-/* eslint-env mocha */
-/* eslint-disable capitalized-comments, sonarjs/no-duplicate-string, sonarjs/no-identical-functions */
+/* eslint-disable sonarjs/no-duplicate-string */
'use strict';
const assert = require('assert');
-const sinon = require('sinon'); // eslint-disable-line node/no-unpublished-require
+const sinon = require('sinon');
const Manager = require('../../src/manager');
const Config = require('../../config');
assert.deepStrictEqual(result, []);
});
it('filters invalid scopes', function () {
- ctx.parsedBody['accepted_scopes'] = ['read', 'email'];
+ ctx.parsedBody['accepted_scopes[]'] = ['read', 'email'];
ctx.parsedBody['ad_hoc_scopes'] = 'bad"scope create ';
const result = manager._parseConsentScopes(ctx);
assert.deepStrictEqual(result, ['read', 'create']);
assert(ctx.session.error);
});
it('removes email scope without profile', async function () {
- ctx.parsedBody['accepted_scopes'] = ['email', 'create'];
+ ctx.parsedBody['accepted_scopes[]'] = ['email', 'create'];
await manager.postConsent(res, ctx);
assert(!ctx.session.acceptedScopes.includes('email'));
});
it('merges valid ad-hoc scopes', async function () {
- ctx.parsedBody['accepted_scopes'] = ['email', 'create'];
+ ctx.parsedBody['accepted_scopes[]'] = ['email', 'create'];
ctx.parsedBody['ad_hoc_scopes'] = ' my:scope "badScope';
await manager.postConsent(res, ctx);
assert(ctx.session.acceptedScopes.includes('my:scope'));
manager.mysteryBox.unpack.resolves({});
req.getHeader.returns('Bearer XXX');
await manager._checkTokenValidationRequest(dbCtx, req, ctx);
- assert(ctx.session.error)
+ assert(ctx.session.error);
});
it('covers no token', async function () {
manager.mysteryBox.unpack.resolves({ c: 'xxx' });
req.getHeader.returns('Bearer XXX');
await manager._checkTokenValidationRequest(dbCtx, req, ctx);
- assert(ctx.session.error)
+ assert(ctx.session.error);
});
it('covers db error', async function () {
manager.mysteryBox.unpack.resolves({ c: 'xxx' });
describe('save-scopes action', function () {
beforeEach(function () {
ctx.parsedBody['action'] = 'save-scopes';
- ctx.parsedBody['scopes-https://profile/example.com/'] = ['scope1', 'scope2'];
+ ctx.parsedBody['scopes-https://profile/example.com/[]'] = ['scope1', 'scope2'];
});
it('covers saving scopes', async function () {
await manager.postAdmin(res, ctx);
describe('postAdminTicket', function () {
beforeEach(function () {
ctx.parsedBody['action'] = 'proffer-ticket';
- ctx.parsedBody['scopes'] = ['read', 'role:private'];
+ ctx.parsedBody['scopes[]'] = ['read', 'role:private'];
ctx.parsedBody['adhoc'] = 'adhoc_scope';
ctx.parsedBody['profile'] = 'https://profile.example.com/';
ctx.parsedBody['resource'] = 'https://profile.example.com/feed';
ctx.parsedBody['profile'] = 'bad url';
ctx.parsedBody['resource'] = 'bad url';
ctx.parsedBody['subject'] = 'bad url';
- ctx.parsedBody['scopes'] = ['fl"hrgl', 'email'];
+ ctx.parsedBody['scopes[]'] = ['fl"hrgl', 'email'];
await manager.postAdminTicket(res, ctx);
assert(res.end.called);
assert.strictEqual(ctx.errors.length, 5);