UNPKG

hapi-auth-keycloak/test/index.entitlement.spec.js

Version:

3.19 kBJavaScriptView Raw

1const nock = require('nock')
2const test = require('ava')
3const helpers = require('./_helpers')
4const fixtures = require('./fixtures')
5
6const cfg = helpers.getOptions({ entitlement: true })
7const targetScope = [...fixtures.targetScope, 'scope:foo.READ', 'scope:foo.WRITE']
8
9test.afterEach.always('reset instances and prototypes', () => {
10  nock.cleanAll()
11})
12
13test('authentication does succeed', async (t) => {
14  const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`)
15
16  helpers.mockEntitlement(200, fixtures.content.rpt)
17
18  const server = await helpers.getServer(cfg)
19  const res = await server.inject(mockReq)
20
21  t.truthy(res)
22  t.is(res.statusCode, 200)
23  t.deepEqual(JSON.parse(res.payload).sort(), targetScope)
24})
25
26test('authentication does succeed – cached', async (t) => {
27  const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`)
28
29  helpers.mockEntitlement(200, fixtures.content.rpt)
30
31  const server = await helpers.getServer(Object.assign({ cache: true }, cfg))
32  const res = await server.inject(mockReq)
33
34  t.truthy(res)
35  t.is(res.statusCode, 200)
36  t.deepEqual(JSON.parse(res.payload).sort(), targetScope)
37})
38
39test('authentication does success – valid roles', async (t) => {
40  const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`, '/role')
41
42  helpers.mockEntitlement(200, fixtures.content.rpt)
43
44  const server = await helpers.getServer(cfg)
45  const res = await server.inject(mockReq)
46
47  t.truthy(res)
48  t.is(res.statusCode, 200)
49  t.deepEqual(JSON.parse(res.payload).sort(), targetScope)
50})
51
52test('authentication does success – valid roles – rpt', async (t) => {
53  const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`, '/role/rpt')
54
55  helpers.mockEntitlement(200, fixtures.content.rpt)
56
57  const server = await helpers.getServer(cfg)
58  const res = await server.inject(mockReq)
59
60  t.truthy(res)
61  t.is(res.statusCode, 200)
62  t.deepEqual(JSON.parse(res.payload).sort(), targetScope)
63})
64
65test('authentication does fail – invalid roles', async (t) => {
66  const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`, '/role/guest')
67
68  helpers.mockEntitlement(200, fixtures.content.rpt)
69
70  const server = await helpers.getServer(cfg)
71  const res = await server.inject(mockReq)
72
73  t.truthy(res)
74  t.is(res.statusCode, 403)
75})
76
77test('authentication does fail – invalid token', async (t) => {
78  const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`)
79
80  helpers.mockEntitlement(400, fixtures.content.rpt)
81
82  const server = await helpers.getServer(cfg)
83  const res = await server.inject(mockReq)
84
85  t.truthy(res)
86  t.is(res.statusCode, 401)
87  t.is(res.headers['www-authenticate'], 'Bearer strategy="keycloak-jwt", reason="Retrieving the RPT failed", error="Invalid credentials"')
88})
89
90test('authentication does fail – invalid header', async (t) => {
91  const mockReq = helpers.mockRequest(fixtures.common.token)
92
93  const server = await helpers.getServer(cfg)
94  const res = await server.inject(mockReq)
95
96  t.truthy(res)
97  t.is(res.statusCode, 401)
98  t.is(res.headers['www-authenticate'], 'Bearer strategy="keycloak-jwt", error="Invalid credentials"')
99})

1	`const nock = require('nock')`
2	`const test = require('ava')`
3	`const helpers = require('./_helpers')`
4	`const fixtures = require('./fixtures')`
5
6	`const cfg = helpers.getOptions({ entitlement: true })`
7	`const targetScope = [...fixtures.targetScope, 'scope:foo.READ', 'scope:foo.WRITE']`
8
9	`test.afterEach.always('reset instances and prototypes', () => {`
10	`nock.cleanAll()`
11	`})`
12
13	`test('authentication does succeed', async (t) => {`
14	const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`)
15
16	`helpers.mockEntitlement(200, fixtures.content.rpt)`
17
18	`const server = await helpers.getServer(cfg)`
19	`const res = await server.inject(mockReq)`
20
21	`t.truthy(res)`
22	`t.is(res.statusCode, 200)`
23	`t.deepEqual(JSON.parse(res.payload).sort(), targetScope)`
24	`})`
25
26	`test('authentication does succeed – cached', async (t) => {`
27	const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`)
28
29	`helpers.mockEntitlement(200, fixtures.content.rpt)`
30
31	`const server = await helpers.getServer(Object.assign({ cache: true }, cfg))`
32	`const res = await server.inject(mockReq)`
33
34	`t.truthy(res)`
35	`t.is(res.statusCode, 200)`
36	`t.deepEqual(JSON.parse(res.payload).sort(), targetScope)`
37	`})`
38
39	`test('authentication does success – valid roles', async (t) => {`
40	const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`, '/role')
41
42	`helpers.mockEntitlement(200, fixtures.content.rpt)`
43
44	`const server = await helpers.getServer(cfg)`
45	`const res = await server.inject(mockReq)`
46
47	`t.truthy(res)`
48	`t.is(res.statusCode, 200)`
49	`t.deepEqual(JSON.parse(res.payload).sort(), targetScope)`
50	`})`
51
52	`test('authentication does success – valid roles – rpt', async (t) => {`
53	const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`, '/role/rpt')
54
55	`helpers.mockEntitlement(200, fixtures.content.rpt)`
56
57	`const server = await helpers.getServer(cfg)`
58	`const res = await server.inject(mockReq)`
59
60	`t.truthy(res)`
61	`t.is(res.statusCode, 200)`
62	`t.deepEqual(JSON.parse(res.payload).sort(), targetScope)`
63	`})`
64
65	`test('authentication does fail – invalid roles', async (t) => {`
66	const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`, '/role/guest')
67
68	`helpers.mockEntitlement(200, fixtures.content.rpt)`
69
70	`const server = await helpers.getServer(cfg)`
71	`const res = await server.inject(mockReq)`
72
73	`t.truthy(res)`
74	`t.is(res.statusCode, 403)`
75	`})`
76
77	`test('authentication does fail – invalid token', async (t) => {`
78	const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('rpt')}`)
79
80	`helpers.mockEntitlement(400, fixtures.content.rpt)`
81
82	`const server = await helpers.getServer(cfg)`
83	`const res = await server.inject(mockReq)`
84
85	`t.truthy(res)`
86	`t.is(res.statusCode, 401)`
87	`t.is(res.headers['www-authenticate'], 'Bearer strategy="keycloak-jwt", reason="Retrieving the RPT failed", error="Invalid credentials"')`
88	`})`
89
90	`test('authentication does fail – invalid header', async (t) => {`
91	`const mockReq = helpers.mockRequest(fixtures.common.token)`
92
93	`const server = await helpers.getServer(cfg)`
94	`const res = await server.inject(mockReq)`
95
96	`t.truthy(res)`
97	`t.is(res.statusCode, 401)`
98	`t.is(res.headers['www-authenticate'], 'Bearer strategy="keycloak-jwt", error="Invalid credentials"')`
99	`})`