CoCalc -- index.js

Summer of Sage Days 2015: San Diego (sd64.25), etc.
react / wstein / node_modules / jest-cli / node_modules / jsdom / node_modules / request / node_modules / hawk / test / index.js
⁸¹¹⁴⁶ views
1
// Load modules
2

3
var Url = require('url');
4
var Code = require('code');
5
var Hawk = require('../lib');
6
var Lab = require('lab');
7

8

9
// Declare internals
10

11
var internals = {};
12

13

14
// Test shortcuts
15

16
var lab = exports.lab = Lab.script();
17
var describe = lab.experiment;
18
var it = lab.test;
19
var expect = Code.expect;
20

21

22
describe('Hawk', function () {
23

24
    var credentialsFunc = function (id, callback) {
25

26
        var credentials = {
27
            id: id,
28
            key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
29
            algorithm: (id === '1' ? 'sha1' : 'sha256'),
30
            user: 'steve'
31
        };
32

33
        return callback(null, credentials);
34
    };
35

36
    it('generates a header then successfully parse it (configuration)', function (done) {
37

38
        var req = {
39
            method: 'GET',
40
            url: '/resource/4?filter=a',
41
            host: 'example.com',
42
            port: 8080
43
        };
44

45
        credentialsFunc('123456', function (err, credentials) {
46

47
            req.authorization = Hawk.client.header(Url.parse('http://example.com:8080/resource/4?filter=a'), req.method, { credentials: credentials, ext: 'some-app-data' }).field;
48
            expect(req.authorization).to.exist();
49

50
            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
51

52
                expect(err).to.not.exist();
53
                expect(credentials.user).to.equal('steve');
54
                expect(artifacts.ext).to.equal('some-app-data');
55
                done();
56
            });
57
        });
58
    });
59

60
    it('generates a header then successfully parse it (node request)', function (done) {
61

62
        var req = {
63
            method: 'POST',
64
            url: '/resource/4?filter=a',
65
            headers: {
66
                host: 'example.com:8080',
67
                'content-type': 'text/plain;x=y'
68
            }
69
        };
70

71
        var payload = 'some not so random text';
72

73
        credentialsFunc('123456', function (err, credentials) {
74

75
            var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
76
            req.headers.authorization = reqHeader.field;
77

78
            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
79

80
                expect(err).to.not.exist();
81
                expect(credentials.user).to.equal('steve');
82
                expect(artifacts.ext).to.equal('some-app-data');
83
                expect(Hawk.server.authenticatePayload(payload, credentials, artifacts, req.headers['content-type'])).to.equal(true);
84

85
                var res = {
86
                    headers: {
87
                        'content-type': 'text/plain'
88
                    }
89
                };
90

91
                res.headers['server-authorization'] = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
92
                expect(res.headers['server-authorization']).to.exist();
93

94
                expect(Hawk.client.authenticate(res, credentials, artifacts, { payload: 'some reply' })).to.equal(true);
95
                done();
96
            });
97
        });
98
    });
99

100
    it('generates a header then successfully parse it (absolute request uri)', function (done) {
101

102
        var req = {
103
            method: 'POST',
104
            url: 'http://example.com:8080/resource/4?filter=a',
105
            headers: {
106
                host: 'example.com:8080',
107
                'content-type': 'text/plain;x=y'
108
            }
109
        };
110

111
        var payload = 'some not so random text';
112

113
        credentialsFunc('123456', function (err, credentials) {
114

115
            var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
116
            req.headers.authorization = reqHeader.field;
117

118
            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
119

120
                expect(err).to.not.exist();
121
                expect(credentials.user).to.equal('steve');
122
                expect(artifacts.ext).to.equal('some-app-data');
123
                expect(Hawk.server.authenticatePayload(payload, credentials, artifacts, req.headers['content-type'])).to.equal(true);
124

125
                var res = {
126
                    headers: {
127
                        'content-type': 'text/plain'
128
                    }
129
                };
130

131
                res.headers['server-authorization'] = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
132
                expect(res.headers['server-authorization']).to.exist();
133

134
                expect(Hawk.client.authenticate(res, credentials, artifacts, { payload: 'some reply' })).to.equal(true);
135
                done();
136
            });
137
        });
138
    });
139

140
    it('generates a header then successfully parse it (no server header options)', function (done) {
141

142
        var req = {
143
            method: 'POST',
144
            url: '/resource/4?filter=a',
145
            headers: {
146
                host: 'example.com:8080',
147
                'content-type': 'text/plain;x=y'
148
            }
149
        };
150

151
        var payload = 'some not so random text';
152

153
        credentialsFunc('123456', function (err, credentials) {
154

155
            var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
156
            req.headers.authorization = reqHeader.field;
157

158
            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
159

160
                expect(err).to.not.exist();
161
                expect(credentials.user).to.equal('steve');
162
                expect(artifacts.ext).to.equal('some-app-data');
163
                expect(Hawk.server.authenticatePayload(payload, credentials, artifacts, req.headers['content-type'])).to.equal(true);
164

165
                var res = {
166
                    headers: {
167
                        'content-type': 'text/plain'
168
                    }
169
                };
170

171
                res.headers['server-authorization'] = Hawk.server.header(credentials, artifacts);
172
                expect(res.headers['server-authorization']).to.exist();
173

174
                expect(Hawk.client.authenticate(res, credentials, artifacts)).to.equal(true);
175
                done();
176
            });
177
        });
178
    });
179

180
    it('generates a header then fails to parse it (missing server header hash)', function (done) {
181

182
        var req = {
183
            method: 'POST',
184
            url: '/resource/4?filter=a',
185
            headers: {
186
                host: 'example.com:8080',
187
                'content-type': 'text/plain;x=y'
188
            }
189
        };
190

191
        var payload = 'some not so random text';
192

193
        credentialsFunc('123456', function (err, credentials) {
194

195
            var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
196
            req.headers.authorization = reqHeader.field;
197

198
            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
199

200
                expect(err).to.not.exist();
201
                expect(credentials.user).to.equal('steve');
202
                expect(artifacts.ext).to.equal('some-app-data');
203
                expect(Hawk.server.authenticatePayload(payload, credentials, artifacts, req.headers['content-type'])).to.equal(true);
204

205
                var res = {
206
                    headers: {
207
                        'content-type': 'text/plain'
208
                    }
209
                };
210

211
                res.headers['server-authorization'] = Hawk.server.header(credentials, artifacts);
212
                expect(res.headers['server-authorization']).to.exist();
213

214
                expect(Hawk.client.authenticate(res, credentials, artifacts, { payload: 'some reply' })).to.equal(false);
215
                done();
216
            });
217
        });
218
    });
219

220
    it('generates a header then successfully parse it (with hash)', function (done) {
221

222
        var req = {
223
            method: 'GET',
224
            url: '/resource/4?filter=a',
225
            host: 'example.com',
226
            port: 8080
227
        };
228

229
        credentialsFunc('123456', function (err, credentials) {
230

231
            req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, payload: 'hola!', ext: 'some-app-data' }).field;
232
            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
233

234
                expect(err).to.not.exist();
235
                expect(credentials.user).to.equal('steve');
236
                expect(artifacts.ext).to.equal('some-app-data');
237
                done();
238
            });
239
        });
240
    });
241

242
    it('generates a header then successfully parse it then validate payload', function (done) {
243

244
        var req = {
245
            method: 'GET',
246
            url: '/resource/4?filter=a',
247
            host: 'example.com',
248
            port: 8080
249
        };
250

251
        credentialsFunc('123456', function (err, credentials) {
252

253
            req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, payload: 'hola!', ext: 'some-app-data' }).field;
254
            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
255

256
                expect(err).to.not.exist();
257
                expect(credentials.user).to.equal('steve');
258
                expect(artifacts.ext).to.equal('some-app-data');
259
                expect(Hawk.server.authenticatePayload('hola!', credentials, artifacts)).to.be.true();
260
                expect(Hawk.server.authenticatePayload('hello!', credentials, artifacts)).to.be.false();
261
                done();
262
            });
263
        });
264
    });
265

266
    it('generates a header then successfully parses and validates payload', function (done) {
267

268
        var req = {
269
            method: 'GET',
270
            url: '/resource/4?filter=a',
271
            host: 'example.com',
272
            port: 8080
273
        };
274

275
        credentialsFunc('123456', function (err, credentials) {
276

277
            req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, payload: 'hola!', ext: 'some-app-data' }).field;
278
            Hawk.server.authenticate(req, credentialsFunc, { payload: 'hola!' }, function (err, credentials, artifacts) {
279

280
                expect(err).to.not.exist();
281
                expect(credentials.user).to.equal('steve');
282
                expect(artifacts.ext).to.equal('some-app-data');
283
                done();
284
            });
285
        });
286
    });
287

288
    it('generates a header then successfully parse it (app)', function (done) {
289

290
        var req = {
291
            method: 'GET',
292
            url: '/resource/4?filter=a',
293
            host: 'example.com',
294
            port: 8080
295
        };
296

297
        credentialsFunc('123456', function (err, credentials) {
298

299
            req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, ext: 'some-app-data', app: 'asd23ased' }).field;
300
            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
301

302
                expect(err).to.not.exist();
303
                expect(credentials.user).to.equal('steve');
304
                expect(artifacts.ext).to.equal('some-app-data');
305
                expect(artifacts.app).to.equal('asd23ased');
306
                done();
307
            });
308
        });
309
    });
310

311
    it('generates a header then successfully parse it (app, dlg)', function (done) {
312

313
        var req = {
314
            method: 'GET',
315
            url: '/resource/4?filter=a',
316
            host: 'example.com',
317
            port: 8080
318
        };
319

320
        credentialsFunc('123456', function (err, credentials) {
321

322
            req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, ext: 'some-app-data', app: 'asd23ased', dlg: '23434szr3q4d' }).field;
323
            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
324

325
                expect(err).to.not.exist();
326
                expect(credentials.user).to.equal('steve');
327
                expect(artifacts.ext).to.equal('some-app-data');
328
                expect(artifacts.app).to.equal('asd23ased');
329
                expect(artifacts.dlg).to.equal('23434szr3q4d');
330
                done();
331
            });
332
        });
333
    });
334

335
    it('generates a header then fail authentication due to bad hash', function (done) {
336

337
        var req = {
338
            method: 'GET',
339
            url: '/resource/4?filter=a',
340
            host: 'example.com',
341
            port: 8080
342
        };
343

344
        credentialsFunc('123456', function (err, credentials) {
345

346
            req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, payload: 'hola!', ext: 'some-app-data' }).field;
347
            Hawk.server.authenticate(req, credentialsFunc, { payload: 'byebye!' }, function (err, credentials, artifacts) {
348

349
                expect(err).to.exist();
350
                expect(err.output.payload.message).to.equal('Bad payload hash');
351
                done();
352
            });
353
        });
354
    });
355

356
    it('generates a header for one resource then fail to authenticate another', function (done) {
357

358
        var req = {
359
            method: 'GET',
360
            url: '/resource/4?filter=a',
361
            host: 'example.com',
362
            port: 8080
363
        };
364

365
        credentialsFunc('123456', function (err, credentials) {
366

367
            req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, ext: 'some-app-data' }).field;
368
            req.url = '/something/else';
369

370
            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
371

372
                expect(err).to.exist();
373
                expect(credentials).to.exist();
374
                done();
375
            });
376
        });
377
    });
378
});
379

380
Product

Resources

Company
