a669c750c8
* Remove Deployment.Client and change Deploy - `Deployment.Client` was used to get pre-registered clients. Now we want tests to register new users for each test, for dirty runs. So swap for `Deployment.Register` everywhere. - `Deploy` was used to deploy a blueprint. We don't want this to enable dirty runs. So replace it with the number of servers you need e.g `Deploy(t, 2)`. * Fix up more broken refactoring * unbreak tests; make user localpart look nicer * Alice and bob must share a room for presence * Fix user directory test * Fix race condition caused by making the room later than before
93 lines
3.6 KiB
Go
93 lines
3.6 KiB
Go
package csapi_tests
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"testing"
|
|
|
|
"github.com/tidwall/gjson"
|
|
|
|
"github.com/matrix-org/complement"
|
|
"github.com/matrix-org/complement/helpers"
|
|
"github.com/matrix-org/complement/match"
|
|
"github.com/matrix-org/complement/must"
|
|
)
|
|
|
|
func TestLogout(t *testing.T) {
|
|
deployment := complement.Deploy(t, 1)
|
|
defer deployment.Destroy(t)
|
|
|
|
password := "superuser"
|
|
verifyClientUser := deployment.Register(t, "hs1", helpers.RegistrationOpts{
|
|
Password: password,
|
|
})
|
|
|
|
// sytest: Can logout current device
|
|
t.Run("Can logout current device", func(t *testing.T) {
|
|
deviceID, clientToLogout := createSession(t, deployment, verifyClientUser.UserID, password)
|
|
res := clientToLogout.MustDo(t, "GET", []string{"_matrix", "client", "v3", "devices"})
|
|
must.MatchResponse(t, res, match.HTTPResponse{
|
|
JSON: []match.JSON{
|
|
match.JSONKeyArrayOfSize("devices", 2),
|
|
},
|
|
})
|
|
res = clientToLogout.MustDo(t, "POST", []string{"_matrix", "client", "v3", "logout"})
|
|
// the session should be invalidated
|
|
res = clientToLogout.Do(t, "GET", []string{"_matrix", "client", "v3", "sync"})
|
|
must.MatchResponse(t, res, match.HTTPResponse{StatusCode: http.StatusUnauthorized})
|
|
// verify with first device
|
|
res = verifyClientUser.MustDo(t, "GET", []string{"_matrix", "client", "v3", "devices"})
|
|
must.MatchResponse(t, res, match.HTTPResponse{
|
|
JSON: []match.JSON{
|
|
match.JSONKeyArrayOfSize("devices", 1),
|
|
match.JSONArrayEach("devices", func(result gjson.Result) error {
|
|
if result.Get("device_id").Str == deviceID {
|
|
return fmt.Errorf("second device still exists")
|
|
}
|
|
return nil
|
|
}),
|
|
},
|
|
})
|
|
})
|
|
// sytest: Can logout all devices
|
|
t.Run("Can logout all devices", func(t *testing.T) {
|
|
_, clientToLogout := createSession(t, deployment, verifyClientUser.UserID, password)
|
|
res := clientToLogout.MustDo(t, "GET", []string{"_matrix", "client", "v3", "devices"})
|
|
must.MatchResponse(t, res, match.HTTPResponse{
|
|
JSON: []match.JSON{
|
|
match.JSONKeyArrayOfSize("devices", 2),
|
|
},
|
|
})
|
|
res = clientToLogout.MustDo(t, "POST", []string{"_matrix", "client", "v3", "logout", "all"})
|
|
must.MatchResponse(t, res, match.HTTPResponse{StatusCode: http.StatusOK})
|
|
// all sessions should be invalidated
|
|
res = clientToLogout.Do(t, "GET", []string{"_matrix", "client", "v3", "sync"})
|
|
must.MatchResponse(t, res, match.HTTPResponse{StatusCode: http.StatusUnauthorized})
|
|
res = verifyClientUser.Do(t, "GET", []string{"_matrix", "client", "v3", "sync"})
|
|
must.MatchResponse(t, res, match.HTTPResponse{StatusCode: http.StatusUnauthorized})
|
|
})
|
|
// sytest: Request to logout with invalid an access token is rejected
|
|
t.Run("Request to logout with invalid an access token is rejected", func(t *testing.T) {
|
|
_, clientToLogout := createSession(t, deployment, verifyClientUser.UserID, password)
|
|
clientToLogout.AccessToken = "invalidAccessToken"
|
|
res := clientToLogout.Do(t, "POST", []string{"_matrix", "client", "v3", "logout"})
|
|
must.MatchResponse(t, res, match.HTTPResponse{
|
|
StatusCode: http.StatusUnauthorized,
|
|
JSON: []match.JSON{
|
|
match.JSONKeyEqual("errcode", "M_UNKNOWN_TOKEN"),
|
|
},
|
|
})
|
|
})
|
|
// sytest: Request to logout without an access token is rejected
|
|
t.Run("Request to logout without an access token is rejected", func(t *testing.T) {
|
|
_, clientToLogout := createSession(t, deployment, verifyClientUser.UserID, password)
|
|
clientToLogout.AccessToken = ""
|
|
res := clientToLogout.Do(t, "POST", []string{"_matrix", "client", "v3", "logout"})
|
|
must.MatchResponse(t, res, match.HTTPResponse{
|
|
StatusCode: http.StatusUnauthorized,
|
|
JSON: []match.JSON{
|
|
match.JSONKeyEqual("errcode", "M_MISSING_TOKEN"),
|
|
},
|
|
})
|
|
})
|
|
}
|