UNPKG

passport-jwt/test/strategy-validation-test.js

Version:

5.4 kBJavaScriptView Raw

1var Strategy = require('../lib/strategy')
  , chai = require('chai')
  , test_data = require('./testdata')
  , sinon = require('sinon')
  , extract_jwt = require('../lib/extract_jwt');
6
7describe('Strategy', function() {
8
  describe('calling JWT validation function', function() {
      var strategy;
11
      before(function(done) {
          verifyStub = sinon.stub();
          verifyStub.callsArgWith(1, null, {}, {});
          options = {};
          options.issuer = "TestIssuer";
          options.audience = "TestAudience";
          options.secretOrKey = 'secret';
          options.algorithms = ["HS256", "HS384"];
          options.ignoreExpiration = false;
          options.jwtFromRequest = extract_jwt.fromAuthHeader();
          strategy = new Strategy(options, verifyStub);
23
          Strategy.JwtVerifier = sinon.stub();
          Strategy.JwtVerifier.callsArgWith(3, null, test_data.valid_jwt.payload);
26
          chai.passport.use(strategy)
              .success(function(u, i) {
                  done();
              })
              .req(function(req) {
                  req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;
              })
              .authenticate();
      });
36
37
      it('should call with the right secret as an argument', function() {
          expect(Strategy.JwtVerifier.args[0][1]).to.equal('secret');
      });
41
42
      it('should call with the right issuer option', function() {
          expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;
          expect(Strategy.JwtVerifier.args[0][2].issuer).to.equal('TestIssuer');
      });
47
48
      it('should call with the right audience option', function() {
          expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;
          expect(Strategy.JwtVerifier.args[0][2].audience).to.equal('TestAudience');
      });
53
      it('should call with the right algorithms option', function() {
          expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;
          expect(Strategy.JwtVerifier.args[0][2].algorithms).to.eql(["HS256", "HS384"]);
      });
58
      it('should call with the right ignoreExpiration option', function() {
          expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;
          expect(Strategy.JwtVerifier.args[0][2].ignoreExpiration).to.be.false;
      });
63
  });
65
66
  describe('handling valid jwt', function() {
      var strategy, payload;
69
      before(function(done) {
          strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeader(), secretOrKey: 'secret'}, function(jwt_payload, next) {
              payload = jwt_payload;
              next(null, {}, {});
          });
75
          // Mock successful verification
          Strategy.JwtVerifier = sinon.stub();
          Strategy.JwtVerifier.callsArgWith(3, null, test_data.valid_jwt.payload);
79
          chai.passport.use(strategy)
              .success(function(u, i) {
                  done();
              })
              .req(function(req) {
                  req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;
              })
              .authenticate();
      });
89
90
      it('should call verify with the correct payload', function() {
          expect(payload).to.deep.equal(test_data.valid_jwt.payload);
      });
94
95
  });
97
98
  describe('handling failing jwt', function() {
      var strategy, info;
      var verify_spy = sinon.spy();
102
      before(function(done) {
104
          strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeader(), secretOrKey: 'secret'}, verify_spy);
106
          // Mock errored verification
          Strategy.JwtVerifier = sinon.stub();
          Strategy.JwtVerifier.callsArgWith(3, new Error("jwt expired"), false);
110
          chai.passport.use(strategy)
              .fail(function(i) {
                  info = i;
                  done();
              })
              .req(function(req) {
                  req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;
              })
              .authenticate();
      });
121
122
      it('should not call verify', function() {
          sinon.assert.notCalled(verify_spy);
      });
126
127
      it('should fail with error message.', function() {
          expect(info).to.be.an.object;
          expect(info.message).to.equal('jwt expired');
      });
132
  });
134
135
  describe('handling an invalid authentication header', function() {
      var strategy, info;
      var verify_spy = sinon.spy();
139
      before(function(done) {
141
          strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeader(), secretOrKey: 'secret'}, verify_spy);
143
          chai.passport.use(strategy)
              .fail(function(i) {
                  info = i;
                  done();
              })
              .req(function(req) {
                  req.headers['authorization'] = "malformed";
              })
              .authenticate();
      });
154
155
      it('should not call verify', function() {
          sinon.assert.notCalled(verify_spy);
      });
159
160
      it('should fail with error message.', function() {
          expect(info).to.be.an.object;
          expect(info).to.be.an.instanceof(Error);
      });
165
  });
167
168});

1	`var Strategy = require('../lib/strategy')`
2	`, chai = require('chai')`
3	`, test_data = require('./testdata')`
4	`, sinon = require('sinon')`
5	`, extract_jwt = require('../lib/extract_jwt');`
6
7	`describe('Strategy', function() {`
8
9	`describe('calling JWT validation function', function() {`
10	`var strategy;`
11
12	`before(function(done) {`
13	`verifyStub = sinon.stub();`
14	`verifyStub.callsArgWith(1, null, {}, {});`
15	`options = {};`
16	`options.issuer = "TestIssuer";`
17	`options.audience = "TestAudience";`
18	`options.secretOrKey = 'secret';`
19	`options.algorithms = ["HS256", "HS384"];`
20	`options.ignoreExpiration = false;`
21	`options.jwtFromRequest = extract_jwt.fromAuthHeader();`
22	`strategy = new Strategy(options, verifyStub);`
23
24	`Strategy.JwtVerifier = sinon.stub();`
25	`Strategy.JwtVerifier.callsArgWith(3, null, test_data.valid_jwt.payload);`
26
27	`chai.passport.use(strategy)`
28	`.success(function(u, i) {`
29	`done();`
30	`})`
31	`.req(function(req) {`
32	`req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;`
33	`})`
34	`.authenticate();`
35	`});`
36
37
38	`it('should call with the right secret as an argument', function() {`
39	`expect(Strategy.JwtVerifier.args[0][1]).to.equal('secret');`
40	`});`
41
42
43	`it('should call with the right issuer option', function() {`
44	`expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;`
45	`expect(Strategy.JwtVerifier.args[0][2].issuer).to.equal('TestIssuer');`
46	`});`
47
48
49	`it('should call with the right audience option', function() {`
50	`expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;`
51	`expect(Strategy.JwtVerifier.args[0][2].audience).to.equal('TestAudience');`
52	`});`
53
54	`it('should call with the right algorithms option', function() {`
55	`expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;`
56	`expect(Strategy.JwtVerifier.args[0][2].algorithms).to.eql(["HS256", "HS384"]);`
57	`});`
58
59	`it('should call with the right ignoreExpiration option', function() {`
60	`expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;`
61	`expect(Strategy.JwtVerifier.args[0][2].ignoreExpiration).to.be.false;`
62	`});`
63
64	`});`
65
66
67	`describe('handling valid jwt', function() {`
68	`var strategy, payload;`
69
70	`before(function(done) {`
71	`strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeader(), secretOrKey: 'secret'}, function(jwt_payload, next) {`
72	`payload = jwt_payload;`
73	`next(null, {}, {});`
74	`});`
75
76	`// Mock successful verification`
77	`Strategy.JwtVerifier = sinon.stub();`
78	`Strategy.JwtVerifier.callsArgWith(3, null, test_data.valid_jwt.payload);`
79
80	`chai.passport.use(strategy)`
81	`.success(function(u, i) {`
82	`done();`
83	`})`
84	`.req(function(req) {`
85	`req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;`
86	`})`
87	`.authenticate();`
88	`});`
89
90
91	`it('should call verify with the correct payload', function() {`
92	`expect(payload).to.deep.equal(test_data.valid_jwt.payload);`
93	`});`
94
95
96	`});`
97
98
99	`describe('handling failing jwt', function() {`
100	`var strategy, info;`
101	`var verify_spy = sinon.spy();`
102
103	`before(function(done) {`
104
105	`strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeader(), secretOrKey: 'secret'}, verify_spy);`
106
107	`// Mock errored verification`
108	`Strategy.JwtVerifier = sinon.stub();`
109	`Strategy.JwtVerifier.callsArgWith(3, new Error("jwt expired"), false);`
110
111	`chai.passport.use(strategy)`
112	`.fail(function(i) {`
113	`info = i;`
114	`done();`
115	`})`
116	`.req(function(req) {`
117	`req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;`
118	`})`
119	`.authenticate();`
120	`});`
121
122
123	`it('should not call verify', function() {`
124	`sinon.assert.notCalled(verify_spy);`
125	`});`
126
127
128	`it('should fail with error message.', function() {`
129	`expect(info).to.be.an.object;`
130	`expect(info.message).to.equal('jwt expired');`
131	`});`
132
133	`});`
134
135
136	`describe('handling an invalid authentication header', function() {`
137	`var strategy, info;`
138	`var verify_spy = sinon.spy();`
139
140	`before(function(done) {`
141
142	`strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeader(), secretOrKey: 'secret'}, verify_spy);`
143
144	`chai.passport.use(strategy)`
145	`.fail(function(i) {`
146	`info = i;`
147	`done();`
148	`})`
149	`.req(function(req) {`
150	`req.headers['authorization'] = "malformed";`
151	`})`
152	`.authenticate();`
153	`});`
154
155
156	`it('should not call verify', function() {`
157	`sinon.assert.notCalled(verify_spy);`
158	`});`
159
160
161	`it('should fail with error message.', function() {`
162	`expect(info).to.be.an.object;`
163	`expect(info).to.be.an.instanceof(Error);`
164	`});`
165
166	`});`
167
168	`});`