From faaa0111ed91f2b90d056a99b6ff23d547834512 Mon Sep 17 00:00:00 2001 From: Brandon Kobel Date: Fri, 15 Nov 2019 15:33:24 -0500 Subject: [PATCH] Fixing mocha tests and broken password change status codes (#50704) (#50803) * Fixing mocha tests and broken password change status codes * Updating API integration test --- .../routes/api/v1/__tests__/authenticate.js | 2 +- .../server/routes/api/v1/__tests__/users.js | 4 ++-- .../security/server/routes/api/v1/users.js | 20 ++++++++----------- .../apis/security/change_password.ts | 2 +- 4 files changed, 12 insertions(+), 16 deletions(-) diff --git a/x-pack/legacy/plugins/security/server/routes/api/v1/__tests__/authenticate.js b/x-pack/legacy/plugins/security/server/routes/api/v1/__tests__/authenticate.js index 5e07ec7ee0618..5cea7c70b7781 100644 --- a/x-pack/legacy/plugins/security/server/routes/api/v1/__tests__/authenticate.js +++ b/x-pack/legacy/plugins/security/server/routes/api/v1/__tests__/authenticate.js @@ -34,7 +34,7 @@ describe('Authentication routes', () => { initAuthenticateApi({ authc: { login: loginStub, logout: logoutStub }, - config: { authc: { providers: ['basic'] } }, + __legacyCompat: { config: { authc: { providers: ['basic'] } } }, }, serverStub); }); diff --git a/x-pack/legacy/plugins/security/server/routes/api/v1/__tests__/users.js b/x-pack/legacy/plugins/security/server/routes/api/v1/__tests__/users.js index 83dfa778f1b50..4077ab52e86de 100644 --- a/x-pack/legacy/plugins/security/server/routes/api/v1/__tests__/users.js +++ b/x-pack/legacy/plugins/security/server/routes/api/v1/__tests__/users.js @@ -31,7 +31,7 @@ describe('User routes', () => { clusterStub = sinon.stub({ callWithRequest() {} }); sandbox.stub(ClientShield, 'getClient').returns(clusterStub); - initUsersApi({ authc: { login: loginStub }, config: { authc: { providers: ['basic'] } } }, serverStub); + initUsersApi({ authc: { login: loginStub }, __legacyCompat: { config: { authc: { providers: ['basic'] } } } }, serverStub); }); afterEach(() => sandbox.restore()); @@ -90,7 +90,7 @@ describe('User routes', () => { expect(response.isBoom).to.be(true); expect(response.output.payload).to.eql({ statusCode: 403, - error: 'Unauthorized', + error: 'Forbidden', message: 'Something went wrong.' }); }); diff --git a/x-pack/legacy/plugins/security/server/routes/api/v1/users.js b/x-pack/legacy/plugins/security/server/routes/api/v1/users.js index 595182653fa23..d6dc39da657b1 100644 --- a/x-pack/legacy/plugins/security/server/routes/api/v1/users.js +++ b/x-pack/legacy/plugins/security/server/routes/api/v1/users.js @@ -96,19 +96,15 @@ export function initUsersApi({ authc: { login }, __legacyCompat: { config } }, s // If user tries to change own password, let's check if old password is valid first by trying // to login. if (isCurrentUser) { - try { - const authenticationResult = await login(KibanaRequest.from(request), { - provider: providerToLoginWith, - value: { username, password }, - // We shouldn't alter authentication state just yet. - stateless: true, - }); + const authenticationResult = await login(KibanaRequest.from(request), { + provider: providerToLoginWith, + value: { username, password }, + // We shouldn't alter authentication state just yet. + stateless: true, + }); - if (!authenticationResult.succeeded()) { - return Boom.unauthorized(authenticationResult.error); - } - } catch(err) { - throw Boom.forbidden(err); + if (!authenticationResult.succeeded()) { + return Boom.forbidden(authenticationResult.error); } } diff --git a/x-pack/test/api_integration/apis/security/change_password.ts b/x-pack/test/api_integration/apis/security/change_password.ts index f6ddc2a724c39..836fa5e9cf4d1 100644 --- a/x-pack/test/api_integration/apis/security/change_password.ts +++ b/x-pack/test/api_integration/apis/security/change_password.ts @@ -39,7 +39,7 @@ export default function({ getService }: FtrProviderContext) { .set('kbn-xsrf', 'xxx') .set('Cookie', sessionCookie.cookieString()) .send({ password: wrongPassword, newPassword }) - .expect(401); + .expect(403); // Let's check that we can't login with wrong password, just in case. await supertest