@simulacrum/auth0-simulator 0.2.1 → 0.4.0

package/test/auth0.test.ts

@@ -1,351 +0,0 @@
-import { describe, it, beforeEach } from '@effection/mocha';
-import expect from 'expect';
-import { createTestServer, Client, Simulation } from './helpers';
-import { auth0 } from '../src';
-import fetch from 'cross-fetch';
-import { stringify } from 'querystring';
-import { createHttpApp, person, Person } from '@simulacrum/server';
-import { decode, encode } from 'base64-url';
-import jwt from 'jsonwebtoken';
-
-import Keygrip from 'keygrip';
-import { removeTrailingSlash } from '../src/handlers/url';
-
-const createSessionCookie = <T>(data: T): string => {
-  let cookie = Buffer.from(JSON.stringify(data)).toString('base64');
-
-  let kg = Keygrip(['shhh']);
-  let hash = kg.sign(`session=${cookie}`);
-
-  return `session=${cookie};session.sig=${hash};`;
-};
-
-describe('Auth0 simulator', () => {
-  let client: Client;
-  let frontendUrl: string;
-  let auth0Url: string;
-
-  beforeEach(function*() {
-    client = yield createTestServer({
-      simulators: {
-        auth0: (slice, options) => {
-          let { services } = auth0(slice, options);
-
-          return {
-            services: {
-              ...services,
-              frontend: {
-                protocol: 'http',
-                app: createHttpApp().get('/', function * (_, res) {
-                  res.status(200).send('ok');
-                })
-              },
-
-            },
-            scenarios: { person }
-          };
-        }
-      }
-    });
-  });
-
-  describe("Creating a simulation with an Auth0 simulator", () => {
-    let simulation: Simulation;
-    beforeEach(function*() {
-      simulation = yield client.createSimulation("auth0");
-    });
-
-    it('starts the simulation', function*() {
-      expect(simulation.status).toEqual('running');
-    });
-  });
-
-  describe('/authorize', () => {
-    describe('response_mode=query', () => {
-      beforeEach(function*() {
-        let simulation: Simulation = yield client.createSimulation("auth0");
-
-        auth0Url = simulation.services[0].url;
-        frontendUrl = simulation.services[1].url;
-      });
-
-      it('should authorize', function *() {
-        let res: Response = yield fetch(`${auth0Url}/authorize?${stringify({
-          client_id: "1234",
-          redirect_uri: frontendUrl,
-          response_type: "code",
-          response_mode: "query",
-          state: "MVpFN0JXWGNFUVNVQnJjNGlXZWFNbGd2V3M2MC5VRkwyV1VKNW9wRTZVVw==",
-          nonce: "dDJ6NX5aUFU3SlM4TEozQThyR0V0fjdjRlJDZ0YzfjNDcEV3OWIzWWVYbQ==",
-          code_challenge: "2Arx2VYcTp6YDa5r-exGr99upqSIqYZQ_vBbI_7taQ0",
-          code_challenge_method: "S256",
-          auth0Client: "eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xLjAifQ==",
-        })}`);
-
-        expect(res.redirected).toBe(true);
-        expect(res.url).toContain('/login');
-      });
-    });
-
-    describe('response_mode=web_message', () => {
-      beforeEach(function*() {
-        let simulation: Simulation = yield client.createSimulation("auth0");
-
-        auth0Url = simulation.services[0].url;
-        frontendUrl = simulation.services[1].url;
-      });
-
-      it('should return the web_message html', function *() {
-        // /authorize web_message expects there to be a username in the session
-        let cookie = createSessionCookie({ username: 'bob' });
-
-        let res: Response = yield fetch(`${auth0Url}/authorize?${stringify({
-          redirect_uri: frontendUrl,
-          response_mode: "web_message",
-          state: "MVpFN0JXWGNFUVNVQnJjNGlXZWFNbGd2V3M2MC5VRkwyV1VKNW9wRTZVVw==",
-          nonce: "dDJ6NX5aUFU3SlM4TEozQThyR0V0fjdjRlJDZ0YzfjNDcEV3OWIzWWVYbQ==",
-          auth0Client: "eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xLjAifQ==",
-        })}`, {
-          credentials: 'same-origin',
-          headers: {
-            cookie
-          }
-        });
-
-        expect(res.ok).toBe(true);
-        expect(res.headers.get('content-type')).toBe('text/html; charset=utf-8');
-      });
-    });
-  });
-
-  let Fields = {
-    audience: "https://thefrontside.auth0.com/api/v1/",
-    client_id: "00000000000000000000000000000000",
-    connection: "Username-Password-Authentication",
-    nonce: "aGV6ODdFZjExbF9iMkdYZHVfQ3lYcDNVSldGRDR6dWdvREQwUms1Z0Ewaw==",
-    redirect_uri: "http://localhost:3000",
-    response_type: "token id_token",
-    scope: "openid profile email offline_access",
-    state: "sxmRf2Fq.IMN5SER~wQqbsXl5Hx0JHov",
-    tenant: "localhost:4400",
-  };
-
-  describe('/login', () => {
-    let simulation: Simulation;
-    let person: {data: Person};
-    let url: string;
-
-    beforeEach(function* () {
-      simulation = yield client.createSimulation("auth0");
-      url = simulation.services[0].url;
-
-      person = yield client.given(simulation, "person");
-    });
-
-    it('should login with valid credentials', function*(){
-      let res: Response = yield fetch(`${url}/usernamepassword/login`, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json'
-        },
-        body: JSON.stringify({
-          ...Fields,
-          username: person.data.email,
-          password: person.data.password,
-        })
-      });
-
-      expect(res.ok).toBe(true);
-    });
-
-    it('should fail with invalid credentials', function*(){
-      let res: Response = yield fetch(`${url}/usernamepassword/login`, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json'
-        },
-        body: JSON.stringify({
-          ...Fields,
-          username: 'bob',
-          password: 'no-way',
-        })
-      });
-
-      expect(res.status).toBe(400);
-    });
-  });
-
-  describe('/login/callback', () => {
-    let simulation: Simulation;
-    let person: {data: Person};
-
-    beforeEach(function* () {
-      simulation = yield client.createSimulation("auth0", { services: {
-        auth0: { port: 4400 }, frontend: { port: 3000 }
-      } });
-
-      person = yield client.given(simulation, "person");
-
-      // prime the server with the nonce field
-      yield fetch(`https://localhost:4400/usernamepassword/login`, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json'
-        },
-        body: JSON.stringify({
-          ...Fields,
-          username: person.data.email,
-          password: person.data.password,
-        })
-      });
-    });
-
-    it('should post to /login/callback', function* () {
-      let fields = encodeURIComponent(JSON.stringify({
-        ...Fields
-      }));
-
-      let res: Response = yield fetch(`https://localhost:4400/login/callback`, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/x-www-form-urlencoded'
-        },
-        body: `wctx=${fields}`
-      });
-
-      expect(res.status).toBe(200);
-      expect(res.statusText).toBe('OK');
-    });
-  });
-
-  describe('/oauth/token', () => {
-    let simulation: Simulation;
-    let person: {data: Person};
-    let authUrl: string;
-    let code: string;
-
-    beforeEach(function* () {
-      simulation = yield client.createSimulation("auth0", {
-        options: {
-          rulesDirectory: 'test/rules'
-        },
-        services: {
-          auth0: { port: 4400 }, frontend: { port: 3000 }
-        }
-     });
-
-      person = yield client.given(simulation, "person");
-
-      authUrl = simulation.services[0].url;
-
-      // prime the server with the nonce field
-      yield fetch(`${authUrl}/usernamepassword/login`, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json'
-        },
-        body: JSON.stringify({
-          ...Fields,
-          username: person.data.email,
-          password: person.data.password,
-        })
-      });
-
-      let res: Response = yield fetch(`https://localhost:4400/login/callback`, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/x-www-form-urlencoded'
-        },
-        body: `wctx=${encodeURIComponent(JSON.stringify({
-          ...Fields
-        }))}`
-      });
-
-      code = new URL(res.url).searchParams.get('code') as string;
-    });
-
-    describe('valid token', () => {
-      // eslint-disable-next-line @typescript-eslint/no-explicit-any
-      let token: any;
-      beforeEach(function * () {
-        let res: Response = yield fetch(`${authUrl}/oauth/token`, {
-          method: 'POST',
-          headers: {
-            'Content-Type': 'application/json'
-          },
-          body: JSON.stringify({
-            ...Fields,
-            code
-          })
-        });
-
-        expect(res.ok).toBe(true);
-
-        let json = yield res.json();
-
-        token = jwt.decode(json.id_token, { complete: true });
-      });
-
-      it('should return an iss field with a forward slash', function* () {
-        expect(token.payload.iss).toBe('https://localhost:4400/');
-      });
-    });
-
-
-    it('should return a 401 responsive with invalid credentials', function* () {
-      let [nonce] = decode(code).split(":");
-
-      let invalidCode = encode(`${nonce}:invalid-user`);
-
-      let res: Response = yield fetch(`${authUrl}/oauth/token`, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json'
-        },
-        body: JSON.stringify({
-          ...Fields,
-          code: invalidCode
-        })
-      });
-
-      expect(res.status).toBe(401);
-    });
-
-    it('should have ran the rules', function* () {
-      let res: Response = yield fetch(`${authUrl}/oauth/token`, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json'
-        },
-        body: JSON.stringify({
-          ...Fields,
-          code
-        })
-      });
-
-      let token = yield res.json();
-
-      let idToken = jwt.decode(token.id_token, { complete: true });
-
-      expect(idToken?.payload.picture).toContain('https://cdn.fakercloud.com/avatars');
-    });
-  });
-
-  describe('/v2/logout', () => {
-    beforeEach(function*() {
-      let simulation: Simulation = yield client.createSimulation("auth0");
-
-      auth0Url = simulation.services[0].url;
-      frontendUrl = simulation.services[1].url;
-    });
-
-    it('should authorize', function *() {
-      let res: Response = yield fetch(`${auth0Url}/v2/logout?${stringify({
-        returnTo: frontendUrl
-      })}`);
-
-      expect(res.redirected).toBe(true);
-      expect(removeTrailingSlash(res.url)).toBe(removeTrailingSlash(frontendUrl));
-    });
-  });
-});

package/test/helpers.ts

@@ -1,23 +0,0 @@
-import { Task, Resource } from 'effection';
-import { createClient, Client } from '@simulacrum/client';
-import { Server, ServerOptions, createSimulationServer } from '@simulacrum/server';
-
-export type { Client, Simulation } from '@simulacrum/client';
-
-export function createTestServer(options: ServerOptions): Resource<Client> {
-  return {
-    *init(scope: Task) {
-      let server: Server = yield createSimulationServer(options);
-      let { port } = server.address;
-      let client = createClient(`http://localhost:${port}`);
-      scope.run(function*() {
-        try {
-          yield;
-        } finally {
-          client.dispose();
-        }
-      });
-      return client;
-    }
-  };
-}

package/test/openid-handlers.test.ts

@@ -1,57 +0,0 @@
-import { describe, it, beforeEach } from '@effection/mocha';
-import expect from 'expect';
-import { createTestServer, Client, Simulation } from './helpers';
-import { auth0 } from '../src';
-import fetch from 'cross-fetch';
-import { JWKS } from '../src/auth/constants';
-
-describe('openid routes', () => {
-  let client: Client;
-  let auth0Url: string;
-
-  beforeEach(function*() {
-    client = yield createTestServer({
-      simulators: {
-        auth0
-      },
-    });
-  });
-
-  describe('/.well-known/*', () => {
-    beforeEach(function*() {
-      let simulation: Simulation = yield client.createSimulation("auth0", {
-        services: {
-          auth0: { port: 4400 }
-        }
-      });
-
-      auth0Url = simulation.services[0].url;
-    });
-
-    it('returns the JWKS keys', function *() {
-      let res: Response = yield fetch(`${auth0Url}/.well-known/jwks.json`);
-
-      let json: typeof JWKS = yield res.json();
-
-      expect(res.ok).toBe(true);
-
-      expect(json).toEqual(JWKS);
-    });
-
-    it('returns the openid configuration', function * () {
-      let res: Response = yield fetch(`${auth0Url}/.well-known/openid-configuration`);
-
-      let json: { token_endpoint: string } = yield res.json();
-
-      expect(res.ok).toBe(true);
-
-      expect(json).toEqual({
-        issuer: 'https://localhost:4400/',
-        authorization_endpoint: 'https://localhost:4400/authorize',
-        token_endpoint: 'https://localhost:4400/oauth/token',
-        userinfo_endpoint: 'https://localhost:4400/userinfo',
-        jwks_uri: 'https://localhost:4400/.well-known/jwks.json'
-      });
-    });
-  });
-});

package/test/rules/avatar.js

@@ -1,13 +0,0 @@
-/*
- simple fake rule to add an avatar
-*/
-
-// eslint-disable-next-line @typescript-eslint/no-unused-vars
-function avatar(user, context, callback) {
-  // eslint-disable-next-line @typescript-eslint/no-var-requires
-  user.picture = require('faker').internet.avatar();
-
-  console.log(`added avatar ${user.picture} to user`);
-
-  callback(null, user, context);
-}

package/test/rules/avatar.json

@@ -1,5 +0,0 @@
-{
-  "enabled": true,
-  "order": 1,
-  "stage": "login_success"
-}

package/tsconfig.dist.json

@@ -1,12 +0,0 @@
-{
-  "extends": "./tsconfig.json",
-  "references": [{
-    "path": "../server/tsconfig.dist.json"
-  }],
-  "compilerOptions": {
-    "outDir": "dist",
-    "rootDir": "src",
-    "noEmit": false
-  },
-  "exclude": ["test"]
-}