auth-server-helper/test/spec/Authority.ts

import { hash_sha512 } from '@sapphirecode/crypto-helper';
import auth from '../../lib/Authority';
import bl from '../../lib/Blacklist';

function modify_signature (signature: string): string {
  const dec = decodeURIComponent (signature)
    .split ('.');
  dec[1] = hash_sha512 ('', '');
  return encodeURIComponent (dec.join ('.'));
}

// eslint-disable-next-line max-lines-per-function
describe ('authority', () => {
  beforeEach (() => {
    jasmine.clock ()
      .install ();
    jasmine.clock ()
      .mockDate (new Date);
  });

  afterEach (() => {
    jasmine.clock ()
      .tick (24 * 60 * 60 * 1000);
    jasmine.clock ()
      .uninstall ();
  });

  it ('should create an access token', () => {
    const token = auth.sign ('access_token', 60);
    jasmine.clock ()
      .tick (30000);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeTrue ();
    expect (res.valid)
      .toBeTrue ();
    expect (res.type)
      .toEqual ('access_token');
    expect (res.next_module)
      .toBeUndefined ();
  });

  it ('should create a refresh token', () => {
    const token = auth.sign ('refresh_token', 600);
    jasmine.clock ()
      .tick (30000);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeTrue ();
    expect (res.type)
      .toEqual ('refresh_token');
    expect (res.next_module)
      .toBeUndefined ();
  });

  it ('should create a part token', () => {
    const token = auth.sign ('part_token', 60, '2fa');
    jasmine.clock ()
      .tick (30000);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeTrue ();
    expect (res.type)
      .toEqual ('part_token');
    expect (res.next_module)
      .toEqual ('2fa');
  });

  it ('should reject an invalid access token', () => {
    const token = auth.sign ('access_token', 60);
    token.signature = modify_signature (token.signature);
    jasmine.clock ()
      .tick (30000);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeFalse ();
    expect (res.type)
      .toEqual ('none');
    expect (res.next_module)
      .toBeUndefined ();
  });

  it ('should reject blacklisted access token', () => {
    const token = auth.sign ('access_token', 60);
    jasmine.clock ()
      .tick (30000);
    bl.add_signature (token.id);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeFalse ();
    expect (res.type)
      .toEqual ('access_token');
    expect (res.next_module)
      .toBeUndefined ();
  });

  it ('should reject an invalid refresh token', () => {
    const token = auth.sign ('refresh_token', 600);
    token.signature = modify_signature (token.signature);
    jasmine.clock ()
      .tick (30000);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeFalse ();
    expect (res.type)
      .toEqual ('none');
    expect (res.next_module)
      .toBeUndefined ();
  });

  it ('should reject a blacklisted refresh token', () => {
    const token = auth.sign ('refresh_token', 600);
    jasmine.clock ()
      .tick (30000);
    bl.add_signature (token.id);
    const res = auth.verify (token.signature);
    expect (res.authorized)
      .toBeFalse ();
    expect (res.valid)
      .toBeFalse ();
    expect (res.type)
      .toEqual ('refresh_token');
    expect (res.next_module)
      .toBeUndefined ();
  });
});