-
Notifications
You must be signed in to change notification settings - Fork 8
Expand file tree
/
Copy pathoauth-test.js
More file actions
144 lines (129 loc) · 5.32 KB
/
oauth-test.js
File metadata and controls
144 lines (129 loc) · 5.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
import { expect } from 'chai'
import { describe, it } from 'mocha'
import { contentstackClient } from '../../sanity-check/utility/ContentstackClient'
import axios from 'axios'
import dotenv from 'dotenv'
dotenv.config()
let accessToken = ''
let loggedinUserID = ''
let authUrl = ''
let codeChallenge = ''
let codeChallengeMethod = ''
let authCode
let authtoken = ''
let redirectUrl = ''
let refreshToken = ''
const client = contentstackClient()
const oauthClient = client.oauth({
clientId: process.env.CLIENT_ID,
appId: process.env.APP_ID,
redirectUri: process.env.REDIRECT_URI
})
describe('OAuth Authentication API Test', () => {
it('should login with credentials', done => {
client.login({ email: process.env.EMAIL, password: process.env.PASSWORD }, { include_orgs: true, include_orgs_roles: true, include_stack_roles: true, include_user_settings: true }).then((response) => {
expect(response.notice).to.be.equal('Login Successful.', 'Login success messsage does not match.')
done()
})
.catch(done)
})
it('should get Current user info test', done => {
client.getUser().then((user) => {
authtoken = user.authtoken
done()
})
.catch(done)
})
it('should fail when trying to login with invalid app credentials', () => {
try {
client.oauth({
clientId: 'clientId',
appId: 'appId',
redirectUri: 'redirectUri'
})
} catch (error) {
const jsonMessage = JSON.parse(error.message)
expect(jsonMessage.status).to.be.equal(401, 'Status code does not match for invalid credentials')
expect(jsonMessage.errorMessage).to.not.equal(null, 'Error message not proper')
expect(jsonMessage.errorCode).to.be.equal(104, 'Error code does not match')
}
})
it('should generate OAuth authorization URL', async () => {
authUrl = await oauthClient.authorize()
const url = new URL(authUrl)
codeChallenge = url.searchParams.get('code_challenge')
codeChallengeMethod = url.searchParams.get('code_challenge_method')
// Ensure they are not empty strings
expect(codeChallenge).to.not.equal('')
expect(codeChallengeMethod).to.not.equal('')
expect(authUrl).to.include(process.env.CLIENT_ID, 'Client ID mismatch')
})
it('should simulate calling the authorization URL and receive authorization code', async () => {
try {
const authorizationEndpoint = oauthClient.axiosInstance.defaults.developerHubBaseUrl
axios.defaults.headers.common.authtoken = authtoken
axios.defaults.headers.common.organization_uid = process.env.ORGANIZATION
const response = await axios
.post(`${authorizationEndpoint}/manifests/${process.env.APP_ID}/authorize`, {
client_id: process.env.CLIENT_ID,
redirect_uri: process.env.REDIRECT_URI,
code_challenge: codeChallenge,
code_challenge_method: codeChallengeMethod,
response_type: 'code'
})
const data = response.data
redirectUrl = data.data.redirect_url
const url = new URL(redirectUrl)
authCode = url.searchParams.get('code')
oauthClient.axiosInstance.oauth.appId = process.env.APP_ID
oauthClient.axiosInstance.oauth.clientId = process.env.CLIENT_ID
oauthClient.axiosInstance.oauth.redirectUri = process.env.REDIRECT_URI
// Ensure they are not empty strings
expect(redirectUrl).to.not.equal('')
expect(url).to.not.equal('')
} catch (error) {
console.log(error)
}
})
it('should exchange authorization code for access token', async () => {
const response = await oauthClient.exchangeCodeForToken(authCode)
accessToken = response.access_token
loggedinUserID = response.user_uid
refreshToken = response.refresh_token
expect(response.organization_uid).to.be.equal(process.env.ORGANIZATION, 'Organization mismatch')
// eslint-disable-next-line no-unused-expressions
expect(response.access_token).to.not.be.null
// eslint-disable-next-line no-unused-expressions
expect(response.refresh_token).to.not.be.null
})
it('should get the logged-in user info using the access token', async () => {
const user = await client.getUser({
authorization: `Bearer ${accessToken}`
})
expect(user.uid).to.be.equal(loggedinUserID)
expect(user.email).to.be.equal(process.env.EMAIL, 'Email mismatch')
})
it('should refresh the access token using refresh token', async () => {
const response = await oauthClient.refreshAccessToken(refreshToken)
accessToken = response.access_token
refreshToken = response.refresh_token
// eslint-disable-next-line no-unused-expressions
expect(response.access_token).to.not.be.null
// eslint-disable-next-line no-unused-expressions
expect(response.refresh_token).to.not.be.null
})
it('should logout successfully after OAuth authentication', async () => {
const response = await oauthClient.logout()
expect(response).to.be.equal('Logged out successfully')
})
it('should fail to make an API request with an expired token', async () => {
try {
await client.getUser({
authorization: `Bearer ${accessToken}`
})
} catch (error) {
expect(error.status).to.be.equal(401, 'API request should fail with status 401')
expect(error.errorMessage).to.be.equal('The provided access token is invalid or expired or revoked', 'Error message mismatch')
}
})
})