unpkg/modules/__tests__/api-auth-test.js

const request = require("supertest");

const createServer = require("../createServer");
const withAuthHeader = require("./utils/withAuthHeader");
const withRevokedToken = require("./utils/withRevokedToken");
const withToken = require("./utils/withToken");

describe("The /api/auth endpoint", () => {
  let server;
  beforeEach(() => {
    server = createServer();
  });

  describe("POST /api/auth", () => {
    it("creates a new auth token", done => {
      request(server)
        .post("/api/auth")
        .end((err, res) => {
          expect(res.body).toHaveProperty("token");
          done();
        });
    });
  });

  describe("GET /api/auth", () => {
    describe("with no auth", () => {
      it("echoes back null", done => {
        request(server)
          .get("/api/auth")
          .end((err, res) => {
            expect(res.body).toHaveProperty("auth");
            expect(res.body.auth).toBe(null);
            done();
          });
      });
    });

    describe("with a revoked auth token", () => {
      it("echoes back null", done => {
        withRevokedToken({ some: { scope: true } }, token => {
          request(server)
            .get("/api/auth?token=" + token)
            .end((err, res) => {
              expect(res.body).toHaveProperty("auth");
              expect(res.body.auth).toBe(null);
              done();
            });
        });
      });
    });

    describe("with a valid auth token", () => {
      describe("in the query string", () => {
        it("echoes back the auth payload", done => {
          const scopes = { some: { scope: true } };

          withToken(scopes, token => {
            request(server)
              .get("/api/auth?token=" + token)
              .end((err, res) => {
                expect(res.body).toHaveProperty("auth");
                expect(res.body.auth).toBeDefined();
                expect(res.body.auth.scopes).toMatchObject(scopes);
                done();
              });
          });
        });
      });

      describe("in the Authorization header", () => {
        it.only("echoes back the auth payload", done => {
          const scopes = { some: { scope: true } };

          withAuthHeader(scopes, header => {
            request(server)
              .get("/api/auth")
              .set({ Authorization: header })
              .end((err, res) => {
                expect(res.body).toHaveProperty("auth");
                expect(res.body.auth).toBeDefined();
                expect(res.body.auth.scopes).toMatchObject(scopes);
                done();
              });
          });
        });
      });
    });
  });
});