From 772b876a939d45530aad9f4134db1cd3232985f8 Mon Sep 17 00:00:00 2001
From: Tiago Botelho <tiagonbotelho@hotmail.com>
Date: Thu, 26 Apr 2018 15:03:03 +0100
Subject: [PATCH] Adds spec for omni_auth jwt strategy

---
 spec/lib/omni_auth/strategies/jwt_spec.rb | 87 +++++++++++++++++++++++
 1 file changed, 87 insertions(+)
 create mode 100644 spec/lib/omni_auth/strategies/jwt_spec.rb

diff --git a/spec/lib/omni_auth/strategies/jwt_spec.rb b/spec/lib/omni_auth/strategies/jwt_spec.rb
new file mode 100644
index 00000000000..23485fbcb18
--- /dev/null
+++ b/spec/lib/omni_auth/strategies/jwt_spec.rb
@@ -0,0 +1,87 @@
+require 'spec_helper'
+
+describe OmniAuth::Strategies::Jwt do
+  include Rack::Test::Methods
+  include DeviseHelpers
+
+  context '.decoded' do
+    let(:strategy) { described_class.new({}) }
+    let(:timestamp) { Time.now.to_i }
+    let(:jwt_config) { Devise.omniauth_configs[:jwt] }
+    let(:key) { JWT.encode(claims, jwt_config.strategy.secret) }
+
+    let(:claims) do
+      {
+        id: 123,
+        name: "user_example",
+        email: "user@example.com",
+        iat: timestamp
+      }
+    end
+
+    before do
+      allow_any_instance_of(OmniAuth::Strategy).to receive(:options).and_return(jwt_config.strategy)
+      allow_any_instance_of(Rack::Request).to receive(:params).and_return({ 'jwt' => key })
+    end
+
+    it 'decodes the user information' do
+      result = strategy.decoded
+
+      expect(result["id"]).to eq(123)
+      expect(result["name"]).to eq("user_example")
+      expect(result["email"]).to eq("user@example.com")
+      expect(result["iat"]).to eq(timestamp)
+    end
+
+    context 'required claims is missing' do
+      let(:claims) do
+        {
+          id: 123,
+          email: "user@example.com",
+          iat: timestamp
+        }
+      end
+
+      it 'raises error' do
+        expect { strategy.decoded }.to raise_error(OmniAuth::Strategies::JWT::ClaimInvalid)
+      end
+    end
+
+    context 'when valid_within is specified but iat attribute is missing in response' do
+      let(:claims) do
+        {
+          id: 123,
+          name: "user_example",
+          email: "user@example.com"
+        }
+      end
+
+      before do
+        jwt_config.strategy.valid_within = Time.now.to_i
+      end
+
+      it 'raises error' do
+        expect { strategy.decoded }.to raise_error(OmniAuth::Strategies::JWT::ClaimInvalid)
+      end
+    end
+
+    context 'when timestamp claim is too skewed from present' do
+      let(:claims) do
+        {
+          id: 123,
+          name: "user_example",
+          email: "user@example.com",
+          iat: timestamp - 10.minutes.to_i
+        }
+      end
+
+      before do
+        jwt_config.strategy.valid_within = 2.seconds
+      end
+
+      it 'raises error' do
+        expect { strategy.decoded }.to raise_error(OmniAuth::Strategies::JWT::ClaimInvalid)
+      end
+    end
+  end
+end