UNPKG

passport-jwt/test/extrators-test.js

Version:

7.89 kBJavaScriptView Raw

1var extract_jwt = require('../lib/extract_jwt'),
2    Request = require('./mock_request');
3
4describe('Token extractor', function() {
5
6    describe('fromHeader', function() {
7
8        var extractor = extract_jwt.fromHeader('test_header');
9
10        it('should return null no when token is present', function() {
11            var req = new Request();
12
13            var token = extractor(req);
14
15            expect(token).to.be.null; 
16        });
17
18
19        it('should return the value from the specified header', function() {
20            var req = new Request();
21            req.headers['test_header'] = 'abcd123'
22
23            var token = extractor(req)
24
25            expect(token).to.equal('abcd123'); 
26        });
27    });
28
29
30    describe('fromBodyField', function() {
31
32        var extractor = extract_jwt.fromBodyField('test_field');
33
34        it('should return null when no body is present', function() {
35            var req = new Request();
36            
37            var token = extractor(req);
38
39            expect(token).to.be.null;
40        });
41
42
43        it('should return null when the specified body field is not present', function() {
44            var req = new Request();
45            req.body = {};
46
47            var token = extractor(req);
48
49            expect(token).to.be.null;
50        });
51
52
53        it('should return the value from the specified body field', function() {
54            var req = new Request();
55            req.body = {};
56            req.body.test_field = 'abcd123';
57
58            var token = extractor(req);
59
60            expect(token).to.equal('abcd123');
61        });
62
63
64        it('should work properly with querystring', function() {
65            var req = new Request();
66            const querystring = require('querystring');
67            req.body = querystring.parse('test_field=abcd123')
68
69            var token = extractor(req);
70
71            expect(token).to.equal('abcd123')
72        });
73    });
74
75
76    describe('fromUrlQueryParameter', function() {
77
78        var extractor = extract_jwt.fromUrlQueryParameter('test_param');
79
80
81        it('should return null when the specified paramter is not present', function() {
82            var req = new Request();
83
84            var token = extractor(req);
85
86            expect(token).to.be.null;
87        });
88
89
90        it('should return the value from the specified parameter', function() {
91            var req = new Request();
92            req.url += '?test_param=abcd123';
93
94            var token = extractor(req);
95
96            expect(token).to.equal('abcd123');
97        });
98    });
99
100
101    describe('fromAuthHeaderWithScheme', function() {
102
103        var extractor = extract_jwt.fromAuthHeaderWithScheme('TEST_SCHEME');
104
105        it('should return null when no auth header is present', function() {
106            var req = new Request();
107
108            var token = extractor(req);
109
110            expect(token).to.be.null;
111        });
112
113
114        it('should return null when the auth header is present but the auth scheme doesnt match', function() {
115            var req = new Request()
116            req.headers['authorization'] = "NOT_TEST_SCHEME abcd123";
117
118            var token = extractor(req);
119
120            expect(token).to.be.null;
121        });
122
123
124        it('should return the value from the authorization header with specified auth scheme', function() {
125            var req = new Request()
126            req.headers['authorization'] = "TEST_SCHEME abcd123";
127
128            var token = extractor(req);
129
130            expect(token).to.equal('abcd123');
131        });
132
133    });
134
135
136    describe('fromAuthHeader', function() {
137        
138        var extractor = extract_jwt.fromAuthHeader();
139
140        it('should return the value from the authorization header with default JWT auth scheme', function() {
141            var req = new Request()
142            req.headers['authorization'] = "JWT abcd123";
143
144            var token = extractor(req);
145
146            expect(token).to.equal('abcd123');
147        });
148
149
150    });
151    
152    describe('fromExtractors', function() {
153
154        it('should raise a type error when the extractor is constructed with a non-array argument', function() {
155            this_should_throw = function() {
156                var extractor = extract_jwt.fromExtractors({})
157            }
158
159            expect(this_should_throw).to.throw(TypeError)
160        });
161
162
163        var extractor = extract_jwt.fromExtractors([extract_jwt.fromAuthHeader(), extract_jwt.fromHeader('authorization')]);
164
165        it('should return null when no extractor extracts token', function() {
166            var req = new Request();
167
168            var token = extractor(req);
169
170            expect(token).to.be.null;
171        });
172
173
174        it('should return token found by least extractor', function() {
175            var req = new Request()
176            req.headers['authorization'] = "abcd123";
177
178            var token = extractor(req);
179
180            expect(token).to.equal('abcd123');
181        });
182
183
184        it('should return token found by first extractor', function() {
185            var req = new Request()
186            req.headers['authorization'] = "JWT abcd123";
187
188            var token = extractor(req);
189
190            expect(token).to.equal('abcd123');
191        });
192
193    });
194
195
196    describe('versionOneCompatibility', function () {
197
198        describe('default behavior', function() {
199
200                var extractor = extract_jwt.versionOneCompatibility({});
201
202                it('should return the token in the default "JWT" auth header', function () {
203                    var req = new Request();
204                    req.headers['authorization'] = "JWT abcd123";
205
206                    var token = extractor(req);
207
208                    expect(token).to.equal('abcd123');
209                });
210
211
212                it('should return the token in the default "auth_token" body field', function () {
213                    var req = new Request();
214                    req.body = {};
215                    req.body['auth_token'] = 'xyzabcd';
216
217                    var token = extractor(req);
218
219                    expect(token).to.equal('xyzabcd');
220                });
221
222
223                it('should return then token in the default "auth_token" query parameter', function () {
224                    var req = new Request();
225                    req.url += '?auth_token=abcd123';
226
227                    var token = extractor(req);
228
229                    expect(token).to.equal('abcd123');
230                });
231        });
232
233
234        describe('user supplied parameters', function() {
235
236            it('should return the token in an auth header with a user specified auth scheme', function() {
237                var opts = { authScheme: 'MY_CUSTOM_AUTH_SCHEME' };
238                var extractor = extract_jwt.versionOneCompatibility(opts);
239                var req = new Request();
240                req.headers['authorization'] = 'MY_CUSTOM_AUTH_SCHEME deadbeef';
241
242                var token = extractor(req);
243
244                expect(token).to.equal('deadbeef');
245            });
246
247
248            it('should return the token in a user supplied body field', function () {
249                var opts = { tokenBodyField: 'CUSTOM_BODY_FIELD' };
250                var extractor = extract_jwt.versionOneCompatibility(opts);
251                var req = new Request();
252                req.body = {};
253                req.body['CUSTOM_BODY_FIELD'] = 'badbeef';
254
255                var token = extractor(req);
256
257                expect(token).to.equal('badbeef');
258            });
259
260
261            it('should return the token in a user specified query parameter', function () {
262                var opts = { tokenQueryParameterName: 'CustomQueryParam' };
263                var extractor = extract_jwt.versionOneCompatibility(opts);
264                var req = new Request();
265                req.url += '?CustomQueryParam=deadbeef';
266
267                var token = extractor(req);
268
269                expect(token).to.equal('deadbeef');
270            });
271
272        });
273
274
275    });
276
277});
278

1	`var extract_jwt = require('../lib/extract_jwt'),`
2	`Request = require('./mock_request');`
3
4	`describe('Token extractor', function() {`
5
6	`describe('fromHeader', function() {`
7
8	`var extractor = extract_jwt.fromHeader('test_header');`
9
10	`it('should return null no when token is present', function() {`
11	`var req = new Request();`
12
13	`var token = extractor(req);`
14
15	`expect(token).to.be.null;`
16	`});`
17
18
19	`it('should return the value from the specified header', function() {`
20	`var req = new Request();`
21	`req.headers['test_header'] = 'abcd123'`
22
23	`var token = extractor(req)`
24
25	`expect(token).to.equal('abcd123');`
26	`});`
27	`});`
28
29
30	`describe('fromBodyField', function() {`
31
32	`var extractor = extract_jwt.fromBodyField('test_field');`
33
34	`it('should return null when no body is present', function() {`
35	`var req = new Request();`
36
37	`var token = extractor(req);`
38
39	`expect(token).to.be.null;`
40	`});`
41
42
43	`it('should return null when the specified body field is not present', function() {`
44	`var req = new Request();`
45	`req.body = {};`
46
47	`var token = extractor(req);`
48
49	`expect(token).to.be.null;`
50	`});`
51
52
53	`it('should return the value from the specified body field', function() {`
54	`var req = new Request();`
55	`req.body = {};`
56	`req.body.test_field = 'abcd123';`
57
58	`var token = extractor(req);`
59
60	`expect(token).to.equal('abcd123');`
61	`});`
62
63
64	`it('should work properly with querystring', function() {`
65	`var req = new Request();`
66	`const querystring = require('querystring');`
67	`req.body = querystring.parse('test_field=abcd123')`
68
69	`var token = extractor(req);`
70
71	`expect(token).to.equal('abcd123')`
72	`});`
73	`});`
74
75
76	`describe('fromUrlQueryParameter', function() {`
77
78	`var extractor = extract_jwt.fromUrlQueryParameter('test_param');`
79
80
81	`it('should return null when the specified paramter is not present', function() {`
82	`var req = new Request();`
83
84	`var token = extractor(req);`
85
86	`expect(token).to.be.null;`
87	`});`
88
89
90	`it('should return the value from the specified parameter', function() {`
91	`var req = new Request();`
92	`req.url += '?test_param=abcd123';`
93
94	`var token = extractor(req);`
95
96	`expect(token).to.equal('abcd123');`
97	`});`
98	`});`
99
100
101	`describe('fromAuthHeaderWithScheme', function() {`
102
103	`var extractor = extract_jwt.fromAuthHeaderWithScheme('TEST_SCHEME');`
104
105	`it('should return null when no auth header is present', function() {`
106	`var req = new Request();`
107
108	`var token = extractor(req);`
109
110	`expect(token).to.be.null;`
111	`});`
112
113
114	`it('should return null when the auth header is present but the auth scheme doesnt match', function() {`
115	`var req = new Request()`
116	`req.headers['authorization'] = "NOT_TEST_SCHEME abcd123";`
117
118	`var token = extractor(req);`
119
120	`expect(token).to.be.null;`
121	`});`
122
123
124	`it('should return the value from the authorization header with specified auth scheme', function() {`
125	`var req = new Request()`
126	`req.headers['authorization'] = "TEST_SCHEME abcd123";`
127
128	`var token = extractor(req);`
129
130	`expect(token).to.equal('abcd123');`
131	`});`
132
133	`});`
134
135
136	`describe('fromAuthHeader', function() {`
137
138	`var extractor = extract_jwt.fromAuthHeader();`
139
140	`it('should return the value from the authorization header with default JWT auth scheme', function() {`
141	`var req = new Request()`
142	`req.headers['authorization'] = "JWT abcd123";`
143
144	`var token = extractor(req);`
145
146	`expect(token).to.equal('abcd123');`
147	`});`
148
149
150	`});`
151
152	`describe('fromExtractors', function() {`
153
154	`it('should raise a type error when the extractor is constructed with a non-array argument', function() {`
155	`this_should_throw = function() {`
156	`var extractor = extract_jwt.fromExtractors({})`
157	`}`
158
159	`expect(this_should_throw).to.throw(TypeError)`
160	`});`
161
162
163	`var extractor = extract_jwt.fromExtractors([extract_jwt.fromAuthHeader(), extract_jwt.fromHeader('authorization')]);`
164
165	`it('should return null when no extractor extracts token', function() {`
166	`var req = new Request();`
167
168	`var token = extractor(req);`
169
170	`expect(token).to.be.null;`
171	`});`
172
173
174	`it('should return token found by least extractor', function() {`
175	`var req = new Request()`
176	`req.headers['authorization'] = "abcd123";`
177
178	`var token = extractor(req);`
179
180	`expect(token).to.equal('abcd123');`
181	`});`
182
183
184	`it('should return token found by first extractor', function() {`
185	`var req = new Request()`
186	`req.headers['authorization'] = "JWT abcd123";`
187
188	`var token = extractor(req);`
189
190	`expect(token).to.equal('abcd123');`
191	`});`
192
193	`});`
194
195
196	`describe('versionOneCompatibility', function () {`
197
198	`describe('default behavior', function() {`
199
200	`var extractor = extract_jwt.versionOneCompatibility({});`
201
202	`it('should return the token in the default "JWT" auth header', function () {`
203	`var req = new Request();`
204	`req.headers['authorization'] = "JWT abcd123";`
205
206	`var token = extractor(req);`
207
208	`expect(token).to.equal('abcd123');`
209	`});`
210
211
212	`it('should return the token in the default "auth_token" body field', function () {`
213	`var req = new Request();`
214	`req.body = {};`
215	`req.body['auth_token'] = 'xyzabcd';`
216
217	`var token = extractor(req);`
218
219	`expect(token).to.equal('xyzabcd');`
220	`});`
221
222
223	`it('should return then token in the default "auth_token" query parameter', function () {`
224	`var req = new Request();`
225	`req.url += '?auth_token=abcd123';`
226
227	`var token = extractor(req);`
228
229	`expect(token).to.equal('abcd123');`
230	`});`
231	`});`
232
233
234	`describe('user supplied parameters', function() {`
235
236	`it('should return the token in an auth header with a user specified auth scheme', function() {`
237	`var opts = { authScheme: 'MY_CUSTOM_AUTH_SCHEME' };`
238	`var extractor = extract_jwt.versionOneCompatibility(opts);`
239	`var req = new Request();`
240	`req.headers['authorization'] = 'MY_CUSTOM_AUTH_SCHEME deadbeef';`
241
242	`var token = extractor(req);`
243
244	`expect(token).to.equal('deadbeef');`
245	`});`
246
247
248	`it('should return the token in a user supplied body field', function () {`
249	`var opts = { tokenBodyField: 'CUSTOM_BODY_FIELD' };`
250	`var extractor = extract_jwt.versionOneCompatibility(opts);`
251	`var req = new Request();`
252	`req.body = {};`
253	`req.body['CUSTOM_BODY_FIELD'] = 'badbeef';`
254
255	`var token = extractor(req);`
256
257	`expect(token).to.equal('badbeef');`
258	`});`
259
260
261	`it('should return the token in a user specified query parameter', function () {`
262	`var opts = { tokenQueryParameterName: 'CustomQueryParam' };`
263	`var extractor = extract_jwt.versionOneCompatibility(opts);`
264	`var req = new Request();`
265	`req.url += '?CustomQueryParam=deadbeef';`
266
267	`var token = extractor(req);`
268
269	`expect(token).to.equal('deadbeef');`
270	`});`
271
272	`});`
273
274
275	`});`
276
277	`});`
278