-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcronAuth.test.js
More file actions
59 lines (44 loc) · 1.78 KB
/
Copy pathcronAuth.test.js
File metadata and controls
59 lines (44 loc) · 1.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
import { describe, it, expect, beforeEach, afterEach } from 'vitest';
import { verifyCronSecret } from '@/lib/cronAuth';
describe('verifyCronSecret', () => {
const ORIGINAL_ENV = process.env;
beforeEach(() => {
process.env = { ...ORIGINAL_ENV, CRON_SECRET: 'my-secret-123' };
});
afterEach(() => {
process.env = ORIGINAL_ENV;
});
it('returns authorized for correct bearer token', () => {
const req = { headers: { get: (key) => key === 'authorization' ? 'Bearer my-secret-123' : null } };
const result = verifyCronSecret(req);
expect(result.authorized).toBe(true);
expect(result.response).toBeUndefined();
});
it('returns unauthorized when no authorization header', () => {
const req = { headers: { get: () => null } };
const result = verifyCronSecret(req);
expect(result.authorized).toBe(false);
expect(result.response).toBeTruthy();
});
it('returns unauthorized when CRON_SECRET is not set', () => {
delete process.env.CRON_SECRET;
const req = { headers: { get: () => 'Bearer something' } };
const result = verifyCronSecret(req);
expect(result.authorized).toBe(false);
});
it('returns unauthorized for token with different length', () => {
const req = { headers: { get: () => 'Bearer short' } };
const result = verifyCronSecret(req);
expect(result.authorized).toBe(false);
});
it('returns unauthorized for wrong token of same length', () => {
const req = { headers: { get: () => 'Bearer my-secret-456' } };
const result = verifyCronSecret(req);
expect(result.authorized).toBe(false);
});
it('returns unauthorized when header is empty string', () => {
const req = { headers: { get: () => '' } };
const result = verifyCronSecret(req);
expect(result.authorized).toBe(false);
});
});