arnaucube/thoughts
1
0
Fork 0
mirror of https://github.com/arnaucube/thoughts.git synced 2026-02-07 11:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

get token for user, post users, get all users, post thought, get all thoughts. runs ok

Browse Source
This commit is contained in:
nau
2016-07-16 18:53:37 +02:00
parent 15f01dc4a9
commit 64882fc513
678 changed files with 94094 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
node_modules/jsonwebtoken/test/async_sign.tests.js generated vendored Normal file
View File

@@ -0,0 +1,60 @@
var jwt = require('../index');
var expect = require('chai').expect;
var jws = require('jws');
describe('signing a token asynchronously', function() {
describe('when signing a token', function() {
var secret = 'shhhhhh';
it('should return the same result as singing synchronously', function(done) {
jwt.sign({ foo: 'bar' }, secret, { algorithm: 'HS256' }, function (err, asyncToken) {
if (err) return done(err);
var syncToken = jwt.sign({ foo: 'bar' }, secret, { algorithm: 'HS256' });
expect(asyncToken).to.be.a('string');
expect(asyncToken.split('.')).to.have.length(3);
expect(asyncToken).to.equal(syncToken);
done();
});
});
it('should work', function (done) {
jwt.sign({abc: 1}, "secret", {}, function (err, res) {
expect(err).to.be.null();
done();
});
});
it('should return error when secret is not a cert for RS256', function(done) {
//this throw an error because the secret is not a cert and RS256 requires a cert.
jwt.sign({ foo: 'bar' }, secret, { algorithm: 'RS256' }, function (err) {
expect(err).to.be.ok();
done();
});
});
it('should return error on wrong arguments', function(done) {
//this throw an error because the secret is not a cert and RS256 requires a cert.
jwt.sign({ foo: 'bar' }, secret, { notBefore: {} }, function (err) {
expect(err).to.be.ok();
done();
});
});
it('should return error on wrong arguments (2)', function(done) {
jwt.sign('string', 'secret', {noTimestamp: true}, function (err) {
expect(err).to.be.ok();
expect(err).to.be.instanceof(Error);
done();
});
});
it('should not stringify the payload', function (done) {
jwt.sign('string', 'secret', {}, function (err, token) {
if (err) { return done(err); }
expect(jws.decode(token).payload).to.equal('string');
done();
});
});
});
});

10
node_modules/jsonwebtoken/test/buffer.tests.js generated vendored Normal file
View File

@@ -0,0 +1,10 @@
var jwt = require("../.");
var assert = require('chai').assert;
describe('buffer payload', function () {
it('should work', function () {
var payload = new Buffer('TkJyotZe8NFpgdfnmgINqg==', 'base64');
var token = jwt.sign(payload, "signing key");
assert.equal(jwt.decode(token), payload.toString());
});
});

37
node_modules/jsonwebtoken/test/encoding.tests.js generated vendored Normal file
View File

@@ -0,0 +1,37 @@
var jwt = require('../index');
var expect = require('chai').expect;
var atob = require('atob');
describe('encoding', function() {
function b64_to_utf8 (str) {
return decodeURIComponent(escape(atob( str )));
}
it('should properly encode the token (utf8)', function () {
var expected = 'José';
var token = jwt.sign({ name: expected }, 'shhhhh');
var decoded_name = JSON.parse(b64_to_utf8(token.split('.')[1])).name;
expect(decoded_name).to.equal(expected);
});
it('should properly encode the token (binary)', function () {
var expected = 'José';
var token = jwt.sign({ name: expected }, 'shhhhh', { encoding: 'binary' });
var decoded_name = JSON.parse(atob(token.split('.')[1])).name;
expect(decoded_name).to.equal(expected);
});
it('should return the same result when decoding', function () {
var username = '測試';
var token = jwt.sign({
username: username
}, 'test');
var payload = jwt.verify(token, 'test');
expect(payload.username).to.equal(username);
});
});

53
node_modules/jsonwebtoken/test/expires_format.tests.js generated vendored Normal file
View File

@@ -0,0 +1,53 @@
var jwt = require('../index');
var expect = require('chai').expect;
describe('expires option', function() {
it('should work with a number of seconds', function () {
var token = jwt.sign({foo: 123}, '123', { expiresIn: 10 });
var result = jwt.verify(token, '123');
expect(result.exp).to.be.closeTo(Math.floor(Date.now() / 1000) + 10, 0.2);
});
it('should work with a string', function () {
var token = jwt.sign({foo: 123}, '123', { expiresIn: '2d' });
var result = jwt.verify(token, '123');
var two_days_in_secs = 2 * 24 * 60 * 60;
expect(result.exp).to.be.closeTo(Math.floor(Date.now() / 1000) + two_days_in_secs, 0.2);
});
it('should work with a string second example', function () {
var token = jwt.sign({foo: 123}, '123', { expiresIn: '36h' });
var result = jwt.verify(token, '123');
var day_and_a_half_in_secs = 1.5 * 24 * 60 * 60;
expect(result.exp).to.be.closeTo(Math.floor(Date.now() / 1000) + day_and_a_half_in_secs, 0.2);
});
it('should throw if expires has a bad string format', function () {
expect(function () {
jwt.sign({foo: 123}, '123', { expiresIn: '1 monkey' });
}).to.throw(/"expiresIn" should be a number of seconds or string representing a timespan/);
});
it('should throw if expires is not an string or number', function () {
expect(function () {
jwt.sign({foo: 123}, '123', { expiresIn: { crazy : 213 } });
}).to.throw(/"expiresIn" must be a number/);
});
it('should throw an error if expiresIn and exp are provided', function () {
expect(function () {
jwt.sign({ foo: 123, exp: 839218392183 }, '123', { expiresIn: '5h' });
}).to.throw(/Bad "options.expiresIn" option the payload already has an "exp" property./);
});
it('should throw on deprecated expiresInSeconds option', function () {
expect(function () {
jwt.sign({foo: 123}, '123', { expiresInSeconds: 5 });
}).to.throw('"expiresInSeconds" is not allowed');
});
});

22
node_modules/jsonwebtoken/test/iat.tests.js generated vendored Normal file
View File

@@ -0,0 +1,22 @@
var jwt = require('../index');
var expect = require('chai').expect;
describe('iat', function () {
it('should work with a exp calculated based on numeric iat', function () {
var dateNow = Math.floor(Date.now() / 1000);
var iat = dateNow - 30;
var expiresIn = 50;
var token = jwt.sign({foo: 123, iat: iat}, '123', {expiresIn: expiresIn});
var result = jwt.verify(token, '123');
expect(result.exp).to.be.closeTo(iat + expiresIn, 0.2);
});
it('should throw if iat is not a number', function () {
expect(function () {
jwt.sign({foo: 123, iat: 'hello'}, '123');
}).to.throw(/"iat" must be a number/);
});
});

58
node_modules/jsonwebtoken/test/invalid_exp.tests.js generated vendored Normal file
View File

@@ -0,0 +1,58 @@
var jwt = require('../index');
var expect = require('chai').expect;
var assert = require('chai').assert;
describe('invalid expiration', function() {
it('should fail with string', function (done) {
var broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIxMjMiLCJmb28iOiJhZGFzIn0.cDa81le-pnwJMcJi3o3PBwB7cTJMiXCkizIhxbXAKRg';
jwt.verify(broken_token, '123', function (err, decoded) {
expect(err.name).to.equal('JsonWebTokenError');
done();
});
});
it('should fail with 0', function (done) {
var broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjAsImZvbyI6ImFkYXMifQ.UKxix5T79WwfqAA0fLZr6UrhU-jMES2unwCOFa4grEA';
jwt.verify(broken_token, '123', function (err) {
expect(err.name).to.equal('TokenExpiredError');
done();
});
});
it('should fail with false', function (done) {
var broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOmZhbHNlLCJmb28iOiJhZGFzIn0.iBn33Plwhp-ZFXqppCd8YtED77dwWU0h68QS_nEQL8I';
jwt.verify(broken_token, '123', function (err) {
expect(err.name).to.equal('JsonWebTokenError');
done();
});
});
it('should fail with true', function (done) {
var broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOnRydWUsImZvbyI6ImFkYXMifQ.eOWfZCTM5CNYHAKSdFzzk2tDkPQmRT17yqllO-ItIMM';
jwt.verify(broken_token, '123', function (err) {
expect(err.name).to.equal('JsonWebTokenError');
done();
});
});
it('should fail with object', function (done) {
var broken_token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOnt9LCJmb28iOiJhZGFzIn0.1JjCTsWLJ2DF-CfESjLdLfKutUt3Ji9cC7ESlcoBHSY';
jwt.verify(broken_token, '123', function (err) {
expect(err.name).to.equal('JsonWebTokenError');
done();
});
});
});

19
node_modules/jsonwebtoken/test/invalid_pub.pem generated vendored Normal file
View File

@@ -0,0 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDJjCCAg6gAwIBAgIJAMyz3mSPlaW4MA0GCSqGSIb3DQEBBQUAMBYxFDASBgNV
BAMUCyouYXV0aDAuY29tMB4XDTEzMDQxODE3MDE1MFoXDTI2MTIyNjE3MDE1MFow
FjEUMBIGA1UEAxQLKi5hdXRoMC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDZq1Ua0/BGm+TaBFoftKWeYMWrQG9Fx3g7ikErxljmyOvlwqkiat3q
ixX+Dxw9TFb5gbBjNJ+L3nt4YefJgLsYvsHqkOUxWsB+HM/ulJRVnVrZm1tI3Nbg
xO1BQ7DrGfBpq2KCxtQCaQFRlQJw1+qS5LwrdIvihB7Kc142VElCFFHJ6+09eMUy
jy00Z5pfQr4Am6W6eEOS9ObDbNs4XgKOcWe5khWXj3UStou+VgbAg40XcYht2IbY
gMfKF+VUZOy3+e+aRTqPOBU3MAeb0tvCCPUQJbNAUHgSKVhAvNf8mRwttVsOLT70
anjjeCOd7RKS8fVKBwc2KtgNkghYdPY9AgMBAAGjdzB1MB0GA1UdDgQWBBSi4+X0
+MvCKDdd375mDhx/ZBbJ4DBGBgNVHSMEPzA9gBSi4+X0+MvCKDdd375mDhx/ZBbJ
4KEapBgwFjEUMBIGA1UEAxQLKi5hdXRoMC5jb22CCQDMs95kj5WluDAMBgNVHRME
BTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBi0qPe0DzlPSufq+Gdk2Fwf1pGEtjA
D34IxxJ9SX6r1DS/NIP7IOLUnNU8cP8BQWl7i413v29jJsNV457pjdmqf8J7OE9O
eF5Yz1x91gY/27561Iga/TQeIVOlFQAgx66eLfUFFoAig3hz2srZo5TzYBixMJsS
fYMXHPiU7KoLUqYXvpSXIllstQCu51KCC6t9H7wZ92lTES1v76hFY4edQ30sftPo
kjAYWGEhMjPo/r4THcdSMqKXoRtCGEun4pTXid7MJcTgdGDrAJddLWi6SxKecEVB
MhMu4XfUCdxCwqQPjHeJ+zE49A1CUdBB2FN3BNLbmTTwEBgmuwyGRzhj
-----END CERTIFICATE-----

12
node_modules/jsonwebtoken/test/issue_147.tests.js generated vendored Normal file
View File

@@ -0,0 +1,12 @@
var jwt = require('../index');
var expect = require('chai').expect;
describe('issue 147 - signing with a sealed payload', function() {
it('should put the expiration claim', function () {
var token = jwt.sign(Object.seal({foo: 123}), '123', { expiresIn: 10 });
var result = jwt.verify(token, '123');
expect(result.exp).to.be.closeTo(Math.floor(Date.now() / 1000) + 10, 0.2);
});
});

15
node_modules/jsonwebtoken/test/issue_196.tests.js generated vendored Normal file
View File

@@ -0,0 +1,15 @@
var expect = require('chai').expect;
var jwt = require('./..');
var atob = require('atob');
describe('issue 196', function () {
function b64_to_utf8 (str) {
return decodeURIComponent(escape(atob( str )));
}
it('should use issuer provided in payload.iss', function () {
var token = jwt.sign({ iss: 'foo' }, 'shhhhh');
var decoded_issuer = JSON.parse(b64_to_utf8(token.split('.')[1])).iss;
expect(decoded_issuer).to.equal('foo');
});
});

15
node_modules/jsonwebtoken/test/issue_70.tests.js generated vendored Normal file
View File

@@ -0,0 +1,15 @@
var jwt = require('../');
describe('issue 70 - public key start with BEING PUBLIC KEY', function () {
it('should work', function (done) {
var fs = require('fs');
var cert_pub = fs.readFileSync(__dirname + '/rsa-public.pem');
var cert_priv = fs.readFileSync(__dirname + '/rsa-private.pem');
var token = jwt.sign({ foo: 'bar' }, cert_priv, { algorithm: 'RS256'});
jwt.verify(token, cert_pub, done);
});
});

82
node_modules/jsonwebtoken/test/jwt.hs.tests.js generated vendored Normal file
View File

@@ -0,0 +1,82 @@
var jwt = require('../index');
var expect = require('chai').expect;
var assert = require('chai').assert;
describe('HS256', function() {
describe('when signing a token', function() {
var secret = 'shhhhhh';
var token = jwt.sign({ foo: 'bar' }, secret, { algorithm: 'HS256' });
it('should be syntactically valid', function() {
expect(token).to.be.a('string');
expect(token.split('.')).to.have.length(3);
});
it('should without options', function(done) {
var callback = function(err, decoded) {
assert.ok(decoded.foo);
assert.equal('bar', decoded.foo);
done();
};
callback.issuer = "shouldn't affect";
jwt.verify(token, secret, callback );
});
it('should validate with secret', function(done) {
jwt.verify(token, secret, function(err, decoded) {
assert.ok(decoded.foo);
assert.equal('bar', decoded.foo);
done();
});
});
it('should throw with invalid secret', function(done) {
jwt.verify(token, 'invalid secret', function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
done();
});
});
it('should throw with secret and token not signed', function(done) {
var signed = jwt.sign({ foo: 'bar' }, secret, { algorithm: 'none' });
var unsigned = signed.split('.')[0] + '.' + signed.split('.')[1] + '.';
jwt.verify(unsigned, 'secret', function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
done();
});
});
it('should throw when verifying null', function(done) {
jwt.verify(null, 'secret', function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
done();
});
});
it('should return an error when the token is expired', function(done) {
var token = jwt.sign({ exp: 1 }, secret, { algorithm: 'HS256' });
jwt.verify(token, secret, { algorithm: 'HS256' }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
done();
});
});
it('should NOT return an error when the token is expired with "ignoreExpiration"', function(done) {
var token = jwt.sign({ exp: 1, foo: 'bar' }, secret, { algorithm: 'HS256' });
jwt.verify(token, secret, { algorithm: 'HS256', ignoreExpiration: true }, function(err, decoded) {
assert.ok(decoded.foo);
assert.equal('bar', decoded.foo);
assert.isNull(err);
done();
});
});
});
});

423
node_modules/jsonwebtoken/test/jwt.rs.tests.js generated vendored Normal file
View File

@@ -0,0 +1,423 @@
var jwt = require('../index');
var fs = require('fs');
var path = require('path');
var expect = require('chai').expect;
var assert = require('chai').assert;
var ms = require('ms');
describe('RS256', function() {
var pub = fs.readFileSync(path.join(__dirname, 'pub.pem'));
var priv = fs.readFileSync(path.join(__dirname, 'priv.pem'));
var invalid_pub = fs.readFileSync(path.join(__dirname, 'invalid_pub.pem'));
describe('when signing a token', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256' });
it('should be syntactically valid', function() {
expect(token).to.be.a('string');
expect(token.split('.')).to.have.length(3);
});
context('asynchronous', function() {
it('should validate with public key', function(done) {
jwt.verify(token, pub, function(err, decoded) {
assert.ok(decoded.foo);
assert.equal('bar', decoded.foo);
done();
});
});
it('should throw with invalid public key', function(done) {
jwt.verify(token, invalid_pub, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
done();
});
});
});
context('synchronous', function() {
it('should validate with public key', function() {
var decoded = jwt.verify(token, pub);
assert.ok(decoded.foo);
assert.equal('bar', decoded.foo);
});
it('should throw with invalid public key', function() {
var jwtVerify = jwt.verify.bind(null, token, invalid_pub)
assert.throw(jwtVerify, 'invalid signature');
});
});
});
describe('when signing a token with expiration', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', expiresIn: '10m' });
it('should be valid expiration', function(done) {
jwt.verify(token, pub, function(err, decoded) {
assert.isNotNull(decoded);
assert.isNull(err);
done();
});
});
it('should be invalid', function(done) {
// expired token
token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', expiresIn: -1 * ms('10m') });
jwt.verify(token, pub, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'TokenExpiredError');
assert.instanceOf(err.expiredAt, Date);
assert.instanceOf(err, jwt.TokenExpiredError);
done();
});
});
it('should NOT be invalid', function(done) {
// expired token
token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', expiresIn: -1 * ms('10m') });
jwt.verify(token, pub, { ignoreExpiration: true }, function(err, decoded) {
assert.ok(decoded.foo);
assert.equal('bar', decoded.foo);
done();
});
});
});
describe('when signing a token with not before', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', notBefore: -10 * 3600 });
it('should be valid expiration', function(done) {
jwt.verify(token, pub, function(err, decoded) {
assert.isNotNull(decoded);
assert.isNull(err);
done();
});
});
it('should be invalid', function(done) {
// not active token
token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', notBefore: '10m' });
jwt.verify(token, pub, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'NotBeforeError');
assert.instanceOf(err.date, Date);
assert.instanceOf(err, jwt.NotBeforeError);
done();
});
});
it('should valid when date are equals', function(done) {
Date.fix(1451908031);
token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', notBefore: 0 });
jwt.verify(token, pub, function(err, decoded) {
assert.isNull(err);
assert.isNotNull(decoded);
Date.unfix();
done();
});
});
it('should NOT be invalid', function(done) {
// not active token
token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', notBefore: '10m' });
jwt.verify(token, pub, { ignoreNotBefore: true }, function(err, decoded) {
assert.ok(decoded.foo);
assert.equal('bar', decoded.foo);
done();
});
});
});
describe('when signing a token with audience', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', audience: 'urn:foo' });
it('should check audience', function(done) {
jwt.verify(token, pub, { audience: 'urn:foo' }, function(err, decoded) {
assert.isNotNull(decoded);
assert.isNull(err);
done();
});
});
it('should check audience in array', function(done) {
jwt.verify(token, pub, { audience: ['urn:foo', 'urn:other'] }, function (err, decoded) {
assert.isNotNull(decoded);
assert.isNull(err);
done();
});
});
it('should throw when invalid audience', function(done) {
jwt.verify(token, pub, { audience: 'urn:wrong' }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
it('should throw when invalid audience in array', function(done) {
jwt.verify(token, pub, { audience: ['urn:wrong', 'urn:morewrong'] }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
});
describe('when signing a token with array audience', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', audience: [ 'urn:foo', 'urn:bar' ] });
it('should check audience', function(done) {
jwt.verify(token, pub, { audience: 'urn:foo' }, function(err, decoded) {
assert.isNotNull(decoded);
assert.isNull(err);
done();
});
});
it('should check other audience', function(done) {
jwt.verify(token, pub, { audience: 'urn:bar' }, function(err, decoded) {
assert.isNotNull(decoded);
assert.isNull(err);
done();
});
});
it('should check audience in array', function(done) {
jwt.verify(token, pub, { audience: ['urn:foo', 'urn:other'] }, function (err, decoded) {
assert.isNotNull(decoded);
assert.isNull(err);
done();
});
});
it('should throw when invalid audience', function(done) {
jwt.verify(token, pub, { audience: 'urn:wrong' }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
it('should throw when invalid audience in array', function(done) {
jwt.verify(token, pub, { audience: ['urn:wrong', 'urn:morewrong'] }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
});
describe('when signing a token without audience', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256' });
it('should check audience', function(done) {
jwt.verify(token, pub, { audience: 'urn:wrong' }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
it('should check audience in array', function(done) {
jwt.verify(token, pub, { audience: ['urn:wrong', 'urn:morewrong'] }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
});
describe('when signing a token with issuer', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', issuer: 'urn:foo' });
it('should check issuer', function(done) {
jwt.verify(token, pub, { issuer: 'urn:foo' }, function(err, decoded) {
assert.isNotNull(decoded);
assert.isNull(err);
done();
});
});
it('should check the issuer when providing a list of valid issuers', function(done) {
jwt.verify(token, pub, { issuer: [ 'urn:foo', 'urn:bar' ] }, function(err, decoded) {
assert.isNotNull(decoded);
assert.isNull(err);
done();
});
});
it('should throw when invalid issuer', function(done) {
jwt.verify(token, pub, { issuer: 'urn:wrong' }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
});
describe('when signing a token without issuer', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256' });
it('should check issuer', function(done) {
jwt.verify(token, pub, { issuer: 'urn:foo' }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
});
describe('when signing a token with subject', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', subject: 'subject' });
it('should check subject', function(done) {
jwt.verify(token, pub, { subject: 'subject' }, function(err, decoded) {
assert.isNotNull(decoded);
assert.isNull(err);
done();
});
});
it('should throw when invalid subject', function(done) {
jwt.verify(token, pub, { subject: 'wrongSubject' }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
});
describe('when signing a token without subject', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256' });
it('should check subject', function(done) {
jwt.verify(token, pub, { subject: 'subject' }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
});
describe('when signing a token with jwt id', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256', jwtid: 'jwtid' });
it('should check jwt id', function(done) {
jwt.verify(token, pub, { jwtid: 'jwtid' }, function(err, decoded) {
assert.isNotNull(decoded);
assert.isNull(err);
done();
});
});
it('should throw when invalid jwt id', function(done) {
jwt.verify(token, pub, { jwtid: 'wrongJwtid' }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
});
describe('when signing a token without jwt id', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256' });
it('should check jwt id', function(done) {
jwt.verify(token, pub, { jwtid: 'jwtid' }, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
assert.instanceOf(err, jwt.JsonWebTokenError);
done();
});
});
});
describe('when verifying a malformed token', function() {
it('should throw', function(done) {
jwt.verify('fruit.fruit.fruit', pub, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
assert.equal(err.name, 'JsonWebTokenError');
done();
});
});
});
describe('when decoding a jwt token with additional parts', function() {
var token = jwt.sign({ foo: 'bar' }, priv, { algorithm: 'RS256' });
it('should throw', function(done) {
jwt.verify(token + '.foo', pub, function(err, decoded) {
assert.isUndefined(decoded);
assert.isNotNull(err);
done();
});
});
});
describe('when decoding a invalid jwt token', function() {
it('should return null', function(done) {
var payload = jwt.decode('whatever.token');
assert.isNull(payload);
done();
});
});
describe('when decoding a valid jwt token', function() {
it('should return the payload', function(done) {
var obj = { foo: 'bar' };
var token = jwt.sign(obj, priv, { algorithm: 'RS256' });
var payload = jwt.decode(token);
assert.equal(payload.foo, obj.foo);
done();
});
it('should return the header and payload and signature if complete option is set', function(done) {
var obj = { foo: 'bar' };
var token = jwt.sign(obj, priv, { algorithm: 'RS256' });
var decoded = jwt.decode(token, { complete: true });
assert.equal(decoded.payload.foo, obj.foo);
assert.deepEqual(decoded.header, { typ: 'JWT', alg: 'RS256' });
assert.ok(typeof decoded.signature == 'string');
done();
});
});
});

12
node_modules/jsonwebtoken/test/noTimestamp.tests.js generated vendored Normal file
View File

@@ -0,0 +1,12 @@
var jwt = require('../index');
var expect = require('chai').expect;
describe('noTimestamp', function() {
it('should work with string', function () {
var token = jwt.sign({foo: 123}, '123', { expiresIn: '5m' , noTimestamp: true });
var result = jwt.verify(token, '123');
expect(result.exp).to.be.closeTo(Math.floor(Date.now() / 1000) + (5*60), 0.5);
});
});

33
node_modules/jsonwebtoken/test/non_object_values.tests.js generated vendored Normal file
View File

@@ -0,0 +1,33 @@
var jwt = require('../index');
var expect = require('chai').expect;
var JsonWebTokenError = require('../lib/JsonWebTokenError');
describe('non_object_values values', function() {
it('should work with string', function () {
var token = jwt.sign('hello', '123');
var result = jwt.verify(token, '123');
expect(result).to.equal('hello');
});
//v6 version will throw in this case:
it('should throw with expiresIn', function () {
expect(function () {
jwt.sign('hello', '123', { expiresIn: '12h' });
}).to.throw(/invalid expiresIn option for string payload/);
});
it('should fail to validate audience when the payload is string', function () {
var token = jwt.sign('hello', '123');
expect(function () {
jwt.verify(token, '123', { audience: 'foo' });
}).to.throw(JsonWebTokenError);
});
it('should work with number', function () {
var token = jwt.sign(123, '123');
var result = jwt.verify(token, '123');
expect(result).to.equal('123');
});
});

27
node_modules/jsonwebtoken/test/priv.pem generated vendored Normal file
View File

@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAvtH4wKLYlIXZlfYQFJtXZVC3fD8XMarzwvb/fHUyJ6NvNStN
+H7GHp3/QhZbSaRyqK5hu5xXtFLgnI0QG8oE1NlXbczjH45LeHWhPIdc2uHSpzXi
c78kOugMY1vng4J10PF6+T2FNaiv0iXeIQq9xbwwPYpflViQyJnzGCIZ7VGan6Gb
RKzyTKcB58yx24pJq+CviLXEY52TIW1l5imcjGvLtlCp1za9qBZa4XGoVqHi1kRX
kdDSHty6lZWj3KxoRvTbiaBCH+75U7rifS6fR9lqjWE57bCGoz7+BBu9YmPKtI1K
kyHFqWpxaJc/AKf9xgg+UumeqVcirUmAsHJrMwIDAQABAoIBAQCYKw05YSNhXVPk
eHLeW/pXuwR3OkCexPrakOmwMC0s2vIF7mChN0d6hvhVlUp68X7V8SnS2JxAGo8v
iHY+Et3DdwZ3cxnzwh+BEhzgDfoIOmkoGppZPyX/K6klWtbGUrTtSISOWXbvEXQU
G0qGAvDOzIGTsdMDX7slnU70Ac23JybPY5qBSiE+ky8U4dm2fUHMroWub4QP5vA/
nqyWqX2FB/MEAbcujaknDQrFCtbmtUYlBbJCKGd9V3cGEqp6H7oH+ah2ofMc91gJ
mCHk3YyWZB/bcVXH3CA+s1ywvCOVDBZ3Nw7Pt9zIcv6Rl9UKIy+Nx0QjXxR90Hla
Tr0GHIShAoGBAPsD7uXm+0ksnGyKRYgvlVad8Z8FUFT6bf4B+vboDbx40FO8O/5V
PraBPC5z8YRSBOQ/WfccPQzakkA28F2pXlRpXu5JcErVWnyyUiKpX5sw6iPenQR2
JO9hY/GFbKiwUhVHpvWMcXFqFLSQu2A86jPnFFEfG48ZT4IhTzINKJVZAoGBAMKc
B3YGfVfY9qiRFXzYRdSRLg5c8p/HzuWwXc9vfJ4kQTDkPXe/+nqD67rzeT54uVec
jKoIrsCu4BfEaoyvOT+1KmUfdEpBgYZuuEC4CZf7dgKbXOpPVvZDMyJ/e7HyqTpw
mvIYJLPm2fNAcAsnbrNX5mhLwwzEIltbplUUeRdrAoGBAKhZgPYsLkhrZRXevreR
wkTvdUfD1pbHxtFfHqROCjhnhsFCM7JmFcNtdaFqHYczQxiZ7IqxI7jlNsVek2Md
3qgaa5LBKlDmOuP67N9WXUrGSaJ5ATIm0qrB1Lf9VlzktIiVH8L7yHHaRby8fQ8U
i7b3ukaV6HPW895A3M6iyJ8xAoGAInp4S+3MaTL0SFsj/nFmtcle6oaHKc3BlyoP
BMBQyMfNkPbu+PdXTjtvGTknouzKkX4X4cwWAec5ppxS8EffEa1sLGxNMxa19vZI
yJaShI21k7Ko3I5f7tNrDNKfPKCsYMEwgnHKluDwfktNTnyW/Uk2dgXuMaXSHHN5
XZt59K8CgYArGVOWK7LUmf3dkTIs3tXBm4/IMtUZmWmcP9C8Xe/Dg/IdQhK5CIx4
VXl8rgZNeX/5/4nJ8Q3LrdLau1Iz620trNRGU6sGMs3x4WQbSq93RRbFzfG1oK74
IOo5yIBxImQOSk5jz31gF9RJb15SDBIxonuWv8qAERyUfvrmEwR0kg==
-----END RSA PRIVATE KEY-----

22
node_modules/jsonwebtoken/test/pub.pem generated vendored Normal file
View File

@@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDtTCCAp2gAwIBAgIJAMKR/NsyfcazMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQwHhcNMTIxMTEyMjM0MzQxWhcNMTYxMjIxMjM0MzQxWjBF
MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvtH4wKLYlIXZlfYQFJtXZVC3fD8XMarzwvb/fHUyJ6NvNStN+H7GHp3/
QhZbSaRyqK5hu5xXtFLgnI0QG8oE1NlXbczjH45LeHWhPIdc2uHSpzXic78kOugM
Y1vng4J10PF6+T2FNaiv0iXeIQq9xbwwPYpflViQyJnzGCIZ7VGan6GbRKzyTKcB
58yx24pJq+CviLXEY52TIW1l5imcjGvLtlCp1za9qBZa4XGoVqHi1kRXkdDSHty6
lZWj3KxoRvTbiaBCH+75U7rifS6fR9lqjWE57bCGoz7+BBu9YmPKtI1KkyHFqWpx
aJc/AKf9xgg+UumeqVcirUmAsHJrMwIDAQABo4GnMIGkMB0GA1UdDgQWBBTs83nk
LtoXFlmBUts3EIxcVvkvcjB1BgNVHSMEbjBsgBTs83nkLtoXFlmBUts3EIxcVvkv
cqFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV
BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMKR/NsyfcazMAwGA1UdEwQF
MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBABw7w/5k4d5dVDgd/OOOmXdaaCIKvt7d
3ntlv1SSvAoKT8d8lt97Dm5RrmefBI13I2yivZg5bfTge4+vAV6VdLFdWeFp1b/F
OZkYUv6A8o5HW0OWQYVX26zIqBcG2Qrm3reiSl5BLvpj1WSpCsYvs5kaO4vFpMak
/ICgdZD+rxwxf8Vb/6fntKywWSLgwKH3mJ+Z0kRlpq1g1oieiOm1/gpZ35s0Yuor
XZba9ptfLCYSggg/qc3d3d0tbHplKYkwFm7f5ORGHDSD5SJm+gI7RPE+4bO8q79R
PAfbG1UGuJ0b/oigagciHhJp851SQRYf3JuNSc17BnK2L5IEtzjqr+Q=
-----END CERTIFICATE-----

27
node_modules/jsonwebtoken/test/rsa-private.pem generated vendored Normal file
View File

@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAvzoCEC2rpSpJQaWZbUmlsDNwp83Jr4fi6KmBWIwnj1MZ6CUQ
7rBasuLI8AcfX5/10scSfQNCsTLV2tMKQaHuvyrVfwY0dINk+nkqB74QcT2oCCH9
XduJjDuwWA4xLqAKuF96FsIes52opEM50W7/W7DZCKXkC8fFPFj6QF5ZzApDw2Qs
u3yMRmr7/W9uWeaTwfPx24YdY7Ah+fdLy3KN40vXv9c4xiSafVvnx9BwYL7H1Q8N
iK9LGEN6+JSWfgckQCs6UUBOXSZdreNN9zbQCwyzee7bOJqXUDAuLcFARzPw1EsZ
AyjVtGCKIQ0/btqK+jFunT2NBC8RItanDZpptQIDAQABAoIBAQCsssO4Pra8hFMC
gX7tr0x+tAYy1ewmpW8stiDFilYT33YPLKJ9HjHbSms0MwqHftwwTm8JDc/GXmW6
qUui+I64gQOtIzpuW1fvyUtHEMSisI83QRMkF6fCSQm6jJ6oQAtOdZO6R/gYOPNb
3gayeS8PbMilQcSRSwp6tNTVGyC33p43uUUKAKHnpvAwUSc61aVOtw2wkD062XzM
hJjYpHm65i4V31AzXo8HF42NrAtZ8K/AuQZne5F/6F4QFVlMKzUoHkSUnTp60XZx
X77GuyDeDmCgSc2J7xvR5o6VpjsHMo3ek0gJk5ZBnTgkHvnpbULCRxTmDfjeVPue
v3NN2TBFAoGBAPxbqNEsXPOckGTvG3tUOAAkrK1hfW3TwvrW/7YXg1/6aNV4sklc
vqn/40kCK0v9xJIv9FM/l0Nq+CMWcrb4sjLeGwHAa8ASfk6hKHbeiTFamA6FBkvQ
//7GP5khD+y62RlWi9PmwJY21lEkn2mP99THxqvZjQiAVNiqlYdwiIc7AoGBAMH8
f2Ay7Egc2KYRYU2qwa5E/Cljn/9sdvUnWM+gOzUXpc5sBi+/SUUQT8y/rY4AUVW6
YaK7chG9YokZQq7ZwTCsYxTfxHK2pnG/tXjOxLFQKBwppQfJcFSRLbw0lMbQoZBk
S+zb0ufZzxc2fJfXE+XeJxmKs0TS9ltQuJiSqCPPAoGBALEc84K7DBG+FGmCl1sb
ZKJVGwwknA90zCeYtadrIT0/VkxchWSPvxE5Ep+u8gxHcqrXFTdILjWW4chefOyF
5ytkTrgQAI+xawxsdyXWUZtd5dJq8lxLtx9srD4gwjh3et8ZqtFx5kCHBCu29Fr2
PA4OmBUMfrs0tlfKgV+pT2j5AoGBAKnA0Z5XMZlxVM0OTH3wvYhI6fk2Kx8TxY2G
nxsh9m3hgcD/mvJRjEaZnZto6PFoqcRBU4taSNnpRr7+kfH8sCht0k7D+l8AIutL
ffx3xHv9zvvGHZqQ1nHKkaEuyjqo+5kli6N8QjWNzsFbdvBQ0CLJoqGhVHsXuWnz
W3Z4cBbVAoGAEtnwY1OJM7+R2u1CW0tTjqDlYU2hUNa9t1AbhyGdI2arYp+p+umA
b5VoYLNsdvZhqjVFTrYNEuhTJFYCF7jAiZLYvYm0C99BqcJnJPl7JjWynoNHNKw3
9f6PIOE1rAmPE8Cfz/GFF5115ZKVlq+2BY8EKNxbCIy2d/vMEvisnXI=
-----END RSA PRIVATE KEY-----

8
node_modules/jsonwebtoken/test/rsa-public-key.pem generated vendored Normal file
View File

@@ -0,0 +1,8 @@
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAvzoCEC2rpSpJQaWZbUmlsDNwp83Jr4fi6KmBWIwnj1MZ6CUQ7rBa
suLI8AcfX5/10scSfQNCsTLV2tMKQaHuvyrVfwY0dINk+nkqB74QcT2oCCH9XduJ
jDuwWA4xLqAKuF96FsIes52opEM50W7/W7DZCKXkC8fFPFj6QF5ZzApDw2Qsu3yM
Rmr7/W9uWeaTwfPx24YdY7Ah+fdLy3KN40vXv9c4xiSafVvnx9BwYL7H1Q8NiK9L
GEN6+JSWfgckQCs6UUBOXSZdreNN9zbQCwyzee7bOJqXUDAuLcFARzPw1EsZAyjV
tGCKIQ0/btqK+jFunT2NBC8RItanDZpptQIDAQAB
-----END RSA PUBLIC KEY-----

15
node_modules/jsonwebtoken/test/rsa-public-key.tests.js generated vendored Normal file
View File

@@ -0,0 +1,15 @@
var jwt = require('../');
describe('public key start with BEGIN RSA PUBLIC KEY', function () {
it('should work', function (done) {
var fs = require('fs');
var cert_pub = fs.readFileSync(__dirname + '/rsa-public-key.pem');
var cert_priv = fs.readFileSync(__dirname + '/rsa-private.pem');
var token = jwt.sign({ foo: 'bar' }, cert_priv, { algorithm: 'RS256'});
jwt.verify(token, cert_pub, done);
});
});

9
node_modules/jsonwebtoken/test/rsa-public.pem generated vendored Normal file
View File

@@ -0,0 +1,9 @@
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzoCEC2rpSpJQaWZbUml
sDNwp83Jr4fi6KmBWIwnj1MZ6CUQ7rBasuLI8AcfX5/10scSfQNCsTLV2tMKQaHu
vyrVfwY0dINk+nkqB74QcT2oCCH9XduJjDuwWA4xLqAKuF96FsIes52opEM50W7/
W7DZCKXkC8fFPFj6QF5ZzApDw2Qsu3yMRmr7/W9uWeaTwfPx24YdY7Ah+fdLy3KN
40vXv9c4xiSafVvnx9BwYL7H1Q8NiK9LGEN6+JSWfgckQCs6UUBOXSZdreNN9zbQ
Cwyzee7bOJqXUDAuLcFARzPw1EsZAyjVtGCKIQ0/btqK+jFunT2NBC8RItanDZpp
tQIDAQAB
-----END PUBLIC KEY-----

18
node_modules/jsonwebtoken/test/set_headers.tests.js generated vendored Normal file
View File

@@ -0,0 +1,18 @@
var jwt = require('../index');
var expect = require('chai').expect;
describe('set header', function() {
it('should add the header', function () {
var token = jwt.sign({foo: 123}, '123', { header: { foo: 'bar' } });
var decoded = jwt.decode(token, {complete: true});
expect(decoded.header.foo).to.equal('bar');
});
it('should allow overriding header', function () {
var token = jwt.sign({foo: 123}, '123', { header: { alg: 'HS512' } });
var decoded = jwt.decode(token, {complete: true});
expect(decoded.header.alg).to.equal('HS512');
});
});

20
node_modules/jsonwebtoken/test/undefined_secretOrPublickey.tests.js generated vendored Normal file
View File

@@ -0,0 +1,20 @@
var fs = require('fs');
var jwt = require('../index');
var JsonWebTokenError = require('../lib/JsonWebTokenError');
var expect = require('chai').expect;
var TOKEN = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.t-IDcSemACt8x4iTMCda8Yhe3iZaWbvV5XKSTbuAn0M';
describe('verifying without specified secret or public key', function () {
it('should not verify null', function () {
expect(function () {
jwt.verify(TOKEN, null);
}).to.throw(JsonWebTokenError, /secret or public key must be provided/);
});
it('should not verify undefined', function () {
expect(function () {
jwt.verify(TOKEN);
}).to.throw(JsonWebTokenError, /secret or public key must be provided/);
});
});

32
node_modules/jsonwebtoken/test/util/fakeDate.js generated vendored Normal file
View File

@@ -0,0 +1,32 @@
var oldDate = global.Date;
/*
* fix new Date() to a fixed unix timestamp.
*/
global.Date.fix = function (timestamp) {
var time = timestamp * 1000;
if (global.Date.unfake) {
global.Date.unfake();
}
global.Date = function (ts) {
return new oldDate(ts || time);
};
global.Date.prototype = Object.create(oldDate.prototype);
global.Date.prototype.constructor = global.Date;
global.Date.prototype.now = function () {
return time;
};
global.Date.now = function () {
return time;
};
global.Date.unfix = function () {
global.Date = oldDate;
};
};

194
node_modules/jsonwebtoken/test/verify.tests.js generated vendored Normal file
View File

@@ -0,0 +1,194 @@
var jwt = require('../index');
var jws = require('jws');
var fs = require('fs');
var path = require('path');
var sinon = require('sinon');
var assert = require('chai').assert;
describe('verify', function() {
var pub = fs.readFileSync(path.join(__dirname, 'pub.pem'));
var priv = fs.readFileSync(path.join(__dirname, 'priv.pem'));
it('should first assume JSON claim set', function (done) {
var header = { alg: 'RS256' };
var payload = { iat: Math.floor(Date.now() / 1000 ) };
var signed = jws.sign({
header: header,
payload: payload,
secret: priv,
encoding: 'utf8'
});
jwt.verify(signed, pub, {typ: 'JWT'}, function(err, p) {
assert.isNull(err);
assert.deepEqual(p, payload);
done();
});
});
it('should be able to validate unsigned token', function (done) {
var header = { alg: 'none' };
var payload = { iat: Math.floor(Date.now() / 1000 ) };
var signed = jws.sign({
header: header,
payload: payload,
secret: priv,
encoding: 'utf8'
});
jwt.verify(signed, null, {typ: 'JWT'}, function(err, p) {
assert.isNull(err);
assert.deepEqual(p, payload);
done();
});
});
it('should not mutate options', function (done) {
var header = { alg: 'none' };
var payload = { iat: Math.floor(Date.now() / 1000 ) };
var options = {typ: 'JWT'};
var signed = jws.sign({
header: header,
payload: payload,
secret: priv,
encoding: 'utf8'
});
jwt.verify(signed, null, options, function(err) {
assert.isNull(err);
assert.deepEqual(Object.keys(options).length, 1);
done();
});
});
describe('expiration', function () {
// { foo: 'bar', iat: 1437018582, exp: 1437018583 }
var token = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmb28iOiJiYXIiLCJpYXQiOjE0MzcwMTg1ODIsImV4cCI6MTQzNzAxODU4M30.NmMv7sXjM1dW0eALNXud8LoXknZ0mH14GtnFclwJv0s';
var key = 'key';
var clock;
afterEach(function () {
try { clock.restore(); } catch (e) {}
});
it('should error on expired token', function (done) {
clock = sinon.useFakeTimers(1437018650000);
var options = {algorithms: ['HS256']};
jwt.verify(token, key, options, function (err, p) {
assert.equal(err.name, 'TokenExpiredError');
assert.equal(err.message, 'jwt expired');
assert.equal(err.expiredAt.constructor.name, 'Date');
assert.equal(Number(err.expiredAt), 1437018583000);
assert.isUndefined(p);
done();
});
});
it('should not error on expired token within clockTolerance interval', function (done) {
clock = sinon.useFakeTimers(1437018584000);
var options = {algorithms: ['HS256'], clockTolerance: 100}
jwt.verify(token, key, options, function (err, p) {
assert.isNull(err);
assert.equal(p.foo, 'bar');
done();
});
});
it('should not error if within maxAge timespan', function (done) {
clock = sinon.useFakeTimers(1437018582500);
var options = {algorithms: ['HS256'], maxAge: '600ms'};
jwt.verify(token, key, options, function (err, p) {
assert.isNull(err);
assert.equal(p.foo, 'bar');
done();
});
});
describe('option: maxAge', function () {
it('should error for claims issued before a certain timespan', function (done) {
clock = sinon.useFakeTimers(1437018582500);
var options = {algorithms: ['HS256'], maxAge: '321ms'};
jwt.verify(token, key, options, function (err, p) {
assert.equal(err.name, 'TokenExpiredError');
assert.equal(err.message, 'maxAge exceeded');
assert.equal(err.expiredAt.constructor.name, 'Date');
assert.equal(Number(err.expiredAt), 1437018582321);
assert.isUndefined(p);
done();
});
});
it('should not error for claims issued before a certain timespan but still inside clockTolerance timespan', function (done) {
clock = sinon.useFakeTimers(1437018582500);
var options = {algorithms: ['HS256'], maxAge: '321ms', clockTolerance: 100};
jwt.verify(token, key, options, function (err, p) {
assert.isNull(err);
assert.equal(p.foo, 'bar');
done();
});
});
it('should not error if within maxAge timespan', function (done) {
clock = sinon.useFakeTimers(1437018582500);
var options = {algorithms: ['HS256'], maxAge: '600ms'};
jwt.verify(token, key, options, function (err, p) {
assert.isNull(err);
assert.equal(p.foo, 'bar');
done();
});
});
it('can be more restrictive than expiration', function (done) {
clock = sinon.useFakeTimers(1437018582900);
var options = {algorithms: ['HS256'], maxAge: '800ms'};
jwt.verify(token, key, options, function (err, p) {
assert.equal(err.name, 'TokenExpiredError');
assert.equal(err.message, 'maxAge exceeded');
assert.equal(err.expiredAt.constructor.name, 'Date');
assert.equal(Number(err.expiredAt), 1437018582800);
assert.isUndefined(p);
done();
});
});
it('cannot be more permissive than expiration', function (done) {
clock = sinon.useFakeTimers(1437018583100);
var options = {algorithms: ['HS256'], maxAge: '1200ms'};
jwt.verify(token, key, options, function (err, p) {
// maxAge not exceded, but still expired
assert.equal(err.name, 'TokenExpiredError');
assert.equal(err.message, 'jwt expired');
assert.equal(err.expiredAt.constructor.name, 'Date');
assert.equal(Number(err.expiredAt), 1437018583000);
assert.isUndefined(p);
done();
});
});
it('should error if maxAge is specified but there is no iat claim', function (done) {
clock = sinon.useFakeTimers(1437018582900);
var token = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmb28iOiJiYXIifQ.0MBPd4Bru9-fK_HY3xmuDAc6N_embknmNuhdb9bKL_U';
var options = {algorithms: ['HS256'], maxAge: '1s'};
jwt.verify(token, key, options, function (err, p) {
assert.equal(err.name, 'JsonWebTokenError');
assert.equal(err.message, 'iat required when maxAge is specified');
assert.isUndefined(p);
done();
});
});
});
});
});

42
node_modules/jsonwebtoken/test/wrong_alg.tests.js generated vendored Normal file
View File

@@ -0,0 +1,42 @@
var fs = require('fs');
var path = require('path');
var jwt = require('../index');
var JsonWebTokenError = require('../lib/JsonWebTokenError');
var expect = require('chai').expect;
var pub = fs.readFileSync(path.join(__dirname, 'pub.pem'), 'utf8');
// priv is never used
// var priv = fs.readFileSync(path.join(__dirname, 'priv.pem'));
var TOKEN = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmb28iOiJiYXIiLCJpYXQiOjE0MjY1NDY5MTl9.ETgkTn8BaxIX4YqvUWVFPmum3moNZ7oARZtSBXb_vP4';
describe('when setting a wrong `header.alg`', function () {
describe('signing with pub key as symmetric', function () {
it('should not verify', function () {
expect(function () {
jwt.verify(TOKEN, pub);
}).to.throw(JsonWebTokenError, /invalid algorithm/);
});
});
describe('signing with pub key as HS256 and whitelisting only RS256', function () {
it('should not verify', function () {
expect(function () {
jwt.verify(TOKEN, pub, {algorithms: ['RS256']});
}).to.throw(JsonWebTokenError, /invalid algorithm/);
});
});
describe('signing with HS256 and checking with HS384', function () {
it('should not verify', function () {
expect(function () {
var token = jwt.sign({foo: 'bar'}, 'secret', {algorithm: 'HS256'});
jwt.verify(token, 'some secret', {algorithms: ['HS384']});
}).to.throw(JsonWebTokenError, /invalid algorithm/);
});
});
});