@infomaker/service-authorization-lib
Version:
IMID Service Authorization Library
191 lines (167 loc) • 5.54 kB
JavaScript
/*eslint-env node, jasmine, jest */
'use strict'
const jwt = require('jsonwebtoken')
const authLib = require('./../src/index')
const testData = require('./lib/test-data')
const sharedTests = require('./lib/shared-tests')
const MockPlugin = require('./lib/hapi-mock/plugin')
const MockResponseToolkit = require('./lib/hapi-mock/response-toolkit')
const MockRequest = require('./lib/hapi-mock/request')
const hapiPlugin = authLib.hapiPlugin
/**
* Tests specific to Hapi
*/
describe('Hapi specific tests', () => {
it('Name should match on both register.attributes and plugin', () => {
expect(hapiPlugin.name).toEqual(hapiPlugin.register.attributes.name)
})
it('Version should match on both register.attributes and plugin', () => {
expect(hapiPlugin.version).toEqual(hapiPlugin.register.attributes.version)
})
it('Should continue if no auth params are set', async () => {
const plugin = await new MockPlugin(hapiPlugin, {
serviceTokenSignSecret: testData.VALID_SERVICE_TOKEN_SIGN_SECRET,
hapiVersion: '17.0.0'
})
const request = new MockRequest({}, {}, '')
request.route.settings.plugins = {}
const h = MockResponseToolkit()
const expectedResult = 'CALLED'
h.continue = expectedResult
const result = await plugin.onPreHandlerHandler(request, h)
expect(result).toEqual(expectedResult)
})
it('onPreResponse handler should ignore non-sal errors', async () => {
const plugin = await new MockPlugin(hapiPlugin, {
serviceTokenSignSecret: testData.VALID_SERVICE_TOKEN_SIGN_SECRET,
hapiVersion: '17.0.0'
})
const mockRequest = {response: {isBoom: true}}
const h = MockResponseToolkit()
plugin.onPreResponseHandler(mockRequest, h)
expect(h.internals).toEqual({headers: {}, code: 200, err: null, replyData: null})
})
})
/**
* Setup shared tests
*/
const expectFunctionRunner = async ({authParams, noServiceToken=false, serviceToken, serviceTokenPayload, expectFunc, expectFuncParams={}}) => {
if (typeof serviceToken === 'undefined') {
if (typeof serviceTokenPayload === 'undefined') {
serviceTokenPayload = testData.VALID_SERVICE_TOKEN_PAYLOAD_A
}
serviceToken = jwt.sign(serviceTokenPayload, testData.VALID_SERVICE_TOKEN_SIGN_SECRET, {expiresIn: '1h'})
}
return Promise.all([/*'16.0.0', */'17.0.0'].map(async version => {
const plugin = await new MockPlugin(hapiPlugin, {
serviceTokenSignSecret: testData.VALID_SERVICE_TOKEN_SIGN_SECRET,
hapiVersion: version
})
let request
if (noServiceToken) {
request = new MockRequest({}, authParams)
} else {
request = new MockRequest({}, authParams, serviceToken)
expectFuncParams.serviceTokenPayload = serviceTokenPayload
}
const h = MockResponseToolkit()
try {
await plugin.onPreHandlerHandler(request, h)
} catch (err) {
h.unauthenticated(err)
}
if (plugin.onPreResponseHandler) {
if (h.internals.err) {
request.response = h.internals.err
request.response.isBoom = true
}
plugin.onPreResponseHandler(request, h)
}
return expectFunc(request, h, expectFuncParams)
}))
}
const expectValidationError = (request, h, params) => {
expect({
statusCode: h.internals.code,
errorMessage: h.internals.replyData.msg,
internalErrorMessage: h.internals.err.internalData.msg
}).toEqual({
statusCode: 500,
errorMessage: 'Internal Server Error',
internalErrorMessage: params.internalErrorMessage
})
}
const expectAuthError = (request, h, params) => {
let expectedCredentials = null
if (!params.noCredentials) {
expectedCredentials = {
serviceToken: Object.assign({}, params.serviceTokenPayload, {
iat: expect.any(Number),
exp: expect.any(Number)
})
}
}
expect({
credentials: request.auth.credentials,
errorMessage: h.internals.replyData.msg,
errorId: h.internals.replyData.errorId,
statusCode: h.internals.code
}).toEqual({
credentials: expectedCredentials,
errorMessage: params.errorMessage,
errorId: expect.any(String),
statusCode: params.statusCode
})
}
const expectLoginToBeTriggered = (request, h, params) => {
expect({
errorMessage: h.internals.replyData.msg,
statusCode: h.internals.code,
headers: h.internals.headers
}).toEqual({
errorMessage: params.errorMessage,
statusCode: params.statusCode,
headers: {'x-imid-login-redirect-organization': testData.ORG_B}
})
}
const expectSystemError = (request, h, params) => {
expect({
statusCode: h.internals.code,
errorMessage: h.internals.replyData.msg,
internalError: h.internals.err.internalData.originalError
}).toEqual({
statusCode: 500,
errorMessage: 'Internal Server Error',
internalError: params.internalError
})
}
const expectCredentialsToBeAddedToRequest = (request, h, params) => {
expect({
statusCode: h.internals.code,
credentials: request.auth.credentials,
artifacts: request.auth.artifacts
}).toEqual({
statusCode: 200,
credentials: params.credentials,
artifacts: params.artifacts
})
}
const expectModifiedRequest = (request, h, params) => {
expect({
'request.temp': request.temp
}).toEqual({
'request.temp': params.expectedRequestString
})
}
/**
* Shared tests
*/
sharedTests({
expectFunctionRunner,
expectValidationError,
expectAuthError,
expectLoginToBeTriggered,
expectSystemError,
expectCredentialsToBeAddedToRequest,
expectModifiedRequest
})