-
Notifications
You must be signed in to change notification settings - Fork 22
/
test.js
115 lines (98 loc) · 3.42 KB
/
test.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
const expect = require('chai').expect;
const bearerToken = require('./');
const cookie = require('cookie-signature');
describe('bearerToken', function () {
var token = 'test-token';
var secret = 'SUPER_SECRET';
it('finds a bearer token in post body under "access_token" and sets it to req.token', function (done) {
var req = {body:{access_token:token}};
bearerToken('secret')(req, {}, function () {
expect(req.token).to.equal(token);
done();
});
});
it('finds a bearer token in query string under "access_token" and sets it to req.token', function (done) {
var req = {query:{access_token:token}};
bearerToken()(req, {}, function () {
expect(req.token).to.equal(token);
done();
});
});
it('finds a bearer token in headers under "authorization: bearer" and sets it to req.token', function (done) {
var req = {headers:{authorization:'Bearer '+token}};
bearerToken()(req, {}, function () {
expect(req.token).to.equal(token);
done();
});
});
it('finds a bearer token in post body under an arbitrary key and sets it to req.token', function (done) {
var req = {body:{test:token}};
bearerToken({bodyKey:'test'})(req, {}, function () {
expect(req.token).to.equal(token);
done();
});
});
it('finds a bearer token in query string under "access_token" and sets it to req.token', function (done) {
var req = {query:{test:token}};
bearerToken({queryKey:'test'})(req, {}, function () {
expect(req.token).to.equal(token);
done();
});
});
it('finds a bearer token in headers under "authorization: <anykey>" and sets it to req.token', function (done) {
var req = {headers:{authorization:'test '+token}};
bearerToken({headerKey:'test'})(req, {}, function () {
expect(req.token).to.equal(token);
done();
});
});
it('finds a bearer token in header SIGNED cookies[<anykey>] and sets it to req.token', function (done) {
// simulate the res.cookie signed prefix 's:'
var signedCookie = encodeURI('s:' + cookie.sign(token, secret));
var req = { headers: { cookie: 'test=' + signedCookie + '; ' } };
bearerToken({ cookie: { key:'test', signed: true, secret: secret } })(req, {}, function () {
expect(req.token).to.equal(token);
done();
});
});
it('finds a bearer token in header NON SIGNED cookies[<anykey>] and sets it to req.token', function (done) {
var req = {headers:{cookie: 'test='+token+'; '}};
bearerToken({cookie:{key: 'test'}})(req, {}, function () {
expect(req.token).to.equal(token);
done();
});
});
it('finds a bearer token and sets it to req[<anykey>]', function (done) {
var req = {body:{access_token:token}};
var reqKey = 'test';
bearerToken({reqKey:reqKey})(req, {}, function() {
expect(req[reqKey]).to.equal(token);
done();
});
});
it('aborts with 400 if token is provided in more than one location', function (done) {
var req = {
query: {
access_token: 'query-token'
},
body: {
access_token: 'query-token'
},
headers: {
authorization: 'bearer header-token',
cookies: 'access_token=cookie-token;'
},
};
var res = {
status: function (code) {
res.code = code;
return res;
},
send: function () {
expect(res.code).to.equal(400);
done();
}
}
bearerToken()(req, res);
});
});