Skip to content

Commit

Permalink
- added decodedAccessToken and decodedRefreshToken to refresh token r…
Browse files Browse the repository at this point in the history 
…esponse

- updated dependencies

- fixed Unit tests
  • Loading branch information
vzakharchenko committed Sep 28, 2021
1 parent 6224e5d commit bda4419
Show file tree
Hide file tree
Showing 11 changed files with 72 additions and 35 deletions.
28 changes: 14 additions & 14 deletions package.json
View file
@@ -1,6 +1,6 @@
{
"name": "keycloak-lambda-authorizer",
"version": "1.0.6",
"version": "1.0.7",
"description": "Keycloak Cloud Adapter",
"main": "index.js",
"homepage": "https://github.com/vzakharchenko/keycloak-lambda-authorizer",
Expand Down Expand Up @@ -40,32 +40,32 @@
"author": "vzakharchenko",
"license": "Apache-2.0",
"devDependencies": {
"@babel/plugin-transform-runtime": "^7.14.5",
"@babel/plugin-transform-runtime": "^7.15.0",
"@babel/polyfill": "^7.12.1",
"@babel/runtime": "^7.14.8",
"@babel/runtime": "^7.15.4",
"@shopify/eslint-plugin": "^40.4.0",
"@types/cookie": "^0.4.1",
"@types/cookie-parser": "^1.4.2",
"@types/jest": "^26.0.24",
"@types/jsonwebtoken": "^8.5.4",
"@types/jest": "^27.0.2",
"@types/jsonwebtoken": "^8.5.5",
"@types/jws": "^3.2.4",
"@types/node-forge": "^0.10.2",
"@types/node-forge": "^0.10.5",
"@types/uuid": "^8.3.1",
"@typescript-eslint/eslint-plugin": "^4.28.4",
"@typescript-eslint/parser": "^4.28.4",
"@typescript-eslint/eslint-plugin": "^4.32.0",
"@typescript-eslint/parser": "^4.32.0",
"babel-eslint": "^10.1.0",
"coveralls": "^3.1.1",
"eslint": "^7.31.0",
"eslint": "^7.32.0",
"eslint-config-airbnb": "^18.2.1",
"eslint-plugin-import": "^2.23.4",
"eslint-plugin-import": "^2.24.2",
"eslint-plugin-no-loops": "^0.3.0",
"jest": "^27.0.6",
"ts-jest": "^27.0.4",
"typescript": "^4.3.5"
"jest": "^27.2.2",
"ts-jest": "^27.0.5",
"typescript": "^4.4.3"
},
"dependencies": {
"aws-arn-parser": "^1.0.1",
"axios": "^0.21.1",
"axios": "^0.21.4",
"cookie": "^0.4.1",
"get-keycloak-public-key": "^1.0.3",
"jsonwebtoken": "^8.5.1",
Expand Down
6 changes: 3 additions & 3 deletions src/adapters/ApigatewayAdapter.test.ts
View file
Expand Up @@ -61,7 +61,7 @@ describe('ApigatewayAdapter tests', () => {
// @ts-ignore
authorizationToken: null,
});
} catch (e) {
} catch (e:any) {
expect(e.message).toEqual('Expected \'event.authorizationToken\' parameter to be set');
error = true;
}
Expand All @@ -78,7 +78,7 @@ describe('ApigatewayAdapter tests', () => {
await new DefaultApigatewayAdapter({securityAdapter: new DummySecurityAdapter()}).validate({
authorizationToken: "JWT",
});
} catch (e) {
} catch (e:any) {
expect(e.message).toEqual('Invalid Authorization token - \'JWT\' does not match \'Bearer .*\'');
error = true;
}
Expand All @@ -95,7 +95,7 @@ describe('ApigatewayAdapter tests', () => {
await new DefaultApigatewayAdapter({securityAdapter: new DummySecurityAdapter()}).validate({
authorizationToken: "Bearer",
});
} catch (e) {
} catch (e:any) {
expect(e.message).toEqual('Invalid Authorization token - \'Bearer\' does not match \'Bearer .*\'');
error = true;
}
Expand Down
3 changes: 2 additions & 1 deletion src/cache/DefaultCache.test.ts
View file
Expand Up @@ -52,7 +52,7 @@ describe('KeycloakUtils tests', () => {
let error = false;
try {
cache.put('error', 'key', 100);
} catch (e) {
} catch (e:any) {
error = true;
expect(e.message).toEqual('Unsupported Region');
}
Expand All @@ -70,6 +70,7 @@ describe('KeycloakUtils tests', () => {
cache.get('error', 'key');
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('Unsupported Region');
}
if (!error) {
Expand Down
36 changes: 26 additions & 10 deletions src/clients/ClientAuthorization.test.ts
View file
Expand Up @@ -157,7 +157,7 @@ describe('ClientAuthorization tests', () => {
}).clientIdAuthorization(
requestContent,
);
} catch (e) {
} catch (e:any) {
error = true;
expect(e.message).toEqual('Unsupported Credential Type');
}
Expand Down Expand Up @@ -238,8 +238,9 @@ describe('ClientAuthorization tests', () => {
}).clientJWT(
{id: 'test'}, {key: 'test'},
);
} catch (e) {
} catch (e:any) {
error = true;
// @ts-ignore
expect(e.message).toEqual('error:0909006C:PEM routines:get_name:no start line');
}
expect(error).toEqual(true);
Expand Down Expand Up @@ -275,8 +276,9 @@ describe('ClientAuthorization tests', () => {
}).exchangeRPT(
requestContent, "token", 'clientId',
);
} catch (e) {
} catch (e:any) {
error = true;
// @ts-ignore
expect(e.message).toEqual('SyntaxError: Unexpected token d in JSON at position 0');
}
expect(error).toEqual(true);
Expand Down Expand Up @@ -377,7 +379,7 @@ describe('ClientAuthorization tests', () => {
requestContent,
{},
);
} catch (e) {
} catch (e:any) {
error = true;
expect(e.message).toEqual('Not able to refresh token');
}
Expand Down Expand Up @@ -418,8 +420,9 @@ describe('ClientAuthorization tests', () => {
requestContent,
{},
);
} catch (e) {
} catch (e:any) {
error = true;
// @ts-ignore
expect(e.message).toEqual('Not able to refresh token');
}
expect(error).toEqual(true);
Expand Down Expand Up @@ -458,8 +461,9 @@ describe('ClientAuthorization tests', () => {
requestContent,
{},
);
} catch (e) {
} catch (e:any) {
error = true;
// @ts-ignore
expect(e.message).toEqual('Not able to refresh token');
}
expect(error).toEqual(true);
Expand Down Expand Up @@ -499,7 +503,10 @@ describe('ClientAuthorization tests', () => {
decodedRefreshToken: {},
refresh_expires_in: 10,
}})).toEqual({
token: {},
token: {
decodedAccessToken: null,
decodedRefreshToken: null,
},
});
});

Expand All @@ -523,7 +530,10 @@ describe('ClientAuthorization tests', () => {
refresh_expires_in: 10,
}}, () => ({resource: {}}),
)).toEqual({
token: {},
token: {
decodedAccessToken: null,
decodedRefreshToken: null,
},
});
});

Expand All @@ -548,7 +558,10 @@ describe('ClientAuthorization tests', () => {
refresh_expires_in: 10,
}}, () => ({realmRole: 'realmRole'}),
)).toEqual({
token: {},
token: {
decodedAccessToken: null,
decodedRefreshToken: null,
},
});
});
test('ClientAuthorization test keycloakRefreshToken enforce skip 2', async () => {
Expand All @@ -572,7 +585,10 @@ describe('ClientAuthorization tests', () => {
// @ts-ignore
}}, () => ({clientRole: {clientRole: 'clientRole', clientId: 'clientId'}}),
)).toEqual({
token: {},
token: {
decodedAccessToken: null,
decodedRefreshToken: null,
},
});
});

Expand Down
4 changes: 3 additions & 1 deletion src/clients/ClientAuthorization.ts
View file
Expand Up @@ -137,7 +137,7 @@ export class DefaultClientAuthorization implements ClientAuthorization {
'Content-Type': 'application/x-www-form-urlencoded',
});
return JSON.parse(response);
} catch (e) {
} catch (e:any) {
throw new Error(e);
}
}
Expand Down Expand Up @@ -225,6 +225,8 @@ export class DefaultClientAuthorization implements ClientAuthorization {
data,
{'Content-Type': 'application/x-www-form-urlencoded'});
tokenJson = JSON.parse(tokenResponse);
tokenJson.decodedAccessToken = jsonwebtoken.decode(tokenJson.access_token);
tokenJson.decodedRefreshToken = jsonwebtoken.decode(tokenJson.refresh_token);
} catch (e) {
this.options.logger.error(`wrong refresh token for ${realmName}`, e);
return null;
Expand Down
5 changes: 5 additions & 0 deletions src/enforcer/ClientRoleEnforcer.test.ts
View file
Expand Up @@ -42,6 +42,7 @@ describe('ClientRoleEnforcer tests', () => {
});
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('enforcer does not provided');
}
if (!error) {
Expand All @@ -60,6 +61,7 @@ describe('ClientRoleEnforcer tests', () => {
});
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('Client Role is Empty');
}
if (!error) {
Expand All @@ -79,6 +81,7 @@ describe('ClientRoleEnforcer tests', () => {
});
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('Access Denied');
}
if (!error) {
Expand All @@ -98,6 +101,7 @@ describe('ClientRoleEnforcer tests', () => {
});
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('Access Denied');
}
if (!error) {
Expand All @@ -122,6 +126,7 @@ describe('ClientRoleEnforcer tests', () => {
});
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('Access Denied');
}
if (!error) {
Expand Down
1 change: 1 addition & 0 deletions src/enforcer/Enforcer.test.ts
View file
Expand Up @@ -62,6 +62,7 @@ describe('Enforcer tests', () => {
});
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('enforcer does not provided');
}
if (!error) {
Expand Down
4 changes: 4 additions & 0 deletions src/enforcer/RealmRoleEnforcer.test.ts
View file
Expand Up @@ -38,6 +38,7 @@ describe('RealmRoleEnforcer tests', () => {
});
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('enforcer does not provided');
}
if (!error) {
Expand All @@ -56,6 +57,7 @@ describe('RealmRoleEnforcer tests', () => {
});
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('Realm Role is Empty');
}
if (!error) {
Expand All @@ -74,6 +76,7 @@ describe('RealmRoleEnforcer tests', () => {
});
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('Access Denied');
}
if (!error) {
Expand All @@ -97,6 +100,7 @@ describe('RealmRoleEnforcer tests', () => {
});
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('Access Denied');
}
if (!error) {
Expand Down
1 change: 1 addition & 0 deletions src/enforcer/ResourceEnforcer.test.ts
View file
Expand Up @@ -26,6 +26,7 @@ describe('ResourceEnforcer tests', () => {
});
} catch (e) {
error = true;
// @ts-ignore
expect(e.message).toEqual('enforcer does not provided');
}
if (!error) {
Expand Down
6 changes: 6 additions & 0 deletions src/enforcer/resource/Resource.test.ts
View file
Expand Up @@ -97,6 +97,7 @@ describe('Resource tests', () => {
resources: [],
resource: {scope: 'WRITE'}});
} catch (e) {
// @ts-ignore
expect(e.message).toEqual('Access is denied');
error = true;
}
Expand Down Expand Up @@ -124,6 +125,7 @@ describe('Resource tests', () => {
resources: [],
resource: {scope: 'READ'}});
} catch (e) {
// @ts-ignore
expect(e.message).toEqual('Access is denied');
error = true;
}
Expand All @@ -145,6 +147,7 @@ describe('Resource tests', () => {
resources: [],
resource: {scope: 'READ'}});
} catch (e) {
// @ts-ignore
expect(e.message).toEqual('Access is denied');
error = true;
}
Expand Down Expand Up @@ -175,6 +178,7 @@ describe('Resource tests', () => {
await dr.matchResource({token: {payload: {}}}, {
resources: []});
} catch (e) {
// @ts-ignore
expect(e.message).toEqual('Access is denied');
error = true;
}
Expand Down Expand Up @@ -204,6 +208,7 @@ describe('Resource tests', () => {
// @ts-ignore
await dr.matchResource({token: {payload: {}}}, {});
} catch (e) {
// @ts-ignore
expect(e.message).toEqual('Access is denied');
error = true;
}
Expand All @@ -220,6 +225,7 @@ describe('Resource tests', () => {
// @ts-ignore
await dr.matchResource({token: {payload: {}}}, null);
} catch (e) {
// @ts-ignore
expect(e.message).toEqual('enforcer does not exists');
error = true;
}
Expand Down

0 comments on commit bda4419

Please sign in to comment.