/
authorizationGrants.js
109 lines (92 loc) · 2.91 KB
/
authorizationGrants.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
/* eslint-env mocha */
const chain = require('../dist/index.js')
const uuid = require('uuid')
const chai = require('chai')
const chaiAsPromised = require('chai-as-promised')
chai.use(chaiAsPromised)
const expect = chai.expect
const client = new chain.Client()
let tokenName, tokenGrant
describe('Authorization grant', () => {
before('set up grant data', () => {
tokenName = uuid.v4()
return client.accessTokens.create({ id: tokenName }).then(resp => {
tokenGrant = {
guard_data: { id: resp.id },
guard_type: 'access_token',
policy: 'client-readwrite'
}
})
})
it('creation successful', () => {
return client.authorizationGrants.create(tokenGrant)
.then(resp => expect(resp.createdAt).not.to.be.empty)
})
it('creation rejected due to invalid ID', () => {
return expect(client.authorizationGrants.create({
guard_data: { id: 'invalidId' },
guard_type: 'access_token',
policy: 'client-readwrite'
})).to.be.rejectedWith('CH303')
})
it('returned in list after creation', () => {
return client.authorizationGrants.create(tokenGrant)
.then(() => client.authorizationGrants.list())
.then(resp => expect(resp.items.map(item => item.guardData.id)).to.contain(tokenName))
})
it('deletion successful', () => {
return client.authorizationGrants.delete(tokenGrant)
.then(resp => expect(resp.message).to.equal('ok'))
})
it('removed from list after deletion', () => {
return client.authorizationGrants.create(tokenGrant)
.then(() => client.authorizationGrants.delete(tokenGrant))
.then(() => client.authorizationGrants.list())
.then(resp => expect(resp.items.map(item => item.guardData.id)).to.not.contain(tokenName))
})
it('sanitizes X509 guard data', () => {
return client.authorizationGrants.create({
guardType: 'x509',
guardData: {
subject: {
cn: tokenName,
ou: 'test-ou',
},
},
policy: 'client-readwrite',
})
.then(g => {
delete g.createdAt // ignore timestamp
expect(g).deep.equals({
guardType: 'x509',
guardData: {
subject: {
cn: tokenName,
ou: ['test-ou'],
}
},
policy: 'client-readwrite',
protected: false,
})
})
})
// These just test that the callback is engaged correctly. Behavior is
// tested in the promises test.
describe('Callback support', () => {
it('create', (done) => {
client.authorizationGrants.create(
{}, // intentionally blank
() => done() // intentionally ignore errors
)
})
it('delete', (done) => {
client.authorizationGrants.delete(
{}, // intentionally blank
() => done() // intentionally ignore errors
)
})
it('list', (done) => {
client.authorizationGrants.list(done)
})
})
})