more tests, stryker

2020-12-28 14:53:14 +01:00
parent 669bc19943
commit b27ab8c6fc
8 changed files with 811 additions and 427 deletions
--- a/test/spec/Authority.ts
+++ b/test/spec/Authority.ts
@ -1,5 +1,15 @@
+import { hash_sha512 } from '@sapphirecode/crypto-helper';
 import auth from '../../lib/Authority';
+import bl from '../../lib/Blacklist';

+function modify_signature (signature: string): string {
+  const dec = decodeURIComponent (signature)
+    .split ('.');
+  dec[1] = hash_sha512 ('', '');
+  return encodeURIComponent (dec.join ('.'));
+}
+
+// eslint-disable-next-line max-lines-per-function
 describe ('authority', () => {
  beforeEach (() => {
    jasmine.clock ()
@ -9,6 +19,8 @@ describe ('authority', () => {
  });

  afterEach (() => {
+    jasmine.clock ()
+      .tick (24 * 60 * 60 * 1000);
    jasmine.clock ()
      .uninstall ();
  });
@ -20,6 +32,8 @@ describe ('authority', () => {
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeTrue ();
+    expect (res.valid)
+      .toBeTrue ();
    expect (res.type)
      .toEqual ('access_token');
    expect (res.next_module)
@ -33,6 +47,8 @@ describe ('authority', () => {
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
+    expect (res.valid)
+      .toBeTrue ();
    expect (res.type)
      .toEqual ('refresh_token');
    expect (res.next_module)
@ -46,9 +62,75 @@ describe ('authority', () => {
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
+    expect (res.valid)
+      .toBeTrue ();
    expect (res.type)
      .toEqual ('part_token');
    expect (res.next_module)
      .toEqual ('2fa');
  });
+
+  it ('should reject an invalid access token', () => {
+    const token = auth.sign ('access_token', 60);
+    token.signature = modify_signature (token.signature);
+    jasmine.clock ()
+      .tick (30000);
+    const res = auth.verify (token.signature);
+    expect (res.authorized)
+      .toBeFalse ();
+    expect (res.valid)
+      .toBeFalse ();
+    expect (res.type)
+      .toEqual ('none');
+    expect (res.next_module)
+      .toBeUndefined ();
+  });
+
+  it ('should reject blacklisted access token', () => {
+    const token = auth.sign ('access_token', 60);
+    jasmine.clock ()
+      .tick (30000);
+    bl.add_signature (token.id);
+    const res = auth.verify (token.signature);
+    expect (res.authorized)
+      .toBeFalse ();
+    expect (res.valid)
+      .toBeFalse ();
+    expect (res.type)
+      .toEqual ('access_token');
+    expect (res.next_module)
+      .toBeUndefined ();
+  });
+
+  it ('should reject an invalid refresh token', () => {
+    const token = auth.sign ('refresh_token', 600);
+    token.signature = modify_signature (token.signature);
+    jasmine.clock ()
+      .tick (30000);
+    const res = auth.verify (token.signature);
+    expect (res.authorized)
+      .toBeFalse ();
+    expect (res.valid)
+      .toBeFalse ();
+    expect (res.type)
+      .toEqual ('none');
+    expect (res.next_module)
+      .toBeUndefined ();
+  });
+
+  it ('should reject a blacklisted refresh token', () => {
+    const token = auth.sign ('refresh_token', 600);
+    jasmine.clock ()
+      .tick (30000);
+    bl.add_signature (token.id);
+    const res = auth.verify (token.signature);
+    expect (res.authorized)
+      .toBeFalse ();
+    expect (res.valid)
+      .toBeFalse ();
+    expect (res.type)
+      .toEqual ('refresh_token');
+    expect (res.next_module)
+      .toBeUndefined ();
+  });
 });
--- a/test/spec/KeyStore.ts
+++ b/test/spec/KeyStore.ts
@ -95,6 +95,8 @@ describe ('key store', () => {
  });

  afterAll (() => {
+    jasmine.clock ()
+      .tick (24 * 60 * 60 * 1000);
    jasmine.clock ()
      .uninstall ();
  });