BitGoblin/Bones
1
0
Fork 0
Code Issues 5 Pull Requests Packages Projects Releases Wiki Activity

Template Upload

Browse Source
This commit is contained in:
SOUTHERNCO\x2mjbyrn
2017-05-17 13:45:25 -04:00
parent 415b9c25f3
commit 7efe7605b8
11476 changed files with 2170865 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1492
node_modules/hawk/test/browser.js generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

440
node_modules/hawk/test/client.js generated vendored Normal file
View File

@ -0,0 +1,440 @@
// Load modules
var Url = require('url');
var Code = require('code');
var Hawk = require('../lib');
var Lab = require('lab');
// Declare internals
var internals = {};
// Test shortcuts
var lab = exports.lab = Lab.script();
var describe = lab.experiment;
var it = lab.test;
var expect = Code.expect;
describe('Client', function () {
describe('header()', function () {
it('returns a valid authorization header (sha1)', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha1'
};
var header = Hawk.client.header('http://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about' }).field;
expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="bsvY3IfUllw6V5rvk4tStEvpBhE=", ext="Bazinga!", mac="qbf1ZPG/r/e06F4ht+T77LXi5vw="');
done();
});
it('returns a valid authorization header (sha256)', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", ext="Bazinga!", mac="q1CwFoSHzPZSkbIvl0oYlD+91rBUEvFk763nMjMndj8="');
done();
});
it('returns a valid authorization header (no ext)', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
done();
});
it('returns a valid authorization header (null ext)', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain', ext: null }).field;
expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
done();
});
it('returns a valid authorization header (empty payload)', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: '', contentType: 'text/plain' }).field;
expect(header).to.equal('Hawk id=\"123456\", ts=\"1353809207\", nonce=\"Ygvqdz\", hash=\"q/t+NNAkQZNlq/aAD6PlexImwQTxwgT2MahfTa9XRLA=\", mac=\"U5k16YEzn3UnBHKeBzsDXn067Gu3R4YaY6xOt9PYRZM=\"');
done();
});
it('returns a valid authorization header (pre hashed payload)', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var options = { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' };
options.hash = Hawk.crypto.calculatePayloadHash(options.payload, credentials.algorithm, options.contentType);
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', options).field;
expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
done();
});
it('errors on missing uri', function (done) {
var header = Hawk.client.header('', 'POST');
expect(header.field).to.equal('');
expect(header.err).to.equal('Invalid argument type');
done();
});
it('errors on invalid uri', function (done) {
var header = Hawk.client.header(4, 'POST');
expect(header.field).to.equal('');
expect(header.err).to.equal('Invalid argument type');
done();
});
it('errors on missing method', function (done) {
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', '');
expect(header.field).to.equal('');
expect(header.err).to.equal('Invalid argument type');
done();
});
it('errors on invalid method', function (done) {
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 5);
expect(header.field).to.equal('');
expect(header.err).to.equal('Invalid argument type');
done();
});
it('errors on missing options', function (done) {
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST');
expect(header.field).to.equal('');
expect(header.err).to.equal('Invalid argument type');
done();
});
it('errors on invalid credentials (id)', function (done) {
var credentials = {
key: '2983d45yun89q',
algorithm: 'sha256'
};
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
expect(header.field).to.equal('');
expect(header.err).to.equal('Invalid credential object');
done();
});
it('errors on missing credentials', function (done) {
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { ext: 'Bazinga!', timestamp: 1353809207 });
expect(header.field).to.equal('');
expect(header.err).to.equal('Invalid credential object');
done();
});
it('errors on invalid credentials', function (done) {
var credentials = {
id: '123456',
algorithm: 'sha256'
};
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
expect(header.field).to.equal('');
expect(header.err).to.equal('Invalid credential object');
done();
});
it('errors on invalid algorithm', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'hmac-sha-0'
};
var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, payload: 'something, anything!', ext: 'Bazinga!', timestamp: 1353809207 });
expect(header.field).to.equal('');
expect(header.err).to.equal('Unknown algorithm');
done();
});
});
describe('authenticate()', function () {
it('returns false on invalid header', function (done) {
var res = {
headers: {
'server-authorization': 'Hawk mac="abc", bad="xyz"'
}
};
expect(Hawk.client.authenticate(res, {})).to.equal(false);
done();
});
it('returns false on invalid mac', function (done) {
var res = {
headers: {
'content-type': 'text/plain',
'server-authorization': 'Hawk mac="_IJRsMl/4oL+nn+vKoeVZPdCHXB4yJkNnBbTbHFZUYE=", hash="f9cDF/TDm7TkYRLnGwRMfeDzT6LixQVLvrIKhh0vgmM=", ext="response-specific"'
}
};
var artifacts = {
method: 'POST',
host: 'example.com',
port: '8080',
resource: '/resource/4?filter=a',
ts: '1362336900',
nonce: 'eb5S_L',
hash: 'nJjkVtBE5Y/Bk38Aiokwn0jiJxt/0S2WRSUwWLCf5xk=',
ext: 'some-app-data',
app: undefined,
dlg: undefined,
mac: 'BlmSe8K+pbKIb6YsZCnt4E1GrYvY1AaYayNR82dGpIk=',
id: '123456'
};
var credentials = {
id: '123456',
key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
algorithm: 'sha256',
user: 'steve'
};
expect(Hawk.client.authenticate(res, credentials, artifacts)).to.equal(false);
done();
});
it('returns true on ignoring hash', function (done) {
var res = {
headers: {
'content-type': 'text/plain',
'server-authorization': 'Hawk mac="XIJRsMl/4oL+nn+vKoeVZPdCHXB4yJkNnBbTbHFZUYE=", hash="f9cDF/TDm7TkYRLnGwRMfeDzT6LixQVLvrIKhh0vgmM=", ext="response-specific"'
}
};
var artifacts = {
method: 'POST',
host: 'example.com',
port: '8080',
resource: '/resource/4?filter=a',
ts: '1362336900',
nonce: 'eb5S_L',
hash: 'nJjkVtBE5Y/Bk38Aiokwn0jiJxt/0S2WRSUwWLCf5xk=',
ext: 'some-app-data',
app: undefined,
dlg: undefined,
mac: 'BlmSe8K+pbKIb6YsZCnt4E1GrYvY1AaYayNR82dGpIk=',
id: '123456'
};
var credentials = {
id: '123456',
key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
algorithm: 'sha256',
user: 'steve'
};
expect(Hawk.client.authenticate(res, credentials, artifacts)).to.equal(true);
done();
});
it('fails on invalid WWW-Authenticate header format', function (done) {
var header = 'Hawk ts="1362346425875", tsm="PhwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", x="Stale timestamp"';
expect(Hawk.client.authenticate({ headers: { 'www-authenticate': header } }, {})).to.equal(false);
done();
});
it('fails on invalid WWW-Authenticate header format', function (done) {
var credentials = {
id: '123456',
key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
algorithm: 'sha256',
user: 'steve'
};
var header = 'Hawk ts="1362346425875", tsm="hwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", error="Stale timestamp"';
expect(Hawk.client.authenticate({ headers: { 'www-authenticate': header } }, credentials)).to.equal(false);
done();
});
it('skips tsm validation when missing ts', function (done) {
var header = 'Hawk error="Stale timestamp"';
expect(Hawk.client.authenticate({ headers: { 'www-authenticate': header } }, {})).to.equal(true);
done();
});
});
describe('message()', function () {
it('generates authorization', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha1'
};
var auth = Hawk.client.message('example.com', 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
expect(auth).to.exist();
expect(auth.ts).to.equal(1353809207);
expect(auth.nonce).to.equal('abc123');
done();
});
it('errors on invalid host', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha1'
};
var auth = Hawk.client.message(5, 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
expect(auth).to.not.exist();
done();
});
it('errors on invalid port', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha1'
};
var auth = Hawk.client.message('example.com', '80', 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
expect(auth).to.not.exist();
done();
});
it('errors on missing host', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha1'
};
var auth = Hawk.client.message('example.com', 0, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
expect(auth).to.not.exist();
done();
});
it('errors on null message', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha1'
};
var auth = Hawk.client.message('example.com', 80, null, { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
expect(auth).to.not.exist();
done();
});
it('errors on missing message', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha1'
};
var auth = Hawk.client.message('example.com', 80, undefined, { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
expect(auth).to.not.exist();
done();
});
it('errors on invalid message', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha1'
};
var auth = Hawk.client.message('example.com', 80, 5, { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
expect(auth).to.not.exist();
done();
});
it('errors on missing options', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha1'
};
var auth = Hawk.client.message('example.com', 80, 'I am the boodyman');
expect(auth).to.not.exist();
done();
});
it('errors on invalid credentials (id)', function (done) {
var credentials = {
key: '2983d45yun89q',
algorithm: 'sha1'
};
var auth = Hawk.client.message('example.com', 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
expect(auth).to.not.exist();
done();
});
it('errors on invalid credentials (key)', function (done) {
var credentials = {
id: '123456',
algorithm: 'sha1'
};
var auth = Hawk.client.message('example.com', 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
expect(auth).to.not.exist();
done();
});
});
});

70
node_modules/hawk/test/crypto.js generated vendored Normal file
View File

@ -0,0 +1,70 @@
// Load modules
var Code = require('code');
var Hawk = require('../lib');
var Lab = require('lab');
// Declare internals
var internals = {};
// Test shortcuts
var lab = exports.lab = Lab.script();
var describe = lab.experiment;
var it = lab.test;
var expect = Code.expect;
describe('Crypto', function () {
describe('generateNormalizedString()', function () {
it('should return a valid normalized string', function (done) {
expect(Hawk.crypto.generateNormalizedString('header', {
ts: 1357747017,
nonce: 'k3k4j5',
method: 'GET',
resource: '/resource/something',
host: 'example.com',
port: 8080
})).to.equal('hawk.1.header\n1357747017\nk3k4j5\nGET\n/resource/something\nexample.com\n8080\n\n\n');
done();
});
it('should return a valid normalized string (ext)', function (done) {
expect(Hawk.crypto.generateNormalizedString('header', {
ts: 1357747017,
nonce: 'k3k4j5',
method: 'GET',
resource: '/resource/something',
host: 'example.com',
port: 8080,
ext: 'this is some app data'
})).to.equal('hawk.1.header\n1357747017\nk3k4j5\nGET\n/resource/something\nexample.com\n8080\n\nthis is some app data\n');
done();
});
it('should return a valid normalized string (payload + ext)', function (done) {
expect(Hawk.crypto.generateNormalizedString('header', {
ts: 1357747017,
nonce: 'k3k4j5',
method: 'GET',
resource: '/resource/something',
host: 'example.com',
port: 8080,
hash: 'U4MKKSmiVxk37JCCrAVIjV/OhB3y+NdwoCr6RShbVkE=',
ext: 'this is some app data'
})).to.equal('hawk.1.header\n1357747017\nk3k4j5\nGET\n/resource/something\nexample.com\n8080\nU4MKKSmiVxk37JCCrAVIjV/OhB3y+NdwoCr6RShbVkE=\nthis is some app data\n');
done();
});
});
});

378
node_modules/hawk/test/index.js generated vendored Normal file
View File

@ -0,0 +1,378 @@
// Load modules
var Url = require('url');
var Code = require('code');
var Hawk = require('../lib');
var Lab = require('lab');
// Declare internals
var internals = {};
// Test shortcuts
var lab = exports.lab = Lab.script();
var describe = lab.experiment;
var it = lab.test;
var expect = Code.expect;
describe('Hawk', function () {
var credentialsFunc = function (id, callback) {
var credentials = {
id: id,
key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
algorithm: (id === '1' ? 'sha1' : 'sha256'),
user: 'steve'
};
return callback(null, credentials);
};
it('generates a header then successfully parse it (configuration)', function (done) {
var req = {
method: 'GET',
url: '/resource/4?filter=a',
host: 'example.com',
port: 8080
};
credentialsFunc('123456', function (err, credentials1) {
req.authorization = Hawk.client.header(Url.parse('http://example.com:8080/resource/4?filter=a'), req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
expect(req.authorization).to.exist();
Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
expect(artifacts.ext).to.equal('some-app-data');
done();
});
});
});
it('generates a header then successfully parse it (node request)', function (done) {
var req = {
method: 'POST',
url: '/resource/4?filter=a',
headers: {
host: 'example.com:8080',
'content-type': 'text/plain;x=y'
}
};
var payload = 'some not so random text';
credentialsFunc('123456', function (err, credentials1) {
var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
req.headers.authorization = reqHeader.field;
Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
expect(artifacts.ext).to.equal('some-app-data');
expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
var res = {
headers: {
'content-type': 'text/plain'
}
};
res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
expect(res.headers['server-authorization']).to.exist();
expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(true);
done();
});
});
});
it('generates a header then successfully parse it (absolute request uri)', function (done) {
var req = {
method: 'POST',
url: 'http://example.com:8080/resource/4?filter=a',
headers: {
host: 'example.com:8080',
'content-type': 'text/plain;x=y'
}
};
var payload = 'some not so random text';
credentialsFunc('123456', function (err, credentials1) {
var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
req.headers.authorization = reqHeader.field;
Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
expect(artifacts.ext).to.equal('some-app-data');
expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
var res = {
headers: {
'content-type': 'text/plain'
}
};
res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
expect(res.headers['server-authorization']).to.exist();
expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(true);
done();
});
});
});
it('generates a header then successfully parse it (no server header options)', function (done) {
var req = {
method: 'POST',
url: '/resource/4?filter=a',
headers: {
host: 'example.com:8080',
'content-type': 'text/plain;x=y'
}
};
var payload = 'some not so random text';
credentialsFunc('123456', function (err, credentials1) {
var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
req.headers.authorization = reqHeader.field;
Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
expect(artifacts.ext).to.equal('some-app-data');
expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
var res = {
headers: {
'content-type': 'text/plain'
}
};
res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts);
expect(res.headers['server-authorization']).to.exist();
expect(Hawk.client.authenticate(res, credentials2, artifacts)).to.equal(true);
done();
});
});
});
it('generates a header then fails to parse it (missing server header hash)', function (done) {
var req = {
method: 'POST',
url: '/resource/4?filter=a',
headers: {
host: 'example.com:8080',
'content-type': 'text/plain;x=y'
}
};
var payload = 'some not so random text';
credentialsFunc('123456', function (err, credentials1) {
var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
req.headers.authorization = reqHeader.field;
Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
expect(artifacts.ext).to.equal('some-app-data');
expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
var res = {
headers: {
'content-type': 'text/plain'
}
};
res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts);
expect(res.headers['server-authorization']).to.exist();
expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(false);
done();
});
});
});
it('generates a header then successfully parse it (with hash)', function (done) {
var req = {
method: 'GET',
url: '/resource/4?filter=a',
host: 'example.com',
port: 8080
};
credentialsFunc('123456', function (err, credentials1) {
req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
expect(artifacts.ext).to.equal('some-app-data');
done();
});
});
});
it('generates a header then successfully parse it then validate payload', function (done) {
var req = {
method: 'GET',
url: '/resource/4?filter=a',
host: 'example.com',
port: 8080
};
credentialsFunc('123456', function (err, credentials1) {
req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
expect(artifacts.ext).to.equal('some-app-data');
expect(Hawk.server.authenticatePayload('hola!', credentials2, artifacts)).to.be.true();
expect(Hawk.server.authenticatePayload('hello!', credentials2, artifacts)).to.be.false();
done();
});
});
});
it('generates a header then successfully parses and validates payload', function (done) {
var req = {
method: 'GET',
url: '/resource/4?filter=a',
host: 'example.com',
port: 8080
};
credentialsFunc('123456', function (err, credentials1) {
req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
Hawk.server.authenticate(req, credentialsFunc, { payload: 'hola!' }, function (err, credentials2, artifacts) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
expect(artifacts.ext).to.equal('some-app-data');
done();
});
});
});
it('generates a header then successfully parse it (app)', function (done) {
var req = {
method: 'GET',
url: '/resource/4?filter=a',
host: 'example.com',
port: 8080
};
credentialsFunc('123456', function (err, credentials1) {
req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased' }).field;
Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
expect(artifacts.ext).to.equal('some-app-data');
expect(artifacts.app).to.equal('asd23ased');
done();
});
});
});
it('generates a header then successfully parse it (app, dlg)', function (done) {
var req = {
method: 'GET',
url: '/resource/4?filter=a',
host: 'example.com',
port: 8080
};
credentialsFunc('123456', function (err, credentials1) {
req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased', dlg: '23434szr3q4d' }).field;
Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
expect(artifacts.ext).to.equal('some-app-data');
expect(artifacts.app).to.equal('asd23ased');
expect(artifacts.dlg).to.equal('23434szr3q4d');
done();
});
});
});
it('generates a header then fail authentication due to bad hash', function (done) {
var req = {
method: 'GET',
url: '/resource/4?filter=a',
host: 'example.com',
port: 8080
};
credentialsFunc('123456', function (err, credentials1) {
req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
Hawk.server.authenticate(req, credentialsFunc, { payload: 'byebye!' }, function (err, credentials2, artifacts) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Bad payload hash');
done();
});
});
});
it('generates a header for one resource then fail to authenticate another', function (done) {
var req = {
method: 'GET',
url: '/resource/4?filter=a',
host: 'example.com',
port: 8080
};
credentialsFunc('123456', function (err, credentials1) {
req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
req.url = '/something/else';
Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
expect(err).to.exist();
expect(credentials2).to.exist();
done();
});
});
});
});

95
node_modules/hawk/test/readme.js generated vendored Normal file
View File

@ -0,0 +1,95 @@
// Load modules
var Code = require('code');
var Hawk = require('../lib');
var Hoek = require('hoek');
var Lab = require('lab');
// Declare internals
var internals = {};
// Test shortcuts
var lab = exports.lab = Lab.script();
var describe = lab.experiment;
var it = lab.test;
var expect = Code.expect;
describe('README', function () {
describe('core', function () {
var credentials = {
id: 'dh37fgj492je',
key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
algorithm: 'sha256'
};
var options = {
credentials: credentials,
timestamp: 1353832234,
nonce: 'j4h3g2',
ext: 'some-app-ext-data'
};
it('should generate a header protocol example', function (done) {
var header = Hawk.client.header('http://example.com:8000/resource/1?b=1&a=2', 'GET', options).field;
expect(header).to.equal('Hawk id="dh37fgj492je", ts="1353832234", nonce="j4h3g2", ext="some-app-ext-data", mac="6R4rV5iE+NPoym+WwjeHzjAGXUtLNIxmo1vpMofpLAE="');
done();
});
it('should generate a normalized string protocol example', function (done) {
var normalized = Hawk.crypto.generateNormalizedString('header', {
credentials: credentials,
ts: options.timestamp,
nonce: options.nonce,
method: 'GET',
resource: '/resource?a=1&b=2',
host: 'example.com',
port: 8000,
ext: options.ext
});
expect(normalized).to.equal('hawk.1.header\n1353832234\nj4h3g2\nGET\n/resource?a=1&b=2\nexample.com\n8000\n\nsome-app-ext-data\n');
done();
});
var payloadOptions = Hoek.clone(options);
payloadOptions.payload = 'Thank you for flying Hawk';
payloadOptions.contentType = 'text/plain';
it('should generate a header protocol example (with payload)', function (done) {
var header = Hawk.client.header('http://example.com:8000/resource/1?b=1&a=2', 'POST', payloadOptions).field;
expect(header).to.equal('Hawk id="dh37fgj492je", ts="1353832234", nonce="j4h3g2", hash="Yi9LfIIFRtBEPt74PVmbTF/xVAwPn7ub15ePICfgnuY=", ext="some-app-ext-data", mac="aSe1DERmZuRl3pI36/9BdZmnErTw3sNzOOAUlfeKjVw="');
done();
});
it('should generate a normalized string protocol example (with payload)', function (done) {
var normalized = Hawk.crypto.generateNormalizedString('header', {
credentials: credentials,
ts: options.timestamp,
nonce: options.nonce,
method: 'POST',
resource: '/resource?a=1&b=2',
host: 'example.com',
port: 8000,
hash: Hawk.crypto.calculatePayloadHash(payloadOptions.payload, credentials.algorithm, payloadOptions.contentType),
ext: options.ext
});
expect(normalized).to.equal('hawk.1.header\n1353832234\nj4h3g2\nPOST\n/resource?a=1&b=2\nexample.com\n8000\nYi9LfIIFRtBEPt74PVmbTF/xVAwPn7ub15ePICfgnuY=\nsome-app-ext-data\n');
done();
});
});
});

1329
node_modules/hawk/test/server.js generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

838
node_modules/hawk/test/uri.js generated vendored Normal file
View File

@ -0,0 +1,838 @@
// Load modules
var Http = require('http');
var Url = require('url');
var Code = require('code');
var Hawk = require('../lib');
var Hoek = require('hoek');
var Lab = require('lab');
// Declare internals
var internals = {};
// Test shortcuts
var lab = exports.lab = Lab.script();
var describe = lab.experiment;
var it = lab.test;
var expect = Code.expect;
describe('Uri', function () {
var credentialsFunc = function (id, callback) {
var credentials = {
id: id,
key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
algorithm: (id === '1' ? 'sha1' : 'sha256'),
user: 'steve'
};
return callback(null, credentials);
};
it('should generate a bewit then successfully authenticate it', function (done) {
var req = {
method: 'GET',
url: '/resource/4?a=1&b=2',
host: 'example.com',
port: 80
};
credentialsFunc('123456', function (err, credentials1) {
var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100, ext: 'some-app-data' });
req.url += '&bewit=' + bewit;
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
expect(attributes.ext).to.equal('some-app-data');
done();
});
});
});
it('should generate a bewit then successfully authenticate it (no ext)', function (done) {
var req = {
method: 'GET',
url: '/resource/4?a=1&b=2',
host: 'example.com',
port: 80
};
credentialsFunc('123456', function (err, credentials1) {
var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100 });
req.url += '&bewit=' + bewit;
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
done();
});
});
});
it('should successfully authenticate a request (last param)', function (done) {
var req = {
method: 'GET',
url: '/resource/4?a=1&b=2&bewit=MTIzNDU2XDQ1MTE0ODQ2MjFcMzFjMmNkbUJFd1NJRVZDOVkva1NFb2c3d3YrdEVNWjZ3RXNmOGNHU2FXQT1cc29tZS1hcHAtZGF0YQ',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.not.exist();
expect(credentials.user).to.equal('steve');
expect(attributes.ext).to.equal('some-app-data');
done();
});
});
it('should successfully authenticate a request (first param)', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2MjFcMzFjMmNkbUJFd1NJRVZDOVkva1NFb2c3d3YrdEVNWjZ3RXNmOGNHU2FXQT1cc29tZS1hcHAtZGF0YQ&a=1&b=2',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.not.exist();
expect(credentials.user).to.equal('steve');
expect(attributes.ext).to.equal('some-app-data');
done();
});
});
it('should successfully authenticate a request (only param)', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2NDFcZm1CdkNWT3MvcElOTUUxSTIwbWhrejQ3UnBwTmo4Y1VrSHpQd3Q5OXJ1cz1cc29tZS1hcHAtZGF0YQ',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.not.exist();
expect(credentials.user).to.equal('steve');
expect(attributes.ext).to.equal('some-app-data');
done();
});
});
it('should fail on multiple authentication', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2NDFcZm1CdkNWT3MvcElOTUUxSTIwbWhrejQ3UnBwTmo4Y1VrSHpQd3Q5OXJ1cz1cc29tZS1hcHAtZGF0YQ',
host: 'example.com',
port: 8080,
authorization: 'Basic asdasdasdasd'
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Multiple authentications');
done();
});
});
it('should fail on method other than GET', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var req = {
method: 'POST',
url: '/resource/4?filter=a',
host: 'example.com',
port: 8080
};
var exp = Math.floor(Hawk.utils.now() / 1000) + 60;
var ext = 'some-app-data';
var mac = Hawk.crypto.calculateMac('bewit', credentials1, {
timestamp: exp,
nonce: '',
method: req.method,
resource: req.url,
host: req.host,
port: req.port,
ext: ext
});
var bewit = credentials1.id + '\\' + exp + '\\' + mac + '\\' + ext;
req.url += '&bewit=' + Hoek.base64urlEncode(bewit);
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Invalid method');
done();
});
});
});
it('should fail on invalid host header', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
headers: {
host: 'example.com:something'
}
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Invalid Host header');
done();
});
});
it('should fail on empty bewit', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Empty bewit');
expect(err.isMissing).to.not.exist();
done();
});
});
it('should fail on invalid bewit', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=*',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Invalid bewit encoding');
expect(err.isMissing).to.not.exist();
done();
});
});
it('should fail on missing bewit', function (done) {
var req = {
method: 'GET',
url: '/resource/4',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.not.exist();
expect(err.isMissing).to.equal(true);
done();
});
});
it('should fail on invalid bewit structure', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=abc',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Invalid bewit structure');
done();
});
});
it('should fail on empty bewit attribute', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=YVxcY1xk',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Missing bewit attributes');
done();
});
});
it('should fail on missing bewit id attribute', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=XDQ1NTIxNDc2MjJcK0JFbFhQMXhuWjcvd1Nrbm1ldGhlZm5vUTNHVjZNSlFVRHk4NWpTZVJ4VT1cc29tZS1hcHAtZGF0YQ',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Missing bewit attributes');
done();
});
});
it('should fail on expired access', function (done) {
var req = {
method: 'GET',
url: '/resource/4?a=1&b=2&bewit=MTIzNDU2XDEzNTY0MTg1ODNcWk1wZlMwWU5KNHV0WHpOMmRucTRydEk3NXNXTjFjeWVITTcrL0tNZFdVQT1cc29tZS1hcHAtZGF0YQ',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Access expired');
done();
});
});
it('should fail on credentials function error', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, function (id, callback) {
callback(Hawk.error.badRequest('Boom'));
}, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Boom');
done();
});
});
it('should fail on credentials function error with credentials', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, function (id, callback) {
callback(Hawk.error.badRequest('Boom'), { some: 'value' });
}, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Boom');
expect(credentials.some).to.equal('value');
done();
});
});
it('should fail on null credentials function response', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, function (id, callback) {
callback(null, null);
}, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Unknown credentials');
done();
});
});
it('should fail on invalid credentials function response', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, function (id, callback) {
callback(null, {});
}, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.message).to.equal('Invalid credentials');
done();
});
});
it('should fail on invalid credentials function response (unknown algorithm)', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, function (id, callback) {
callback(null, { key: 'xxx', algorithm: 'xxx' });
}, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.message).to.equal('Unknown algorithm');
done();
});
});
it('should fail on expired access', function (done) {
var req = {
method: 'GET',
url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
host: 'example.com',
port: 8080
};
Hawk.uri.authenticate(req, function (id, callback) {
callback(null, { key: 'xxx', algorithm: 'sha256' });
}, {}, function (err, credentials, attributes) {
expect(err).to.exist();
expect(err.output.payload.message).to.equal('Bad mac');
done();
});
});
describe('getBewit()', function () {
it('returns a valid bewit value', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdca3NjeHdOUjJ0SnBQMVQxekRMTlBiQjVVaUtJVTl0T1NKWFRVZEc3WDloOD1ceGFuZHlhbmR6');
done();
});
it('returns a valid bewit value (explicit port)', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var bewit = Hawk.uri.getBewit('https://example.com:8080/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcaFpiSjNQMmNLRW80a3kwQzhqa1pBa1J5Q1p1ZWc0V1NOYnhWN3ZxM3hIVT1ceGFuZHlhbmR6');
done();
});
it('returns a valid bewit value (null ext)', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: null });
expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcSUdZbUxnSXFMckNlOEN4dktQczRKbFdJQStValdKSm91d2dBUmlWaENBZz1c');
done();
});
it('returns a valid bewit value (parsed uri)', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var bewit = Hawk.uri.getBewit(Url.parse('https://example.com/somewhere/over/the/rainbow'), { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdca3NjeHdOUjJ0SnBQMVQxekRMTlBiQjVVaUtJVTl0T1NKWFRVZEc3WDloOD1ceGFuZHlhbmR6');
done();
});
it('errors on invalid options', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', 4);
expect(bewit).to.equal('');
done();
});
it('errors on missing uri', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var bewit = Hawk.uri.getBewit('', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
expect(bewit).to.equal('');
done();
});
it('errors on invalid uri', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'sha256'
};
var bewit = Hawk.uri.getBewit(5, { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
expect(bewit).to.equal('');
done();
});
it('errors on invalid credentials (id)', function (done) {
var credentials = {
key: '2983d45yun89q',
algorithm: 'sha256'
};
var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
expect(bewit).to.equal('');
done();
});
it('errors on missing credentials', function (done) {
var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { ttlSec: 3000, ext: 'xandyandz' });
expect(bewit).to.equal('');
done();
});
it('errors on invalid credentials (key)', function (done) {
var credentials = {
id: '123456',
algorithm: 'sha256'
};
var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
expect(bewit).to.equal('');
done();
});
it('errors on invalid algorithm', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'hmac-sha-0'
};
var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, ext: 'xandyandz' });
expect(bewit).to.equal('');
done();
});
it('errors on missing options', function (done) {
var credentials = {
id: '123456',
key: '2983d45yun89q',
algorithm: 'hmac-sha-0'
};
var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow');
expect(bewit).to.equal('');
done();
});
});
describe('authenticateMessage()', function () {
it('should generate an authorization then successfully parse it', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
expect(auth).to.exist();
Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
expect(err).to.not.exist();
expect(credentials2.user).to.equal('steve');
done();
});
});
});
it('should fail authorization on mismatching host', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
expect(auth).to.exist();
Hawk.server.authenticateMessage('example1.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
expect(err).to.exist();
expect(err.message).to.equal('Bad mac');
done();
});
});
});
it('should fail authorization on stale timestamp', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
expect(auth).to.exist();
Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { localtimeOffsetMsec: 100000 }, function (err, credentials2) {
expect(err).to.exist();
expect(err.message).to.equal('Stale timestamp');
done();
});
});
});
it('overrides timestampSkewSec', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1, localtimeOffsetMsec: 100000 });
expect(auth).to.exist();
Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { timestampSkewSec: 500 }, function (err, credentials2) {
expect(err).to.not.exist();
done();
});
});
});
it('should fail authorization on invalid authorization', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
expect(auth).to.exist();
delete auth.id;
Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
expect(err).to.exist();
expect(err.message).to.equal('Invalid authorization');
done();
});
});
});
it('should fail authorization on bad hash', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
expect(auth).to.exist();
Hawk.server.authenticateMessage('example.com', 8080, 'some message1', auth, credentialsFunc, {}, function (err, credentials2) {
expect(err).to.exist();
expect(err.message).to.equal('Bad message hash');
done();
});
});
});
it('should fail authorization on nonce error', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
expect(auth).to.exist();
Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {
nonceFunc: function (key, nonce, ts, callback) {
callback(new Error('kaboom'));
}
}, function (err, credentials2) {
expect(err).to.exist();
expect(err.message).to.equal('Invalid nonce');
done();
});
});
});
it('should fail authorization on credentials error', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
expect(auth).to.exist();
var errFunc = function (id, callback) {
callback(new Error('kablooey'));
};
Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
expect(err).to.exist();
expect(err.message).to.equal('kablooey');
done();
});
});
});
it('should fail authorization on missing credentials', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
expect(auth).to.exist();
var errFunc = function (id, callback) {
callback();
};
Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
expect(err).to.exist();
expect(err.message).to.equal('Unknown credentials');
done();
});
});
});
it('should fail authorization on invalid credentials', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
expect(auth).to.exist();
var errFunc = function (id, callback) {
callback(null, {});
};
Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
expect(err).to.exist();
expect(err.message).to.equal('Invalid credentials');
done();
});
});
});
it('should fail authorization on invalid credentials algorithm', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
expect(auth).to.exist();
var errFunc = function (id, callback) {
callback(null, { key: '123', algorithm: '456' });
};
Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
expect(err).to.exist();
expect(err.message).to.equal('Unknown algorithm');
done();
});
});
});
it('should fail on missing host', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var auth = Hawk.client.message(null, 8080, 'some message', { credentials: credentials1 });
expect(auth).to.not.exist();
done();
});
});
it('should fail on missing credentials', function (done) {
var auth = Hawk.client.message('example.com', 8080, 'some message', {});
expect(auth).to.not.exist();
done();
});
it('should fail on invalid algorithm', function (done) {
credentialsFunc('123456', function (err, credentials1) {
var creds = Hoek.clone(credentials1);
creds.algorithm = 'blah';
var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: creds });
expect(auth).to.not.exist();
done();
});
});
});
});

149
node_modules/hawk/test/utils.js generated vendored Normal file
View File

@ -0,0 +1,149 @@
// Load modules
var Code = require('code');
var Hawk = require('../lib');
var Lab = require('lab');
var Package = require('../package.json');
// Declare internals
var internals = {};
// Test shortcuts
var lab = exports.lab = Lab.script();
var describe = lab.experiment;
var it = lab.test;
var expect = Code.expect;
describe('Utils', function () {
describe('parseHost()', function () {
it('returns port 80 for non tls node request', function (done) {
var req = {
method: 'POST',
url: '/resource/4?filter=a',
headers: {
host: 'example.com',
'content-type': 'text/plain;x=y'
}
};
expect(Hawk.utils.parseHost(req, 'Host').port).to.equal(80);
done();
});
it('returns port 443 for non tls node request', function (done) {
var req = {
method: 'POST',
url: '/resource/4?filter=a',
headers: {
host: 'example.com',
'content-type': 'text/plain;x=y'
},
connection: {
encrypted: true
}
};
expect(Hawk.utils.parseHost(req, 'Host').port).to.equal(443);
done();
});
it('returns port 443 for non tls node request (IPv6)', function (done) {
var req = {
method: 'POST',
url: '/resource/4?filter=a',
headers: {
host: '[123:123:123]',
'content-type': 'text/plain;x=y'
},
connection: {
encrypted: true
}
};
expect(Hawk.utils.parseHost(req, 'Host').port).to.equal(443);
done();
});
it('parses IPv6 headers', function (done) {
var req = {
method: 'POST',
url: '/resource/4?filter=a',
headers: {
host: '[123:123:123]:8000',
'content-type': 'text/plain;x=y'
},
connection: {
encrypted: true
}
};
var host = Hawk.utils.parseHost(req, 'Host');
expect(host.port).to.equal('8000');
expect(host.name).to.equal('[123:123:123]');
done();
});
it('errors on header too long', function (done) {
var long = '';
for (var i = 0; i < 5000; ++i) {
long += 'x';
}
expect(Hawk.utils.parseHost({ headers: { host: long } })).to.be.null();
done();
});
});
describe('parseAuthorizationHeader()', function () {
it('errors on header too long', function (done) {
var long = 'Scheme a="';
for (var i = 0; i < 5000; ++i) {
long += 'x';
}
long += '"';
var err = Hawk.utils.parseAuthorizationHeader(long, ['a']);
expect(err).to.be.instanceof(Error);
expect(err.message).to.equal('Header length too long');
done();
});
});
describe('version()', function () {
it('returns the correct package version number', function (done) {
expect(Hawk.utils.version()).to.equal(Package.version);
done();
});
});
describe('unauthorized()', function () {
it('returns a hawk 401', function (done) {
expect(Hawk.utils.unauthorized('kaboom').output.headers['WWW-Authenticate']).to.equal('Hawk error="kaboom"');
done();
});
it('supports attributes', function (done) {
expect(Hawk.utils.unauthorized('kaboom', { a: 'b' }).output.headers['WWW-Authenticate']).to.equal('Hawk a="b", error="kaboom"');
done();
});
});
});