@infomaker/service-authorization-lib
Version:
IMID Service Authorization Library
167 lines (153 loc) • 4.68 kB
JavaScript
/*eslint-env node, jasmine */
'use strict'
const jwt = require('jsonwebtoken')
const authLib = require('../src/index')
const validators = require('../src/validators')
const testData = require('./lib/test-data')
const sharedTests = require('./lib/shared-tests')
/**
* Tests specific to authorize
*/
describe('Authorize specific tests', () => {
testData.validatorPayloads.map(validatorPayload => {
const validationMessage = validatorPayload.shouldValidate ? 'should pass' : 'should fail'
it(`authParams validation: ${validatorPayload.description} ${validationMessage}`, () => {
validators.authParams.validate(validatorPayload.payload, (err, val) => {
if (validatorPayload.shouldValidate) {
if (typeof val === 'string') {
expect(val).toEqual(expect.any(String))
} else {
expect(val).toEqual(expect.any(Object))
}
} else {
expect(err).toEqual(expect.any(Error))
}
})
})
})
})
/**
* Setup shared tests
*/
const expectFunctionRunner = async ({authParams, noServiceToken=false, serviceToken, serviceTokenPayload, expectFunc, expectFuncParams={}}) => {
if (typeof serviceToken === 'undefined') {
if (typeof serviceTokenPayload === 'undefined') {
serviceTokenPayload = testData.VALID_SERVICE_TOKEN_PAYLOAD_A
}
serviceToken = jwt.sign(serviceTokenPayload, testData.VALID_SERVICE_TOKEN_SIGN_SECRET, {expiresIn: '1h'})
}
const request = {
id: 'mock-request-id',
headers: {
'authorization': 'should be gone',
'x-imid-req-id': 'should be gone',
'x-imid-token': 'should be put in req credentials',
'x-preserve-me': 'should be preserved'
}
}
try {
const params = {
authParams,
unverifiedServiceToken: serviceToken,
imidToken: 'should be put in req credentials',
serviceTokenSignSecret: testData.VALID_SERVICE_TOKEN_SIGN_SECRET,
request
}
if (noServiceToken) {
delete params.unverifiedServiceToken
}
const result = await authLib.authorize(params)
expect(request.headers).toEqual({'x-preserve-me': 'should be preserved'})
return expectFunc(result, expectFuncParams, request)
} catch (err) {
expect({
err,
stack: err ? err.stack : 'no stack'
}).toEqual({
err: null,
stack: err ? err.stack : 'no stack'
})
}
}
const expectValidationError = (result, params, request) => {
expect({
errorId: result.err.errorId,
statusCode: result.err.httpCode,
errorMessage: result.err.message,
internalErrorMessage: result.err.internalData.msg
}).toEqual({
errorId: expect.any(String),
statusCode: 500,
errorMessage: 'Internal Server Error',
internalErrorMessage: params.internalErrorMessage
})
}
const expectAuthError = (result, params, request) => {
expect({
errorId: result.err.errorId,
statusCode: result.err.httpCode,
errorMessage: result.err.message,
}).toEqual({
errorId: expect.any(String),
statusCode: params.statusCode,
errorMessage: params.errorMessage,
})
}
const expectLoginToBeTriggered = (result, params, request) => {
expect({
errorId: result.err.errorId,
statusCode: result.err.httpCode,
errorMessage: result.err.message,
loginRedirectOrg: result.err.internalData.loginRedirectOrg
}).toEqual({
errorId: expect.any(String),
statusCode: params.statusCode,
errorMessage: params.errorMessage,
loginRedirectOrg: params.loginRedirectOrg
})
}
const expectSystemError = (result, params, request) => {
expect({
errorId: result.err.errorId,
statusCode: result.err.httpCode,
errorMessage: result.err.message,
internalError: result.err.internalData.originalError
}).toEqual({
errorId: expect.any(String),
statusCode: 500,
errorMessage: 'Internal Server Error',
internalError: params.internalError
})
}
const expectCredentialsToBeAddedToRequest = (result, params, request) => {
expect({
credentials: result.credentials,
artifacts: result.artifacts,
err: result.err,
errStack: result.err ? result.err.stack : undefined
}).toEqual({
credentials: params.credentials,
artifacts: params.artifacts,
err: undefined,
errStack: undefined
})
}
const expectModifiedRequest = (result, params, request) => {
expect({
'request.temp': request.temp
}).toEqual({
'request.temp': params.expectedRequestString
})
}
/**
* Shared tests
*/
sharedTests({
expectFunctionRunner,
expectValidationError,
expectAuthError,
expectLoginToBeTriggered,
expectSystemError,
expectCredentialsToBeAddedToRequest,
expectModifiedRequest
})