1 | const hapi = require('@hapi/hapi')
|
2 | const nock = require('nock')
|
3 | const authKeycloak = require('../src')
|
4 | const fixtures = require('./fixtures')
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
|
12 | const defaults = {
|
13 | schemeName: 'keycloak-jwt',
|
14 | decoratorName: 'kjwt',
|
15 | realmUrl: fixtures.common.realmUrl,
|
16 | clientId: fixtures.common.clientId
|
17 | }
|
18 |
|
19 |
|
20 |
|
21 |
|
22 |
|
23 |
|
24 |
|
25 |
|
26 |
|
27 |
|
28 | function getOptions (customs) {
|
29 | return Object.assign({}, defaults, customs)
|
30 | }
|
31 |
|
32 |
|
33 |
|
34 |
|
35 |
|
36 |
|
37 |
|
38 |
|
39 |
|
40 |
|
41 |
|
42 | function mockIntrospect (code, data, isError = false) {
|
43 | const base = nock(fixtures.common.baseUrl)
|
44 | .post(`${fixtures.common.realmPath}${fixtures.common.introspectPath}`)
|
45 |
|
46 | isError ? base.replyWithError(data) : base.reply(code, data)
|
47 | }
|
48 |
|
49 |
|
50 |
|
51 |
|
52 |
|
53 |
|
54 |
|
55 |
|
56 |
|
57 |
|
58 |
|
59 | function mockEntitlement (code, data, isError = false) {
|
60 | const base = nock(fixtures.common.baseUrl)
|
61 | .get(`${fixtures.common.realmPath}${fixtures.common.entitlementPath}`)
|
62 |
|
63 | isError ? base.replyWithError(data) : base.reply(code, data)
|
64 | }
|
65 |
|
66 |
|
67 |
|
68 |
|
69 |
|
70 |
|
71 |
|
72 |
|
73 |
|
74 |
|
75 | function mockApiKey (code, data) {
|
76 | nock('http://barfoo.com').get('/foo/bar').reply(code, data)
|
77 | }
|
78 |
|
79 |
|
80 |
|
81 |
|
82 |
|
83 |
|
84 |
|
85 |
|
86 |
|
87 |
|
88 |
|
89 | function mockRequest (field, url = '/') {
|
90 | return {
|
91 | method: 'GET',
|
92 | url,
|
93 | headers: {
|
94 | authorization: field
|
95 | }
|
96 | }
|
97 | }
|
98 |
|
99 |
|
100 |
|
101 |
|
102 |
|
103 |
|
104 |
|
105 |
|
106 |
|
107 |
|
108 |
|
109 | function log (option, value) {
|
110 | return `${option}: ${value && value.toString()}`
|
111 | }
|
112 |
|
113 |
|
114 |
|
115 |
|
116 |
|
117 |
|
118 |
|
119 |
|
120 |
|
121 | function registerRoutes (server) {
|
122 | server.route([
|
123 | {
|
124 | method: 'GET',
|
125 | path: '/',
|
126 | options: {
|
127 | auth: 'keycloak-jwt',
|
128 | handler (req) {
|
129 | return req.auth.credentials.scope
|
130 | }
|
131 | }
|
132 | },
|
133 | {
|
134 | method: 'GET',
|
135 | path: '/role',
|
136 | options: {
|
137 | auth: {
|
138 | strategies: ['keycloak-jwt'],
|
139 | access: {
|
140 | scope: ['editor']
|
141 | }
|
142 | },
|
143 | handler (req) {
|
144 | return req.auth.credentials.scope
|
145 | }
|
146 | }
|
147 | },
|
148 | {
|
149 | method: 'GET',
|
150 | path: '/role/guest',
|
151 | options: {
|
152 | auth: {
|
153 | strategies: ['keycloak-jwt'],
|
154 | access: {
|
155 | scope: ['guest']
|
156 | }
|
157 | },
|
158 | handler (req) {
|
159 | return req.auth.credentials.scope
|
160 | }
|
161 | }
|
162 | },
|
163 | {
|
164 | method: 'GET',
|
165 | path: '/role/rpt',
|
166 | options: {
|
167 | auth: {
|
168 | strategies: ['keycloak-jwt'],
|
169 | access: {
|
170 | scope: ['scope:foo.READ']
|
171 | }
|
172 | },
|
173 | handler (req) {
|
174 | return req.auth.credentials.scope
|
175 | }
|
176 | }
|
177 | },
|
178 | {
|
179 | method: 'GET',
|
180 | path: '/proxy',
|
181 | options: {
|
182 | handler (req) {
|
183 | return {
|
184 | headers: req.headers,
|
185 | query: req.query
|
186 | }
|
187 | }
|
188 | }
|
189 | },
|
190 | {
|
191 | method: 'GET',
|
192 | path: '/mode-optional',
|
193 | options: {
|
194 | auth: { strategy: 'keycloak-jwt', mode: 'optional' },
|
195 | handler (req) {
|
196 | return {
|
197 | headers: req.headers,
|
198 | query: req.query
|
199 | }
|
200 | }
|
201 | }
|
202 | },
|
203 | {
|
204 | method: 'GET',
|
205 | path: '/mode-try',
|
206 | options: {
|
207 | auth: { strategy: 'keycloak-jwt', mode: 'try' },
|
208 | handler (req) {
|
209 | return {
|
210 | headers: req.headers,
|
211 | query: req.query
|
212 | }
|
213 | }
|
214 | }
|
215 | }
|
216 | ])
|
217 | }
|
218 |
|
219 |
|
220 |
|
221 |
|
222 |
|
223 |
|
224 |
|
225 |
|
226 |
|
227 |
|
228 |
|
229 | async function registerPlugin (server, opts = {}, skipRoutes = false) {
|
230 | const options = { ...defaults, ...opts }
|
231 |
|
232 | await server.register({
|
233 | plugin: authKeycloak,
|
234 | options
|
235 | })
|
236 |
|
237 | server.auth.strategy(options.schemeName, options.schemeName)
|
238 |
|
239 | if (!skipRoutes) {
|
240 | registerRoutes(server)
|
241 | }
|
242 |
|
243 | return server
|
244 | }
|
245 |
|
246 |
|
247 |
|
248 |
|
249 |
|
250 |
|
251 |
|
252 |
|
253 |
|
254 | async function getServer (options) {
|
255 | const server = hapi.server()
|
256 |
|
257 | await server.initialize()
|
258 |
|
259 | if (options === false) {
|
260 | registerRoutes(server)
|
261 | return server
|
262 | }
|
263 |
|
264 | return registerPlugin(server, options)
|
265 | }
|
266 |
|
267 | module.exports = {
|
268 | getOptions,
|
269 | mockIntrospect,
|
270 | mockEntitlement,
|
271 | mockRequest,
|
272 | mockApiKey,
|
273 | log,
|
274 | getServer,
|
275 | registerPlugin
|
276 | }
|