@berlingske-media/bm.node-module.gateway_jwt/lib/wrappers/rateLimit.test.js

AuthGateway JWT verification library based on public JWKS endpoint

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
const tslib_1 = require("tslib");
const JwksClient_1 = require("../JwksClient");
const errors_1 = require("../errors");
const express_1 = tslib_1.__importDefault(require("express"));
const keys_1 = require("../keys");
describe('JwksClient (rateLimit)', () => {
    const jwksHost = 'http://localhost:5557';
    let server;
    let app;
    beforeAll(() => {
        server = (0, express_1.default)();
        server.get('/.well-known/jwks.json', function (req, res) {
            return res.status(200).json({ keys: keys_1.keys });
        });
        app = server.listen({ port: 5557 });
    });
    afterAll(() => tslib_1.__awaiter(void 0, void 0, void 0, function* () {
        yield new Promise((resolve) => app.close(resolve));
    }));
    describe('#getSigningKeys', () => {
        it('should prevent too many requests', () => tslib_1.__awaiter(void 0, void 0, void 0, function* () {
            const client = new JwksClient_1.JwksClient({
                cache: false,
                rateLimit: true,
                jwksRequestsPerMinute: 1,
                jwksUri: `${jwksHost}/.well-known/jwks.json`,
            });
            const key = yield client.getSigningKey('NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA');
            expect(key.kid).toEqual('NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA');
            try {
                yield client.getSigningKey('NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA');
                throw new Error('should have thrown error');
            }
            catch (err) {
                expect(err).not.toBeNull();
                expect(err instanceof errors_1.JwksRateLimitError).toEqual(true);
            }
        }));
        it('should not prevent cached requests', () => tslib_1.__awaiter(void 0, void 0, void 0, function* () {
            const client = new JwksClient_1.JwksClient({
                cache: true,
                rateLimit: true,
                jwksRequestsPerMinute: 2,
                jwksUri: `${jwksHost}/.well-known/jwks.json`,
            });
            const key = yield client.getSigningKey('NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA');
            expect(key.kid).toEqual('NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA');
            const key2 = yield client.getSigningKey('NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA');
            expect(key2.kid).toEqual('NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA');
            const key3 = yield client.getSigningKey('NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA');
            expect(key3.kid).toEqual('NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA');
            try {
                yield client.getSigningKey('abc');
                throw new Error('should have thrown error');
            }
            catch (err) {
                expect(err).not.toBeNull();
                expect(err instanceof errors_1.SigningKeyNotFoundError).toEqual(true);
            }
            try {
                yield client.getSigningKey('def');
                throw new Error('should have thrown error');
            }
            catch (err) {
                expect(err).not.toBeNull();
                expect(err instanceof errors_1.JwksRateLimitError).toEqual(true);
            }
        }));
    });
});
//# sourceMappingURL=rateLimit.test.js.map