As the title suggests, this is an example of how to mock JSON Web Tokens for unit testing a Node.js Express application. It assumes you're using Auth0 but the mocking strategy applies more broadly to JSON Web Tokens in general.
I've also written a companion article for this repo.
$ npm install
From the root of the repository...
$ npm start
The app runs by default on port 4000.
This is probably what you care about most... Seeing that the test is able to hit an auth'd endpoint.
$ npm test
Tests run against a server running on port 4001. The tests will setup and tear down the server automatically so no need to make sure the server is running before the tests run.
If you'd like to use your own key set as an experiment you'll need to...
- Generate an RSA key.
- Retrieve the
nandevalues for that key. - Base64urlUInt encode your
nandevalues - Replace the values for each in test/fixtures.js
I used Python 3 for all the key stuff because it's easy.
Simple as this:
$ python3
>>> from Crypto.PublicKey import RSA
>>> key = RSA.generate(2048)
To save your key to a file:
>>> f = open('mykey.pem','wb')
>>> f.write(key.exportKey('PEM'))
>>> f.close()
The private key saved in mykey.pem can be copy/pasted over top of this key.
To get these important values, from a python repl, simply do:
>>> key.n
...
>>> key.e
...
This requires the pyjwkest module. From the command line:
pip install pyjwkest
Then from a Python repl:
>>> from jwkest import long_to_base64
>>> long_to_base64(<your-n-value>)
...
>>> long_to_base64(<your-e-value>)
...
The output is the strings to replace your n and e values here.