test example

Author: jorenvandeweyer

test/integration/flows/db.js

@@ -0,0 +1,65 @@
+class DB {
+
+  constructor () {
+    this.users = new Map();
+    this.clients = [];
+    this.accessTokens = new Map();
+    this.refreshTokens= new Map();
+  }
+
+  saveUser (user) {
+    this.users.set(user.id, user);
+
+    return user;
+  }
+
+  findUser (username, password) {
+    return Array.from(this.users.values()).find(user => {
+      return user.username === username && user.password === password;
+    });
+  }
+
+  findUserById (id) {
+    return this.users.get(id);
+  }
+
+  saveClient (client) {
+    this.clients.push(client);
+
+    return client;
+  }
+
+  findClient (clientId, clientSecret) {
+    return this.clients.find(client => {
+      if (clientSecret) {
+        return client.id === clientId && client.secret === clientSecret;
+      } else {
+        return client.id === clientId;
+      }
+    });
+  }
+
+  findClientById (id) {
+    return this.clients.find(client => client.id === id);
+  }
+
+  saveAccessToken (accessToken, meta) {
+    this.accessTokens.set(accessToken, meta);
+  }
+
+  findAccessToken (accessToken) {
+    return this.accessTokens.get(accessToken);
+  }
+
+  saveRefreshToken (refreshToken, meta) {
+    this.refreshTokens.set(refreshToken, meta);
+  }
+
+  findRefreshToken (refreshToken) {
+    return this.refreshTokens.get(refreshToken);
+  }
+}
+
+const db = new DB();
+
+module.exports = db;

test/integration/flows/model.js

@@ -0,0 +1,61 @@
+const db = require('./db');
+const scopes = ['read', 'write'];
+
+async function getUser (username, password) {
+  return db.findUser(username, password);
+}
+
+async function getClient (clientId, clientSecret) {
+  return db.findClient(clientId, clientSecret);
+}
+
+async function saveToken (token, client, user) {
+  const meta = {
+    clientId: client.id,
+    userId: user.id,
+    scope: token.scope
+  };
+
+  token.client = client;
+  token.user = user;
+
+  if (token.accessToken) {
+    db.saveAccessToken(token.accessToken, meta);
+  }
+
+  if (token.refreshToken) {
+    db.saveRefreshToken(token.refreshToken, meta);
+  }
+
+  return token;
+}
+
+async function getAccessToken (accessToken) {
+  const meta = db.findAccessToken(accessToken);
+
+  return {
+    accessToken,
+    user: db.findUserById(meta.userId),
+    client: db.findClientById(meta.clientId),
+    scope: meta.scope
+  };
+}
+
+async function verifyScope (token, scope) {
+  if (typeof scope === 'string') {
+    return scopes.includes(scope);
+  } else {
+    return scope.every(s => scopes.includes(s));
+  }
+}
+
+const model = {
+  getUser,
+  getClient,
+  saveToken,
+  getAccessToken,
+  verifyScope
+};
+
+module.exports = model;
+

test/integration/flows/password-grant.js

@@ -0,0 +1,156 @@
+const OAuth2Server = require('../../../');
+const db = require('./db');
+const model = require('./model');
+const Request = require('../../../lib/request');
+const Response = require('../../../lib/response');
+
+require('chai').should();
+
+const auth = new OAuth2Server({
+  model: model
+});
+
+const user = db.saveUser({ id: 1, username: 'test', password: 'test'});
+const client = db.saveClient({ id: 'a', secret: 'b', grants: ['password'] });
+const scope = 'read write';
+
+function createDefaultRequest () {
+  const request = new Request({
+    body: {
+      grant_type: 'password',
+      client_id: client.id,
+      client_secret: client.secret,
+      username: user.username,
+      password: user.password,
+      scope
+    },
+    headers: {
+      'content-type': 'application/x-www-form-urlencoded'
+    },
+    method: 'POST',
+    query: {}
+  });
+
+  request.is = function (header) {
+    return this.headers['content-type'] === header;
+  };
+
+  return request;
+}
+
+describe('PasswordGrantType Integration Flow', function () {
+  describe('Authenticate', function () {
+
+    it ('Succesfull authentication', async function () {
+      const request = createDefaultRequest();
+      const response = new Response({});
+
+      const token = await auth.token(request, response, {});
+      response.body.token_type.should.equal('Bearer');
+      response.body.access_token.should.equal(token.accessToken);
+      response.body.refresh_token.should.equal(token.refreshToken);
+      response.body.expires_in.should.be.a('number');
+      response.body.scope.should.equal(scope);
+
+      token.accessToken.should.be.a('string');
+      token.refreshToken.should.be.a('string');
+      token.accessTokenExpiresAt.should.be.a('date');
+      token.refreshTokenExpiresAt.should.be.a('date');
+      token.scope.should.equal(scope);
+
+      db.accessTokens.has(token.accessToken).should.equal(true);
+      db.refreshTokens.has(token.refreshToken).should.equal(true);
+    });
+
+    it ('Username missing', async function () {
+      const request = createDefaultRequest();
+      const response = new Response({});
+
+      delete request.body.username;
+
+      await auth.token(request, response, {})
+        .catch(err => {
+          err.name.should.equal('invalid_request');
+        });
+    });
+
+    it ('Password missing', async function () {
+      const request = createDefaultRequest();
+      const response = new Response({});
+
+      delete request.body.password;
+
+      await auth.token(request, response, {})
+        .catch(err => {
+          err.name.should.equal('invalid_request');
+        });
+    });
+
+    it ('Wrong username', async function () {
+      const request = createDefaultRequest();
+      const response = new Response({});
+
+      request.body.username = 'wrong';
+
+      await auth.token(request, response, {})
+        .catch(err => {
+          err.name.should.equal('invalid_grant');
+        });
+    });
+
+    it ('Wrong password', async function () {
+      const request = createDefaultRequest();
+      const response = new Response({});
+
+      request.body.password = 'wrong';
+
+      await auth.token(request, response, {})
+        .catch(err => {
+          err.name.should.equal('invalid_grant');
+        });
+    });
+
+    it ('Client not found', async function () {
+      const request = createDefaultRequest();
+      const response = new Response({});
+
+      request.body.client_id = 'wrong';
+
+      await auth.token(request, response, {})
+        .catch(err => {
+          err.name.should.equal('invalid_client');
+        });
+    });
+
+    it ('Client secret not required', async function () {
+      const request = createDefaultRequest();
+      const response = new Response({});
+
+      delete request.body.client_secret;
+
+      const token = await auth.token(request, response, {
+        requireClientAuthentication: {
+          password: false
+        }
+      });
+
+      token.accessToken.should.be.a('string');
+    });
+
+    it ('Client secret required', async function () {
+      const request = createDefaultRequest();
+      const response = new Response({});
+
+      delete request.body.client_secret;
+
+      await auth.token(request, response, {
+        requireClientAuthentication: {
+          password: false
+        }
+      })
+        .catch(err => {
+          err.name.should.equal('invalid_client');
+        });
+    });
+  });
+});