realm-object-server
Version:
112 lines • 10.9 kB
JavaScript
;
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
Object.defineProperty(exports, "__esModule", { value: true });
const chai_1 = require("chai");
const chai = require("chai");
chai.use(require("chai-as-promised"));
const AzureAuthProvider_1 = require("./AzureAuthProvider");
const errors = require("../../errors");
const TestServer_1 = require("../../TestServer");
const tenantId = "f95cc7cf-60b7-49b2-ab4b-1fdc280eb0bd";
const validAccessToken = "eyJhbGciOiJSUzI1NiIsIng1dCI6IjEyMyIsImtpZCI6IjEyMyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9mOTVjYzdjZi02MGI3LTQ5YjItYWI0Yi0xZmRjMjgwZWIwYmQvIiwiYXVkIjoiaHR0cHM6Ly9ncmFwaC53aW5kb3dzLm5ldCIsInN1YiI6IkNrdzY5Qk44U1pOYkFmRVFRLXU5bHAyNTlyeFp0YlNEQ0N0WjRHN2JVQTQiLCJpYXQiOjE0ODgyMDkyMjksImV4cCI6NDY0Mzg4MjgyOSwiYXBwaWQiOiI5NmQzOGM4Yy0wYTU2LTQ4ZjgtYmQ1MC01NDQ1OTg4MmRkNDYiLCJ1bmlxdWVfbmFtZSI6InVzZXJAcmVhbG1hZC5vbm1pY3Jvc29mdC5jb20iLCJ0aWQiOiJmOTVjYzdjZi02MGI3LTQ5YjItYWI0Yi0xZmRjMjgwZWIwYmQiLCJ1cG4iOiJ1c2VyQHJlYWxtYWQub25taWNyb3NvZnQuY29tIiwiZ2l2ZW5fbmFtZSI6IlVzZXIiLCJmYW1pbHlfbmFtZSI6IlVzZXJvdiJ9.L73bH-JoYH60jQ-JCzvmhbTOOJrNN243vDcQK9x-xSkeDXRAEWV7T7aYRAZEhosjhXQX8es3l9OYaRwIyK-qV84m_68SPCk7Pe8dC9Ge02Qt6L2le9MZZUJsXRAEEVtGuLqXxOzPkmZgUkGO1d1SBVwGL29TpyB479AvOUfUfG4";
const expiredAccessToken = "eyJhbGciOiJSUzI1NiIsIng1dCI6IjEyMyIsImtpZCI6IjEyMyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9mOTVjYzdjZi02MGI3LTQ5YjItYWI0Yi0xZmRjMjgwZWIwYmQvIiwiYXVkIjoiaHR0cHM6Ly9ncmFwaC53aW5kb3dzLm5ldCIsInN1YiI6IkNrdzY5Qk44U1pOYkFmRVFRLXU5bHAyNTlyeFp0YlNEQ0N0WjRHN2JVQTQiLCJpYXQiOjE0ODgxMjQ0MTksImV4cCI6MTQ4ODE2NzYxOSwiYXBwaWQiOiI5NmQzOGM4Yy0wYTU2LTQ4ZjgtYmQ1MC01NDQ1OTg4MmRkNDYiLCJ1bmlxdWVfbmFtZSI6InVzZXJAcmVhbG1hZC5vbm1pY3Jvc29mdC5jb20iLCJ0aWQiOiJmOTVjYzdjZi02MGI3LTQ5YjItYWI0Yi0xZmRjMjgwZWIwYmQiLCJ1cG4iOiJ1c2VyQHJlYWxtYWQub25taWNyb3NvZnQuY29tIiwiZ2l2ZW5fbmFtZSI6IlVzZXIiLCJmYW1pbHlfbmFtZSI6IlVzZXJvdiJ9.w_q8g8UEHo-To9U6G4LgWeOJeIE781WB7nikN2b6oIzyiKgbj8ZiS7_6np5ckqwPa4nbYHEJ3gNob76Usk1tNi4dw1U8cbUGG8S4krBcreYC3CzB0EHLbYjgbOWgAIDxbp9esFSbMPXWrya7VfFf8GeFi0DAKWBNXvoKMyPiTu8";
const invalidTenantAccessToken = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9mOTVjYzdjZi02MGI3LTQ5YjItYWI0Yi0xZmRjMjgwZWIwYmQvIiwiaWF0IjoxNDg4MTk0OTcwLCJleHAiOjE0ODgxOTUwMzAsImF1ZCI6Imh0dHBzOi8vZ3JhcGgud2luZG93cy5uZXQiLCJzdWIiOiJDa3c2OUJOOFNaTmJBZkVRUS11OWxwMjU5cnhadGJTRENDdFo0RzdiVUE0IiwiYXBwaWQiOiI5NmQzOGM4Yy0wYTU2LTQ4ZjgtYmQ1MC01NDQ1OTg4MmRkNDUiLCJhcHBpZGFjciI6IjAiLCJnaXZlbl9uYW1lIjoiVXNlciIsInRpZCI6InNvbWUtb3RoZXItdGVuYW50IiwidW5pcXVlX25hbWUiOiJ1c2VyQHJlYWxtYWQub25taWNyb3NvZnQuY29tIiwiZmFtaWx5X25hbWUiOiJVc2Vyb3YifQ.7tE8kWHTMS0wLBi_Y1P8OrgDq6xGRlIPKYhS2CL38Ns";
const missingHeaderAccessToken = ".eyJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9mOTVjYzdjZi02MGI3LTQ5YjItYWI0Yi0xZmRjMjgwZWIwYmQvIiwiaWF0IjoxNDg4MTk0OTcwLCJleHAiOjE0ODgxOTUwMzAsImF1ZCI6Imh0dHBzOi8vZ3JhcGgud2luZG93cy5uZXQiLCJzdWIiOiJDa3c2OUJOOFNaTmJBZkVRUS11OWxwMjU5cnhadGJTRENDdFo0RzdiVUE0IiwiYXBwaWQiOiI5NmQzOGM4Yy0wYTU2LTQ4ZjgtYmQ1MC01NDQ1OTg4MmRkNDUiLCJhcHBpZGFjciI6IjAiLCJnaXZlbl9uYW1lIjoiVXNlciIsInRpZCI6ImY5NWNjN2NmLTYwYjctNDliMi1hYjRiLTFmZGMyODBlYjBiZCIsInVuaXF1ZV9uYW1lIjoidXNlckByZWFsbWFkLm9ubWljcm9zb2Z0LmNvbSIsImZhbWlseV9uYW1lIjoiVXNlcm92In0.vF4Bp403t2e6MaGQkr49wmsBGXGm5mxquZGzSjCCdSY";
const invalidIssuerAccessToken = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJteS1oYWNrZWQtc2VydmljZSIsImlhdCI6MTQ4ODE5NDk3MCwiZXhwIjoxNDg4MTk1MDMwLCJhdWQiOiJodHRwczovL2dyYXBoLndpbmRvd3MubmV0Iiwic3ViIjoiQ2t3NjlCTjhTWk5iQWZFUVEtdTlscDI1OXJ4WnRiU0RDQ3RaNEc3YlVBNCIsImFwcGlkIjoiOTZkMzhjOGMtMGE1Ni00OGY4LWJkNTAtNTQ0NTk4ODJkZDQ1IiwiYXBwaWRhY3IiOiIwIiwiZ2l2ZW5fbmFtZSI6IlVzZXIiLCJ0aWQiOiJmOTVjYzdjZi02MGI3LTQ5YjItYWI0Yi0xZmRjMjgwZWIwYmQiLCJ1bmlxdWVfbmFtZSI6InVzZXJAcmVhbG1hZC5vbm1pY3Jvc29mdC5jb20iLCJmYW1pbHlfbmFtZSI6IlVzZXJvdiJ9.HXxkP2S23aN-e1XDX0HdzVICWiPXlxT7kGklTqbmVLM";
const nonExistentKidAccessToken = "eyJhbGciOiJSUzI1NiIsIng1dCI6IjQ1NiIsImtpZCI6IjQ1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9mOTVjYzdjZi02MGI3LTQ5YjItYWI0Yi0xZmRjMjgwZWIwYmQvIiwiYXVkIjoiaHR0cHM6Ly9ncmFwaC53aW5kb3dzLm5ldCIsInN1YiI6IkNrdzY5Qk44U1pOYkFmRVFRLXU5bHAyNTlyeFp0YlNEQ0N0WjRHN2JVQTQiLCJpYXQiOjE0ODgxMjQ1OTcsImV4cCI6NDY0Mzg4NDU5NywiYXBwaWQiOiI5NmQzOGM4Yy0wYTU2LTQ4ZjgtYmQ1MC01NDQ1OTg4MmRkNDYiLCJ1bmlxdWVfbmFtZSI6InVzZXJAcmVhbG1hZC5vbm1pY3Jvc29mdC5jb20iLCJ0aWQiOiJmOTVjYzdjZi02MGI3LTQ5YjItYWI0Yi0xZmRjMjgwZWIwYmQiLCJ1cG4iOiJ1c2VyQHJlYWxtYWQub25taWNyb3NvZnQuY29tIiwiZ2l2ZW5fbmFtZSI6IlVzZXIiLCJmYW1pbHlfbmFtZSI6IlVzZXJvdiJ9.byLIZpIECLmLoAhMG16kWO7cK3lU8WTXvyPsPUot3zpCXnO_7cxkg_-kanv7eWdL7ZI_yiNVMahVXGJHS_UTaLis1-8DLj5x5p1_tW3FIgmb-_4D6RyL25Y_borp2rduj3q2VmL2hDw7ZVXQAzXi4EiP9SV0BpiuqXsTAJ-JHZM";
const invalidCertificateAccessToken = "eyJhbGciOiJSUzI1NiIsIng1dCI6IjEyMyIsImtpZCI6IjEyMyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9mOTVjYzdjZi02MGI3LTQ5YjItYWI0Yi0xZmRjMjgwZWIwYmQvIiwiYXVkIjoiaHR0cHM6Ly9ncmFwaC53aW5kb3dzLm5ldCIsInN1YiI6IkNrdzY5Qk44U1pOYkFmRVFRLXU5bHAyNTlyeFp0YlNEQ0N0WjRHN2JVQTQiLCJpYXQiOjE0ODgxMjQ3MTEsImV4cCI6NDY0Mzg4NDcxMSwiYXBwaWQiOiI5NmQzOGM4Yy0wYTU2LTQ4ZjgtYmQ1MC01NDQ1OTg4MmRkNDYiLCJ1bmlxdWVfbmFtZSI6InVzZXJAcmVhbG1hZC5vbm1pY3Jvc29mdC5jb20iLCJ0aWQiOiJmOTVjYzdjZi02MGI3LTQ5YjItYWI0Yi0xZmRjMjgwZWIwYmQiLCJ1cG4iOiJ1c2VyQHJlYWxtYWQub25taWNyb3NvZnQuY29tIiwiZ2l2ZW5fbmFtZSI6IlVzZXIiLCJmYW1pbHlfbmFtZSI6IlVzZXJvdiJ9.NGpTWWVLTxX6zgekcw8SDU93vIfUtaiVXK7siWfBt9UtG-0paAgfQgdHJ7nO9z5IwwE-bFirvlmiwwScWzNvlSQdrTc_3sRx8vAPlVK9qXwfo0qp8Sl5yT9Z6iHn_YztXEwvgl_F21YeeoBISEl7pk9dCaGXprYlwY997J25TrI";
describe("AzureAuthProvider", () => {
let provider;
let server;
function createServer(params = {}) {
return __awaiter(this, void 0, void 0, function* () {
server = new TestServer_1.TestServer();
provider = new AzureAuthProvider_1.AzureAuthProvider({
tenant_id: tenantId,
skipVerification: params.skipVerification
});
yield server.start({
authProviders: [provider],
});
});
}
function stopServer() {
return __awaiter(this, void 0, void 0, function* () {
if (server) {
yield server.shutdown();
}
});
}
describe("authenticateOrCreateUser", () => {
before(() => createServer());
after(() => stopServer());
describe("without data param", () => {
it("should return a MissingParameters exception", () => __awaiter(this, void 0, void 0, function* () {
yield chai_1.assert.isRejected(provider.authenticateOrCreateUser({}), errors.realm.MissingParameters);
}));
});
describe("with expired access token", () => {
it("should return an InvalidCredentials exception", () => __awaiter(this, void 0, void 0, function* () {
yield chai_1.assert.isRejected(provider.authenticateOrCreateUser({ data: expiredAccessToken }), errors.realm.InvalidCredentials);
}));
});
describe("with invalid tenant access token", () => {
it("should return an InvalidCredentials exception", () => __awaiter(this, void 0, void 0, function* () {
yield chai_1.assert.isRejected(provider.authenticateOrCreateUser({ data: invalidTenantAccessToken }), errors.realm.InvalidCredentials);
}));
});
describe("with missing header access token", () => {
it("should return an InvalidCredentials exception", () => __awaiter(this, void 0, void 0, function* () {
yield chai_1.assert.isRejected(provider.authenticateOrCreateUser({ data: missingHeaderAccessToken }), errors.realm.InvalidCredentials);
}));
});
describe("with invalid issuer access token", () => {
it("should return an InvalidCredentials exception", () => __awaiter(this, void 0, void 0, function* () {
yield chai_1.assert.isRejected(provider.authenticateOrCreateUser({ data: invalidIssuerAccessToken }), errors.realm.InvalidCredentials);
}));
});
describe("with non existent kid access token", () => {
it("should return an InvalidCredentials exception", () => __awaiter(this, void 0, void 0, function* () {
yield chai_1.assert.isRejected(provider.authenticateOrCreateUser({ data: nonExistentKidAccessToken }), errors.realm.InvalidCredentials);
}));
});
describe("with invalid certificate access token", () => {
it("should return an InvalidCredentials exception", () => __awaiter(this, void 0, void 0, function* () {
yield chai_1.assert.isRejected(provider.authenticateOrCreateUser({ data: invalidCertificateAccessToken }), errors.realm.InvalidCredentials);
}));
});
});
describe("authenticateOrCreateUser with valid credentials", () => {
before(() => createServer({
skipVerification: true,
}));
after(() => stopServer());
describe("on first request", () => {
it("should return a user", () => __awaiter(this, void 0, void 0, function* () {
const user = yield chai_1.assert.isFulfilled(provider.authenticateOrCreateUser({ data: validAccessToken }));
chai_1.assert.isTrue(user.created);
chai_1.assert.isDefined(user.userId);
chai_1.assert.isFalse(user.isAdmin);
chai_1.assert.equal(user.accounts[0].provider, "azuread");
chai_1.assert.isDefined(user.accounts[0].providerId);
chai_1.assert.notEqual(user.accounts[0].providerId, validAccessToken);
}));
});
describe("on subsequent requests", () => {
it("should return a user", () => __awaiter(this, void 0, void 0, function* () {
const user = yield chai_1.assert.isFulfilled(provider.authenticateOrCreateUser({ data: validAccessToken }));
const secondUser = yield chai_1.assert.isFulfilled(provider.authenticateOrCreateUser({ data: validAccessToken }));
chai_1.assert.equal(user.userId, secondUser.userId);
chai_1.assert.equal(user.accounts[0].providerId, secondUser.accounts[0].providerId);
}));
});
});
});
//# sourceMappingURL=AzureAuthProvider.spec.js.map