contentstack-management-javascript/test/unit/pkceStorage-test.js at 36ce25154b18754f884bf5659a20e1ca0f86463c · contentstack/contentstack-management-javascript · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
import { expect } from 'chai'
import sinon from 'sinon'
import {
  getStoredCodeVerifier,
  storeCodeVerifier,
  clearStoredCodeVerifier
} from '../../lib/core/pkceStorage'
import { describe, it, beforeEach, afterEach } from 'mocha'

describe('pkceStorage', () => {
  let sessionStorageStub

  beforeEach(() => {
    sessionStorageStub = {
      getItem: sinon.stub(),
      setItem: sinon.stub(),
      removeItem: sinon.stub()
    }
    global.window = { sessionStorage: sessionStorageStub }
  })

  afterEach(() => {
    delete global.window
  })

  describe('getStoredCodeVerifier', () => {
    it('returns null when not in browser', () => {
      delete global.window
      expect(getStoredCodeVerifier('appId', 'clientId', 'http://localhost:8184')).to.equal(null)
    })

    it('returns null when nothing stored', () => {
      sessionStorageStub.getItem.returns(null)
      expect(getStoredCodeVerifier('appId', 'clientId', 'http://localhost:8184')).to.equal(null)
    })

    it('returns code_verifier when valid and not expired', () => {
      const stored = JSON.stringify({
        codeVerifier: 'stored_verifier_xyz',
        expiresAt: Date.now() + 600000
      })
      sessionStorageStub.getItem.returns(stored)
      expect(getStoredCodeVerifier('appId', 'clientId', 'http://localhost:8184')).to.equal('stored_verifier_xyz')
    })

    it('returns null when stored entry is expired', () => {
      const stored = JSON.stringify({
        codeVerifier: 'expired_verifier',
        expiresAt: Date.now() - 1000
      })
      sessionStorageStub.getItem.returns(stored)
      expect(getStoredCodeVerifier('appId', 'clientId', 'http://localhost:8184')).to.equal(null)
    })

    it('returns null when storage throws', () => {
      sessionStorageStub.getItem.throws(new Error('QuotaExceeded'))
      expect(getStoredCodeVerifier('appId', 'clientId', 'http://localhost:8184')).to.equal(null)
    })

    it('uses key containing appId, clientId, redirectUri', () => {
      sessionStorageStub.getItem.returns(null)
      getStoredCodeVerifier('myApp', 'myClient', 'https://app.example/cb')
      expect(sessionStorageStub.getItem.calledOnce).to.equal(true)
      const key = sessionStorageStub.getItem.firstCall.args[0]
      expect(key).to.include('contentstack_oauth_pkce')
      expect(key).to.include('myApp')
      expect(key).to.include('myClient')
      expect(key).to.include('https://app.example/cb')
    })
  })

  describe('storeCodeVerifier', () => {
    it('does nothing when not in browser', () => {
      delete global.window
      storeCodeVerifier('appId', 'clientId', 'http://localhost:8184', 'verifier123')
      expect(sessionStorageStub.setItem.called).to.equal(false)
    })

    it('stores codeVerifier and expiresAt in sessionStorage', () => {
      const before = Date.now()
      storeCodeVerifier('appId', 'clientId', 'http://localhost:8184', 'verifier123')
      const after = Date.now()
      expect(sessionStorageStub.setItem.calledOnce).to.equal(true)
      const [key, valueStr] = sessionStorageStub.setItem.firstCall.args
      expect(key).to.include('contentstack_oauth_pkce')
      const value = JSON.parse(valueStr)
      expect(value.codeVerifier).to.equal('verifier123')
      expect(value.expiresAt).to.be.at.least(before + 9 * 60 * 1000)
      expect(value.expiresAt).to.be.at.most(after + 10 * 60 * 1000 + 100)
    })

    it('does not throw when sessionStorage.setItem throws', () => {
      sessionStorageStub.setItem.throws(new Error('QuotaExceeded'))
      expect(() => storeCodeVerifier('appId', 'clientId', 'http://localhost:8184', 'v')).to.not.throw()
    })
  })

  describe('clearStoredCodeVerifier', () => {
    it('does nothing when not in browser', () => {
      delete global.window
      clearStoredCodeVerifier('appId', 'clientId', 'http://localhost:8184')
      expect(sessionStorageStub.removeItem.called).to.equal(false)
    })

    it('calls sessionStorage.removeItem with correct key', () => {
      clearStoredCodeVerifier('appId', 'clientId', 'http://localhost:8184')
      expect(sessionStorageStub.removeItem.calledOnce).to.equal(true)
      const key = sessionStorageStub.removeItem.firstCall.args[0]
      expect(key).to.include('contentstack_oauth_pkce')
      expect(key).to.include('appId')
      expect(key).to.include('clientId')
    })

    it('does not throw when sessionStorage.removeItem throws', () => {
      sessionStorageStub.removeItem.throws(new Error('SecurityError'))
      expect(() => clearStoredCodeVerifier('appId', 'clientId', 'http://localhost:8184')).to.not.throw()
    })
  })
})