1 | const test = require('ava')
|
2 | const helpers = require('./_helpers')
|
3 | const fixtures = require('./fixtures')
|
4 |
|
5 | const cfg = helpers.getOptions({ publicKey: fixtures.common.publicKeyJwk })
|
6 |
|
7 | test('registration does fail – invalid JWK', async (t) => {
|
8 | await t.throwsAsync(helpers.getServer(helpers.getOptions({ publicKey: fixtures.common.invalidJwk })))
|
9 | })
|
10 |
|
11 | test('authentication does succeed', async (t) => {
|
12 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`)
|
13 | const server = await helpers.getServer(cfg)
|
14 | const res = await server.inject(mockReq)
|
15 |
|
16 | t.truthy(res)
|
17 | t.is(res.statusCode, 200)
|
18 | })
|
19 |
|
20 | test('authentication does succeed – cached', async (t) => {
|
21 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`)
|
22 | const server = await helpers.getServer(Object.assign({ cache: true }, cfg))
|
23 | await server.inject(mockReq)
|
24 | const res = await server.inject(mockReq)
|
25 |
|
26 | t.truthy(res)
|
27 | t.is(res.statusCode, 200)
|
28 | })
|
29 |
|
30 | test('authentication does success – valid roles', async (t) => {
|
31 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`, '/role')
|
32 | const server = await helpers.getServer(cfg)
|
33 | const res = await server.inject(mockReq)
|
34 |
|
35 | t.truthy(res)
|
36 | t.is(res.statusCode, 200)
|
37 | })
|
38 |
|
39 | test('authentication does fail – invalid roles', async (t) => {
|
40 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('current')}`, '/role/guest')
|
41 | const server = await helpers.getServer(cfg)
|
42 | const res = await server.inject(mockReq)
|
43 |
|
44 | t.truthy(res)
|
45 | t.is(res.statusCode, 403)
|
46 | })
|
47 |
|
48 | test('authentication does fail – expired token', async (t) => {
|
49 | const mockReq = helpers.mockRequest(`bearer ${fixtures.composeJwt('expired')}`)
|
50 |
|
51 | const server = await helpers.getServer(cfg)
|
52 | const res = await server.inject(mockReq)
|
53 |
|
54 | t.truthy(res)
|
55 | t.is(res.statusCode, 401)
|
56 | t.is(res.headers['www-authenticate'], 'Bearer strategy="keycloak-jwt", reason="invalid token (expired)", error="Invalid credentials"')
|
57 | })
|
58 |
|
59 | test('authentication does fail – invalid header', async (t) => {
|
60 | const mockReq = helpers.mockRequest(fixtures.common.token)
|
61 | const server = await helpers.getServer(cfg)
|
62 | const res = await server.inject(mockReq)
|
63 |
|
64 | t.truthy(res)
|
65 | t.is(res.statusCode, 401)
|
66 | t.is(res.headers['www-authenticate'], 'Bearer strategy="keycloak-jwt", error="Invalid credentials"')
|
67 | })
|