X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Flib%2Fcommunication.js;h=a94bf90f6dfed98063916f5500af4430e6d64a34;hb=e486f80a4e7a1f65498335e7408f3301c9e7cb44;hp=5c41469db57a763c3fc202cb769c77b5566e1e3b;hpb=8daa668e5a0485b5f0e2b07203d9fb237d7f761c;p=squeep-indieauth-helper diff --git a/test/lib/communication.js b/test/lib/communication.js index 5c41469..a94bf90 100644 --- a/test/lib/communication.js +++ b/test/lib/communication.js @@ -7,12 +7,12 @@ const assert = require('assert'); const sinon = require('sinon'); // eslint-disable-line node/no-unpublished-require const Communication = require('../../lib/communication'); +const { ValidationError } = require('../../lib/errors'); +const dns = require('dns'); const stubLogger = require('../stub-logger'); const testData = require('../test-data/communication'); -const noExpectedException = 'did not get expected exception'; - describe('Communication', function () { let communication, options; @@ -67,12 +67,7 @@ describe('Communication', function () { assert.strictEqual(result.codeChallengeMethod, 'S256'); }); it('covers error', async function () { - try { - await Communication.generatePKCE(1); - assert.fail(noExpectedException); - } catch (e) { - assert(e instanceof RangeError); - } + await assert.rejects(() => Communication.generatePKCE(1)); }); }); // generatePKCE @@ -102,12 +97,7 @@ describe('Communication', function () { const method = 'MD5'; const challenge = 'xkfP7DUYDsnu07Kg6ogc8A'; const verifier = 'VGhpcyBpcyBhIHNlY3JldC4u'; - try { - Communication.verifyChallenge(challenge, verifier, method); - assert.fail(noExpectedException); - } catch (e) { - assert(e.message.includes('unsupported')); - } + assert.throws(() => Communication.verifyChallenge(challenge, verifier, method)); }); }); // verifyChallenge @@ -160,6 +150,7 @@ describe('Communication', function () { }, params: expectedUrlObj.searchParams, responseType: 'text', + validateStatus: Communication._validateStatus, }; const result = Communication._axiosConfig(method, urlObj, body, params, { 'Content-Type': contentType, @@ -177,6 +168,7 @@ describe('Communication', function () { headers: {}, params: expectedUrlObj.searchParams, responseType: 'text', + validateStatus: Communication._validateStatus, }; const result = Communication._axiosConfig(method, urlObj); delete result.transformResponse; @@ -194,17 +186,32 @@ describe('Communication', function () { headers: {}, params: urlObj.searchParams, responseType: 'text', + validateStatus: Communication._validateStatus, }; const result = Communication._axiosConfig(method, urlObj, body, params, {}); delete result.transformResponse; assert.deepStrictEqual(result, expected); - }); it('covers null response transform', function () { const urlObj = new URL(requestUrl); const result = Communication._axiosConfig('GET', urlObj, undefined, {}, {}); result.transformResponse[0](); }); + + describe('_validateStatus', function () { + it('allows normal valid', function () { + const result = Communication._validateStatus(200); + assert.strictEqual(result, true); + }); + it('allows unauthorized', function () { + const result = Communication._validateStatus(401); + assert.strictEqual(result, true); + }); + it('rejects invalid', function () { + const result = Communication._validateStatus(400); + assert.strictEqual(result, false); + }); + }); // _validateStatus }); // Axios Configurations describe('_baseUrlString', function () { @@ -516,6 +523,115 @@ describe('Communication', function () { }); }); // fetchJSON + describe('validateProfile', function () { + let url, validationOptions; + beforeEach(function () { + url = 'https://example.com/'; + validationOptions = {}; + sinon.stub(dns, 'lookupAsync').resolves([{ family: 4, address: '10.11.12.14' }]); + }); + it('rejects invalid url', async function () { + url = 'bad url'; + await assert.rejects(() => communication.validateProfile(url, validationOptions), ValidationError); + }); + it('covers success', async function () { + const result = await communication.validateProfile(url, validationOptions); + assert.strictEqual(result.isLoopback, false); + }); + it('rejects invalid', async function () { + url = 'ftp://example.com/'; + await assert.rejects(() => communication.validateProfile(url, validationOptions), ValidationError); + }); + + }); // validateProfile + + describe('validateClientIdentifier', function () { + let url, validationOptions; + beforeEach(function () { + url = 'https://example.com/'; + validationOptions = {}; + sinon.stub(dns, 'lookupAsync').resolves([{ family: 4, address: '10.11.12.13' }]); + }); + it('rejects invalid url', async function () { + await assert.rejects(() => communication.validateClientIdentifier('bad url'), ValidationError); + }); + it('rejects invalid scheme', async function () { + url = 'ftp://example.com/'; + await assert.rejects(() => communication.validateClientIdentifier(url, validationOptions), ValidationError); + }); + it('rejects fragment', async function () { + url = 'https://example.com/#foo'; + await assert.rejects(() => communication.validateClientIdentifier(url, validationOptions), ValidationError); + }); + it('rejects username', async function () { + url = 'https://user@example.com/'; + await assert.rejects(() => communication.validateClientIdentifier(url, validationOptions), ValidationError); + }); + it('rejects password', async function () { + url = 'https://:foo@example.com/'; + await assert.rejects(() => communication.validateClientIdentifier(url, validationOptions), ValidationError); + }); + it('rejects relative path', async function () { + url = 'https://example.com/client/../sneaky'; + await assert.rejects(() => communication.validateClientIdentifier(url, validationOptions), ValidationError); + }); + it('rejects ipv4', async function () { + url = 'https://10.11.12.13/'; + await assert.rejects(() => communication.validateClientIdentifier(url, validationOptions), ValidationError); + }); + it('rejects ipv6', async function () { + url = 'https://[fd64:defa:00e5:caf4:0dff::ad39]/'; + await assert.rejects(() => communication.validateClientIdentifier(url, validationOptions), ValidationError); + }); + it('accepts ipv4 loopback', async function () { + url = 'https://127.0.0.1/'; + const result = await communication.validateClientIdentifier(url, validationOptions); + assert.strictEqual(result.isLoopback, true); + }); + it('accepts ipv6 loopback', async function () { + url = 'https://[::1]/'; + const result = await communication.validateClientIdentifier(url, validationOptions); + assert.strictEqual(result.isLoopback, true); + }); + it('accepts resolved ipv4 loopback', async function () { + dns.lookupAsync.resolves([{ family: 4, address: '127.0.0.1' }]); + const result = await communication.validateClientIdentifier(url, validationOptions); + assert.strictEqual(result.isLoopback, true); + }); + it('accepts resolved ipv6 loopback', async function () { + dns.lookupAsync.resolves([{ family: 6, address: '::1' }]); + const result = await communication.validateClientIdentifier(url, validationOptions); + assert.strictEqual(result.isLoopback, true); + }); + it('covers success', async function () { + const result = await communication.validateClientIdentifier(url, validationOptions); + assert.strictEqual(result.isLoopback, false); + }); + it('rejects resolution failure', async function () { + dns.lookupAsync.rejects(new Error('oh no')); + await assert.rejects(() => communication.validateClientIdentifier(url, validationOptions), ValidationError); + }); + it('rejects mismatched resolutions', async function () { + dns.lookupAsync.onCall(1).resolves([{ family: 4, address: '10.9.8.7' }]); + await assert.rejects(() => communication.validateClientIdentifier(url, validationOptions), ValidationError); + }); + it('ignores unknown dns family', async function () { + dns.lookupAsync.resolves([{ family: 5, address: '10.9.8.7' }]); + const result = await communication.validateClientIdentifier(url, validationOptions); + assert.strictEqual(result.isLoopback, false); + }); + it('covers rooted hostname', async function() { + url = 'https://example.com./'; + const result = await communication.validateClientIdentifier(url, validationOptions); + assert.strictEqual(result.isLoopback, false); + }); + it('covers unresolved', async function () { + dns.lookupAsync.resolves(); + const result = await communication.validateClientIdentifier(url, validationOptions); + assert.strictEqual(result.isLoopback, false); + }); + }); // validateClientIdentifier + describe('fetchClientIdentifier', function () { let expected, response, result, urlObj; beforeEach(function () { @@ -592,6 +708,17 @@ describe('Communication', function () { result = await communication.fetchClientIdentifier(urlObj); assert.deepStrictEqual(result, expected); }); + it('covers loopback', async function () { + sinon.spy(communication, 'fetchMicroformat'); + urlObj.isLoopback = true; + expected = { + rels: {}, + items: [], + }; + result = await communication.fetchClientIdentifier(urlObj); + assert.deepStrictEqual(result, expected); + assert(communication.fetchMicroformat.notCalled); + }); }); // fetchClientIdentifier describe('fetchProfile', function () { @@ -743,9 +870,9 @@ describe('Communication', function () { }); }); // fetchProfile - describe('redeemProfileCode', function () { + describe('redeemCode', function () { let expected, urlObj, code, codeVerifier, clientId, redirectURI; - this.beforeEach(function () { + beforeEach(function () { urlObj = new URL('https://example.com/auth'); code = Buffer.allocUnsafe(42).toString('base64').replace('/', '_').replace('+', '-'); codeVerifier = Buffer.allocUnsafe(42).toString('base64').replace('/', '_').replace('+', '-'); @@ -760,6 +887,18 @@ describe('Communication', function () { me: 'https://profile.example.com/', }; + const result = await communication.redeemCode(urlObj, code, codeVerifier, clientId, redirectURI); + + assert.deepStrictEqual(result, expected); + }); + it('covers deprecated method name', async function () { + communication.axios.resolves({ + data: '{"me":"https://profile.example.com/"}', + }); + expected = { + me: 'https://profile.example.com/', + }; + const result = await communication.redeemProfileCode(urlObj, code, codeVerifier, clientId, redirectURI); assert.deepStrictEqual(result, expected); @@ -767,9 +906,68 @@ describe('Communication', function () { it('covers failure', async function () { communication.axios.resolves('Not a JSON payload.'); - const result = await communication.redeemProfileCode(urlObj, code, codeVerifier, clientId, redirectURI); + const result = await communication.redeemCode(urlObj, code, codeVerifier, clientId, redirectURI); assert.strictEqual(result, undefined); }); - }); -}); // Communication \ No newline at end of file + }); // redeemCode + + describe('introspectToken', function () { + let introspectionUrlObj, authenticationHeader, token; + beforeEach(function () { + introspectionUrlObj = new URL('https://ia.example.com/introspect'); + authenticationHeader = 'Bearer XXX'; + token = 'xxx'; + }); + it('covers success active', async function () { + const nowEpoch = Math.ceil(Date.now() / 1000); + communication.axios.resolves({ + data: JSON.stringify({ + active: true, + me: 'https://profile.example.com/', + 'client_id': 'https://app.example.com/', + scope: 'create profile email', + exp: nowEpoch + 86400, + iat: nowEpoch, + }), + }); + const result = await communication.introspectToken(introspectionUrlObj, authenticationHeader, token); + assert.strictEqual(result.active, true); + }); + it('covers success inactive', async function () { + communication.axios.resolves({ + data: JSON.stringify({ + active: false, + }), + }); + const result = await communication.introspectToken(introspectionUrlObj, authenticationHeader, token); + assert.strictEqual(result.active, false); + }); + it('covers failure', async function () { + communication.axios.resolves('what kind of response is this?'); + await assert.rejects(() => communication.introspectToken(introspectionUrlObj, authenticationHeader, token)); + }); + }); // introspectToken + + describe('deliverTicket', function () { + let ticketEndpointUrlObj, resourceUrlObj, subjectUrlObj, ticket; + beforeEach(function () { + ticketEndpointUrlObj = new URL('https://ticket.example.com/'); + resourceUrlObj = new URL('https://resource.example.com/'); + subjectUrlObj = new URL('https://subject.example.com/'); + ticket = 'XXXThisIsATicketXXX'; + }); + it('covers success', async function () { + const expected = { data: 'blah', statusCode: 200 }; + communication.axios.resolves(expected); + const result = await communication.deliverTicket(ticketEndpointUrlObj, resourceUrlObj, subjectUrlObj, ticket); + assert.deepStrictEqual(result, expected); + }); + it('covers failure', async function () { + const expectedException = new Error('oh no'); + communication.axios.rejects(expectedException); + await assert.rejects(() => communication.deliverTicket(ticketEndpointUrlObj, resourceUrlObj, subjectUrlObj, ticket), expectedException); + }); + }); // deliverTicket + +}); // Communication