-
-
Notifications
You must be signed in to change notification settings - Fork 4.8k
/
Copy pathOAuth1.spec.js
162 lines (145 loc) · 5.1 KB
/
OAuth1.spec.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
const OAuth = require('../lib/Adapters/Auth/OAuth1Client');
describe('OAuth', function () {
it('Nonce should have right length', done => {
jequal(OAuth.nonce().length, 30);
done();
});
it('Should properly build parameter string', done => {
const string = OAuth.buildParameterString({ c: 1, a: 2, b: 3 });
jequal(string, 'a=2&b=3&c=1');
done();
});
it('Should properly build empty parameter string', done => {
const string = OAuth.buildParameterString();
jequal(string, '');
done();
});
it('Should properly build signature string', done => {
const string = OAuth.buildSignatureString('get', 'http://dummy.com', '');
jequal(string, 'GET&http%3A%2F%2Fdummy.com&');
done();
});
it('Should properly generate request signature', done => {
let request = {
host: 'dummy.com',
path: 'path',
};
const oauth_params = {
oauth_timestamp: 123450000,
oauth_nonce: 'AAAAAAAAAAAAAAAAA',
oauth_consumer_key: 'hello',
oauth_token: 'token',
};
const consumer_secret = 'world';
const auth_token_secret = 'secret';
request = OAuth.signRequest(request, oauth_params, consumer_secret, auth_token_secret);
jequal(
request.headers['Authorization'],
'OAuth oauth_consumer_key="hello", oauth_nonce="AAAAAAAAAAAAAAAAA", oauth_signature="8K95bpQcDi9Nd2GkhumTVcw4%2BXw%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="123450000", oauth_token="token", oauth_version="1.0"'
);
done();
});
it('Should properly build request', done => {
const options = {
host: 'dummy.com',
consumer_key: 'hello',
consumer_secret: 'world',
auth_token: 'token',
auth_token_secret: 'secret',
// Custom oauth params for tests
oauth_params: {
oauth_timestamp: 123450000,
oauth_nonce: 'AAAAAAAAAAAAAAAAA',
},
};
const path = 'path';
const method = 'get';
const oauthClient = new OAuth(options);
const req = oauthClient.buildRequest(method, path, { query: 'param' });
jequal(req.host, options.host);
jequal(req.path, '/' + path + '?query=param');
jequal(req.method, 'GET');
jequal(req.headers['Content-Type'], 'application/x-www-form-urlencoded');
jequal(
req.headers['Authorization'],
'OAuth oauth_consumer_key="hello", oauth_nonce="AAAAAAAAAAAAAAAAA", oauth_signature="wNkyEkDE%2F0JZ2idmqyrgHdvC0rs%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="123450000", oauth_token="token", oauth_version="1.0"'
);
done();
});
function validateCannotAuthenticateError(data, done) {
jequal(typeof data, 'object');
jequal(typeof data.errors, 'object');
const errors = data.errors;
jequal(typeof errors[0], 'object');
// Cannot authenticate error
jequal(errors[0].code, 32);
done();
}
xit('GET request for a resource that requires OAuth should fail with invalid credentials', done => {
/*
This endpoint has been chosen to make a request to an endpoint that requires OAuth which fails due to missing authentication.
Any other endpoint from the Twitter API that requires OAuth can be used instead in case the currently used endpoint deprecates.
*/
const options = {
host: 'api.twitter.com',
consumer_key: 'invalid_consumer_key',
consumer_secret: 'invalid_consumer_secret',
};
const path = '/1.1/favorites/list.json';
const params = { lang: 'en' };
const oauthClient = new OAuth(options);
oauthClient.get(path, params).then(function (data) {
validateCannotAuthenticateError(data, done);
});
});
xit('POST request for a resource that requires OAuth should fail with invalid credentials', done => {
/*
This endpoint has been chosen to make a request to an endpoint that requires OAuth which fails due to missing authentication.
Any other endpoint from the Twitter API that requires OAuth can be used instead in case the currently used endpoint deprecates.
*/
const options = {
host: 'api.twitter.com',
consumer_key: 'invalid_consumer_key',
consumer_secret: 'invalid_consumer_secret',
};
const body = {
lang: 'en',
};
const path = '/1.1/account/settings.json';
const oauthClient = new OAuth(options);
oauthClient.post(path, null, body).then(function (data) {
validateCannotAuthenticateError(data, done);
});
});
it('Should fail a request', done => {
const options = {
host: 'localhost',
consumer_key: 'XXXXXXXXXXXXXXXXXXXXXXXXX',
consumer_secret: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
};
const body = {
lang: 'en',
};
const path = '/';
const oauthClient = new OAuth(options);
oauthClient
.post(path, null, body)
.then(function () {
jequal(false, true);
done();
})
.catch(function () {
jequal(true, true);
done();
});
});
it('Should fail with missing options', done => {
const options = undefined;
try {
new OAuth(options);
} catch (error) {
jequal(error.message, 'No options passed to OAuth');
done();
}
});
});