test: add missing scope checks (#343)

googleapis · Apr 5, 2018 · 375faea · 375faea
1 parent f75f2a2
commit 375faea
Show file tree

Hide file tree

Showing 6 changed files with 58 additions and 47 deletions.
diff --git a/test/test.googleauth.ts b/test/test.googleauth.ts
@@ -23,8 +23,8 @@ import * as path from 'path';
 import * as sinon from 'sinon';
 import * as stream from 'stream';
 
+import {GoogleAuth, JWT, UserRefreshClient} from '../src';
 import * as envDetect from '../src/auth/envDetect';
-import {GoogleAuth, JWT, UserRefreshClient} from '../src/index';
 
 nock.disableNetConnect();
 

diff --git a/test/test.index.ts b/test/test.index.ts
@@ -15,7 +15,7 @@
  */
 import * as assert from 'assert';
 
-import {DefaultTransporter, GoogleAuth} from '../src/';
+import {DefaultTransporter, GoogleAuth} from '../src';
 
 it('should publicly export GoogleAuth', () => {
   const cjs = require('../src/');

diff --git a/test/test.jwt.ts b/test/test.jwt.ts
@@ -78,8 +78,9 @@ it('should get an initial access token', done => {
   const jwt = new JWT(
       'foo@serviceaccount.com', PEM_PATH, undefined,
       ['http://bar', 'http://foo'], 'bar@subjectaccount.com');
-  createGTokenMock({access_token: 'initial-access-token'});
+  const scope = createGTokenMock({access_token: 'initial-access-token'});
   jwt.authorize((err, creds) => {
+    scope.done();
     assert.equal(err, null);
     assert.notEqual(creds, null);
     assert.equal('foo@serviceaccount.com', jwt.gtoken!.iss);
@@ -100,13 +101,14 @@ it('should get an initial access token', done => {
 it('should accept scope as string', done => {
   const jwt = new JWT({
     email: 'foo@serviceaccount.com',
-    keyFile: '/path/to/key.pem',
+    keyFile: PEM_PATH,
     scopes: 'http://foo',
     subject: 'bar@subjectaccount.com'
   });
 
-  createGTokenMock({access_token: 'initial-access-token'});
+  const scope = createGTokenMock({access_token: 'initial-access-token'});
   jwt.authorize((err, creds) => {
+    scope.done();
     assert.equal('http://foo', jwt.gtoken!.scope);
     done();
   });
@@ -121,8 +123,9 @@ it('can get obtain new access token when scopes are set', (done) => {
   });
 
   jwt.credentials = {refresh_token: 'jwt-placeholder'};
-  createGTokenMock({access_token: 'initial-access-token'});
+  const scope = createGTokenMock({access_token: 'initial-access-token'});
   jwt.getAccessToken((err, got) => {
+    scope.done();
     assert.strictEqual(null, err, 'no error was expected: got\n' + err);
     assert.strictEqual(
         'initial-access-token', got, 'the access token was wrong: ' + got);
@@ -141,8 +144,9 @@ it('can obtain new access token when scopes are set', (done) => {
 
   const wantedToken = 'abc123';
   const want = 'Bearer ' + wantedToken;
-  createGTokenMock({access_token: wantedToken});
+  const scope = createGTokenMock({access_token: wantedToken});
   jwt.getRequestMetadata(null, (err, result) => {
+    scope.done();
     assert.strictEqual(null, err, 'no error was expected: got\n' + err);
     const got = result as {
       Authorization: string;
@@ -236,9 +240,10 @@ it('should refresh token if missing access token', (done) => {
     subject: 'bar@subjectaccount.com'
   });
   jwt.credentials = {refresh_token: 'jwt-placeholder'};
-  createGTokenMock({access_token: 'abc123'});
+  const scope = createGTokenMock({access_token: 'abc123'});
 
   jwt.request({url: 'http://bar'}, () => {
+    scope.done();
     assert.equal('abc123', jwt.credentials.access_token);
     done();
   });
@@ -305,8 +310,9 @@ it('should refresh token if expired', (done) => {
     expiry_date: (new Date()).getTime() - 1000
   };
 
-  createGTokenMock({access_token: 'abc123'});
+  const scope = createGTokenMock({access_token: 'abc123'});
   jwt.request({url: 'http://bar'}, () => {
+    scope.done();
     assert.equal('abc123', jwt.credentials.access_token);
     done();
   });
@@ -329,8 +335,9 @@ it('should refresh if access token will expired soon and time to refresh before
        expiry_date: (new Date()).getTime() + 800
      };
 
-     createGTokenMock({access_token: 'abc123'});
+     const scope = createGTokenMock({access_token: 'abc123'});
      jwt.request({url: 'http://bar'}, () => {
+       scope.done();
        assert.equal('abc123', jwt.credentials.access_token);
        done();
      });
@@ -376,9 +383,10 @@ it('should refresh token if the server returns 403', (done) => {
     expiry_date: (new Date()).getTime() + 5000
   };
 
-  createGTokenMock({access_token: 'abc123'});
+  const scope = createGTokenMock({access_token: 'abc123'});
 
   jwt.request({url: 'http://example.com/access'}, () => {
+    scope.done();
     assert.equal('abc123', jwt.credentials.access_token);
     done();
   });

diff --git a/test/test.jwtaccess.ts b/test/test.jwtaccess.ts
@@ -17,7 +17,7 @@
 import * as assert from 'assert';
 import * as fs from 'fs';
 import * as jws from 'jws';
-import {JWTAccess} from '../src/index';
+import {JWTAccess} from '../src';
 
 const keypair = require('keypair');
 

diff --git a/test/test.oauth2.ts b/test/test.oauth2.ts
@@ -126,7 +126,7 @@ it('should verifyIdToken properly', async () => {
   const maxExpiry = 5;
   const payload =
       {aud: 'aud', sub: 'sub', iss: 'iss', iat: 1514162443, exp: 1514166043};
-  nock(baseUrl).get('/oauth2/v1/certs').reply(200, fakeCerts);
+  const scope = nock(baseUrl).get('/oauth2/v1/certs').reply(200, fakeCerts);
   client.verifySignedJwtWithCerts =
       (jwt: string, certs: {}, requiredAudience: string|string[],
        issuers?: string[], theMaxExpiry?: number) => {
@@ -137,6 +137,7 @@ it('should verifyIdToken properly', async () => {
         return new LoginTicket('c', payload);
       };
   const result = await client.verifyIdToken({idToken, audience, maxExpiry});
+  scope.done();
   assert.notEqual(result, null);
   if (result) {
     assert.equal(result.getEnvelope(), 'c');
@@ -151,7 +152,6 @@ it('should provide a reasonable error in verifyIdToken with wrong parameters',
      const audience = 'fakeAudience';
      const payload =
          {aud: 'aud', sub: 'sub', iss: 'iss', iat: 1514162443, exp: 1514166043};
-     nock(baseUrl).get('/oauth2/v1/certs').reply(200, fakeCerts);
      client.verifySignedJwtWithCerts =
          (jwt: string, certs: {}, requiredAudience: string|string[],
           issuers?: string[], theMaxExpiry?: number) => {

diff --git a/test/test.transporters.ts b/test/test.transporters.ts
@@ -67,25 +67,23 @@ it('should not append default client user agent to the existing user agent more
 it('should create a single error from multiple response errors', done => {
   const firstError = {message: 'Error 1'};
   const secondError = {message: 'Error 2'};
-  nock('http://example.com').get('/api').reply(400, {
-    error: {code: 500, errors: [firstError, secondError]}
+  const url = 'http://example.com';
+  const scope = nock(url).get('/').reply(
+      400, {error: {code: 500, errors: [firstError, secondError]}});
+  transporter.request({url}, (error) => {
+    scope.done();
+    assert.strictEqual(error!.message, 'Error 1\nError 2');
+    assert.equal((error as RequestError).code, 500);
+    assert.equal((error as RequestError).errors.length, 2);
+    done();
   });
-  transporter.request(
-      {
-        url: 'http://example.com/api',
-      },
-      (error) => {
-        assert.strictEqual(error!.message, 'Error 1\nError 2');
-        assert.equal((error as RequestError).code, 500);
-        assert.equal((error as RequestError).errors.length, 2);
-        done();
-      });
 });
 
 it('should return an error for a 404 response', done => {
   const url = 'http://example.com';
-  nock(url).get('/').reply(404, 'Not found');
+  const scope = nock(url).get('/').reply(404, 'Not found');
   transporter.request({url}, error => {
+    scope.done();
     assert.strictEqual(error!.message, 'Not found');
     assert.equal((error as RequestError).code, 404);
     done();
@@ -124,6 +122,7 @@ it('should support invocation with async/await', async () => {
   const url = 'http://example.com';
   const scope = nock(url).get('/').reply(200);
   const res = await transporter.request({url});
+  scope.done();
   assert.equal(res.status, 200);
 });
 
@@ -134,6 +133,7 @@ it('should throw if using async/await', async () => {
     await transporter.request({url});
   } catch (e) {
     assert.equal(e.message, 'florg');
+    scope.done();
     return;
   }
   throw new Error('Expected to throw');
@@ -143,6 +143,7 @@ it('should work with a callback', done => {
   const url = 'http://example.com';
   const scope = nock(url).get('/').reply(200);
   transporter.request({url}, (err, res) => {
+    scope.done();
     assert.equal(err, null);
     assert.equal(res!.status, 200);
     done();
@@ -152,35 +153,37 @@ it('should work with a callback', done => {
 it('should use the http proxy if one is configured', async () => {
   process.env['http_proxy'] = 'http://han:solo@proxy-server:1234';
   const transporter = new DefaultTransporter();
-  nock('http://proxy-server:1234')
-      .get('http://example.com/fake', undefined, {
-        reqheaders: {
-          'host': 'example.com',
-          'accept': /.*/g,
-          'user-agent': /google-api-nodejs-client\/.*/g,
-          'proxy-authorization': /.*/g
-        }
-      })
-      .reply(200);
+  const scope = nock('http://proxy-server:1234')
+                    .get('http://example.com/fake', undefined, {
+                      reqheaders: {
+                        'host': 'example.com',
+                        'accept': /.*/g,
+                        'user-agent': /google-api-nodejs-client\/.*/g,
+                        'proxy-authorization': /.*/g
+                      }
+                    })
+                    .reply(200);
   const url = 'http://example.com/fake';
   const result = await transporter.request({url});
+  scope.done();
   assert.equal(result.status, 200);
 });
 
 it('should use the https proxy if one is configured', async () => {
   process.env['https_proxy'] = 'https://han:solo@proxy-server:1234';
   const transporter = new DefaultTransporter();
-  nock('https://proxy-server:1234')
-      .get('https://example.com/fake', undefined, {
-        reqheaders: {
-          'host': 'example.com',
-          'accept': /.*/g,
-          'user-agent': /google-api-nodejs-client\/.*/g,
-          'proxy-authorization': /.*/g
-        }
-      })
-      .reply(200);
+  const scope = nock('https://proxy-server:1234')
+                    .get('https://example.com/fake', undefined, {
+                      reqheaders: {
+                        'host': 'example.com',
+                        'accept': /.*/g,
+                        'user-agent': /google-api-nodejs-client\/.*/g,
+                        'proxy-authorization': /.*/g
+                      }
+                    })
+                    .reply(200);
   const url = 'https://example.com/fake';
   const result = await transporter.request({url});
+  scope.done();
   assert.equal(result.status, 200);
 });