keyfetch.js/keyfetch-test.js

'use strict';

var keyfetch = require('./keyfetch.js');
var testIss = "https://example.auth0.com";

keyfetch.init({});
keyfetch.oidcJwks(testIss).then(function (hits) {
  keyfetch._clear();
  //console.log(hits);
  return keyfetch.oidcJwk(hits[0].thumbprint, testIss).then(function () {
    return keyfetch.oidcJwk(hits[0].thumbprint, testIss).then(function (/*jwk*/) {
      //console.log(jwk);
    });
  });
}).then(function () {
  console.log("Fetching PASSES");
}).catch(function (err) {
  console.error("NONE SHALL PASS!");
  console.error(err);
  process.exit(1);
});

/*global Promise*/
var keypairs = require('keypairs.js');
keypairs.generate().then(function (pair) {
  return Promise.all([
    keypairs.signJwt({
      jwk: pair.private, iss: 'https://example.com/', sub: 'mikey', exp: '1h'
    }).then(function (jwt) {
      return Promise.all([
        keyfetch.jwt.verify(jwt, { jwk: pair.public }).then(function (verified) {
          if (!(verified.claims && verified.claims.exp)) {
            throw new Error("malformed decoded token");
          }
        })
      , keyfetch.jwt.verify(keyfetch.jwt.decode(jwt), { jwk: pair.public }).then(function (verified) {
          if (!(verified.claims && verified.claims.exp)) {
            throw new Error("malformed decoded token");
          }
        })
      , keyfetch.jwt.verify(jwt, { jwks: [pair.public] })
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com/'] })
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com'] })
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['example.com'] })
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['example.com/'] })
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['*'] })
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['http://example.com'] })
          .then(e("bad scheme")).catch(throwIfNotExpected)
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://www.example.com'] })
          .then(e("bad prefix")).catch(throwIfNotExpected)
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://wexample.com'] })
          .then(e("bad sld")).catch(throwIfNotExpected)
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.comm'] })
          .then(e("bad tld")).catch(throwIfNotExpected)
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, claims: { iss: 'https://example.com/' } })
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, claims: { iss: 'https://example.com' } })
          .then(e("inexact claim")).catch(throwIfNotExpected)
      ]);
    })
  , keypairs.signJwt({
      jwk: pair.private, iss: false, sub: 'mikey', exp: '1h'
    }).then(function (jwt) {
      return Promise.all([
        keyfetch.jwt.verify(jwt, { jwk: pair.public })
      , keyfetch.jwt.verify(jwt)
          .then(e("should have an issuer")).catch(throwIfNotExpected)
      , keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com/'] })
          .then(e("fail when issuer specified and doesn't exist")).catch(throwIfNotExpected)
      ]);
    })
  ]).then(function () {
    console.log("JWT PASSES");
  }).catch(function (err) {
    console.error("NONE SHALL PASS!");
    console.error(err);
    process.exit(1);
  });
});
/*
var jwt = '...';
keyfetch.verify({ jwt: jwt }).catch(function (err) {
  console.log(err);
});
*/

function e(msg) {
  return new Error("ETEST: " + msg);
}
function throwIfNotExpected(err) {
  if ("ETEST" === err.message.slice(0, 5)) { throw err; }
}
initial commit 2019-02-25 22:54:08 +00:00			`'use strict';`

			`var keyfetch = require('./keyfetch.js');`
v1.1.8: cleanup and support forced keys for verification 2019-03-09 09:50:14 +00:00			`var testIss = "https://example.auth0.com";`
initial commit 2019-02-25 22:54:08 +00:00
			`keyfetch.init({});`
v1.1.8: cleanup and support forced keys for verification 2019-03-09 09:50:14 +00:00			`keyfetch.oidcJwks(testIss).then(function (hits) {`
v1.1.4: fix fetching bug 2019-02-25 23:17:26 +00:00			`keyfetch._clear();`
v1.2.0: add code to check issuers and claims 2019-03-15 19:45:27 +00:00			`//console.log(hits);`
v1.1.8: cleanup and support forced keys for verification 2019-03-09 09:50:14 +00:00			`return keyfetch.oidcJwk(hits[0].thumbprint, testIss).then(function () {`
v1.2.0: add code to check issuers and claims 2019-03-15 19:45:27 +00:00			`return keyfetch.oidcJwk(hits[0].thumbprint, testIss).then(function (/jwk/) {`
			`//console.log(jwk);`
v1.1.4: fix fetching bug 2019-02-25 23:17:26 +00:00			`});`
initial commit 2019-02-25 22:54:08 +00:00			`});`
v1.2.0: add code to check issuers and claims 2019-03-15 19:45:27 +00:00			`}).then(function () {`
			`console.log("Fetching PASSES");`
initial commit 2019-02-25 22:54:08 +00:00			`}).catch(function (err) {`
v1.2.0: add code to check issuers and claims 2019-03-15 19:45:27 +00:00			`console.error("NONE SHALL PASS!");`
initial commit 2019-02-25 22:54:08 +00:00			`console.error(err);`
v1.2.0: add code to check issuers and claims 2019-03-15 19:45:27 +00:00			`process.exit(1);`
initial commit 2019-02-25 22:54:08 +00:00			`});`

v1.2.0: add code to check issuers and claims 2019-03-15 19:45:27 +00:00			`/global Promise/`
			`var keypairs = require('keypairs.js');`
			`keypairs.generate().then(function (pair) {`
add a few more tests 2019-03-15 19:53:49 +00:00			`return Promise.all([`
			`keypairs.signJwt({`
			`jwk: pair.private, iss: 'https://example.com/', sub: 'mikey', exp: '1h'`
			`}).then(function (jwt) {`
			`return Promise.all([`
			`keyfetch.jwt.verify(jwt, { jwk: pair.public }).then(function (verified) {`
			`if (!(verified.claims && verified.claims.exp)) {`
			`throw new Error("malformed decoded token");`
			`}`
			`})`
			`, keyfetch.jwt.verify(keyfetch.jwt.decode(jwt), { jwk: pair.public }).then(function (verified) {`
			`if (!(verified.claims && verified.claims.exp)) {`
			`throw new Error("malformed decoded token");`
			`}`
			`})`
			`, keyfetch.jwt.verify(jwt, { jwks: [pair.public] })`
			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com/'] })`
			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com'] })`
v1.2.1: better trusted issuer normalization 2019-03-15 19:59:55 +00:00			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['example.com'] })`
			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['example.com/'] })`
add a few more tests 2019-03-15 19:53:49 +00:00			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['*'] })`
			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['http://example.com'] })`
			`.then(e("bad scheme")).catch(throwIfNotExpected)`
			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://www.example.com'] })`
			`.then(e("bad prefix")).catch(throwIfNotExpected)`
			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://wexample.com'] })`
			`.then(e("bad sld")).catch(throwIfNotExpected)`
			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.comm'] })`
			`.then(e("bad tld")).catch(throwIfNotExpected)`
			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, claims: { iss: 'https://example.com/' } })`
			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, claims: { iss: 'https://example.com' } })`
			`.then(e("inexact claim")).catch(throwIfNotExpected)`
			`]);`
			`})`
			`, keypairs.signJwt({`
			`jwk: pair.private, iss: false, sub: 'mikey', exp: '1h'`
			`}).then(function (jwt) {`
			`return Promise.all([`
			`keyfetch.jwt.verify(jwt, { jwk: pair.public })`
			`, keyfetch.jwt.verify(jwt)`
			`.then(e("should have an issuer")).catch(throwIfNotExpected)`
			`, keyfetch.jwt.verify(jwt, { jwk: pair.public, issuers: ['https://example.com/'] })`
			`.then(e("fail when issuer specified and doesn't exist")).catch(throwIfNotExpected)`
			`]);`
			`})`
			`]).then(function () {`
			`console.log("JWT PASSES");`
			`}).catch(function (err) {`
			`console.error("NONE SHALL PASS!");`
			`console.error(err);`
			`process.exit(1);`
v1.2.0: add code to check issuers and claims 2019-03-15 19:45:27 +00:00			`});`
			`});`
initial commit 2019-02-25 22:54:08 +00:00			`/*`
			`var jwt = '...';`
			`keyfetch.verify({ jwt: jwt }).catch(function (err) {`
			`console.log(err);`
			`});`
			`*/`
v1.2.0: add code to check issuers and claims 2019-03-15 19:45:27 +00:00
			`function e(msg) {`
			`return new Error("ETEST: " + msg);`
			`}`
			`function throwIfNotExpected(err) {`
			`if ("ETEST" === err.message.slice(0, 5)) { throw err; }`
			`}`