1 | const nock = require('nock')
|
2 | const test = require('ava')
|
3 | const helpers = require('./_helpers')
|
4 | const fixtures = require('./fixtures')
|
5 |
|
6 | const cfg = helpers.getOptions({ secret: fixtures.common.secret })
|
7 |
|
8 | test.afterEach.always('reset instances and prototypes', () => {
|
9 | nock.cleanAll()
|
10 | })
|
11 |
|
12 | test('server method – authentication does succeed', async (t) => {
|
13 | helpers.mockIntrospect(200, fixtures.content.current)
|
14 |
|
15 | const server = await helpers.getServer(cfg)
|
16 | const res = await server.kjwt.validate(`bearer ${fixtures.composeJwt('current')}`)
|
17 |
|
18 | t.truthy(res)
|
19 | t.truthy(res.credentials)
|
20 | })
|
21 |
|
22 | test('server method – authentication does succeed – cache', async (t) => {
|
23 | helpers.mockIntrospect(200, fixtures.content.current)
|
24 | helpers.mockIntrospect(200, fixtures.content.current)
|
25 |
|
26 | const mockTkn = `bearer ${fixtures.composeJwt('current')}`
|
27 |
|
28 | const server = await helpers.getServer(cfg)
|
29 | await server.kjwt.validate(mockTkn)
|
30 | const res = await server.kjwt.validate(mockTkn)
|
31 |
|
32 | t.truthy(res)
|
33 | t.truthy(res.credentials)
|
34 | })
|
35 |
|
36 | test('server method – authentication does fail – invalid token', async (t) => {
|
37 | helpers.mockIntrospect(200, { active: false })
|
38 |
|
39 | const server = await helpers.getServer(cfg)
|
40 | const err = await t.throwsAsync(server.kjwt.validate(`bearer ${fixtures.composeJwt('current')}`))
|
41 |
|
42 | t.truthy(err)
|
43 | t.truthy(err.isBoom)
|
44 | t.is(err.output.statusCode, 401)
|
45 | t.is(err.output.headers['WWW-Authenticate'], 'Bearer strategy="keycloak-jwt", error="Invalid credentials"')
|
46 | })
|
47 |
|
48 | test('server method – authentication does fail – invalid header', async (t) => {
|
49 | const server = await helpers.getServer(cfg)
|
50 | const err = await t.throwsAsync(server.kjwt.validate(fixtures.composeJwt('current')))
|
51 |
|
52 | t.truthy(err)
|
53 | t.truthy(err.isBoom)
|
54 | t.is(err.output.statusCode, 401)
|
55 | t.is(err.output.headers['WWW-Authenticate'], 'Bearer strategy="keycloak-jwt", error="Invalid credentials"')
|
56 | })
|
57 |
|
58 | test('server method – authentication does fail – error', async (t) => {
|
59 | helpers.mockIntrospect(400, 'an error', true)
|
60 |
|
61 | const server = await helpers.getServer(cfg)
|
62 | const err = await t.throwsAsync(server.kjwt.validate(`bearer ${fixtures.composeJwt('current')}`))
|
63 |
|
64 | t.truthy(err)
|
65 | t.truthy(err.isBoom)
|
66 | t.is(err.output.statusCode, 401)
|
67 | t.is(err.output.headers['WWW-Authenticate'], 'Bearer strategy="keycloak-jwt", error="Invalid credentials"')
|
68 | })
|