90 lines
2.6 KiB
JavaScript
90 lines
2.6 KiB
JavaScript
|
const request = require("supertest");
|
||
|
|
||
|
const createServer = require("../createServer");
|
||
|
const withAuthHeader = require("./utils/withAuthHeader");
|
||
|
const withRevokedToken = require("./utils/withRevokedToken");
|
||
|
const withToken = require("./utils/withToken");
|
||
|
|
||
|
describe("The /api/auth endpoint", () => {
|
||
|
let server;
|
||
|
beforeEach(() => {
|
||
|
server = createServer();
|
||
|
});
|
||
|
|
||
|
describe("POST /api/auth", () => {
|
||
|
it("creates a new auth token", done => {
|
||
|
request(server)
|
||
|
.post("/api/auth")
|
||
|
.end((err, res) => {
|
||
|
expect(res.body).toHaveProperty("token");
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
|
||
|
describe("GET /api/auth", () => {
|
||
|
describe("with no auth", () => {
|
||
|
it("echoes back null", done => {
|
||
|
request(server)
|
||
|
.get("/api/auth")
|
||
|
.end((err, res) => {
|
||
|
expect(res.body).toHaveProperty("auth");
|
||
|
expect(res.body.auth).toBe(null);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
|
||
|
describe("with a revoked auth token", () => {
|
||
|
it("echoes back null", done => {
|
||
|
withRevokedToken({ some: { scope: true } }, token => {
|
||
|
request(server)
|
||
|
.get("/api/auth?token=" + token)
|
||
|
.end((err, res) => {
|
||
|
expect(res.body).toHaveProperty("auth");
|
||
|
expect(res.body.auth).toBe(null);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
|
||
|
describe("with a valid auth token", () => {
|
||
|
describe("in the query string", () => {
|
||
|
it("echoes back the auth payload", done => {
|
||
|
const scopes = { some: { scope: true } };
|
||
|
|
||
|
withToken(scopes, token => {
|
||
|
request(server)
|
||
|
.get("/api/auth?token=" + token)
|
||
|
.end((err, res) => {
|
||
|
expect(res.body).toHaveProperty("auth");
|
||
|
expect(res.body.auth).toBeDefined();
|
||
|
expect(res.body.auth.scopes).toMatchObject(scopes);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
|
||
|
describe("in the Authorization header", () => {
|
||
|
it.only("echoes back the auth payload", done => {
|
||
|
const scopes = { some: { scope: true } };
|
||
|
|
||
|
withAuthHeader(scopes, header => {
|
||
|
request(server)
|
||
|
.get("/api/auth")
|
||
|
.set({ Authorization: header })
|
||
|
.end((err, res) => {
|
||
|
expect(res.body).toHaveProperty("auth");
|
||
|
expect(res.body.auth).toBeDefined();
|
||
|
expect(res.body.auth.scopes).toMatchObject(scopes);
|
||
|
done();
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
});
|
||
|
});
|