149 lines
3.8 KiB
JavaScript
149 lines
3.8 KiB
JavaScript
const Q = require('q')
|
|
const fixture = require('./fixture')
|
|
const request = require('request')
|
|
const io = require('socket.io-client')
|
|
|
|
describe('authorizer', () => {
|
|
//start and stop the server
|
|
before((done) => {
|
|
fixture.start({}, done)
|
|
})
|
|
after(fixture.stop)
|
|
|
|
describe('when the user is not logged in', () => {
|
|
it('should emit error with unauthorized handshake', (done) => {
|
|
const socket = io.connect('http://localhost:9000?token=boooooo', {
|
|
forceNew: true
|
|
})
|
|
|
|
socket.on('error', (err) => {
|
|
err.message.should.eql('jwt malformed')
|
|
err.code.should.eql('invalid_token')
|
|
socket.close()
|
|
done()
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('when the user is logged in', () => {
|
|
before((done) => {
|
|
request.post(
|
|
{
|
|
url: 'http://localhost:9000/login',
|
|
form: { username: 'jose', password: 'Pa123' },
|
|
json: true
|
|
},
|
|
(err, resp, body) => {
|
|
this.token = body.token
|
|
done()
|
|
}
|
|
)
|
|
})
|
|
|
|
describe('authorizer disallows query string token when specified in startup options', () => {
|
|
before((done) => {
|
|
Q.ninvoke(fixture, 'stop')
|
|
.then(() =>
|
|
Q.ninvoke(fixture, 'start', { auth_header_required: true })
|
|
)
|
|
.done(done)
|
|
})
|
|
|
|
after((done) => {
|
|
Q.ninvoke(fixture, 'stop')
|
|
.then(() => Q.ninvoke(fixture, 'start', {}))
|
|
.done(done)
|
|
})
|
|
|
|
it('auth headers are supported', (done) => {
|
|
const socket = io.connect('http://localhost:9000', {
|
|
forceNew: true,
|
|
extraHeaders: { Authorization: 'Bearer ' + this.token }
|
|
})
|
|
|
|
socket
|
|
.on('connect', () => {
|
|
socket.close()
|
|
done()
|
|
})
|
|
.on('error', done)
|
|
})
|
|
|
|
it('auth token in query string is disallowed', (done) => {
|
|
const socket = io.connect('http://localhost:9000', {
|
|
forceNew: true,
|
|
query: 'token=' + this.token
|
|
})
|
|
|
|
socket.on('error', (err) => {
|
|
err.message.should.eql('Server requires Authorization Header')
|
|
err.code.should.eql('missing_authorization_header')
|
|
socket.close()
|
|
done()
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('authorizer all auth types allowed', () => {
|
|
before((done) => {
|
|
Q.ninvoke(fixture, 'stop')
|
|
.then(() => Q.ninvoke(fixture, 'start', {}))
|
|
.done(done)
|
|
})
|
|
|
|
it('auth headers are supported', (done) => {
|
|
const socket = io.connect('http://localhost:9000', {
|
|
forceNew: true,
|
|
extraHeaders: { Authorization: 'Bearer ' + this.token }
|
|
})
|
|
|
|
socket
|
|
.on('connect', () => {
|
|
socket.close()
|
|
done()
|
|
})
|
|
.on('error', done)
|
|
})
|
|
|
|
it('should do the handshake and connect', (done) => {
|
|
const socket = io.connect('http://localhost:9000', {
|
|
forceNew: true,
|
|
query: 'token=' + this.token
|
|
})
|
|
|
|
socket
|
|
.on('connect', () => {
|
|
socket.close()
|
|
done()
|
|
})
|
|
.on('error', done)
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('unsigned token', () => {
|
|
beforeEach(() => {
|
|
this.token =
|
|
'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.'
|
|
})
|
|
|
|
it('should not do the handshake and connect', (done) => {
|
|
const socket = io.connect('http://localhost:9000', {
|
|
forceNew: true,
|
|
query: 'token=' + this.token
|
|
})
|
|
|
|
socket
|
|
.on('connect', () => {
|
|
socket.close()
|
|
done(new Error('this shouldnt happen'))
|
|
})
|
|
.on('error', (err) => {
|
|
socket.close()
|
|
err.message.should.eql('jwt signature is required')
|
|
done()
|
|
})
|
|
})
|
|
})
|
|
})
|