mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-13 14:39:52 +03:00
b3cbb20be1
* refs #5286 * includes test cases for `addClientSecret` * no tests first `generateAccessToken` and `authenticateClient` because there isn't anything to test in them
45 lines
1.3 KiB
JavaScript
45 lines
1.3 KiB
JavaScript
/*globals describe, beforeEach, it*/
|
|
/*jshint expr:true*/
|
|
var should = require('should'),
|
|
sinon = require('sinon'),
|
|
|
|
middleware = require('../../../server/middleware').middleware;
|
|
|
|
describe('Middleware: Client Auth', function () {
|
|
var req, res, next;
|
|
|
|
beforeEach(function () {
|
|
req = {};
|
|
res = {};
|
|
next = sinon.spy();
|
|
});
|
|
|
|
describe('addClientSecret', function () {
|
|
it('sets a `client_secret` if not part of body', function () {
|
|
var requestBody = {};
|
|
|
|
req.body = requestBody;
|
|
|
|
middleware.addClientSecret(req, res, next);
|
|
|
|
next.called.should.be.true;
|
|
should(req.body).have.property('client_secret');
|
|
req.body.client_secret.should.not.be.empty;
|
|
});
|
|
|
|
it('does not tamper with `client_secret` if already present', function () {
|
|
var requestBody = {
|
|
client_secret: 'keep-it-safe-keep-it-secret'
|
|
};
|
|
|
|
req.body = requestBody;
|
|
|
|
middleware.addClientSecret(req, res, next);
|
|
|
|
next.called.should.be.true;
|
|
should(req.body).have.property('client_secret');
|
|
req.body.client_secret.should.equal('keep-it-safe-keep-it-secret');
|
|
});
|
|
});
|
|
});
|