UNPKG

xtralife-api

Version:

Xtralife.cloud business logic shared between components

github.com/xtralifecloud/xtralife-api

xtralifecloud/xtralife-api

92 lines (67 loc) 2.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
/* * decaffeinate suggestions: * DS102: Remove unnecessary code created because of implicit returns * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md */ const should = require('should'); const crypto = require('crypto'); global.xlenv = require("xtralife-env"); xlenv.override(null, xlenv.Log); xlenv.override(null, require('./config.js')); global.logger = xlenv.createLogger(xlenv.logs); const xtralife = require('../src/index.js'); const domain = "com.clanofthecloud.cloudbuilder.azerty"; let game = null; let user_id = null; let context = null; let token = null; const jwt = require('jsonwebtoken'); const secret = "this is a game specific secret"; describe("Xtralife JWT token issuance", function () { before('configure Xtralife', function (done) { this.timeout(5000); return xtralife.configure(function (err) { should(err).not.be.ok; game = xtralife.api.game.dynGames['com.clanofthecloud.cloudbuilder']; context = { game }; return done(); }); }); before('should create a new gamer', function () { const profile = { displayName: "Test user 1", lang: "en" }; return xtralife.api.connect.register(game, "anonymous", null, null, profile, function (err, user) { user_id = user._id; }); }); it('should issue a jwt token for a gamer', function () { // issue and remember token token = xtralife.api.user.sandbox(context).account.getJWToken(user_id, domain, secret, { hello: "world", isThePayload: true }); const key = crypto.createHash('sha256').update(secret + domain).digest('hex'); const decoded = jwt.verify(token, key); decoded.user_id.should.eql(user_id.toString()); decoded.domain.should.eql(domain); decoded.payload.hello.should.eql("world"); decoded.payload.isThePayload.should.eql(true); decoded.sub.should.eql("auth"); return decoded.iss.should.eql("xtralife-api"); }); it('should fail with invalid secret', function (done) { const key = crypto.createHash('sha256').update("WRONG SECRET" + domain).digest('hex'); try { return jwt.verify(token, key); } catch (JsonWebTokenError) { return done(); } }); return it('should fail with invalid domain', function (done) { const key = crypto.createHash('sha256').update(secret + "INVALID DOMAIN").digest('hex'); try { return jwt.verify(token, key); } catch (JsonWebTokenError) { return done(); } }); });