88 lines
2.2 KiB
Ruby
88 lines
2.2 KiB
Ruby
|
require 'spec_helper'
|
||
|
|
||
|
describe OmniAuth::Strategies::Jwt do
|
||
|
include Rack::Test::Methods
|
||
|
include DeviseHelpers
|
||
|
|
||
|
context '.decoded' do
|
||
|
let(:strategy) { described_class.new({}) }
|
||
|
let(:timestamp) { Time.now.to_i }
|
||
|
let(:jwt_config) { Devise.omniauth_configs[:jwt] }
|
||
|
let(:key) { JWT.encode(claims, jwt_config.strategy.secret) }
|
||
|
|
||
|
let(:claims) do
|
||
|
{
|
||
|
id: 123,
|
||
|
name: "user_example",
|
||
|
email: "user@example.com",
|
||
|
iat: timestamp
|
||
|
}
|
||
|
end
|
||
|
|
||
|
before do
|
||
|
allow_any_instance_of(OmniAuth::Strategy).to receive(:options).and_return(jwt_config.strategy)
|
||
|
allow_any_instance_of(Rack::Request).to receive(:params).and_return({ 'jwt' => key })
|
||
|
end
|
||
|
|
||
|
it 'decodes the user information' do
|
||
|
result = strategy.decoded
|
||
|
|
||
|
expect(result["id"]).to eq(123)
|
||
|
expect(result["name"]).to eq("user_example")
|
||
|
expect(result["email"]).to eq("user@example.com")
|
||
|
expect(result["iat"]).to eq(timestamp)
|
||
|
end
|
||
|
|
||
|
context 'required claims is missing' do
|
||
|
let(:claims) do
|
||
|
{
|
||
|
id: 123,
|
||
|
email: "user@example.com",
|
||
|
iat: timestamp
|
||
|
}
|
||
|
end
|
||
|
|
||
|
it 'raises error' do
|
||
|
expect { strategy.decoded }.to raise_error(OmniAuth::Strategies::JWT::ClaimInvalid)
|
||
|
end
|
||
|
end
|
||
|
|
||
|
context 'when valid_within is specified but iat attribute is missing in response' do
|
||
|
let(:claims) do
|
||
|
{
|
||
|
id: 123,
|
||
|
name: "user_example",
|
||
|
email: "user@example.com"
|
||
|
}
|
||
|
end
|
||
|
|
||
|
before do
|
||
|
jwt_config.strategy.valid_within = Time.now.to_i
|
||
|
end
|
||
|
|
||
|
it 'raises error' do
|
||
|
expect { strategy.decoded }.to raise_error(OmniAuth::Strategies::JWT::ClaimInvalid)
|
||
|
end
|
||
|
end
|
||
|
|
||
|
context 'when timestamp claim is too skewed from present' do
|
||
|
let(:claims) do
|
||
|
{
|
||
|
id: 123,
|
||
|
name: "user_example",
|
||
|
email: "user@example.com",
|
||
|
iat: timestamp - 10.minutes.to_i
|
||
|
}
|
||
|
end
|
||
|
|
||
|
before do
|
||
|
jwt_config.strategy.valid_within = 2.seconds
|
||
|
end
|
||
|
|
||
|
it 'raises error' do
|
||
|
expect { strategy.decoded }.to raise_error(OmniAuth::Strategies::JWT::ClaimInvalid)
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
end
|