plugins/test/authorization.test.js at static · thomsavage/plugins · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
'use strict';

// external requires
var assert = require('chai').assert;
var restify = require('restify');
var restifyClients = require('restify-clients');

// local files
var helper = require('./lib/helper');
var plugins = require('../lib');

// local globals
var SERVER;
var CLIENT;
var PORT;

describe('authorization parser', function () {

    before(function (done) {
        SERVER = restify.createServer({
            dtrace: helper.dtrace,
            log: helper.getLog('server')
        });

        SERVER.use(plugins.authorizationParser());

        SERVER.get('/', function respond(req, res, next) {
            res.send();
            next();
        });

        SERVER.listen(PORT, '127.0.0.1', function () {
            PORT = SERVER.address().port;
            CLIENT = restifyClients.createJsonClient({
                url: 'http://127.0.0.1:' + PORT,
                dtrace: helper.dtrace,
                retry: false
            });

            done();
        });
    });

    after(function (done) {
        CLIENT.close();
        SERVER.close(done);
    });


    it('should accept basic authorization', function (done) {
        var authz = 'Basic ' + new Buffer('user:secret').toString('base64');
        var opts = {
            path: '/',
            headers: {
                authorization: authz
            }
        };
        CLIENT.get(opts, function (err, _, res) {
            assert.ifError(err);
            assert.equal(res.statusCode, 200);
            done();
        });
    });

    it('should reject basic authorization', function (done) {
        var opts = {
            path: '/',
            headers: {
                authorization: 'Basic '
            }
        };
        CLIENT.get(opts, function (err, _, res) {
            assert.ok(err);
            assert.equal(err.name, 'InvalidHeaderError');
            assert.equal(res.statusCode, 400);
            done();
        });
    });

});