1 | var chai = require('chai')
|
2 | , Strategy = require('../lib/strategy')
|
3 | , test_data = require('./testdata')
|
4 | , sinon = require('sinon')
|
5 | , extract_jwt = require('../lib/extract_jwt');
|
6 |
|
7 |
|
8 | describe('Strategy', function() {
|
9 |
|
10 | before(function() {
|
11 | Strategy.JwtVerifier = sinon.stub();
|
12 | Strategy.JwtVerifier.callsArgWith(3, null, test_data.valid_jwt.payload);
|
13 | });
|
14 |
|
15 | describe('Handling a request with a valid JWT and succesful verification', function() {
|
16 |
|
17 | var strategy, user, info;
|
18 |
|
19 | before(function(done) {
|
20 | strategy = new Strategy({jwtFromRequest:extract_jwt.fromAuthHeader(), secretOrKey: 'secret'}, function(jwt_paylod, next) {
|
21 | return next(null, {user_id: 1234567890}, {foo:'bar'});
|
22 | });
|
23 |
|
24 | chai.passport.use(strategy)
|
25 | .success(function(u, i) {
|
26 | user = u;
|
27 | info = i;
|
28 | done();
|
29 | })
|
30 | .req(function(req) {
|
31 | req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;
|
32 | })
|
33 | .authenticate();
|
34 | });
|
35 |
|
36 |
|
37 | it('should provide a user', function() {
|
38 | expect(user).to.be.an.object;
|
39 | expect(user.user_id).to.equal(1234567890);
|
40 | });
|
41 |
|
42 |
|
43 | it('should forward info', function() {
|
44 | expect(info).to.be.an.object;
|
45 | expect(info.foo).to.equal('bar');
|
46 | });
|
47 |
|
48 | });
|
49 |
|
50 |
|
51 |
|
52 | describe('handling a request with valid jwt and failed verification', function() {
|
53 |
|
54 | var strategy, info;
|
55 |
|
56 | before(function(done) {
|
57 | strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeader(), secretOrKey: 'secret'}, function(jwt_payload, next) {
|
58 | return next(null, false, {message: 'invalid user'});
|
59 | });
|
60 |
|
61 | chai.passport.use(strategy)
|
62 | .fail(function(i) {
|
63 | info = i;
|
64 | done();
|
65 | })
|
66 | .req(function(req) {
|
67 | req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;
|
68 | })
|
69 | .authenticate();
|
70 | });
|
71 |
|
72 |
|
73 | it('should fail with info', function() {
|
74 | expect(info).to.be.an.object;
|
75 | expect(info.message).to.equal('invalid user');
|
76 | });
|
77 |
|
78 | });
|
79 |
|
80 |
|
81 |
|
82 | describe('handling a request with a valid jwt and an error during verification', function() {
|
83 |
|
84 | var strategy, err;
|
85 |
|
86 | before(function(done) {
|
87 | strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeader(), secretOrKey: 'secrety'}, function(jwt_payload, next) {
|
88 | return next(new Error("ERROR"), false, {message: 'invalid user'});
|
89 | });
|
90 |
|
91 | chai.passport.use(strategy)
|
92 | .error(function(e) {
|
93 | err = e;
|
94 | done();
|
95 | })
|
96 | .req(function(req) {
|
97 | req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;
|
98 | })
|
99 | .authenticate();
|
100 | });
|
101 |
|
102 |
|
103 | it('should error', function() {
|
104 | expect(err).to.be.an.instanceof(Error);
|
105 | expect(err.message).to.equal('ERROR');
|
106 | });
|
107 |
|
108 | });
|
109 |
|
110 |
|
111 |
|
112 | describe('handling a request with a valid jwt and an exception during verification', function() {
|
113 | var strategy, err;
|
114 |
|
115 | before(function(done) {
|
116 | strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeader(), secretOrKey: 'secret'}, function(jwt_payload, next) {
|
117 | throw new Error("EXCEPTION");
|
118 | });
|
119 |
|
120 | chai.passport.use(strategy)
|
121 | .error(function(e) {
|
122 | err = e;
|
123 | done();
|
124 | })
|
125 | .req(function(req) {
|
126 | req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;
|
127 | })
|
128 | .authenticate();
|
129 | });
|
130 |
|
131 |
|
132 | it('should error', function() {
|
133 | expect(err).to.be.an.instanceof(Error);
|
134 | expect(err.message).to.equal('EXCEPTION');
|
135 | });
|
136 |
|
137 | });
|
138 |
|
139 |
|
140 |
|
141 | describe('handling a request with a valid jwt and option passReqToCallback is true', function() {
|
142 |
|
143 | var strategy, expected_request, request_arg;
|
144 |
|
145 | before(function(done) {
|
146 | opts = { passReqToCallback: true };
|
147 | opts.secretOrKey = 'secret';
|
148 | opts.jwtFromRequest = extract_jwt.fromAuthHeader();
|
149 | strategy = new Strategy(opts, function(request, jwt_payload, next) {
|
150 |
|
151 | request_arg = request;
|
152 | return next(null, {user_id: 1234567890}, {foo:'bar'});
|
153 | });
|
154 |
|
155 | chai.passport.use(strategy)
|
156 | .success(function(u, i) {
|
157 | done();
|
158 | })
|
159 | .req(function(req) {
|
160 | req.headers['authorization'] = "JWT " + test_data.valid_jwt.token;
|
161 | expected_request = req;
|
162 | })
|
163 | .authenticate();
|
164 | });
|
165 |
|
166 | it('will call verify with request as the first argument', function() {
|
167 | expect(expected_request).to.equal(request_arg);
|
168 | });
|
169 |
|
170 | });
|
171 |
|
172 | });
|