1 | const test = require('ava')
|
2 | const helpers = require('./_helpers')
|
3 | const fixtures = require('./fixtures')
|
4 |
|
5 | const cfg = helpers.getOptions({ publicKey: fixtures.common.publicKeyBuffer })
|
6 |
|
7 | test('authentication does succeed', async (t) => {
|
8 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`)
|
9 | const server = await helpers.getServer(cfg)
|
10 | const res = await server.inject(mockReq)
|
11 |
|
12 | t.truthy(res)
|
13 | t.is(res.statusCode, 200)
|
14 | })
|
15 |
|
16 | test('authentication does succeed – cached', async (t) => {
|
17 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`)
|
18 | const server = await helpers.getServer(Object.assign({ cache: true }, cfg))
|
19 | await server.inject(mockReq)
|
20 | const res = await server.inject(mockReq)
|
21 |
|
22 | t.truthy(res)
|
23 | t.is(res.statusCode, 200)
|
24 | })
|
25 |
|
26 | test('authentication does success – valid roles', async (t) => {
|
27 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`, '/role')
|
28 | const server = await helpers.getServer(cfg)
|
29 | const res = await server.inject(mockReq)
|
30 |
|
31 | t.truthy(res)
|
32 | t.is(res.statusCode, 200)
|
33 | })
|
34 |
|
35 | test('authentication does fail – invalid roles', async (t) => {
|
36 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`, '/role/guest')
|
37 | const server = await helpers.getServer(cfg)
|
38 | const res = await server.inject(mockReq)
|
39 |
|
40 | t.truthy(res)
|
41 | t.is(res.statusCode, 403)
|
42 | })
|
43 |
|
44 | test('authentication does fail – expired token', async (t) => {
|
45 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('expired')}`)
|
46 |
|
47 | const server = await helpers.getServer(cfg)
|
48 | const res = await server.inject(mockReq)
|
49 |
|
50 | t.truthy(res)
|
51 | t.is(res.statusCode, 401)
|
52 | t.is(res.headers['www-authenticate'], 'Bearer strategy="keycloak-jwt", reason="invalid token (expired)", error="Invalid credentials"')
|
53 | })
|
54 |
|
55 | test('authentication does fail – invalid header', async (t) => {
|
56 | const mockReq = helpers.mockRequest(fixtures.common.token)
|
57 | const server = await helpers.getServer(cfg)
|
58 | const res = await server.inject(mockReq)
|
59 |
|
60 | t.truthy(res)
|
61 | t.is(res.statusCode, 401)
|
62 | t.is(res.headers['www-authenticate'], 'Bearer strategy="keycloak-jwt", error="Invalid credentials"')
|
63 | })
|