@soapjs/soap-auth 0.3.1 → 0.3.3

package/build/soap-auth.d.ts

@@ -1,16 +1,17 @@
-import { AuthResult, AuthStrategy, SoapAuthConfig } from "./types";
+import { AuthCategories, AuthStrategy, SoapAuthConfig } from "./types";
 export declare class SoapAuth {
     private requiredStrategyMethods;
     private strategies;
     private logger?;
     constructor(config: SoapAuthConfig);
     private isAuthStrategy;
-    addStrategy(strategyInstance: AuthStrategy | undefined, name: string, type: "http" | "socket"): void;
-    removeStrategy(name: string | string[], type: "http" | "socket"): void;
-    hasStrategy(name: string, type: "http" | "socket"): boolean;
-    getStrategy(name: string, type: "http" | "socket"): AuthStrategy | undefined;
-    listStrategies(type: "http" | "socket"): string[];
+    addStrategy(strategyInstance: AuthStrategy | undefined, name: string, type: AuthCategories): void;
+    removeStrategy(name: string | string[], type: AuthCategories): void;
+    hasStrategy(name: string, type: AuthCategories): boolean;
+    getStrategy<T extends AuthStrategy>(name: string, type: AuthCategories): T;
+    getHttpStrategy<T extends AuthStrategy>(name: string): T;
+    getSocketStrategy<T extends AuthStrategy>(name: string): T;
+    getEventStrategy<T extends AuthStrategy>(name: string): T;
+    listStrategies(type: AuthCategories): string[];
     init(sequential?: boolean): Promise<void>;
-    authenticate(type: "http" | "socket", name: string, context: any): Promise<AuthResult<any>>;
-    logout(type: "http" | "socket", name: string, context: any): Promise<void>;
 }

package/build/soap-auth.js

@@ -1,19 +1,18 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.SoapAuth = void 0;
-const http_auth_strategy_factory_1 = require("./factories/http-auth-strategy.factory");
-const socket_auth_strategy_factory_1 = require("./factories/socket-auth-strategy.factory");
 class SoapAuth {
     requiredStrategyMethods = ["authenticate", "init"];
     strategies = new Map();
     logger;
     constructor(config) {
-        const httpFactory = new http_auth_strategy_factory_1.HttpAuthStrategyFactory(config.logger);
-        const socketFactory = new socket_auth_strategy_factory_1.SocketAuthStrategyFactory(config.logger);
-        const httpStrategies = httpFactory.createStrategies(config);
-        const socketStrategies = socketFactory.createStrategies(config);
-        this.strategies.set("http", httpStrategies);
-        this.strategies.set("socket", socketStrategies);
+        this.strategies.set("http", new Map());
+        this.strategies.set("socket", new Map());
+        this.strategies.set("event", new Map());
+        this.strategies.set("isa", new Map());
+        this.strategies.set("webhook", new Map());
+        this.strategies.set("grpc", new Map());
+        this.strategies.set("edge", new Map());
         this.logger = config.logger;
     }
     isAuthStrategy(strategy) {
@@ -23,7 +22,7 @@ class SoapAuth {
     }
     addStrategy(strategyInstance, name, type) {
         if (!this.strategies.has(type)) {
-            throw new Error(`Invalid strategy type "${type}". Expected "http" or "socket".`);
+            throw new Error(`Invalid strategy type "${type}".`);
         }
         if (this.isAuthStrategy(strategyInstance)) {
             this.strategies.get(type).set(name, strategyInstance);
@@ -35,7 +34,7 @@ class SoapAuth {
     }
     removeStrategy(name, type) {
         if (!this.strategies.has(type)) {
-            throw new Error(`Invalid strategy type "${type}". Expected "http" or "socket".`);
+            throw new Error(`Invalid strategy type "${type}".`);
         }
         const names = Array.isArray(name) ? name : [name];
         names.forEach((n) => {
@@ -44,13 +43,13 @@ class SoapAuth {
     }
     hasStrategy(name, type) {
         if (!this.strategies.has(type)) {
-            throw new Error(`Invalid strategy type "${type}". Expected "http" or "socket".`);
+            throw new Error(`Invalid strategy type "${type}".`);
         }
         return this.strategies.get(type).has(name);
     }
     getStrategy(name, type) {
         if (!this.strategies.has(type)) {
-            throw new Error(`Invalid strategy type "${type}". Expected "http" or "socket".`);
+            throw new Error(`Invalid strategy type "${type}".`);
         }
         const strategy = this.strategies.get(type).get(name);
         if (!strategy) {
@@ -58,9 +57,39 @@ class SoapAuth {
         }
         return strategy;
     }
+    getHttpStrategy(name) {
+        if (!this.strategies.has("http")) {
+            throw new Error(`Invalid strategy.`);
+        }
+        const strategy = this.strategies.get("http").get(name);
+        if (!strategy) {
+            throw new Error(`Authentication strategy "${name}" not found.`);
+        }
+        return strategy;
+    }
+    getSocketStrategy(name) {
+        if (!this.strategies.has("socket")) {
+            throw new Error(`Invalid strategy.`);
+        }
+        const strategy = this.strategies.get("socket").get(name);
+        if (!strategy) {
+            throw new Error(`Authentication strategy "${name}" not found.`);
+        }
+        return strategy;
+    }
+    getEventStrategy(name) {
+        if (!this.strategies.has("event")) {
+            throw new Error(`Invalid strategy.`);
+        }
+        const strategy = this.strategies.get("event").get(name);
+        if (!strategy) {
+            throw new Error(`Authentication strategy "${name}" not found.`);
+        }
+        return strategy;
+    }
     listStrategies(type) {
         if (!this.strategies.has(type)) {
-            throw new Error(`Invalid strategy type "${type}". Expected "http" or "socket".`);
+            throw new Error(`Invalid strategy type "${type}".`);
         }
         return Array.from(this.strategies.get(type).keys());
     }
@@ -85,21 +114,5 @@ class SoapAuth {
                 .catch((error) => this.logger?.error(`Failed to initialize strategy: ${error.message}`))));
         }
     }
-    async authenticate(type, name, context) {
-        const strategy = this.getStrategy(name, type);
-        if (!strategy) {
-            throw new Error(`Authentication strategy "${name}" not found.`);
-        }
-        return strategy.authenticate(context);
-    }
-    async logout(type, name, context) {
-        const strategy = this.getStrategy(name, type);
-        if (strategy?.logout) {
-            await strategy.logout(context);
-        }
-        else {
-            this.logger?.error(`No "logout" implementation in strategy "${name}".`);
-        }
-    }
 }
 exports.SoapAuth = SoapAuth;

package/build/strategies/__tests__/base-auth.strategy.test.d.ts

@@ -0,0 +1,14 @@
+import { AuthResult, BaseAuthStrategyConfig } from "../../../src/types";
+import { SessionHandler } from "../../../src/session/session-handler";
+import * as Soap from "@soapjs/soap";
+import { BaseAuthStrategy } from "../base-auth.strategy";
+export interface MockUser {
+    id: string;
+    name: string;
+}
+export interface MockContext {
+}
+export declare class TestBaseAuthStrategy extends BaseAuthStrategy<MockContext, MockUser> {
+    constructor(config: BaseAuthStrategyConfig<MockContext, MockUser>, session?: SessionHandler, logger?: Soap.Logger);
+    authenticate(context?: MockContext): Promise<AuthResult<MockUser>>;
+}

package/build/strategies/__tests__/base-auth.strategy.test.js

@@ -0,0 +1,137 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TestBaseAuthStrategy = void 0;
+const session_errors_1 = require("../../../src/session/session.errors");
+const base_auth_strategy_1 = require("../base-auth.strategy");
+class TestBaseAuthStrategy extends base_auth_strategy_1.BaseAuthStrategy {
+    constructor(config, session, logger) {
+        super(config, session, logger);
+    }
+    async authenticate(context) {
+        return { user: null };
+    }
+}
+exports.TestBaseAuthStrategy = TestBaseAuthStrategy;
+describe("BaseAuthStrategy", () => {
+    let config;
+    let mockSessionHandler;
+    let mockLogger;
+    let mockAccountLock;
+    let mockMfa;
+    let mockRateLimit;
+    let mockRole;
+    let mockThrottle;
+    let strategy;
+    let context;
+    beforeEach(() => {
+        config = {
+            onSuccess: jest.fn(),
+            onFailure: jest.fn(),
+        };
+        mockSessionHandler = {
+            getSessionId: jest.fn().mockReturnValue("session-id"),
+            getSessionData: jest
+                .fn()
+                .mockResolvedValue({ user: { id: "123", name: "TestUser" } }),
+        };
+        mockLogger = {
+            error: jest.fn(),
+            info: jest.fn(),
+            warn: jest.fn(),
+        };
+        mockAccountLock = {};
+        mockMfa = {};
+        mockRateLimit = {
+            checkRateLimit: jest.fn().mockResolvedValue(undefined),
+        };
+        mockRole = {
+            isAuthorized: jest.fn().mockResolvedValue(true),
+        };
+        mockThrottle = {};
+        strategy = new TestBaseAuthStrategy(config, mockSessionHandler, mockLogger);
+        strategy.accountLock = mockAccountLock;
+        strategy.mfa = mockMfa;
+        strategy.rateLimit = mockRateLimit;
+        strategy.role = mockRole;
+        strategy.throttle = mockThrottle;
+        context = {};
+    });
+    describe("constructor & init", () => {
+        it("should instantiate services and allow optional init override", async () => {
+            expect(strategy).toBeDefined();
+            await expect(strategy.init()).resolves.toBeUndefined();
+        });
+    });
+    describe("onSuccess", () => {
+        it("should call config.onSuccess if defined and log errors if it fails", async () => {
+            const spy = jest.spyOn(config, "onSuccess");
+            await strategy.onSuccess("someAction", {
+                user: { id: "1", name: "Bob" },
+                context,
+            });
+            expect(spy).toHaveBeenCalledWith("someAction", {
+                user: { id: "1", name: "Bob" },
+                context,
+            });
+        });
+        it("should log error if config.onSuccess throws", async () => {
+            const error = new Error("onSuccess error");
+            config.onSuccess = jest.fn().mockRejectedValue(error);
+            await strategy.onSuccess("someAction", {
+                user: { id: "1", name: "Bob" },
+                context,
+            });
+            expect(mockLogger.error).toHaveBeenCalledWith(error);
+        });
+    });
+    describe("onFailure", () => {
+        it("should call config.onFailure if defined and log with logger.error", async () => {
+            const spy = jest.spyOn(config, "onFailure");
+            await strategy.onFailure("someAction", {
+                context,
+                error: new Error("Failure reason"),
+            });
+            expect(mockLogger.error).toHaveBeenCalledWith("someAction failed:", expect.any(Error));
+            expect(spy).toHaveBeenCalledWith("someAction", {
+                context,
+                error: expect.any(Error),
+            });
+        });
+        it("should log error if config.onFailure throws", async () => {
+            config.onFailure = jest
+                .fn()
+                .mockRejectedValue(new Error("onFailure error"));
+            await strategy.onFailure("someAction", {
+                context,
+                error: new Error("boom"),
+            });
+            expect(mockLogger.error).toHaveBeenCalledWith("someAction failed:", expect.any(Error));
+            expect(mockLogger.error).toHaveBeenCalledWith(expect.any(Error));
+        });
+    });
+    describe("authenticateWithSession", () => {
+        it("should throw MissingSessionIdError if getSessionId returns undefined", async () => {
+            mockSessionHandler.getSessionId.mockReturnValueOnce(undefined);
+            await expect(strategy.authenticateWithSession(context)).rejects.toThrow(session_errors_1.MissingSessionIdError);
+        });
+        it("should throw InvalidSessionError if getSessionData returns null/undefined", async () => {
+            mockSessionHandler.getSessionData.mockResolvedValueOnce(null);
+            await expect(strategy.authenticateWithSession(context)).rejects.toThrow(session_errors_1.InvalidSessionError);
+        });
+        it("should call rateLimit.checkRateLimit, role.isAuthorized, and return user from session", async () => {
+            const result = await strategy.authenticateWithSession(context);
+            expect(mockRateLimit.checkRateLimit).toHaveBeenCalledWith(context);
+            expect(mockRole.isAuthorized).toHaveBeenCalledWith({
+                id: "123",
+                name: "TestUser",
+            });
+            expect(result).toEqual({ user: { id: "123", name: "TestUser" } });
+        });
+    });
+    describe("authenticate", () => {
+        it("should be implemented by the concrete class", async () => {
+            const res = await strategy.authenticate(context);
+            expect(res).toEqual({ user: null });
+        });
+    });
+});

package/build/strategies/__tests__/credential-auth.strategy.test.d.ts

@@ -0,0 +1,14 @@
+import { CredentialAuthStrategyConfig } from "../../../src/types";
+import { SessionHandler } from "../../../src/session/session-handler";
+import { JwtStrategy } from "../../../src/strategies/jwt/jwt.strategy";
+import * as Soap from "@soapjs/soap";
+import { CredentialAuthStrategy } from "../credential-auth.strategy";
+export declare class TestCredentialAuthStrategy extends CredentialAuthStrategy<any, any> {
+    constructor(config: CredentialAuthStrategyConfig<any, any>, session?: SessionHandler, jwt?: JwtStrategy<any, any>, logger?: Soap.Logger);
+    protected verifyCredentials(identifier: string, password: string): Promise<boolean>;
+    protected extractCredentials(context: any): Promise<{
+        identifier: string;
+        password: string;
+    }>;
+    protected fetchUser(credentials: any): Promise<any | null>;
+}

package/build/strategies/__tests__/credential-auth.strategy.test.js

@@ -0,0 +1,265 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TestCredentialAuthStrategy = void 0;
+const Soap = __importStar(require("@soapjs/soap"));
+const errors_1 = require("../../../src/errors");
+const credential_auth_strategy_1 = require("../credential-auth.strategy");
+jest.mock("../../session/session-handler");
+jest.mock("../jwt/jwt.strategy");
+class TestCredentialAuthStrategy extends credential_auth_strategy_1.CredentialAuthStrategy {
+    constructor(config, session, jwt, logger) {
+        super(config, session, jwt, logger);
+    }
+    async verifyCredentials(identifier, password) {
+        return true;
+    }
+    async extractCredentials(context) {
+        return { identifier: "testUser", password: "testPass" };
+    }
+    async fetchUser(credentials) {
+        return { id: "1", name: "Test User" };
+    }
+}
+exports.TestCredentialAuthStrategy = TestCredentialAuthStrategy;
+describe("CredentialAuthStrategy", () => {
+    let strategy;
+    let config;
+    let mockSession;
+    let mockJwt;
+    let mockLogger;
+    const mockUser = { id: "user123", username: "testuser" };
+    const context = { headers: {}, body: {} };
+    beforeEach(() => {
+        mockLogger = {
+            info: jest.fn(),
+            warn: jest.fn(),
+            error: jest.fn(),
+        };
+        mockSession = {
+            logoutSession: jest.fn().mockResolvedValue(undefined),
+            issueSession: jest.fn().mockResolvedValue("session-id"),
+            getSessionId: jest.fn().mockReturnValue("session-id"),
+            getSessionData: jest
+                .fn()
+                .mockResolvedValue({ user: { id: "1", name: "Test" } }),
+        };
+        mockJwt = {
+            authenticate: jest.fn(),
+            issueTokens: jest.fn().mockResolvedValue({
+                accessToken: "fakeAccess",
+                refreshToken: "fakeRefresh",
+            }),
+        };
+        config = {
+            failedAttempts: {
+                incrementFailedAttempts: jest.fn(),
+                resetFailedAttempts: jest.fn(),
+                getFailedAttempts: jest.fn(),
+            },
+            role: {
+                authorizeByRoles: jest.fn().mockResolvedValue(true),
+                roles: ["user"],
+            },
+            rateLimit: {
+                checkRateLimit: jest.fn().mockResolvedValue(false),
+            },
+            mfa: {
+                isMfaRequired: jest.fn().mockReturnValue(false),
+            },
+            passwordPolicy: {
+                updatePassword: jest.fn(),
+                generateResetToken: jest.fn(),
+                validateResetToken: jest.fn(),
+                sendResetEmail: jest.fn(),
+            },
+            security: {
+                maxFailedLoginAttempts: 3,
+                lockoutDuration: 10,
+                notifyOnLockout: jest.fn(),
+            },
+            lock: {
+                isAccountLocked: jest.fn(),
+            },
+            user: {
+                fetchUser: jest.fn(),
+            },
+        };
+        strategy = new TestCredentialAuthStrategy(config, mockSession, mockJwt, mockLogger);
+    });
+    describe("authenticate", () => {
+        it("should use JWT if available and return its result", async () => {
+            mockJwt.authenticate.mockResolvedValue({
+                user: { id: "1", name: "JWT User" },
+            });
+            const result = await strategy.authenticate(context);
+            expect(mockJwt.authenticate).toHaveBeenCalledWith(context);
+            expect(result).toEqual({
+                user: { id: "1", name: "JWT User" },
+            });
+        });
+        it("should fall back to authenticateWithSession if JWT throws an error", async () => {
+            mockJwt.authenticate.mockRejectedValue(new Error("JWT error"));
+            const result = await strategy.authenticate(context);
+            expect(mockLogger.warn).toHaveBeenCalledWith("JWT authentication failed, falling back to session.");
+            expect(result.user).toEqual({ id: "1", name: "Test" });
+        });
+        it("should use session if JWT is not defined but session is available", async () => {
+            strategy = new TestCredentialAuthStrategy(config, mockSession, undefined, mockLogger);
+            const result = await strategy.authenticate(context);
+            expect(result.user).toEqual({ id: "1", name: "Test" });
+        });
+        it("should return user=null if no JWT/session and allowGuest = true", async () => {
+            config.allowGuest = true;
+            strategy = new TestCredentialAuthStrategy(config, undefined, undefined, mockLogger);
+            const result = await strategy.authenticate(context);
+            expect(mockLogger.warn).toHaveBeenCalledWith("No authentication method found. Proceeding as guest.");
+            expect(result.user).toBeNull();
+        });
+        it("should throw UserNotFoundError if no JWT/session and allowGuest = false", async () => {
+            config.allowGuest = false;
+            strategy = new TestCredentialAuthStrategy(config, undefined, undefined, mockLogger);
+            await expect(strategy.authenticate(context)).rejects.toThrow(errors_1.UserNotFoundError);
+        });
+    });
+    describe("login", () => {
+        it("should throw MissingCredentialsError if credentials are missing", async () => {
+            jest
+                .spyOn(strategy, "extractCredentials")
+                .mockResolvedValueOnce(undefined);
+            await expect(strategy.login(context)).rejects.toThrow(errors_1.MissingCredentialsError);
+        });
+        it("should throw InvalidCredentialsError if verifyCredentials returns false", async () => {
+            jest
+                .spyOn(strategy, "verifyCredentials")
+                .mockResolvedValueOnce(false);
+            await expect(strategy.login(context)).rejects.toThrow(errors_1.InvalidCredentialsError);
+        });
+        it("should throw ExpiredPasswordError if the password is expired", async () => {
+            jest
+                .spyOn(strategy.password, "isPasswordChangeRequired")
+                .mockResolvedValueOnce(true);
+            await expect(strategy.login(context)).rejects.toThrow(errors_1.ExpiredPasswordError);
+        });
+        it("should return user, tokens, and session on success", async () => {
+            const result = await strategy.login(context);
+            expect(result.user).toBeDefined();
+            expect(result.tokens).toBeDefined();
+            expect(result.session).toBeDefined();
+        });
+    });
+    describe("logout", () => {
+        it("should call session.logoutSession and onSuccess", async () => {
+            const onSuccessSpy = jest.spyOn(strategy, "onSuccess");
+            await strategy.logout(context);
+            expect(mockSession.logoutSession).toHaveBeenCalledWith(context);
+            expect(onSuccessSpy).toHaveBeenCalledWith("logout", context);
+        });
+        it("should call onFailure and rethrow the error if session.logoutSession fails", async () => {
+            const onFailureSpy = jest.spyOn(strategy, "onFailure");
+            mockSession.logoutSession.mockRejectedValueOnce(new Error("Session error"));
+            await expect(strategy.logout(context)).rejects.toThrow("Session error");
+            expect(onFailureSpy).toHaveBeenCalledWith("logout", {
+                error: expect.any(Error),
+            });
+        });
+    });
+    describe("requestPasswordReset", () => {
+        it("should throw NotImplementedError if generateResetToken is not configured", async () => {
+            config.passwordPolicy.generateResetToken = undefined;
+            await expect(strategy.requestPasswordReset("testUser")).rejects.toThrow(Soap.NotImplementedError);
+        });
+        it("should call generateResetToken and sendResetEmail (if email is provided)", async () => {
+            config.passwordPolicy.generateResetToken = jest
+                .fn()
+                .mockResolvedValue("mockToken");
+            config.passwordPolicy.sendResetEmail = jest
+                .fn()
+                .mockResolvedValue(undefined);
+            await strategy.requestPasswordReset("testUser", "test@example.com");
+            expect(config.passwordPolicy.generateResetToken).toHaveBeenCalledWith("testUser");
+            expect(config.passwordPolicy.sendResetEmail).toHaveBeenCalledWith("test@example.com", "mockToken");
+        });
+        it("should call onSuccess with the correct data", async () => {
+            config.passwordPolicy.generateResetToken = jest
+                .fn()
+                .mockResolvedValue("mockToken");
+            const onSuccessSpy = jest.spyOn(strategy, "onSuccess");
+            await strategy.requestPasswordReset("testUser");
+            expect(onSuccessSpy).toHaveBeenCalledWith("request_password_reset", {
+                identifier: "testUser",
+                tokens: { reset: "mockToken" },
+            });
+        });
+    });
+    describe("resetPassword", () => {
+        it("should throw NotImplementedError if validateResetToken or updatePassword are not configured", async () => {
+            config.passwordPolicy.updatePassword = undefined;
+            await expect(strategy.resetPassword("testUser", "token", "newPass")).rejects.toThrow(Soap.NotImplementedError);
+        });
+        it("should throw ExpiredResetTokenError if validateResetToken returns false", async () => {
+            config.passwordPolicy.validateResetToken = jest
+                .fn()
+                .mockResolvedValue(false);
+            config.passwordPolicy.updatePassword = jest.fn();
+            await expect(strategy.resetPassword("testUser", "token", "newPass")).rejects.toThrow(errors_1.ExpiredResetTokenError);
+        });
+        it("should call updatePassword if the token is valid", async () => {
+            config.passwordPolicy.validateResetToken = jest
+                .fn()
+                .mockResolvedValue(true);
+            config.passwordPolicy.updatePassword = jest
+                .fn()
+                .mockResolvedValue(undefined);
+            await strategy.resetPassword("testUser", "validToken", "newPass");
+            expect(config.passwordPolicy.updatePassword).toHaveBeenCalledWith("testUser", "newPass");
+        });
+    });
+    describe("changePassword", () => {
+        it("should throw NotImplementedError if updatePassword is not configured", async () => {
+            config.passwordPolicy.updatePassword = undefined;
+            await expect(strategy.changePassword("testUser", "oldPass", "newPass")).rejects.toThrow(Soap.NotImplementedError);
+        });
+        it("should throw InvalidCredentialsError if verifyCredentials returns false", async () => {
+            config.passwordPolicy.updatePassword = jest
+                .fn()
+                .mockResolvedValue(undefined);
+            jest
+                .spyOn(strategy, "verifyCredentials")
+                .mockResolvedValueOnce(false);
+            await expect(strategy.changePassword("testUser", "oldPass", "newPass")).rejects.toThrow(errors_1.InvalidCredentialsError);
+        });
+        it("should call updatePassword with new password if old credentials are correct", async () => {
+            config.passwordPolicy.updatePassword = jest
+                .fn()
+                .mockResolvedValue(undefined);
+            jest
+                .spyOn(strategy, "verifyCredentials")
+                .mockResolvedValueOnce(true);
+            await strategy.changePassword("testUser", "oldPass", "newPass");
+            expect(config.passwordPolicy.updatePassword).toHaveBeenCalledWith("testUser", "newPass");
+        });
+    });
+});

package/build/strategies/__tests__/token-auth.strategy.test.d.ts

@@ -0,0 +1,28 @@
+import * as Soap from "@soapjs/soap";
+import { TokenAuthStrategy } from "../token-auth.strategy";
+import { SessionHandler } from "../../session";
+import { TokenAuthStrategyConfig } from "../../../src/types";
+export interface MockUser {
+    id: string;
+    name: string;
+}
+export interface MockContext {
+    accessToken?: string;
+    refreshToken?: string;
+}
+export declare class TestTokenAuthStrategy extends TokenAuthStrategy<MockContext, MockUser> {
+    protected invalidateAccessToken(token: string, context?: MockContext): Promise<void>;
+    protected invalidateRefreshToken(token: string, context?: MockContext): Promise<void>;
+    constructor(config: TokenAuthStrategyConfig<MockContext, MockUser>, session?: SessionHandler, logger?: Soap.Logger);
+    protected fetchUser(payload: any): Promise<MockUser | null>;
+    protected extractAccessToken(context: MockContext): string | undefined;
+    protected extractRefreshToken(context: MockContext): string | undefined;
+    protected verifyAccessToken(token: string): Promise<any>;
+    protected verifyRefreshToken(token: string): Promise<any>;
+    protected generateAccessToken(user: MockUser, context: MockContext): Promise<string>;
+    protected generateRefreshToken(user: MockUser, context: MockContext): Promise<string>;
+    protected storeAccessToken(token: string): Promise<void>;
+    protected storeRefreshToken(token: string): Promise<void>;
+    protected embedAccessToken(token: string, context: MockContext): void;
+    protected embedRefreshToken(token: string, context: MockContext): void;
+}