org.simantics.maps.server/node/node-v4.8.0-win-x64/node_modules/npm/node_modules/request/node_modules/hawk/test/index.js

   1 // Load modules
   2
   3 var Url = require('url');
   4 var Code = require('code');
   5 var Hawk = require('../lib');
   6 var Lab = require('lab');
   7
   8
   9 // Declare internals
  10
  11 var internals = {};
  12
  13
  14 // Test shortcuts
  15
  16 var lab = exports.lab = Lab.script();
  17 var describe = lab.experiment;
  18 var it = lab.test;
  19 var expect = Code.expect;
  20
  21
  22 describe('Hawk', function () {
  23
  24     var credentialsFunc = function (id, callback) {
  25
  26         var credentials = {
  27             id: id,
  28             key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
  29             algorithm: (id === '1' ? 'sha1' : 'sha256'),
  30             user: 'steve'
  31         };
  32
  33         return callback(null, credentials);
  34     };
  35
  36     it('generates a header then successfully parse it (configuration)', function (done) {
  37
  38         var req = {
  39             method: 'GET',
  40             url: '/resource/4?filter=a',
  41             host: 'example.com',
  42             port: 8080
  43         };
  44
  45         credentialsFunc('123456', function (err, credentials1) {
  46
  47             req.authorization = Hawk.client.header(Url.parse('http://example.com:8080/resource/4?filter=a'), req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
  48             expect(req.authorization).to.exist();
  49
  50             Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
  51
  52                 expect(err).to.not.exist();
  53                 expect(credentials2.user).to.equal('steve');
  54                 expect(artifacts.ext).to.equal('some-app-data');
  55                 done();
  56             });
  57         });
  58     });
  59
  60     it('generates a header then successfully parse it (node request)', function (done) {
  61
  62         var req = {
  63             method: 'POST',
  64             url: '/resource/4?filter=a',
  65             headers: {
  66                 host: 'example.com:8080',
  67                 'content-type': 'text/plain;x=y'
  68             }
  69         };
  70
  71         var payload = 'some not so random text';
  72
  73         credentialsFunc('123456', function (err, credentials1) {
  74
  75             var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
  76             req.headers.authorization = reqHeader.field;
  77
  78             Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
  79
  80                 expect(err).to.not.exist();
  81                 expect(credentials2.user).to.equal('steve');
  82                 expect(artifacts.ext).to.equal('some-app-data');
  83                 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
  84
  85                 var res = {
  86                     headers: {
  87                         'content-type': 'text/plain'
  88                     }
  89                 };
  90
  91                 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
  92                 expect(res.headers['server-authorization']).to.exist();
  93
  94                 expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(true);
  95                 done();
  96             });
  97         });
  98     });
  99
 100     it('generates a header then successfully parse it (absolute request uri)', function (done) {
 101
 102         var req = {
 103             method: 'POST',
 104             url: 'http://example.com:8080/resource/4?filter=a',
 105             headers: {
 106                 host: 'example.com:8080',
 107                 'content-type': 'text/plain;x=y'
 108             }
 109         };
 110
 111         var payload = 'some not so random text';
 112
 113         credentialsFunc('123456', function (err, credentials1) {
 114
 115             var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
 116             req.headers.authorization = reqHeader.field;
 117
 118             Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
 119
 120                 expect(err).to.not.exist();
 121                 expect(credentials2.user).to.equal('steve');
 122                 expect(artifacts.ext).to.equal('some-app-data');
 123                 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
 124
 125                 var res = {
 126                     headers: {
 127                         'content-type': 'text/plain'
 128                     }
 129                 };
 130
 131                 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
 132                 expect(res.headers['server-authorization']).to.exist();
 133
 134                 expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(true);
 135                 done();
 136             });
 137         });
 138     });
 139
 140     it('generates a header then successfully parse it (no server header options)', function (done) {
 141
 142         var req = {
 143             method: 'POST',
 144             url: '/resource/4?filter=a',
 145             headers: {
 146                 host: 'example.com:8080',
 147                 'content-type': 'text/plain;x=y'
 148             }
 149         };
 150
 151         var payload = 'some not so random text';
 152
 153         credentialsFunc('123456', function (err, credentials1) {
 154
 155             var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
 156             req.headers.authorization = reqHeader.field;
 157
 158             Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
 159
 160                 expect(err).to.not.exist();
 161                 expect(credentials2.user).to.equal('steve');
 162                 expect(artifacts.ext).to.equal('some-app-data');
 163                 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
 164
 165                 var res = {
 166                     headers: {
 167                         'content-type': 'text/plain'
 168                     }
 169                 };
 170
 171                 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts);
 172                 expect(res.headers['server-authorization']).to.exist();
 173
 174                 expect(Hawk.client.authenticate(res, credentials2, artifacts)).to.equal(true);
 175                 done();
 176             });
 177         });
 178     });
 179
 180     it('generates a header then fails to parse it (missing server header hash)', function (done) {
 181
 182         var req = {
 183             method: 'POST',
 184             url: '/resource/4?filter=a',
 185             headers: {
 186                 host: 'example.com:8080',
 187                 'content-type': 'text/plain;x=y'
 188             }
 189         };
 190
 191         var payload = 'some not so random text';
 192
 193         credentialsFunc('123456', function (err, credentials1) {
 194
 195             var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
 196             req.headers.authorization = reqHeader.field;
 197
 198             Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
 199
 200                 expect(err).to.not.exist();
 201                 expect(credentials2.user).to.equal('steve');
 202                 expect(artifacts.ext).to.equal('some-app-data');
 203                 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
 204
 205                 var res = {
 206                     headers: {
 207                         'content-type': 'text/plain'
 208                     }
 209                 };
 210
 211                 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts);
 212                 expect(res.headers['server-authorization']).to.exist();
 213
 214                 expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(false);
 215                 done();
 216             });
 217         });
 218     });
 219
 220     it('generates a header then successfully parse it (with hash)', function (done) {
 221
 222         var req = {
 223             method: 'GET',
 224             url: '/resource/4?filter=a',
 225             host: 'example.com',
 226             port: 8080
 227         };
 228
 229         credentialsFunc('123456', function (err, credentials1) {
 230
 231             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
 232             Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
 233
 234                 expect(err).to.not.exist();
 235                 expect(credentials2.user).to.equal('steve');
 236                 expect(artifacts.ext).to.equal('some-app-data');
 237                 done();
 238             });
 239         });
 240     });
 241
 242     it('generates a header then successfully parse it then validate payload', function (done) {
 243
 244         var req = {
 245             method: 'GET',
 246             url: '/resource/4?filter=a',
 247             host: 'example.com',
 248             port: 8080
 249         };
 250
 251         credentialsFunc('123456', function (err, credentials1) {
 252
 253             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
 254             Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
 255
 256                 expect(err).to.not.exist();
 257                 expect(credentials2.user).to.equal('steve');
 258                 expect(artifacts.ext).to.equal('some-app-data');
 259                 expect(Hawk.server.authenticatePayload('hola!', credentials2, artifacts)).to.be.true();
 260                 expect(Hawk.server.authenticatePayload('hello!', credentials2, artifacts)).to.be.false();
 261                 done();
 262             });
 263         });
 264     });
 265
 266     it('generates a header then successfully parses and validates payload', function (done) {
 267
 268         var req = {
 269             method: 'GET',
 270             url: '/resource/4?filter=a',
 271             host: 'example.com',
 272             port: 8080
 273         };
 274
 275         credentialsFunc('123456', function (err, credentials1) {
 276
 277             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
 278             Hawk.server.authenticate(req, credentialsFunc, { payload: 'hola!' }, function (err, credentials2, artifacts) {
 279
 280                 expect(err).to.not.exist();
 281                 expect(credentials2.user).to.equal('steve');
 282                 expect(artifacts.ext).to.equal('some-app-data');
 283                 done();
 284             });
 285         });
 286     });
 287
 288     it('generates a header then successfully parse it (app)', function (done) {
 289
 290         var req = {
 291             method: 'GET',
 292             url: '/resource/4?filter=a',
 293             host: 'example.com',
 294             port: 8080
 295         };
 296
 297         credentialsFunc('123456', function (err, credentials1) {
 298
 299             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased' }).field;
 300             Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
 301
 302                 expect(err).to.not.exist();
 303                 expect(credentials2.user).to.equal('steve');
 304                 expect(artifacts.ext).to.equal('some-app-data');
 305                 expect(artifacts.app).to.equal('asd23ased');
 306                 done();
 307             });
 308         });
 309     });
 310
 311     it('generates a header then successfully parse it (app, dlg)', function (done) {
 312
 313         var req = {
 314             method: 'GET',
 315             url: '/resource/4?filter=a',
 316             host: 'example.com',
 317             port: 8080
 318         };
 319
 320         credentialsFunc('123456', function (err, credentials1) {
 321
 322             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased', dlg: '23434szr3q4d' }).field;
 323             Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
 324
 325                 expect(err).to.not.exist();
 326                 expect(credentials2.user).to.equal('steve');
 327                 expect(artifacts.ext).to.equal('some-app-data');
 328                 expect(artifacts.app).to.equal('asd23ased');
 329                 expect(artifacts.dlg).to.equal('23434szr3q4d');
 330                 done();
 331             });
 332         });
 333     });
 334
 335     it('generates a header then fail authentication due to bad hash', function (done) {
 336
 337         var req = {
 338             method: 'GET',
 339             url: '/resource/4?filter=a',
 340             host: 'example.com',
 341             port: 8080
 342         };
 343
 344         credentialsFunc('123456', function (err, credentials1) {
 345
 346             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
 347             Hawk.server.authenticate(req, credentialsFunc, { payload: 'byebye!' }, function (err, credentials2, artifacts) {
 348
 349                 expect(err).to.exist();
 350                 expect(err.output.payload.message).to.equal('Bad payload hash');
 351                 done();
 352             });
 353         });
 354     });
 355
 356     it('generates a header for one resource then fail to authenticate another', function (done) {
 357
 358         var req = {
 359             method: 'GET',
 360             url: '/resource/4?filter=a',
 361             host: 'example.com',
 362             port: 8080
 363         };
 364
 365         credentialsFunc('123456', function (err, credentials1) {
 366
 367             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
 368             req.url = '/something/else';
 369
 370             Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
 371
 372                 expect(err).to.exist();
 373                 expect(credentials2).to.exist();
 374                 done();
 375             });
 376         });
 377     });
 378 });