Thream/socketio-jwt
Archived
2
1
Fork 0
Code Issues Pull Requests Releases Activity

Add ability to generate secret dynamically

Browse Source 
This allow you to pass a function instead of an string in order to
generate secret based on the new connection features.
This commit is contained in:
Damian Fortuna
2015-11-18 17:36:24 -03:00
parent d06501e315
commit e094d231b2
5 changed files with 321 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
test/authorizer_secret_function_noqs.test.js Normal file
View File

@ -0,0 +1,77 @@
var fixture = require('./fixture/secret_function');
var request = require('request');
var io = require('socket.io-client');
describe('authorizer with secret function', function () {
//start and stop the server
before(function (done) {
fixture.start({
handshake: false
} , done);
});
after(fixture.stop);
describe('when the user is not logged in', function () {
describe('and when token is not valid', function() {
beforeEach(function (done) {
request.post({
url: 'http://localhost:9000/login',
json: { username: 'invalid_signature', password: 'Pa123' }
}, function (err, resp, body) {
this.invalidToken = body.token;
done();
}.bind(this));
});
it('should emit unauthorized', function (done){
var socket = io.connect('http://localhost:9000', {
'forceNew':true,
});
var invalidToken = this.invalidToken;
socket.on('unauthorized', function() {
done();
});
socket.on('connect', function(){
socket
.emit('authenticate', { token: invalidToken + 'ass' })
});
});
});
});
describe('when the user is logged in', function() {
beforeEach(function (done) {
request.post({
url: 'http://localhost:9000/login',
json: { username: 'valid_signature', password: 'Pa123' }
}, function (err, resp, body) {
this.token = body.token;
done();
}.bind(this));
});
it('should do the handshake and connect', function (done){
var socket = io.connect('http://localhost:9000', {
'forceNew':true,
});
var token = this.token;
socket.on('connect', function(){
socket.on('echo-response', function () {
socket.close();
done();
}).on('authenticated', function () {
socket.emit('echo');
})
.emit('authenticate', { token: token })
});
});
});
});

73
test/authorizer_secret_function_qs.test.js Normal file
View File

@ -0,0 +1,73 @@
var fixture = require('./fixture/secret_function');
var request = require('request');
var io = require('socket.io-client');
describe('authorizer with secret function', function () {
//start and stop the server
before(fixture.start);
after(fixture.stop);
describe('when the user is not logged in', function () {
it('should emit error with unauthorized handshake', function (done){
var socket = io.connect('http://localhost:9000?token=boooooo', {
'forceNew': true
});
socket.on('error', function(err){
err.message.should.eql("jwt malformed");
err.code.should.eql("invalid_token");
socket.close();
done();
});
});
});
describe('when the user is logged in', function() {
beforeEach(function (done) {
request.post({
url: 'http://localhost:9000/login',
json: { username: 'valid_signature', password: 'Pa123' }
}, function (err, resp, body) {
this.token = body.token;
done();
}.bind(this));
});
it('should do the handshake and connect', function (done){
var socket = io.connect('http://localhost:9000', {
'forceNew':true,
'query': 'token=' + this.token
});
socket.on('connect', function(){
socket.close();
done();
}).on('error', done);
});
});
describe('unsigned token', function() {
beforeEach(function () {
this.token = 'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.';
});
it('should not do the handshake and connect', function (done){
var socket = io.connect('http://localhost:9000', {
'forceNew':true,
'query': 'token=' + this.token
});
socket.on('connect', function () {
socket.close();
done(new Error('this shouldnt happen'));
}).on('error', function (err) {
socket.close();
err.message.should.eql("jwt signature is required");
done();
});
});
});
});

89
test/fixture/secret_function.js Normal file
View File

@ -0,0 +1,89 @@
var express = require('express');
var http = require('http');
var socketIo = require('socket.io');
var socketio_jwt = require('../../lib');
var jwt = require('jsonwebtoken');
var xtend = require('xtend');
var bodyParser = require('body-parser');
var server, sio;
var enableDestroy = require('server-destroy');
exports.start = function (options, callback) {
var SECRETS = {
123: 'aaafoo super sercret',
555: 'other'
};
if(typeof options == 'function'){
callback = options;
options = {};
}
options = xtend({
secret: function(request, decodedToken, callback) {
callback(null, SECRETS[decodedToken.id]);
},
timeout: 1000,
handshake: true
}, options);
var app = express();
app.use(bodyParser.json());
app.post('/login', function (req, res) {
var profile = {
first_name: 'John',
last_name: 'Doe',
email: 'john@doe.com',
id: req.body.username === 'valid_signature' ? 123 : 555
};
// We are sending the profile inside the token
var token = jwt.sign(profile, SECRETS[123], { expiresIn: 60*60*5 });
res.json({token: token});
});
server = http.createServer(app);
sio = socketIo.listen(server);
if (options.handshake) {
sio.use(socketio_jwt.authorize(options));
sio.sockets.on('echo', function (m) {
sio.sockets.emit('echo-response', m);
});
} else {
sio.sockets
.on('connection', socketio_jwt.authorize(options))
.on('authenticated', function (socket) {
socket.on('echo', function (m) {
socket.emit('echo-response', m);
});
});
}
server.__sockets = [];
server.on('connection', function (c) {
server.__sockets.push(c);
});
server.listen(9000, callback);
enableDestroy(server);
};
exports.stop = function (callback) {
sio.close();
try {
server.destroy();
} catch (er) {}
callback();
};