Test access encoding.

jaredhanson · May 18, 2018 · b7e3878 · b7e3878
1 parent 8984de3
commit b7e3878
Show file tree

Hide file tree

Showing 4 changed files with 57 additions and 11 deletions.
diff --git a/Makefile b/Makefile
@@ -2,7 +2,7 @@ include node_modules/@jaredhanson/make-node/main.mk
 
 
 SOURCES ?= lib/*.js lib/**/*.js
-TESTS ?= test/*.test.js test/**/*.test.js
+TESTS ?= test/*.test.js test/**/*.test.js test/**/**/*.test.js
 
 MOCHAFLAGS = --require ./test/bootstrap/node
 LCOVFILE = ./reports/coverage/lcov.info

diff --git a/lib/types/access/decode.js b/lib/types/access/decode.js
@@ -17,7 +17,7 @@ exports = module.exports = function() {
 
     var params = {};
     params.subject = { id: claims.sub };
-    params.client = { id: claims.cid };
+    params.client = { id: claims.client_id };
     return cb(null, params);
   };
 };
diff --git a/lib/types/access/encode.js b/lib/types/access/encode.js
@@ -1,10 +1,6 @@
 exports = module.exports = function() {
 
   return function translate(ctx, cb) {
-    console.log('TRANSLATE TO JWT!');
-    console.log(ctx);
-
-
     var claims = {}
       , i, len;
 
@@ -14,19 +10,21 @@ exports = module.exports = function() {
 
     if (ctx.permissions) {
       claims.aud = [];
-      claims.scp = [];
+      claims.scope = '';
 
       for (i = 0, len = ctx.permissions.length; i < len; ++i) {
-        claims.aud.push(ctx.permissions[i].resource.id);
-        claims.scp.push(ctx.permissions[i].scope);
+        claims.aud.push(ctx.permissions[i].resource.identifier);
+        claims.scope += ctx.permissions[i].scope.join(' ');
       }
 
-      // TODO: Set audience to a string, if single-valued
+      if (claims.aud.length == 1) {
+        claims.aud = claims.aud[0];
+      }
     }
 
     if (ctx.client) {
       // https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-07#section-4.3
-      claims.cid = ctx.client.id;
+      claims.client_id = ctx.client.id;
     }
 
     // https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-07#section-4.2

diff --git a/test/types/access/encode.test.js b/test/types/access/encode.test.js
@@ -0,0 +1,48 @@
+var setup = require('../../../lib/types/access/encode');
+
+
+describe('types/access/encode', function() {
+
+  describe('an access token', function() {
+    var claims;
+
+    before(function(done) {
+      var msg = {
+        user: {
+          id: '1',
+          displayName: 'John Doe'
+        },
+        client: {
+          id: 's6BhdRkqt3',
+          name: 'Example Client'
+        },
+        permissions: [ {
+          resource: {
+            id: '112210f47de98100',
+            identifier: 'https://api.example.com/'
+          },
+          scope: [ 'read:foo', 'write:foo', 'read:bar' ]
+        } ]
+      }
+
+      var encode = setup();
+      encode(msg, function(err, c) {
+        if (err) { return done(err); }
+        console.log(c)
+
+        claims = c;
+        done();
+      });
+    });
+
+    it('should encode', function() {
+      expect(claims).to.deep.equal({
+        sub: '1',
+        aud: 'https://api.example.com/',
+        scope: 'read:foo write:foo read:bar',
+        client_id: 's6BhdRkqt3',
+      });
+    });
+  }); // an authorization code
+
+});