UNPKG

@quarks/quarks-iam

Version:

A modern authorization server built to authenticate your users and protect your APIs

github.com/anvilresearch/connect

anvilresearch/connect

161 lines (118 loc) 3.96 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
chai = require 'chai' sinon = require 'sinon' sinonChai = require 'sinon-chai' expect = chai.expect chai.use sinonChai chai.should() mailer = require '../../../boot/mailer' fakeMailer = sendMail: (tmpl, loc, opts, cb) -> cb() {sendVerificationEmail} = require '../../../oidc' OneTimeToken = require '../../../models/OneTimeToken' describe 'Send Verification Email', -> before -> sinon.stub(mailer, 'getMailer').returns(fakeMailer) after -> mailer.getMailer.restore() {req,res,next} = {} describe 'when not requested', -> before -> req = provider: emailVerification: enable: false sendVerificationEmail: false res = {} next = sinon.spy() sinon.spy(OneTimeToken, 'issue') sinon.spy(fakeMailer, 'sendMail') sendVerificationEmail req, res, next after -> OneTimeToken.issue.restore() fakeMailer.sendMail.restore() it 'should continue', -> next.should.have.been.called it 'should not issue a OneTimeToken', -> OneTimeToken.issue.should.not.have.been.called it 'should not send an email', -> fakeMailer.sendMail.should.not.have.been.called describe 'when requested', -> before -> req = connectParams: redirect_uri: 'https://example.com/callback' client_id: 'client-uuid' response_type: 'id_token token' scope: 'openid profile' provider: emailVerification: enable: true sendVerificationEmail: true user: _id: 'uuid' email: 'joe@example.com' givenName: 'joe' familyName: 'johnson' res = {} next = sinon.spy() sinon.stub(OneTimeToken, 'issue') .callsArgWith(1, null, new OneTimeToken { sub: req.user._id ttl: 3600 * 24 * 7 use: 'emailVerification' }) sinon.stub(fakeMailer, 'sendMail').callsArgWith 3, null, null sendVerificationEmail req, res, next after -> OneTimeToken.issue.restore() fakeMailer.sendMail.restore() it 'should issue a token to the user', -> OneTimeToken.issue.should.have.been.calledWith sinon.match({ sub: req.user._id }) it 'should issue an expiring token', -> OneTimeToken.issue.should.have.been.calledWith sinon.match({ ttl: sinon.match.number }) it 'should issue a token for email verification', -> OneTimeToken.issue.should.have.been.calledWith sinon.match({ use: 'emailVerification' }) it 'should send to the user', -> fakeMailer.sendMail.should.have.been .calledWith 'verifyEmail', sinon.match.object, sinon.match({ to: req.user.email }) it 'should provide a subject', -> fakeMailer.sendMail.should.have.been .calledWith 'verifyEmail', sinon.match.object, sinon.match({ subject: sinon.match.string }) it 'should render with the user email', -> fakeMailer.sendMail.should.have.been .calledWith 'verifyEmail', sinon.match({ email: req.user.email }) it 'should render with the user given name', -> fakeMailer.sendMail.should.have.been .calledWith 'verifyEmail', sinon.match({ name: { first: req.user.givenName } }) it 'should render with the user family name', -> fakeMailer.sendMail.should.have.been .calledWith 'verifyEmail', sinon.match({ name: { last: req.user.familyName } }) it 'should render with the verification url', -> fakeMailer.sendMail.should.have.been .calledWith 'verifyEmail', sinon.match({ verifyURL: sinon.match.string }) it 'should continue', -> next.should.have.been.called next.should.not.have.been.calledWith sinon.match.any