automatic refresh tokens
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
@ -110,8 +110,9 @@ describe ('auth handler', () => {
|
||||
req.deny ();
|
||||
}
|
||||
}, {
|
||||
cookie_name: 'cookie_jar',
|
||||
refresh: {
|
||||
cookie_name: 'cookie_jar',
|
||||
refresh_cookie_name: 'mint_cookies',
|
||||
refresh: {
|
||||
access_token_expires_in: expires_seconds,
|
||||
refresh_token_expires_in: refresh_expires_seconds,
|
||||
include_refresh_token: true
|
||||
@ -158,6 +159,8 @@ describe ('auth handler', () => {
|
||||
.toEqual ('bearer');
|
||||
expect (resp1.headers['set-cookie'])
|
||||
.toContain (`cookie_jar=${res1.at}`);
|
||||
expect (resp1.headers['set-cookie'])
|
||||
.toContain (`mint_cookies=${res1.rt}`);
|
||||
|
||||
check_token (res1.at as string, 'access_token');
|
||||
expect (res1.data.expires_in)
|
||||
@ -177,6 +180,8 @@ describe ('auth handler', () => {
|
||||
.toEqual ('bearer');
|
||||
expect (resp2.headers['set-cookie'])
|
||||
.toContain (`cookie_jar=${res2.at}`);
|
||||
expect (resp2.headers['set-cookie'])
|
||||
.toContain (`mint_cookies=${res2.rt}`);
|
||||
|
||||
check_token (res2.at as string, 'access_token');
|
||||
expect (res2.data.expires_in)
|
||||
@ -207,6 +212,8 @@ describe ('auth handler', () => {
|
||||
.toEqual ('bearer');
|
||||
expect (resp1.headers['set-cookie'])
|
||||
.toContain (`cookie_jar=${res1.at}`);
|
||||
expect (resp1.headers['set-cookie'])
|
||||
.toContain (`mint_cookies=${res1.rt}`);
|
||||
|
||||
check_token (res1.at as string, 'access_token');
|
||||
expect (res1.data.expires_in)
|
||||
@ -230,6 +237,8 @@ describe ('auth handler', () => {
|
||||
.toEqual ('bearer');
|
||||
expect (resp1.headers['set-cookie'])
|
||||
.toContain (`cookie_jar=${res1.at}`);
|
||||
expect (resp1.headers['set-cookie'])
|
||||
.toContain (`mint_cookies=${res1.rt}`);
|
||||
|
||||
check_token (res1.at as string, 'access_token');
|
||||
expect (res1.data.expires_in)
|
||||
@ -301,6 +310,8 @@ describe ('auth handler', () => {
|
||||
.toEqual ('bearer');
|
||||
expect (resp2.headers['set-cookie'])
|
||||
.toContain (`cookie_jar=${res2.at}`);
|
||||
expect (resp2.headers['set-cookie'])
|
||||
.toContain (`mint_cookies=${res2.rt}`);
|
||||
|
||||
check_token (res2.at as string, 'access_token');
|
||||
expect (res2.data.expires_in)
|
||||
@ -354,4 +365,14 @@ describe ('auth handler', () => {
|
||||
expect (signature).not.toEqual ('');
|
||||
check_token (signature, 'access_token');
|
||||
});
|
||||
|
||||
it ('should disallow access and refresh cookies with the same name', () => {
|
||||
expect (() => {
|
||||
create_auth_handler (() => Promise.resolve (), {
|
||||
cookie_name: 'foo',
|
||||
refresh_cookie_name: 'foo'
|
||||
});
|
||||
})
|
||||
.toThrowError ('access and refresh cookies cannot have the same name');
|
||||
});
|
||||
});
|
||||
|
||||
@ -19,8 +19,14 @@ describe ('gateway', () => {
|
||||
clock_setup ();
|
||||
|
||||
const g = create_gateway ({
|
||||
redirect_url: 'http://localhost/auth',
|
||||
cookie_name: 'cookie_jar'
|
||||
redirect_url: 'http://localhost/auth',
|
||||
cookie_name: 'cookie_jar',
|
||||
refresh_cookie_name: 'mint_cookies',
|
||||
refresh_settings: {
|
||||
access_token_expires_in: 600,
|
||||
include_refresh_token: true,
|
||||
refresh_token_expires_in: 3600
|
||||
}
|
||||
});
|
||||
|
||||
server = http.createServer ((req, res) => {
|
||||
@ -70,6 +76,22 @@ describe ('gateway', () => {
|
||||
.toEqual (token.id);
|
||||
});
|
||||
|
||||
it ('should automatically return new tokens', async () => {
|
||||
const token = await authority.sign ('access_token', 60);
|
||||
const refresh = await authority.sign ('refresh_token', 3600);
|
||||
jasmine.clock ()
|
||||
.tick (70000);
|
||||
const resp = await get (
|
||||
// eslint-disable-next-line max-len
|
||||
{ cookie: `foo=bar;cookie_jar=${token.signature};asd=efg;mint_cookies=${refresh.signature}` }
|
||||
);
|
||||
expect (resp.statusCode)
|
||||
.toEqual (200);
|
||||
expect (JSON.parse (resp.body as string).token_id)
|
||||
.not
|
||||
.toEqual (token.id);
|
||||
});
|
||||
|
||||
it ('should correctly deliver token data', async () => {
|
||||
const token = await authority.sign ('access_token', 60, { data: 'foobar' });
|
||||
const resp = await get ({ authorization: `Bearer ${token.signature}` });
|
||||
@ -137,4 +159,11 @@ describe ('gateway', () => {
|
||||
expect (resp.headers.location)
|
||||
.toEqual ('http://localhost/auth');
|
||||
});
|
||||
|
||||
it ('should disallow access and refresh cookies with the same name', () => {
|
||||
expect (() => {
|
||||
create_gateway ({ cookie_name: 'foo', refresh_cookie_name: 'foo' });
|
||||
})
|
||||
.toThrowError ('access and refresh cookies cannot have the same name');
|
||||
});
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user