import request from 'supertest';
import createServer from '../createServer';
import withAuthHeader from './utils/withAuthHeader';
import withRevokedToken from './utils/withRevokedToken';
import withToken from './utils/withToken';
describe('The /api/auth endpoint', () => {
let server;
beforeEach(() => {
server = createServer();
});
describe('POST /api/auth', () => {
it('creates a new auth token', done => {
request(server)
.post('/api/auth')
.end((err, res) => {
expect(res.body).toHaveProperty('token');
done();
});
});
});
describe('GET /api/auth', () => {
describe('with no auth', () => {
it('echoes back null', done => {
request(server)
.get('/api/auth')
.end((err, res) => {
expect(res.body).toHaveProperty('auth');
expect(res.body.auth).toBe(null);
done();
});
});
});
describe('with a revoked auth token', () => {
it('echoes back null', done => {
withRevokedToken({ some: { scope: true } }, token => {
request(server)
.get('/api/auth?token=' + token)
.end((err, res) => {
expect(res.body).toHaveProperty('auth');
expect(res.body.auth).toBe(null);
done();
});
});
});
});
describe('with a valid auth token', () => {
describe('in the query string', () => {
it('echoes back the auth payload', done => {
const scopes = { some: { scope: true } };
withToken(scopes, token => {
request(server)
.get('/api/auth?token=' + token)
.end((err, res) => {
expect(res.body).toHaveProperty('auth');
expect(res.body.auth).toBeDefined();
expect(res.body.auth.scopes).toMatchObject(scopes);
done();
});
});
});
});
describe('in the Authorization header', () => {
it('echoes back the auth payload', done => {
const scopes = { some: { scope: true } };
withAuthHeader(scopes, header => {
request(server)
.get('/api/auth')
.set({ Authorization: header })
.end((err, res) => {
expect(res.body).toHaveProperty('auth');
expect(res.body.auth).toBeDefined();
expect(res.body.auth.scopes).toMatchObject(scopes);
done();
});
});
});
});
});
});
});