Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
auth-server
Advanced tools
auth-server - npm Package Compare versions
Comparing version 2.1.32 to 2.2.0
| module.exports = function (req) { | ||
| function getParam (paramName) { | ||
| if (req.query && typeof req.query[paramName] !== 'undefined') | ||
| var getParam = function (paramName) { | ||
| if (req.query && req.query[paramName] !== undefined) { | ||
| return req.query[paramName]; | ||
| else if (req.body && typeof req.body[paramName] !== 'undefined') | ||
| } | ||
| else if (req.body && req.body[paramName] !== undefined) { | ||
| return req.body[paramName]; | ||
| else | ||
| return null; | ||
| } | ||
| return null; | ||
| }; | ||
| function getAccessToken () { | ||
| if (getParam('access_token')) return getParam('access_token') | ||
| var getAccessToken = function () { | ||
| if (!req || !req.headers || !req.headers.authorization) | ||
| if (getParam('access_token')) { | ||
| return getParam('access_token'); | ||
| } | ||
| if (!req || !req.headers || !req.headers.authorization) { | ||
| return null; | ||
| } | ||
| var authHeader = req.headers.authorization, | ||
| startIndex = authHeader.toLowerCase().indexOf('bearer '); | ||
| var authHeader = req.headers.authorization; | ||
| var startIndex = authHeader.toLowerCase().indexOf('bearer '); | ||
| if (startIndex === -1) | ||
| if (startIndex === -1) { | ||
| return null; | ||
| } | ||
| var bearer = authHeader.substring(startIndex + 7), | ||
| spaceIndex = bearer.indexOf(' '); | ||
| var bearer = authHeader.substring(startIndex + 7); | ||
| var spaceIndex = bearer.indexOf(' '); | ||
| if (spaceIndex > 0) | ||
| if (spaceIndex > 0) { | ||
| bearer = bearer.substring(0, spaceIndex); | ||
| } | ||
@@ -29,0 +39,0 @@ return bearer; |
| exports.invalidRequest = function (state) { | ||
| return { | ||
@@ -9,2 +10,3 @@ error: 'The request is missing a required parameter, includes an invalid parameter value, or is otherwise malformed.', | ||
| exports.unauthorizedClient = function (state) { | ||
| return { | ||
@@ -17,2 +19,3 @@ error: 'The client is not authorized to request an authorization code using this method.', | ||
| exports.accessDenied = function (state) { | ||
| return { | ||
@@ -25,2 +28,3 @@ error: 'The resource owner or authorization server denied the request.', | ||
| exports.unsupportedResponseType = function (state) { | ||
| return { | ||
@@ -33,2 +37,3 @@ error: 'The authorization server does not support obtaining an authorization code using this method.', | ||
| exports.redirectUriMismatch = function (state) { | ||
| return { | ||
@@ -41,2 +46,3 @@ error: 'The redirect URI doesn\'t match what is stored for this client', | ||
| exports.invalidScope = function (state) { | ||
| return { | ||
@@ -49,2 +55,3 @@ error: 'The scope is not valid for this client', | ||
| exports.clientCredentialsInvalid = function (state) { | ||
| return { | ||
@@ -57,2 +64,3 @@ error: 'The client credentials are invalid', | ||
| exports.userCredentialsInvalid = function (state) { | ||
| return { | ||
@@ -65,2 +73,3 @@ error: 'The user credentials are invalid', | ||
| exports.unsupportedGrantType = function (state) { | ||
| return { | ||
@@ -73,2 +82,3 @@ error: 'The grant type is invalid', | ||
| exports.unsupportedGrantTypeForClient = function (state) { | ||
| return { | ||
@@ -81,2 +91,3 @@ error: 'The grant type is not supported for this client', | ||
| exports.invalidAuthorizationCode = function (state) { | ||
| return { | ||
@@ -89,2 +100,3 @@ error: 'The authorization code is invalid or expired', | ||
| exports.cannotRequestImplicitToken = function (state) { | ||
| return { | ||
@@ -91,0 +103,0 @@ error: 'You cannot request a token from this endpoint using the implicit grant type', |
@@ -9,3 +9,5 @@ var util = require('./util'); | ||
| exports.requiresClientSecret = function (grantType) { | ||
| grantType = grantType ? grantType.toLowerCase() : grantType; | ||
| return !grantType || (grantType === exports.authorizationCode) || (grantType === exports.clientCredentials); | ||
@@ -15,21 +17,28 @@ }; | ||
| exports.isAllowed = function (grantType, oauthProvider) { | ||
| if (!grantType) | ||
| if (!grantType) { | ||
| return false; | ||
| } | ||
| grantType = grantType.toLowerCase(); | ||
| if (grantType === exports.implicit) | ||
| if (grantType === exports.implicit) { | ||
| return true; | ||
| else if (grantType === exports.authorizationCode && oauthProvider.authorizationService) | ||
| } | ||
| else if (grantType === exports.authorizationCode && oauthProvider.authorizationService) { | ||
| return true; | ||
| else if (grantType === exports.clientCredentials && oauthProvider.clientService) | ||
| } | ||
| else if (grantType === exports.clientCredentials && oauthProvider.clientService) { | ||
| return true; | ||
| else if (grantType === exports.password && oauthProvider.membershipService) | ||
| } | ||
| else if (grantType === exports.password && oauthProvider.membershipService) { | ||
| return true; | ||
| else | ||
| return false; | ||
| } | ||
| return false; | ||
| }; | ||
| exports.isAllowedForClient = function (clientGrantTypes, grantType) { | ||
| return grantType ? util.doesArrayContain(clientGrantTypes, grantType) : false; | ||
| }; |
208
lib/index.js
@@ -0,1 +1,3 @@ | ||
| // Load modules | ||
| var contextHandler = require('./context'), | ||
@@ -6,3 +8,11 @@ errors = require('./errors'), | ||
| exports.AuthServer = function AuthServer (clientService, tokenService, authorizationService, membershipService, expiresIn, supportedScopes) { | ||
| // Declare internals | ||
| var internals = {}; | ||
| module.exports = internals.AuthServer = function (clientService, tokenService, authorizationService, membershipService, expiresIn, supportedScopes) { | ||
| this.clientService = clientService; | ||
@@ -15,90 +25,94 @@ this.tokenService = tokenService; | ||
| this.isSupportedScope = function (scope) { | ||
| if (!supportedScopes) | ||
| return true; | ||
| if (!scope) | ||
| return false; | ||
| return true; | ||
| return !supportedScopes || scope ; | ||
| }; | ||
| this.getExpiresDate = function () { | ||
| return new Date(new Date().getTime() + expiresIn * 60000); | ||
| }; | ||
| } | ||
| }; | ||
| AuthServer.prototype.authorizeRequest = function (req, userId, callback) { | ||
| var self = this, | ||
| context = contextHandler(req); | ||
| internals.AuthServer.prototype.authorizeRequest = function (req, userId, callback) { | ||
| if (!context || !context.responseType) | ||
| var self = this; | ||
| var context = contextHandler(req); | ||
| if (!context || !context.responseType) { | ||
| return callback(errors.invalidRequest(context.state)); | ||
| else if (!authUtil.isAllowedResponseType(context.responseType)) | ||
| } | ||
| else if (!authUtil.isAllowedResponseType(context.responseType)) { | ||
| return callback(errors.unsupportedResponseType(context.state)); | ||
| } | ||
| var authorizeRequestWithClient = function (client) { | ||
| if (!client) | ||
| return callback(errors.invalidClient(context)); | ||
| else if (!context.redirectUri || !self.clientService.isValidRedirectUri(client, context.redirectUri)) | ||
| return callback(errors.redirectUriMismatch(context.state)); | ||
| if (!self.isSupportedScope(context.scope)) | ||
| return callback(errors.invalidScope(context.state)); | ||
| if (!client) { | ||
| return callback(errors.invalidClient(context)); | ||
| } | ||
| else if (!context.redirectUri || !self.clientService.isValidRedirectUri(client, context.redirectUri)) { | ||
| return callback(errors.redirectUriMismatch(context.state)); | ||
| } | ||
| var token = authUtil.isTokenResponseType(context.responseType) ? self.tokenService.generateToken() : null, | ||
| code = authUtil.isCodeResponseType(context.responseType) ? self.tokenService.generateToken() : null, | ||
| finalResponse = function () { | ||
| var response = { | ||
| redirectUri: authUtil.buildAuthorizationUri(context.redirectUri, code, token, context.scope, context.state, self.expiresIn) | ||
| }; | ||
| if (!self.isSupportedScope(context.scope)) { | ||
| return callback(errors.invalidScope(context.state)); | ||
| } | ||
| if (context.state) | ||
| response.state = context.state; | ||
| var token = authUtil.isTokenResponseType(context.responseType) ? self.tokenService.generateToken() : null; | ||
| var code = authUtil.isCodeResponseType(context.responseType) ? self.tokenService.generateToken() : null; | ||
| var finalResponse = function () { | ||
| return callback(response); | ||
| }; | ||
| if (code) | ||
| self.authorizationService.saveAuthorizationCode({ | ||
| code: code, | ||
| redirectUri: context.redirectUri, | ||
| clientId: client.id, | ||
| timestamp: new Date(), | ||
| userId: userId | ||
| }, finalResponse); | ||
| else if (token) | ||
| self.authorizationService.saveAccessToken({ | ||
| access_token: token, | ||
| expires_in: this.getExpiresDate() | ||
| }, finalResponse); | ||
| }, | ||
| next = function (client) { | ||
| authorizeRequestWithClient(client); | ||
| return callback({ | ||
| redirectUri: authUtil.buildAuthorizationUri(context.redirectUri, code, token, context.scope, context.state, self.expiresIn), | ||
| state: context.state | ||
| }); | ||
| }; | ||
| if (code) { | ||
| self.authorizationService.saveAuthorizationCode({ | ||
| code: code, | ||
| redirectUri: context.redirectUri, | ||
| clientId: client.id, | ||
| timestamp: new Date(), | ||
| userId: userId | ||
| }, finalResponse); | ||
| } | ||
| else if (token) { | ||
| self.authorizationService.saveAccessToken({ | ||
| access_token: token, | ||
| expires_in: this.getExpiresDate() | ||
| }, finalResponse); | ||
| } | ||
| }, | ||
| next = function (client) { | ||
| authorizeRequestWithClient(client); | ||
| }; | ||
| self.clientService.getById(context.clientId, next); | ||
| }; | ||
| AuthServer.prototype.getDeviceCode = function (req, callback) { | ||
| var self = this, | ||
| context = contextHandler(req); | ||
| internals.AuthServer.prototype.getDeviceCode = function (req, callback) { | ||
| var self = this; | ||
| var context = contextHandler(req); | ||
| var getCodeWithClient = function (client) { | ||
| if (!client) | ||
| if (!client) { | ||
| return callback(errors.invalidClient(context)); | ||
| else if (!self.isSupportedScope(context.scope)) | ||
| } | ||
| else if (!self.isSupportedScope(context.scope)) { | ||
| return callback(errors.invalidScope(context.state)); | ||
| } | ||
| var code = self.tokenService.generateDeviceCode(), | ||
| finalResponse = function () { | ||
| var response = { | ||
| code: code | ||
| }; | ||
| var code = self.tokenService.generateDeviceCode(); | ||
| var finalResponse = function () { | ||
| if (context.state) | ||
| response.state = context.state; | ||
| return callback({ | ||
| code: code, | ||
| state: context.state | ||
| }); | ||
| }; | ||
| return callback(response); | ||
| }; | ||
| self.authorizationService.saveAuthorizationCode({ | ||
@@ -113,2 +127,3 @@ code: code, | ||
| next = function (client) { | ||
| getCodeWithClient(client); | ||
@@ -120,11 +135,14 @@ }; | ||
| AuthServer.prototype.getTokenData = function (context, userId, callback) { | ||
| var self = this, | ||
| grantType = context.grantType.toLowerCase(), | ||
| generateTokenDataRef = function (includeRefreshToken) { | ||
| return authUtil.generateTokenData(userId, context.clientId, includeRefreshToken, self.tokenService.generateToken, self.getExpiresDate); | ||
| }; | ||
| internals.AuthServer.prototype.getTokenData = function (context, userId, callback) { | ||
| var self = this; | ||
| var grantType = context.grantType.toLowerCase(); | ||
| var generateTokenDataRef = function (includeRefreshToken) { | ||
| return authUtil.generateTokenData(userId, context.clientId, includeRefreshToken, self.tokenService.generateToken, self.getExpiresDate); | ||
| }; | ||
| if (grantType === grantTypes.authorizationCode) { | ||
| authUtil.isValidAuthorizationCode(context, self.authorizationService, function (isValidAuthCode) { | ||
| var tokenData = isValidAuthCode ? generateTokenDataRef(true) : errors.invalidAuthorizationCode(context.state); | ||
@@ -136,2 +154,3 @@ return callback(tokenData); | ||
| self.membershipService.areUserCredentialsValid(context.userName, context.password, context.scope, function (isValidPassword) { | ||
| var tokenData = isValidPassword ? generateTokenDataRef(true) : errors.invalidUserCredentials(context.state); | ||
@@ -141,32 +160,44 @@ return callback(tokenData); | ||
| } | ||
| else if (grantType === grantTypes.clientCredentials) | ||
| else if (grantType === grantTypes.clientCredentials) { | ||
| return callback(generateTokenDataRef(false)); | ||
| else if (grantType === grantTypes.implicit) | ||
| } | ||
| else if (grantType === grantTypes.implicit) { | ||
| return callback(errors.cannotRequestImplicitToken(context.state)); | ||
| else | ||
| return callback(errors.unsupportedGrantType(context.state)); | ||
| } | ||
| return callback(errors.unsupportedGrantType(context.state)); | ||
| }; | ||
| AuthServer.prototype.grantAccessToken = function (req, userId, callback) { | ||
| var self = this, | ||
| context = contextHandler(req); | ||
| internals.AuthServer.prototype.grantAccessToken = function (req, userId, callback) { | ||
| if (!context.grantType) | ||
| var self = this; | ||
| var context = contextHandler(req); | ||
| if (!context.grantType) { | ||
| return callback(errors.invalidRequest(context.state)); | ||
| else if (!grantTypes.isAllowed(context.grantType, self)) | ||
| } | ||
| else if (!grantTypes.isAllowed(context.grantType, self)) { | ||
| return callback(errors.unsupportedGrantType(context.state)); | ||
| } | ||
| var next = function (client) { | ||
| if (!client) | ||
| if (!client) { | ||
| return callback(errors.invalidClient(context)); | ||
| else if (!grantTypes.isAllowedForClient(client.grantTypes, context.grantType)) | ||
| } | ||
| else if (!grantTypes.isAllowedForClient(client.grantTypes, context.grantType)) { | ||
| return callback(errors.unsupportedGrantTypeForClient(context.state)); | ||
| } | ||
| if (grantTypes.requiresClientSecret(context.grantType) && context.clientSecret !== client.secret) | ||
| if (grantTypes.requiresClientSecret(context.grantType) && context.clientSecret !== client.secret) { | ||
| return callback(errors.clientCredentialsInvalid(context.state)); | ||
| } | ||
| return self.getTokenData(context, userId, function (tokenData) { | ||
| return tokenData.error ? callback(tokenData) : self.authorizationService.saveAccessToken(tokenData, function () { | ||
| delete tokenData.userId; | ||
| delete tokenData.clientId; | ||
| callback(tokenData) | ||
| callback(tokenData); | ||
| }); | ||
@@ -179,9 +210,11 @@ }); | ||
| AuthServer.prototype.validateAccessToken = function (req, callback) { | ||
| var self = this, | ||
| context = contextHandler(req); | ||
| internals.AuthServer.prototype.validateAccessToken = function (req, callback) { | ||
| var self = this; | ||
| var context = contextHandler(req); | ||
| return self.authorizationService.getAccessToken(context.access_token, function (tokenData) { | ||
| var response; | ||
| if (!tokenData || !tokenData.access_token) | ||
| if (!tokenData || !tokenData.access_token) { | ||
| response = { | ||
@@ -191,3 +224,4 @@ isValid: false, | ||
| }; | ||
| else if (authUtil.isExpired(tokenData.expiresDate)) | ||
| } | ||
| else if (authUtil.isExpired(tokenData.expiresDate)) { | ||
| response = { | ||
@@ -197,3 +231,4 @@ isValid: false, | ||
| }; | ||
| else | ||
| } | ||
| else { | ||
| response = { | ||
@@ -204,2 +239,3 @@ isValid: true, | ||
| }; | ||
| } | ||
@@ -206,0 +242,0 @@ return callback(response); |
| exports.isValidAuthorizationCode = function (context, authorizationService, callback) { | ||
| /* | ||
@@ -6,6 +7,7 @@ Validate the code is present, matches the stored one, and the clientId's match across requests | ||
| authorizationService.getAuthorizationCode(context.code, function (authorizationCode) { | ||
| return callback(authorizationCode | ||
| && (context.code === authorizationCode.code) | ||
| && !exports.isExpired(authorizationCode.expiresDate) | ||
| && context.clientId === authorizationCode.clientId); | ||
| return callback(authorizationCode && | ||
| (context.code === authorizationCode.code) && | ||
| !exports.isExpired(authorizationCode.expiresDate) && | ||
| context.clientId === authorizationCode.clientId); | ||
| }); | ||
@@ -15,2 +17,3 @@ }; | ||
| exports.generateTokenData = function (userId, clientId, includeRefreshToken, generateToken, getExpiresDate) { | ||
| var tokenData = { | ||
@@ -21,8 +24,6 @@ access_token: generateToken(), | ||
| userId: userId, | ||
| clientId: clientId | ||
| clientId: clientId, | ||
| refresh_token: includeRefreshToken ? generateToken() : null | ||
| }; | ||
| if (includeRefreshToken) | ||
| tokenData.refresh_token = generateToken(); | ||
| return tokenData; | ||
@@ -32,8 +33,11 @@ }; | ||
| exports.doesArrayContain = function (arrayList, item) { | ||
| if (!arrayList) | ||
| if (!arrayList) { | ||
| return false; | ||
| } | ||
| for (var i = 0, length = arrayList.length; i < length; i++) { | ||
| if (arrayList[i] === item) | ||
| if (arrayList[i] === item) { | ||
| return true; | ||
| } | ||
| } | ||
@@ -45,2 +49,3 @@ | ||
| exports.isExpired = function (expiresDate) { | ||
| return expiresDate < new Date(); | ||
@@ -50,2 +55,3 @@ }; | ||
| exports.isAllowedResponseType = function (responseType) { | ||
| return exports.isCodeResponseType(responseType) || exports.isTokenResponseType(responseType); | ||
@@ -55,2 +61,3 @@ }; | ||
| exports.isCodeResponseType = function (responseType) { | ||
| return responseType === 'code' || responseType === 'code_and_token'; | ||
@@ -60,2 +67,3 @@ }; | ||
| exports.isTokenResponseType = function (responseType) { | ||
| return responseType === 'token' || responseType === 'code_and_token'; | ||
@@ -65,10 +73,14 @@ }; | ||
| exports.buildAuthorizationUri = function (redirectUri, code, token, scope, state, expiresIn) { | ||
| var query = ''; | ||
| if (code) | ||
| if (code) { | ||
| query += 'code=' + code; | ||
| if (token) | ||
| } | ||
| if (token) { | ||
| query += '&access_token=' + token; | ||
| if (expiresIn) | ||
| } | ||
| if (expiresIn) { | ||
| query += '&expires_in=' + expiresIn; | ||
| } | ||
@@ -81,4 +93,5 @@ if (scope) { | ||
| if (scopeFormatted[scopeFormatted.length] === ',') | ||
| if (scopeFormatted[scopeFormatted.length] === ',') { | ||
| scopeFormatted = scopeFormatted.slice(0, scopeFormatted.length - 1); | ||
| } | ||
@@ -88,4 +101,5 @@ query += scopeFormatted; | ||
| if (state) | ||
| if (state) { | ||
| query += '&state=' + state; | ||
| } | ||
@@ -96,3 +110,4 @@ return redirectUri + '?' + query; | ||
| exports.areClientCredentialsValid = function (client, context) { | ||
| return client.id === context.clientId && client.secret === context.clientSecret; | ||
| }; |
| { | ||
| "author": "Wyatt Preul <wpreul@gmail.com> (http://kittenbubbles.com)", | ||
| "author": "Wyatt Preul <wpreul@gmail.com> (http://jsgeek.com)", | ||
| "name": "auth-server", | ||
| "description": "OAuth Server for v2.31 of spec", | ||
| "keywords": ["oauth", "auth server"], | ||
| "version": "2.1.32", | ||
| "version": "2.2.0", | ||
| "homepage": "https://github.com/wpreul/oauth", | ||
@@ -16,11 +16,10 @@ "repository": { | ||
| "devDependencies": { | ||
| "chai": "*", | ||
| "mocha": "*" | ||
| "lab": "0.1.x" | ||
| }, | ||
| "optionalDependencies": {}, | ||
| "engines": { | ||
| "node": "*" | ||
| "node": ">=0.8.0" | ||
| }, | ||
| "scripts": { | ||
| "test": "make test" | ||
| "test": "make test-cov" | ||
| }, | ||
@@ -27,0 +26,0 @@ "directories": { |
| # OAuth for Node | ||
| ===== | ||
| [](https://travis-ci.org/wpreul/OAuth) | ||
| ## Contributors | ||
@@ -30,3 +32,3 @@ The following individuals have been really helpful in getting this module where it is today. | ||
| 3. A client object should have the following: | ||
| * id | ||
| * id | ||
| * secret | ||
@@ -47,3 +49,3 @@ * grantTypes (array of allowed grant types for this client, you must pass implicit if you want to allow this type) | ||
| * expiresDate | ||
| A token object will have these properties when passed to the save function: | ||
@@ -50,0 +52,0 @@ * accessToken |
@@ -1,5 +0,23 @@ | ||
| var expect = require('chai').expect, | ||
| context = require('../lib/context'); | ||
| // Load modules | ||
| var Lab = require('lab'); | ||
| var Context = require('../lib/context'); | ||
| // Declare internals | ||
| var internals = {}; | ||
| // Test shortcuts | ||
| var expect = Lab.expect; | ||
| var before = Lab.before; | ||
| var after = Lab.after; | ||
| var describe = Lab.experiment; | ||
| var it = Lab.test; | ||
| describe('context', function () { | ||
| var completeRequest = { | ||
@@ -23,57 +41,83 @@ query: { | ||
| it('returns null when an invalid request is passed in', function () { | ||
| expect(context(null)).to.be.null; | ||
| it('returns null when an invalid request is passed in', function (done) { | ||
| expect(Context(null)).to.be.null; | ||
| done(); | ||
| }); | ||
| it('has null properties when an empty request is passed in', function () { | ||
| expect(context({}).clientId).to.be.null; | ||
| it('has null properties when an empty request is passed in', function (done) { | ||
| expect(Context({}).clientId).to.be.null; | ||
| done(); | ||
| }); | ||
| it('has the correct response type with a complete request', function () { | ||
| expect(context(completeRequest).responseType).to.equal('myresponsetype'); | ||
| it('has the correct response type with a complete request', function (done) { | ||
| expect(Context(completeRequest).responseType).to.equal('myresponsetype'); | ||
| done(); | ||
| }); | ||
| it('has the correct client ID with a complete request', function () { | ||
| expect(context(completeRequest).clientId).to.equal('2'); | ||
| it('has the correct client ID with a complete request', function (done) { | ||
| expect(Context(completeRequest).clientId).to.equal('2'); | ||
| done(); | ||
| }); | ||
| it('has the correct client secret with a complete request', function () { | ||
| expect(context(completeRequest).clientSecret).to.equal('mysecret'); | ||
| it('has the correct client secret with a complete request', function (done) { | ||
| expect(Context(completeRequest).clientSecret).to.equal('mysecret'); | ||
| done(); | ||
| }); | ||
| it('has the correct code with a complete request', function () { | ||
| expect(context(completeRequest).code).to.equal('mycode'); | ||
| it('has the correct code with a complete request', function (done) { | ||
| expect(Context(completeRequest).code).to.equal('mycode'); | ||
| done(); | ||
| }); | ||
| it('has the correct grant type with a complete request', function () { | ||
| expect(context(completeRequest).grantType).to.equal('mygranttype'); | ||
| it('has the correct grant type with a complete request', function (done) { | ||
| expect(Context(completeRequest).grantType).to.equal('mygranttype'); | ||
| done(); | ||
| }); | ||
| it('has the correct state with a complete request', function () { | ||
| expect(context(completeRequest).state).to.equal('mystate'); | ||
| it('has the correct state with a complete request', function (done) { | ||
| expect(Context(completeRequest).state).to.equal('mystate'); | ||
| done(); | ||
| }); | ||
| it('has the correct password with a complete request', function () { | ||
| expect(context(completeRequest).password).to.equal('mypassword'); | ||
| it('has the correct password with a complete request', function (done) { | ||
| expect(Context(completeRequest).password).to.equal('mypassword'); | ||
| done(); | ||
| }); | ||
| it('has the correct scope with a complete request', function () { | ||
| var scope = context(completeRequest).scope; | ||
| it('has the correct scope with a complete request', function (done) { | ||
| var scope = Context(completeRequest).scope; | ||
| expect(scope[0]).to.equal('scope1'); | ||
| expect(scope[1]).to.equal('scope2'); | ||
| expect(scope[2]).to.equal('scope3'); | ||
| done(); | ||
| }); | ||
| it('has the correct redirect URI with a complete request', function () { | ||
| expect(context(completeRequest).redirectUri).to.equal('http://someredirect.com'); | ||
| it('has the correct redirect URI with a complete request', function (done) { | ||
| expect(Context(completeRequest).redirectUri).to.equal('http://someredirect.com'); | ||
| done(); | ||
| }); | ||
| it('has the correct access token with a complete request', function () { | ||
| expect(context(completeRequest).access_token).to.equal('myaccesstoken'); | ||
| it('has the correct access token with a complete request', function (done) { | ||
| expect(Context(completeRequest).access_token).to.equal('myaccesstoken'); | ||
| done(); | ||
| }); | ||
| it('has the correct username with a complete request', function () { | ||
| expect(context(completeRequest).userName).to.equal('test'); | ||
| it('has the correct username with a complete request', function (done) { | ||
| expect(Context(completeRequest).userName).to.equal('test'); | ||
| done(); | ||
| }); | ||
| }); |
119
test/util.js
@@ -1,31 +0,61 @@ | ||
| var expect = require('chai').expect, | ||
| util = require('../lib/util'); | ||
| // Load modules | ||
| var Lab = require('lab'); | ||
| var Util = require('../lib/util'); | ||
| // Declare internals | ||
| var internals = {}; | ||
| // Test shortcuts | ||
| var expect = Lab.expect; | ||
| var before = Lab.before; | ||
| var after = Lab.after; | ||
| var describe = Lab.experiment; | ||
| var it = Lab.test; | ||
| describe('doesArrayContain', function () { | ||
| var testArray = ['item1', 'item2', 'item3', 'item4'], | ||
| itemNotInArray = 'item5', | ||
| itemInArray = 'item3'; | ||
| it('returns true when an array contains an expected item', function () { | ||
| expect(util.doesArrayContain(testArray, itemInArray)).to.be.true; | ||
| var testArray = ['item1', 'item2', 'item3', 'item4']; | ||
| var itemNotInArray = 'item5'; | ||
| var itemInArray = 'item3'; | ||
| it('returns true when an array contains an expected item', function (done) { | ||
| expect(Util.doesArrayContain(testArray, itemInArray)).to.be.true; | ||
| done(); | ||
| }); | ||
| it('returns false when an array does not contain the expected item', function () { | ||
| expect(util.doesArrayContain(testArray, itemNotInArray)).to.be.false; | ||
| it('returns false when an array does not contain the expected item', function (done) { | ||
| expect(Util.doesArrayContain(testArray, itemNotInArray)).to.be.false; | ||
| done(); | ||
| }); | ||
| it('returns false when a null array is passed in', function () { | ||
| expect(util.doesArrayContain(null, itemNotInArray)).to.be.false; | ||
| it('returns false when a null array is passed in', function (done) { | ||
| expect(Util.doesArrayContain(null, itemNotInArray)).to.be.false; | ||
| done(); | ||
| }); | ||
| it('returns false when an undefined array is passed in', function () { | ||
| expect(util.doesArrayContain(null, itemNotInArray)).to.be.false; | ||
| it('returns false when an undefined array is passed in', function (done) { | ||
| expect(Util.doesArrayContain(null, itemNotInArray)).to.be.false; | ||
| done(); | ||
| }); | ||
| it('returns false when a null item passed in', function () { | ||
| expect(util.doesArrayContain(testArray, null)).to.be.false; | ||
| it('returns false when a null item passed in', function (done) { | ||
| expect(Util.doesArrayContain(testArray, null)).to.be.false; | ||
| done(); | ||
| }); | ||
| it('returns false when an undefined item passed in', function () { | ||
| expect(util.doesArrayContain(testArray, undefined)).to.be.false; | ||
| it('returns false when an undefined item passed in', function (done) { | ||
| expect(Util.doesArrayContain(testArray, undefined)).to.be.false; | ||
| done(); | ||
| }); | ||
@@ -35,36 +65,51 @@ }); | ||
| describe('buildAuthorizationUri', function () { | ||
| var redirectUri = 'http://google.com', | ||
| code = 'myCode', | ||
| token = 'myToken', | ||
| scope = ['scope1', 'scope2', 'scope3'], | ||
| state = 'randomstate', | ||
| expiresIn = new Date(); | ||
| it('contains the passed in redirect URI', function () { | ||
| expect(util.buildAuthorizationUri(redirectUri, code, token, scope, state, expiresIn)).to.contain(redirectUri); | ||
| var redirectUri = 'http://google.com'; | ||
| var code = 'myCode'; | ||
| var token = 'myToken'; | ||
| var scope = ['scope1', 'scope2', 'scope3']; | ||
| var state = 'randomstate'; | ||
| var expiresIn = new Date(); | ||
| it('contains the passed in redirect URI', function (done) { | ||
| expect(Util.buildAuthorizationUri(redirectUri, code, token, scope, state, expiresIn)).to.contain(redirectUri); | ||
| done(); | ||
| }); | ||
| it('does not have a code param when a null code is passed in', function () { | ||
| expect(util.buildAuthorizationUri(redirectUri, null, token, scope, state, expiresIn)).to.not.contain('code'); | ||
| it('does not have a code param when a null code is passed in', function (done) { | ||
| expect(Util.buildAuthorizationUri(redirectUri, null, token, scope, state, expiresIn)).to.not.contain('code'); | ||
| done(); | ||
| }); | ||
| it('does not have a token param when a null token is passed in', function () { | ||
| expect(util.buildAuthorizationUri(redirectUri, code, null, scope, state, expiresIn)).to.not.contain('token'); | ||
| it('does not have a token param when a null token is passed in', function (done) { | ||
| expect(Util.buildAuthorizationUri(redirectUri, code, null, scope, state, expiresIn)).to.not.contain('token'); | ||
| done(); | ||
| }); | ||
| it('does not have a token or code when both are null', function () { | ||
| expect(util.buildAuthorizationUri(redirectUri, null, null, scope, state, expiresIn)).to.not.contain('token'); | ||
| it('does not have a token or code when both are null', function (done) { | ||
| expect(Util.buildAuthorizationUri(redirectUri, null, null, scope, state, expiresIn)).to.not.contain('token'); | ||
| done(); | ||
| }); | ||
| it('does not throw an error when a null scope is passed in', function () { | ||
| expect(util.buildAuthorizationUri(redirectUri, code, token, null, state, expiresIn)).to.be.ok; | ||
| it('does not throw an error when a null scope is passed in', function (done) { | ||
| expect(Util.buildAuthorizationUri(redirectUri, code, token, null, state, expiresIn)).to.be.ok; | ||
| done(); | ||
| }); | ||
| it('does not throw an error when a null state is passed in', function () { | ||
| expect(util.buildAuthorizationUri(redirectUri, code, token, scope, null, expiresIn)).to.be.ok; | ||
| it('does not throw an error when a null state is passed in', function (done) { | ||
| expect(Util.buildAuthorizationUri(redirectUri, code, token, scope, null, expiresIn)).to.be.ok; | ||
| done(); | ||
| }); | ||
| it('does not throw an error when a null expires time is passed in', function () { | ||
| expect(util.buildAuthorizationUri(redirectUri, code, token, scope, state, null)).to.be.ok; | ||
| it('does not throw an error when a null expires time is passed in', function (done) { | ||
| expect(Util.buildAuthorizationUri(redirectUri, code, token, scope, state, null)).to.be.ok; | ||
| done(); | ||
| }); | ||
| }); |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
Possible typosquat attack
Supply chain riskThere is a package with a similar name that is downloaded much more often.
| Did you mean |
|---|
oauth2-server |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3.46%
35760
- Dev dependency count
- decreased by-50%
1
- Number of package files
- increased by5.88%
18
- Lines of code
- increased by11.35%
716
- Number of lines in readme file
- increased by2.86%
72
- Number of critical supply chain risk alerts
- decreased by-100%
0
- Number of medium supply chain risk alerts
- decreased by-50%
1
No dependency changes