@soapjs/soap-auth 0.4.0 → 1.0.0

package/build/services/__tests__/pkce.service.test.js

@@ -1,77 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const pkce_service_1 = require("../pkce.service");
-class InMemoryPKCEPersistence {
-    storeMap = new Map();
-    async store(key, meta) {
-        this.storeMap.set(key, meta || {});
-    }
-    async read(verifierOrChallenge) {
-        return this.storeMap.get(verifierOrChallenge);
-    }
-    async remove(key) {
-        this.storeMap.delete(key);
-    }
-}
-describe("PKCEService", () => {
-    let service;
-    let config;
-    beforeEach(() => {
-        config = {
-            verifier: {
-                expiresIn: 1,
-                embed: jest.fn(),
-                extract: jest.fn().mockImplementation((ctx) => ctx.verifier),
-                persistence: new InMemoryPKCEPersistence(),
-            },
-            challenge: {
-                expiresIn: 1,
-                embed: jest.fn(),
-                extract: jest.fn().mockImplementation((ctx) => ctx.challenge),
-                persistence: new InMemoryPKCEPersistence(),
-            },
-        };
-        service = new pkce_service_1.PKCEService(config);
-    });
-    it("should generate and store a code verifier", async () => {
-        const context = { key: "code_verifier_test" };
-        const verifier = await service.generateCodeVerifier(context);
-        expect(verifier).toBeDefined();
-        expect(config.verifier.embed).toHaveBeenCalledWith(context, verifier);
-    });
-    it("should generate and store a code challenge", async () => {
-        const context = { key: "code_challenge_test" };
-        const challenge = await service.generateCodeChallenge("test_verifier", context);
-        expect(challenge).toBeDefined();
-        expect(config.challenge.embed).toHaveBeenCalledWith(context, challenge);
-    });
-    it("should detect expired code verifier", async () => {
-        config.verifier.embed = (ctx, cv) => {
-            ctx.verifier = cv;
-        };
-        const context = { key: "expired_verifier_test" };
-        await service.generateCodeVerifier(context);
-        await new Promise((resolve) => setTimeout(resolve, 1500));
-        const isExpired = await service.isCodeVerifierExpired(context);
-        expect(isExpired).toBe(true);
-    });
-    it("should detect not-expired code verifier", async () => {
-        config.verifier.embed = (ctx, cv) => {
-            ctx.verifier = cv;
-        };
-        const context = {
-            key: "not_expired_verifier_test",
-        };
-        await service.generateCodeVerifier(context);
-        await new Promise((resolve) => setTimeout(resolve, 500));
-        const isExpired = await service.isCodeVerifierExpired(context);
-        expect(isExpired).toBe(false);
-    });
-    it("should clear code verifier", async () => {
-        const context = {
-            key: "clear_verifier_test",
-            verifier: "test_verifier_value",
-        };
-        await service.clearCodeVerifier(context);
-    });
-});

package/build/services/__tests__/rate-limit.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/rate-limit.service.test.js

@@ -1,37 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const errors_1 = require("../../errors");
-const rate_limit_service_1 = require("../rate-limit.service");
-const mockConfig = {
-    incrementRequestCount: jest.fn(),
-    checkRateLimit: jest.fn(),
-};
-const mockLogger = {
-    error: jest.fn(),
-};
-describe("RateLimitService", () => {
-    let service;
-    const mockData = { userId: "user123" };
-    beforeEach(() => {
-        jest.clearAllMocks();
-        service = new rate_limit_service_1.RateLimitService(mockConfig, mockLogger);
-    });
-    it("incrementRequestCount calls config method and handles errors", async () => {
-        mockConfig.incrementRequestCount.mockResolvedValue(undefined);
-        await expect(service.incrementRequestCount(mockData)).resolves.not.toThrow();
-        expect(mockConfig.incrementRequestCount).toHaveBeenCalledWith(mockData);
-    });
-    it("incrementRequestCount logs error if an exception occurs", async () => {
-        mockConfig.incrementRequestCount.mockRejectedValue(new Error("Increment failed"));
-        await expect(service.incrementRequestCount(mockData)).resolves.not.toThrow();
-        expect(mockLogger.error).toHaveBeenCalledWith(expect.any(Error));
-    });
-    it("checkRateLimit throws RateLimitExceededError if limit is exceeded", async () => {
-        mockConfig.checkRateLimit.mockResolvedValue(true);
-        await expect(service.checkRateLimit(mockData)).rejects.toThrow(errors_1.RateLimitExceededError);
-    });
-    it("checkRateLimit does not throw error if limit is not exceeded", async () => {
-        mockConfig.checkRateLimit.mockResolvedValue(false);
-        await expect(service.checkRateLimit(mockData)).resolves.not.toThrow();
-    });
-});

package/build/services/__tests__/role.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/role.service.test.js

@@ -1,31 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const errors_1 = require("../../errors");
-const role_service_1 = require("../role.service");
-const mockConfig = {
-    authorizeByRoles: jest.fn(),
-    roles: ["admin", "editor"],
-};
-const mockLogger = {
-    error: jest.fn(),
-};
-describe("RoleService", () => {
-    let service;
-    const mockUser = { id: "user123", role: "viewer" };
-    beforeEach(() => {
-        jest.clearAllMocks();
-        service = new role_service_1.RoleService(mockConfig, mockLogger);
-    });
-    it("isAuthorized throws UnauthorizedRoleError if user is not authorized", async () => {
-        mockConfig.authorizeByRoles.mockResolvedValue(false);
-        await expect(service.isAuthorized(mockUser)).rejects.toThrow(errors_1.UnauthorizedRoleError);
-    });
-    it("isAuthorized returns true if user is authorized", async () => {
-        mockConfig.authorizeByRoles.mockResolvedValue(true);
-        await expect(service.isAuthorized(mockUser)).resolves.toBe(true);
-    });
-    it("isAuthorized bypasses role check if authorizeByRoles is not defined", async () => {
-        service = new role_service_1.RoleService({ roles: [] }, mockLogger);
-        await expect(service.isAuthorized(mockUser)).resolves.toBe(true);
-    });
-});

package/build/services/__tests__/totp.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/totp.service.test.js

@@ -1,120 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const totp_service_1 = require("../totp.service");
-describe("TotpService", () => {
-    const totp = new totp_service_1.TotpService();
-    describe("generateSecret", () => {
-        it("returns a non-empty base32 string", () => {
-            const secret = totp.generateSecret();
-            expect(secret).toMatch(/^[A-Z2-7]+$/);
-            expect(secret.length).toBeGreaterThan(0);
-        });
-        it("returns unique secrets", () => {
-            const a = totp.generateSecret();
-            const b = totp.generateSecret();
-            expect(a).not.toBe(b);
-        });
-    });
-    describe("generateOTP", () => {
-        it("returns a 6-digit string for a fixed timestamp", () => {
-            const secret = totp.generateSecret();
-            const code = totp.generateOTP(secret, 1000000000000);
-            expect(code).toMatch(/^\d{6}$/);
-        });
-        it("returns the same code within the same time step", () => {
-            const secret = totp.generateSecret();
-            const ts = 1000000000000;
-            expect(totp.generateOTP(secret, ts)).toBe(totp.generateOTP(secret, ts + 5000));
-        });
-        it("returns a different code in a different time step", () => {
-            const secret = totp.generateSecret();
-            const ts = 1000000000000;
-            const code1 = totp.generateOTP(secret, ts);
-            const code2 = totp.generateOTP(secret, ts + 30_000);
-            expect(code1).not.toBe(code2);
-        });
-    });
-    describe("verifyOTP", () => {
-        it("accepts a valid code at the current timestamp", () => {
-            const secret = totp.generateSecret();
-            const ts = Date.now();
-            const code = totp.generateOTP(secret, ts);
-            expect(totp.verifyOTP(secret, code, ts)).toBe(true);
-        });
-        it("accepts a code one step in the past (window = 1)", () => {
-            const secret = totp.generateSecret();
-            const ts = 1000000000000;
-            const pastCode = totp.generateOTP(secret, ts - 30_000);
-            expect(totp.verifyOTP(secret, pastCode, ts)).toBe(true);
-        });
-        it("accepts a code one step in the future (window = 1)", () => {
-            const secret = totp.generateSecret();
-            const ts = 1000000000000;
-            const futureCode = totp.generateOTP(secret, ts + 30_000);
-            expect(totp.verifyOTP(secret, futureCode, ts)).toBe(true);
-        });
-        it("rejects a code two steps old when window = 1", () => {
-            const secret = totp.generateSecret();
-            const ts = 1000000000000;
-            const oldCode = totp.generateOTP(secret, ts - 60_000);
-            expect(totp.verifyOTP(secret, oldCode, ts)).toBe(false);
-        });
-        it("rejects an invalid code", () => {
-            const secret = totp.generateSecret();
-            expect(totp.verifyOTP(secret, "000000", Date.now())).toBe(false);
-        });
-        it("rejects non-numeric input", () => {
-            const secret = totp.generateSecret();
-            expect(totp.verifyOTP(secret, "abcdef")).toBe(false);
-        });
-        it("rejects wrong-length input", () => {
-            const secret = totp.generateSecret();
-            expect(totp.verifyOTP(secret, "12345")).toBe(false);
-        });
-    });
-    describe("custom options", () => {
-        it("generates 8-digit codes when configured", () => {
-            const t8 = new totp_service_1.TotpService({ digits: 8 });
-            const secret = t8.generateSecret();
-            const code = t8.generateOTP(secret);
-            expect(code).toMatch(/^\d{8}$/);
-        });
-        it("accepts window = 0 — only the current step", () => {
-            const t0 = new totp_service_1.TotpService({ window: 0 });
-            const secret = t0.generateSecret();
-            const ts = 1000000000000;
-            const pastCode = t0.generateOTP(secret, ts - 30_000);
-            expect(t0.verifyOTP(secret, pastCode, ts)).toBe(false);
-            const current = t0.generateOTP(secret, ts);
-            expect(t0.verifyOTP(secret, current, ts)).toBe(true);
-        });
-    });
-    describe("generateQRUri", () => {
-        it("returns a valid otpauth URI", () => {
-            const secret = totp.generateSecret();
-            const uri = totp.generateQRUri(secret, "MyApp", "user@example.com");
-            expect(uri).toMatch(/^otpauth:\/\/totp\//);
-            expect(uri).toContain(secret);
-            expect(uri).toContain("issuer=MyApp");
-        });
-    });
-    describe("generateBackupCodes", () => {
-        it("returns 8 codes by default", () => {
-            const codes = totp.generateBackupCodes();
-            expect(codes).toHaveLength(8);
-        });
-        it("returns the requested count", () => {
-            const codes = totp.generateBackupCodes(10);
-            expect(codes).toHaveLength(10);
-        });
-        it("returns uppercase hex strings of 12 chars", () => {
-            const codes = totp.generateBackupCodes();
-            codes.forEach((c) => expect(c).toMatch(/^[0-9A-F]{12}$/));
-        });
-        it("returns unique codes", () => {
-            const codes = totp.generateBackupCodes(20);
-            const unique = new Set(codes);
-            expect(unique.size).toBe(20);
-        });
-    });
-});

package/build/session/__tests__/file.session-store.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/session/__tests__/file.session-store.test.js

@@ -1,117 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const file_session_store_1 = require("../file.session-store");
-const promises_1 = __importDefault(require("fs/promises"));
-const path_1 = __importDefault(require("path"));
-jest.mock("fs/promises", () => ({
-    mkdir: jest.fn(),
-    readFile: jest.fn(),
-    writeFile: jest.fn(),
-    unlink: jest.fn(),
-    readdir: jest.fn(),
-}));
-describe("FileSessionStore", () => {
-    let store;
-    const mockSessionsDir = "/mock/sessions";
-    beforeEach(() => {
-        store = new file_session_store_1.FileSessionStore(mockSessionsDir);
-        jest.clearAllMocks();
-    });
-    describe("init", () => {
-        it("should create the sessions directory recursively", async () => {
-            await store.init();
-            expect(promises_1.default.mkdir).toHaveBeenCalledWith(mockSessionsDir, {
-                recursive: true,
-            });
-        });
-        it("should catch and log errors if mkdir fails", async () => {
-            const consoleSpy = jest
-                .spyOn(console, "error")
-                .mockImplementation(() => { });
-            promises_1.default.mkdir.mockRejectedValueOnce(new Error("mkdir error"));
-            await store.init();
-            expect(consoleSpy).toHaveBeenCalledWith("Error initializing session directory:", expect.any(Error));
-            consoleSpy.mockRestore();
-        });
-    });
-    describe("getSession", () => {
-        it("should return parsed JSON if file read is successful", async () => {
-            const mockData = { user: { id: "123" } };
-            promises_1.default.readFile.mockResolvedValueOnce(JSON.stringify(mockData));
-            const session = await store.getSession("session123");
-            expect(session).toEqual(mockData);
-            expect(promises_1.default.readFile).toHaveBeenCalledWith(path_1.default.join(mockSessionsDir, "session123"), "utf8");
-        });
-        it("should return null and log error if readFile fails", async () => {
-            const consoleSpy = jest
-                .spyOn(console, "error")
-                .mockImplementation(() => { });
-            promises_1.default.readFile.mockRejectedValueOnce(new Error("read error"));
-            const session = await store.getSession("badSession");
-            expect(session).toBeNull();
-            expect(consoleSpy).toHaveBeenCalledWith("Error getting session:", expect.any(Error));
-            consoleSpy.mockRestore();
-        });
-        it("should return null if JSON parse fails", async () => {
-            const consoleSpy = jest
-                .spyOn(console, "error")
-                .mockImplementation(() => { });
-            promises_1.default.readFile.mockResolvedValueOnce("invalid-json");
-            const session = await store.getSession("corruptSession");
-            expect(session).toBeNull();
-            expect(consoleSpy).toHaveBeenCalledWith("Error getting session:", expect.any(Error));
-            consoleSpy.mockRestore();
-        });
-    });
-    describe("setSession", () => {
-        it("should write stringified session data to a file", async () => {
-            const mockData = { user: { id: "xyz" } };
-            await store.setSession("sessionABC", mockData);
-            expect(promises_1.default.writeFile).toHaveBeenCalledWith(path_1.default.join(mockSessionsDir, "sessionABC"), JSON.stringify(mockData), "utf8");
-        });
-        it("should throw error if writeFile fails", async () => {
-            promises_1.default.writeFile.mockRejectedValueOnce(new Error("write error"));
-            await expect(store.setSession("sessionError", { user: { id: "1" } })).rejects.toThrow("write error");
-        });
-    });
-    describe("destroySession", () => {
-        it("should unlink the file associated with the session ID", async () => {
-            await store.destroySession("destroyMe");
-            expect(promises_1.default.unlink).toHaveBeenCalledWith(path_1.default.join(mockSessionsDir, "destroyMe"));
-        });
-        it("should ignore ENOENT errors (file not found)", async () => {
-            promises_1.default.unlink.mockRejectedValueOnce({ code: "ENOENT" });
-            await expect(store.destroySession("notExists")).resolves.toBeUndefined();
-        });
-        it("should rethrow other errors", async () => {
-            promises_1.default.unlink.mockRejectedValueOnce(new Error("unlink error"));
-            await expect(store.destroySession("sessionX")).rejects.toThrow("unlink error");
-        });
-    });
-    describe("touchSession", () => {
-        it("should call setSession with updated data", async () => {
-            const setSessionSpy = jest.spyOn(store, "setSession").mockResolvedValue();
-            const newData = { user: { id: "touchMe" } };
-            await store.touchSession("touchId", newData);
-            expect(setSessionSpy).toHaveBeenCalledWith("touchId", newData);
-        });
-    });
-    describe("getSessionIds", () => {
-        it("should return the base names of files in the sessions directory", async () => {
-            promises_1.default.readdir.mockResolvedValueOnce([
-                { name: "abc", isFile: () => true },
-                { name: "def.json", isFile: () => true },
-                { name: "subdir", isFile: () => false },
-            ]);
-            const result = await store.getSessionIds();
-            expect(result).toEqual(["abc", "def"]);
-        });
-        it("should throw if readdir fails", async () => {
-            promises_1.default.readdir.mockRejectedValueOnce(new Error("readdir error"));
-            await expect(store.getSessionIds()).rejects.toThrow("readdir error");
-        });
-    });
-});

package/build/session/__tests__/memory.session-store.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/session/__tests__/memory.session-store.test.js

@@ -1,77 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const memory_session_store_1 = require("../memory.session-store");
-describe("MemorySessionStore", () => {
-    let store;
-    beforeEach(() => {
-        store = new memory_session_store_1.MemorySessionStore();
-    });
-    describe("getSession", () => {
-        it("should return null if session does not exist", async () => {
-            const data = await store.getSession("nonExistent");
-            expect(data).toBeNull();
-        });
-        it("should return the stored session data if present", async () => {
-            await store.setSession("session1", {
-                user: { id: "123", name: "John" },
-            });
-            const session = await store.getSession("session1");
-            expect(session).toEqual({ user: { id: "123", name: "John" } });
-        });
-    });
-    describe("setSession", () => {
-        it("should store session data in memory", async () => {
-            await store.setSession("session2", {
-                user: { id: "abc", name: "Alice" },
-            });
-            const session = await store.getSession("session2");
-            expect(session).toEqual({ user: { id: "abc", name: "Alice" } });
-        });
-    });
-    describe("destroySession", () => {
-        it("should delete the session from memory", async () => {
-            await store.setSession("sessionDelete", {
-                user: { id: "xyz", name: "Jane" },
-            });
-            await store.destroySession("sessionDelete");
-            const session = await store.getSession("sessionDelete");
-            expect(session).toBeNull();
-        });
-        it("should not throw if the session does not exist", async () => {
-            await expect(store.destroySession("noSession")).resolves.not.toThrow();
-        });
-    });
-    describe("touchSession", () => {
-        it("should update the session data if it exists", async () => {
-            await store.setSession("sessionTouch", {
-                user: { id: "initial", name: "Old" },
-            });
-            await store.touchSession("sessionTouch", {
-                user: { id: "updated", name: "New" },
-            });
-            const updated = await store.getSession("sessionTouch");
-            expect(updated).toEqual({ user: { id: "updated", name: "New" } });
-        });
-        it("should create a new session if it doesn't exist (similar to setSession)", async () => {
-            await store.touchSession("sessionNew", {
-                user: { id: "newId", name: "New Name" },
-            });
-            const data = await store.getSession("sessionNew");
-            expect(data).toEqual({ user: { id: "newId", name: "New Name" } });
-        });
-    });
-    describe("getSessionIds", () => {
-        it("should return an empty array if no sessions exist", async () => {
-            const ids = await store.getSessionIds();
-            expect(ids).toEqual([]);
-        });
-        it("should return all session IDs currently in memory", async () => {
-            await store.setSession("id1", { user: { id: "one" } });
-            await store.setSession("id2", { user: { id: "two" } });
-            const ids = await store.getSessionIds();
-            expect(ids).toContain("id1");
-            expect(ids).toContain("id2");
-            expect(ids.length).toBe(2);
-        });
-    });
-});

package/build/session/__tests__/session-handler.test.d.ts

@@ -1 +0,0 @@
-export {};