1 | var Strategy = require('../lib/strategy')
|
2 | , chai = require('chai')
|
3 | , sinon = require('sinon')
|
4 | , test_data= require('./testdata');
|
5 |
|
6 |
|
7 | describe('Strategy', function() {
|
8 |
|
9 | var mockVerifier = null;
|
10 |
|
11 | before(function() {
|
12 |
|
13 |
|
14 | mockVerifier = sinon.stub();
|
15 | mockVerifier.callsArgWith(3, null, test_data.valid_jwt.payload);
|
16 | Strategy.JwtVerifier = mockVerifier;
|
17 | });
|
18 |
|
19 | describe('handling request with JWT in header', function() {
|
20 | var strategy;
|
21 |
|
22 | before(function(done) {
|
23 | strategy = new Strategy({secretOrKey: 'secret'}, function(jwt_payload, next) {
|
24 |
|
25 | return next(null, {}, {});
|
26 | });
|
27 |
|
28 | mockVerifier.reset();
|
29 |
|
30 | chai.passport.use(strategy)
|
31 | .success(function(u, i) {
|
32 | done();
|
33 | })
|
34 | .req(function(req) {
|
35 | req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;
|
36 | })
|
37 | .authenticate();
|
38 | });
|
39 |
|
40 | it("verifies the right jwt", function() {
|
41 | sinon.assert.calledOnce(mockVerifier);
|
42 | expect(mockVerifier.args[0][0]).to.equal(test_data.valid_jwt.token);
|
43 | });
|
44 |
|
45 | });
|
46 |
|
47 |
|
48 | describe('handling request with JWT in body', function() {
|
49 | var strategy;
|
50 |
|
51 | before(function(done) {
|
52 | strategy = new Strategy({secretOrKey: 'secret'}, function(jwt_payload, next) {
|
53 |
|
54 | return next(null, {}, {});
|
55 | });
|
56 |
|
57 | mockVerifier.reset();
|
58 |
|
59 | chai.passport.use(strategy)
|
60 | .success(function(u, i) {
|
61 | done();
|
62 | })
|
63 | .req(function(req) {
|
64 | req.body = {}
|
65 | req.body.auth_token = test_data.valid_jwt.token;
|
66 | })
|
67 | .authenticate();
|
68 | });
|
69 |
|
70 |
|
71 | it("verifies the right jwt", function() {
|
72 | sinon.assert.calledOnce(mockVerifier);
|
73 | expect(mockVerifier.args[0][0]).to.equal(test_data.valid_jwt.token);
|
74 | });
|
75 |
|
76 |
|
77 | });
|
78 |
|
79 |
|
80 | describe('handling request with NO JWT', function() {
|
81 |
|
82 | var info;
|
83 |
|
84 | before(function(done) {
|
85 | strategy = new Strategy({secretOrKey: 'secret'}, function(jwt_payload, next) {
|
86 |
|
87 | return next(null, {}, {});
|
88 | });
|
89 |
|
90 | mockVerifier.reset();
|
91 |
|
92 | chai.passport.use(strategy)
|
93 | .fail(function(i) {
|
94 | info = i
|
95 | done();
|
96 | })
|
97 | .req(function(req) {
|
98 | req.body = {}
|
99 | })
|
100 | .authenticate();
|
101 | });
|
102 |
|
103 |
|
104 | it("should fail authentication", function() {
|
105 | expect(info).to.be.an.object;
|
106 | expect(info.message).to.equal("No auth token");
|
107 | });
|
108 |
|
109 |
|
110 | it('Should not try to verify anything', function() {
|
111 | sinon.assert.notCalled(mockVerifier);
|
112 | });
|
113 |
|
114 | });
|
115 |
|
116 |
|
117 | });
|