UNPKG

express-jwt/test/revocation.test.ts

Version:

1.97 kBPlain TextView Raw

1import * as jwt from 'jsonwebtoken';
2import * as express from 'express';
3import { expressjwt, ExpressJwtRequest } from '../src';
4import assert from 'assert';
5
6describe('revoked jwts', function () {
const secret = 'shhhhhh';
8
const revoked_id = '1234'
10
const middleware = expressjwt({
  secret: secret,
  algorithms: ['HS256'],
  isRevoked: async (req, token) => {
    const isRevoked = typeof token.payload !== 'string' &&
      token.payload.jti === revoked_id;
    return isRevoked;
  }
});
20
it('should throw if token is revoked', function () {
  const req = {} as ExpressJwtRequest;
  const res = {} as express.Response;
24
  const token = jwt.sign({ jti: revoked_id, foo: 'bar' }, secret);
26
  req.headers = {};
  req.headers.authorization = 'Bearer ' + token;
29
  middleware(req, res, function (err) {
    assert.ok(err);
    assert.equal(err.code, 'revoked_token');
    assert.equal(err.message, 'The token has been revoked.');
  });
});
36
it('should work if token is not revoked', function () {
  const req = {} as ExpressJwtRequest;
  const res = {} as express.Response;
40
  const token = jwt.sign({ jti: '1233', foo: 'bar' }, secret);
42
  req.headers = {};
  req.headers.authorization = 'Bearer ' + token;
45
  middleware(req, res, function () {
    assert.equal(req.auth.foo, 'bar');
  });
});
50
it('should throw if error occurs checking if token is revoked', function (done) {
  const req = {} as ExpressJwtRequest;
  const res = {} as express.Response;
54
  const token = jwt.sign({ jti: revoked_id, foo: 'bar' }, secret);
56
  req.headers = {};
  req.headers.authorization = 'Bearer ' + token;
59
  expressjwt({
    secret: secret,
    algorithms: ['HS256'],
    isRevoked: async () => {
      throw new Error('An error ocurred');
    }
  })(req, res, function (err) {
    assert.ok(err);
    assert.equal(err.message, 'An error ocurred');
    done();
  });
});
72});

1	`import * as jwt from 'jsonwebtoken';`
2	`import * as express from 'express';`
3	`import { expressjwt, ExpressJwtRequest } from '../src';`
4	`import assert from 'assert';`
5
6	`describe('revoked jwts', function () {`
7	`const secret = 'shhhhhh';`
8
9	`const revoked_id = '1234'`
10
11	`const middleware = expressjwt({`
12	`secret: secret,`
13	`algorithms: ['HS256'],`
14	`isRevoked: async (req, token) => {`
15	`const isRevoked = typeof token.payload !== 'string' &&`
16	`token.payload.jti === revoked_id;`
17	`return isRevoked;`
18	`}`
19	`});`
20
21	`it('should throw if token is revoked', function () {`
22	`const req = {} as ExpressJwtRequest;`
23	`const res = {} as express.Response;`
24
25	`const token = jwt.sign({ jti: revoked_id, foo: 'bar' }, secret);`
26
27	`req.headers = {};`
28	`req.headers.authorization = 'Bearer ' + token;`
29
30	`middleware(req, res, function (err) {`
31	`assert.ok(err);`
32	`assert.equal(err.code, 'revoked_token');`
33	`assert.equal(err.message, 'The token has been revoked.');`
34	`});`
35	`});`
36
37	`it('should work if token is not revoked', function () {`
38	`const req = {} as ExpressJwtRequest;`
39	`const res = {} as express.Response;`
40
41	`const token = jwt.sign({ jti: '1233', foo: 'bar' }, secret);`
42
43	`req.headers = {};`
44	`req.headers.authorization = 'Bearer ' + token;`
45
46	`middleware(req, res, function () {`
47	`assert.equal(req.auth.foo, 'bar');`
48	`});`
49	`});`
50
51	`it('should throw if error occurs checking if token is revoked', function (done) {`
52	`const req = {} as ExpressJwtRequest;`
53	`const res = {} as express.Response;`
54
55	`const token = jwt.sign({ jti: revoked_id, foo: 'bar' }, secret);`
56
57	`req.headers = {};`
58	`req.headers.authorization = 'Bearer ' + token;`
59
60	`expressjwt({`
61	`secret: secret,`
62	`algorithms: ['HS256'],`
63	`isRevoked: async () => {`
64	`throw new Error('An error ocurred');`
65	`}`
66	`})(req, res, function (err) {`
67	`assert.ok(err);`
68	`assert.equal(err.message, 'An error ocurred');`
69	`done();`
70	`});`
71	`});`
72	`});`