auth-server-helper/test/spec/Authority.ts

/*
 * Copyright (C) Sapphirecode - All Rights Reserved
 * This file is part of Auth-Server-Helper which is released under MIT.
 * See file 'LICENSE' for full license details.
 * Created by Timo Hocker <timo@scode.ovh>, December 2020
 */

import auth from '../../lib/Authority';
import bl from '../../lib/Blacklist';
import {
  clock_finalize,
  clock_setup,
  modify_signature
} from '../Helper';

// eslint-disable-next-line max-lines-per-function
describe ('authority', () => {
  beforeEach (() => {
    clock_setup ();
  });

  afterEach (() => {
    clock_finalize ();
  });

  it ('should create an access token', async () => {
    const token = await auth.sign ('access_token', 60);
    jasmine.clock ()
      .tick (30000);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeTrue ();
    expect (res.valid)
      .toBeTrue ();
    expect (res.type)
      .toEqual ('access_token');
    expect (res.next_module)
      .toBeUndefined ();
    expect (res.id)
      .toEqual (token.id);
    expect (res.error)
      .toBeUndefined ();
  });

  it ('should create a refresh token', async () => {
    const token = await auth.sign ('refresh_token', 600);
    jasmine.clock ()
      .tick (30000);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeTrue ();
    expect (res.type)
      .toEqual ('refresh_token');
    expect (res.next_module)
      .toBeUndefined ();
    expect (res.id)
      .toEqual (token.id);
    expect (res.error)
      .toBeUndefined ();
  });

  it ('should create a part token', async () => {
    const token = await auth.sign ('part_token', 60, { next_module: '2fa' });
    jasmine.clock ()
      .tick (30000);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeTrue ();
    expect (res.type)
      .toEqual ('part_token');
    expect (res.next_module)
      .toEqual ('2fa');
    expect (res.id)
      .toEqual (token.id);
    expect (res.error)
      .toBeUndefined ();
  });

  it ('should reject an invalid access token', async () => {
    const token = await auth.sign ('access_token', 60);
    token.signature = modify_signature (token.signature);
    jasmine.clock ()
      .tick (30000);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeFalse ();
    expect (res.type)
      .toEqual ('none');
    expect (res.next_module)
      .toBeUndefined ();
    expect (res.id)
      .toEqual ('');
    expect (res.error)
      .toEqual ('invalid signature');
  });

  it ('should reject blacklisted access token', async () => {
    const token = await auth.sign ('access_token', 60);
    jasmine.clock ()
      .tick (30000);
    bl.add_signature (token.id);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeFalse ();
    expect (res.type)
      .toEqual ('access_token');
    expect (res.next_module)
      .toBeUndefined ();
    expect (res.id)
      .toEqual (token.id);
    expect (res.error)
      .toEqual ('blacklisted');
  });

  it ('should reject an invalid refresh token', async () => {
    const token = await auth.sign ('refresh_token', 600);
    token.signature = modify_signature (token.signature);
    jasmine.clock ()
      .tick (30000);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeFalse ();
    expect (res.type)
      .toEqual ('none');
    expect (res.next_module)
      .toBeUndefined ();
    expect (res.id)
      .toEqual ('');
    expect (res.error)
      .toEqual ('invalid signature');
  });

  it ('should reject a blacklisted refresh token', async () => {
    const token = await auth.sign ('refresh_token', 600);
    jasmine.clock ()
      .tick (30000);
    bl.add_signature (token.id);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeFalse ();
    expect (res.type)
      .toEqual ('refresh_token');
    expect (res.next_module)
      .toBeUndefined ();
    expect (res.id)
      .toEqual (token.id);
    expect (res.error)
      .toEqual ('blacklisted');
  });
});
fix copy notices 2020-12-28 15:04:52 +01:00			`/*`
			`* Copyright (C) Sapphirecode - All Rights Reserved`
			`* This file is part of Auth-Server-Helper which is released under MIT.`
			`* See file 'LICENSE' for full license details.`
			`* Created by Timo Hocker <timo@scode.ovh>, December 2020`
			`*/`

tests for authority 2020-12-19 16:19:09 +01:00			`import auth from '../../lib/Authority';`
more tests, stryker 2020-12-28 14:53:14 +01:00			`import bl from '../../lib/Blacklist';`
asymmetric keys import/export 2021-01-06 22:43:03 +01:00			`import {`
fixes 2021-01-07 15:43:54 +01:00			`clock_finalize,`
			`clock_setup,`
			`modify_signature`
asymmetric keys import/export 2021-01-06 22:43:03 +01:00			`} from '../Helper';`
more tests, stryker 2020-12-28 14:53:14 +01:00
			`// eslint-disable-next-line max-lines-per-function`
tests for authority 2020-12-19 16:19:09 +01:00			`describe ('authority', () => {`
			`beforeEach (() => {`
fixes 2021-01-07 15:43:54 +01:00			`clock_setup ();`
tests for authority 2020-12-19 16:19:09 +01:00			`});`

			`afterEach (() => {`
fixes 2021-01-07 15:43:54 +01:00			`clock_finalize ();`
tests for authority 2020-12-19 16:19:09 +01:00			`});`

asymmetric keys 2021-01-06 16:06:03 +01:00			`it ('should create an access token', async () => {`
			`const token = await auth.sign ('access_token', 60);`
tests for authority 2020-12-19 16:19:09 +01:00			`jasmine.clock ()`
			`.tick (30000);`
			`const res = auth.verify (token.signature);`
			`expect (res.authorized)`
			`.toBeTrue ();`
more tests, stryker 2020-12-28 14:53:14 +01:00			`expect (res.valid)`
			`.toBeTrue ();`
tests for authority 2020-12-19 16:19:09 +01:00			`expect (res.type)`
			`.toEqual ('access_token');`
			`expect (res.next_module)`
			`.toBeUndefined ();`
allow attaching of custom data 2021-01-03 15:32:29 +01:00			`expect (res.id)`
			`.toEqual (token.id);`
			`expect (res.error)`
			`.toBeUndefined ();`
tests for authority 2020-12-19 16:19:09 +01:00			`});`

asymmetric keys 2021-01-06 16:06:03 +01:00			`it ('should create a refresh token', async () => {`
			`const token = await auth.sign ('refresh_token', 600);`
tests for authority 2020-12-19 16:19:09 +01:00			`jasmine.clock ()`
			`.tick (30000);`
			`const res = auth.verify (token.signature);`
			`expect (res.authorized)`
			`.toBeFalse ();`
more tests, stryker 2020-12-28 14:53:14 +01:00			`expect (res.valid)`
			`.toBeTrue ();`
tests for authority 2020-12-19 16:19:09 +01:00			`expect (res.type)`
			`.toEqual ('refresh_token');`
			`expect (res.next_module)`
			`.toBeUndefined ();`
allow attaching of custom data 2021-01-03 15:32:29 +01:00			`expect (res.id)`
			`.toEqual (token.id);`
			`expect (res.error)`
			`.toBeUndefined ();`
tests for authority 2020-12-19 16:19:09 +01:00			`});`

asymmetric keys 2021-01-06 16:06:03 +01:00			`it ('should create a part token', async () => {`
			`const token = await auth.sign ('part_token', 60, { next_module: '2fa' });`
tests for authority 2020-12-19 16:19:09 +01:00			`jasmine.clock ()`
			`.tick (30000);`
			`const res = auth.verify (token.signature);`
			`expect (res.authorized)`
			`.toBeFalse ();`
more tests, stryker 2020-12-28 14:53:14 +01:00			`expect (res.valid)`
			`.toBeTrue ();`
tests for authority 2020-12-19 16:19:09 +01:00			`expect (res.type)`
			`.toEqual ('part_token');`
			`expect (res.next_module)`
			`.toEqual ('2fa');`
allow attaching of custom data 2021-01-03 15:32:29 +01:00			`expect (res.id)`
			`.toEqual (token.id);`
			`expect (res.error)`
			`.toBeUndefined ();`
tests for authority 2020-12-19 16:19:09 +01:00			`});`
more tests, stryker 2020-12-28 14:53:14 +01:00
asymmetric keys 2021-01-06 16:06:03 +01:00			`it ('should reject an invalid access token', async () => {`
			`const token = await auth.sign ('access_token', 60);`
more tests, stryker 2020-12-28 14:53:14 +01:00			`token.signature = modify_signature (token.signature);`
			`jasmine.clock ()`
			`.tick (30000);`
			`const res = auth.verify (token.signature);`
			`expect (res.authorized)`
			`.toBeFalse ();`
			`expect (res.valid)`
			`.toBeFalse ();`
			`expect (res.type)`
			`.toEqual ('none');`
			`expect (res.next_module)`
			`.toBeUndefined ();`
allow attaching of custom data 2021-01-03 15:32:29 +01:00			`expect (res.id)`
			`.toEqual ('');`
			`expect (res.error)`
			`.toEqual ('invalid signature');`
more tests, stryker 2020-12-28 14:53:14 +01:00			`});`

asymmetric keys 2021-01-06 16:06:03 +01:00			`it ('should reject blacklisted access token', async () => {`
			`const token = await auth.sign ('access_token', 60);`
more tests, stryker 2020-12-28 14:53:14 +01:00			`jasmine.clock ()`
			`.tick (30000);`
			`bl.add_signature (token.id);`
			`const res = auth.verify (token.signature);`
			`expect (res.authorized)`
			`.toBeFalse ();`
			`expect (res.valid)`
			`.toBeFalse ();`
			`expect (res.type)`
			`.toEqual ('access_token');`
			`expect (res.next_module)`
			`.toBeUndefined ();`
allow attaching of custom data 2021-01-03 15:32:29 +01:00			`expect (res.id)`
			`.toEqual (token.id);`
			`expect (res.error)`
			`.toEqual ('blacklisted');`
more tests, stryker 2020-12-28 14:53:14 +01:00			`});`

asymmetric keys 2021-01-06 16:06:03 +01:00			`it ('should reject an invalid refresh token', async () => {`
			`const token = await auth.sign ('refresh_token', 600);`
more tests, stryker 2020-12-28 14:53:14 +01:00			`token.signature = modify_signature (token.signature);`
			`jasmine.clock ()`
			`.tick (30000);`
			`const res = auth.verify (token.signature);`
			`expect (res.authorized)`
			`.toBeFalse ();`
			`expect (res.valid)`
			`.toBeFalse ();`
			`expect (res.type)`
			`.toEqual ('none');`
			`expect (res.next_module)`
			`.toBeUndefined ();`
allow attaching of custom data 2021-01-03 15:32:29 +01:00			`expect (res.id)`
			`.toEqual ('');`
			`expect (res.error)`
			`.toEqual ('invalid signature');`
more tests, stryker 2020-12-28 14:53:14 +01:00			`});`

asymmetric keys 2021-01-06 16:06:03 +01:00			`it ('should reject a blacklisted refresh token', async () => {`
			`const token = await auth.sign ('refresh_token', 600);`
more tests, stryker 2020-12-28 14:53:14 +01:00			`jasmine.clock ()`
			`.tick (30000);`
			`bl.add_signature (token.id);`
			`const res = auth.verify (token.signature);`
			`expect (res.authorized)`
			`.toBeFalse ();`
			`expect (res.valid)`
			`.toBeFalse ();`
			`expect (res.type)`
			`.toEqual ('refresh_token');`
			`expect (res.next_module)`
			`.toBeUndefined ();`
allow attaching of custom data 2021-01-03 15:32:29 +01:00			`expect (res.id)`
			`.toEqual (token.id);`
			`expect (res.error)`
			`.toEqual ('blacklisted');`
more tests, stryker 2020-12-28 14:53:14 +01:00			`});`
tests for authority 2020-12-19 16:19:09 +01:00			`});`