From 8c9a31a16bd8e16ef3a7ec997a6ee537930ba452 Mon Sep 17 00:00:00 2001 From: Fabian Arndt Date: Tue, 15 Oct 2019 12:54:02 +0200 Subject: [PATCH] Improved test coverage - Added tests for handshakes in namespaces (one roundtrip) - Replaced misleading 'handshake' with 'authentication', where the second roundtrip is used --- lib/index.js | 2 +- test/authorizer_namespaces.test.js | 51 ++++++++++++++++++-- test/authorizer_noqs.test.js | 2 +- test/authorizer_secret_function_noqs.test.js | 2 +- test/fixture/namespace.js | 18 +++++-- 5 files changed, 65 insertions(+), 10 deletions(-) diff --git a/lib/index.js b/lib/index.js index 53cf7c7..977b3d1 100644 --- a/lib/index.js +++ b/lib/index.js @@ -114,7 +114,7 @@ function noQsMethod (options) { }; } -function authorize (options, onConnection) { +function authorize (options) { options = xtend({ decodedPropertyName: 'decoded_token', encodedPropertyName: 'encoded_token' }, options); if (typeof options.secret !== 'string' && typeof options.secret !== 'function') { diff --git a/test/authorizer_namespaces.test.js b/test/authorizer_namespaces.test.js index 69be467..98554b2 100644 --- a/test/authorizer_namespaces.test.js +++ b/test/authorizer_namespaces.test.js @@ -12,7 +12,8 @@ describe('authorizer with namespaces', () => { it('should be able to connect to the default namespace', (done) => { io.connect('http://localhost:9000') - .once('hi', () => done()); + .once('hi', () => done()) + .on('error', done); }); it('should not be able to connect to the admin namespace', (done) => { @@ -21,6 +22,20 @@ describe('authorizer with namespaces', () => { .once('hi admin', () => done(new Error('unauthenticated client was able to connect to the admin namespace'))); }); + it('should not be able to connect to the admin_hs namespace', (done) => { + io.connect('http://localhost:9000/admin_hs') + .once('hi admin', () => done(new Error('unauthenticated client was able to connect to the admin_hs namespace'))) + .on('error', (err) => { + if (err === 'Invalid namespace') { // SocketIO throws this error, if auth failed + return; + } else if (err && err.type == 'UnauthorizedError') { + done(); + } else { + done(err); + } + }); + }); + }); describe('when the user is logged in', () => { @@ -36,11 +51,41 @@ describe('authorizer with namespaces', () => { }); }); - it('should do the handshake and connect', (done) => { + it('should do the authentication and connect', (done) => { io.connect('http://localhost:9000/admin', { forceNew: true }) - .on('authenticated', () => done()) + .on('hi admin', () => done()) + .emit('authenticate', { token: this.token }); + }); + + it('should do the authentication and connect without "forceNew"', (done) => { + io.connect('http://localhost:9000/admin', { forceNew: false }) + .on('hi admin', () => done()) .emit('authenticate', { token: this.token }); }); }); + describe('when the user is logged in via handshake', () => { + + beforeEach((done) => { + request.post({ + url: 'http://localhost:9000/login', + form: { username: 'jose', password: 'Pa123' }, + json: true + }, (err, resp, body) => { + this.token = body.token; + done(); + }); + }); + + it('should do the handshake and connect', (done) => { + io.connect('http://localhost:9000/admin_hs', { forceNew: true, query: 'token=' + this.token }) + .once('hi admin', () => done()); + }); + + it('should do the handshake and connect without "forceNew"', (done) => { + io.connect('http://localhost:9000/admin_hs', { forceNew: false, query: 'token=' + this.token }) + .once('hi admin', () => done()); + }); + }); + }); \ No newline at end of file diff --git a/test/authorizer_noqs.test.js b/test/authorizer_noqs.test.js index 87fe379..f9cc045 100644 --- a/test/authorizer_noqs.test.js +++ b/test/authorizer_noqs.test.js @@ -41,7 +41,7 @@ describe('authorizer without querystring', () => { }); }); - it('should do the handshake and connect', (done) => { + it('should do the authentication and connect', (done) => { const socket = io.connect('http://localhost:9000', { forceNew: true }); socket diff --git a/test/authorizer_secret_function_noqs.test.js b/test/authorizer_secret_function_noqs.test.js index 464d38f..5470ebf 100644 --- a/test/authorizer_secret_function_noqs.test.js +++ b/test/authorizer_secret_function_noqs.test.js @@ -47,7 +47,7 @@ describe('authorizer with secret function', () => { }); }); - it('should do the handshake and connect', (done) => { + it('should do the authentication and connect', (done) => { const socket = io.connect('http://localhost:9000', { forceNew: true }); socket diff --git a/test/fixture/namespace.js b/test/fixture/namespace.js index f8e5f8f..8f1b4bf 100644 --- a/test/fixture/namespace.js +++ b/test/fixture/namespace.js @@ -7,6 +7,7 @@ const socketIo = require('socket.io'); const socketio_jwt = require('../../lib'); const jwt = require('jsonwebtoken'); +const xtend = require('xtend'); const enableDestroy = require('server-destroy'); const bodyParser = require('body-parser'); @@ -44,17 +45,26 @@ exports.start = (callback) => { }); - + // Global namespace (public) sio.on('connection', (socket) => { socket.emit('hi'); }); + // Second roundtrip const admin_nsp = sio.of('/admin'); admin_nsp.on('connection', socketio_jwt.authorize(options)) - .on('authenticated', (socket) => { - socket.emit('hi admin'); - }); + .on('authenticated', (socket) => { + socket.emit('hi admin'); + }); + + // One roundtrip + const admin_nsp_hs = sio.of('/admin_hs'); + + admin_nsp_hs.use(socketio_jwt.authorize(xtend(options, { handshake: true }))); + admin_nsp_hs.on('connection', (socket) => { + socket.emit('hi admin'); + }); server.listen(9000, callback);