Skip to content

Commit

Permalink
test coverage to 100, upgrade mocha coveralls
Browse files Browse the repository at this point in the history
  • Loading branch information
@cdwills
cdwills committed Feb 22, 2019
1 parent c1f2b7f commit dd29508
Show file tree
Hide file tree
Showing 4 changed files with 1,155 additions and 259 deletions.
2 changes: 1 addition & 1 deletion index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ const factory = options => {
const opts = mergeDeepRight(jwksOptsDefaults, options)
const {
verify: verifyOpts = {},
jwks: jwksOpts = {}
jwks: jwksOpts
} = opts

const cacheClient = iss => client =>
Expand Down
6 changes: 3 additions & 3 deletions package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@articulate/authentic",
"version": "0.2.0",
"version": "1.0.0",
"description": "Proper validation of JWT's against JWK's",
"main": "index.js",
"repository": "git@github.com:articulate/authentic.git",
Expand Down Expand Up @@ -33,8 +33,8 @@
"devDependencies": {
"chai": "^4.1.2",
"coveralls": "^3.0.0",
"eslint": "5.13.x",
"mocha": "^5.0.0",
"eslint": "5.14.x",
"mocha": "6.0.x",
"nock": "10.x.x",
"nyc": "13.x.x",
"prop-factory": "^1.0.0"
Expand Down
164 changes: 99 additions & 65 deletions test/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,6 @@ const lowerBearerToken = 'bearer ' + token

const { issuer } = oidc

const authentic = require('..')({
verify: { ignoreExpiration: true },
issWhitelist: [ issuer ],
})

const badIss = jwt.decode(bad, { complete: true }).payload.iss

Expand All @@ -35,86 +31,124 @@ describe('authentic', () => {
nock.cleanAll()
)

describe('with a valid jwt', () => {
beforeEach(() =>
authentic(token).then(res)
)
describe('setup with minimal valid configuration options', () => {
const authentic = require('..')({
issWhitelist: [ issuer ],
})

it('validates the jwt against the jwks', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)
describe('with an expired jwt', () => {
beforeEach(() =>
authentic(token).catch(res)
)

it('caches the jwks client', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)
it('booms with a 401', () => {
expect(res().isBoom).to.be.true
expect(res().output.statusCode).to.equal(401)
})
})
})

describe('with a valid jwt that starts with Bearer', () => {
beforeEach(() =>
authentic(capitalBearerToken).then(res)
)
describe('setup with valid configuration options', () => {
const authentic = require('..')({
verify: { ignoreExpiration: true },
issWhitelist: [ issuer ],
})

it('validates the jwt against the jwks', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)
describe('with a valid jwt', () => {
beforeEach(() =>
authentic(token).then(res)
)

it('caches the jwks client', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)
})
it('validates the jwt against the jwks', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)

describe('with a valid jwt that starts with bearer', () => {
beforeEach(() =>
authentic(lowerBearerToken).then(res)
)
it('caches the jwks client', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)
})

it('validates the jwt against the jwks', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)
describe('with a valid jwt that starts with Bearer', () => {
beforeEach(() =>
authentic(capitalBearerToken).then(res)
)

it('caches the jwks client', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)
})
it('validates the jwt against the jwks', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)

it('caches the jwks client', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)
})

describe('with an invalid jwt', () => {
beforeEach(() =>
authentic('invalid').catch(res)
)
describe('with a valid jwt that starts with bearer', () => {
beforeEach(() =>
authentic(lowerBearerToken).then(res)
)

it('booms with a 401', () => {
expect(res().isBoom).to.be.true
expect(res().output.statusCode).to.equal(401)
it('validates the jwt against the jwks', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)

it('caches the jwks client', () =>
expect(res().sub).to.equal('00udjyjssbt2S1QVr0h7')
)
})
})

describe('with an invalid iss', () => {
beforeEach(() =>
authentic(bad).catch(res)
)
describe('with an invalid jwt', () => {
beforeEach(() =>
authentic('invalid').catch(res)
)

it('booms with a 401', () => {
expect(res().isBoom).to.be.true
expect(res().output.statusCode).to.equal(401)
it('booms with a 401', () => {
expect(res().isBoom).to.be.true
expect(res().output.statusCode).to.equal(401)
})
})

it('includes the invalid iss in the error message', () =>
expect(res().output.payload.message).to.contain(badIss)
)
})
describe('with an expired jwt', () => {
beforeEach(() => {
const auth = require('..')({
issWhitelist: [ issuer ],
})
auth(token).catch(res)
})

it('booms with a 401', () => {
expect(res().isBoom).to.be.true
expect(res().output.statusCode).to.equal(401)
})
})

describe('with a null token', () => {
beforeEach(() =>
authentic(null).catch(res)
)
describe('with an invalid iss', () => {
beforeEach(() =>
authentic(bad).catch(res)
)

it('booms with a 401', () => {
expect(res().isBoom).to.be.true
expect(res().output.statusCode).to.equal(401)
it('booms with a 401', () => {
expect(res().isBoom).to.be.true
expect(res().output.statusCode).to.equal(401)
})

it('includes the invalid iss in the error message', () =>
expect(res().output.payload.message).to.contain(badIss)
)
})

it('mentions that the token was null', () =>
expect(res().output.payload.message).to.contain('null token')
)
describe('with a null token', () => {
beforeEach(() =>
authentic(null).catch(res)
)

it('booms with a 401', () => {
expect(res().isBoom).to.be.true
expect(res().output.statusCode).to.equal(401)
})

it('mentions that the token was null', () =>
expect(res().output.payload.message).to.contain('null token')
)
})
})
})
Loading

0 comments on commit dd29508

Please sign in to comment.