1 | var Strategy = require('../lib/strategy')
|
2 | , chai = require('chai')
|
3 | , sinon = require('sinon')
|
4 | , test_data= require('./testdata')
|
5 | , url = require('url')
|
6 | , extract_jwt = require('../lib/extract_jwt')
|
7 |
|
8 |
|
9 | describe('Strategy', function() {
|
10 |
|
11 | var mockVerifier = null;
|
12 |
|
13 | before(function() {
|
14 |
|
15 |
|
16 | mockVerifier = sinon.stub();
|
17 | mockVerifier.callsArgWith(3, null, test_data.valid_jwt.payload);
|
18 | Strategy.JwtVerifier = mockVerifier;
|
19 | });
|
20 |
|
21 |
|
22 |
|
23 | describe('handling request JWT present in request', function() {
|
24 | var strategy;
|
25 |
|
26 | before(function(done) {
|
27 | strategy = new Strategy({
|
28 | jwtFromRequest: function (r) { return test_data.valid_jwt.token; },
|
29 | secretOrKey: 'secret'
|
30 | },
|
31 | function(jwt_payload, next) {
|
32 |
|
33 | return next(null, {}, {});
|
34 | }
|
35 | );
|
36 |
|
37 | mockVerifier.reset();
|
38 |
|
39 | chai.passport.use(strategy)
|
40 | .success(function(u, i) {
|
41 | done();
|
42 | })
|
43 | .authenticate();
|
44 | });
|
45 |
|
46 |
|
47 | it("verifies the right jwt", function() {
|
48 | sinon.assert.calledOnce(mockVerifier);
|
49 | expect(mockVerifier.args[0][0]).to.equal(test_data.valid_jwt.token);
|
50 | });
|
51 | });
|
52 |
|
53 |
|
54 |
|
55 | describe('handling request with NO JWT', function() {
|
56 |
|
57 | var info;
|
58 |
|
59 | before(function(done) {
|
60 | strategy = new Strategy({jwtFromRequest: function(r) {}, secretOrKey: 'secret'}, function(jwt_payload, next) {
|
61 |
|
62 | return next(null, {}, {});
|
63 | });
|
64 |
|
65 | mockVerifier.reset();
|
66 |
|
67 | chai.passport.use(strategy)
|
68 | .fail(function(i) {
|
69 | info = i
|
70 | done();
|
71 | })
|
72 | .req(function(req) {
|
73 | req.body = {}
|
74 | })
|
75 | .authenticate();
|
76 | });
|
77 |
|
78 |
|
79 | it('should fail authentication', function() {
|
80 | expect(info).to.be.an.object;
|
81 | expect(info.message).to.equal("No auth token");
|
82 | });
|
83 |
|
84 |
|
85 | it('Should not try to verify anything', function() {
|
86 | sinon.assert.notCalled(mockVerifier);
|
87 | });
|
88 |
|
89 | });
|
90 |
|
91 | describe('handling request url set to url.Url instead of string', function() {
|
92 |
|
93 | var info;
|
94 |
|
95 | before(function(done) {
|
96 | strategy = new Strategy({jwtFromRequest: function(r) {}, secretOrKey: 'secret'}, function(jwt_payload, next) {
|
97 |
|
98 | return next(null, {}, {});
|
99 | });
|
100 |
|
101 | mockVerifier.reset();
|
102 |
|
103 | chai.passport.use(strategy)
|
104 | .fail(function(i) {
|
105 | info = i
|
106 | done();
|
107 | })
|
108 | .req(function(req) {
|
109 | req.body = {};
|
110 | req.url = new url.Url('/');
|
111 | })
|
112 | .authenticate();
|
113 | });
|
114 |
|
115 |
|
116 | it('should fail authentication', function() {
|
117 | expect(info).to.be.an.object;
|
118 | expect(info.message).to.equal("No auth token");
|
119 | });
|
120 |
|
121 | });
|
122 |
|
123 |
|
124 | });
|