fix: new test for auth directive, move tests to test folder

aerogear · Jul 5, 2019 · 594e049 · 594e049
1 parent c96b112
commit 594e049
Show file tree

Hide file tree

Showing 5 changed files with 143 additions and 4 deletions.
diff --git a/package.json b/package.json
@@ -37,11 +37,13 @@
     "@types/keycloak-connect": "4.5.1",
     "@types/node": "10.14.10",
     "@types/pino": "5.20.0",
+    "@types/sinon": "^7.0.13",
     "ava": "2.1.0",
     "coveralls": "3.0.4",
     "express": "^4.17.1",
     "graphql": "14.4.1",
     "nyc": "14.1.1",
+    "sinon": "^7.3.2",
     "ts-node": "8.3.0",
     "tslint": "5.18.0",
     "typescript": "3.5.2"

diff --git a/src/schemaDirectives/auth.ts b/src/schemaDirectives/auth.ts
@@ -7,7 +7,6 @@ export class AuthDirective extends SchemaDirectiveVisitor {
 
   constructor (config: {
       name: string
-      args: { [name: string]: any }
       visitedType: VisitableSchemaType
       schema: GraphQLSchema
       context: { [key: string]: any }

diff --git a/src/AuthContextProvider.test.ts → test/AuthContextProvider.test.ts b/src/AuthContextProvider.test.ts → test/AuthContextProvider.test.ts
@@ -1,6 +1,6 @@
 import test from 'ava'
 
-import { KeycloakAuthContextProvider } from './AuthContextProvider'
+import { KeycloakAuthContextProvider } from '../src/AuthContextProvider'
 
 test('AuthContextProvider accessToken is the access_token in req.kauth', (t) => {
 

diff --git a/test/auth.test.ts b/test/auth.test.ts
@@ -0,0 +1,138 @@
+import test from 'ava'
+import sinon from 'sinon'
+
+import { GraphQLSchema } from 'graphql'
+import { VisitableSchemaType } from 'graphql-tools/dist/schemaVisitor'
+import { AuthDirective } from '../src/schemaDirectives/auth'
+
+import { KeycloakAuthContextProvider } from '../src/AuthContextProvider'
+import { spawnSync } from 'child_process';
+
+const createHasRoleDirective = () => {
+  return new AuthDirective({
+    name: 'testAuthDirective',
+    visitedType: ({} as VisitableSchemaType),
+    schema: ({} as GraphQLSchema),
+    context: []
+  })
+}
+
+test('happy path: context.auth.isAuthenticated() is called, then original resolver is called', async (t) => {
+  const directive = createHasRoleDirective()
+
+  const field = {
+    resolve: (root: any, args: any, context: any, info: any) => {
+      t.pass()
+    },
+    name: 'testField'
+  }
+
+  const resolverSpy = sinon.spy(field, 'resolve')
+
+  directive.visitFieldDefinition(field)
+
+  const root = {}
+  const args = {}
+  const req = {
+    kauth: {
+      grant: {
+        access_token: {
+          isExpired: () => {
+            return false
+          }
+        }
+      }
+    }
+  }
+  const context = {
+    request: req,
+    auth: new KeycloakAuthContextProvider({ req })
+  }
+
+  const isAuthenticatedSpy = sinon.spy(context.auth, 'isAuthenticated')
+
+  const info = {
+    parentType: {
+      name: 'testParent'
+    }
+  }
+
+  await field.resolve(root, args, context, info)
+
+  t.truthy(isAuthenticatedSpy.called)
+  t.truthy(resolverSpy.called)
+})
+
+test('resolver will throw if context.auth is not present', async (t) => {
+  const directive = createHasRoleDirective()
+
+  const field = {
+    resolve: (root: any, args: any, context: any, info: any) => {
+      t.fail()
+    },
+    name: 'testField'
+  }
+
+  directive.visitFieldDefinition(field)
+
+  const root = {}
+  const args = {}
+  const req = {
+    kauth: {
+      grant: {
+        access_token: {
+          isExpired: () => {
+            return false
+          }
+        }
+      }
+    }
+  }
+  const context = {
+    request: req
+  }
+
+  const info = {
+    parentType: {
+      name: 'testParent'
+    }
+  }
+
+  await t.throwsAsync(async () => {
+    await field.resolve(root, args, context, info)
+  }, 'User not Authenticated')
+})
+
+test('resolver will throw if context.auth present but context.auth.isAuthenticated returns false', async (t) => {
+  const directive = createHasRoleDirective()
+
+  const field = {
+    resolve: (root: any, args: any, context: any, info: any) => {
+      t.fail()
+    },
+    name: 'testField'
+  }
+
+  directive.visitFieldDefinition(field)
+
+  const root = {}
+  const args = {}
+  const req = {}
+
+  const context = {
+    request: req,
+    auth: {
+      isAuthenticated: () => false
+    }
+  }
+
+  const info = {
+    parentType: {
+      name: 'testParent'
+    }
+  }
+
+  await t.throwsAsync(async () => {
+    await field.resolve(root, args, context, info)
+  }, 'User not Authenticated')
+})
diff --git a/src/schemaDirectives/hasRole.test.ts → test/hasRole.test.ts b/src/schemaDirectives/hasRole.test.ts → test/hasRole.test.ts
@@ -2,9 +2,9 @@ import test from 'ava'
 
 import { GraphQLSchema } from 'graphql'
 import { VisitableSchemaType } from 'graphql-tools/dist/schemaVisitor'
-import { HasRoleDirective } from './hasRole'
+import { HasRoleDirective } from '../src/schemaDirectives/hasRole'
 
-import { KeycloakAuthContextProvider } from '../AuthContextProvider'
+import { KeycloakAuthContextProvider } from '../src/AuthContextProvider'
 
 const createHasRoleDirective = (directiveArgs: any) => {
   return new HasRoleDirective({