it('test signin with default params', () => { let providerConfig = config('google'); auth.signin(providerConfig, {}, (err, data) => { expect(err).to.be.null; expect(data.url).to.equal('https://accounts.google.com/o/oauth2/v2/auth?client_id=app-id&redirect_uri=https://api-id.execute-api.eu-west-1.amazonaws.com/dev/callback/google&response_type=code&scope=profile'); }); });
before(() => { let providerConfig = config('google'); nock('https://www.googleapis.com') .post('/oauth2/v4/token') .query({ client_id: providerConfig.id, redirect_uri: providerConfig.redirect_uri, client_secret: providerConfig.secret, code: 'code' }) .reply(200, { access_token: 'access-token-123' }); nock('https://www.googleapis.com') .get('/plus/v1/people/me') .query({access_token: 'access-token-123'}) .reply(200, { id: 'user-id-1', displayName: 'Eetu Tuomala', emails: [ { value: '*****@*****.**' } ], image: { url: 'https://avatars3.githubusercontent.com/u/4726921?v=3&s=460' } }); });
beforeAll(() => { const providerConfig = config({ provider: 'microsoft' }) nock('https://login.live.com') .post( '/oauth20_token.srf', ({ client_id, redirect_uri, client_secret, code }) => client_id === providerConfig.id && redirect_uri === providerConfig.redirect_uri && client_secret === providerConfig.secret && code === 'code' ) .reply(200, { access_token: 'access-token-123' }) nock('https://apis.live.net') .get('/v5.0/me') .query({ access_token: 'access-token-123' }) .reply(200, { id: 'user-id-1', name: 'Eetu Tuomala', emails: { preferred: '*****@*****.**' }, picture: 'https://avatars3.githubusercontent.com/u/4726921?v=3&s=460' }) })
it('tests signin with default params', async () => { const providerConfig = config({ provider: 'microsoft' }) const data = await authentication.signinHandler(providerConfig, {}) expect(data.url).toBe( 'https://login.live.com/oauth20_authorize.srf?client_id=microsoft-mock-id&redirect_uri=https://api-id.execute-api.eu-west-1.amazonaws.com/dev/callback/microsoft&response_type=code&scope=wl.basic' ) })
it('should return local client url', async () => { const event = { pathParameters: { provider: 'google' }, queryStringParameters: { code: 'code', state: process.env.STATE }, requestContext: { stage: 'dev' }, headers: { Host: 'api-id.execute-api.eu-west-1.amazonaws.com' } } const providerConfig = config(event) const data = await callbackHandler(event) const { query } = url.parse(data.headers.Location, true) refreshToken = query.refresh_token expect(query.authorization_token).toMatch( /[a-zA-Z0-9\-_]+?\.[a-zA-Z0-9\-_]+?\.([a-zA-Z0-9\-_]+)?/ ) expect(refreshToken).toMatch(/[A-Fa-f0-9]{64}/) const tokenData = utils.readToken( query.authorization_token, providerConfig.token_secret ) expect(tokenData.id).toBe( '59d694734e227742db6b6788bdbfb2e5fb5f866c1811fc4d8704aff012e69623' ) })
it('tests signin without params', () => { const providerConfig = config('facebook'); auth.signinHandler(providerConfig, {}, (err, data) => { expect(err).to.be.null; expect(data.url).to.equal('https://www.facebook.com/dialog/oauth?client_id=fb-mock-id&redirect_uri=https://api-id.execute-api.eu-west-1.amazonaws.com/dev/callback/facebook'); }); });
before(() => { const providerConfig = config('facebook'); nock('https://graph.facebook.com') .get('/v2.3/oauth/access_token') .query({ client_id: providerConfig.id, redirect_uri: providerConfig.redirect_uri, client_secret: providerConfig.secret, code: 'code' }) .reply(200, { access_token: 'access-token-123' }); nock('https://graph.facebook.com') .get('/me') .query({access_token: 'access-token-123', fields: 'id,name,picture,email,first_name,last_name'}) .reply(200, { id: 'user-id-1', name: 'Eetu Tuomala', email: '*****@*****.**', picture: { data: { is_silhouette: false, url: 'https://avatars3.githubusercontent.com/u/4726921?v=3&s=460' } }, first_name: 'Eetu', last_name: 'Tuomala' }); });
it('should return profile', (done) => { let providerConfig = config('google'); auth.callback({code: 'code', state: 'state'}, providerConfig, (err, profile) => { expect(profile.id).to.equal('user-id-1'); expect(profile.name).to.equal('Eetu Tuomala'); expect(profile.email).to.equal('*****@*****.**'); expect(profile.picture).to.equal('https://avatars3.githubusercontent.com/u/4726921?v=3&s=460'); expect(profile.provider).to.equal('google'); done(err); }) });
it('should return profile', (done) => { const providerConfig = config('facebook'); auth.callbackHandler({code: 'code', state: 'state'}, providerConfig, (err, profile) => { expect(profile.id).to.equal('user-id-1'); expect(profile.name).to.equal('Eetu Tuomala'); expect(profile.email).to.equal('*****@*****.**'); expect(profile.picture).to.equal('https://avatars3.githubusercontent.com/u/4726921?v=3&s=460'); expect(profile.provider).to.equal('facebook'); expect(profile.at_hash).to.equal('access-token-123'); expect(profile.given_name).to.equal('Eetu'); expect(profile.family_name).to.equal('Tuomala'); done(err); }) });
it('should return profile', async () => { const providerConfig = config({ provider: 'microsoft' }) const profile = await authentication.callbackHandler( { code: 'code', state: 'state' }, providerConfig ) expect(profile.id).toBe('user-id-1') expect(profile.name).toBe('Eetu Tuomala') expect(profile.email).toBe('*****@*****.**') expect(profile.picture).toBe( 'https://apis.live.net/v5.0/user-id-1/picture' ) expect(profile.provider).toBe('microsoft') expect(profile.at_hash).toBe('access-token-123') })
const authorize = async (event) => { const stage = event.methodArn.split('/')[1] || 'dev' // @todo better implementation let error = null let policy const { authorizationToken } = event if (authorizationToken) { try { // this example uses simple expiration time validation const providerConfig = config({ provider: '', stage }) const data = utils.readToken(authorizationToken, providerConfig.token_secret) policy = utils.generatePolicy(data.id, 'Allow', event.methodArn) policy.context = policyContext(data) } catch (err) { error = 'Unauthorized' } } else { error = 'Unauthorized' } if (error) { throw new Error(error) } return Promise.resolve(policy) }