Adds spec for omni_auth jwt strategy
This commit is contained in:
parent
699ecad78c
commit
772b876a93
|
@ -0,0 +1,87 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe OmniAuth::Strategies::Jwt do
|
||||
include Rack::Test::Methods
|
||||
include DeviseHelpers
|
||||
|
||||
context '.decoded' do
|
||||
let(:strategy) { described_class.new({}) }
|
||||
let(:timestamp) { Time.now.to_i }
|
||||
let(:jwt_config) { Devise.omniauth_configs[:jwt] }
|
||||
let(:key) { JWT.encode(claims, jwt_config.strategy.secret) }
|
||||
|
||||
let(:claims) do
|
||||
{
|
||||
id: 123,
|
||||
name: "user_example",
|
||||
email: "user@example.com",
|
||||
iat: timestamp
|
||||
}
|
||||
end
|
||||
|
||||
before do
|
||||
allow_any_instance_of(OmniAuth::Strategy).to receive(:options).and_return(jwt_config.strategy)
|
||||
allow_any_instance_of(Rack::Request).to receive(:params).and_return({ 'jwt' => key })
|
||||
end
|
||||
|
||||
it 'decodes the user information' do
|
||||
result = strategy.decoded
|
||||
|
||||
expect(result["id"]).to eq(123)
|
||||
expect(result["name"]).to eq("user_example")
|
||||
expect(result["email"]).to eq("user@example.com")
|
||||
expect(result["iat"]).to eq(timestamp)
|
||||
end
|
||||
|
||||
context 'required claims is missing' do
|
||||
let(:claims) do
|
||||
{
|
||||
id: 123,
|
||||
email: "user@example.com",
|
||||
iat: timestamp
|
||||
}
|
||||
end
|
||||
|
||||
it 'raises error' do
|
||||
expect { strategy.decoded }.to raise_error(OmniAuth::Strategies::JWT::ClaimInvalid)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when valid_within is specified but iat attribute is missing in response' do
|
||||
let(:claims) do
|
||||
{
|
||||
id: 123,
|
||||
name: "user_example",
|
||||
email: "user@example.com"
|
||||
}
|
||||
end
|
||||
|
||||
before do
|
||||
jwt_config.strategy.valid_within = Time.now.to_i
|
||||
end
|
||||
|
||||
it 'raises error' do
|
||||
expect { strategy.decoded }.to raise_error(OmniAuth::Strategies::JWT::ClaimInvalid)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when timestamp claim is too skewed from present' do
|
||||
let(:claims) do
|
||||
{
|
||||
id: 123,
|
||||
name: "user_example",
|
||||
email: "user@example.com",
|
||||
iat: timestamp - 10.minutes.to_i
|
||||
}
|
||||
end
|
||||
|
||||
before do
|
||||
jwt_config.strategy.valid_within = 2.seconds
|
||||
end
|
||||
|
||||
it 'raises error' do
|
||||
expect { strategy.decoded }.to raise_error(OmniAuth::Strategies::JWT::ClaimInvalid)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue