geek
/
swagger-ui


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326
							import { Map } from "immutable"
import {
  authorizeRequest,
  authorizeAccessCodeWithFormParams,
  authorizeWithPersistOption,
  authorizeOauth2WithPersistOption,
  logoutWithPersistOption,
  persistAuthorizationIfNeeded
} from "corePlugins/auth/actions"

describe("auth plugin - actions", () => {

  describe("authorizeRequest", () => {

    [
      [
        {
          oas3: true,
          server: "https://host/resource",
          effectiveServer: "https://host/resource",
          scheme: "http",
          host: null,
          url: "http://specs/file",
        },
        "https://host/authorize"
      ],
      [
        {
          oas3: true,
          server: "https://{selected_host}/resource",
          effectiveServer: "https://host/resource",
          scheme: "http",
          host: null,
          url: "http://specs/file",
        },
        "https://host/authorize"
      ],
      [
        {
          oas3: false,
          server: null,
          effectiveServer: null,
          scheme: "https",
          host: undefined,
          url: "https://specs/file",
        },
        "https://specs/authorize"
      ],
      [
        {
          oas3: false,
          server: null,
          effectiveServer: null,
          scheme: "https",
          host: "host",
          url: "http://specs/file",
        },
        "http://specs/authorize"
      ],
    ].forEach(([{ oas3, server, effectiveServer, scheme, host, url }, expectedFetchUrl]) => {
      it("should resolve authorization endpoint against the server URL", () => {

        // Given
        const data = {
          url: "/authorize"
        }
        const system = {
          fn: {
            fetch: jest.fn().mockImplementation(() => Promise.resolve())
          },
          getConfigs: () => ({}),
          authSelectors: {
            getConfigs: () => ({})
          },
          errActions: {
            newAuthErr: () => ({})
          },
          oas3Selectors: {
            selectedServer: () => server,
            serverEffectiveValue: () => effectiveServer || server
          },
          specSelectors: {
            isOAS3: () => oas3,
            operationScheme: () => scheme,
            host: () => host,
            url: () => url
          }
        }

        // When
        authorizeRequest(data)(system)

        // Then
        expect(system.fn.fetch.mock.calls.length).toEqual(1)
        expect(system.fn.fetch.mock.calls[0][0]).toEqual(expect.objectContaining({ url: expectedFetchUrl }))
      })
    })

    it("should add additionalQueryStringParams to Swagger 2.0 authorization and token URLs", () => {

      // Given
      const data = {
        url: "/authorize?q=1"
      }
      const system = {
        fn: {
          fetch: jest.fn().mockImplementation(() => Promise.resolve())
        },
        getConfigs: () => ({}),
        authSelectors: {
          getConfigs: () => ({
            additionalQueryStringParams: {
              myCustomParam: "abc123"
            }
          })
        },
        errActions: {
          newAuthErr: () => ({})
        },
        specSelectors: {
          isOAS3: () => false,
          operationScheme: () => "https",
          host: () => "http://google.com",
          url: () => "http://google.com/swagger.json"
        }
      }

      // When
      authorizeRequest(data)(system)

      // Then
      expect(system.fn.fetch.mock.calls.length).toEqual(1)

      expect(system.fn.fetch.mock.calls[0][0].url)
        .toEqual("http://google.com/authorize?q=1&myCustomParam=abc123")
    })

    it("should add additionalQueryStringParams to OpenAPI 3.0 authorization and token URLs", () => {

      // Given
      const data = {
        url: "/authorize?q=1"
      }
      const system = {
        fn: {
          fetch: jest.fn().mockImplementation(() => Promise.resolve())
        },
        errActions: {
          newAuthErr: () => ({})
        },
        getConfigs: () => ({}),
        authSelectors: {
          getConfigs: () => ({
            additionalQueryStringParams: {
              myCustomParam: "abc123"
            }
          })
        },
        oas3Selectors: {
          selectedServer: () => "http://google.com",
          serverEffectiveValue: () => "http://google.com"
        },
        specSelectors: {
          isOAS3: () => true,
        }
      }

      // When
      authorizeRequest(data)(system)

      // Then
      expect(system.fn.fetch.mock.calls.length).toEqual(1)

      expect(system.fn.fetch.mock.calls[0][0].url)
        .toEqual("http://google.com/authorize?q=1&myCustomParam=abc123")
    })
  })

  describe("tokenRequest", function () {
    it("should send the code verifier when set", () => {
      const data = {
        auth: {
          schema: {
            get: () => "http://tokenUrl"
          },
          codeVerifier: "mock_code_verifier"
        },
        redirectUrl: "http://google.com"
      }

      const authActions = {
        authorizeRequest: jest.fn()
      }

      authorizeAccessCodeWithFormParams(data)({ authActions })

      expect(authActions.authorizeRequest.mock.calls.length).toEqual(1)
      const actualArgument = authActions.authorizeRequest.mock.calls[0][0]
      expect(actualArgument.body).toContain("code_verifier=" + data.auth.codeVerifier)
      expect(actualArgument.body).toContain("grant_type=authorization_code")
    })
  })

  describe("persistAuthorization", () => {
    describe("wrapped functions with persist option", () => {
      it("should wrap `authorize` action and persist data if needed", () => {

        // Given
        const data = {
          "api_key": {}
        }
        const system = {
          getConfigs: () => ({}),
          authActions: {
            authorize: jest.fn(() => { }),
            persistAuthorizationIfNeeded: jest.fn(() => { })
          }
        }

        // When
        authorizeWithPersistOption(data)(system)

        // Then
        expect(system.authActions.authorize).toHaveBeenCalled()
        expect(system.authActions.authorize).toHaveBeenCalledWith(data)
        expect(system.authActions.persistAuthorizationIfNeeded).toHaveBeenCalled()
      })

      it("should wrap `oauth2Authorize` action and persist data if needed", () => {

        // Given
        const data = {
          "api_key": {}
        }
        const system = {
          getConfigs: () => ({}),
          authActions: {
            authorizeOauth2: jest.fn(() => { }),
            persistAuthorizationIfNeeded: jest.fn(() => { })
          }
        }

        // When
        authorizeOauth2WithPersistOption(data)(system)

        // Then
        expect(system.authActions.authorizeOauth2).toHaveBeenCalled()
        expect(system.authActions.authorizeOauth2).toHaveBeenCalledWith(data)
        expect(system.authActions.persistAuthorizationIfNeeded).toHaveBeenCalled()
      })

      it("should wrap `logout` action and persist data if needed", () => {

        // Given
        const data = {
          "api_key": {}
        }
        const system = {
          getConfigs: () => ({}),
          authActions: {
            logout: jest.fn(() => { }),
            persistAuthorizationIfNeeded: jest.fn(() => { })
          }
        }

        // When
        logoutWithPersistOption(data)(system)

        // Then
        expect(system.authActions.logout).toHaveBeenCalled()
        expect(system.authActions.logout).toHaveBeenCalledWith(data)
        expect(system.authActions.persistAuthorizationIfNeeded).toHaveBeenCalled()
      })
    })

    describe("persistAuthorizationIfNeeded", () => {
      beforeEach(() => {
        localStorage.clear()
      })
      it("should skip if `persistAuthorization` is turned off", () => {
        // Given        
        const system = {
          getConfigs: () => ({
            persistAuthorization: false
          }),
          authSelectors: {
            authorized: jest.fn(() => { })
          }
        }

        // When
        persistAuthorizationIfNeeded()(system)

        // Then
        expect(system.authSelectors.authorized).not.toHaveBeenCalled()
      })
      it("should persist authorization data to localStorage", () => {
        // Given
        const data = {
          "api_key": {}
        }
        const system = {
          getConfigs: () => ({
            persistAuthorization: true
          }),
          errActions: {
            newAuthErr: () => ({})
          },
          authSelectors: {
            authorized: jest.fn(() => Map(data))
          }
        }
        jest.spyOn(Object.getPrototypeOf(window.localStorage), "setItem")

        // When
        persistAuthorizationIfNeeded()(system)

        expect(localStorage.setItem).toHaveBeenCalled()
        expect(localStorage.setItem).toHaveBeenCalledWith("authorized", JSON.stringify(data))

      })
    })

  })
})