Service.password = "ilovejohn"; + res = Weave.Service.changePassword("ILoveJohn86"); + do_check_false(res); + do_check_eq(Weave.Service.password, "ilovejohn"); + + } finally { + Weave.Svc.Prefs.resetBranch(""); + Weave.Svc.Login.removeAllLogins(); + if (server) { + server.stop(function() {}); + } + } +} diff --git a/services/sync/tests/unit/test_service_checkUsername.js b/services/sync/tests/unit/test_service_checkUsername.js new file mode 100644 index 000000000000..ef98a83c9a73 --- /dev/null +++ b/services/sync/tests/unit/test_service_checkUsername.js @@ -0,0 +1,31 @@ +Cu.import("resource://services-sync/service.js"); + +function send(statusCode, status, body) { + return function(request, response) { + response.setStatusLine(request.httpVersion, statusCode, status); + response.bodyOutputStream.write(body, body.length); + }; +} + +function run_test() { + let server = httpd_setup({ + "/user/1.0/johndoe": send(200, "OK", "1"), + "/user/1.0/janedoe": send(200, "OK", "0") + }); + try { + Weave.Service.serverURL = "http://localhost:8080/"; + + _("A 404 will be recorded as 'generic-server-error'"); + do_check_eq(Weave.Service.checkUsername("jimdoe"), "generic-server-error"); + + _("Username that's not available."); + do_check_eq(Weave.Service.checkUsername("johndoe"), "notAvailable"); + + _("Username that's available."); + do_check_eq(Weave.Service.checkUsername("janedoe"), "available"); + + } finally { + Weave.Svc.Prefs.resetBranch(""); + server.stop(function() {}); + } +} diff --git a/services/sync/tests/unit/test_service_createAccount.js b/services/sync/tests/unit/test_service_createAccount.js new file mode 100644 index 000000000000..c899915bb425 --- /dev/null +++ b/services/sync/tests/unit/test_service_createAccount.js @@ -0,0 +1,56 @@ +Cu.import("resource://services-sync/service.js"); + +function run_test() { + var requestBody; + var secretHeader; + function send(statusCode, status, body) { + return function(request, response) { + requestBody = readBytesFromInputStream(request.bodyInputStream); + if (request.hasHeader("X-Weave-Secret")) { + secretHeader = request.getHeader("X-Weave-Secret"); + } + + response.setStatusLine(request.httpVersion, statusCode, status); + response.bodyOutputStream.write(body, body.length); + }; + } + + let server = httpd_setup({ + "/user/1.0/johndoe": send(200, "OK", "0"), + "/user/1.0/janedoe": send(400, "Bad Request", "2"), + "/user/1.0/jimdoe": send(500, "Server Error", "Server Error") + }); + try { + Weave.Service.serverURL = "http://localhost:8080/"; + + _("Create an account."); + let res = Weave.Service.createAccount("johndoe", "mysecretpw", "john@doe", + "challenge", "response"); + do_check_eq(res, null); + let payload = JSON.parse(requestBody); + do_check_eq(payload.password, "mysecretpw"); + do_check_eq(payload.email, "john@doe"); + do_check_eq(payload["captcha-challenge"], "challenge"); + do_check_eq(payload["captcha-response"], "response"); + + _("Invalid captcha or other user-friendly error."); + res = Weave.Service.createAccount("janedoe", "anothersecretpw", "jane@doe", + "challenge", "response"); + do_check_eq(res, "invalid-captcha"); + + _("Generic server error."); + res = Weave.Service.createAccount("jimdoe", "preciousss", "jim@doe", + "challenge", "response"); + do_check_eq(res, "generic-server-error"); + + _("Admin secret preference is passed as HTTP header token."); + Weave.Svc.Prefs.set("admin-secret", "my-server-secret"); + res = Weave.Service.createAccount("johndoe", "mysecretpw", "john@doe", + "challenge", "response"); + do_check_eq(secretHeader, "my-server-secret"); + + } finally { + Weave.Svc.Prefs.resetBranch(""); + server.stop(function() {}); + } +}