mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-23 10:53:34 +03:00
9e96b04542
- this is a small part of a bit of cleanup of our test files - the goal is to make the existing tests clearer with a view to making it easier to write more tests - this makes the test structure follow the codebase structure more closely - eventually we will colocate the tests as we break the codebase down further
74 lines
2.7 KiB
JavaScript
74 lines
2.7 KiB
JavaScript
const jwt = require('jsonwebtoken');
|
|
const should = require('should');
|
|
const {UnauthorizedError} = require('@tryghost/errors');
|
|
const members = require('../../../../../../core/server/services/auth/members');
|
|
|
|
describe('Auth Service - Members', function () {
|
|
it('exports an authenticateMembersToken method', function () {
|
|
const actual = typeof members.authenticateMembersToken;
|
|
const expected = 'function';
|
|
should.equal(actual, expected);
|
|
});
|
|
|
|
describe('authenticateMembersToken', function () {
|
|
it('calls next without an error if there is no authorization header', function () {
|
|
members.authenticateMembersToken({
|
|
get() {
|
|
return null;
|
|
}
|
|
}, {}, function next(err) {
|
|
const actual = err;
|
|
const expected = undefined;
|
|
|
|
should.equal(actual, expected);
|
|
});
|
|
});
|
|
|
|
it('calls next without an error if the authorization header does not match the GhostMembers scheme', function () {
|
|
members.authenticateMembersToken({
|
|
get() {
|
|
return 'DodgyScheme credscredscreds';
|
|
}
|
|
}, {}, function next(err) {
|
|
const actual = err;
|
|
const expected = undefined;
|
|
|
|
should.equal(actual, expected);
|
|
});
|
|
});
|
|
describe('attempts to verify the credentials as a JWT, not allowing the "NONE" algorithm', function () {
|
|
it('calls next with an UnauthorizedError if the verification fails', function () {
|
|
members.authenticateMembersToken({
|
|
get() {
|
|
return 'GhostMembers notafuckentoken';
|
|
}
|
|
}, {}, function next(err) {
|
|
const actual = err instanceof UnauthorizedError;
|
|
const expected = true;
|
|
|
|
should.equal(actual, expected);
|
|
});
|
|
});
|
|
it('calls next with an error if the token is using the "none" algorithm', function () {
|
|
const claims = {
|
|
rumpel: 'stiltskin'
|
|
};
|
|
const token = jwt.sign(claims, null, {
|
|
algorithm: 'none'
|
|
});
|
|
const req = {
|
|
get() {
|
|
return `GhostMembers ${token}`;
|
|
}
|
|
};
|
|
members.authenticateMembersToken(req, {}, function next(err) {
|
|
const actual = err instanceof UnauthorizedError;
|
|
const expected = true;
|
|
|
|
should.equal(actual, expected);
|
|
});
|
|
});
|
|
});
|
|
});
|
|
});
|