-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathindex.test.ts
More file actions
126 lines (109 loc) · 4.2 KB
/
index.test.ts
File metadata and controls
126 lines (109 loc) · 4.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
import { describe, it, expect } from "vitest";
import jwt from "jsonwebtoken";
import NeetoJWT from "../src";
import { generateES256KeyPair } from "./utils";
const { privateKey, publicKey } = generateES256KeyPair();
describe("NeetoJWT", () => {
const email = "oliver@example.com";
const workspace = "spinkart";
const redirectUri = "https://spinkart.neetocal.com/admin";
it("should create a NeetoJWT instance", () => {
const neetoJWT = new NeetoJWT({ email, workspace, privateKey });
expect(neetoJWT).toBeDefined();
});
it("should throw an error if email is missing", () => {
// @ts-expect-error: email is dropped intensionally.
expect(() => new NeetoJWT({ workspace, privateKey })).toThrow(
"Email is required."
);
});
it("should throw an error if workspace is missing", () => {
expect(() => new NeetoJWT({ email, privateKey })).toThrow(
"Workspace is required."
);
});
it("should throw an error if privateKey is missing", () => {
expect(() => new NeetoJWT({ email, workspace })).toThrow(
"Private key is required."
);
});
it("should generate a JWT", () => {
const neetoJWT = new NeetoJWT({ email, workspace, privateKey });
const token = neetoJWT.generateJWT();
expect(token).toBeDefined();
const decoded = jwt.verify(token, publicKey, { algorithms: ["ES256"] });
expect(decoded.email).toBe(email);
expect(decoded.workspace).toBe(workspace);
expect(decoded.iat).toBeDefined();
expect(decoded.exp).toBeDefined();
});
it("should generate a login URL", () => {
const neetoJWT = new NeetoJWT({ email, workspace, privateKey });
const loginUrl = neetoJWT.generateLoginUrl(redirectUri);
expect(loginUrl).toBeDefined();
expect(loginUrl).toContain("https://spinkart.neetoauth.com/users/auth/jwt");
expect(loginUrl).toContain(`jwt=`);
expect(loginUrl).toContain(
`redirect_uri=${encodeURIComponent("neetocal.com/admin")}`
);
expect(loginUrl).toContain(`client_app_name=Cal`);
});
it("should throw an error if redirectUri is missing", () => {
const neetoJWT = new NeetoJWT({ email, workspace, privateKey });
// @ts-expect-error: redirect_uri is dropped intensionally.
expect(() => neetoJWT.generateLoginUrl()).toThrow(
"Redirect URI is required"
);
});
it("should use environment variables for workspace and privateKey if not provided", () => {
process.env.NEETO_JWT_WORKSPACE = "spinkart";
process.env.NEETO_JWT_PRIVATE_KEY = privateKey;
const neetoJWT = new NeetoJWT({ email });
const token = neetoJWT.generateJWT();
expect(token).toBeDefined();
const decoded = jwt.verify(token, publicKey, {
algorithms: ["ES256"],
});
expect(decoded.workspace).toBe(process.env.NEETO_JWT_WORKSPACE);
});
it("should default to user scope and produce a /users/auth/jwt URL", () => {
const neetoJWT = new NeetoJWT({ email, workspace, privateKey });
const loginUrl = neetoJWT.generateLoginUrl(redirectUri);
expect(loginUrl).toContain("/users/auth/jwt");
expect(loginUrl).not.toContain("/consumers/auth/jwt");
});
it("should produce a /consumers/auth/jwt URL when scope is 'consumer'", () => {
const neetoJWT = new NeetoJWT({
email,
workspace: "app",
privateKey,
scope: "consumer",
});
const loginUrl = neetoJWT.generateLoginUrl(redirectUri);
expect(loginUrl).toContain("/consumers/auth/jwt");
expect(loginUrl).not.toContain("/users/auth/jwt");
expect(loginUrl).toContain("https://app.neetoauth.com/consumers/auth/jwt");
});
it("should explicitly accept 'user' scope and produce the user URL", () => {
const neetoJWT = new NeetoJWT({
email,
workspace,
privateKey,
scope: "user",
});
const loginUrl = neetoJWT.generateLoginUrl(redirectUri);
expect(loginUrl).toContain("/users/auth/jwt");
});
it("should throw if scope is anything other than 'user' or 'consumer'", () => {
expect(
() =>
new NeetoJWT({
email,
workspace,
privateKey,
// @ts-expect-error: invalid scope passed deliberately to assert runtime guard.
scope: "admin",
})
).toThrow("Scope must be either 'user' or 'consumer'.");
});
});