UNPKG

microgateway-plugins/futures/oauth-test.js

Version:

10.5 kBJavaScriptView Raw

1const oauth = require('../oauth/index');
2const oauthv2 = require('../oauthv2/index');
3//
4const assert = require('assert');
5const denv = require('dotenv');
6denv.config();
7
8
9var oauthConfiigDefaults = {
"authorization-header" : "authorization",
"api-key-header" : 'x-api-key',
"keep-authorization-header" : false,
"cacheKey" : false,
"gracePeriod" : 0,
"allowOAuthOnly" : false,
"allowAPIKeyOnly" : false,
"productOnly" : false,
"tokenCache" : false,
"tokenCacheSize" : 100,
"allowNoAuthorization" : false,
"jwk_keys" : undefined,
"request" : undefined
23}
24
25
26var default_onrequest_cb = (err) => {
  assert.ok(!(err instanceof Error));
  done();
29};
30
31var generic_req = {
token: {
  application_name: '0e7762f4-ea67-4cc1-ae4a-21598c35b18f',
  api_product_list: ['EdgeMicroTestProduct']       
}
36}
37
38var generic_res = {
headers: {},
setHeader: (key, val) => {
  res.headers[key] = val;
}
43}
44
45
46// var generic_req_params = [generic_req, generic_res, default_onrequest_cb];
47
48
49
50describe('oauth plugins', function() {
var plugin = null;
52
//this.timout(0)
54
before(() => {
  //
  
})

beforeEach(() => {
  // environment variables....
  process.env.EDGEMICRO_LOCAL_PROXY = "0"
  process.env.EDGEMICRO_LOCAL = "0"
  process.env.EDGEMICRO_OPENTRACE = false
  //
});
67
68
after((done) => {
  if ( plugin ) plugin.shutdown();
  done();
})
73
// unit tests originally in oauth/test/oauth.test
75
var config = {
  "verify_api_key_url":"https://sfeldmanmicro-test.apigee.net/edgemicro-auth/verifyApiKey",
  "product_to_proxy":{"EdgeMicroTestProduct":["edgemicro_weather"]},
  "product_to_api_resource":{"EdgeMicroTestProduct":["/hello/blah/*/foo*","/hello/some/**","/hello/blah"]}
};
var config2 = {
  "verify_api_key_url":"https://sfeldmanmicro-test.apigee.net/edgemicro-auth/verifyApiKey",
  "product_to_proxy":{"EdgeMicroTestProduct":["edgemicro_weather"]},
  "product_to_api_resource":{"EdgeMicroTestProduct":[]}
};
var config3 = {
  "verify_api_key_url":"https://sfeldmanmicro-test.apigee.net/edgemicro-auth/verifyApiKey",
  "product_to_proxy":{"EdgeMicroTestProduct":["edgemicro_weather"]},
  "product_to_api_resource":{"EdgeMicroTestProduct":["/blah/*/foo*","/some/**","blah"]}
};

var proxy = {name:'edgemicro_weather',base_path:'/hello'}
var token = {api_product_list:['EdgeMicroTestProduct']}
94
var auths = [oauth, oauthv2]
96
auths.forEach(authMod => {
98
99
  var tests = authMod.tests;
101
  var authObj = null;
103
  it('initialize the base class without error',(done) => {
    if ( authMod == oauth ) {
106
      var logger = {};
      var stats = {};
      //
      authObj = tests.initTest('oauth',oauthConfiigDefaults, logger, stats)
    } else {
      var logger = {};
      var stats = {};
      //
      authObj = tests.initTest('oauthv2',oauthConfiigDefaults, logger, stats)
    }
117
    done();
  })
120
  it('will not initialize without a well formed config',(done) => {
    var checkObj = {
      'a' : 1,
      'b' : 2,
      'c' : 3,
      'd' : 4,
      'e' : 5,
      'f' : 6,
    }
    //
    var result = tests.test_objectWithoutProperties(checkObj,['a','c','e'])
    //
    assert(result['a'] === undefined)
    assert(result['b'] === 2)
    //
    result = tests.test_objectWithoutProperties(checkObj,['a','c','f'])
    //
    assert(result['d'] === 4)
    assert(result['f'] === undefined)
140
    done();
});
  
144
  it('will not initialize without a well formed config',(done) => {
    var logger = {};
    var stats = {};
148
    var myplugin = authMod.init(undefined, logger, stats);
    assert(myplugin === undefined)
151
    myplugin = authMod.init(null, logger, stats);
    assert(myplugin === undefined)
154
    done();
  })

  it('exposes an onrequest handler', (done) => {
    var logger = {};
    var stats = {};
    //
    var pluginT = authMod.init(oauthConfiigDefaults, logger, stats);
    assert.ok(pluginT.onrequest);
    //
    done();
  });
167
  it('runs in local mode',(done) => {
    //
    process.env.EDGEMICRO_LOCAL = "1"
    var logger = {};
    var stats = {};
173
    var req = null;
    var res = null;
176
    var myplugin = authMod.init(oauthConfiigDefaults, logger, stats);
    myplugin.onrequest(req,res,()=>{
      process.env.EDGEMICRO_LOCAL = "0"
      assert(true)
      done();
    })
183
  })
185
  it('takes a default config and bad req and res',(done) => {
    // 
    var logger = {};
    var stats = {};
    var req = null;
    var res = null;
    //
    var cb_called = false;
    //
    var cb = () => {
      cb_called = true;
      assert(false)
      done();
    }
    //
    try {
      var pluginT = authMod.init(oauthConfiigDefaults, logger, stats);
      pluginT.onrequest(req,res,cb)
      if ( !cb_called ) {
        assert(true);
      }
      req = {}
      res = {}
      pluginT.onrequest(req,res,cb)
      if ( !cb_called ) {
        assert(true);
        done();
      }
    //
    } catch(e) {
      console.log(e);
      assert(false)
      done()
    }
220
  })
222
  it('req and res are empty and default config ', (done) => {
    // 
    var logger = {};
    var stats = {};
    //
    var req = {
      headers : {}
    };
    var res = {};
    //
    process.env.EDGEMICRO_LOCAL_PROXY = "1"
    //
    var cb_called = false;
    //
    var cb = () => {
      cb_called = true;
      assert(true)
      done();
    }
    //
    try {
      var pluginT = authMod.init(oauthConfiigDefaults, logger, stats);
      pluginT.onrequest(req,res,cb)
      if ( !cb_called ) {
        assert(false);
        done();
      }
    //
    } catch(e) {
      console.log(e);
      assert(false)
      done()
    }
256
  })
258
259

})
262
263
// should be identical for these tests
var modules = { "oauth" : oauth, "oauthv2" : oauthv2 }
for (var name in modules) {
267
  const logger = {}
  const stats = {}
270
  var tests = modules[name].tests;
272
  describe(name, function() {
274
    var package = modules[name]
276
277
    it('checkIfAuthorized',function (done) {
279
      var authObj = tests.initTest('oauth',config, logger, stats)
      
      var contains;
      contains = authObj.checkIfAuthorized('/hello',proxy,token);
      assert(!contains)
      contains = authObj.checkIfAuthorized('/hello/blah',proxy,token);
      assert(contains)
      contains = authObj.checkIfAuthorized('/hello/blah/somerule/foosomething',proxy,token);
      assert(contains)
      contains = authObj.checkIfAuthorized('/hello/blah/somerule/ifoosomething',proxy,token);
      assert(!contains)
      contains = authObj.checkIfAuthorized('/hello/some/somerule/foosomething',proxy,token);
      assert(contains)
      done()
    })
295
    it('checkIfAuthorizedNoConfig',function (done) {
297
      var authObj = tests.initTest('oauth',config2, logger, stats)
299
      var contains;
      contains = authObj.checkIfAuthorized('/hello',proxy,token);
      assert(contains)
      contains = authObj.checkIfAuthorized('/hello/blah',proxy,token);
      assert(contains)
      contains = authObj.checkIfAuthorized('/hello/blah/somerule/foosomething',proxy,token);
      assert(contains)
      contains = authObj.checkIfAuthorized('/hello/blah/somerule/ifoosomething',proxy,token);
      assert(contains)
      contains = authObj.checkIfAuthorized('/hello/some/somerule/foosomething',proxy,token);
      assert(contains)
      done()
    })
313
    it('checkIfAuthorized3',function (done) {
315
      var authObj = tests.initTest('oauth',config3, logger, stats)
317
      var contains;
      contains = authObj.checkIfAuthorized('/hello',proxy,token);
      assert(!contains)
      contains = authObj.checkIfAuthorized('/hello/blah',proxy,token);
      assert(contains)
      contains = authObj.checkIfAuthorized('/hello/blah/somerule/foosomething',proxy,token);
      assert(contains)
      contains = authObj.checkIfAuthorized('/hello/blah/somerule/ifoosomething',proxy,token);
      assert(!contains)
      contains = authObj.checkIfAuthorized('/hello/some/somerule/foosomething',proxy,token);
      assert(contains)
      done()
330
    })
    
333
    it('exposes an onrequest handler', function() {
        var config = {}
        var plugin = package.init.apply(null, [config, logger, stats]);
        assert.ok(plugin.onrequest);
      });
    
    it('ejectToken where gracePeriod == 0', function() {
        var config = {
            allowOAuthOnly: true,
            allowNoAuthorization: true,
            gracePeriod: 0,
        }
        
        var plugin = package.init.apply(null, [config, logger, stats])
        var cb = (err) => {}
        var req = {headers: {}}
        var res = {}
        plugin.onrequest.apply(null, [req, res, cb]); // called to init vars
352
        authObj = tests.initTest('oauth',config, logger, stats)
        // not expired
        var exp = (new Date().getTime() / 1000) + 5
        assert.ok(!authObj.ejectToken(exp), "should not eject")
    
        // expired
        var exp = new Date().getTime() / 1000 - 5
        assert.ok(authObj.ejectToken(exp), "should eject")
      });
    
    it('ejectToken where gracePeriod != 0', function() {
        var config = {
            allowOAuthOnly: true,
            allowNoAuthorization: true,
            gracePeriod: 5,
        }
        var plugin = package.init.apply(null, [config, logger, stats])
    
        var cb = (err) => {}
        var req = {headers: {}}
        var res = {}
        plugin.onrequest.apply(null, [req, res, cb]); // called to init vars
    
        authObj = tests.initTest('oauth',config, logger, stats)
        // not expired
        var exp = (new Date().getTime() / 1000) + 5
        assert.ok(!authObj.ejectToken(exp), "should not eject")
    
        // expired, inside of grace period
        var exp = new Date().getTime() / 1000 - 3
        assert.ok(!authObj.ejectToken(exp), "should not eject")
    
        // expired, outside of grace period
        var exp = new Date().getTime() / 1000 - 6
        assert.ok(authObj.ejectToken(exp), "should eject")
      });
  })
}
391});

1	`const oauth = require('../oauth/index');`
2	`const oauthv2 = require('../oauthv2/index');`
3	`//`
4	`const assert = require('assert');`
5	`const denv = require('dotenv');`
6	`denv.config();`
7
8
9	`var oauthConfiigDefaults = {`
10	`"authorization-header" : "authorization",`
11	`"api-key-header" : 'x-api-key',`
12	`"keep-authorization-header" : false,`
13	`"cacheKey" : false,`
14	`"gracePeriod" : 0,`
15	`"allowOAuthOnly" : false,`
16	`"allowAPIKeyOnly" : false,`
17	`"productOnly" : false,`
18	`"tokenCache" : false,`
19	`"tokenCacheSize" : 100,`
20	`"allowNoAuthorization" : false,`
21	`"jwk_keys" : undefined,`
22	`"request" : undefined`
23	`}`
24
25
26	`var default_onrequest_cb = (err) => {`
27	`assert.ok(!(err instanceof Error));`
28	`done();`
29	`};`
30
31	`var generic_req = {`
32	`token: {`
33	`application_name: '0e7762f4-ea67-4cc1-ae4a-21598c35b18f',`
34	`api_product_list: ['EdgeMicroTestProduct']`
35	`}`
36	`}`
37
38	`var generic_res = {`
39	`headers: {},`
40	`setHeader: (key, val) => {`
41	`res.headers[key] = val;`
42	`}`
43	`}`
44
45
46	`// var generic_req_params = [generic_req, generic_res, default_onrequest_cb];`
47
48
49
50	`describe('oauth plugins', function() {`
51	`var plugin = null;`
52
53	`//this.timout(0)`
54
55	`before(() => {`
56	`//`
57
58	`})`
59
60	`beforeEach(() => {`
61	`// environment variables....`
62	`process.env.EDGEMICRO_LOCAL_PROXY = "0"`
63	`process.env.EDGEMICRO_LOCAL = "0"`
64	`process.env.EDGEMICRO_OPENTRACE = false`
65	`//`
66	`});`
67
68
69	`after((done) => {`
70	`if ( plugin ) plugin.shutdown();`
71	`done();`
72	`})`
73
74	`// unit tests originally in oauth/test/oauth.test`
75
76	`var config = {`
77	`"verify_api_key_url":"https://sfeldmanmicro-test.apigee.net/edgemicro-auth/verifyApiKey",`
78	`"product_to_proxy":{"EdgeMicroTestProduct":["edgemicro_weather"]},`
79	`"product_to_api_resource":{"EdgeMicroTestProduct":["/hello/blah//foo","/hello/some/**","/hello/blah"]}`
80	`};`
81	`var config2 = {`
82	`"verify_api_key_url":"https://sfeldmanmicro-test.apigee.net/edgemicro-auth/verifyApiKey",`
83	`"product_to_proxy":{"EdgeMicroTestProduct":["edgemicro_weather"]},`
84	`"product_to_api_resource":{"EdgeMicroTestProduct":[]}`
85	`};`
86	`var config3 = {`
87	`"verify_api_key_url":"https://sfeldmanmicro-test.apigee.net/edgemicro-auth/verifyApiKey",`
88	`"product_to_proxy":{"EdgeMicroTestProduct":["edgemicro_weather"]},`
89	`"product_to_api_resource":{"EdgeMicroTestProduct":["/blah//foo","/some/**","blah"]}`
90	`};`
91
92	`var proxy = {name:'edgemicro_weather',base_path:'/hello'}`
93	`var token = {api_product_list:['EdgeMicroTestProduct']}`
94
95	`var auths = [oauth, oauthv2]`
96
97	`auths.forEach(authMod => {`
98
99
100	`var tests = authMod.tests;`
101
102	`var authObj = null;`
103
104	`it('initialize the base class without error',(done) => {`
105	`if ( authMod == oauth ) {`
106
107	`var logger = {};`
108	`var stats = {};`
109	`//`
110	`authObj = tests.initTest('oauth',oauthConfiigDefaults, logger, stats)`
111	`} else {`
112	`var logger = {};`
113	`var stats = {};`
114	`//`
115	`authObj = tests.initTest('oauthv2',oauthConfiigDefaults, logger, stats)`
116	`}`
117
118	`done();`
119	`})`
120
121	`it('will not initialize without a well formed config',(done) => {`
122	`var checkObj = {`
123	`'a' : 1,`
124	`'b' : 2,`
125	`'c' : 3,`
126	`'d' : 4,`
127	`'e' : 5,`
128	`'f' : 6,`
129	`}`
130	`//`
131	`var result = tests.test_objectWithoutProperties(checkObj,['a','c','e'])`
132	`//`
133	`assert(result['a'] === undefined)`
134	`assert(result['b'] === 2)`
135	`//`
136	`result = tests.test_objectWithoutProperties(checkObj,['a','c','f'])`
137	`//`
138	`assert(result['d'] === 4)`
139	`assert(result['f'] === undefined)`
140
141	`done();`
142	`});`
143
144
145	`it('will not initialize without a well formed config',(done) => {`
146	`var logger = {};`
147	`var stats = {};`
148
149	`var myplugin = authMod.init(undefined, logger, stats);`
150	`assert(myplugin === undefined)`
151
152	`myplugin = authMod.init(null, logger, stats);`
153	`assert(myplugin === undefined)`
154
155	`done();`
156	`})`
157
158	`it('exposes an onrequest handler', (done) => {`
159	`var logger = {};`
160	`var stats = {};`
161	`//`
162	`var pluginT = authMod.init(oauthConfiigDefaults, logger, stats);`
163	`assert.ok(pluginT.onrequest);`
164	`//`
165	`done();`
166	`});`
167
168	`it('runs in local mode',(done) => {`
169	`//`
170	`process.env.EDGEMICRO_LOCAL = "1"`
171	`var logger = {};`
172	`var stats = {};`
173
174	`var req = null;`
175	`var res = null;`
176
177	`var myplugin = authMod.init(oauthConfiigDefaults, logger, stats);`
178	`myplugin.onrequest(req,res,()=>{`
179	`process.env.EDGEMICRO_LOCAL = "0"`
180	`assert(true)`
181	`done();`
182	`})`
183
184	`})`
185
186	`it('takes a default config and bad req and res',(done) => {`
187	`//`
188	`var logger = {};`
189	`var stats = {};`
190	`var req = null;`
191	`var res = null;`
192	`//`
193	`var cb_called = false;`
194	`//`
195	`var cb = () => {`
196	`cb_called = true;`
197	`assert(false)`
198	`done();`
199	`}`
200	`//`
201	`try {`
202	`var pluginT = authMod.init(oauthConfiigDefaults, logger, stats);`
203	`pluginT.onrequest(req,res,cb)`
204	`if ( !cb_called ) {`
205	`assert(true);`
206	`}`
207	`req = {}`
208	`res = {}`
209	`pluginT.onrequest(req,res,cb)`
210	`if ( !cb_called ) {`
211	`assert(true);`
212	`done();`
213	`}`
214	`//`
215	`} catch(e) {`
216	`console.log(e);`
217	`assert(false)`
218	`done()`
219	`}`
220
221	`})`
222
223	`it('req and res are empty and default config ', (done) => {`
224	`//`
225	`var logger = {};`
226	`var stats = {};`
227	`//`
228	`var req = {`
229	`headers : {}`
230	`};`
231	`var res = {};`
232	`//`
233	`process.env.EDGEMICRO_LOCAL_PROXY = "1"`
234	`//`
235	`var cb_called = false;`
236	`//`
237	`var cb = () => {`
238	`cb_called = true;`
239	`assert(true)`
240	`done();`
241	`}`
242	`//`
243	`try {`
244	`var pluginT = authMod.init(oauthConfiigDefaults, logger, stats);`
245	`pluginT.onrequest(req,res,cb)`
246	`if ( !cb_called ) {`
247	`assert(false);`
248	`done();`
249	`}`
250	`//`
251	`} catch(e) {`
252	`console.log(e);`
253	`assert(false)`
254	`done()`
255	`}`
256
257	`})`
258
259
260
261	`})`
262
263
264	`// should be identical for these tests`
265	`var modules = { "oauth" : oauth, "oauthv2" : oauthv2 }`
266	`for (var name in modules) {`
267
268	`const logger = {}`
269	`const stats = {}`
270
271	`var tests = modules[name].tests;`
272
273	`describe(name, function() {`
274
275	`var package = modules[name]`
276
277
278	`it('checkIfAuthorized',function (done) {`
279
280	`var authObj = tests.initTest('oauth',config, logger, stats)`
281
282	`var contains;`
283	`contains = authObj.checkIfAuthorized('/hello',proxy,token);`
284	`assert(!contains)`
285	`contains = authObj.checkIfAuthorized('/hello/blah',proxy,token);`
286	`assert(contains)`
287	`contains = authObj.checkIfAuthorized('/hello/blah/somerule/foosomething',proxy,token);`
288	`assert(contains)`
289	`contains = authObj.checkIfAuthorized('/hello/blah/somerule/ifoosomething',proxy,token);`
290	`assert(!contains)`
291	`contains = authObj.checkIfAuthorized('/hello/some/somerule/foosomething',proxy,token);`
292	`assert(contains)`
293	`done()`
294	`})`
295
296	`it('checkIfAuthorizedNoConfig',function (done) {`
297
298	`var authObj = tests.initTest('oauth',config2, logger, stats)`
299
300	`var contains;`
301	`contains = authObj.checkIfAuthorized('/hello',proxy,token);`
302	`assert(contains)`
303	`contains = authObj.checkIfAuthorized('/hello/blah',proxy,token);`
304	`assert(contains)`
305	`contains = authObj.checkIfAuthorized('/hello/blah/somerule/foosomething',proxy,token);`
306	`assert(contains)`
307	`contains = authObj.checkIfAuthorized('/hello/blah/somerule/ifoosomething',proxy,token);`
308	`assert(contains)`
309	`contains = authObj.checkIfAuthorized('/hello/some/somerule/foosomething',proxy,token);`
310	`assert(contains)`
311	`done()`
312	`})`
313
314	`it('checkIfAuthorized3',function (done) {`
315
316	`var authObj = tests.initTest('oauth',config3, logger, stats)`
317
318	`var contains;`
319	`contains = authObj.checkIfAuthorized('/hello',proxy,token);`
320	`assert(!contains)`
321	`contains = authObj.checkIfAuthorized('/hello/blah',proxy,token);`
322	`assert(contains)`
323	`contains = authObj.checkIfAuthorized('/hello/blah/somerule/foosomething',proxy,token);`
324	`assert(contains)`
325	`contains = authObj.checkIfAuthorized('/hello/blah/somerule/ifoosomething',proxy,token);`
326	`assert(!contains)`
327	`contains = authObj.checkIfAuthorized('/hello/some/somerule/foosomething',proxy,token);`
328	`assert(contains)`
329	`done()`
330
331	`})`
332
333
334	`it('exposes an onrequest handler', function() {`
335	`var config = {}`
336	`var plugin = package.init.apply(null, [config, logger, stats]);`
337	`assert.ok(plugin.onrequest);`
338	`});`
339
340	`it('ejectToken where gracePeriod == 0', function() {`
341	`var config = {`
342	`allowOAuthOnly: true,`
343	`allowNoAuthorization: true,`
344	`gracePeriod: 0,`
345	`}`
346
347	`var plugin = package.init.apply(null, [config, logger, stats])`
348	`var cb = (err) => {}`
349	`var req = {headers: {}}`
350	`var res = {}`
351	`plugin.onrequest.apply(null, [req, res, cb]); // called to init vars`
352
353	`authObj = tests.initTest('oauth',config, logger, stats)`
354	`// not expired`
355	`var exp = (new Date().getTime() / 1000) + 5`
356	`assert.ok(!authObj.ejectToken(exp), "should not eject")`
357
358	`// expired`
359	`var exp = new Date().getTime() / 1000 - 5`
360	`assert.ok(authObj.ejectToken(exp), "should eject")`
361	`});`
362
363	`it('ejectToken where gracePeriod != 0', function() {`
364	`var config = {`
365	`allowOAuthOnly: true,`
366	`allowNoAuthorization: true,`
367	`gracePeriod: 5,`
368	`}`
369	`var plugin = package.init.apply(null, [config, logger, stats])`
370
371	`var cb = (err) => {}`
372	`var req = {headers: {}}`
373	`var res = {}`
374	`plugin.onrequest.apply(null, [req, res, cb]); // called to init vars`
375
376	`authObj = tests.initTest('oauth',config, logger, stats)`
377	`// not expired`
378	`var exp = (new Date().getTime() / 1000) + 5`
379	`assert.ok(!authObj.ejectToken(exp), "should not eject")`
380
381	`// expired, inside of grace period`
382	`var exp = new Date().getTime() / 1000 - 3`
383	`assert.ok(!authObj.ejectToken(exp), "should not eject")`
384
385	`// expired, outside of grace period`
386	`var exp = new Date().getTime() / 1000 - 6`
387	`assert.ok(authObj.ejectToken(exp), "should eject")`
388	`});`
389	`})`
390	`}`
391	`});`