root
/
keyfetch.js
mirror of https://github.com/therootcompany/keyfetch.js.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
keyfetch.js/keyfetch-test.js

165 lines
5.9 KiB
JavaScript
Raw Permalink Normal View History

make Prettier
2020-04-08 20:01:06 +00:00
"use strict";
initial commit
2019-02-25 22:54:08 +00:00
make Prettier
2020-04-08 20:01:06 +00:00
var keyfetch = require("./keyfetch.js");
v1.1.8: cleanup and support forced keys for verification
2019-03-09 09:50:14 +00:00
var testIss = "https://example.auth0.com";
initial commit
2019-02-25 22:54:08 +00:00
keyfetch.init({});
make Prettier
2020-04-08 20:01:06 +00:00
keyfetch
.oidcJwks(testIss)
.then(function (hits) {
keyfetch._clear();
//console.log(hits);
return keyfetch.oidcJwk(hits[0].thumbprint, testIss).then(function () {
return keyfetch.oidcJwk(hits[0].thumbprint, testIss).then(function (/*jwk*/) {
//console.log(jwk);
});
});
})
.then(function () {
console.log("Fetching PASSES");
})
.catch(function (err) {
console.error("NONE SHALL PASS!");
console.error(err);
process.exit(1);
v1.1.4: fix fetching bug
2019-02-25 23:17:26 +00:00
});
initial commit
2019-02-25 22:54:08 +00:00
v1.2.0: add code to check issuers and claims
2019-03-15 19:45:27 +00:00
/*global Promise*/
security: obey opts.iss, issue warning by default
2021-06-15 23:03:18 +00:00
var keypairs = require("keypairs");
v1.2.0: add code to check issuers and claims
2019-03-15 19:45:27 +00:00
keypairs.generate().then(function (pair) {
security: obey opts.iss, issue warning by default
2021-06-15 23:03:18 +00:00
var iss = "https://example.com/";
make Prettier
2020-04-08 20:01:06 +00:00
return Promise.all([
keypairs
.signJwt({
jwk: pair.private,
security: obey opts.iss, issue warning by default
2021-06-15 23:03:18 +00:00
iss: iss,
make Prettier
2020-04-08 20:01:06 +00:00
sub: "mikey",
exp: "1h"
})
.then(function (jwt) {
return Promise.all([
security: obey opts.iss, issue warning by default
2021-06-15 23:03:18 +00:00
keyfetch.jwt.verify(jwt, { jwk: pair.public, iss: "*" }).then(function (verified) {
make Prettier
2020-04-08 20:01:06 +00:00
if (!(verified.claims && verified.claims.exp)) {
throw new Error("malformed decoded token");
}
}),
security: obey opts.iss, issue warning by default
2021-06-15 23:03:18 +00:00
keyfetch.jwt
.verify(keyfetch.jwt.decode(jwt), { jwk: pair.public, iss: iss })
.then(function (verified) {
if (!(verified.claims && verified.claims.exp)) {
throw new Error("malformed decoded token");
}
}),
keyfetch.jwt.verify(jwt, { jwks: [pair.public], issuers: [iss] }),
make Prettier
2020-04-08 20:01:06 +00:00
keyfetch.jwt.verify(jwt, {
jwk: pair.public,
issuers: ["https://example.com/"]
}),
keyfetch.jwt.verify(jwt, {
jwk: pair.public,
issuers: ["https://example.com"]
}),
keyfetch.jwt.verify(jwt, {
jwk: pair.public,
issuers: ["example.com"]
}),
keyfetch.jwt.verify(jwt, {
jwk: pair.public,
issuers: ["example.com/"]
}),
keyfetch.jwt.verify(jwt, {
jwk: pair.public,
issuers: ["*"]
}),
keyfetch.jwt
.verify(jwt, {
jwk: pair.public,
issuers: ["http://example.com"]
})
.then(e("bad scheme"))
.catch(throwIfNotExpected),
keyfetch.jwt
.verify(jwt, {
jwk: pair.public,
issuers: ["https://www.example.com"]
})
.then(e("bad prefix"))
.catch(throwIfNotExpected),
keyfetch.jwt
.verify(jwt, {
jwk: pair.public,
issuers: ["https://wexample.com"]
})
.then(e("bad sld"))
.catch(throwIfNotExpected),
keyfetch.jwt
.verify(jwt, {
jwk: pair.public,
issuers: ["https://example.comm"]
})
.then(e("bad tld"))
.catch(throwIfNotExpected),
keyfetch.jwt.verify(jwt, {
jwk: pair.public,
claims: { iss: "https://example.com/" }
}),
keyfetch.jwt
.verify(jwt, {
jwk: pair.public,
claims: { iss: "https://example.com" }
})
.then(e("inexact claim"))
.catch(throwIfNotExpected)
]);
}),
keypairs
.signJwt({
jwk: pair.private,
iss: false,
sub: "mikey",
exp: "1h"
})
.then(function (jwt) {
return Promise.all([
security: obey opts.iss, issue warning by default
2021-06-15 23:03:18 +00:00
// test that the old behavior of defaulting to '*' still works
security warning -> issuer error, async/await
2021-06-15 23:22:38 +00:00
keyfetch.jwt
.verify(jwt, { jwk: pair.public })
.then(e("should have issued security warning about allow all by default"))
.catch(throwIfNotExpected),
security: obey opts.iss, issue warning by default
2021-06-15 23:03:18 +00:00
keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ["*"] }),
make Prettier
2020-04-08 20:01:06 +00:00
keyfetch.jwt.verify(jwt).then(e("should have an issuer")).catch(throwIfNotExpected),
keyfetch.jwt
.verify(jwt, {
jwk: pair.public,
issuers: ["https://example.com/"]
})
.then(e("fail when issuer specified and doesn't exist"))
.catch(throwIfNotExpected)
]);
})
])
.then(function () {
console.log("JWT PASSES");
add a few more tests
2019-03-15 19:53:49 +00:00
})
make Prettier
2020-04-08 20:01:06 +00:00
.catch(function (err) {
console.error("NONE SHALL PASS!");
console.error(err);
process.exit(1);
});
v1.2.0: add code to check issuers and claims
2019-03-15 19:45:27 +00:00
});
initial commit
2019-02-25 22:54:08 +00:00
/*
var jwt = '...';
keyfetch.verify({ jwt: jwt }).catch(function (err) {
console.log(err);
});
*/
v1.2.0: add code to check issuers and claims
2019-03-15 19:45:27 +00:00
function e(msg) {
make Prettier
2020-04-08 20:01:06 +00:00
return new Error("ETEST: " + msg);
v1.2.0: add code to check issuers and claims
2019-03-15 19:45:27 +00:00
}
function throwIfNotExpected(err) {
make Prettier
2020-04-08 20:01:06 +00:00
if ("ETEST" === err.message.slice(0, 5)) {
throw err;
}
v1.2.0: add code to check issuers and claims
2019-03-15 19:45:27 +00:00
}