arnaucube
/
thoughts
mirror of https://github.com/arnaucube/thoughts.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
5.0 MiB
Tree: 64882fc513
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '64882fc513'
${ noResults }
thoughts/node_modules/jsonwebtoken/test/jwt.hs.tests.js

82 lines
2.5 KiB
Raw Normal View History

get token for user, post users, get all users, post thought, get all thoughts. runs ok
8 years ago
  1. var jwt = require('../index');
  3. var expect = require('chai').expect;
  4. var assert = require('chai').assert;
  6. describe('HS256', function() {
  8. describe('when signing a token', function() {
  9. var secret = 'shhhhhh';
  11. var token = jwt.sign({ foo: 'bar' }, secret, { algorithm: 'HS256' });
  13. it('should be syntactically valid', function() {
  14. expect(token).to.be.a('string');
  15. expect(token.split('.')).to.have.length(3);
  16. });
  18. it('should without options', function(done) {
  19. var callback = function(err, decoded) {
  20. assert.ok(decoded.foo);
  21. assert.equal('bar', decoded.foo);
  22. done();
  23. };
  24. callback.issuer = "shouldn't affect";
  25. jwt.verify(token, secret, callback );
  26. });
  28. it('should validate with secret', function(done) {
  29. jwt.verify(token, secret, function(err, decoded) {
  30. assert.ok(decoded.foo);
  31. assert.equal('bar', decoded.foo);
  32. done();
  33. });
  34. });
  36. it('should throw with invalid secret', function(done) {
  37. jwt.verify(token, 'invalid secret', function(err, decoded) {
  38. assert.isUndefined(decoded);
  39. assert.isNotNull(err);
  40. done();
  41. });
  42. });
  44. it('should throw with secret and token not signed', function(done) {
  45. var signed = jwt.sign({ foo: 'bar' }, secret, { algorithm: 'none' });
  46. var unsigned = signed.split('.')[0] + '.' + signed.split('.')[1] + '.';
  47. jwt.verify(unsigned, 'secret', function(err, decoded) {
  48. assert.isUndefined(decoded);
  49. assert.isNotNull(err);
  50. done();
  51. });
  52. });
  54. it('should throw when verifying null', function(done) {
  55. jwt.verify(null, 'secret', function(err, decoded) {
  56. assert.isUndefined(decoded);
  57. assert.isNotNull(err);
  58. done();
  59. });
  60. });
  62. it('should return an error when the token is expired', function(done) {
  63. var token = jwt.sign({ exp: 1 }, secret, { algorithm: 'HS256' });
  64. jwt.verify(token, secret, { algorithm: 'HS256' }, function(err, decoded) {
  65. assert.isUndefined(decoded);
  66. assert.isNotNull(err);
  67. done();
  68. });
  69. });
  71. it('should NOT return an error when the token is expired with "ignoreExpiration"', function(done) {
  72. var token = jwt.sign({ exp: 1, foo: 'bar' }, secret, { algorithm: 'HS256' });
  73. jwt.verify(token, secret, { algorithm: 'HS256', ignoreExpiration: true }, function(err, decoded) {
  74. assert.ok(decoded.foo);
  75. assert.equal('bar', decoded.foo);
  76. assert.isNull(err);
  77. done();
  78. });
  79. });
  81. });
  82. });