@volontariapp/auth 2.1.16-snap-e3bade7 → 3.0.0-snap-55be23a
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +5 -4
- package/dist/auth.module.d.ts +3 -0
- package/dist/auth.module.d.ts.map +1 -1
- package/dist/auth.module.js +60 -10
- package/dist/auth.module.js.map +1 -1
- package/dist/constants/index.d.ts +2 -0
- package/dist/constants/index.d.ts.map +1 -1
- package/dist/constants/index.js +2 -0
- package/dist/constants/index.js.map +1 -1
- package/dist/decorators/public.decorator.d.ts +2 -0
- package/dist/decorators/public.decorator.d.ts.map +1 -0
- package/dist/decorators/public.decorator.js +4 -0
- package/dist/decorators/public.decorator.js.map +1 -0
- package/dist/decorators/refresh-token.decorator.d.ts +2 -0
- package/dist/decorators/refresh-token.decorator.d.ts.map +1 -0
- package/dist/decorators/refresh-token.decorator.js +7 -0
- package/dist/decorators/refresh-token.decorator.js.map +1 -0
- package/dist/guards/access-token.guard.d.ts +3 -1
- package/dist/guards/access-token.guard.d.ts.map +1 -1
- package/dist/guards/access-token.guard.js +25 -5
- package/dist/guards/access-token.guard.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/interceptors/grpc-internal.interceptor.d.ts +3 -3
- package/dist/interceptors/grpc-internal.interceptor.d.ts.map +1 -1
- package/dist/interceptors/grpc-internal.interceptor.js +10 -7
- package/dist/interceptors/grpc-internal.interceptor.js.map +1 -1
- package/dist/middlewares/access-token.middleware.d.ts.map +1 -1
- package/dist/middlewares/access-token.middleware.js +3 -0
- package/dist/middlewares/access-token.middleware.js.map +1 -1
- package/dist/middlewares/refresh-token.middleware.d.ts.map +1 -1
- package/dist/middlewares/refresh-token.middleware.js +9 -1
- package/dist/middlewares/refresh-token.middleware.js.map +1 -1
- package/dist/services/grpc-metadata.helper.d.ts +1 -1
- package/dist/services/grpc-metadata.helper.d.ts.map +1 -1
- package/dist/services/grpc-metadata.helper.js +2 -1
- package/dist/services/grpc-metadata.helper.js.map +1 -1
- package/dist/test/example/public-test.controller.d.ts +23 -0
- package/dist/test/example/public-test.controller.d.ts.map +1 -0
- package/dist/test/example/public-test.controller.js +83 -0
- package/dist/test/example/public-test.controller.js.map +1 -0
- package/dist/test/integration/full-auth-flow.int.spec.js +31 -10
- package/dist/test/integration/full-auth-flow.int.spec.js.map +1 -1
- package/dist/test/integration/public-bypass.int.spec.d.ts +2 -0
- package/dist/test/integration/public-bypass.int.spec.d.ts.map +1 -0
- package/dist/test/integration/public-bypass.int.spec.js +127 -0
- package/dist/test/integration/public-bypass.int.spec.js.map +1 -0
- package/dist/test/unit/access-token.guard.unit.spec.d.ts +2 -0
- package/dist/test/unit/access-token.guard.unit.spec.d.ts.map +1 -0
- package/dist/test/unit/access-token.guard.unit.spec.js +69 -0
- package/dist/test/unit/access-token.guard.unit.spec.js.map +1 -0
- package/dist/test/unit/access-token.middleware.unit.spec.d.ts +2 -0
- package/dist/test/unit/access-token.middleware.unit.spec.d.ts.map +1 -0
- package/dist/test/unit/access-token.middleware.unit.spec.js +65 -0
- package/dist/test/unit/access-token.middleware.unit.spec.js.map +1 -0
- package/dist/test/unit/grpc-internal.interceptor.unit.spec.js +14 -7
- package/dist/test/unit/grpc-internal.interceptor.unit.spec.js.map +1 -1
- package/dist/test/unit/grpc-metadata.helper.unit.spec.d.ts +2 -0
- package/dist/test/unit/grpc-metadata.helper.unit.spec.d.ts.map +1 -0
- package/dist/test/unit/grpc-metadata.helper.unit.spec.js +25 -0
- package/dist/test/unit/grpc-metadata.helper.unit.spec.js.map +1 -0
- package/dist/test/unit/refresh-token.guard.unit.spec.d.ts +2 -0
- package/dist/test/unit/refresh-token.guard.unit.spec.d.ts.map +1 -0
- package/dist/test/unit/refresh-token.guard.unit.spec.js +43 -0
- package/dist/test/unit/refresh-token.guard.unit.spec.js.map +1 -0
- package/dist/test/unit/refresh-token.middleware.unit.spec.d.ts +2 -0
- package/dist/test/unit/refresh-token.middleware.unit.spec.d.ts.map +1 -0
- package/dist/test/unit/refresh-token.middleware.unit.spec.js +44 -0
- package/dist/test/unit/refresh-token.middleware.unit.spec.js.map +1 -0
- package/package.json +2 -2
|
@@ -4,7 +4,7 @@ import { Logger } from '@volontariapp/logger';
|
|
|
4
4
|
import * as jose from 'jose';
|
|
5
5
|
import { Test } from '@nestjs/testing';
|
|
6
6
|
import request from 'supertest';
|
|
7
|
-
import { JwtService, AccessTokenMiddleware, AccessTokenGuard, RolesGuard, GrpcInternalInterceptor, GrpcInternalGuard, INTERNAL_TOKEN_METADATA_KEY, } from '../../index.js';
|
|
7
|
+
import { JwtService, AccessTokenMiddleware, AccessTokenGuard, RolesGuard, GrpcInternalInterceptor, GrpcInternalGuard, GrpcMetadataHelper, INTERNAL_TOKEN_METADATA_KEY, } from '../../index.js';
|
|
8
8
|
import { createAuthUser } from '../factories/auth-user.factory.js';
|
|
9
9
|
import { createMock } from '@golevelup/ts-jest';
|
|
10
10
|
import { AuthTestController } from '../example/auth-test.controller.js';
|
|
@@ -70,6 +70,7 @@ describe('Full Auth Flow (Integration)', () => {
|
|
|
70
70
|
AccessTokenGuard,
|
|
71
71
|
RolesGuard,
|
|
72
72
|
GrpcInternalGuard,
|
|
73
|
+
GrpcMetadataHelper,
|
|
73
74
|
GrpcInternalInterceptor,
|
|
74
75
|
],
|
|
75
76
|
}).compile();
|
|
@@ -79,32 +80,52 @@ describe('Full Auth Flow (Integration)', () => {
|
|
|
79
80
|
jwtService = app.get(JwtService);
|
|
80
81
|
});
|
|
81
82
|
afterEach(async () => {
|
|
82
|
-
|
|
83
|
+
try {
|
|
84
|
+
await app.close();
|
|
85
|
+
}
|
|
86
|
+
catch {
|
|
87
|
+
}
|
|
83
88
|
});
|
|
84
89
|
it('should complete the full auth lifecycle (HTTP AT -> Internal Token -> gRPC Verification)', async () => {
|
|
85
|
-
const user = createAuthUser();
|
|
90
|
+
const user = createAuthUser({ id: 'gateway-to-ms-user' });
|
|
86
91
|
const accessToken = await jwtService.signAccessToken(user);
|
|
92
|
+
const atGuard = app.get(AccessTokenGuard);
|
|
93
|
+
const atGuardSpy = jest.spyOn(atGuard, 'canActivate');
|
|
94
|
+
const interceptor = app.get(GrpcInternalInterceptor);
|
|
95
|
+
const interceptorSpy = jest.spyOn(interceptor, 'intercept');
|
|
96
|
+
const metadataHelper = app.get(GrpcMetadataHelper);
|
|
97
|
+
const metadataHelperSpy = jest.spyOn(metadataHelper, 'createInternalMetadata');
|
|
98
|
+
const msGuard = app.get(GrpcInternalGuard);
|
|
99
|
+
const msGuardSpy = jest.spyOn(msGuard, 'canActivate');
|
|
87
100
|
const httpResponse = await request(app.getHttpServer())
|
|
88
101
|
.get('/test/external')
|
|
89
102
|
.set('Authorization', `Bearer ${accessToken}`);
|
|
90
103
|
expect(httpResponse.status).toBe(200);
|
|
104
|
+
expect(atGuardSpy).toHaveBeenCalled();
|
|
105
|
+
expect(interceptorSpy).toHaveBeenCalled();
|
|
106
|
+
expect(metadataHelperSpy).toHaveBeenCalled();
|
|
91
107
|
const body = httpResponse.body;
|
|
92
|
-
expect(body.user.id).toBe(user.id);
|
|
93
108
|
const internalToken = body.internalToken;
|
|
94
|
-
expect(
|
|
95
|
-
const
|
|
109
|
+
expect(internalToken).toBeDefined();
|
|
110
|
+
const incomingMetadata = createMock({
|
|
96
111
|
get: jest.fn((key) => (key === INTERNAL_TOKEN_METADATA_KEY ? [internalToken] : [])),
|
|
97
112
|
});
|
|
98
|
-
const
|
|
113
|
+
const rpcContext = createMock({
|
|
99
114
|
getType: () => 'rpc',
|
|
100
115
|
switchToRpc: () => ({
|
|
101
|
-
getContext: () =>
|
|
116
|
+
getContext: () => incomingMetadata,
|
|
102
117
|
getData: () => ({}),
|
|
103
118
|
}),
|
|
119
|
+
switchToHttp: () => ({
|
|
120
|
+
getRequest: () => ({}),
|
|
121
|
+
}),
|
|
104
122
|
});
|
|
105
|
-
const
|
|
106
|
-
const canActivate = await guard.canActivate(executionContext);
|
|
123
|
+
const canActivate = await msGuard.canActivate(rpcContext);
|
|
107
124
|
expect(canActivate).toBe(true);
|
|
125
|
+
expect(msGuardSpy).toHaveBeenCalledWith(rpcContext);
|
|
126
|
+
const injectedUser = incomingMetadata.user;
|
|
127
|
+
expect(injectedUser).toBeDefined();
|
|
128
|
+
expect(injectedUser.id).toBe(user.id);
|
|
108
129
|
});
|
|
109
130
|
it('should deny access if AT is missing', async () => {
|
|
110
131
|
const response = await request(app.getHttpServer()).get('/test/external');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"full-auth-flow.int.spec.js","sourceRoot":"","sources":["../../../src/test/integration/full-auth-flow.int.spec.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC7F,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAEvC,OAAO,OAAO,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"full-auth-flow.int.spec.js","sourceRoot":"","sources":["../../../src/test/integration/full-auth-flow.int.spec.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC7F,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAEvC,OAAO,OAAO,MAAM,WAAW,CAAC;AAEhC,OAAO,EACL,UAAU,EACV,qBAAqB,EACrB,gBAAgB,EAChB,UAAU,EACV,uBAAuB,EACvB,iBAAiB,EACjB,kBAAkB,EAClB,2BAA2B,GAC5B,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAEhD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AAExE,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;IAC5C,IAAI,GAAqB,CAAC;IAC1B,IAAI,UAAsB,CAAC;IAC3B,IAAI,iBAAyB,CAAC;IAC9B,IAAI,kBAA0B,CAAC;IAC/B,IAAI,cAAsB,CAAC;IAC3B,IAAI,eAAuB,CAAC;IAC5B,IAAI,mBAA2B,CAAC;IAChC,IAAI,kBAA0B,CAAC;IAE/B,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9E,iBAAiB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAChE,kBAAkB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;QAEnE,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC;QAChF,cAAc,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAC/D,eAAe,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QAElE,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC;QAC/E,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAClE,mBAAmB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;IAEH,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,IAAI,CAAC,eAAe,EAAE,CAAC;QAEvB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACnE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAEnE,MAAM,MAAM,GAAG;YACb,wBAAwB,EAAE,mBAAmB;YAC7C,yBAAyB,EAAE,oBAAoB;YAC/C,qBAAqB,EAAE,qBAAqB;YAC5C,sBAAsB,EAAE,sBAAsB;YAC9C,yBAAyB,EAAE,oBAAoB;YAC/C,0BAA0B,EAAE,qBAAqB;YACjD,oBAAoB,EAAE,IAAI;YAC1B,iBAAiB,EAAE,IAAI;YACvB,qBAAqB,EAAE,IAAI;SAC5B,CAAC;QAEF,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,EAAE;YACzD,IAAI,IAAI,KAAK,mBAAmB;gBAAE,OAAO,iBAAiB,CAAC;YAC3D,IAAI,IAAI,KAAK,oBAAoB;gBAAE,OAAO,kBAAkB,CAAC;YAC7D,IAAI,IAAI,KAAK,qBAAqB;gBAAE,OAAO,cAAc,CAAC;YAC1D,IAAI,IAAI,KAAK,sBAAsB;gBAAE,OAAO,eAAe,CAAC;YAC5D,IAAI,IAAI,KAAK,oBAAoB;gBAAE,OAAO,kBAAkB,CAAC;YAC7D,IAAI,IAAI,KAAK,qBAAqB;gBAAE,OAAO,mBAAmB,CAAC;YAC/D,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC;YAC/C,WAAW,EAAE,CAAC,kBAAkB,CAAC;YACjC,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,UAAU;oBACnB,QAAQ,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC;iBACjC;gBACD,gBAAgB;gBAChB,UAAU;gBACV,iBAAiB;gBACjB,kBAAkB;gBAClB,uBAAuB;aACxB;SACF,CAAC,CAAC,OAAO,EAAE,CAAC;QAEb,GAAG,GAAG,SAAS,CAAC,qBAAqB,EAAE,CAAC;QACxC,GAAG,CAAC,GAAG,CAAC,IAAI,qBAAqB,EAAE,CAAC,GAAG,CAAC,CAAC;QACzC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAEjB,UAAU,GAAG,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,IAAI,CAAC;YACH,MAAM,GAAG,CAAC,KAAK,EAAE,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0FAA0F,EAAE,KAAK,IAAI,EAAE;QACxG,MAAM,IAAI,GAAG,cAAc,CAAC,EAAE,EAAE,EAAE,oBAAoB,EAAE,CAAC,CAAC;QAC1D,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAE3D,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAC1C,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAEtD,MAAM,WAAW,GAAG,GAAG,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QACrD,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;QAE5D,MAAM,cAAc,GAAG,GAAG,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QACnD,MAAM,iBAAiB,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE,wBAAwB,CAAC,CAAC;QAE/E,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC3C,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAEtD,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;aACpD,GAAG,CAAC,gBAAgB,CAAC;aACrB,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,EAAE,CAAC,CAAC;QAEjD,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACtC,MAAM,CAAC,UAAU,CAAC,CAAC,gBAAgB,EAAE,CAAC;QACtC,MAAM,CAAC,cAAc,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAC1C,MAAM,CAAC,iBAAiB,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAE7C,MAAM,IAAI,GAAG,YAAY,CAAC,IAAuD,CAAC;QAClF,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC;QACzC,MAAM,CAAC,aAAa,CAAC,CAAC,WAAW,EAAE,CAAC;QAEpC,MAAM,gBAAgB,GAAG,UAAU,CAAW;YAC5C,GAAG,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,GAAG,KAAK,2BAA2B,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;SAC5F,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,UAAU,CAAmB;YAC9C,OAAO,EAAE,GAAG,EAAE,CAAC,KAAK;YACpB,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC;gBAClB,UAAU,EAAE,GAAG,EAAE,CAAC,gBAAgB;gBAClC,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC;aACpB,CAAC;YACF,YAAY,EAAE,GAAG,EAAE,CAAC,CAAC;gBACnB,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC;aACvB,CAAC;SACH,CAAC,CAAC;QAEH,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QAE1D,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/B,MAAM,CAAC,UAAU,CAAC,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;QAEpD,MAAM,YAAY,GAAI,gBAAuD,CAAC,IAAgB,CAAC;QAC/F,MAAM,CAAC,YAAY,CAAC,CAAC,WAAW,EAAE,CAAC;QACnC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;QACnD,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAC1E,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,KAAK,IAAI,EAAE;QACtD,MAAM,IAAI,GAAG,cAAc,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;QAC/C,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAE3D,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;aAChD,GAAG,CAAC,aAAa,CAAC;aAClB,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,EAAE,CAAC,CAAC;QAEjD,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0CAA0C,EAAE,KAAK,IAAI,EAAE;QACxD,MAAM,IAAI,GAAG,cAAc,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;QAC9C,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAE3D,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;aAChD,GAAG,CAAC,aAAa,CAAC;aAClB,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,EAAE,CAAC,CAAC;QAEjD,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"public-bypass.int.spec.d.ts","sourceRoot":"","sources":["../../../src/test/integration/public-bypass.int.spec.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,127 @@
|
|
|
1
|
+
import { describe, it, expect, beforeEach, beforeAll, jest, afterEach } from '@jest/globals';
|
|
2
|
+
import fs from 'node:fs';
|
|
3
|
+
import { Logger } from '@volontariapp/logger';
|
|
4
|
+
import * as jose from 'jose';
|
|
5
|
+
import { Test } from '@nestjs/testing';
|
|
6
|
+
import request from 'supertest';
|
|
7
|
+
import { APP_GUARD } from '@nestjs/core';
|
|
8
|
+
import { JwtService, AccessTokenMiddleware, RefreshTokenMiddleware, AccessTokenGuard, } from '../../index.js';
|
|
9
|
+
import { PublicTestController, PublicClassTestController, } from '../example/public-test.controller.js';
|
|
10
|
+
describe('Public Bypass (Integration)', () => {
|
|
11
|
+
let app;
|
|
12
|
+
let jwtService;
|
|
13
|
+
let accessTokenPublic;
|
|
14
|
+
let accessTokenPrivate;
|
|
15
|
+
let refreshTokenPublic;
|
|
16
|
+
let refreshTokenPrivate;
|
|
17
|
+
beforeAll(async () => {
|
|
18
|
+
const accessKeys = await jose.generateKeyPair('RS256', { extractable: true });
|
|
19
|
+
accessTokenPublic = await jose.exportSPKI(accessKeys.publicKey);
|
|
20
|
+
accessTokenPrivate = await jose.exportPKCS8(accessKeys.privateKey);
|
|
21
|
+
const refreshKeys = await jose.generateKeyPair('RS256', { extractable: true });
|
|
22
|
+
refreshTokenPublic = await jose.exportSPKI(refreshKeys.publicKey);
|
|
23
|
+
refreshTokenPrivate = await jose.exportPKCS8(refreshKeys.privateKey);
|
|
24
|
+
});
|
|
25
|
+
beforeEach(async () => {
|
|
26
|
+
jest.restoreAllMocks();
|
|
27
|
+
jest.spyOn(Logger.prototype, 'debug').mockImplementation(() => { });
|
|
28
|
+
jest.spyOn(Logger.prototype, 'info').mockImplementation(() => { });
|
|
29
|
+
jest.spyOn(Logger.prototype, 'warn').mockImplementation(() => { });
|
|
30
|
+
jest.spyOn(Logger.prototype, 'error').mockImplementation(() => { });
|
|
31
|
+
const config = {
|
|
32
|
+
accessTokenPublicKeyPath: 'access-public.pem',
|
|
33
|
+
accessTokenPrivateKeyPath: 'access-private.pem',
|
|
34
|
+
internalPublicKeyPath: 'internal-public.pem',
|
|
35
|
+
internalPrivateKeyPath: 'internal-private.pem',
|
|
36
|
+
refreshTokenPublicKeyPath: 'refresh-public.pem',
|
|
37
|
+
refreshTokenPrivateKeyPath: 'refresh-private.pem',
|
|
38
|
+
accessTokenExpiresIn: '1h',
|
|
39
|
+
internalExpiresIn: '1h',
|
|
40
|
+
refreshTokenExpiresIn: '7d',
|
|
41
|
+
};
|
|
42
|
+
jest.spyOn(fs, 'readFileSync').mockImplementation((path) => {
|
|
43
|
+
if (path === 'access-public.pem')
|
|
44
|
+
return accessTokenPublic;
|
|
45
|
+
if (path === 'access-private.pem')
|
|
46
|
+
return accessTokenPrivate;
|
|
47
|
+
if (path === 'refresh-public.pem')
|
|
48
|
+
return refreshTokenPublic;
|
|
49
|
+
if (path === 'refresh-private.pem')
|
|
50
|
+
return refreshTokenPrivate;
|
|
51
|
+
return '';
|
|
52
|
+
});
|
|
53
|
+
const moduleRef = await Test.createTestingModule({
|
|
54
|
+
controllers: [PublicTestController, PublicClassTestController],
|
|
55
|
+
providers: [
|
|
56
|
+
{
|
|
57
|
+
provide: JwtService,
|
|
58
|
+
useValue: new JwtService(config),
|
|
59
|
+
},
|
|
60
|
+
AccessTokenGuard,
|
|
61
|
+
{
|
|
62
|
+
provide: APP_GUARD,
|
|
63
|
+
useClass: AccessTokenGuard,
|
|
64
|
+
},
|
|
65
|
+
],
|
|
66
|
+
}).compile();
|
|
67
|
+
app = moduleRef.createNestApplication();
|
|
68
|
+
app.use(new AccessTokenMiddleware().use);
|
|
69
|
+
app.use(new RefreshTokenMiddleware().use);
|
|
70
|
+
await app.init();
|
|
71
|
+
jwtService = app.get(JwtService);
|
|
72
|
+
});
|
|
73
|
+
afterEach(async () => {
|
|
74
|
+
try {
|
|
75
|
+
await app.close();
|
|
76
|
+
}
|
|
77
|
+
catch {
|
|
78
|
+
}
|
|
79
|
+
});
|
|
80
|
+
it('should allow access to @Public() route without token', async () => {
|
|
81
|
+
const response = await request(app.getHttpServer()).get('/public-test/open');
|
|
82
|
+
expect(response.status).toBe(200);
|
|
83
|
+
expect(response.body).toEqual({ status: 'open' });
|
|
84
|
+
});
|
|
85
|
+
it('should deny access to non-public route without token', async () => {
|
|
86
|
+
const response = await request(app.getHttpServer()).get('/public-test/closed');
|
|
87
|
+
expect(response.status).toBe(401);
|
|
88
|
+
});
|
|
89
|
+
it('should allow access to non-public route with valid token', async () => {
|
|
90
|
+
const user = { id: 'test-user', role: 'user' };
|
|
91
|
+
const token = await jwtService.signAccessToken(user);
|
|
92
|
+
const response = await request(app.getHttpServer())
|
|
93
|
+
.get('/public-test/closed')
|
|
94
|
+
.set('Authorization', `Bearer ${token}`);
|
|
95
|
+
expect(response.status).toBe(200);
|
|
96
|
+
expect(response.body).toEqual({ status: 'closed' });
|
|
97
|
+
});
|
|
98
|
+
it('should allow access to @Public() route even if AccessTokenGuard is also explicitly applied', async () => {
|
|
99
|
+
const response = await request(app.getHttpServer()).get('/public-test/mixed');
|
|
100
|
+
expect(response.status).toBe(200);
|
|
101
|
+
expect(response.body).toEqual({ status: 'mixed' });
|
|
102
|
+
});
|
|
103
|
+
it('should deny access to non-public route with invalid token', async () => {
|
|
104
|
+
const response = await request(app.getHttpServer())
|
|
105
|
+
.get('/public-test/closed')
|
|
106
|
+
.set('Authorization', 'Bearer invalid-token');
|
|
107
|
+
expect(response.status).toBe(401);
|
|
108
|
+
});
|
|
109
|
+
it('should allow access to all routes in @Public() class', async () => {
|
|
110
|
+
const responseOne = await request(app.getHttpServer()).get('/public-class-test/one');
|
|
111
|
+
expect(responseOne.status).toBe(200);
|
|
112
|
+
expect(responseOne.body).toEqual({ status: 'one' });
|
|
113
|
+
const responseTwo = await request(app.getHttpServer()).get('/public-class-test/two');
|
|
114
|
+
expect(responseTwo.status).toBe(200);
|
|
115
|
+
expect(responseTwo.body).toEqual({ status: 'two' });
|
|
116
|
+
});
|
|
117
|
+
it('should allow access to refresh token route with RT even if global AT guard is present', async () => {
|
|
118
|
+
const user = { id: 'test-user', role: 'user' };
|
|
119
|
+
const refreshToken = await jwtService.signRefreshToken(user);
|
|
120
|
+
const response = await request(app.getHttpServer())
|
|
121
|
+
.get('/public-test/refresh')
|
|
122
|
+
.set('Authorization', `Bearer ${refreshToken}`);
|
|
123
|
+
expect(response.status).toBe(200);
|
|
124
|
+
expect(response.body).toEqual({ status: 'refreshed' });
|
|
125
|
+
});
|
|
126
|
+
});
|
|
127
|
+
//# sourceMappingURL=public-bypass.int.spec.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"public-bypass.int.spec.js","sourceRoot":"","sources":["../../../src/test/integration/public-bypass.int.spec.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC7F,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAEvC,OAAO,OAAO,MAAM,WAAW,CAAC;AAChC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EACL,UAAU,EACV,qBAAqB,EACrB,sBAAsB,EACtB,gBAAgB,GACjB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,oBAAoB,EACpB,yBAAyB,GAC1B,MAAM,sCAAsC,CAAC;AAE9C,QAAQ,CAAC,6BAA6B,EAAE,GAAG,EAAE;IAC3C,IAAI,GAAqB,CAAC;IAC1B,IAAI,UAAsB,CAAC;IAC3B,IAAI,iBAAyB,CAAC;IAC9B,IAAI,kBAA0B,CAAC;IAC/B,IAAI,kBAA0B,CAAC;IAC/B,IAAI,mBAA2B,CAAC;IAEhC,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9E,iBAAiB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAChE,kBAAkB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;QAEnE,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC;QAC/E,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAClE,mBAAmB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;IAEH,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,IAAI,CAAC,eAAe,EAAE,CAAC;QAEvB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACnE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAEnE,MAAM,MAAM,GAAG;YACb,wBAAwB,EAAE,mBAAmB;YAC7C,yBAAyB,EAAE,oBAAoB;YAC/C,qBAAqB,EAAE,qBAAqB;YAC5C,sBAAsB,EAAE,sBAAsB;YAC9C,yBAAyB,EAAE,oBAAoB;YAC/C,0BAA0B,EAAE,qBAAqB;YACjD,oBAAoB,EAAE,IAAI;YAC1B,iBAAiB,EAAE,IAAI;YACvB,qBAAqB,EAAE,IAAI;SAC5B,CAAC;QAEF,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,EAAE;YACzD,IAAI,IAAI,KAAK,mBAAmB;gBAAE,OAAO,iBAAiB,CAAC;YAC3D,IAAI,IAAI,KAAK,oBAAoB;gBAAE,OAAO,kBAAkB,CAAC;YAC7D,IAAI,IAAI,KAAK,oBAAoB;gBAAE,OAAO,kBAAkB,CAAC;YAC7D,IAAI,IAAI,KAAK,qBAAqB;gBAAE,OAAO,mBAAmB,CAAC;YAC/D,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC;YAC/C,WAAW,EAAE,CAAC,oBAAoB,EAAE,yBAAyB,CAAC;YAC9D,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,UAAU;oBACnB,QAAQ,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC;iBACjC;gBACD,gBAAgB;gBAChB;oBACE,OAAO,EAAE,SAAS;oBAClB,QAAQ,EAAE,gBAAgB;iBAC3B;aACF;SACF,CAAC,CAAC,OAAO,EAAE,CAAC;QAEb,GAAG,GAAG,SAAS,CAAC,qBAAqB,EAAE,CAAC;QACxC,GAAG,CAAC,GAAG,CAAC,IAAI,qBAAqB,EAAE,CAAC,GAAG,CAAC,CAAC;QACzC,GAAG,CAAC,GAAG,CAAC,IAAI,sBAAsB,EAAE,CAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAEjB,UAAU,GAAG,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,IAAI,CAAC;YACH,MAAM,GAAG,CAAC,KAAK,EAAE,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;QAET,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;QACpE,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QAC7E,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;QACpE,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QAC/E,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0DAA0D,EAAE,KAAK,IAAI,EAAE;QACxE,MAAM,IAAI,GAAG,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;QAC/C,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAErD,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;aAChD,GAAG,CAAC,qBAAqB,CAAC;aAC1B,GAAG,CAAC,eAAe,EAAE,UAAU,KAAK,EAAE,CAAC,CAAC;QAE3C,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4FAA4F,EAAE,KAAK,IAAI,EAAE;QAC1G,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAC9E,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;QACzE,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;aAChD,GAAG,CAAC,qBAAqB,CAAC;aAC1B,GAAG,CAAC,eAAe,EAAE,sBAAsB,CAAC,CAAC;QAEhD,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;QACpE,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACrF,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACrC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QAEpD,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACrF,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACrC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uFAAuF,EAAE,KAAK,IAAI,EAAE;QACrG,MAAM,IAAI,GAAG,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;QAC/C,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAE7D,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;aAChD,GAAG,CAAC,sBAAsB,CAAC;aAC3B,GAAG,CAAC,eAAe,EAAE,UAAU,YAAY,EAAE,CAAC,CAAC;QAElD,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access-token.guard.unit.spec.d.ts","sourceRoot":"","sources":["../../../src/test/unit/access-token.guard.unit.spec.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
import { describe, it, expect, beforeEach, jest } from '@jest/globals';
|
|
2
|
+
import { AccessTokenGuard } from '../../guards/access-token.guard.js';
|
|
3
|
+
import { createMock } from '@golevelup/ts-jest';
|
|
4
|
+
import { Logger } from '@volontariapp/logger';
|
|
5
|
+
import { createAuthUser } from '../factories/auth-user.factory.js';
|
|
6
|
+
import { IS_REFRESH_TOKEN_KEY } from '../../index.js';
|
|
7
|
+
describe('AccessTokenGuard (Unit)', () => {
|
|
8
|
+
let guard;
|
|
9
|
+
let jwtService;
|
|
10
|
+
let reflector;
|
|
11
|
+
beforeEach(() => {
|
|
12
|
+
jest.restoreAllMocks();
|
|
13
|
+
jwtService = createMock();
|
|
14
|
+
reflector = createMock();
|
|
15
|
+
guard = new AccessTokenGuard(jwtService, reflector);
|
|
16
|
+
jest.spyOn(Logger.prototype, 'debug').mockImplementation(() => { });
|
|
17
|
+
jest.spyOn(Logger.prototype, 'warn').mockImplementation(() => { });
|
|
18
|
+
jest.spyOn(Logger.prototype, 'error').mockImplementation(() => { });
|
|
19
|
+
jest.spyOn(reflector, 'getAllAndOverride').mockReturnValue(false);
|
|
20
|
+
});
|
|
21
|
+
it('should allow access and set user if token is valid', async () => {
|
|
22
|
+
const user = createAuthUser();
|
|
23
|
+
const token = 'valid-token';
|
|
24
|
+
const request = { accessToken: token };
|
|
25
|
+
const context = createMock();
|
|
26
|
+
const spyVerifyAccessToken = jest.spyOn(jwtService, 'verifyAccessToken');
|
|
27
|
+
jest.spyOn(context.switchToHttp(), 'getRequest').mockReturnValue(request);
|
|
28
|
+
spyVerifyAccessToken.mockResolvedValue(user);
|
|
29
|
+
const result = await guard.canActivate(context);
|
|
30
|
+
expect(result).toBe(true);
|
|
31
|
+
expect(request).toHaveProperty('user', user);
|
|
32
|
+
expect(spyVerifyAccessToken).toHaveBeenCalledWith(token);
|
|
33
|
+
});
|
|
34
|
+
it('should throw MISSING_ACCESS_TOKEN if token is missing', async () => {
|
|
35
|
+
const request = {};
|
|
36
|
+
const context = createMock();
|
|
37
|
+
jest.spyOn(context.switchToHttp(), 'getRequest').mockReturnValue(request);
|
|
38
|
+
await expect(guard.canActivate(context)).rejects.toThrow();
|
|
39
|
+
});
|
|
40
|
+
it('should throw INVALID_ACCESS_TOKEN if token verification fails', async () => {
|
|
41
|
+
const token = 'invalid-token';
|
|
42
|
+
const request = { accessToken: token };
|
|
43
|
+
const context = createMock();
|
|
44
|
+
jest.spyOn(context.switchToHttp(), 'getRequest').mockReturnValue(request);
|
|
45
|
+
jest.spyOn(jwtService, 'verifyAccessToken').mockRejectedValue(new Error('Invalid signature'));
|
|
46
|
+
await expect(guard.canActivate(context)).rejects.toThrow();
|
|
47
|
+
});
|
|
48
|
+
it('should allow access if route is public', async () => {
|
|
49
|
+
const context = createMock();
|
|
50
|
+
const getAllAndOverrideSpy = jest.spyOn(reflector, 'getAllAndOverride').mockReturnValue(true);
|
|
51
|
+
const result = await guard.canActivate(context);
|
|
52
|
+
expect(result).toBe(true);
|
|
53
|
+
expect(getAllAndOverrideSpy).toHaveBeenCalled();
|
|
54
|
+
});
|
|
55
|
+
it('should allow access if route is refresh token route', async () => {
|
|
56
|
+
const context = createMock();
|
|
57
|
+
const getAllAndOverrideSpy = jest
|
|
58
|
+
.spyOn(reflector, 'getAllAndOverride')
|
|
59
|
+
.mockImplementation((key) => {
|
|
60
|
+
if (key === IS_REFRESH_TOKEN_KEY)
|
|
61
|
+
return true;
|
|
62
|
+
return false;
|
|
63
|
+
});
|
|
64
|
+
const result = await guard.canActivate(context);
|
|
65
|
+
expect(result).toBe(true);
|
|
66
|
+
expect(getAllAndOverrideSpy).toHaveBeenCalledWith(IS_REFRESH_TOKEN_KEY, expect.anything());
|
|
67
|
+
});
|
|
68
|
+
});
|
|
69
|
+
//# sourceMappingURL=access-token.guard.unit.spec.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access-token.guard.unit.spec.js","sourceRoot":"","sources":["../../../src/test/unit/access-token.guard.unit.spec.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AACvE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAIhD,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AAEtD,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,IAAI,KAAuB,CAAC;IAC5B,IAAI,UAAsB,CAAC;IAC3B,IAAI,SAAoB,CAAC;IAEzB,UAAU,CAAC,GAAG,EAAE;QACd,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,UAAU,GAAG,UAAU,EAAc,CAAC;QACtC,SAAS,GAAG,UAAU,EAAa,CAAC;QACpC,KAAK,GAAG,IAAI,gBAAgB,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACnE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAEnE,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,mBAAmB,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IACpE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oDAAoD,EAAE,KAAK,IAAI,EAAE;QAClE,MAAM,IAAI,GAAG,cAAc,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,aAAa,CAAC;QAC5B,MAAM,OAAO,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;QACvC,MAAM,OAAO,GAAG,UAAU,EAAoB,CAAC;QAC/C,MAAM,oBAAoB,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC;QACzE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAE1E,oBAAoB,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAE7C,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAEhD,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC7C,MAAM,CAAC,oBAAoB,CAAC,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uDAAuD,EAAE,KAAK,IAAI,EAAE;QACrE,MAAM,OAAO,GAAG,EAAE,CAAC;QACnB,MAAM,OAAO,GAAG,UAAU,EAAoB,CAAC;QAC/C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAE1E,MAAM,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+DAA+D,EAAE,KAAK,IAAI,EAAE;QAC7E,MAAM,KAAK,GAAG,eAAe,CAAC;QAC9B,MAAM,OAAO,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;QACvC,MAAM,OAAO,GAAG,UAAU,EAAoB,CAAC;QAC/C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAE1E,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC,iBAAiB,CAAC,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC;QAE9F,MAAM,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,KAAK,IAAI,EAAE;QACtD,MAAM,OAAO,GAAG,UAAU,EAAoB,CAAC;QAC/C,MAAM,oBAAoB,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,mBAAmB,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAE9F,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAEhD,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,CAAC,oBAAoB,CAAC,CAAC,gBAAgB,EAAE,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;QACnE,MAAM,OAAO,GAAG,UAAU,EAAoB,CAAC;QAC/C,MAAM,oBAAoB,GAAG,IAAI;aAC9B,KAAK,CAAC,SAAS,EAAE,mBAAmB,CAAC;aACrC,kBAAkB,CAAC,CAAC,GAAG,EAAE,EAAE;YAC1B,IAAI,GAAG,KAAK,oBAAoB;gBAAE,OAAO,IAAI,CAAC;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;QAEL,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAEhD,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,CAAC,oBAAoB,CAAC,CAAC,oBAAoB,CAAC,oBAAoB,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC7F,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access-token.middleware.unit.spec.d.ts","sourceRoot":"","sources":["../../../src/test/unit/access-token.middleware.unit.spec.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
import { describe, it, expect, beforeEach, jest } from '@jest/globals';
|
|
2
|
+
import { AccessTokenMiddleware } from '../../middlewares/access-token.middleware.js';
|
|
3
|
+
import { Logger } from '@volontariapp/logger';
|
|
4
|
+
describe('AccessTokenMiddleware (Unit)', () => {
|
|
5
|
+
let middleware;
|
|
6
|
+
beforeEach(() => {
|
|
7
|
+
jest.restoreAllMocks();
|
|
8
|
+
middleware = new AccessTokenMiddleware();
|
|
9
|
+
jest.spyOn(Logger.prototype, 'debug').mockImplementation(() => { });
|
|
10
|
+
jest.spyOn(Logger.prototype, 'warn').mockImplementation(() => { });
|
|
11
|
+
});
|
|
12
|
+
it('should extract token from Authorization header', () => {
|
|
13
|
+
const req = {
|
|
14
|
+
headers: {
|
|
15
|
+
authorization: 'Bearer my-token',
|
|
16
|
+
},
|
|
17
|
+
};
|
|
18
|
+
const next = jest.fn();
|
|
19
|
+
middleware.use(req, {}, next);
|
|
20
|
+
expect(req).toHaveProperty('accessToken', 'my-token');
|
|
21
|
+
expect(next).toHaveBeenCalled();
|
|
22
|
+
});
|
|
23
|
+
it('should extract token from cookies (accessToken)', () => {
|
|
24
|
+
const req = {
|
|
25
|
+
headers: {},
|
|
26
|
+
cookies: {
|
|
27
|
+
accessToken: 'cookie-token',
|
|
28
|
+
},
|
|
29
|
+
};
|
|
30
|
+
const next = jest.fn();
|
|
31
|
+
middleware.use(req, {}, next);
|
|
32
|
+
expect(req).toHaveProperty('accessToken', 'cookie-token');
|
|
33
|
+
expect(next).toHaveBeenCalled();
|
|
34
|
+
});
|
|
35
|
+
it('should extract token from cookies (access_token)', () => {
|
|
36
|
+
const req = {
|
|
37
|
+
headers: {},
|
|
38
|
+
cookies: {
|
|
39
|
+
access_token: 'cookie-token-2',
|
|
40
|
+
},
|
|
41
|
+
};
|
|
42
|
+
const next = jest.fn();
|
|
43
|
+
middleware.use(req, {}, next);
|
|
44
|
+
expect(req).toHaveProperty('accessToken', 'cookie-token-2');
|
|
45
|
+
expect(next).toHaveBeenCalled();
|
|
46
|
+
});
|
|
47
|
+
it('should log debug and call next if no token is found', () => {
|
|
48
|
+
const req = {
|
|
49
|
+
headers: {},
|
|
50
|
+
};
|
|
51
|
+
const next = jest.fn();
|
|
52
|
+
const debugSpy = jest.spyOn(Logger.prototype, 'debug');
|
|
53
|
+
middleware.use(req, {}, next);
|
|
54
|
+
expect(req).not.toHaveProperty('accessToken');
|
|
55
|
+
expect(next).toHaveBeenCalled();
|
|
56
|
+
expect(debugSpy).toHaveBeenCalledWith('No access token found in headers or cookies');
|
|
57
|
+
});
|
|
58
|
+
it('should handle missing headers or cookies gracefully', () => {
|
|
59
|
+
const req = {};
|
|
60
|
+
const next = jest.fn();
|
|
61
|
+
middleware.use(req, {}, next);
|
|
62
|
+
expect(next).toHaveBeenCalled();
|
|
63
|
+
});
|
|
64
|
+
});
|
|
65
|
+
//# sourceMappingURL=access-token.middleware.unit.spec.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access-token.middleware.unit.spec.js","sourceRoot":"","sources":["../../../src/test/unit/access-token.middleware.unit.spec.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AACvE,OAAO,EAAE,qBAAqB,EAAE,MAAM,8CAA8C,CAAC;AACrF,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAE9C,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;IAC5C,IAAI,UAAiC,CAAC;IAEtC,UAAU,CAAC,GAAG,EAAE;QACd,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,UAAU,GAAG,IAAI,qBAAqB,EAAE,CAAC;QACzC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACnE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACpE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,GAAG,GAAG;YACV,OAAO,EAAE;gBACP,aAAa,EAAE,iBAAiB;aACjC;SACF,CAAC;QACF,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC;QAEvB,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;QAE9B,MAAM,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;QACtD,MAAM,CAAC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;QACzD,MAAM,GAAG,GAAG;YACV,OAAO,EAAE,EAAE;YACX,OAAO,EAAE;gBACP,WAAW,EAAE,cAAc;aAC5B;SACF,CAAC;QACF,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC;QAEvB,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;QAE9B,MAAM,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;QAC1D,MAAM,CAAC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;QAC1D,MAAM,GAAG,GAAG;YACV,OAAO,EAAE,EAAE;YACX,OAAO,EAAE;gBACP,YAAY,EAAE,gBAAgB;aAC/B;SACF,CAAC;QACF,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC;QAEvB,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;QAE9B,MAAM,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,aAAa,EAAE,gBAAgB,CAAC,CAAC;QAC5D,MAAM,CAAC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,GAAG,GAAG;YACV,OAAO,EAAE,EAAE;SACZ,CAAC;QACF,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAEvD,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;QAE9B,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC;QAC9C,MAAM,CAAC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAChC,MAAM,CAAC,QAAQ,CAAC,CAAC,oBAAoB,CAAC,6CAA6C,CAAC,CAAC;IACvF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,GAAG,GAAG,EAAE,CAAC;QACf,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC;QAEvB,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;QAE9B,MAAM,CAAC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;IAClC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -3,13 +3,15 @@ import { GrpcInternalInterceptor } from '../../interceptors/grpc-internal.interc
|
|
|
3
3
|
import { createAuthUser } from '../factories/auth-user.factory.js';
|
|
4
4
|
import { createMock } from '@golevelup/ts-jest';
|
|
5
5
|
import { firstValueFrom, of } from 'rxjs';
|
|
6
|
+
import { Metadata } from '@grpc/grpc-js';
|
|
7
|
+
import { INTERNAL_TOKEN_METADATA_KEY } from '../../constants/index.js';
|
|
6
8
|
describe('GrpcInternalInterceptor (Unit)', () => {
|
|
7
9
|
let interceptor;
|
|
8
|
-
let
|
|
10
|
+
let metadataHelper;
|
|
9
11
|
beforeEach(() => {
|
|
10
12
|
jest.restoreAllMocks();
|
|
11
|
-
|
|
12
|
-
interceptor = new GrpcInternalInterceptor(
|
|
13
|
+
metadataHelper = createMock();
|
|
14
|
+
interceptor = new GrpcInternalInterceptor(metadataHelper);
|
|
13
15
|
jest.spyOn(interceptor['logger'], 'debug').mockImplementation(() => undefined);
|
|
14
16
|
});
|
|
15
17
|
it('should call next.handle() if user is not in request', async () => {
|
|
@@ -18,10 +20,10 @@ describe('GrpcInternalInterceptor (Unit)', () => {
|
|
|
18
20
|
jest.spyOn(httpHost, 'getRequest').mockReturnValue({});
|
|
19
21
|
const next = createMock();
|
|
20
22
|
next.handle.mockReturnValue(of({ success: true }));
|
|
21
|
-
const
|
|
23
|
+
const createSpy = jest.spyOn(metadataHelper, 'createInternalMetadata');
|
|
22
24
|
const result = await firstValueFrom(interceptor.intercept(context, next));
|
|
23
25
|
expect(result).toEqual({ success: true });
|
|
24
|
-
expect(
|
|
26
|
+
expect(createSpy).not.toHaveBeenCalled();
|
|
25
27
|
});
|
|
26
28
|
it('should sign internal token if user is present', async () => {
|
|
27
29
|
const user = createAuthUser();
|
|
@@ -31,11 +33,16 @@ describe('GrpcInternalInterceptor (Unit)', () => {
|
|
|
31
33
|
jest.spyOn(httpHost, 'getRequest').mockReturnValue(httpRequest);
|
|
32
34
|
const next = createMock();
|
|
33
35
|
next.handle.mockReturnValue(of({ success: true }));
|
|
34
|
-
const
|
|
36
|
+
const mockMetadata = new Metadata();
|
|
37
|
+
mockMetadata.set(INTERNAL_TOKEN_METADATA_KEY, 'signed-token');
|
|
38
|
+
const createSpy = jest
|
|
39
|
+
.spyOn(metadataHelper, 'createInternalMetadata')
|
|
40
|
+
.mockResolvedValue(mockMetadata);
|
|
35
41
|
const result = await firstValueFrom(interceptor.intercept(context, next));
|
|
36
42
|
expect(result).toEqual({ success: true });
|
|
37
|
-
expect(
|
|
43
|
+
expect(createSpy).toHaveBeenCalledWith(user);
|
|
38
44
|
expect(httpRequest).toHaveProperty('internalToken', 'signed-token');
|
|
45
|
+
expect(httpRequest).toHaveProperty('internalMetadata', mockMetadata);
|
|
39
46
|
});
|
|
40
47
|
});
|
|
41
48
|
//# sourceMappingURL=grpc-internal.interceptor.unit.spec.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grpc-internal.interceptor.unit.spec.js","sourceRoot":"","sources":["../../../src/test/unit/grpc-internal.interceptor.unit.spec.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AACvE,OAAO,EAAE,uBAAuB,EAAE,MAAM,iDAAiD,CAAC;AAC1F,OAAO,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"grpc-internal.interceptor.unit.spec.js","sourceRoot":"","sources":["../../../src/test/unit/grpc-internal.interceptor.unit.spec.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AACvE,OAAO,EAAE,uBAAuB,EAAE,MAAM,iDAAiD,CAAC;AAC1F,OAAO,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAEhD,OAAO,EAAE,cAAc,EAAE,EAAE,EAAE,MAAM,MAAM,CAAC;AAE1C,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,2BAA2B,EAAE,MAAM,0BAA0B,CAAC;AAEvE,QAAQ,CAAC,gCAAgC,EAAE,GAAG,EAAE;IAC9C,IAAI,WAAoC,CAAC;IACzC,IAAI,cAAkC,CAAC;IAEvC,UAAU,CAAC,GAAG,EAAE;QACd,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,cAAc,GAAG,UAAU,EAAsB,CAAC;QAClD,WAAW,GAAG,IAAI,uBAAuB,CAAC,cAAc,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;IACjF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;QACnE,MAAM,OAAO,GAAG,UAAU,EAAoB,CAAC;QAC/C,MAAM,QAAQ,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;QACxC,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;QAEvD,MAAM,IAAI,GAAG,UAAU,EAAe,CAAC;QACvC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAEnD,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE,wBAAwB,CAAC,CAAC;QAEvE,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;QAE1E,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAC1C,MAAM,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;QAC7D,MAAM,IAAI,GAAG,cAAc,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAG,UAAU,EAAoB,CAAC;QAC/C,MAAM,WAAW,GAAG,EAAE,IAAI,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;QACxC,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;QAEhE,MAAM,IAAI,GAAG,UAAU,EAAe,CAAC;QACvC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAEnD,MAAM,YAAY,GAAG,IAAI,QAAQ,EAAE,CAAC;QACpC,YAAY,CAAC,GAAG,CAAC,2BAA2B,EAAE,cAAc,CAAC,CAAC;QAE9D,MAAM,SAAS,GAAG,IAAI;aACnB,KAAK,CAAC,cAAc,EAAE,wBAAwB,CAAC;aAC/C,iBAAiB,CAAC,YAAY,CAAC,CAAC;QAEnC,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;QAE1E,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAC1C,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC;QAC7C,MAAM,CAAC,WAAW,CAAC,CAAC,cAAc,CAAC,eAAe,EAAE,cAAc,CAAC,CAAC;QACpE,MAAM,CAAC,WAAW,CAAC,CAAC,cAAc,CAAC,kBAAkB,EAAE,YAAY,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"grpc-metadata.helper.unit.spec.d.ts","sourceRoot":"","sources":["../../../src/test/unit/grpc-metadata.helper.unit.spec.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import { describe, it, expect, beforeEach, jest } from '@jest/globals';
|
|
2
|
+
import { GrpcMetadataHelper } from '../../services/grpc-metadata.helper.js';
|
|
3
|
+
import { createMock } from '@golevelup/ts-jest';
|
|
4
|
+
import { createAuthUser } from '../factories/auth-user.factory.js';
|
|
5
|
+
import { INTERNAL_TOKEN_METADATA_KEY } from '../../constants/index.js';
|
|
6
|
+
import { Logger } from '@volontariapp/logger';
|
|
7
|
+
describe('GrpcMetadataHelper (Unit)', () => {
|
|
8
|
+
let helper;
|
|
9
|
+
let jwtService;
|
|
10
|
+
beforeEach(() => {
|
|
11
|
+
jest.restoreAllMocks();
|
|
12
|
+
jwtService = createMock();
|
|
13
|
+
helper = new GrpcMetadataHelper(jwtService);
|
|
14
|
+
jest.spyOn(Logger.prototype, 'debug').mockImplementation(() => { });
|
|
15
|
+
});
|
|
16
|
+
it('should create metadata with internal token', async () => {
|
|
17
|
+
const user = createAuthUser();
|
|
18
|
+
const token = 'internal-token-xyz';
|
|
19
|
+
const signSpy = jest.spyOn(jwtService, 'signInternal').mockResolvedValue(token);
|
|
20
|
+
const metadata = await helper.createInternalMetadata(user);
|
|
21
|
+
expect(metadata.get(INTERNAL_TOKEN_METADATA_KEY)).toEqual([token]);
|
|
22
|
+
expect(signSpy).toHaveBeenCalledWith(user);
|
|
23
|
+
});
|
|
24
|
+
});
|
|
25
|
+
//# sourceMappingURL=grpc-metadata.helper.unit.spec.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"grpc-metadata.helper.unit.spec.js","sourceRoot":"","sources":["../../../src/test/unit/grpc-metadata.helper.unit.spec.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AACvE,OAAO,EAAE,kBAAkB,EAAE,MAAM,wCAAwC,CAAC;AAE5E,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAC;AACnE,OAAO,EAAE,2BAA2B,EAAE,MAAM,0BAA0B,CAAC;AAEvE,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAE9C,QAAQ,CAAC,2BAA2B,EAAE,GAAG,EAAE;IACzC,IAAI,MAA0B,CAAC;IAC/B,IAAI,UAAsB,CAAC;IAE3B,UAAU,CAAC,GAAG,EAAE;QACd,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,UAAU,GAAG,UAAU,EAAc,CAAC;QACtC,MAAM,GAAG,IAAI,kBAAkB,CAAC,UAAU,CAAC,CAAC;QAC5C,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACrE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,KAAK,IAAI,EAAE;QAC1D,MAAM,IAAI,GAAG,cAAc,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,oBAAoB,CAAC;QACnC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;QAEhF,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;QAE3D,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;QACnE,MAAM,CAAC,OAAO,CAAC,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"refresh-token.guard.unit.spec.d.ts","sourceRoot":"","sources":["../../../src/test/unit/refresh-token.guard.unit.spec.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
import { describe, it, expect, beforeEach, jest } from '@jest/globals';
|
|
2
|
+
import { RefreshTokenGuard } from '../../guards/refresh-token.guard.js';
|
|
3
|
+
import { createMock } from '@golevelup/ts-jest';
|
|
4
|
+
import { Logger } from '@volontariapp/logger';
|
|
5
|
+
import { createAuthUser } from '../factories/auth-user.factory.js';
|
|
6
|
+
describe('RefreshTokenGuard (Unit)', () => {
|
|
7
|
+
let guard;
|
|
8
|
+
let jwtService;
|
|
9
|
+
beforeEach(() => {
|
|
10
|
+
jest.restoreAllMocks();
|
|
11
|
+
jwtService = createMock();
|
|
12
|
+
guard = new RefreshTokenGuard(jwtService);
|
|
13
|
+
jest.spyOn(Logger.prototype, 'debug').mockImplementation(() => { });
|
|
14
|
+
jest.spyOn(Logger.prototype, 'warn').mockImplementation(() => { });
|
|
15
|
+
jest.spyOn(Logger.prototype, 'error').mockImplementation(() => { });
|
|
16
|
+
});
|
|
17
|
+
it('should allow access if refresh token is valid', async () => {
|
|
18
|
+
const user = createAuthUser();
|
|
19
|
+
const token = 'valid-refresh';
|
|
20
|
+
const request = { refreshToken: token };
|
|
21
|
+
const context = createMock();
|
|
22
|
+
jest.spyOn(context.switchToHttp(), 'getRequest').mockReturnValue(request);
|
|
23
|
+
jest.spyOn(jwtService, 'verifyRefreshToken').mockResolvedValue(user);
|
|
24
|
+
const result = await guard.canActivate(context);
|
|
25
|
+
expect(result).toBe(true);
|
|
26
|
+
expect(request).toHaveProperty('user', user);
|
|
27
|
+
});
|
|
28
|
+
it('should throw MISSING_REFRESH_TOKEN if token is missing', async () => {
|
|
29
|
+
const request = {};
|
|
30
|
+
const context = createMock();
|
|
31
|
+
jest.spyOn(context.switchToHttp(), 'getRequest').mockReturnValue(request);
|
|
32
|
+
await expect(guard.canActivate(context)).rejects.toThrow();
|
|
33
|
+
});
|
|
34
|
+
it('should throw INVALID_REFRESH_TOKEN if token verification fails', async () => {
|
|
35
|
+
const token = 'invalid-refresh';
|
|
36
|
+
const request = { refreshToken: token };
|
|
37
|
+
const context = createMock();
|
|
38
|
+
jest.spyOn(context.switchToHttp(), 'getRequest').mockReturnValue(request);
|
|
39
|
+
jest.spyOn(jwtService, 'verifyRefreshToken').mockRejectedValue(new Error('Expired'));
|
|
40
|
+
await expect(guard.canActivate(context)).rejects.toThrow();
|
|
41
|
+
});
|
|
42
|
+
});
|
|
43
|
+
//# sourceMappingURL=refresh-token.guard.unit.spec.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"refresh-token.guard.unit.spec.js","sourceRoot":"","sources":["../../../src/test/unit/refresh-token.guard.unit.spec.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AACvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,qCAAqC,CAAC;AACxE,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGhD,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAC;AAEnE,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,IAAI,KAAwB,CAAC;IAC7B,IAAI,UAAsB,CAAC;IAE3B,UAAU,CAAC,GAAG,EAAE;QACd,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,UAAU,GAAG,UAAU,EAAc,CAAC;QACtC,KAAK,GAAG,IAAI,iBAAiB,CAAC,UAAU,CAAC,CAAC;QAC1C,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACnE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACrE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;QAC7D,MAAM,IAAI,GAAG,cAAc,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,eAAe,CAAC;QAC9B,MAAM,OAAO,GAAG,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC;QACxC,MAAM,OAAO,GAAG,UAAU,EAAoB,CAAC;QAC/C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAE1E,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,oBAAoB,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAErE,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAEhD,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,OAAO,GAAG,EAAE,CAAC;QACnB,MAAM,OAAO,GAAG,UAAU,EAAoB,CAAC;QAC/C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAE1E,MAAM,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gEAAgE,EAAE,KAAK,IAAI,EAAE;QAC9E,MAAM,KAAK,GAAG,iBAAiB,CAAC;QAChC,MAAM,OAAO,GAAG,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC;QACxC,MAAM,OAAO,GAAG,UAAU,EAAoB,CAAC;QAC/C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAE1E,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,oBAAoB,CAAC,CAAC,iBAAiB,CAAC,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QAErF,MAAM,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"refresh-token.middleware.unit.spec.d.ts","sourceRoot":"","sources":["../../../src/test/unit/refresh-token.middleware.unit.spec.ts"],"names":[],"mappings":""}
|