npm - @alanszp/express - Versions diffs - 6.0.4 → 7.0.1 - Mend

@alanszp/express 6.0.4 → 7.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (47) hide show

package/.env.test +5 -0
package/babel.config.js +7 -0
package/dist/helpers/now.d.ts +1 -0
package/dist/helpers/now.js +8 -0
package/dist/helpers/now.js.map +1 -0
package/dist/index.d.ts +1 -1
package/dist/index.js +1 -1
package/dist/index.js.map +1 -1
package/dist/middlewares/authenticateUser.d.ts +25 -0
package/dist/middlewares/authenticateUser.js +114 -0
package/dist/middlewares/authenticateUser.js.map +1 -0
package/dist/middlewares/authenticateUser.test.d.ts +1 -0
package/dist/middlewares/authenticateUser.test.js +308 -0
package/dist/middlewares/authenticateUser.test.js.map +1 -0
package/dist/test/mocks/authOptionsMocks.d.ts +8 -0
package/dist/test/mocks/authOptionsMocks.js +30 -0
package/dist/test/mocks/authOptionsMocks.js.map +1 -0
package/dist/test/mocks/expressMocks.d.ts +5 -0
package/dist/test/mocks/expressMocks.js +20 -0
package/dist/test/mocks/expressMocks.js.map +1 -0
package/dist/test/mocks/jwtUserMocks.d.ts +3 -0
package/dist/test/mocks/jwtUserMocks.js +18 -0
package/dist/test/mocks/jwtUserMocks.js.map +1 -0
package/dist/test/setup.d.ts +1 -0
package/dist/test/setup.js +5 -0
package/dist/test/setup.js.map +1 -0
package/dist/test/setup.test.d.ts +1 -0
package/dist/test/setup.test.js +14 -0
package/dist/test/setup.test.js.map +1 -0
package/dist/types/AuthMethod.d.ts +1 -1
package/jest.config.js +10 -0
package/package.json +12 -7
package/src/helpers/now.ts +3 -0
package/src/index.ts +1 -1
package/src/middlewares/authenticateUser.test.ts +403 -0
package/src/middlewares/authenticateUser.ts +170 -0
package/src/test/mocks/authOptionsMocks.ts +35 -0
package/src/test/mocks/expressMocks.ts +17 -0
package/src/test/mocks/jwtUserMocks.ts +17 -0
package/src/test/setup.test.ts +15 -0
package/src/test/setup.ts +3 -0
package/src/types/AuthMethod.ts +4 -1
package/tsconfig.json +5 -2
package/dist/middlewares/authWithJWT.d.ts +0 -4
package/dist/middlewares/authWithJWT.js +0 -56
package/dist/middlewares/authWithJWT.js.map +0 -1
package/src/middlewares/authWithJWT.ts +0 -54

package/dist/test/mocks/jwtUserMocks.js ADDED Viewed

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.laraJwtUserMock = exports.userJwtUserMock = void 0;
+exports.userJwtUserMock = {
+    id: "1",
+    employeeReference: "1",
+    organizationReference: "test",
+    roles: [],
+    permissions: [],
+};
+exports.laraJwtUserMock = {
+    id: "0",
+    employeeReference: "0",
+    organizationReference: "lara",
+    roles: [],
+    permissions: [],
+};
+//# sourceMappingURL=jwtUserMocks.js.map

package/dist/test/mocks/jwtUserMocks.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwtUserMocks.js","sourceRoot":"","sources":["../../../src/test/mocks/jwtUserMocks.ts"],"names":[],"mappings":";;;AAEa,QAAA,eAAe,GAAY;IACtC,EAAE,EAAE,GAAG;IACP,iBAAiB,EAAE,GAAG;IACtB,qBAAqB,EAAE,MAAM;IAC7B,KAAK,EAAE,EAAE;IACT,WAAW,EAAE,EAAE;CAChB,CAAC;AAEW,QAAA,eAAe,GAAY;IACtC,EAAE,EAAE,GAAG;IACP,iBAAiB,EAAE,GAAG;IACtB,qBAAqB,EAAE,MAAM;IAC7B,KAAK,EAAE,EAAE;IACT,WAAW,EAAE,EAAE;CAChB,CAAC"}

package/dist/test/setup.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/test/setup.js ADDED Viewed

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const dotenv_1 = require("dotenv");
+(0, dotenv_1.config)({ path: ".env.test" });
+//# sourceMappingURL=setup.js.map

package/dist/test/setup.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"setup.js","sourceRoot":"","sources":["../../src/test/setup.ts"],"names":[],"mappings":";;AAAA,mCAAgC;AAEhC,IAAA,eAAM,EAAC,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAC"}

package/dist/test/setup.test.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/test/setup.test.js ADDED Viewed

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const now_1 = require("../helpers/now");
+jest.mock("@/helpers/now");
+describe("Timezones", () => {
+    it("should always be UTC", () => {
+        expect(new Date().getTimezoneOffset()).toBe(0);
+    });
+    it("now() is mocked", () => {
+        now_1.now.mockReturnValue(new Date("2021-01-01T12:30:43"));
+        expect((0, now_1.now)()).toEqual(new Date("2021-01-01T12:30:43"));
+    });
+});
+//# sourceMappingURL=setup.test.js.map

package/dist/test/setup.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"setup.test.js","sourceRoot":"","sources":["../../src/test/setup.test.ts"],"names":[],"mappings":";;AAAA,wCAAqC;AAErC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;AAE3B,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE;IACzB,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;QAC9B,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC,iBAAiB,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iBAAiB,EAAE,GAAG,EAAE;QACxB,SAAiB,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC;QAEpE,MAAM,CAAC,IAAA,SAAG,GAAE,CAAC,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/types/AuthMethod.d.ts CHANGED Viewed

@@ -6,5 +6,5 @@ declare type GenerateStringUnion<T> = Extract<{
 declare type OverridableStringUnion<T extends string | number, U = {}> = GenerateStringUnion<Overwrite<Record<T, true>, U>>;
 export interface AuthMethodsOverride {
 }
-export declare type AuthMethod = OverridableStringUnion<"jwt", AuthMethodsOverride>;
+export declare type AuthMethod = OverridableStringUnion<"jwt" | "api_key", AuthMethodsOverride>;
 export {};

package/jest.config.js ADDED Viewed

@@ -0,0 +1,10 @@
+module.exports = {
+  collectCoverageFrom: ["src/**/*.{js,jsx,ts,tsx}"],
+  roots: ["<rootDir>/src/"],
+  clearMocks: true,
+  resetMocks: true,
+  testEnvironment: "node",
+  moduleNameMapper: {
+    "@/(.*)": "<rootDir>/src/$1",
+  },
+};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@alanszp/express",
-  "version": "6.0.4",
+  "version": "7.0.1",
   "description": "Alan's express utils and middlewares.",
   "main": "dist/index.js",
   "typings": "dist/index.d.ts",
@@ -14,6 +14,7 @@
   "scripts": {
     "compile": "rm -rf ./dist && tsc --declaration",
     "compile-watch": "tsc -w",
+    "test": "TZ=Etc/UTC jest",
     "build": "yarn run compile",
     "prepack": "yarn run build",
     "yalc-publish": "yarn run yalc publish"
@@ -24,21 +25,25 @@
   "devDependencies": {
     "@types/body-parser": "^1.19.1",
     "@types/express": "^4.17.12",
+    "@types/jest": "^28.1.8",
     "@types/lodash": "^4.14.170",
     "@types/node": "^15.12.3",
+    "babel-jest": "^29.0.0",
+    "eslint-plugin-jest": "^26.8.7",
+    "jest": "^29.0.0",
     "ts-node": "^10.0.0",
     "tslint": "^6.1.3",
     "typescript": "^4.3.4"
   },
   "dependencies": {
-    "@alanszp/audit": "^6.0.0",
-    "@alanszp/errors": "^6.0.0",
-    "@alanszp/jwt": "^6.0.0",
-    "@alanszp/logger": "^6.0.0",
-    "@alanszp/shared-context": "^6.0.4",
+    "@alanszp/audit": "^7.0.0",
+    "@alanszp/errors": "^7.0.0",
+    "@alanszp/jwt": "^7.0.0",
+    "@alanszp/logger": "^7.0.0",
+    "@alanszp/shared-context": "^7.0.0",
     "body-parser": "^1.19.0",
     "cuid": "^2.1.8",
     "lodash": "^4.17.21"
   },
-  "gitHead": "f11faa4b3583d683efc45e30d0817e4d3a9786a2"
+  "gitHead": "67e6ad3d56d02ee10f45ca59f7e68bc77d574f41"
 }

package/src/helpers/now.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export function now(): Date {
+  return new Date();
+}

package/src/index.ts CHANGED Viewed

@@ -4,7 +4,7 @@ export * from "./middlewares/auditLog";
 export * from "./middlewares/accessLogger";
 export * from "./middlewares/authedForOrg";
 export * from "./middlewares/createContext";
-export * from "./middlewares/authWithJWT";
+export * from "./middlewares/authenticateUser";
 export * from "./middlewares/returnInternalServerError";
 export * from "./middlewares/returnNotFound";
 export * from "./middlewares/jsonBodyParser";

package/src/middlewares/authenticateUser.test.ts ADDED Viewed

@@ -0,0 +1,403 @@
+import { AuthMethods, createAuthContext } from "./authenticateUser";
+import { verifyJWT } from "@alanszp/jwt";
+import {
+  mockNext,
+  mockRequest,
+  mockResponse,
+} from "../test/mocks/expressMocks";
+import { laraJwtUserMock, userJwtUserMock } from "../test/mocks/jwtUserMocks";
+import {
+  apiKeyAuthOptions,
+  bothMethodsAuthOptions,
+  jwtAuthOptions,
+  verifyOptions,
+} from "../test/mocks/authOptionsMocks";
+jest.mock("@alanszp/jwt");
+describe("AuthenticateUser", () => {
+  describe("authentication with only JWT", () => {
+    describe("when jwt verifies correctly", () => {
+      it("should authenticate correctly and call next", async () => {
+        (verifyJWT as jest.Mock).mockResolvedValueOnce(userJwtUserMock);
+        const req = mockRequest("Bearer token");
+        const res = mockResponse();
+        const next = mockNext();
+        await createAuthContext(jwtAuthOptions)([AuthMethods.JWT])(
+          req,
+          res,
+          next
+        );
+        expect(verifyJWT).toBeCalledWith("publicKey", "token", verifyOptions);
+        expect(res.status).toHaveBeenCalledTimes(0);
+        expect(res.json).toHaveBeenCalledTimes(0);
+        expect(req.context.jwtUser).toMatchObject(userJwtUserMock);
+        expect(req.context.authenticated).toStrictEqual(["jwt"]);
+        expect(next).toBeCalledWith();
+      });
+    });
+    describe("when jwt verifies incorrectly", () => {
+      it("should not authenticate, should not call next, and it should return 401", async () => {
+        (verifyJWT as jest.Mock).mockResolvedValueOnce(undefined);
+        const req = mockRequest("Bearer token");
+        const res = mockResponse();
+        const next = mockNext();
+        await createAuthContext(jwtAuthOptions)([AuthMethods.JWT])(
+          req,
+          res,
+          next
+        );
+        expect(verifyJWT).toBeCalledWith("publicKey", "token", verifyOptions);
+        expect(res.status).toHaveBeenCalledWith(401);
+        expect(res.json).toHaveBeenCalledTimes(1);
+        expect(req.context.jwtUser).toBe(undefined);
+        expect(req.context.authenticated).toEqual([]);
+        expect(next).toHaveBeenCalledTimes(0);
+      });
+    });
+    describe("when jwt doesn't exist", () => {
+      it("should not verify JWT, should not authenticate, should not call next, and it should return 401", async () => {
+        const req = mockRequest("aa");
+        const res = mockResponse();
+        const next = mockNext();
+        await createAuthContext(jwtAuthOptions)([AuthMethods.JWT])(
+          req,
+          res,
+          next
+        );
+        expect(verifyJWT).toHaveBeenCalledTimes(0);
+        expect(res.status).toHaveBeenCalledWith(401);
+        expect(res.json).toHaveBeenCalledTimes(1);
+        expect(req.context.jwtUser).toBe(undefined);
+        expect(req.context.authenticated).toEqual([]);
+        expect(next).toHaveBeenCalledTimes(0);
+      });
+    });
+  });
+  describe("authentication with only API KEY", () => {
+    describe("when api key verifies correctly", () => {
+      it("should authenticate correctly and call next", async () => {
+        const req = mockRequest("token");
+        const res = mockResponse();
+        const next = mockNext();
+        await createAuthContext(apiKeyAuthOptions)([AuthMethods.API_KEY])(
+          req,
+          res,
+          next
+        );
+        expect(verifyJWT).toHaveBeenCalledTimes(0);
+        expect(res.status).toHaveBeenCalledTimes(0);
+        expect(res.json).toHaveBeenCalledTimes(0);
+        expect(req.context.jwtUser).toMatchObject(laraJwtUserMock);
+        expect(req.context.authenticated).toStrictEqual(["api_key"]);
+        expect(next).toBeCalledWith();
+      });
+    });
+    describe("when api key verifies incorrectly", () => {
+      it("should not authenticate, should not call next, and it should return 401", async () => {
+        const req = mockRequest("invalidToken");
+        const res = mockResponse();
+        const next = mockNext();
+        await createAuthContext(apiKeyAuthOptions)([AuthMethods.API_KEY])(
+          req,
+          res,
+          next
+        );
+        expect(verifyJWT).toHaveBeenCalledTimes(0);
+        expect(res.status).toHaveBeenCalledWith(401);
+        expect(res.json).toHaveBeenCalledTimes(1);
+        expect(req.context.jwtUser).toBe(undefined);
+        expect(req.context.authenticated).toEqual([]);
+        expect(next).toHaveBeenCalledTimes(0);
+      });
+    });
+    describe("when api key doesn't exist", () => {
+      it("should not verify api key, should not authenticate, should not call next, and it should return 401", async () => {
+        const req = mockRequest(undefined as any);
+        const res = mockResponse();
+        const next = mockNext();
+        await createAuthContext(apiKeyAuthOptions)([AuthMethods.API_KEY])(
+          req,
+          res,
+          next
+        );
+        expect(verifyJWT).toHaveBeenCalledTimes(0);
+        expect(res.status).toHaveBeenCalledWith(401);
+        expect(res.json).toHaveBeenCalledTimes(1);
+        expect(req.context.jwtUser).toBe(undefined);
+        expect(req.context.authenticated).toEqual([]);
+        expect(next).toHaveBeenCalledTimes(0);
+      });
+    });
+  });
+  describe("authentication with JWT and API KEY", () => {
+    describe("using both methods", () => {
+      describe("when api key verifies correctly", () => {
+        it("should authenticate correctly and call next", async () => {
+          const req = mockRequest("token");
+          const res = mockResponse();
+          const next = mockNext();
+          await createAuthContext(bothMethodsAuthOptions)([
+            AuthMethods.API_KEY,
+            AuthMethods.JWT,
+          ])(req, res, next);
+          expect(verifyJWT).toHaveBeenCalledTimes(0);
+          expect(res.status).toHaveBeenCalledTimes(0);
+          expect(res.json).toHaveBeenCalledTimes(0);
+          expect(req.context.jwtUser).toMatchObject(laraJwtUserMock);
+          expect(req.context.authenticated).toStrictEqual(["api_key"]);
+          expect(next).toHaveBeenCalledWith();
+        });
+      });
+      describe("when api key verifies incorrectly", () => {
+        it("should not authenticate, should not call next, and it should return 401", async () => {
+          const req = mockRequest("invalidToken");
+          const res = mockResponse();
+          const next = mockNext();
+          await createAuthContext(bothMethodsAuthOptions)([
+            AuthMethods.API_KEY,
+            AuthMethods.JWT,
+          ])(req, res, next);
+          expect(verifyJWT).toHaveBeenCalledTimes(0);
+          expect(res.status).toHaveBeenCalledWith(401);
+          expect(res.json).toHaveBeenCalledTimes(1);
+          expect(req.context.jwtUser).toBe(undefined);
+          expect(req.context.authenticated).toEqual([]);
+          expect(next).toHaveBeenCalledTimes(0);
+        });
+      });
+      describe("when jwt verifies correctly", () => {
+        it("should authenticate correctly and call next", async () => {
+          (verifyJWT as jest.Mock).mockResolvedValueOnce(userJwtUserMock);
+          const req = mockRequest("Bearer token");
+          const res = mockResponse();
+          const next = mockNext();
+          await createAuthContext(bothMethodsAuthOptions)([
+            AuthMethods.API_KEY,
+            AuthMethods.JWT,
+          ])(req, res, next);
+          expect(verifyJWT).toBeCalledWith("publicKey", "token", {
+            issuer: "issuer",
+            audience: "audience",
+          });
+          expect(res.status).toHaveBeenCalledTimes(0);
+          expect(res.json).toHaveBeenCalledTimes(0);
+          expect(req.context.jwtUser).toMatchObject(userJwtUserMock);
+          expect(req.context.authenticated).toStrictEqual(["jwt"]);
+          expect(next).toHaveBeenCalledWith();
+        });
+      });
+      describe("when jwt verifies incorrectly", () => {
+        it("should not authenticate, should not call next, and it should return 401", async () => {
+          (verifyJWT as jest.Mock).mockResolvedValueOnce(undefined);
+          const req = mockRequest("Bearer token");
+          const res = mockResponse();
+          const next = mockNext();
+          await createAuthContext(bothMethodsAuthOptions)([
+            AuthMethods.API_KEY,
+            AuthMethods.JWT,
+          ])(req, res, next);
+          expect(verifyJWT).toBeCalledWith("publicKey", "token", {
+            issuer: "issuer",
+            audience: "audience",
+          });
+          expect(res.status).toHaveBeenCalledWith(401);
+          expect(res.json).toHaveBeenCalledTimes(1);
+          expect(req.context.jwtUser).toBe(undefined);
+          expect(req.context.authenticated).toEqual([]);
+          expect(next).toHaveBeenCalledTimes(0);
+        });
+      });
+      describe("when jwt doesnt exist", () => {
+        it("should not authenticate, should not call next, and it should return 401", async () => {
+          const req = mockRequest(undefined as any);
+          const res = mockResponse();
+          const next = mockNext();
+          await createAuthContext(bothMethodsAuthOptions)([
+            AuthMethods.API_KEY,
+            AuthMethods.JWT,
+          ])(req, res, next);
+          expect(verifyJWT).toHaveBeenCalledTimes(0);
+          expect(res.status).toHaveBeenCalledWith(401);
+          expect(res.json).toHaveBeenCalledTimes(1);
+          expect(req.context.jwtUser).toBe(undefined);
+          expect(req.context.authenticated).toEqual([]);
+          expect(next).toHaveBeenCalledTimes(0);
+        });
+      });
+    });
+    describe("using jwt method", () => {
+      describe("when jwt verifies correctly", () => {
+        it("should authenticate correctly and call next", async () => {
+          (verifyJWT as jest.Mock).mockResolvedValueOnce(userJwtUserMock);
+          const req = mockRequest("Bearer token");
+          const res = mockResponse();
+          const next = mockNext();
+          await createAuthContext(bothMethodsAuthOptions)([AuthMethods.JWT])(
+            req,
+            res,
+            next
+          );
+          expect(verifyJWT).toBeCalledWith("publicKey", "token", {
+            issuer: "issuer",
+            audience: "audience",
+          });
+          expect(res.status).toHaveBeenCalledTimes(0);
+          expect(res.json).toHaveBeenCalledTimes(0);
+          expect(req.context.jwtUser).toMatchObject(userJwtUserMock);
+          expect(req.context.authenticated).toStrictEqual(["jwt"]);
+          expect(next).toHaveBeenCalledWith();
+        });
+      });
+      describe("when jwt verifies incorrectly", () => {
+        it("should not authenticate, should not call next, and it should return 401", async () => {
+          (verifyJWT as jest.Mock).mockResolvedValueOnce(undefined);
+          const req = mockRequest("Bearer invalidToken");
+          const res = mockResponse();
+          const next = mockNext();
+          await createAuthContext(bothMethodsAuthOptions)([AuthMethods.JWT])(
+            req,
+            res,
+            next
+          );
+          expect(verifyJWT).toBeCalledWith("publicKey", "invalidToken", {
+            issuer: "issuer",
+            audience: "audience",
+          });
+          expect(res.status).toHaveBeenCalledWith(401);
+          expect(res.json).toHaveBeenCalledTimes(1);
+          expect(req.context.jwtUser).toBe(undefined);
+          expect(req.context.authenticated).toEqual([]);
+          expect(next).toHaveBeenCalledTimes(0);
+        });
+      });
+      describe("when api key verifies correctly", () => {
+        it("should authenticate correctly and call next", async () => {
+          const req = mockRequest("token");
+          const res = mockResponse();
+          const next = mockNext();
+          await createAuthContext(bothMethodsAuthOptions)([
+            AuthMethods.API_KEY,
+          ])(req, res, next);
+          expect(verifyJWT).toHaveBeenCalledTimes(0);
+          expect(res.status).toHaveBeenCalledTimes(0);
+          expect(res.json).toHaveBeenCalledTimes(0);
+          expect(req.context.jwtUser).toMatchObject(laraJwtUserMock);
+          expect(req.context.authenticated).toStrictEqual(["api_key"]);
+          expect(next).toHaveBeenCalledWith();
+        });
+      });
+      describe("when api key verifies incorrectly", () => {
+        it("should not authenticate, should not call next, and it should return 401", async () => {
+          const req = mockRequest("invalidToken");
+          const res = mockResponse();
+          const next = mockNext();
+          await createAuthContext(bothMethodsAuthOptions)([
+            AuthMethods.API_KEY,
+            AuthMethods.JWT,
+          ])(req, res, next);
+          expect(verifyJWT).toHaveBeenCalledTimes(0);
+          expect(res.status).toHaveBeenCalledWith(401);
+          expect(res.json).toHaveBeenCalledTimes(1);
+          expect(req.context.jwtUser).toBe(undefined);
+          expect(req.context.authenticated).toEqual([]);
+          expect(next).toHaveBeenCalledTimes(0);
+        });
+      });
+      describe("when jwt doesnt exist", () => {
+        it("should not authenticate, should not call next, and it should return 401", async () => {
+          const req = mockRequest("aaa");
+          const res = mockResponse();
+          const next = mockNext();
+          await createAuthContext(bothMethodsAuthOptions)([AuthMethods.JWT])(
+            req,
+            res,
+            next
+          );
+          expect(verifyJWT).toHaveBeenCalledTimes(0);
+          expect(res.status).toHaveBeenCalledWith(401);
+          expect(res.json).toHaveBeenCalledTimes(1);
+          expect(req.context.jwtUser).toBe(undefined);
+          expect(req.context.authenticated).toEqual([]);
+          expect(next).toHaveBeenCalledTimes(0);
+        });
+      });
+      describe("when api key doesnt exist", () => {
+        it("should not authenticate, should not call next, and it should return 401", async () => {
+          const req = mockRequest(undefined as any);
+          const res = mockResponse();
+          const next = mockNext();
+          await createAuthContext(bothMethodsAuthOptions)([
+            AuthMethods.API_KEY,
+          ])(req, res, next);
+          expect(verifyJWT).toHaveBeenCalledTimes(0);
+          expect(res.status).toHaveBeenCalledWith(401);
+          expect(res.json).toHaveBeenCalledTimes(1);
+          expect(req.context.jwtUser).toBe(undefined);
+          expect(req.context.authenticated).toEqual([]);
+          expect(next).toHaveBeenCalledTimes(0);
+        });
+      });
+    });
+  });
+});