Skip to content

Commit

Permalink
test: run against mocked server (needs refactor propsed by @gnarea)
Browse files Browse the repository at this point in the history
  • Loading branch information
toomuchdesign committed Apr 21, 2023
1 parent 52e4c6a commit df1ac94
Show file tree
Hide file tree
Showing 3 changed files with 113 additions and 4 deletions.
3 changes: 2 additions & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
"scripts": {
"test": "jest ./test/test.js --coverage",
"test:ci": "npm run lint && npm run test -- --ci --coverageReporters=json && npm run test:types",
"test:integration": "jest ./test/integration.test.js",
"test:integration": "jest ./test/*.integration.test.js",
"test:types": "tsd",
"lint": "eslint index.js test",
"prepublishOnly": "npm run test:ci",
Expand Down Expand Up @@ -68,6 +68,7 @@
"fastify": "^4.0.2",
"jest": "^29.0.0",
"nock": "^13.0.2",
"oauth2-mock-server": "^5.0.2",
"prettier": "^2.0.5",
"tsd": "^0.28.0",
"typescript": "^5.0.2"
Expand Down
6 changes: 3 additions & 3 deletions test/integration.test.js → test/auth0.integration.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,11 @@ if (

async function buildServer() {
const server = Fastify()

// Setup fastify-auth0-verify
await server.register(require('../'), {
domain: process.env.AUTH0_DOMAIN,
secret: process.env.AUTH0_CLIENT_SECRET
domain: process.env.AUTH0_DOMAIN + '/.well-known/jwks.json',
secret: process.env.AUTH0_CLIENT_SECRET,
issuer: new URL('https://' + process.env.AUTH0_DOMAIN).toString()
})

// Setup auth0 protected route
Expand Down
108 changes: 108 additions & 0 deletions test/oauth2-mocked-server.integration.test.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
const Fastify = require('fastify')
const { OAuth2Server } = require('oauth2-mock-server')

async function buildOAuthServer() {
const server = new OAuth2Server()

// Generate a new RSA key and add it to the keystore
await server.issuer.keys.generate('RS256')

// Start the server
await server.start(8080, 'localhost')
return server
}

async function buildServer({ oAuthServerUrl }) {
const server = Fastify()

// Setup fastify-auth0-verify
await server.register(require('../'), {
domain: `${oAuthServerUrl}/jwks`,
audience: 'fastify-auth0-verify-test-api',
issuer: oAuthServerUrl
})

// Setup auth0 protected route
server.get('/protected', { preValidation: server.authenticate }, (req, reply) => {
reply.send({ route: 'Protected route' })
})

// Setup auth0 public route
server.get('/public', (req, reply) => {
reply.send({ route: 'Public route' })
})

await server.listen({ port: 0 })
return server
}

describe('Authentication against Auth0', () => {
let server
let OAuthServer

beforeAll(async function () {
OAuthServer = await buildOAuthServer()
server = await buildServer({ oAuthServerUrl: OAuthServer.issuer.url })
})

afterAll(async () => {
server.close()
await OAuthServer.stop()
})

it('Protects protected routes', async () => {
const publicResponse = await server.inject('/public')
expect(publicResponse.statusCode).toEqual(200)
expect(publicResponse.json()).toEqual({ route: 'Public route' })

const protectedResponseWithoutAuthHeader = await server.inject('/protected')
expect(protectedResponseWithoutAuthHeader.statusCode).toEqual(401)
expect(protectedResponseWithoutAuthHeader.json()).toEqual({
error: 'Unauthorized',
message: 'Missing Authorization HTTP header.',
statusCode: 401
})

const invalidAuthToken =
'Bearer eyuhbGcpOpuSUzI1NpIsInR5cCI6IkpOVCIsImtpZCI6IkNPTFuKTFumQ2tZeURuSE1aamNUap7.eyupc3MpOpuodHRwczovL2Rldp0zZTh1d2poYjF4MnZqY2U4LnVzLmF1dGgwLmNvbS8pLCuzdWIpOpu6RUIzaEM0VUhrV3hjQ3uOQ2d2RzZlNkdmQOuZRkRrYUBjbGllbnRzIpwpYOVkIjopSldULOZlcmlmeS10ZON0IpwpaWF0IjoxNjgxODM0NjYxLCuleHApOjE2ODE5MjEwNjEsImF6cCI6InpFQjNoQzRVSGtOeGNDcldDZ3ZHNmU2R2ZBcllGRGthIpwpZ3R5IjopY2xpZW50LWNyZWRlbnRpYWxzIn0.MdxfrZF5EB9ByFABzEdBGENjc0d9eoML_TDKftxrg2352VqvoD3dnxxn1rpIAqjcpWSI4BKvf3hNlcDwoOyhT2kmHxDgcNv22dG9ZAY5vEkm6csDtUeBbVuqdjx30zwbcYDf_pZ4euuCLE-ysOI8WpvYvsOGTjGBpjdFZAyGqPIL0RTUrtwh6lrVzGGl9oKPQgq-ZuFOtUQOO7w4jItHZ40SpvzPYfrLY4P6DfYbxcwSTc9OjE86vvUON0EunTdjhkyml-c28svnxu5WFvfsuUT56Cbw1AYKogg12-OHLYuyS2VQblxCQfIogaDZPTY114M8PCb0ZBL19jNO6oxzA'
const protectedResponseWithInvalidAuthHeader = await server.inject({
method: 'GET',
url: '/protected',
headers: {
Authorization: invalidAuthToken
}
})
expect(protectedResponseWithInvalidAuthHeader.statusCode).toEqual(401)
expect(protectedResponseWithInvalidAuthHeader.json()).toEqual({
code: 'FST_JWT_AUTHORIZATION_TOKEN_INVALID',
error: 'Unauthorized',
message: 'Authorization token is invalid: The token header is not a valid base64url serialized JSON.',
statusCode: 401
})
})

it('Returns protected route when expected auth header is provided', async () => {
const authResponse = await fetch(`${OAuthServer.issuer.url}/token`, {
method: 'POST',
headers: { 'content-type': 'application/json' },
body: JSON.stringify({
client_id: 'client_id',
client_secret: 'client_secret',
audience: 'audience',
grant_type: 'client_credentials'
})
})

const { token_type: tokenType, access_token: accessToken } = await authResponse.json()
const protectedResponse = await server.inject({
method: 'GET',
url: '/protected',
headers: {
Authorization: `${tokenType} ${accessToken}`
}
})

expect(protectedResponse.statusCode).toEqual(200)
expect(protectedResponse.json()).toEqual({ route: 'Protected route' })
})
})

0 comments on commit df1ac94

Please sign in to comment.