UNPKG

1.7 kBJavaScriptView Raw
1var jwt = require('jsonwebtoken');
2var assert = require('assert');
3
4var expressjwt = require('../lib');
5var UnauthorizedError = require('../lib/errors/UnauthorizedError');
6
7describe('revoked jwts', function(){
8 var secret = 'shhhhhh';
9
10 var revoked_id = '1234'
11
12 var middleware = expressjwt({
13 secret: secret,
14 isRevoked: function(req, payload, done){
15 done(null, payload.jti && payload.jti === revoked_id);
16 }
17 });
18
19 it('should throw if token is revoked', function(){
20 var req = {};
21 var res = {};
22 var token = jwt.sign({ jti: revoked_id, foo: 'bar'}, secret);
23
24 req.headers = {};
25 req.headers.authorization = 'Bearer ' + token;
26
27 middleware(req, res, function(err) {
28 assert.ok(err);
29 assert.equal(err.code, 'revoked_token');
30 assert.equal(err.message, 'The token has been revoked.');
31 });
32 });
33
34 it('should work if token is not revoked', function(){
35 var req = {};
36 var res = {};
37 var token = jwt.sign({ jti: '1233', foo: 'bar'}, secret);
38
39 req.headers = {};
40 req.headers.authorization = 'Bearer ' + token;
41
42 middleware(req, res, function() {
43 assert.equal('bar', req.user.foo);
44 });
45 });
46
47 it('should throw if error occurs checking if token is revoked', function(){
48 var req = {};
49 var res = {};
50 var token = jwt.sign({ jti: revoked_id, foo: 'bar'}, secret);
51
52 req.headers = {};
53 req.headers.authorization = 'Bearer ' + token;
54
55 expressjwt({
56 secret: secret,
57 isRevoked: function(req, payload, done){
58 done(new Error('An error ocurred'));
59 }
60 })(req, res, function(err) {
61 assert.ok(err);
62 assert.equal(err.message, 'An error ocurred');
63 });
64 });
65});
\No newline at end of file