/* * Copyright (C) Sapphirecode - All Rights Reserved * This file is part of Auth-Server-Helper which is released under MIT. * See file 'LICENSE' for full license details. * Created by Timo Hocker , December 2020 */ import { hash_sha512 } from '@sapphirecode/crypto-helper'; import auth from '../../lib/Authority'; import bl from '../../lib/Blacklist'; function modify_signature (signature: string): string { const dec = decodeURIComponent (signature) .split ('.'); dec[1] = hash_sha512 ('', ''); return encodeURIComponent (dec.join ('.')); } // eslint-disable-next-line max-lines-per-function describe ('authority', () => { beforeEach (() => { jasmine.clock () .install (); jasmine.clock () .mockDate (new Date); }); afterEach (() => { jasmine.clock () .tick (24 * 60 * 60 * 1000); jasmine.clock () .uninstall (); }); it ('should create an access token', () => { const token = auth.sign ('access_token', 60); jasmine.clock () .tick (30000); const res = auth.verify (token.signature); expect (res.authorized) .toBeTrue (); expect (res.valid) .toBeTrue (); expect (res.type) .toEqual ('access_token'); expect (res.next_module) .toBeUndefined (); }); it ('should create a refresh token', () => { const token = auth.sign ('refresh_token', 600); jasmine.clock () .tick (30000); const res = auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeTrue (); expect (res.type) .toEqual ('refresh_token'); expect (res.next_module) .toBeUndefined (); }); it ('should create a part token', () => { const token = auth.sign ('part_token', 60, '2fa'); jasmine.clock () .tick (30000); const res = auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeTrue (); expect (res.type) .toEqual ('part_token'); expect (res.next_module) .toEqual ('2fa'); }); it ('should reject an invalid access token', () => { const token = auth.sign ('access_token', 60); token.signature = modify_signature (token.signature); jasmine.clock () .tick (30000); const res = auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeFalse (); expect (res.type) .toEqual ('none'); expect (res.next_module) .toBeUndefined (); }); it ('should reject blacklisted access token', () => { const token = auth.sign ('access_token', 60); jasmine.clock () .tick (30000); bl.add_signature (token.id); const res = auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeFalse (); expect (res.type) .toEqual ('access_token'); expect (res.next_module) .toBeUndefined (); }); it ('should reject an invalid refresh token', () => { const token = auth.sign ('refresh_token', 600); token.signature = modify_signature (token.signature); jasmine.clock () .tick (30000); const res = auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeFalse (); expect (res.type) .toEqual ('none'); expect (res.next_module) .toBeUndefined (); }); it ('should reject a blacklisted refresh token', () => { const token = auth.sign ('refresh_token', 600); jasmine.clock () .tick (30000); bl.add_signature (token.id); const res = auth.verify (token.signature); expect (res.authorized) .toBeFalse (); expect (res.valid) .toBeFalse (); expect (res.type) .toEqual ('refresh_token'); expect (res.next_module) .toBeUndefined (); }); });