it('Should properly call _verify with req', done => { chai.passport.use(strategy) .success((user, info) => { assert.typeOf(user, 'object'); assert.typeOf(info, 'object'); assert.deepEqual(info, {info: 'foo'}); done(); }) .req(req => { req.body = { access_token: 'access_token', refresh_token: 'refresh_token' } }) .authenticate({}); });
before(function (done) { chai.passport.use(strategy) .error(function(e) { err = e; done(); }) .req(function(req) { request = req; req.body = {}; req.body.wresult = '<trust:RequestSecurityTokenResponseCollection>...</trust:RequestSecurityTokenResponseCollection>'; req.body.wctx = 'DkbychwKu8kBaJoLE5yeR5NK-WRONG'; req.method = 'POST'; }) .authenticate({}); });
it('Should properly parse token from query', done => { chai.passport.use(strategy) .success((user, info) => { assert.typeOf(user, 'object'); assert.typeOf(info, 'object'); assert.deepEqual(info, {info: 'foo'}); done(); }) .req(req => { req.query = { access_token: 'access_token', refresh_token: 'refresh_token' } }) .authenticate(); });
return function(done) { chai.passport .use(testStrategy) .fail(function(c) { challenge = c; done(); }) .req(function(req) { req.query = {}; if (query_or_body == 'query') req.query = {'access_token' : access_token, 'refresh_token' : refresh_token}; else if (query_or_body == 'body') req.body = {'access_token' : access_token, 'refresh_token' : refresh_token}; }) .authenticate({}); };
before(function(done) { chai.passport.use(strategy) .fail(function(i, s) { info = i; status = s; done(); }) .req(function(req) { request = req; req.query = {}; req.query.code = 'SplxlOBeZQQYbYS6WxSbIA'; req.query.state = 'DkbychwKu8kBaJoLE5yeR5NK'; req.session = {}; }) .authenticate(); });
before(function(done) { chai.passport.use(strategy) .error(function(e) { err = e; done(); }) .req(function(req) { req.query = {}; req.query['oauth_token'] = 'hh5s93j4hdidpola'; req.query['oauth_verifier'] = 'x-hfdp7dh39dks9884'; req.session = {}; req.session['oauth:fanfou'] = {}; req.session['oauth:fanfou']['oauth_token'] = 'hh5s93j4hdidpola'; req.session['oauth:fanfou']['oauth_token_secret'] = 'hdhd0244k9j7ao03'; }) .authenticate(); });
before(function(done) { chai.passport.use(strategy) .success(function(u, i) { user = u; info = i; done(); }) .req(function(req) { req.headers['x-foo'] = 'hello'; req.body = {}; req.body.username = '******'; req.body.host = 'johndoe'; req.body.password = '******'; }) .authenticate(); });
before(function(done) { chai.passport.use(strategy) .pass(function() { pass = true; done(); }) .req(function(req) { request = req; req._passport = {}; req._passport.instance = {}; req._passport.instance._userProperty = 'currentUser'; req._passport.session = {}; req._passport.session.user = '******'; }) .authenticate(); });
before(function(done) { chai.passport.use(strategy) .error(function(e) { err = e; done(); }) .req(function(req) { request = req; req.query = {}; req.query['oauth_token'] = 'wrong-token'; req.query['oauth_verifier'] = 'wrong-verifier'; req.session = {}; req.session['oauth'] = {}; req.session['oauth']['oauth_token'] = 'wrong-token'; req.session['oauth']['oauth_token_secret'] = 'wrong-token-secret'; }) .authenticate(); });
it('Should properly parse access token from OAuth2 bearer header', done => { chai .passport .use(strategy) .success((user, info) => { assert.typeOf(user, 'object'); assert.typeOf(info, 'object'); assert.deepEqual(info, {info: 'foo'}); done(); }) .req(req => { req.headers = { Authorization: 'Bearer access_token', refresh_token: 'refresh_token' } }) .authenticate({}); });
before(function(done) { chai.passport.use(strategy) .fail(function(i, s) { info = i; status = s; done(); }) .req(function(req) { request = req; req.body = {}; req.body.wresult = '<trust:RequestSecurityTokenResponseCollection>...</trust:RequestSecurityTokenResponseCollection>'; req.body.wctx = 'DkbychwKu8kBaJoLE5yeR5NK-WRONG'; req.method = 'POST'; req.session = {}; }) .authenticate({}); });
before(function(done) { strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeaderAsBearerToken(), secretOrKey: 'secret'}, verify_spy); // Mock errored verification Strategy.JwtVerifier = sinon.stub(); Strategy.JwtVerifier.callsArgWith(3, new Error("jwt expired"), false); chai.passport.use(strategy) .fail(function(i) { info = i; done(); }) .req(function(req) { req.headers['authorization'] = "bearer " + test_data.valid_jwt.token; }) .authenticate(); });
it('Should properly parse token from body', done => { chai .passport .use(strategy) .success((user, info) => { assert.typeOf(user, 'object'); assert.typeOf(info, 'object'); assert.deepEqual(info, {info: 'foo'}); done(); }) .req(req => { req.body = { oauth_token: 'token', oauth_token_secret: 'token_secret' } }) .authenticate({}); });
before(function(done) { chai.passport.use(strategy) .fail(function(i) { info = i; done(); }) .req(function(req) { request = req; req.query = {}; req.query.code = 'SplxlOBeZQQYbYS6WxSbIA'; req.query.state = 'DkbychwKu8kBaJoLE5yeR5NK'; req.session = {}; req.session['oauth2:www.example.com'] = {}; req.session['oauth2:www.example.com']['state'] = { handle: 'DkbychwKu8kBaJoLE5yeR5NK'}; }) .authenticate(); });
before(function(done) { strategy = new Strategy({jwtFromRequest: function(r) {}, secretOrKey: 'secret'}, function(jwt_payload, next) { // Return values aren't important in this case return next(null, {}, {}); }); mockVerifier.reset(); chai.passport.use(strategy) .fail(function(i) { info = i done(); }) .req(function(req) { req.body = {} }) .authenticate(); });
it( 'should fetch basic info if scope is snsapi_base', function( done ) { const strategy = new WechatStrategy( { appId: 'ABC123', appSecret: 'secret' }, ( accessToken, refreshToken, profile, next ) => { expect( profile.id ).to.equal( 'OPENID' ) expect( profile.openid ).to.equal( 'OPENID' ) done() } ) strategy._oauth.getAccessToken = getAccessToken strategy._oauth.getUser = getUser chai.passport.use( strategy ) .req( function( req ) { req.query = {} req.query.code = 'base' } ) .authenticate() } )
before(function(done) { chai.passport.use(strategy) .pass(function() { pass = true; done(); }) .req(function(req) { request = req; req._passport = {}; req._passport.instance = {}; req._passport.instance.deserializeUser = function(user, req, done) { done(null, { id: user }); }; req._passport.session = {}; req._passport.session.user = 0; }) .authenticate(); });
before(function(done) { chai.passport.use(strategy) .error(function(err) { error = err; done(); }) .req(function(req) { request = req; req._passport = {}; req._passport.instance = {}; req._passport.instance.deserializeUser = function(user, req, done) { done(new Error('something went wrong')); }; req._passport.session = {}; req._passport.session.user = '******'; }) .authenticate(); });
before(function(done) { strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeaderAsBearerToken(), secretOrKey: 'secret'}, function(jwt_payload, next) { payload = jwt_payload; next(null, {}, {}); }); // Mock successful verification Strategy.JwtVerifier = sinon.stub(); Strategy.JwtVerifier.callsArgWith(3, null, test_data.valid_jwt.payload); chai.passport.use(strategy) .success(function(u, i) { done(); }) .req(function(req) { req.headers['authorization'] = "bearer " + test_data.valid_jwt.token; }) .authenticate(); });
return function(done) { options.validateIssuer = validateIssuer; options.issuer = issuer; options.isB2C = isB2C; var testStrategy = new OIDCStrategy(options, function(profile, done) {}); chai.passport .use(testStrategy) .redirect(function(u) {redirectUrl = u; done(); }) .fail(function(c) {challenge = c; done(); }) .req(function(req) { request = req; req.session = {}; req.query = {}; challenge = null; }) .authenticate({ tenantIdOrName: tenantIdOrName }); };
before(function(done) { strategy = new Strategy({ jwtFromRequest: function (r) { return test_data.valid_jwt.token; }, secretOrKey: 'secret' }, function(jwt_payload, next) { // Return values aren't important in this case return next(null, {}, {}); } ); mockVerifier.reset(); chai.passport.use(strategy) .success(function(u, i) { done(); }) .authenticate(); });
before(function(done) { chai.passport.use(strategy) .fail(function(i, s) { info = i; status = s; done(); }) .req(function(req) { request = req; req.query = {}; req.query.code = 'SplxlOBeZQQYbYS6WxSbIA'; req.query.state = 'DkbychwKu8kBaJoLE5yeR5NK-WRONG'; req.session = {}; req.session['oauth2:www.example.com'] = {}; req.session['oauth2:www.example.com']['state'] = { handle: 'DkbychwKu8kBaJoLE5yeR5NK', code_verifier: 'dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk' }; }) .authenticate(); });
before(function(done) { chai.passport.use(strategy) .success(function(u, i) { user = u; info = i; done(); }) .req(function(req) { request = req; req.query = {}; req.query.code = 'SplxlOBeZQQYbYS6WxSbIA'; req.query.state = 'DkbychwKu8kBaJoLE5yeR5NK'; req.session = {}; req.session['oauth2:example'] = {}; req.session['oauth2:example']['state'] = 'DkbychwKu8kBaJoLE5yeR5NK'; }) .authenticate(); });
before(function(done) { chai.passport.use(strategy) .success(function(u, i) { user = u; info = i; done(); }) .req(function(req) { request = req; req.query = {}; req.query['oauth_token'] = 'hh5s93j4hdidpola'; req.query['oauth_verifier'] = 'hfdp7dh39dks9884'; req.session = {}; req.session['oauth'] = {}; req.session['oauth']['oauth_token'] = 'hh5s93j4hdidpola'; req.session['oauth']['oauth_token_secret'] = 'hdhd0244k9j7ao03'; }) .authenticate(); });
before(function(done) { chai.passport.use(strategy) .redirect(function(u) { url = u; done(); }) .req(function(req) { req.app = { get: function(name) { return name == 'trust proxy' ? false : false; } } req.url = '/auth/example'; req.headers.host = 'www.example.net'; req.headers['x-forwarded-proto'] = 'https'; req.connection = {}; }) .authenticate(); });
before(function (done) { chai.passport.use(strategy) .success(function(u, i) { user = u; info = i; done(); }) .req(function(req) { request = req; req.body = {}; req.body.wresult = '<trust:RequestSecurityTokenResponseCollection>...</trust:RequestSecurityTokenResponseCollection>'; req.body.wctx = 'DkbychwKu8kBaJoLE5yeR5NK'; req.method = 'POST'; req.session = {}; req.session['wsfed:example'] = {}; req.session['wsfed:example']['state'] = 'DkbychwKu8kBaJoLE5yeR5NK'; }) .authenticate({}); });
it( 'should throw error when openid is invalid', function( done ) { const strategy = new WechatStrategy( { appId: 'ABC123', appSecret: 'secret' }, () => {} ) strategy._oauth.getAccessToken = getAccessToken strategy._oauth.getUser = getUser chai.passport.use( strategy ) .error( ( err ) => { expect( err.errcode ).to.equal( 40003 ) expect( err.errmsg ).to.equal( 'invalid openid' ) done() } ) .req( function( req ) { req.query = {} req.query.code = 'invalid_openid' } ) .authenticate() } )
return function(done) { options.validateIssuer = validateIssuer; options.issuer = issuer; options.isB2C = true; options.identityMetadata = 'https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration'; var testStrategy = new OIDCStrategy(options, function(profile, done) {}); chai.passport .use(testStrategy) .redirect(function(u) { redirectUrl = u; done(); }) .fail(function(c) {challenge = c; done(); }) .req(function(req) { request = req; req.session = {}; req.query = { p: 'b2c_1_signin' }; challenge = null; }) .authenticate({ tenantIdOrName: tenantIdOrName }); };
return function(done) { // Mock `setOptions` testStrategy.setOptions = function(params, oauthConfig, optionsToValidate, done) { params.metadata.generateOidcPEM = () => { return PEMkey; }; optionsToValidate.validateIssuer = true; optionsToValidate.issuer = 'https://sts.windows.net/268da1a1-9db4-48b9-b1fe-683250ba90cc/'; optionsToValidate.audience = '2abf3a52-7d86-460b-a1ef-77dc43de8aad'; optionsToValidate.allowMultiAudiencesInToken = false; optionsToValidate.ignoreExpiration = true; optionsToValidate.algorithms = ['RS256']; optionsToValidate.nonce = nonce_to_use; if (action) { for (let i = 0; i < action.length; i++) action[i](optionsToValidate); } return done(); }; chai.passport .use(testStrategy) .fail(function(c) { challenge = c; done(); }) .success(function(u) { user = u; done(); }) .req(function(req) { // reset the value of challenge and user challenge = user = undefined; var time = Date.now(); // add state and nonce to session req.session = {'my_key': {'content': [{'state': 'my_state', 'nonce': nonce_to_use, 'policy': undefined, 'timeStamp': time}]}}; // add id_token and state to body req.body = {'id_token': id_token_to_use, 'state' : 'my_state'}; // empty query req.query = {}; }) .authenticate({}); };