UNPKG

@infomaker/service-authorization-lib

Version:

IMID Service Authorization Library

263 lines (243 loc) 6.88 kB
/*eslint-env node, jasmine */ 'use strict' const authLib = require('../src/index') const jwt = require('jsonwebtoken') const TEST_SERVICE_TOKEN = { org: 'infomaker', sub: 'infomaker_xxxx', unit: 'unit1', permissions: { org: ['orgPermission'], units: { 'unit1': ['unit1permission'], 'unit2': ['unit2permission'], 'unit3': [] } }, service_admin: true, userinfo: { given_name: 'Pelle' } } const createAuthHeader = (payload) => { return `Bearer ${jwt.sign(payload, 'hej')}` } const requestTypes = [{ name: 'Token in authorization header in request', request: { headers: { authorization: createAuthHeader(TEST_SERVICE_TOKEN), otherHeader: '' } } }, { name: 'Token in authorization header in request.raw.req', request: { raw: { req: { headers: { authorization: createAuthHeader(TEST_SERVICE_TOKEN), otherHeader: '' } } } } }, { name: 'Token in request.credentials.serviceToken', request: { headers: { authorization: 'FAKE', otherHeader: '' }, auth: { credentials: { serviceToken: TEST_SERVICE_TOKEN } } } }] describe('Token utils tests: extractImidTokenFromRequest', () => { it('should return null if no IMID token present in request', () => { const mockRequestWithoutImidToken = { headers: { otherHeader: '' }, auth: { credentials: { serviceToken: '' } } } const extractedImidToken = authLib.tokenUtils.extractImidTokenFromRequest(mockRequestWithoutImidToken) expect(extractedImidToken).toEqual(null) }) it('should return IMID token when IMID token in request.auth.credentials', () => { const expectedImidToken = 'xxxx' const mockRequestWithoutImidToken = { headers: { otherHeader: '' }, auth: { credentials: { serviceToken: '', imidToken: expectedImidToken } } } const extractedImidToken = authLib.tokenUtils.extractImidTokenFromRequest(mockRequestWithoutImidToken) expect(extractedImidToken).toEqual(expectedImidToken) }) it('should return IMID token when IMID token in x-imid-token header in request', () => { const expectedImidToken = 'xxxx' const mockRequestWithoutImidToken = { headers: { otherHeader: '', 'x-imid-token': expectedImidToken }, auth: { credentials: { serviceToken: '' } } } const extractedImidToken = authLib.tokenUtils.extractImidTokenFromRequest(mockRequestWithoutImidToken) expect(extractedImidToken).toEqual(expectedImidToken) }) it('should return IMID token when IMID token in x-imid-token header in request.raw.req', () => { const expectedImidToken = 'xxxx' const mockRequestWithoutImidToken = { raw: { req: { headers: { otherHeader: '', 'x-imid-token': expectedImidToken }, auth: { credentials: { serviceToken: '' } } } } } const extractedImidToken = authLib.tokenUtils.extractImidTokenFromRequest(mockRequestWithoutImidToken) expect(extractedImidToken).toEqual(expectedImidToken) }) }) requestTypes.forEach(requestType => { const mockRequestWithToken = requestType.request describe(`Token utils tests with request type: ${requestType.name}`, () => { it('should throw error when no token is present in request', () => { expect.assertions(1) try { authLib.tokenUtils.getSubject({headers: {} }) } catch (err) { expect({ errorMessage: err.message }).toEqual({ errorMessage: 'Service token not present in request' }) } }) it('should be able to get subject', () => { const subject = authLib.tokenUtils.getSubject(mockRequestWithToken) expect({ subject }).toEqual({ subject: TEST_SERVICE_TOKEN.sub }) }) it('should be able to get organization', () => { const organization = authLib.tokenUtils.getOrganization(mockRequestWithToken) expect({ organization }).toEqual({ organization: TEST_SERVICE_TOKEN.org }) }) it('should be able to get units', () => { const units = authLib.tokenUtils.getUnits(mockRequestWithToken) expect({ units }).toEqual({ units: [ 'unit1', 'unit2', 'unit3' ] }) }) it('should be able to get selected unit', () => { const selectedUnit = authLib.tokenUtils.getSelectedUnit(mockRequestWithToken) expect({ selectedUnit }).toEqual({ selectedUnit: 'unit1' }) }) it('should be able to get org permissions', () => { const orgPermissions = authLib.tokenUtils.getOrgPermissions(mockRequestWithToken) expect({ orgPermissions }).toEqual({ orgPermissions: ['orgPermission'] }) }) it('should be able to get unit 1 permissions', () => { const unitPermissions = authLib.tokenUtils.getUnitPermissions(mockRequestWithToken, 'unit1') expect({ unitPermissions }).toEqual({ unitPermissions: [ 'orgPermission', 'unit1permission' ] }) }) it('should be able to get unit 2 permissions', () => { const unitPermissions = authLib.tokenUtils.getUnitPermissions(mockRequestWithToken, 'unit2') expect({ unitPermissions }).toEqual({ unitPermissions: [ 'orgPermission', 'unit2permission' ] }) }) it('should be able to get existing but empty unit 3 permissions (only org permissions)', () => { const unitPermissions = authLib.tokenUtils.getUnitPermissions(mockRequestWithToken, 'unit3') expect({ unitPermissions }).toEqual({ unitPermissions: ['orgPermission'] }) }) it('should be able to get non-existent unit 4 permissions (no permissions)', () => { const unitPermissions = authLib.tokenUtils.getUnitPermissions(mockRequestWithToken, 'unit4') expect({ unitPermissions }).toEqual({ unitPermissions: [] }) }) it('should be able to check if token is service admin', () => { const isServiceAdmin = authLib.tokenUtils.isServiceAdmin(mockRequestWithToken) expect({ isServiceAdmin }).toEqual({ isServiceAdmin: true }) }) it('should be able to get a subject\'s userinfo', () => { const userinfo = authLib.tokenUtils.getUserinfo(mockRequestWithToken) expect({ userinfo }).toEqual({ userinfo: { given_name: 'Pelle' } }) }) }) })