/* * Copyright (C) Sapphirecode - All Rights Reserved * This file is part of Auth-Server-Helper which is released under MIT. * See file 'LICENSE' for full license details. * Created by Timo Hocker , December 2020 */ import auth from '../../lib/Authority'; import bl from '../../lib/Blacklist'; import { clock_finalize, clock_setup, modify_signature } from '../Helper'; // eslint-disable-next-line max-lines-per-function describe ('authority', () => { beforeEach (() => { clock_setup (); }); afterEach (() => { clock_finalize (); }); it ('should create an access token', async () => { const token = await auth.sign ('access_token', 60); jasmine.clock () .tick (30000); const res = await auth.verify (token.signature); expect (res.authorized) .toBeTrue (); expect (res.valid) .toBeTrue (); expect (res.type) .toEqual ('access_token'); expect (res.next_module) .toBeUndefined (); expect (res.id) .toEqual (token.id); expect (res.error) .toBeUndefined (); }); it ('should create a refresh token', async () => { const token = await auth.sign ('refresh_token', 600); jasmine.clock () .tick (30000); const res = await auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeTrue (); expect (res.type) .toEqual ('refresh_token'); expect (res.next_module) .toBeUndefined (); expect (res.id) .toEqual (token.id); expect (res.error) .toBeUndefined (); }); it ('should create a part token', async () => { const token = await auth.sign ('part_token', 60, { next_module: '2fa' }); jasmine.clock () .tick (30000); const res = await auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeTrue (); expect (res.type) .toEqual ('part_token'); expect (res.next_module) .toEqual ('2fa'); expect (res.id) .toEqual (token.id); expect (res.error) .toBeUndefined (); }); it ('should reject an invalid access token', async () => { const token = await auth.sign ('access_token', 60); token.signature = modify_signature (token.signature); jasmine.clock () .tick (30000); const res = await auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeFalse (); expect (res.type) .toEqual ('none'); expect (res.next_module) .toBeUndefined (); expect (res.id) .toEqual (''); expect (res.error) .toEqual ('invalid signature'); }); it ('should reject blacklisted access token', async () => { const token = await auth.sign ('access_token', 60); jasmine.clock () .tick (30000); await bl.add_signature (token.id); const res = await auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeFalse (); expect (res.type) .toEqual ('access_token'); expect (res.next_module) .toBeUndefined (); expect (res.id) .toEqual (token.id); expect (res.error) .toEqual ('blacklisted'); }); it ('should reject an invalid refresh token', async () => { const token = await auth.sign ('refresh_token', 600); token.signature = modify_signature (token.signature); jasmine.clock () .tick (30000); const res = await auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeFalse (); expect (res.type) .toEqual ('none'); expect (res.next_module) .toBeUndefined (); expect (res.id) .toEqual (''); expect (res.error) .toEqual ('invalid signature'); }); it ('should reject a blacklisted refresh token', async () => { const token = await auth.sign ('refresh_token', 600); jasmine.clock () .tick (30000); await bl.add_signature (token.id); const res = await auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeFalse (); expect (res.type) .toEqual ('refresh_token'); expect (res.next_module) .toBeUndefined (); expect (res.id) .toEqual (token.id); expect (res.error) .toEqual ('blacklisted'); }); });