* Add bcrypt hashing helpers
* SetAdminPassword now hashes the password before saving it
* BasicAuth now compares the bcrypt hash for the password
* Modify migration2 to avoid a double password hash when upgrading
* Add migration for bcrypt hashed password
* Do not show admin password hash as initial value
* Update api tests to compare the bcrypt hash of the admin password instead
* Remove old admin password api tests
---------
Co-authored-by: Gabe Kangas <gabek@real-ity.com>
* feat(api): add server-side caching for requests that could benefit for them
* fix(tests): do not cache responses while in tests
* fix: remove commented out leftover code
* chore(deps): update dependency html-webpack-plugin to v5.5.4
* Bundle embedded web app
* fix: remove caching for web app assets under test
* chore(tests): re-enable temporarily disabled test
* chore(deps): update dependency typescript to v5.3.3
* Bundle embedded web app
* chore(deps): update dependency npm to v10.2.5
* Bundle embedded web app
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Owncast <owncast@owncast.online>
The semantics of the Authorization header are defined by RFC 9110, which says:
> It uses a case-insensitive token to identify the authentication scheme:
Therefore, "bearer", "Bearer", and "bEARER" are equivalent. This patch fixes
the parsing of the Authorization header to check for the Bearer authentication
scheme case insensitively.
I've modified one of the test cases to use lowercase "bearer", so there's test
coverage for this.
* mv automated test cleanup to tools.sh
check media file exists before streaming in test/ocTestStream.sh
fix automatic test ffmpeg detection
mv trap to tools
mv update_storage_config() to tools
enable S3 test
* fix video file check in test/ocTestStream.sh
* cleanup ci
* mv auto test owncast build-run to start_owncast()
* suppress cleanup errors
* fix style
* fix Browser Test paths
* use pull_request event for Browser Tests
* explicitly mention when test is skipped
* refactor shell scripts
* merge testContent.sh into ocContent.sh
* detect ffmpeg
ffmpeg or ffmpeg.exe in path, current dir, or parent dir
* use ocTestStream in api test
* enable verbose logging for api tests
* log ffmpeg version
* change ffmpeg lookup order
* set path properly for using the local ffmpeg
* rm double space from transcoder error logs
* update tests for new video stream
do not test bitrate
* set test stream target to 127.0.0.1
* log ffmpeg path
* update ffmpeg to v4.4.1
* improve logs
* fix ffmpeg installer script
* fix api test runner
* fix logs
* install fonts
* cleanup
* use ocTestStream.sh for all automated tests
* cleanup ocTestStream.sh
* cleanup test/automated/hls/run.sh
* Fix misspell
* fix ffmpeg installer in automated test runners
* spell fix
* cleanup script
* rev quick api tests
* cleanup tmp paths properly in automated tests
* rm unused ffmpeg package
* cleanup
* fix s3 test
* cache ffmpeg bin for automated tests
* shellcheck allow source
* rm missplaced file if backup fails
* use ffmpeg full path
* set lookup path for shellcheck
* merge testContent.sh into ocContent.sh
* detect ffmpeg
ffmpeg or ffmpeg.exe in path, current dir, or parent dir
* use ocTestStream in api test
* enable verbose logging for api tests
* log ffmpeg version
* change ffmpeg lookup order
* set path properly for using the local ffmpeg
* rm double space from transcoder error logs
* update tests for new video stream
do not test bitrate
* set test stream target to 127.0.0.1
* log ffmpeg path
* update ffmpeg to v4.4.1
* improve logs
* fix ffmpeg installer script
* fix api test runner
* fix logs
* install fonts
* cleanup
* use ocTestStream.sh for all automated tests
* cleanup ocTestStream.sh
* cleanup test/automated/hls/run.sh
* Fix misspell
* fix ffmpeg installer in automated test runners
* spell fix
* cleanup script
* rev quick api tests
* cleanup tmp paths properly in automated tests
* rm unused ffmpeg package
* cleanup
* add shellcheck to ci
* test ci
* install bash for shellcheck
* set globstar for bash
* cleanup shell scripts
* do not ignore automated hls tests
* rm legacy build script
* update shell scripts
* cleanup ci
* Fix misspell
* cleanup ci
* fail on curl error in ci
* validate json responses
* update deps
* tmp disable header check
* log all the webfinger fails
refactor and filter more malformed requests
* don't set incorrect serverURL strings
* test failing through admin api
* fix server url in fedi tests
* check response.text
* validate json/xml response of all apis
test Content-Type of api response and cleanup
* improve logs
* fix rebase
* cleanup json parser in api tests
* mark the api tests performed by admin
* Separate check for reading and format of serverURL
* test /federation/user/ with wrong username in ci
* block and unblock ipv6 explicitly
* refactor admin api tests
* use sendAdminPayload() for chatuser tests
* fix sendAdminRequests
* add getAdminResponse() to api test lib/admin.js
* some admin apis don't have response body
* cleanup test/automated/api/chatusers.test.js
* cleanup test/automated/api/chatusers.test.js
use getAdminResponse() to access admin apis
* webfinger query with no resource should get 400
* check valid webfinger query
* test webfinger query
... without acct: or with wrong server
* add test for invalid user query from webfinger
* reorder the tests to decouple from state
cleanup
* rm stable: 'false' from actions/setup-go@v3
* adapt tests from #2369
* set undefined as defaultStreamKey
pass adminpass to sendConfigChangeRequest()
* mv getAdminConfig to api/lib/config.js
* npm install --quiet for automated tests
* refactor tests
separate default values from new ones
* test adminpass change
fix defaultStreamKeys test
* fix defaultStreamKeys
* use getAdminStatus
* mv test/automated/lib/config.js to admin.js
* check default hideViewerCount
cleanup
* test more default options in api
erverName
SServerSummary
yp.instanceUrl
FederationConfig.username
* more testing of default config params
* update reference values for api test