Sravan
/
BizGaze_Remote
Beobachten 0
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Keine Beschreibung
Du kannst nicht mehr als 25 Themen auswählen Themen müssen mit entweder einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
1 Commit
3 Branches
Struktur: b984b55bc0
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „b984b55bc0“
${ noResults }
BizGaze_Remote/server/test/e2e.js

e2e.js 7.3KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164 
  1. // End-to-end test of the backend platform.

  2. // Exercises the full flow: register -> enable MFA -> login (2 steps) ->

  3. // enroll machine -> agent comes online -> technician requests session ->

  4. // consent -> signaling relay -> audit trail. No browser/Electron needed:

  5. // the "agent" and "viewer" are raw WebSocket clients.

  6. 

  7. process.env.DB_PATH = '/tmp/ra-e2e.db';

  8. const fs = require('fs');

  9. for (const f of ['/tmp/ra-e2e.db', '/tmp/ra-e2e.db-wal', '/tmp/ra-e2e.db-shm']) { try { fs.unlinkSync(f); } catch {} }

  10. 

  11. const PORT = 8099;

  12. process.env.PORT = PORT;

  13. const { server } = require('../server');

  14. const A = require('../auth');

  15. const WebSocket = require('ws');

  16. 

  17. const BASE = `http://localhost:${PORT}`;

  18. let passed = 0, failed = 0;

  19. function check(name, cond) {

  20.   if (cond) { console.log('  ok  -', name); passed++; }

  21.   else { console.log('  FAIL-', name); failed++; }

  22. }

  23. 

  24. // minimal cookie-aware fetch

  25. async function call(path, body, cookie) {

  26.   const r = await fetch(BASE + path, {

  27.     method: 'POST',

  28.     headers: { 'Content-Type': 'application/json', ...(cookie ? { Cookie: cookie } : {}) },

  29.     body: body ? JSON.stringify(body) : undefined,

  30.   });

  31.   const setCookie = r.headers.get('set-cookie');

  32.   const data = await r.json().catch(() => ({}));

  33.   return { status: r.status, data, cookie: setCookie ? setCookie.split(';')[0] : cookie };

  34. }

  35. async function get(path, cookie) {

  36.   const r = await fetch(BASE + path, { headers: cookie ? { Cookie: cookie } : {} });

  37.   return { status: r.status, data: await r.json().catch(() => ({})) };

  38. }

  39. const wait = (ms) => new Promise((r) => setTimeout(r, ms));

  40. function wsClient() {

  41.   const ws = new WebSocket(`ws://localhost:${PORT}/ws`);

  42.   ws.q = [];

  43.   ws.on('message', (d) => ws.q.push(JSON.parse(d)));

  44.   return ws;

  45. }

  46. function nextMsg(ws, type, timeout = 3000) {

  47.   return new Promise((resolve, reject) => {

  48.     const start = Date.now();

  49.     (function poll() {

  50.       const i = ws.q.findIndex((m) => m.type === type);

  51.       if (i >= 0) return resolve(ws.q.splice(i, 1)[0]);

  52.       if (Date.now() - start > timeout) return reject(new Error('timeout waiting for ' + type));

  53.       setTimeout(poll, 20);

  54.     })();

  55.   });

  56. }

  57. 

  58. (async () => {

  59.   await wait(300); // let server bind

  60.   console.log('E2E backend tests:');

  61. 

  62.   // 1. Register

  63.   const email = 'tech@example.com';

  64.   const reg = await call('/api/register', { email, password: 'supersecret', teamName: 'Acme IT' });

  65.   check('register returns mfa setup', reg.status === 200 && reg.data.mfaSetup && reg.data.mfaSetup.secret);

  66.   const secret = reg.data.mfaSetup.secret;

  67. 

  68.   // 2. Login before MFA enabled — allowed, mfaRequired=false

  69.   let login = await call('/api/login', { email, password: 'supersecret' });

  70.   check('login sets session cookie', !!login.cookie);

  71. 

  72.   // 3. Enable MFA with a valid TOTP

  73.   const enable = await call('/api/mfa/enable', { email, code: A.totp(secret) });

  74.   check('mfa enable succeeds with valid code', enable.status === 200);

  75.   const badEnable = await call('/api/mfa/enable', { email, code: '000000' });

  76.   check('mfa enable rejects bad code', badEnable.status === 401);

  77. 

  78.   // 4. Fresh login now requires MFA

  79.   login = await call('/api/login', { email, password: 'supersecret' });

  80.   check('login now flags mfaRequired', login.data.mfaRequired === true);

  81.   let cookie = login.cookie;

  82. 

  83.   // 5. Protected route blocked until MFA passed

  84.   const meBlocked = await get('/api/me', cookie);

  85.   check('me blocked before mfa', meBlocked.status === 401);

  86. 

  87.   // 6. Pass MFA

  88.   const mfa = await call('/api/login/mfa', { code: A.totp(secret) }, cookie);

  89.   check('login mfa step succeeds', mfa.status === 200);

  90.   const me = await get('/api/me', cookie);

  91.   check('me works after mfa, role=admin', me.status === 200 && me.data.role === 'admin');

  92. 

  93.   // 7. Wrong password rejected

  94.   const badLogin = await call('/api/login', { email, password: 'wrong' });

  95.   check('wrong password rejected', badLogin.status === 401);

  96. 

  97.   // 8. Enroll a machine (consent-required)

  98.   const mach = await call('/api/machines', { name: 'Dana-Laptop', unattended: false }, cookie);

  99.   check('machine enrolled, returns token', mach.status === 200 && mach.data.enrollToken);

  100.   const enrollToken = mach.data.enrollToken;

  101. 

  102.   // 9. Agent comes online

  103.   const agent = wsClient();

  104.   await new Promise((r) => agent.on('open', r));

  105.   agent.send(JSON.stringify({ type: 'agent-hello', enrollToken }));

  106.   const reg2 = await nextMsg(agent, 'agent-registered');

  107.   check('agent registers via enroll token', reg2.name === 'Dana-Laptop');

  108. 

  109.   // machine shows online in API

  110.   const machines = await get('/api/machines', cookie);

  111.   check('machine reports online', machines.data[0].online === true);

  112. 

  113.   // 10. Technician (viewer) requests a session — needs cookie on the WS upgrade

  114.   const viewer = new WebSocket(`ws://localhost:${PORT}/ws`, { headers: { Cookie: cookie } });

  115.   viewer.q = []; viewer.on('message', (d) => viewer.q.push(JSON.parse(d)));

  116.   await new Promise((r) => viewer.on('open', r));

  117.   viewer.send(JSON.stringify({ type: 'viewer-connect', machineId: machines.data[0].id }));

  118.   const pending = await nextMsg(viewer, 'session-pending');

  119.   check('viewer gets session-pending', !!pending.sessionId);

  120. 

  121.   // 11. Agent receives the consent request

  122.   const reqMsg = await nextMsg(agent, 'session-request');

  123.   check('agent receives session-request with technician email', reqMsg.technician === email);

  124. 

  125.   // 12. Agent grants consent -> both sides proceed

  126.   agent.send(JSON.stringify({ type: 'consent', sessionId: reqMsg.sessionId, granted: true }));

  127.   const ready = await nextMsg(viewer, 'session-ready');

  128.   const startStream = await nextMsg(agent, 'start-stream');

  129.   check('consent grant -> viewer session-ready', !!ready);

  130.   check('consent grant -> agent start-stream', !!startStream);

  131. 

  132.   // 13. Signaling relay: agent offer reaches viewer; viewer answer reaches agent

  133.   agent.send(JSON.stringify({ type: 'offer', sessionId: reqMsg.sessionId, sdp: { fake: 'offer' } }));

  134.   const relayedOffer = await nextMsg(viewer, 'offer');

  135.   check('offer relayed agent->viewer', relayedOffer.sdp.fake === 'offer');

  136.   viewer.send(JSON.stringify({ type: 'answer', sessionId: reqMsg.sessionId, sdp: { fake: 'answer' } }));

  137.   const relayedAnswer = await nextMsg(agent, 'answer');

  138.   check('answer relayed viewer->agent', relayedAnswer.sdp.fake === 'answer');

  139. 

  140.   // 14. End session

  141.   viewer.send(JSON.stringify({ type: 'end-session', sessionId: reqMsg.sessionId }));

  142.   await nextMsg(agent, 'session-ended');

  143.   check('session-ended delivered to agent', true);

  144. 

  145.   // 15. Audit log captured the full flow

  146.   const audit = await get('/api/audit', cookie);

  147.   const actions = audit.data.map((a) => a.action);

  148.   for (const a of ['user_registered', 'login', 'machine_enrolled', 'session_requested', 'consent_granted', 'session_ended']) {

  149.     check(`audit contains "${a}"`, actions.includes(a));

  150.   }

  151. 

  152.   // 16. Denial path

  153.   viewer.send(JSON.stringify({ type: 'viewer-connect', machineId: machines.data[0].id }));

  154.   const pending2 = await nextMsg(viewer, 'session-pending');

  155.   const req2 = await nextMsg(agent, 'session-request');

  156.   agent.send(JSON.stringify({ type: 'consent', sessionId: req2.sessionId, granted: false }));

  157.   const denied = await nextMsg(viewer, 'session-denied');

  158.   check('consent denial -> viewer session-denied', !!denied);

  159. 

  160.   agent.close(); viewer.close();

  161.   console.log(`\n${passed} passed, ${failed} failed.`);

  162.   server.close();

  163.   process.exit(failed ? 1 : 0);

  164. })().catch((e) => { console.error('E2E ERROR:', e); process.exit(1); });