1 | const oauth = require('../oauth/index');
|
2 | const oauthv2 = require('../oauthv2/index');
|
3 |
|
4 | const assert = require('assert');
|
5 | const denv = require('dotenv');
|
6 | denv.config();
|
7 |
|
8 |
|
9 | var oauthConfiigDefaults = {
|
10 | "authorization-header" : "authorization",
|
11 | "api-key-header" : 'x-api-key',
|
12 | "keep-authorization-header" : false,
|
13 | "cacheKey" : false,
|
14 | "gracePeriod" : 0,
|
15 | "allowOAuthOnly" : false,
|
16 | "allowAPIKeyOnly" : false,
|
17 | "productOnly" : false,
|
18 | "tokenCache" : false,
|
19 | "tokenCacheSize" : 100,
|
20 | "allowNoAuthorization" : false,
|
21 | "jwk_keys" : undefined,
|
22 | "request" : undefined
|
23 | }
|
24 |
|
25 |
|
26 | var default_onrequest_cb = (err) => {
|
27 | assert.ok(!(err instanceof Error));
|
28 | done();
|
29 | };
|
30 |
|
31 | var generic_req = {
|
32 | token: {
|
33 | application_name: '0e7762f4-ea67-4cc1-ae4a-21598c35b18f',
|
34 | api_product_list: ['EdgeMicroTestProduct']
|
35 | }
|
36 | }
|
37 |
|
38 | var generic_res = {
|
39 | headers: {},
|
40 | setHeader: (key, val) => {
|
41 | res.headers[key] = val;
|
42 | }
|
43 | }
|
44 |
|
45 |
|
46 |
|
47 |
|
48 |
|
49 |
|
50 | describe('oauth plugins', function() {
|
51 | var plugin = null;
|
52 |
|
53 |
|
54 |
|
55 | before(() => {
|
56 |
|
57 |
|
58 | })
|
59 |
|
60 | beforeEach(() => {
|
61 |
|
62 | process.env.EDGEMICRO_LOCAL_PROXY = "0"
|
63 | process.env.EDGEMICRO_LOCAL = "0"
|
64 | process.env.EDGEMICRO_OPENTRACE = false
|
65 |
|
66 | });
|
67 |
|
68 |
|
69 | after((done) => {
|
70 | if ( plugin ) plugin.shutdown();
|
71 | done();
|
72 | })
|
73 |
|
74 |
|
75 |
|
76 | var config = {
|
77 | "verify_api_key_url":"https://sfeldmanmicro-test.apigee.net/edgemicro-auth/verifyApiKey",
|
78 | "product_to_proxy":{"EdgeMicroTestProduct":["edgemicro_weather"]},
|
79 | "product_to_api_resource":{"EdgeMicroTestProduct":["/hello/blah/*/foo*","/hello/some/**","/hello/blah"]}
|
80 | };
|
81 | var config2 = {
|
82 | "verify_api_key_url":"https://sfeldmanmicro-test.apigee.net/edgemicro-auth/verifyApiKey",
|
83 | "product_to_proxy":{"EdgeMicroTestProduct":["edgemicro_weather"]},
|
84 | "product_to_api_resource":{"EdgeMicroTestProduct":[]}
|
85 | };
|
86 | var config3 = {
|
87 | "verify_api_key_url":"https://sfeldmanmicro-test.apigee.net/edgemicro-auth/verifyApiKey",
|
88 | "product_to_proxy":{"EdgeMicroTestProduct":["edgemicro_weather"]},
|
89 | "product_to_api_resource":{"EdgeMicroTestProduct":["/blah/*/foo*","/some/**","blah"]}
|
90 | };
|
91 |
|
92 | var proxy = {name:'edgemicro_weather',base_path:'/hello'}
|
93 | var token = {api_product_list:['EdgeMicroTestProduct']}
|
94 |
|
95 | var auths = [oauth, oauthv2]
|
96 |
|
97 | auths.forEach(authMod => {
|
98 |
|
99 |
|
100 | var tests = authMod.tests;
|
101 |
|
102 | var authObj = null;
|
103 |
|
104 | it('initialize the base class without error',(done) => {
|
105 | if ( authMod == oauth ) {
|
106 |
|
107 | var logger = {};
|
108 | var stats = {};
|
109 |
|
110 | authObj = tests.initTest('oauth',oauthConfiigDefaults, logger, stats)
|
111 | } else {
|
112 | var logger = {};
|
113 | var stats = {};
|
114 |
|
115 | authObj = tests.initTest('oauthv2',oauthConfiigDefaults, logger, stats)
|
116 | }
|
117 |
|
118 | done();
|
119 | })
|
120 |
|
121 | it('will not initialize without a well formed config',(done) => {
|
122 | var checkObj = {
|
123 | 'a' : 1,
|
124 | 'b' : 2,
|
125 | 'c' : 3,
|
126 | 'd' : 4,
|
127 | 'e' : 5,
|
128 | 'f' : 6,
|
129 | }
|
130 |
|
131 | var result = tests.test_objectWithoutProperties(checkObj,['a','c','e'])
|
132 |
|
133 | assert(result['a'] === undefined)
|
134 | assert(result['b'] === 2)
|
135 |
|
136 | result = tests.test_objectWithoutProperties(checkObj,['a','c','f'])
|
137 |
|
138 | assert(result['d'] === 4)
|
139 | assert(result['f'] === undefined)
|
140 |
|
141 | done();
|
142 | });
|
143 |
|
144 |
|
145 | it('will not initialize without a well formed config',(done) => {
|
146 | var logger = {};
|
147 | var stats = {};
|
148 |
|
149 | var myplugin = authMod.init(undefined, logger, stats);
|
150 | assert(myplugin === undefined)
|
151 |
|
152 | myplugin = authMod.init(null, logger, stats);
|
153 | assert(myplugin === undefined)
|
154 |
|
155 | done();
|
156 | })
|
157 |
|
158 | it('exposes an onrequest handler', (done) => {
|
159 | var logger = {};
|
160 | var stats = {};
|
161 |
|
162 | var pluginT = authMod.init(oauthConfiigDefaults, logger, stats);
|
163 | assert.ok(pluginT.onrequest);
|
164 |
|
165 | done();
|
166 | });
|
167 |
|
168 | it('runs in local mode',(done) => {
|
169 |
|
170 | process.env.EDGEMICRO_LOCAL = "1"
|
171 | var logger = {};
|
172 | var stats = {};
|
173 |
|
174 | var req = null;
|
175 | var res = null;
|
176 |
|
177 | var myplugin = authMod.init(oauthConfiigDefaults, logger, stats);
|
178 | myplugin.onrequest(req,res,()=>{
|
179 | process.env.EDGEMICRO_LOCAL = "0"
|
180 | assert(true)
|
181 | done();
|
182 | })
|
183 |
|
184 | })
|
185 |
|
186 | it('takes a default config and bad req and res',(done) => {
|
187 |
|
188 | var logger = {};
|
189 | var stats = {};
|
190 | var req = null;
|
191 | var res = null;
|
192 |
|
193 | var cb_called = false;
|
194 |
|
195 | var cb = () => {
|
196 | cb_called = true;
|
197 | assert(false)
|
198 | done();
|
199 | }
|
200 |
|
201 | try {
|
202 | var pluginT = authMod.init(oauthConfiigDefaults, logger, stats);
|
203 | pluginT.onrequest(req,res,cb)
|
204 | if ( !cb_called ) {
|
205 | assert(true);
|
206 | }
|
207 | req = {}
|
208 | res = {}
|
209 | pluginT.onrequest(req,res,cb)
|
210 | if ( !cb_called ) {
|
211 | assert(true);
|
212 | done();
|
213 | }
|
214 |
|
215 | } catch(e) {
|
216 | console.log(e);
|
217 | assert(false)
|
218 | done()
|
219 | }
|
220 |
|
221 | })
|
222 |
|
223 | it('req and res are empty and default config ', (done) => {
|
224 |
|
225 | var logger = {};
|
226 | var stats = {};
|
227 |
|
228 | var req = {
|
229 | headers : {}
|
230 | };
|
231 | var res = {};
|
232 |
|
233 | process.env.EDGEMICRO_LOCAL_PROXY = "1"
|
234 |
|
235 | var cb_called = false;
|
236 |
|
237 | var cb = () => {
|
238 | cb_called = true;
|
239 | assert(true)
|
240 | done();
|
241 | }
|
242 |
|
243 | try {
|
244 | var pluginT = authMod.init(oauthConfiigDefaults, logger, stats);
|
245 | pluginT.onrequest(req,res,cb)
|
246 | if ( !cb_called ) {
|
247 | assert(false);
|
248 | done();
|
249 | }
|
250 |
|
251 | } catch(e) {
|
252 | console.log(e);
|
253 | assert(false)
|
254 | done()
|
255 | }
|
256 |
|
257 | })
|
258 |
|
259 |
|
260 |
|
261 | })
|
262 |
|
263 |
|
264 |
|
265 | var modules = { "oauth" : oauth, "oauthv2" : oauthv2 }
|
266 | for (var name in modules) {
|
267 |
|
268 | const logger = {}
|
269 | const stats = {}
|
270 |
|
271 | var tests = modules[name].tests;
|
272 |
|
273 | describe(name, function() {
|
274 |
|
275 | var package = modules[name]
|
276 |
|
277 |
|
278 | it('checkIfAuthorized',function (done) {
|
279 |
|
280 | var authObj = tests.initTest('oauth',config, logger, stats)
|
281 |
|
282 | var contains;
|
283 | contains = authObj.checkIfAuthorized('/hello',proxy,token);
|
284 | assert(!contains)
|
285 | contains = authObj.checkIfAuthorized('/hello/blah',proxy,token);
|
286 | assert(contains)
|
287 | contains = authObj.checkIfAuthorized('/hello/blah/somerule/foosomething',proxy,token);
|
288 | assert(contains)
|
289 | contains = authObj.checkIfAuthorized('/hello/blah/somerule/ifoosomething',proxy,token);
|
290 | assert(!contains)
|
291 | contains = authObj.checkIfAuthorized('/hello/some/somerule/foosomething',proxy,token);
|
292 | assert(contains)
|
293 | done()
|
294 | })
|
295 |
|
296 | it('checkIfAuthorizedNoConfig',function (done) {
|
297 |
|
298 | var authObj = tests.initTest('oauth',config2, logger, stats)
|
299 |
|
300 | var contains;
|
301 | contains = authObj.checkIfAuthorized('/hello',proxy,token);
|
302 | assert(contains)
|
303 | contains = authObj.checkIfAuthorized('/hello/blah',proxy,token);
|
304 | assert(contains)
|
305 | contains = authObj.checkIfAuthorized('/hello/blah/somerule/foosomething',proxy,token);
|
306 | assert(contains)
|
307 | contains = authObj.checkIfAuthorized('/hello/blah/somerule/ifoosomething',proxy,token);
|
308 | assert(contains)
|
309 | contains = authObj.checkIfAuthorized('/hello/some/somerule/foosomething',proxy,token);
|
310 | assert(contains)
|
311 | done()
|
312 | })
|
313 |
|
314 | it('checkIfAuthorized3',function (done) {
|
315 |
|
316 | var authObj = tests.initTest('oauth',config3, logger, stats)
|
317 |
|
318 | var contains;
|
319 | contains = authObj.checkIfAuthorized('/hello',proxy,token);
|
320 | assert(!contains)
|
321 | contains = authObj.checkIfAuthorized('/hello/blah',proxy,token);
|
322 | assert(contains)
|
323 | contains = authObj.checkIfAuthorized('/hello/blah/somerule/foosomething',proxy,token);
|
324 | assert(contains)
|
325 | contains = authObj.checkIfAuthorized('/hello/blah/somerule/ifoosomething',proxy,token);
|
326 | assert(!contains)
|
327 | contains = authObj.checkIfAuthorized('/hello/some/somerule/foosomething',proxy,token);
|
328 | assert(contains)
|
329 | done()
|
330 |
|
331 | })
|
332 |
|
333 |
|
334 | it('exposes an onrequest handler', function() {
|
335 | var config = {}
|
336 | var plugin = package.init.apply(null, [config, logger, stats]);
|
337 | assert.ok(plugin.onrequest);
|
338 | });
|
339 |
|
340 | it('ejectToken where gracePeriod == 0', function() {
|
341 | var config = {
|
342 | allowOAuthOnly: true,
|
343 | allowNoAuthorization: true,
|
344 | gracePeriod: 0,
|
345 | }
|
346 |
|
347 | var plugin = package.init.apply(null, [config, logger, stats])
|
348 | var cb = (err) => {}
|
349 | var req = {headers: {}}
|
350 | var res = {}
|
351 | plugin.onrequest.apply(null, [req, res, cb]);
|
352 |
|
353 | authObj = tests.initTest('oauth',config, logger, stats)
|
354 |
|
355 | var exp = (new Date().getTime() / 1000) + 5
|
356 | assert.ok(!authObj.ejectToken(exp), "should not eject")
|
357 |
|
358 |
|
359 | var exp = new Date().getTime() / 1000 - 5
|
360 | assert.ok(authObj.ejectToken(exp), "should eject")
|
361 | });
|
362 |
|
363 | it('ejectToken where gracePeriod != 0', function() {
|
364 | var config = {
|
365 | allowOAuthOnly: true,
|
366 | allowNoAuthorization: true,
|
367 | gracePeriod: 5,
|
368 | }
|
369 | var plugin = package.init.apply(null, [config, logger, stats])
|
370 |
|
371 | var cb = (err) => {}
|
372 | var req = {headers: {}}
|
373 | var res = {}
|
374 | plugin.onrequest.apply(null, [req, res, cb]);
|
375 |
|
376 | authObj = tests.initTest('oauth',config, logger, stats)
|
377 |
|
378 | var exp = (new Date().getTime() / 1000) + 5
|
379 | assert.ok(!authObj.ejectToken(exp), "should not eject")
|
380 |
|
381 |
|
382 | var exp = new Date().getTime() / 1000 - 3
|
383 | assert.ok(!authObj.ejectToken(exp), "should not eject")
|
384 |
|
385 |
|
386 | var exp = new Date().getTime() / 1000 - 6
|
387 | assert.ok(authObj.ejectToken(exp), "should eject")
|
388 | });
|
389 | })
|
390 | }
|
391 | });
|