-
Notifications
You must be signed in to change notification settings - Fork 182
/
authentication.test.js
118 lines (103 loc) · 3.52 KB
/
authentication.test.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
/* globals describe, it, expect, beforeAll */
const zapier = require('zapier-platform-core');
zapier.tools.env.inject(); // read from the .env file
const App = require('../index');
const appTester = zapier.createAppTester(App);
// Only here so the tests out of the box.
// You should create a `.env` file and populate it with the necessarily configuration
// it should look like:
/*
CLIENT_ID=1234
CLIENT_SECRET=asdf
*/
// then you can delete the following 2 lines
process.env.CLIENT_ID = process.env.CLIENT_ID || '1234';
process.env.CLIENT_SECRET = process.env.CLIENT_SECRET || 'asdf';
describe('oauth2 app', () => {
beforeAll(() => {
// It's a good idea to store your Client ID and Secret in the environment rather than in code.
if (!(process.env.CLIENT_ID && process.env.CLIENT_SECRET)) {
throw new Error(
`Before running the tests, make sure CLIENT_ID and CLIENT_SECRET are available in the environment.`
);
}
});
it('generates an authorize URL', async () => {
const bundle = {
// In production, these will be generated by Zapier and set automatically
inputData: {
state: '4444',
redirect_uri: 'https://zapier.com/',
},
environment: {
CLIENT_ID: process.env.CLIENT_ID,
CLIENT_SECRET: process.env.CLIENT_SECRET,
},
};
const authorizeUrl = await appTester(
App.authentication.oauth2Config.authorizeUrl,
bundle
);
expect(authorizeUrl).toBe(
'https://auth-json-server.zapier-staging.com/oauth/authorize?client_id=1234&state=4444&redirect_uri=https%3A%2F%2Fzapier.com%2F&response_type=code'
);
});
it('can fetch an access token', async () => {
const bundle = {
inputData: {
// In production, Zapier passes along whatever code your API set in the query params when it redirects
// the user's browser to the `redirect_uri`
code: 'one_time_code',
},
environment: {
CLIENT_ID: process.env.CLIENT_ID,
CLIENT_SECRET: process.env.CLIENT_SECRET,
},
cleanedRequest: {
querystring: {
accountDomain: 'test-account',
code: 'one_time_code',
},
},
rawRequest: {
querystring: '?accountDomain=test-account&code=one_time_code',
},
};
const result = await appTester(
App.authentication.oauth2Config.getAccessToken,
bundle
);
expect(result.access_token).toBe('a_token');
expect(result.refresh_token).toBe('a_refresh_token');
});
it('can refresh the access token', async () => {
const bundle = {
// In production, Zapier provides these. For testing, we have hard-coded them.
// When writing tests for your own app, you should consider exporting them and doing process.env.MY_ACCESS_TOKEN
authData: {
access_token: 'a_token',
refresh_token: 'a_refresh_token',
},
environment: {
CLIENT_ID: process.env.CLIENT_ID,
CLIENT_SECRET: process.env.CLIENT_SECRET,
},
};
const result = await appTester(
App.authentication.oauth2Config.refreshAccessToken,
bundle
);
expect(result.access_token).toBe('a_token');
});
it('includes the access token in future requests', async () => {
const bundle = {
authData: {
access_token: 'a_token',
refresh_token: 'a_refresh_token',
},
};
const response = await appTester(App.authentication.test, bundle);
expect(response.data).toHaveProperty('username');
expect(response.data.username).toBe('Bret');
});
});