@infomaker/service-authorization-lib
Version:
IMID Service Authorization Library
263 lines (243 loc) • 6.88 kB
JavaScript
/*eslint-env node, jasmine */
'use strict'
const authLib = require('../src/index')
const jwt = require('jsonwebtoken')
const TEST_SERVICE_TOKEN = {
org: 'infomaker',
sub: 'infomaker_xxxx',
unit: 'unit1',
permissions: {
org: ['orgPermission'],
units: {
'unit1': ['unit1permission'],
'unit2': ['unit2permission'],
'unit3': []
}
},
service_admin: true,
userinfo: {
given_name: 'Pelle'
}
}
const createAuthHeader = (payload) => {
return `Bearer ${jwt.sign(payload, 'hej')}`
}
const requestTypes = [{
name: 'Token in authorization header in request',
request: {
headers: {
authorization: createAuthHeader(TEST_SERVICE_TOKEN),
otherHeader: ''
}
}
}, {
name: 'Token in authorization header in request.raw.req',
request: {
raw: {
req: {
headers: {
authorization: createAuthHeader(TEST_SERVICE_TOKEN),
otherHeader: ''
}
}
}
}
}, {
name: 'Token in request.credentials.serviceToken',
request: {
headers: {
authorization: 'FAKE',
otherHeader: ''
},
auth: {
credentials: {
serviceToken: TEST_SERVICE_TOKEN
}
}
}
}]
describe('Token utils tests: extractImidTokenFromRequest', () => {
it('should return null if no IMID token present in request', () => {
const mockRequestWithoutImidToken = {
headers: {
otherHeader: ''
},
auth: {
credentials: {
serviceToken: ''
}
}
}
const extractedImidToken = authLib.tokenUtils.extractImidTokenFromRequest(mockRequestWithoutImidToken)
expect(extractedImidToken).toEqual(null)
})
it('should return IMID token when IMID token in request.auth.credentials', () => {
const expectedImidToken = 'xxxx'
const mockRequestWithoutImidToken = {
headers: {
otherHeader: ''
},
auth: {
credentials: {
serviceToken: '',
imidToken: expectedImidToken
}
}
}
const extractedImidToken = authLib.tokenUtils.extractImidTokenFromRequest(mockRequestWithoutImidToken)
expect(extractedImidToken).toEqual(expectedImidToken)
})
it('should return IMID token when IMID token in x-imid-token header in request', () => {
const expectedImidToken = 'xxxx'
const mockRequestWithoutImidToken = {
headers: {
otherHeader: '',
'x-imid-token': expectedImidToken
},
auth: {
credentials: {
serviceToken: ''
}
}
}
const extractedImidToken = authLib.tokenUtils.extractImidTokenFromRequest(mockRequestWithoutImidToken)
expect(extractedImidToken).toEqual(expectedImidToken)
})
it('should return IMID token when IMID token in x-imid-token header in request.raw.req', () => {
const expectedImidToken = 'xxxx'
const mockRequestWithoutImidToken = {
raw: {
req: {
headers: {
otherHeader: '',
'x-imid-token': expectedImidToken
},
auth: {
credentials: {
serviceToken: ''
}
}
}
}
}
const extractedImidToken = authLib.tokenUtils.extractImidTokenFromRequest(mockRequestWithoutImidToken)
expect(extractedImidToken).toEqual(expectedImidToken)
})
})
requestTypes.forEach(requestType => {
const mockRequestWithToken = requestType.request
describe(`Token utils tests with request type: ${requestType.name}`, () => {
it('should throw error when no token is present in request', () => {
expect.assertions(1)
try {
authLib.tokenUtils.getSubject({headers: {} })
} catch (err) {
expect({
errorMessage: err.message
}).toEqual({
errorMessage: 'Service token not present in request'
})
}
})
it('should be able to get subject', () => {
const subject = authLib.tokenUtils.getSubject(mockRequestWithToken)
expect({
subject
}).toEqual({
subject: TEST_SERVICE_TOKEN.sub
})
})
it('should be able to get organization', () => {
const organization = authLib.tokenUtils.getOrganization(mockRequestWithToken)
expect({
organization
}).toEqual({
organization: TEST_SERVICE_TOKEN.org
})
})
it('should be able to get units', () => {
const units = authLib.tokenUtils.getUnits(mockRequestWithToken)
expect({
units
}).toEqual({
units: [
'unit1',
'unit2',
'unit3'
]
})
})
it('should be able to get selected unit', () => {
const selectedUnit = authLib.tokenUtils.getSelectedUnit(mockRequestWithToken)
expect({
selectedUnit
}).toEqual({
selectedUnit: 'unit1'
})
})
it('should be able to get org permissions', () => {
const orgPermissions = authLib.tokenUtils.getOrgPermissions(mockRequestWithToken)
expect({
orgPermissions
}).toEqual({
orgPermissions: ['orgPermission']
})
})
it('should be able to get unit 1 permissions', () => {
const unitPermissions = authLib.tokenUtils.getUnitPermissions(mockRequestWithToken, 'unit1')
expect({
unitPermissions
}).toEqual({
unitPermissions: [
'orgPermission',
'unit1permission'
]
})
})
it('should be able to get unit 2 permissions', () => {
const unitPermissions = authLib.tokenUtils.getUnitPermissions(mockRequestWithToken, 'unit2')
expect({
unitPermissions
}).toEqual({
unitPermissions: [
'orgPermission',
'unit2permission'
]
})
})
it('should be able to get existing but empty unit 3 permissions (only org permissions)', () => {
const unitPermissions = authLib.tokenUtils.getUnitPermissions(mockRequestWithToken, 'unit3')
expect({
unitPermissions
}).toEqual({
unitPermissions: ['orgPermission']
})
})
it('should be able to get non-existent unit 4 permissions (no permissions)', () => {
const unitPermissions = authLib.tokenUtils.getUnitPermissions(mockRequestWithToken, 'unit4')
expect({
unitPermissions
}).toEqual({
unitPermissions: []
})
})
it('should be able to check if token is service admin', () => {
const isServiceAdmin = authLib.tokenUtils.isServiceAdmin(mockRequestWithToken)
expect({
isServiceAdmin
}).toEqual({
isServiceAdmin: true
})
})
it('should be able to get a subject\'s userinfo', () => {
const userinfo = authLib.tokenUtils.getUserinfo(mockRequestWithToken)
expect({
userinfo
}).toEqual({
userinfo: {
given_name: 'Pelle'
}
})
})
})
})