it('Should properly call _verify with req', done => {
chai.passport.use(strategy)
.success((user, info) => {
assert.typeOf(user, 'object');
assert.typeOf(info, 'object');
assert.deepEqual(info, {info: 'foo'});
done();
})
.req(req => {
req.body = {
access_token: 'access_token',
refresh_token: 'refresh_token'
}
})
.authenticate({});
});
before(function (done) {
chai.passport.use(strategy)
.error(function(e) {
err = e;
done();
})
.req(function(req) {
request = req;
req.body = {};
req.body.wresult = '<trust:RequestSecurityTokenResponseCollection>...</trust:RequestSecurityTokenResponseCollection>';
req.body.wctx = 'DkbychwKu8kBaJoLE5yeR5NK-WRONG';
req.method = 'POST';
})
.authenticate({});
});
it('Should properly parse token from query', done => {
chai.passport.use(strategy)
.success((user, info) => {
assert.typeOf(user, 'object');
assert.typeOf(info, 'object');
assert.deepEqual(info, {info: 'foo'});
done();
})
.req(req => {
req.query = {
access_token: 'access_token',
refresh_token: 'refresh_token'
}
})
.authenticate();
});
return function(done) {
chai.passport
.use(testStrategy)
.fail(function(c) {
challenge = c; done();
})
.req(function(req) {
req.query = {};
if (query_or_body == 'query')
req.query = {'access_token' : access_token, 'refresh_token' : refresh_token};
else if (query_or_body == 'body')
req.body = {'access_token' : access_token, 'refresh_token' : refresh_token};
})
.authenticate({});
};
before(function(done) {
chai.passport.use(strategy)
.fail(function(i, s) {
info = i;
status = s;
done();
})
.req(function(req) {
request = req;
req.query = {};
req.query.code = 'SplxlOBeZQQYbYS6WxSbIA';
req.query.state = 'DkbychwKu8kBaJoLE5yeR5NK';
req.session = {};
})
.authenticate();
});
before(function(done) {
chai.passport.use(strategy)
.error(function(e) {
err = e;
done();
})
.req(function(req) {
req.query = {};
req.query['oauth_token'] = 'hh5s93j4hdidpola';
req.query['oauth_verifier'] = 'x-hfdp7dh39dks9884';
req.session = {};
req.session['oauth:fanfou'] = {};
req.session['oauth:fanfou']['oauth_token'] = 'hh5s93j4hdidpola';
req.session['oauth:fanfou']['oauth_token_secret'] = 'hdhd0244k9j7ao03';
})
.authenticate();
});
before(function(done) {
chai.passport.use(strategy)
.success(function(u, i) {
user = u;
info = i;
done();
})
.req(function(req) {
req.headers['x-foo'] = 'hello';
req.body = {};
req.body.username = '******';
req.body.host = 'johndoe';
req.body.password = '******';
})
.authenticate();
});
before(function(done) {
chai.passport.use(strategy)
.pass(function() {
pass = true;
done();
})
.req(function(req) {
request = req;
req._passport = {};
req._passport.instance = {};
req._passport.instance._userProperty = 'currentUser';
req._passport.session = {};
req._passport.session.user = '******';
})
.authenticate();
});
before(function(done) {
chai.passport.use(strategy)
.error(function(e) {
err = e;
done();
})
.req(function(req) {
request = req;
req.query = {};
req.query['oauth_token'] = 'wrong-token';
req.query['oauth_verifier'] = 'wrong-verifier';
req.session = {};
req.session['oauth'] = {};
req.session['oauth']['oauth_token'] = 'wrong-token';
req.session['oauth']['oauth_token_secret'] = 'wrong-token-secret';
})
.authenticate();
});
it('Should properly parse access token from OAuth2 bearer header', done => {
chai
.passport
.use(strategy)
.success((user, info) => {
assert.typeOf(user, 'object');
assert.typeOf(info, 'object');
assert.deepEqual(info, {info: 'foo'});
done();
})
.req(req => {
req.headers = {
Authorization: 'Bearer access_token',
refresh_token: 'refresh_token'
}
})
.authenticate({});
});
before(function(done) {
chai.passport.use(strategy)
.fail(function(i, s) {
info = i;
status = s;
done();
})
.req(function(req) {
request = req;
req.body = {};
req.body.wresult = '<trust:RequestSecurityTokenResponseCollection>...</trust:RequestSecurityTokenResponseCollection>';
req.body.wctx = 'DkbychwKu8kBaJoLE5yeR5NK-WRONG';
req.method = 'POST';
req.session = {};
})
.authenticate({});
});
before(function(done) {
strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeaderAsBearerToken(), secretOrKey: 'secret'}, verify_spy);
// Mock errored verification
Strategy.JwtVerifier = sinon.stub();
Strategy.JwtVerifier.callsArgWith(3, new Error("jwt expired"), false);
chai.passport.use(strategy)
.fail(function(i) {
info = i;
done();
})
.req(function(req) {
req.headers['authorization'] = "bearer " + test_data.valid_jwt.token;
})
.authenticate();
});
it('Should properly parse token from body', done => {
chai
.passport
.use(strategy)
.success((user, info) => {
assert.typeOf(user, 'object');
assert.typeOf(info, 'object');
assert.deepEqual(info, {info: 'foo'});
done();
})
.req(req => {
req.body = {
oauth_token: 'token',
oauth_token_secret: 'token_secret'
}
})
.authenticate({});
});
before(function(done) {
chai.passport.use(strategy)
.fail(function(i) {
info = i;
done();
})
.req(function(req) {
request = req;
req.query = {};
req.query.code = 'SplxlOBeZQQYbYS6WxSbIA';
req.query.state = 'DkbychwKu8kBaJoLE5yeR5NK';
req.session = {};
req.session['oauth2:www.example.com'] = {};
req.session['oauth2:www.example.com']['state'] = { handle: 'DkbychwKu8kBaJoLE5yeR5NK'};
})
.authenticate();
});
before(function(done) {
strategy = new Strategy({jwtFromRequest: function(r) {}, secretOrKey: 'secret'}, function(jwt_payload, next) {
// Return values aren't important in this case
return next(null, {}, {});
});
mockVerifier.reset();
chai.passport.use(strategy)
.fail(function(i) {
info = i
done();
})
.req(function(req) {
req.body = {}
})
.authenticate();
});
it( 'should fetch basic info if scope is snsapi_base', function( done ) {
const strategy = new WechatStrategy( {
appId: 'ABC123',
appSecret: 'secret'
}, ( accessToken, refreshToken, profile, next ) => {
expect( profile.id ).to.equal( 'OPENID' )
expect( profile.openid ).to.equal( 'OPENID' )
done()
} )
strategy._oauth.getAccessToken = getAccessToken
strategy._oauth.getUser = getUser
chai.passport.use( strategy )
.req( function( req ) {
req.query = {}
req.query.code = 'base'
} )
.authenticate()
} )
before(function(done) {
chai.passport.use(strategy)
.pass(function() {
pass = true;
done();
})
.req(function(req) {
request = req;
req._passport = {};
req._passport.instance = {};
req._passport.instance.deserializeUser = function(user, req, done) {
done(null, { id: user });
};
req._passport.session = {};
req._passport.session.user = 0;
})
.authenticate();
});
before(function(done) {
chai.passport.use(strategy)
.error(function(err) {
error = err;
done();
})
.req(function(req) {
request = req;
req._passport = {};
req._passport.instance = {};
req._passport.instance.deserializeUser = function(user, req, done) {
done(new Error('something went wrong'));
};
req._passport.session = {};
req._passport.session.user = '******';
})
.authenticate();
});
before(function(done) {
strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeaderAsBearerToken(), secretOrKey: 'secret'}, function(jwt_payload, next) {
payload = jwt_payload;
next(null, {}, {});
});
// Mock successful verification
Strategy.JwtVerifier = sinon.stub();
Strategy.JwtVerifier.callsArgWith(3, null, test_data.valid_jwt.payload);
chai.passport.use(strategy)
.success(function(u, i) {
done();
})
.req(function(req) {
req.headers['authorization'] = "bearer " + test_data.valid_jwt.token;
})
.authenticate();
});
return function(done) {
options.validateIssuer = validateIssuer;
options.issuer = issuer;
options.isB2C = isB2C;
var testStrategy = new OIDCStrategy(options, function(profile, done) {});
chai.passport
.use(testStrategy)
.redirect(function(u) {redirectUrl = u; done(); })
.fail(function(c) {challenge = c; done(); })
.req(function(req) {
request = req;
req.session = {};
req.query = {};
challenge = null;
})
.authenticate({ tenantIdOrName: tenantIdOrName });
};
before(function(done) {
strategy = new Strategy({
jwtFromRequest: function (r) { return test_data.valid_jwt.token; },
secretOrKey: 'secret'
},
function(jwt_payload, next) {
// Return values aren't important in this case
return next(null, {}, {});
}
);
mockVerifier.reset();
chai.passport.use(strategy)
.success(function(u, i) {
done();
})
.authenticate();
});
before(function(done) {
chai.passport.use(strategy)
.fail(function(i, s) {
info = i;
status = s;
done();
})
.req(function(req) {
request = req;
req.query = {};
req.query.code = 'SplxlOBeZQQYbYS6WxSbIA';
req.query.state = 'DkbychwKu8kBaJoLE5yeR5NK-WRONG';
req.session = {};
req.session['oauth2:www.example.com'] = {};
req.session['oauth2:www.example.com']['state'] = { handle: 'DkbychwKu8kBaJoLE5yeR5NK', code_verifier: 'dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk' };
})
.authenticate();
});
before(function(done) {
chai.passport.use(strategy)
.success(function(u, i) {
user = u;
info = i;
done();
})
.req(function(req) {
request = req;
req.query = {};
req.query.code = 'SplxlOBeZQQYbYS6WxSbIA';
req.query.state = 'DkbychwKu8kBaJoLE5yeR5NK';
req.session = {};
req.session['oauth2:example'] = {};
req.session['oauth2:example']['state'] = 'DkbychwKu8kBaJoLE5yeR5NK';
})
.authenticate();
});
before(function(done) {
chai.passport.use(strategy)
.success(function(u, i) {
user = u;
info = i;
done();
})
.req(function(req) {
request = req;
req.query = {};
req.query['oauth_token'] = 'hh5s93j4hdidpola';
req.query['oauth_verifier'] = 'hfdp7dh39dks9884';
req.session = {};
req.session['oauth'] = {};
req.session['oauth']['oauth_token'] = 'hh5s93j4hdidpola';
req.session['oauth']['oauth_token_secret'] = 'hdhd0244k9j7ao03';
})
.authenticate();
});
before(function(done) {
chai.passport.use(strategy)
.redirect(function(u) {
url = u;
done();
})
.req(function(req) {
req.app = {
get: function(name) {
return name == 'trust proxy' ? false : false;
}
}
req.url = '/auth/example';
req.headers.host = 'www.example.net';
req.headers['x-forwarded-proto'] = 'https';
req.connection = {};
})
.authenticate();
});
before(function (done) {
chai.passport.use(strategy)
.success(function(u, i) {
user = u;
info = i;
done();
})
.req(function(req) {
request = req;
req.body = {};
req.body.wresult = '<trust:RequestSecurityTokenResponseCollection>...</trust:RequestSecurityTokenResponseCollection>';
req.body.wctx = 'DkbychwKu8kBaJoLE5yeR5NK';
req.method = 'POST';
req.session = {};
req.session['wsfed:example'] = {};
req.session['wsfed:example']['state'] = 'DkbychwKu8kBaJoLE5yeR5NK';
})
.authenticate({});
});
it( 'should throw error when openid is invalid', function( done ) {
const strategy = new WechatStrategy( {
appId: 'ABC123',
appSecret: 'secret'
}, () => {} )
strategy._oauth.getAccessToken = getAccessToken
strategy._oauth.getUser = getUser
chai.passport.use( strategy )
.error( ( err ) => {
expect( err.errcode ).to.equal( 40003 )
expect( err.errmsg ).to.equal( 'invalid openid' )
done()
} )
.req( function( req ) {
req.query = {}
req.query.code = 'invalid_openid'
} )
.authenticate()
} )
return function(done) {
options.validateIssuer = validateIssuer;
options.issuer = issuer;
options.isB2C = true;
options.identityMetadata = 'https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration';
var testStrategy = new OIDCStrategy(options, function(profile, done) {});
chai.passport
.use(testStrategy)
.redirect(function(u) { redirectUrl = u; done(); })
.fail(function(c) {challenge = c; done(); })
.req(function(req) {
request = req;
req.session = {};
req.query = { p: 'b2c_1_signin' };
challenge = null;
})
.authenticate({ tenantIdOrName: tenantIdOrName });
};
return function(done) {
// Mock `setOptions`
testStrategy.setOptions = function(params, oauthConfig, optionsToValidate, done) {
params.metadata.generateOidcPEM = () => { return PEMkey; };
optionsToValidate.validateIssuer = true;
optionsToValidate.issuer = 'https://sts.windows.net/268da1a1-9db4-48b9-b1fe-683250ba90cc/';
optionsToValidate.audience = '2abf3a52-7d86-460b-a1ef-77dc43de8aad';
optionsToValidate.allowMultiAudiencesInToken = false;
optionsToValidate.ignoreExpiration = true;
optionsToValidate.algorithms = ['RS256'];
optionsToValidate.nonce = nonce_to_use;
if (action) {
for (let i = 0; i < action.length; i++)
action[i](optionsToValidate);
}
return done();
};
chai.passport
.use(testStrategy)
.fail(function(c) {
challenge = c; done();
})
.success(function(u) {
user = u; done();
})
.req(function(req) {
// reset the value of challenge and user
challenge = user = undefined;
var time = Date.now();
// add state and nonce to session
req.session = {'my_key': {'content': [{'state': 'my_state', 'nonce': nonce_to_use, 'policy': undefined, 'timeStamp': time}]}};
// add id_token and state to body
req.body = {'id_token': id_token_to_use, 'state' : 'my_state'};
// empty query
req.query = {};
})
.authenticate({});
};