Add a unit test to reproduce #90

cdimascio · Oct 25, 2019 · a8dacc4 · a8dacc4
1 parent 1427577
commit a8dacc4
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 0 deletions.
diff --git a/test/security.spec.ts b/test/security.spec.ts
@@ -152,6 +152,22 @@ describe(packageJson.name, () => {
       .expect(200);
   });
 
+  it('should return 404 if apikey header exists and handler returns true but path doesnt exist', async () => {
+    eovConf.securityHandlers.ApiKeyAuth = <any>function(req, scopes, schema) {
+      expect(schema.type).to.equal('apiKey');
+      expect(schema.in).to.equal('header');
+      expect(schema.name).to.equal('X-API-Key');
+      expect(scopes)
+        .to.be.an('array')
+        .with.length(0);
+      return true;
+    };
+    return request(app)
+      .get(`${basePath}/api_key_but_invalid_path`)
+      .set('X-API-Key', 'test')
+      .expect(404);
+  });
+
   it('should return 401 if auth header is missing for basic auth', async () => {
     (<any>eovConf.securityHandlers).BasicAuth = async (req, scopes, schema) => {
       return true;

diff --git a/test/security.top.level.spec.ts b/test/security.top.level.spec.ts
@@ -51,6 +51,28 @@ describe(packageJson.name, () => {
         );
       }));
 
+
+  it('should return 200 if apikey exist', async () =>
+    request(app)
+      .get(`${basePath}/api_key`)
+      .set('X-API-Key', 'test')
+      .expect(200)
+      );
+
+  it('should return 404 if apikey exist, but path doesnt exist', async () =>
+    request(app)
+      .get(`${basePath}/api_key_undefined_path`)
+      .set('X-API-Key', 'test')
+      .expect(404)
+      .then(r => {
+        const body = r.body;
+        expect(body.errors).to.be.an('array');
+        expect(body.errors).to.have.length(1);
+        expect(body.errors[0].message).to.equals(
+          'not found',
+        );
+      }));
+
   it('should return 200 if apikey or anonymous', async () =>
     request(app)
       .get(`${basePath}/api_key_or_anonymous`)