@villedemontreal/jwt-validator 5.8.1 → 5.9.1

package/dist/src/middleware/jwtMiddleware.d.ts

@@ -4,4 +4,4 @@ import * as express from 'express';
  *
  * @param {boolean} mandatoryValidation Defines if the JWT is mandatory. Defaults to true.
  */
-export declare const jwtValidationMiddleware: (mandatoryValidation?: boolean) => (req: express.Request, res: express.Response, next: express.NextFunction) => void;
+export declare const jwtValidationMiddleware: (mandatoryValidation?: boolean) => (req: express.Request, res: express.Response, next: express.NextFunction) => Promise<void>;

package/dist/src/middleware/jwtMiddleware.js

@@ -2,36 +2,33 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.jwtValidationMiddleware = void 0;
 const http_header_fields_typed_1 = require("http-header-fields-typed");
-const constants_1 = require("../config/constants");
 const jwtValidator_1 = require("../jwtValidator");
 /**
  * JWT validation Middleware
  *
  * @param {boolean} mandatoryValidation Defines if the JWT is mandatory. Defaults to true.
  */
-const jwtValidationMiddleware = (mandatoryValidation = true) => {
-    return (req, res, next) => {
-        try {
-            const authHeader = req.get(http_header_fields_typed_1.default.AUTHORIZATION);
-            if (mandatoryValidation || authHeader) {
-                jwtValidator_1.jwtValidator
-                    .verifyAuthorizationHeader(authHeader)
-                    .then((jwt) => {
-                    req[constants_1.constants.requestExtraVariables.JWT] = jwt;
-                    next();
-                })
-                    .catch((err) => {
-                    next(err);
-                });
-            }
-            else {
+const jwtValidationMiddleware = (mandatoryValidation = true) => async (req, res, next) => {
+    try {
+        const authHeader = req.get(http_header_fields_typed_1.default.AUTHORIZATION);
+        if (mandatoryValidation || authHeader) {
+            return jwtValidator_1.jwtValidator
+                .verifyAuthorizationHeader(authHeader)
+                .then((jwt) => {
+                req.jwt = jwt;
                 next();
-            }
+            })
+                .catch((err) => {
+                next(err);
+            });
         }
-        catch (err) {
-            next(err);
+        else {
+            next();
         }
-    };
+    }
+    catch (err) {
+        next(err);
+    }
 };
 exports.jwtValidationMiddleware = jwtValidationMiddleware;
 //# sourceMappingURL=jwtMiddleware.js.map

package/dist/src/middleware/jwtMiddleware.js.map

@@ -1 +1 @@
-{"version":3,"file":"jwtMiddleware.js","sourceRoot":"","sources":["../../../src/middleware/jwtMiddleware.ts"],"names":[],"mappings":";;;AACA,uEAA6D;AAC7D,mDAAgD;AAChD,kDAA+C;AAE/C;;;;GAIG;AACI,MAAM,uBAAuB,GAEqD,CACvF,mBAAmB,GAAG,IAAI,EAC1B,EAAE;IACF,OAAO,CAAC,GAAoB,EAAE,GAAqB,EAAE,IAA0B,EAAQ,EAAE;QACvF,IAAI;YACF,MAAM,UAAU,GAAW,GAAG,CAAC,GAAG,CAAC,kCAAqB,CAAC,aAAa,CAAC,CAAC;YACxE,IAAI,mBAAmB,IAAI,UAAU,EAAE;gBACrC,2BAAY;qBACT,yBAAyB,CAAC,UAAU,CAAC;qBACrC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;oBACX,GAAW,CAAC,qBAAS,CAAC,qBAAqB,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;oBACxD,IAAI,EAAE,CAAC;gBACT,CAAC,CAAC;qBACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;oBACb,IAAI,CAAC,GAAG,CAAC,CAAC;gBACZ,CAAC,CAAC,CAAC;aACN;iBAAM;gBACL,IAAI,EAAE,CAAC;aACR;SACF;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,CAAC,GAAG,CAAC,CAAC;SACX;IACH,CAAC,CAAC;AACJ,CAAC,CAAC;AAzBW,QAAA,uBAAuB,2BAyBlC"}
+{"version":3,"file":"jwtMiddleware.js","sourceRoot":"","sources":["../../../src/middleware/jwtMiddleware.ts"],"names":[],"mappings":";;;AACA,uEAA6D;AAC7D,kDAA+C;AAG/C;;;;GAIG;AACI,MAAM,uBAAuB,GAClC,CAAC,mBAAmB,GAAG,IAAI,EAAE,EAAE,CAC/B,KAAK,EACH,GAAoB,EACpB,GAAqB,EACrB,IAA0B,EACX,EAAE;IACjB,IAAI;QACF,MAAM,UAAU,GAAW,GAAG,CAAC,GAAG,CAAC,kCAAqB,CAAC,aAAa,CAAC,CAAC;QACxE,IAAI,mBAAmB,IAAI,UAAU,EAAE;YACrC,OAAO,2BAAY;iBAChB,yBAAyB,CAAC,UAAU,CAAC;iBACrC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;gBACX,GAAuB,CAAC,GAAG,GAAG,GAAG,CAAC;gBACnC,IAAI,EAAE,CAAC;YACT,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBACb,IAAI,CAAC,GAAG,CAAC,CAAC;YACZ,CAAC,CAAC,CAAC;SACN;aAAM;YACL,IAAI,EAAE,CAAC;SACR;KACF;IAAC,OAAO,GAAG,EAAE;QACZ,IAAI,CAAC,GAAG,CAAC,CAAC;KACX;AACH,CAAC,CAAC;AAzBS,QAAA,uBAAuB,2BAyBhC"}

package/dist/src/middleware/jwtMiddleware.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/src/middleware/jwtMiddleware.test.js

@@ -0,0 +1,112 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const chai = require("chai");
+const chai_1 = require("chai");
+const chaiAsPromised = require("chai-as-promised");
+const node_mocks_http_1 = require("node-mocks-http");
+const sinon_1 = require("sinon");
+const jwtValidator_1 = require("../jwtValidator");
+const jwtMiddleware_1 = require("./jwtMiddleware");
+chai.use(chaiAsPromised);
+describe('#jwtValidationMiddleware', () => {
+    let middleware;
+    let nextFunction = (0, sinon_1.spy)();
+    let verifyMethod;
+    let jwt;
+    let authorizationHeader;
+    let request;
+    let response;
+    before(() => {
+        nextFunction = (0, sinon_1.spy)();
+        jwt = {
+            sub: '1234567890',
+            name: 'Peter Neighbor',
+            iat: 1694264949,
+        };
+        authorizationHeader = `Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IlBldGVyIE5laWdoYm9yIiwiaWF0IjoxNjk0MjY0OTQ5fQ.ncai230HG-KbDL2ximBZz29Smt-yOFBgZYrJTmQreqA`;
+    });
+    beforeEach(() => {
+        nextFunction.resetHistory();
+        request = (0, node_mocks_http_1.createRequest)({
+            method: 'GET',
+            url: '/',
+            headers: { Authorization: authorizationHeader },
+        });
+        response = {};
+    });
+    afterEach(() => {
+        verifyMethod?.restore();
+    });
+    const DELAY = 50;
+    it('should invoke #verifyAuthorizationHeader with authorization header', async function () {
+        // Cf. https://mochajs.org/api/mocha#slow
+        this.slow(2 * DELAY + 10 /* budgeted test duration */);
+        // GIVEN
+        middleware = (0, jwtMiddleware_1.jwtValidationMiddleware)();
+        request = (0, node_mocks_http_1.createRequest)({
+            method: 'GET',
+            url: '/',
+            headers: { Authorization: authorizationHeader },
+        });
+        verifyMethod = (0, sinon_1.stub)(jwtValidator_1.jwtValidator, 'verifyAuthorizationHeader').returns(delay(DELAY).then(() => jwt));
+        // WHEN
+        await middleware(request, response, nextFunction);
+        // THEN
+        (0, chai_1.expect)(verifyMethod.callCount).to.equal(1);
+        (0, chai_1.expect)(verifyMethod.args[0]).to.deep.equal([authorizationHeader]);
+        (0, chai_1.expect)(nextFunction.callCount).to.equal(1);
+        (0, chai_1.expect)(nextFunction.args[0]).to.deep.equal([]);
+        (0, chai_1.expect)(request.jwt).to.equal(jwt);
+    });
+    it('should *NOT* invoke #verifyAuthorizationHeader *WITHOUT* authorization header and "mandatory" trigger being *OFF*', async () => {
+        // GIVEN
+        middleware = (0, jwtMiddleware_1.jwtValidationMiddleware)(false);
+        request.headers = {}; // ∅
+        verifyMethod = (0, sinon_1.stub)(jwtValidator_1.jwtValidator, 'verifyAuthorizationHeader').returns(delay(50).then(() => jwt));
+        // WHEN
+        await middleware(request, response, nextFunction);
+        // THEN
+        (0, chai_1.expect)(verifyMethod.callCount).to.equal(0);
+        (0, chai_1.expect)(nextFunction.callCount).to.equal(1);
+        (0, chai_1.expect)(nextFunction.args[0]).to.deep.equal([]);
+        (0, chai_1.expect)(request.jwt).to.be.undefined;
+    });
+    it('should fail synchronously if #verifyAuthorizationHeader does so', async () => {
+        // GIVEN
+        middleware = (0, jwtMiddleware_1.jwtValidationMiddleware)();
+        const error = new Error('💣');
+        verifyMethod = (0, sinon_1.stub)(jwtValidator_1.jwtValidator, 'verifyAuthorizationHeader').throws(error);
+        // WHEN
+        const operation = () => middleware(request, response, nextFunction);
+        // THEN
+        (0, chai_1.expect)(operation).not.to.throw();
+        (0, chai_1.expect)(verifyMethod.callCount).to.equal(1);
+        (0, chai_1.expect)(verifyMethod.args[0]).to.deep.equal([authorizationHeader]);
+        (0, chai_1.expect)(nextFunction.callCount).to.equal(1);
+        (0, chai_1.expect)(nextFunction.args[0]).to.deep.equal([error]);
+        (0, chai_1.expect)(request.jwt).to.be.undefined;
+    });
+    it('should fail *ASYNCHRONOUSLY* if #verifyAuthorizationHeader does so', async () => {
+        // GIVEN
+        middleware = (0, jwtMiddleware_1.jwtValidationMiddleware)();
+        const error = new Error('💣');
+        verifyMethod = (0, sinon_1.stub)(jwtValidator_1.jwtValidator, 'verifyAuthorizationHeader').returns(delay(50).then(() => {
+            throw error;
+        }));
+        // WHEN
+        const promise = middleware(request, response, nextFunction);
+        // THEN
+        await (0, chai_1.expect)(promise).not.to.be.eventually.rejected;
+        (0, chai_1.expect)(verifyMethod.callCount).to.equal(1);
+        (0, chai_1.expect)(verifyMethod.args[0]).to.deep.equal([authorizationHeader]);
+        (0, chai_1.expect)(nextFunction.callCount).to.equal(1);
+        (0, chai_1.expect)(nextFunction.args[0]).to.deep.equal([error]);
+        (0, chai_1.expect)(request.jwt).to.be.undefined;
+    });
+});
+async function delay(duration) {
+    return new Promise((resolve, reject) => {
+        setTimeout(resolve, duration);
+    });
+}
+//# sourceMappingURL=jwtMiddleware.test.js.map

package/dist/src/middleware/jwtMiddleware.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwtMiddleware.test.js","sourceRoot":"","sources":["../../../src/middleware/jwtMiddleware.test.ts"],"names":[],"mappings":";;AAAA,6BAA6B;AAC7B,+BAA8B;AAC9B,mDAAmD;AAEnD,qDAAqE;AACrE,iCAAuD;AACvD,kDAA+C;AAG/C,mDAA0D;AAE1D,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;AAEzB,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,IAAI,UAAsD,CAAC;IAC3D,IAAI,YAAY,GAAa,IAAA,WAAG,GAAE,CAAC;IACnC,IAAI,YAAuB,CAAC;IAC5B,IAAI,GAAgB,CAAC;IACrB,IAAI,mBAA2B,CAAC;IAChC,IAAI,OAAgB,CAAC;IACrB,IAAI,QAAkB,CAAC;IAEvB,MAAM,CAAC,GAAG,EAAE;QACV,YAAY,GAAG,IAAA,WAAG,GAAE,CAAC;QACrB,GAAG,GAAG;YACJ,GAAG,EAAE,YAAY;YACjB,IAAI,EAAE,gBAAgB;YACtB,GAAG,EAAE,UAAU;SACD,CAAC;QACjB,mBAAmB,GAAG,4KAA4K,CAAC;IACrM,CAAC,CAAC,CAAC;IAEH,UAAU,CAAC,GAAG,EAAE;QACd,YAAY,CAAC,YAAY,EAAE,CAAC;QAC5B,OAAO,GAAG,IAAA,+BAAiB,EAAC;YAC1B,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,GAAG;YACR,OAAO,EAAE,EAAE,aAAa,EAAE,mBAAmB,EAAE;SAChD,CAAC,CAAC;QACH,QAAQ,GAAG,EAAc,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,YAAY,EAAE,OAAO,EAAE,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,EAAE,CAAC;IAEjB,EAAE,CAAC,oEAAoE,EAAE,KAAK;QAC5E,yCAAyC;QACzC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,KAAK,GAAG,EAAE,CAAC,4BAA4B,CAAC,CAAC;QAEvD,QAAQ;QACR,UAAU,GAAG,IAAA,uCAAuB,GAAE,CAAC;QACvC,OAAO,GAAG,IAAA,+BAAiB,EAAC;YAC1B,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,GAAG;YACR,OAAO,EAAE,EAAE,aAAa,EAAE,mBAAmB,EAAE;SAChD,CAAC,CAAC;QACH,YAAY,GAAG,IAAA,YAAI,EAAC,2BAAY,EAAE,2BAA2B,CAAC,CAAC,OAAO,CACpE,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAC7B,CAAC;QAEF,OAAO;QACP,MAAM,UAAU,CAAC,OAAO,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QAElD,OAAO;QACP,IAAA,aAAM,EAAC,YAAY,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3C,IAAA,aAAM,EAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC;QAClE,IAAA,aAAM,EAAC,YAAY,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3C,IAAA,aAAM,EAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC/C,IAAA,aAAM,EAAE,OAA2B,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mHAAmH,EAAE,KAAK,IAAI,EAAE;QACjI,QAAQ;QACR,UAAU,GAAG,IAAA,uCAAuB,EAAC,KAAK,CAAC,CAAC;QAC5C,OAAO,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,IAAI;QAC1B,YAAY,GAAG,IAAA,YAAI,EAAC,2BAAY,EAAE,2BAA2B,CAAC,CAAC,OAAO,CACpE,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAC1B,CAAC;QAEF,OAAO;QACP,MAAM,UAAU,CAAC,OAAO,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QAElD,OAAO;QACP,IAAA,aAAM,EAAC,YAAY,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3C,IAAA,aAAM,EAAC,YAAY,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3C,IAAA,aAAM,EAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC/C,IAAA,aAAM,EAAE,OAA2B,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iEAAiE,EAAE,KAAK,IAAI,EAAE;QAC/E,QAAQ;QACR,UAAU,GAAG,IAAA,uCAAuB,GAAE,CAAC;QACvC,MAAM,KAAK,GAAU,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QACrC,YAAY,GAAG,IAAA,YAAI,EAAC,2BAAY,EAAE,2BAA2B,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAE7E,OAAO;QACP,MAAM,SAAS,GAAG,GAAG,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QAEpE,OAAO;QACP,IAAA,aAAM,EAAC,SAAS,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QACjC,IAAA,aAAM,EAAC,YAAY,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3C,IAAA,aAAM,EAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC;QAClE,IAAA,aAAM,EAAC,YAAY,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3C,IAAA,aAAM,EAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;QACpD,IAAA,aAAM,EAAE,OAA2B,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oEAAoE,EAAE,KAAK,IAAI,EAAE;QAClF,QAAQ;QACR,UAAU,GAAG,IAAA,uCAAuB,GAAE,CAAC;QACvC,MAAM,KAAK,GAAU,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;QACrC,YAAY,GAAG,IAAA,YAAI,EAAC,2BAAY,EAAE,2BAA2B,CAAC,CAAC,OAAO,CACpE,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE;YAClB,MAAM,KAAK,CAAC;QACd,CAAC,CAAC,CACH,CAAC;QAEF,OAAO;QACP,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QAE5D,OAAO;QACP,MAAM,IAAA,aAAM,EAAC,OAAO,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;QACpD,IAAA,aAAM,EAAC,YAAY,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3C,IAAA,aAAM,EAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC;QAClE,IAAA,aAAM,EAAC,YAAY,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3C,IAAA,aAAM,EAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;QACpD,IAAA,aAAM,EAAE,OAA2B,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC;IAC3D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,KAAK,UAAU,KAAK,CAAC,QAAgB;IACnC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,UAAU,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;AACL,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@villedemontreal/jwt-validator",
-  "version": "5.8.1",
+  "version": "5.9.1",
   "description": "Module to validate JWT (JSON Web Tokens)",
   "main": "dist/src/index.js",
   "typings": "dist/src",
@@ -33,9 +33,9 @@
   "license": "MIT",
   "dependencies": {
     "@types/nock": "10.0.3",
-    "@villedemontreal/general-utils": "5.16.7",
-    "@villedemontreal/http-request": "7.4.7",
-    "@villedemontreal/logger": "6.5.9",
+    "@villedemontreal/general-utils": "5.17.3",
+    "@villedemontreal/http-request": "7.4.8",
+    "@villedemontreal/logger": "6.6.2",
     "app-root-path": "3.1.0",
     "http-header-fields-typed": "1.3.0",
     "http-status-codes": "2.2.0",
@@ -47,23 +47,25 @@
   },
   "devDependencies": {
     "@types/app-root-path": "1.2.4",
+    "@types/chai": "4.3.4",
+    "@types/chai-as-promised": "^7.1.6",
     "@types/express": "4.17.17",
+    "@types/fs-extra": "11.0.1",
     "@types/http-status-codes": "1.2.0",
     "@types/jsonwebtoken": "9.0.1",
     "@types/lodash": "4.14.192",
+    "@types/mocha": "10.0.1",
     "@types/node": "18.15.11",
     "@types/request": "2.48.8",
     "@types/request-promise-native": "1.0.18",
-    "@types/superagent": "4.1.16",
-    "@types/chai": "4.3.4",
-    "@types/fs-extra": "11.0.1",
-    "@types/mocha": "10.0.1",
     "@types/sinon": "10.0.13",
+    "@types/superagent": "4.1.16",
     "@types/validator": "13.7.14",
     "@typescript-eslint/eslint-plugin": "5.57.1",
     "@typescript-eslint/parser": "5.57.1",
-    "@villedemontreal/scripting": "2.1.6",
+    "@villedemontreal/scripting": "2.1.8",
     "chai": "4.3.7",
+    "chai-as-promised": "^7.1.1",
     "eslint": "8.38.0",
     "eslint-config-prettier": "8.8.0",
     "eslint-plugin-prettier": "4.2.1",
@@ -75,7 +77,6 @@
     "node-notifier": "10.0.1",
     "nyc": "15.1.0",
     "sinon": "15.0.3",
-    "superagent-mocker": "0.5.2",
     "typescript": "5.0.4",
     "validator": "13.9.0"
   }

package/src/middleware/jwtMiddleware.test.ts

@@ -0,0 +1,138 @@
+import * as chai from 'chai';
+import { expect } from 'chai';
+import * as chaiAsPromised from 'chai-as-promised';
+import { Request, Response } from 'express';
+import { createRequest as createRequestMock } from 'node-mocks-http';
+import { SinonSpy, SinonStub, spy, stub } from 'sinon';
+import { jwtValidator } from '../jwtValidator';
+import { IRequestWithJwt } from '../models/expressRequest';
+import { IJWTPayload } from '../models/jwtPayload';
+import { jwtValidationMiddleware } from './jwtMiddleware';
+
+chai.use(chaiAsPromised);
+
+describe('#jwtValidationMiddleware', () => {
+  let middleware: ReturnType<typeof jwtValidationMiddleware>;
+  let nextFunction: SinonSpy = spy();
+  let verifyMethod: SinonStub;
+  let jwt: IJWTPayload;
+  let authorizationHeader: string;
+  let request: Request;
+  let response: Response;
+
+  before(() => {
+    nextFunction = spy();
+    jwt = {
+      sub: '1234567890',
+      name: 'Peter Neighbor',
+      iat: 1694264949,
+    } as IJWTPayload;
+    authorizationHeader = `Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IlBldGVyIE5laWdoYm9yIiwiaWF0IjoxNjk0MjY0OTQ5fQ.ncai230HG-KbDL2ximBZz29Smt-yOFBgZYrJTmQreqA`;
+  });
+
+  beforeEach(() => {
+    nextFunction.resetHistory();
+    request = createRequestMock({
+      method: 'GET',
+      url: '/',
+      headers: { Authorization: authorizationHeader },
+    });
+    response = {} as Response;
+  });
+
+  afterEach(() => {
+    verifyMethod?.restore();
+  });
+
+  const DELAY = 50;
+
+  it('should invoke #verifyAuthorizationHeader with authorization header', async function () {
+    // Cf. https://mochajs.org/api/mocha#slow
+    this.slow(2 * DELAY + 10 /* budgeted test duration */);
+
+    // GIVEN
+    middleware = jwtValidationMiddleware();
+    request = createRequestMock({
+      method: 'GET',
+      url: '/',
+      headers: { Authorization: authorizationHeader },
+    });
+    verifyMethod = stub(jwtValidator, 'verifyAuthorizationHeader').returns(
+      delay(DELAY).then(() => jwt)
+    );
+
+    // WHEN
+    await middleware(request, response, nextFunction);
+
+    // THEN
+    expect(verifyMethod.callCount).to.equal(1);
+    expect(verifyMethod.args[0]).to.deep.equal([authorizationHeader]);
+    expect(nextFunction.callCount).to.equal(1);
+    expect(nextFunction.args[0]).to.deep.equal([]);
+    expect((request as IRequestWithJwt).jwt).to.equal(jwt);
+  });
+
+  it('should *NOT* invoke #verifyAuthorizationHeader *WITHOUT* authorization header and "mandatory" trigger being *OFF*', async () => {
+    // GIVEN
+    middleware = jwtValidationMiddleware(false);
+    request.headers = {}; // ∅
+    verifyMethod = stub(jwtValidator, 'verifyAuthorizationHeader').returns(
+      delay(50).then(() => jwt)
+    );
+
+    // WHEN
+    await middleware(request, response, nextFunction);
+
+    // THEN
+    expect(verifyMethod.callCount).to.equal(0);
+    expect(nextFunction.callCount).to.equal(1);
+    expect(nextFunction.args[0]).to.deep.equal([]);
+    expect((request as IRequestWithJwt).jwt).to.be.undefined;
+  });
+
+  it('should fail synchronously if #verifyAuthorizationHeader does so', async () => {
+    // GIVEN
+    middleware = jwtValidationMiddleware();
+    const error: Error = new Error('💣');
+    verifyMethod = stub(jwtValidator, 'verifyAuthorizationHeader').throws(error);
+
+    // WHEN
+    const operation = () => middleware(request, response, nextFunction);
+
+    // THEN
+    expect(operation).not.to.throw();
+    expect(verifyMethod.callCount).to.equal(1);
+    expect(verifyMethod.args[0]).to.deep.equal([authorizationHeader]);
+    expect(nextFunction.callCount).to.equal(1);
+    expect(nextFunction.args[0]).to.deep.equal([error]);
+    expect((request as IRequestWithJwt).jwt).to.be.undefined;
+  });
+
+  it('should fail *ASYNCHRONOUSLY* if #verifyAuthorizationHeader does so', async () => {
+    // GIVEN
+    middleware = jwtValidationMiddleware();
+    const error: Error = new Error('💣');
+    verifyMethod = stub(jwtValidator, 'verifyAuthorizationHeader').returns(
+      delay(50).then(() => {
+        throw error;
+      })
+    );
+
+    // WHEN
+    const promise = middleware(request, response, nextFunction);
+
+    // THEN
+    await expect(promise).not.to.be.eventually.rejected;
+    expect(verifyMethod.callCount).to.equal(1);
+    expect(verifyMethod.args[0]).to.deep.equal([authorizationHeader]);
+    expect(nextFunction.callCount).to.equal(1);
+    expect(nextFunction.args[0]).to.deep.equal([error]);
+    expect((request as IRequestWithJwt).jwt).to.be.undefined;
+  });
+});
+
+async function delay(duration: number): Promise<void> {
+  return new Promise((resolve, reject) => {
+    setTimeout(resolve, duration);
+  });
+}

package/src/middleware/jwtMiddleware.ts

@@ -1,26 +1,27 @@
 import * as express from 'express';
 import httpHeaderFieldsTyped from 'http-header-fields-typed';
-import { constants } from '../config/constants';
 import { jwtValidator } from '../jwtValidator';
+import { IRequestWithJwt } from '../models/expressRequest';
 
 /**
  * JWT validation Middleware
  *
  * @param {boolean} mandatoryValidation Defines if the JWT is mandatory. Defaults to true.
  */
-export const jwtValidationMiddleware: (
-  mandatoryValidation?: boolean
-) => (req: express.Request, res: express.Response, next: express.NextFunction) => void = (
-  mandatoryValidation = true
-) => {
-  return (req: express.Request, res: express.Response, next: express.NextFunction): void => {
+export const jwtValidationMiddleware =
+  (mandatoryValidation = true) =>
+  async (
+    req: express.Request,
+    res: express.Response,
+    next: express.NextFunction
+  ): Promise<void> => {
     try {
       const authHeader: string = req.get(httpHeaderFieldsTyped.AUTHORIZATION);
       if (mandatoryValidation || authHeader) {
-        jwtValidator
+        return jwtValidator
           .verifyAuthorizationHeader(authHeader)
           .then((jwt) => {
-            (req as any)[constants.requestExtraVariables.JWT] = jwt;
+            (req as IRequestWithJwt).jwt = jwt;
             next();
           })
           .catch((err) => {
@@ -33,4 +34,3 @@ export const jwtValidationMiddleware: (
       next(err);
     }
   };
-};