153 lines
4.6 KiB
JavaScript
153 lines
4.6 KiB
JavaScript
/* jslint node:true */
|
|
/* global it:false */
|
|
/* global describe:false */
|
|
/* global before:false */
|
|
/* global after:false */
|
|
|
|
'use strict';
|
|
|
|
const BoxError = require('../boxerror.js'),
|
|
common = require('./common.js'),
|
|
expect = require('expect.js'),
|
|
safe = require('safetydance'),
|
|
tokens = require('../tokens.js');
|
|
|
|
describe('Tokens', function () {
|
|
const { setup, cleanup } = common;
|
|
|
|
before(setup);
|
|
after(cleanup);
|
|
|
|
const TOKEN_0 = {
|
|
id: null,
|
|
name: 'token0',
|
|
accessToken: null,
|
|
identifier: '0',
|
|
clientId: 'clientid-0',
|
|
expires: Date.now() + 60 * 60000,
|
|
lastUsedTime: null,
|
|
scope: 'unused'
|
|
};
|
|
|
|
it('add succeeds', async function () {
|
|
const { id, accessToken } = await tokens.add(TOKEN_0);
|
|
TOKEN_0.id = id;
|
|
TOKEN_0.accessToken = accessToken;
|
|
});
|
|
|
|
it('add fails with bad name', async function () {
|
|
const badToken = Object.assign({}, TOKEN_0);
|
|
badToken.name = new Array(100).fill('x').join('');
|
|
const [error] = await safe(tokens.add(badToken));
|
|
expect(error.reason).to.be(BoxError.BAD_FIELD);
|
|
});
|
|
|
|
it('get succeeds', async function () {
|
|
const result = await tokens.get(TOKEN_0.id);
|
|
expect(result).to.be.eql(TOKEN_0);
|
|
});
|
|
|
|
it('getByAccessToken succeeds', async function () {
|
|
const result = await tokens.getByAccessToken(TOKEN_0.accessToken);
|
|
expect(result).to.be.eql(TOKEN_0);
|
|
});
|
|
|
|
it('get of nonexisting token fails', async function () {
|
|
const result = await tokens.getByAccessToken('somerandomaccesstoken');
|
|
expect(result).to.be(null);
|
|
});
|
|
|
|
it('listByUserId succeeds', async function () {
|
|
const result = await tokens.listByUserId(TOKEN_0.identifier);
|
|
expect(result).to.be.an(Array);
|
|
expect(result.length).to.equal(1);
|
|
expect(result[0]).to.be.an('object');
|
|
expect(result[0]).to.be.eql(TOKEN_0);
|
|
});
|
|
|
|
it('delete fails', async function () {
|
|
const [error] = await safe(tokens.del(TOKEN_0.id + 'x'));
|
|
expect(error).to.be.a(BoxError);
|
|
expect(error.reason).to.be(BoxError.NOT_FOUND);
|
|
});
|
|
|
|
it('delete succeeds', async function () {
|
|
await tokens.del(TOKEN_0.id);
|
|
});
|
|
|
|
it('get returns null after token deletion', async function () {
|
|
const result = await tokens.get(TOKEN_0.id);
|
|
expect(result).to.be(null);
|
|
});
|
|
|
|
it('cannot delete previously delete record', async function () {
|
|
const [error] = await safe(tokens.del(TOKEN_0.id));
|
|
expect(error).to.be.a(BoxError);
|
|
expect(error.reason).to.be(BoxError.NOT_FOUND);
|
|
});
|
|
|
|
it('delExpired succeeds', async function () {
|
|
const token1 = {
|
|
name: 'token1',
|
|
identifier: '1',
|
|
clientId: 'clientid-1',
|
|
expires: Number.MAX_SAFE_INTEGER,
|
|
lastUsedTime: null,
|
|
scope: 'unused'
|
|
};
|
|
const token2 = {
|
|
name: 'token2',
|
|
identifier: '2',
|
|
clientId: 'clientid-2',
|
|
expires: Date.now(),
|
|
lastUsedTime: null
|
|
};
|
|
|
|
let result = await tokens.add(token1);
|
|
token1.id = result.id;
|
|
token1.accessToken = result.accessToken;
|
|
|
|
result = await tokens.add(token2);
|
|
token2.id = result.id;
|
|
token2.accessToken = result.accessToken;
|
|
|
|
await tokens.delExpired();
|
|
|
|
result = await tokens.getByAccessToken(token2.accessToken);
|
|
expect(result).to.be(null);
|
|
|
|
result = await tokens.getByAccessToken(token1.accessToken);
|
|
expect(result).to.eql(token1);
|
|
});
|
|
|
|
it('delByUserIdAndType succeeds', async function () {
|
|
const token1 = {
|
|
name: 'token1',
|
|
identifier: 'user1',
|
|
clientId: tokens.ID_WEBADMIN,
|
|
expires: Number.MAX_SAFE_INTEGER,
|
|
lastUsedTime: null,
|
|
scope: 'unused'
|
|
};
|
|
const token2 = {
|
|
name: 'token2',
|
|
identifier: 'user1',
|
|
clientId: tokens.ID_SDK,
|
|
expires: Date.now(),
|
|
lastUsedTime: null
|
|
};
|
|
|
|
await tokens.add(token1);
|
|
await tokens.add(token2);
|
|
|
|
await tokens.delByUserIdAndType('user2', tokens.ID_WEBADMIN);
|
|
let result = await tokens.listByUserId('user1');
|
|
expect(result.length).to.be(2); // should not have deleted user1 tokens
|
|
|
|
await tokens.delByUserIdAndType('user1', tokens.ID_WEBADMIN);
|
|
result = await tokens.listByUserId('user1');
|
|
expect(result.length).to.be(1);
|
|
expect(result[0].name).to.be(token2.name);
|
|
});
|
|
});
|