3 var Url = require('url');
4 var Code = require('code');
5 var Hawk = require('../lib');
6 var Lab = require('lab');
16 var lab = exports.lab = Lab.script();
17 var describe = lab.experiment;
19 var expect = Code.expect;
22 describe('Hawk', function () {
24 var credentialsFunc = function (id, callback) {
28 key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
29 algorithm: (id === '1' ? 'sha1' : 'sha256'),
33 return callback(null, credentials);
36 it('generates a header then successfully parse it (configuration)', function (done) {
40 url: '/resource/4?filter=a',
45 credentialsFunc('123456', function (err, credentials1) {
47 req.authorization = Hawk.client.header(Url.parse('http://example.com:8080/resource/4?filter=a'), req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
48 expect(req.authorization).to.exist();
50 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
52 expect(err).to.not.exist();
53 expect(credentials2.user).to.equal('steve');
54 expect(artifacts.ext).to.equal('some-app-data');
60 it('generates a header then successfully parse it (node request)', function (done) {
64 url: '/resource/4?filter=a',
66 host: 'example.com:8080',
67 'content-type': 'text/plain;x=y'
71 var payload = 'some not so random text';
73 credentialsFunc('123456', function (err, credentials1) {
75 var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
76 req.headers.authorization = reqHeader.field;
78 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
80 expect(err).to.not.exist();
81 expect(credentials2.user).to.equal('steve');
82 expect(artifacts.ext).to.equal('some-app-data');
83 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
87 'content-type': 'text/plain'
91 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
92 expect(res.headers['server-authorization']).to.exist();
94 expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(true);
100 it('generates a header then successfully parse it (absolute request uri)', function (done) {
104 url: 'http://example.com:8080/resource/4?filter=a',
106 host: 'example.com:8080',
107 'content-type': 'text/plain;x=y'
111 var payload = 'some not so random text';
113 credentialsFunc('123456', function (err, credentials1) {
115 var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
116 req.headers.authorization = reqHeader.field;
118 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
120 expect(err).to.not.exist();
121 expect(credentials2.user).to.equal('steve');
122 expect(artifacts.ext).to.equal('some-app-data');
123 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
127 'content-type': 'text/plain'
131 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
132 expect(res.headers['server-authorization']).to.exist();
134 expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(true);
140 it('generates a header then successfully parse it (no server header options)', function (done) {
144 url: '/resource/4?filter=a',
146 host: 'example.com:8080',
147 'content-type': 'text/plain;x=y'
151 var payload = 'some not so random text';
153 credentialsFunc('123456', function (err, credentials1) {
155 var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
156 req.headers.authorization = reqHeader.field;
158 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
160 expect(err).to.not.exist();
161 expect(credentials2.user).to.equal('steve');
162 expect(artifacts.ext).to.equal('some-app-data');
163 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
167 'content-type': 'text/plain'
171 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts);
172 expect(res.headers['server-authorization']).to.exist();
174 expect(Hawk.client.authenticate(res, credentials2, artifacts)).to.equal(true);
180 it('generates a header then fails to parse it (missing server header hash)', function (done) {
184 url: '/resource/4?filter=a',
186 host: 'example.com:8080',
187 'content-type': 'text/plain;x=y'
191 var payload = 'some not so random text';
193 credentialsFunc('123456', function (err, credentials1) {
195 var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
196 req.headers.authorization = reqHeader.field;
198 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
200 expect(err).to.not.exist();
201 expect(credentials2.user).to.equal('steve');
202 expect(artifacts.ext).to.equal('some-app-data');
203 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
207 'content-type': 'text/plain'
211 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts);
212 expect(res.headers['server-authorization']).to.exist();
214 expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(false);
220 it('generates a header then successfully parse it (with hash)', function (done) {
224 url: '/resource/4?filter=a',
229 credentialsFunc('123456', function (err, credentials1) {
231 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
232 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
234 expect(err).to.not.exist();
235 expect(credentials2.user).to.equal('steve');
236 expect(artifacts.ext).to.equal('some-app-data');
242 it('generates a header then successfully parse it then validate payload', function (done) {
246 url: '/resource/4?filter=a',
251 credentialsFunc('123456', function (err, credentials1) {
253 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
254 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
256 expect(err).to.not.exist();
257 expect(credentials2.user).to.equal('steve');
258 expect(artifacts.ext).to.equal('some-app-data');
259 expect(Hawk.server.authenticatePayload('hola!', credentials2, artifacts)).to.be.true();
260 expect(Hawk.server.authenticatePayload('hello!', credentials2, artifacts)).to.be.false();
266 it('generates a header then successfully parses and validates payload', function (done) {
270 url: '/resource/4?filter=a',
275 credentialsFunc('123456', function (err, credentials1) {
277 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
278 Hawk.server.authenticate(req, credentialsFunc, { payload: 'hola!' }, function (err, credentials2, artifacts) {
280 expect(err).to.not.exist();
281 expect(credentials2.user).to.equal('steve');
282 expect(artifacts.ext).to.equal('some-app-data');
288 it('generates a header then successfully parse it (app)', function (done) {
292 url: '/resource/4?filter=a',
297 credentialsFunc('123456', function (err, credentials1) {
299 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased' }).field;
300 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
302 expect(err).to.not.exist();
303 expect(credentials2.user).to.equal('steve');
304 expect(artifacts.ext).to.equal('some-app-data');
305 expect(artifacts.app).to.equal('asd23ased');
311 it('generates a header then successfully parse it (app, dlg)', function (done) {
315 url: '/resource/4?filter=a',
320 credentialsFunc('123456', function (err, credentials1) {
322 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased', dlg: '23434szr3q4d' }).field;
323 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
325 expect(err).to.not.exist();
326 expect(credentials2.user).to.equal('steve');
327 expect(artifacts.ext).to.equal('some-app-data');
328 expect(artifacts.app).to.equal('asd23ased');
329 expect(artifacts.dlg).to.equal('23434szr3q4d');
335 it('generates a header then fail authentication due to bad hash', function (done) {
339 url: '/resource/4?filter=a',
344 credentialsFunc('123456', function (err, credentials1) {
346 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
347 Hawk.server.authenticate(req, credentialsFunc, { payload: 'byebye!' }, function (err, credentials2, artifacts) {
349 expect(err).to.exist();
350 expect(err.output.payload.message).to.equal('Bad payload hash');
356 it('generates a header for one resource then fail to authenticate another', function (done) {
360 url: '/resource/4?filter=a',
365 credentialsFunc('123456', function (err, credentials1) {
367 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
368 req.url = '/something/else';
370 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
372 expect(err).to.exist();
373 expect(credentials2).to.exist();