From 18ebe002466ade33f5ebce39545703e35e2a3ecf Mon Sep 17 00:00:00 2001 From: Nelson Date: Thu, 15 Oct 2015 16:22:16 +0100 Subject: [PATCH 1/3] testing try mode for: https://github.com/dwyl/hapi-auth-jwt2/issues/111 currently failing!! --- lib/index.js | 6 +++- test/try-test.js | 89 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 94 insertions(+), 1 deletion(-) create mode 100644 test/try-test.js diff --git a/lib/index.js b/lib/index.js index 79c7f44..b0bc049 100644 --- a/lib/index.js +++ b/lib/index.js @@ -29,7 +29,11 @@ internals.implementation = function (server, options) { var token = extract(request, options); if (!token && request.auth.mode !== 'required') { - return reply.continue({ credentials: {} }); + // request.auth.isAuthenticated = false; + console.log(' - - - - - - - - - - - - - - - - - - - > SHORT Circuit!') + console.log(request.auth); + console.log(' - - - - - - - - - - - - - - - - - - - - - - -') + return reply.continue(); } if (!token) { diff --git a/test/try-test.js b/test/try-test.js new file mode 100644 index 0000000..9aedcc6 --- /dev/null +++ b/test/try-test.js @@ -0,0 +1,89 @@ +var test = require('tape'); +var Hapi = require('hapi'); +var JWT = require('jsonwebtoken'); +var secret = 'NeverShareYourSecret'; + +test('Auth mode \'try\' should not set isAuthenticated to true when no token sent', function (t) { + t.plan(3); + + var server = new Hapi.Server({ debug: {"request": ["error", "uncaught"]} }); + server.connection(); + + server.register(require('../'), function (err) { + t.ifError(err, 'No error registering hapi-auth-jwt2 plugin'); + + server.auth.strategy('jwt', 'jwt', { + key: secret, + validateFunc: function (decoded, request, callback) { + return callback(); + }, + verifyOptions: {algorithms: ['HS256']} + }); + + server.route({ + method: 'GET', + path: '/try', + handler: function (request, reply) { + console.log(' - - - - - - - - - - - - - - - - - - - - - - -') + console.log(request.auth); + console.log(' - - - - - - - - - - - - - - - - - - - - - - -') + t.notOk(request.auth.isAuthenticated, 'isAuthenticated is false') + reply('TRY'); + }, + config: { + auth: { + strategy: 'jwt', + mode: 'try' + } + } + }); + + var options = {method: 'GET', url: '/try'}; + + server.inject(options, function (response) { + t.equal(response.statusCode, 200, 'Server returned HTTP 200'); + t.end(); + }); + }); +}); + +test('Auth mode \'optional\' should not set isAuthenticated to true when no token sent', function (t) { + t.plan(3); + + var server = new Hapi.Server(); + server.connection(); + + server.register(require('../'), function (err) { + t.ifError(err, 'No error registering hapi-auth-jwt2 plugin'); + + server.auth.strategy('jwt', 'jwt', { + key: secret, + validateFunc: function (decoded, request, callback) { + return callback(); + }, + verifyOptions: {algorithms: ['HS256']} + }); + + server.route({ + method: 'GET', + path: '/optional', + handler: function (request, reply) { + t.notOk(request.auth.isAuthenticated, 'isAuthenticated is false') + reply('OPTIONAL'); + }, + config: { + auth: { + strategy: 'jwt', + mode: 'optional' + } + } + }); + + var options = {method: 'GET', url: '/optional'}; + + server.inject(options, function (response) { + t.equal(response.statusCode, 200, 'Server returned HTTP 200'); + t.end(); + }); + }); +}); From c8506bff32012696750db1456855fbcd759d150b Mon Sep 17 00:00:00 2001 From: Nelson Date: Thu, 15 Oct 2015 16:50:57 +0100 Subject: [PATCH 2/3] remove check for auth mode. closes https://github.com/hapijs/hapi/issues/2843 - see discussion: https://github.com/dwyl/hapi-auth-jwt2/issues/111 --- lib/index.js | 10 +--------- test/try-test.js | 6 +++--- 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/lib/index.js b/lib/index.js index b0bc049..3fae2b8 100644 --- a/lib/index.js +++ b/lib/index.js @@ -27,15 +27,7 @@ internals.implementation = function (server, options) { return { authenticate: function (request, reply) { var token = extract(request, options); - - if (!token && request.auth.mode !== 'required') { - // request.auth.isAuthenticated = false; - console.log(' - - - - - - - - - - - - - - - - - - - > SHORT Circuit!') - console.log(request.auth); - console.log(' - - - - - - - - - - - - - - - - - - - - - - -') - return reply.continue(); - } - + if (!token) { return reply(Boom.unauthorized(null, 'Token')); } diff --git a/test/try-test.js b/test/try-test.js index 9aedcc6..f6d9b37 100644 --- a/test/try-test.js +++ b/test/try-test.js @@ -24,9 +24,9 @@ test('Auth mode \'try\' should not set isAuthenticated to true when no token sen method: 'GET', path: '/try', handler: function (request, reply) { - console.log(' - - - - - - - - - - - - - - - - - - - - - - -') - console.log(request.auth); - console.log(' - - - - - - - - - - - - - - - - - - - - - - -') + // console.log(' - - - - - - - - - - - - - - - - - - - - - - -') + // console.log(request.auth); + // console.log(' - - - - - - - - - - - - - - - - - - - - - - -') t.notOk(request.auth.isAuthenticated, 'isAuthenticated is false') reply('TRY'); }, From cc429bc9466909511b3842b77fa802d46c0fac8e Mon Sep 17 00:00:00 2001 From: Nelson Date: Thu, 15 Oct 2015 16:56:03 +0100 Subject: [PATCH 3/3] rename try and optional auth mode test file and version bump for pull request --- lib/index.js | 2 +- package.json | 2 +- test/{try-test.js => try-and-optional-auth-mode.test.js} | 0 3 files changed, 2 insertions(+), 2 deletions(-) rename test/{try-test.js => try-and-optional-auth-mode.test.js} (100%) diff --git a/lib/index.js b/lib/index.js index 3fae2b8..1c2c9ce 100644 --- a/lib/index.js +++ b/lib/index.js @@ -27,7 +27,7 @@ internals.implementation = function (server, options) { return { authenticate: function (request, reply) { var token = extract(request, options); - + if (!token) { return reply(Boom.unauthorized(null, 'Token')); } diff --git a/package.json b/package.json index f4aecbd..9c2e9e8 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "hapi-auth-jwt2", - "version": "5.1.1", + "version": "5.1.2", "description": "Hapi.js Authentication Plugin/Scheme using JSON Web Tokens (JWT)", "main": "lib/index.js", "repository": { diff --git a/test/try-test.js b/test/try-and-optional-auth-mode.test.js similarity index 100% rename from test/try-test.js rename to test/try-and-optional-auth-mode.test.js