it('test signin with default params', () => {
let providerConfig = config('google');
auth.signin(providerConfig, {}, (err, data) => {
expect(err).to.be.null;
expect(data.url).to.equal('https://accounts.google.com/o/oauth2/v2/auth?client_id=app-id&redirect_uri=https://api-id.execute-api.eu-west-1.amazonaws.com/dev/callback/google&response_type=code&scope=profile');
});
});
before(() => {
let providerConfig = config('google');
nock('https://www.googleapis.com')
.post('/oauth2/v4/token')
.query({
client_id: providerConfig.id,
redirect_uri: providerConfig.redirect_uri,
client_secret: providerConfig.secret,
code: 'code'
})
.reply(200, {
access_token: 'access-token-123'
});
nock('https://www.googleapis.com')
.get('/plus/v1/people/me')
.query({access_token: 'access-token-123'})
.reply(200, {
id: 'user-id-1',
displayName: 'Eetu Tuomala',
emails: [
{
value: '*****@*****.**'
}
],
image: {
url: 'https://avatars3.githubusercontent.com/u/4726921?v=3&s=460'
}
});
});
beforeAll(() => {
const providerConfig = config({ provider: 'microsoft' })
nock('https://login.live.com')
.post(
'/oauth20_token.srf',
({
client_id, redirect_uri, client_secret, code
}) =>
client_id === providerConfig.id &&
redirect_uri === providerConfig.redirect_uri &&
client_secret === providerConfig.secret &&
code === 'code'
)
.reply(200, {
access_token: 'access-token-123'
})
nock('https://apis.live.net')
.get('/v5.0/me')
.query({ access_token: 'access-token-123' })
.reply(200, {
id: 'user-id-1',
name: 'Eetu Tuomala',
emails: {
preferred: '*****@*****.**'
},
picture: 'https://avatars3.githubusercontent.com/u/4726921?v=3&s=460'
})
})
it('tests signin with default params', async () => {
const providerConfig = config({ provider: 'microsoft' })
const data = await authentication.signinHandler(providerConfig, {})
expect(data.url).toBe(
'https://login.live.com/oauth20_authorize.srf?client_id=microsoft-mock-id&redirect_uri=https://api-id.execute-api.eu-west-1.amazonaws.com/dev/callback/microsoft&response_type=code&scope=wl.basic'
)
})
it('should return local client url', async () => {
const event = {
pathParameters: {
provider: 'google'
},
queryStringParameters: {
code: 'code',
state: process.env.STATE
},
requestContext: {
stage: 'dev'
},
headers: {
Host: 'api-id.execute-api.eu-west-1.amazonaws.com'
}
}
const providerConfig = config(event)
const data = await callbackHandler(event)
const { query } = url.parse(data.headers.Location, true)
refreshToken = query.refresh_token
expect(query.authorization_token).toMatch(
/[a-zA-Z0-9\-_]+?\.[a-zA-Z0-9\-_]+?\.([a-zA-Z0-9\-_]+)?/
)
expect(refreshToken).toMatch(/[A-Fa-f0-9]{64}/)
const tokenData = utils.readToken(
query.authorization_token,
providerConfig.token_secret
)
expect(tokenData.id).toBe(
'59d694734e227742db6b6788bdbfb2e5fb5f866c1811fc4d8704aff012e69623'
)
})
it('tests signin without params', () => {
const providerConfig = config('facebook');
auth.signinHandler(providerConfig, {}, (err, data) => {
expect(err).to.be.null;
expect(data.url).to.equal('https://www.facebook.com/dialog/oauth?client_id=fb-mock-id&redirect_uri=https://api-id.execute-api.eu-west-1.amazonaws.com/dev/callback/facebook');
});
});
before(() => {
const providerConfig = config('facebook');
nock('https://graph.facebook.com')
.get('/v2.3/oauth/access_token')
.query({
client_id: providerConfig.id,
redirect_uri: providerConfig.redirect_uri,
client_secret: providerConfig.secret,
code: 'code'
})
.reply(200, {
access_token: 'access-token-123'
});
nock('https://graph.facebook.com')
.get('/me')
.query({access_token: 'access-token-123', fields: 'id,name,picture,email,first_name,last_name'})
.reply(200, {
id: 'user-id-1',
name: 'Eetu Tuomala',
email: '*****@*****.**',
picture: {
data: {
is_silhouette: false,
url: 'https://avatars3.githubusercontent.com/u/4726921?v=3&s=460'
}
},
first_name: 'Eetu',
last_name: 'Tuomala'
});
});
it('should return profile', (done) => {
let providerConfig = config('google');
auth.callback({code: 'code', state: 'state'}, providerConfig, (err, profile) => {
expect(profile.id).to.equal('user-id-1');
expect(profile.name).to.equal('Eetu Tuomala');
expect(profile.email).to.equal('*****@*****.**');
expect(profile.picture).to.equal('https://avatars3.githubusercontent.com/u/4726921?v=3&s=460');
expect(profile.provider).to.equal('google');
done(err);
})
});
it('should return profile', (done) => {
const providerConfig = config('facebook');
auth.callbackHandler({code: 'code', state: 'state'}, providerConfig, (err, profile) => {
expect(profile.id).to.equal('user-id-1');
expect(profile.name).to.equal('Eetu Tuomala');
expect(profile.email).to.equal('*****@*****.**');
expect(profile.picture).to.equal('https://avatars3.githubusercontent.com/u/4726921?v=3&s=460');
expect(profile.provider).to.equal('facebook');
expect(profile.at_hash).to.equal('access-token-123');
expect(profile.given_name).to.equal('Eetu');
expect(profile.family_name).to.equal('Tuomala');
done(err);
})
});
it('should return profile', async () => {
const providerConfig = config({ provider: 'microsoft' })
const profile = await authentication.callbackHandler(
{ code: 'code', state: 'state' },
providerConfig
)
expect(profile.id).toBe('user-id-1')
expect(profile.name).toBe('Eetu Tuomala')
expect(profile.email).toBe('*****@*****.**')
expect(profile.picture).toBe(
'https://apis.live.net/v5.0/user-id-1/picture'
)
expect(profile.provider).toBe('microsoft')
expect(profile.at_hash).toBe('access-token-123')
})
const authorize = async (event) => {
const stage = event.methodArn.split('/')[1] || 'dev' // @todo better implementation
let error = null
let policy
const { authorizationToken } = event
if (authorizationToken) {
try {
// this example uses simple expiration time validation
const providerConfig = config({ provider: '', stage })
const data = utils.readToken(authorizationToken, providerConfig.token_secret)
policy = utils.generatePolicy(data.id, 'Allow', event.methodArn)
policy.context = policyContext(data)
} catch (err) {
error = 'Unauthorized'
}
} else {
error = 'Unauthorized'
}
if (error) {
throw new Error(error)
}
return Promise.resolve(policy)
}