UNPKG

@quarks/quarks-iam

Version:

A modern authorization server built to authenticate your users and protect your APIs

github.com/anvilresearch/connect

anvilresearch/connect

138 lines (80 loc) 3.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
chai = require 'chai' chai.should() {validateTokenParams} = require '../../../oidc' req = (params) -> body: params res = {} err = null describe 'Validate Token Parameters', -> describe 'all requests', -> describe 'with missing grant_type', -> before (done) -> params = {} validateTokenParams req(params), res, (error) -> err = error done() it 'should provide an AuthorizationError', -> err.name.should.equal 'AuthorizationError' it 'should provide an error code', -> err.error.should.equal 'invalid_request' it 'should provide an error description', -> err.error_description.should.equal 'Missing grant type' it 'should provide a status code', -> err.statusCode.should.equal 400 describe 'with unsupported grant_type', -> before (done) -> params = { grant_type: 'unsupported' } validateTokenParams req(params), res, (error) -> err = error done() it 'should provide an AuthorizationError', -> err.name.should.equal 'AuthorizationError' it 'should provide an error code', -> err.error.should.equal 'unsupported_grant_type' it 'should provide an error description', -> err.error_description.should.equal 'Unsupported grant type' it 'should provide a status code', -> err.statusCode.should.equal 400 describe 'authorization code grant', -> describe 'with missing authorization code', -> before (done) -> params = { grant_type: 'authorization_code' } validateTokenParams req(params), res, (error) -> err = error done() it 'should provide an AuthorizationError', -> err.name.should.equal 'AuthorizationError' it 'should provide an error code', -> err.error.should.equal 'invalid_request' it 'should provide an error description', -> err.error_description.should.equal 'Missing authorization code' it 'should provide a status code', -> err.statusCode.should.equal 400 describe 'with missing redirect_uri', -> before (done) -> params = { grant_type: 'authorization_code', code: 'bogus' } validateTokenParams req(params), res, (error) -> err = error done() it 'should provide an AuthorizationError', -> err.name.should.equal 'AuthorizationError' it 'should provide an error code', -> err.error.should.equal 'invalid_request' it 'should provide an error description', -> err.error_description.should.equal 'Missing redirect uri' it 'should provide a status code', -> err.statusCode.should.equal 400 describe 'refresh token grant', -> describe 'with missing refresh token', -> before (done) -> params = { grant_type: 'refresh_token' } validateTokenParams req(params), res, (error) -> err = error done() it 'should provide an AuthorizationError', -> err.name.should.equal 'AuthorizationError' it 'should provide an error code', -> err.error.should.equal 'invalid_request' it 'should provide an error description', -> err.error_description.should.equal 'Missing refresh token' it 'should provide a status code', -> err.statusCode.should.equal 400