Skip to content

Commit

Permalink
Added more tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@lboyette-okta
lboyette-okta committed Oct 21, 2016
1 parent ccd2b32 commit 1a51f98
Show file tree
Hide file tree
Showing 6 changed files with 190 additions and 8 deletions.
11 changes: 7 additions & 4 deletions lib/oauthUtil.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,12 +71,15 @@ function getKey(sdk, issuer, kid) {
}
}

// Remove cache for the key
httpCache.clearStorage(jwksUri);

// Pull the latest keys if the key wasn't in the cache
return http.get(jwksUri, {
responseCacheDuration: config.DEFAULT_CACHE_DURATION
return http.get(sdk, jwksUri, {
cacheResponse: true
})
.then(function(keys) {
var key = util.find(keys, {
.then(function(res) {
var key = util.find(res.keys, {
kid: kid
});

Expand Down
9 changes: 7 additions & 2 deletions lib/storageBuilder.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,13 @@ function storageBuilder(webstorage, storageName) {
}
}

function clearStorage() {
setStorage({});
function clearStorage(key) {
if (!key) {
setStorage({});
}
var storage = getStorage();
delete storage[key];
setStorage(storage);
}

function updateStorage(key, value) {
Expand Down
151 changes: 151 additions & 0 deletions test/spec/oauthUtil.js
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,11 @@
define(function(require) {
var OktaAuth = require('OktaAuth');
var oauthUtil = require('../../lib/oauthUtil');
var oauthUtilHelpers = require('../util/oauthUtil');
var util = require('../util/util');
var wellKnown = require('../xhr/well-known');
var keys = require('../xhr/keys');
var tokens = require('../util/tokens');

describe('getWellKnown', function() {
util.itMakesCorrectRequestResponse({
Expand Down Expand Up @@ -95,6 +98,154 @@ define(function(require) {
});
});

describe('getKey', function() {
util.itMakesCorrectRequestResponse({
title: 'uses existing jwks on valid kid',
setup: {
time: 1449699929
},
execute: function(test) {
oauthUtilHelpers.loadWellKnownAndKeysCache();
return oauthUtil.getKey(test.oa, test.oa.options.url, 'U5R8cHbGw445Qbq8zVO1PcCpXL8yG6IcovVa3laCoxM');
},
expectations: function(test, key) {
expect(key).toEqual(tokens.standardKey);
}
});
util.itMakesCorrectRequestResponse({
title: 'pulls new jwks on valid kid',
setup: {
calls: [
{
request: {
method: 'get',
uri: '/oauth2/v1/keys'
},
response: 'keys'
}
],
time: 1449699929
},
execute: function(test) {
oauthUtilHelpers.loadWellKnownCache();
return oauthUtil.getKey(test.oa, test.oa.options.url, 'U5R8cHbGw445Qbq8zVO1PcCpXL8yG6IcovVa3laCoxM');
},
expectations: function(test, key) {
expect(key).toEqual(tokens.standardKey);
var cache = localStorage.getItem('okta-cache-storage');
expect(cache).toEqual(JSON.stringify({
'https://auth-js-test.okta.com/.well-known/openid-configuration': {
expiresAt: 1449786329,
response: wellKnown.response
},
'https://auth-js-test.okta.com/oauth2/v1/keys': {
expiresAt: 1449786329,
response: keys.response
}
}));
}
});

util.itMakesCorrectRequestResponse({
title: 'checks existing jwks then pulls new jwks on valid kid',
setup: {
calls: [
{
request: {
method: 'get',
uri: '/oauth2/v1/keys'
},
response: 'keys'
}
],
time: 1449699929
},
execute: function(test) {
// Put a modified kid in the cache
localStorage.setItem('okta-cache-storage', JSON.stringify({
'https://auth-js-test.okta.com/.well-known/openid-configuration': {
expiresAt: 1449786329,
response: wellKnown.response
},
'https://auth-js-test.okta.com/oauth2/v1/keys': {
expiresAt: 1449786329,
response: {
'keys': [{
alg: 'RS256',
kty: 'RSA',
n: 'fake',
e: 'AQAB',
use: 'sig',
kid: 'modifiedKeyId'
}]
}
}
}));

return oauthUtil.getKey(test.oa, test.oa.options.url, 'U5R8cHbGw445Qbq8zVO1PcCpXL8yG6IcovVa3laCoxM');
},
expectations: function(test, key) {
expect(key).toEqual(tokens.standardKey);
var cache = localStorage.getItem('okta-cache-storage');
expect(cache).toEqual(JSON.stringify({
'https://auth-js-test.okta.com/.well-known/openid-configuration': {
expiresAt: 1449786329,
response: wellKnown.response
},
'https://auth-js-test.okta.com/oauth2/v1/keys': {
expiresAt: 1449786329,
response: keys.response
}
}));
}
});

util.itErrorsCorrectly({
title: 'checks existing jwks then pulls new jwks on invalid kid',
setup: {
calls: [
{
request: {
method: 'get',
uri: '/oauth2/v1/keys'
},
response: 'keys'
}
],
time: 1449699929
},
execute: function(test) {
// Put a modified kid in the cache
localStorage.setItem('okta-cache-storage', JSON.stringify({
'https://auth-js-test.okta.com/.well-known/openid-configuration': {
expiresAt: 1449786329,
response: wellKnown.response
},
'https://auth-js-test.okta.com/oauth2/v1/keys': {
expiresAt: 1449786329,
response: keys.response
}
}));

return oauthUtil.getKey(test.oa, test.oa.options.url, 'invalidKid');
},
expectations: function(test, err) {
util.assertAuthSdkError(err, 'The key id, invalidKid, was not found in the server\'s keys');
var cache = localStorage.getItem('okta-cache-storage');
expect(cache).toEqual(JSON.stringify({
'https://auth-js-test.okta.com/.well-known/openid-configuration': {
expiresAt: 1449786329,
response: wellKnown.response
},
'https://auth-js-test.okta.com/oauth2/v1/keys': {
expiresAt: 1449786329,
response: keys.response
}
}));
}
});
});

describe('getOAuthUrls', function() {
function setupOAuthUrls(options) {
var sdk = new OktaAuth(options.oktaAuthArgs || {
Expand Down
6 changes: 5 additions & 1 deletion test/spec/token.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1951,7 +1951,9 @@ define(function(require) {
describe('token.verify', function() {
it('verifies a valid idToken with nonce', function(done) {
var client = setupSync();
client.token.verify(tokens.standardIdTokenParsed, tokens.mockedNonce)
util.warpToUnixTime(1449699929);
oauthUtil.loadWellKnownAndKeysCache();
client.token.verify(tokens.standardIdTokenParsed, oauthUtil.mockedNonce)
.then(function(res) {
expect(res).toEqual(tokens.standardIdTokenParsed);
})
Expand All @@ -1962,6 +1964,8 @@ define(function(require) {
});
it('verifies a valid idToken without nonce', function(done) {
var client = setupSync();
util.warpToUnixTime(1449699929);
oauthUtil.loadWellKnownAndKeysCache();
client.token.verify(tokens.standardIdTokenParsed)
.then(function(res) {
expect(res).toEqual(tokens.standardIdTokenParsed);
Expand Down
11 changes: 10 additions & 1 deletion test/util/oauthUtil.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,16 @@ define(function(require) {
// Make sure the state is generated the same every time (standardState, standardNonce)
spyOn(Math, 'random').and.callFake(function() {
return 0;
});
});
};

oauthUtil.loadWellKnownCache = function() {
localStorage.setItem('okta-cache-storage', JSON.stringify({
'https://auth-js-test.okta.com/.well-known/openid-configuration': {
expiresAt: 1449786329,
response: wellKnown.response
}
}));
};

oauthUtil.loadWellKnownAndKeysCache = function() {
Expand Down
10 changes: 10 additions & 0 deletions test/util/tokens.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -276,5 +276,15 @@ define(function() {

tokens.standardAuthorizationCode = '35cFyfgCU2u0a1EzAqbO';

tokens.standardKey = {
alg: 'RS256',
kty: 'RSA',
n: '3ZWrUY0Y6IKN1qI4BhxR2C7oHVFgGPYkd38uGq1jQNSqEvJFcN93CYm16_G78FAFKWqwsJb3Wx-nbxDn6LtP4AhULB1H0K0g7_jLklDAHvI8' +
'yhOKlvoyvsUFPWtNxlJyh5JJXvkNKV_4Oo12e69f8QCuQ6NpEPl-cSvXIqUYBCs',
e: 'AQAB',
use: 'sig',
kid: 'U5R8cHbGw445Qbq8zVO1PcCpXL8yG6IcovVa3laCoxM'
};

return tokens;
});

0 comments on commit 1a51f98

Please sign in to comment.