1 | const nock = require('nock')
|
2 | const test = require('ava')
|
3 | const helpers = require('./_helpers')
|
4 | const fixtures = require('./fixtures')
|
5 |
|
6 | const cfg = helpers.getOptions({ secret: fixtures.common.secret })
|
7 |
|
8 | test.afterEach.always('reset instances and prototypes', () => {
|
9 | nock.cleanAll()
|
10 | })
|
11 |
|
12 | test('authentication does succeed', async (t) => {
|
13 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`)
|
14 |
|
15 | helpers.mockIntrospect(200, fixtures.content.current)
|
16 |
|
17 | const server = await helpers.getServer(cfg)
|
18 | const res = await server.inject(mockReq)
|
19 | t.truthy(res)
|
20 | t.is(res.statusCode, 200)
|
21 | })
|
22 |
|
23 | test('authentication does succeed – cached', async (t) => {
|
24 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`)
|
25 |
|
26 | helpers.mockIntrospect(200, fixtures.content.current)
|
27 |
|
28 | const server = await helpers.getServer(Object.assign({ cache: true }, cfg))
|
29 | const res = await server.inject(mockReq)
|
30 |
|
31 | t.truthy(res)
|
32 | t.is(res.statusCode, 200)
|
33 | })
|
34 |
|
35 | test('authentication does success – valid roles', async (t) => {
|
36 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`, '/role')
|
37 |
|
38 | helpers.mockIntrospect(200, fixtures.content.current)
|
39 |
|
40 | const server = await helpers.getServer(cfg)
|
41 | const res = await server.inject(mockReq)
|
42 |
|
43 | t.truthy(res)
|
44 | t.is(res.statusCode, 200)
|
45 | })
|
46 |
|
47 | test('authentication does fail – invalid roles', async (t) => {
|
48 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`, '/role/guest')
|
49 |
|
50 | helpers.mockIntrospect(200, fixtures.content.current)
|
51 |
|
52 | const server = await helpers.getServer(cfg)
|
53 | const res = await server.inject(mockReq)
|
54 |
|
55 | t.truthy(res)
|
56 | t.is(res.statusCode, 403)
|
57 | })
|
58 |
|
59 | test('authentication does fail – invalid token', async (t) => {
|
60 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`)
|
61 |
|
62 | helpers.mockIntrospect(200, { active: false })
|
63 |
|
64 | const server = await helpers.getServer(cfg)
|
65 | const res = await server.inject(mockReq)
|
66 |
|
67 | t.truthy(res)
|
68 | t.is(res.statusCode, 401)
|
69 | t.is(res.headers['www-authenticate'], 'Bearer strategy="keycloak-jwt", error="Invalid credentials"')
|
70 | })
|
71 |
|
72 | test('authentication does fail – invalid header', async (t) => {
|
73 | const mockReq = helpers.mockRequest(fixtures.common.token)
|
74 |
|
75 | const server = await helpers.getServer(cfg)
|
76 | const res = await server.inject(mockReq)
|
77 |
|
78 | t.truthy(res)
|
79 | t.is(res.statusCode, 401)
|
80 | t.is(res.headers['www-authenticate'], 'Bearer strategy="keycloak-jwt", error="Invalid credentials"')
|
81 | })
|