unpkg/modules/__tests__/api-auth-test.js

const request = require('supertest');

const createServer = require('../createServer');
const withAuthHeader = require('./utils/withAuthHeader');
const withRevokedToken = require('./utils/withRevokedToken');
const withToken = require('./utils/withToken');

describe('The /api/auth endpoint', () => {
  let server;
  beforeEach(() => {
    server = createServer();
  });

  describe('POST /api/auth', () => {
    it('creates a new auth token', done => {
      request(server)
        .post('/api/auth')
        .end((err, res) => {
          expect(res.body).toHaveProperty('token');
          done();
        });
    });
  });

  describe('GET /api/auth', () => {
    describe('with no auth', () => {
      it('echoes back null', done => {
        request(server)
          .get('/api/auth')
          .end((err, res) => {
            expect(res.body).toHaveProperty('auth');
            expect(res.body.auth).toBe(null);
            done();
          });
      });
    });

    describe('with a revoked auth token', () => {
      it('echoes back null', done => {
        withRevokedToken({ some: { scope: true } }, token => {
          request(server)
            .get('/api/auth?token=' + token)
            .end((err, res) => {
              expect(res.body).toHaveProperty('auth');
              expect(res.body.auth).toBe(null);
              done();
            });
        });
      });
    });

    describe('with a valid auth token', () => {
      describe('in the query string', () => {
        it('echoes back the auth payload', done => {
          const scopes = { some: { scope: true } };

          withToken(scopes, token => {
            request(server)
              .get('/api/auth?token=' + token)
              .end((err, res) => {
                expect(res.body).toHaveProperty('auth');
                expect(res.body.auth).toBeDefined();
                expect(res.body.auth.scopes).toMatchObject(scopes);
                done();
              });
          });
        });
      });

      describe('in the Authorization header', () => {
        it('echoes back the auth payload', done => {
          const scopes = { some: { scope: true } };

          withAuthHeader(scopes, header => {
            request(server)
              .get('/api/auth')
              .set({ Authorization: header })
              .end((err, res) => {
                expect(res.body).toHaveProperty('auth');
                expect(res.body.auth).toBeDefined();
                expect(res.body.auth.scopes).toMatchObject(scopes);
                done();
              });
          });
        });
      });
    });
  });
});