+ }); // redeemCode
+
+ describe('introspectToken', function () {
+ let introspectionUrlObj, authenticationHeader, token;
+ beforeEach(function () {
+ introspectionUrlObj = new URL('https://ia.example.com/introspect');
+ authenticationHeader = 'Bearer XXX';
+ token = 'xxx';
+ });
+ it('covers success active', async function () {
+ const nowEpoch = Math.ceil(Date.now() / 1000);
+ communication.got.resolves({
+ body: {
+ active: true,
+ me: 'https://profile.example.com/',
+ 'client_id': 'https://app.example.com/',
+ scope: 'create profile email',
+ exp: nowEpoch + 86400,
+ iat: nowEpoch,
+ },
+ });
+ const result = await communication.introspectToken(introspectionUrlObj, authenticationHeader, token);
+ assert.strictEqual(result.active, true);
+ });
+ it('covers success inactive', async function () {
+ communication.got.resolves({
+ body: {
+ active: false,
+ },
+ });
+ const result = await communication.introspectToken(introspectionUrlObj, authenticationHeader, token);
+ assert.strictEqual(result.active, false);
+ });
+ it('covers failure', async function () {
+ communication.got.resolves({ body: 'what kind of response is this?' });
+ await assert.rejects(() => communication.introspectToken(introspectionUrlObj, authenticationHeader, token));
+ });
+ }); // introspectToken
+
+ describe('deliverTicket', function () {
+ let ticketEndpointUrlObj, resourceUrlObj, subjectUrlObj, ticket, issuerUrlObj;
+ beforeEach(function () {
+ ticketEndpointUrlObj = new URL('https://ticket.example.com/');
+ resourceUrlObj = new URL('https://resource.example.com/');
+ subjectUrlObj = new URL('https://subject.example.com/');
+ issuerUrlObj = new URL('https://idp.example.com/');
+ ticket = 'XXXThisIsATicketXXX';
+ });
+ it('covers success', async function () {
+ const expected = { body: 'blah', statusCode: 200 };
+ communication.got.resolves(expected);
+ const result = await communication.deliverTicket(ticketEndpointUrlObj, resourceUrlObj, subjectUrlObj, ticket, issuerUrlObj);
+ assert.deepStrictEqual(result, expected);
+ });
+ it('covers success, no issuer', async function () {
+ const expected = { body: 'blah', statusCode: 200 };
+ communication.got.resolves(expected);
+ const result = await communication.deliverTicket(ticketEndpointUrlObj, resourceUrlObj, subjectUrlObj, ticket);
+ assert.deepStrictEqual(result, expected);
+ });
+ it('covers failure', async function () {
+ const expectedException = new Error('oh no');
+ communication.got.rejects(expectedException);
+ await assert.rejects(() => communication.deliverTicket(ticketEndpointUrlObj, resourceUrlObj, subjectUrlObj, ticket), expectedException);
+ });
+ }); // deliverTicket
+
+ describe('_fetchMetadataOrTokenEndpoint', function () {
+ let urlObj, metadataUrl, tokenUrl;
+ beforeEach(function () {
+ urlObj = new URL('https://idp.example.com/');
+ metadataUrl = new URL('https://idp.example.com/meta');
+ tokenUrl = new URL('https://idp.example.com/token');
+ sinon.stub(communication, 'fetchMicroformat').resolves({
+ rels: {
+ 'indieauth-metadata': [ metadataUrl.href ],
+ 'token_endpoint': [ tokenUrl.href ],
+ },
+ });
+ });
+ it('covers success', async function () {
+ const expected = {
+ metadataUrl,
+ tokenUrl: undefined,
+ };
+ const result = await communication._fetchMetadataOrTokenEndpoint(urlObj);
+ assert.deepStrictEqual(result, expected);
+ });
+ it('covers bad metadata url', async function () {
+ communication.fetchMicroformat.resolves({
+ rels: {
+ 'indieauth-metadata': [ 'not a url' ],
+ 'token_endpoint': [ tokenUrl.href ],
+ },
+ });
+ const expected = {
+ metadataUrl: undefined,
+ tokenUrl,
+ };
+ const result = await communication._fetchMetadataOrTokenEndpoint(urlObj);
+ assert.deepStrictEqual(result, expected);
+ });
+ it('covers bad token url', async function () {
+ communication.fetchMicroformat.resolves({
+ rels: {
+ 'indieauth-metadata': [],
+ 'token_endpoint': [ 'not a url' ],
+ },
+ });
+ const expected = {
+ metadataUrl: undefined,
+ tokenUrl: undefined,
+ };
+ const result = await communication._fetchMetadataOrTokenEndpoint(urlObj);
+ assert.deepStrictEqual(result, expected);
+ });
+ it('covers no rels', async function () {
+ communication.fetchMicroformat.resolves({
+ rels: {
+ 'indieauth-metadata': [],
+ 'token_endpoint': [],
+ },
+ });
+ const expected = {
+ metadataUrl: undefined,
+ tokenUrl: undefined,
+ };
+ const result = await communication._fetchMetadataOrTokenEndpoint(urlObj);
+ assert.deepStrictEqual(result, expected);
+ });
+ it('covers no url', async function () {
+ const expected = {
+ metadataUrl: undefined,
+ tokenUrl: undefined,
+ };
+ const result = await communication._fetchMetadataOrTokenEndpoint();
+ assert.deepStrictEqual(result, expected);
+ });
+ }); // _fetchMetadataOrTokenEndpoint
+
+ describe('redeemTicket', function () {
+ let ticket, resourceUrlObj, issuerUrlObj;
+ beforeEach(function () {
+ resourceUrlObj = new URL('https://resource.example.com/');
+ issuerUrlObj = new URL('https://idp.example.com/');
+ ticket = 'XXXThisIsATicketXXX';
+ sinon.stub(communication, '_fetchMetadataOrTokenEndpoint').resolves({
+ metadataUrl: new URL('https://example.com'),
+ tokenUrl: undefined,
+ });
+ sinon.stub(communication, 'fetchMetadata').resolves({ tokenEndpoint: 'https://idp.example.com/' });
+ });
+ it('covers success', async function () {
+ const expected = { 'access_token': 'XXXThisIsAnAccessTokenXXX' };
+ const response = { body: expected, headers: {}, statusCode: 200 };
+ communication.got.resolves(response);
+ const result = await communication.redeemTicket(ticket, resourceUrlObj, issuerUrlObj);
+ assert.deepStrictEqual(result, expected);
+ });
+ it('covers success without issuer', async function () {
+ const expected = { 'access_token': 'XXXThisIsAnAccessTokenXXX' };
+ const response = { body: expected, headers: {}, statusCode: 200 };
+ communication.got.resolves(response);
+ const result = await communication.redeemTicket(ticket, resourceUrlObj);
+ assert.deepStrictEqual(result, expected);
+ });
+ it('covers got failure', async function () {
+ const expectedException = new Error('oh no');
+ communication.got.rejects(expectedException);
+ await assert.rejects(() => communication.redeemTicket(ticket, resourceUrlObj, issuerUrlObj), expectedException);
+ });
+ it('covers no metadata url', async function () {
+ communication._fetchMetadataOrTokenEndpoint.resolves({ metadataUrl: undefined, tokenUrl: undefined });
+ await assert.rejects(() => communication.redeemTicket(ticket, resourceUrlObj, issuerUrlObj), ValidationError);
+ });
+ it('covers bad token url', async function () {
+ communication.fetchMetadata.resolves({ tokenEndpoint: 'not a url' });
+ await assert.rejects(() => communication.redeemTicket(ticket, resourceUrlObj, issuerUrlObj), ValidationError);
+ });
+ }); // redeemTicket
+
+}); // Communication