3 var Url = require('url');
\r
4 var Code = require('code');
\r
5 var Hawk = require('../lib');
\r
6 var Hoek = require('hoek');
\r
7 var Lab = require('lab');
\r
8 var Browser = require('../lib/browser');
\r
11 // Declare internals
\r
18 var lab = exports.lab = Lab.script();
\r
19 var describe = lab.experiment;
\r
21 var expect = Code.expect;
\r
24 describe('Browser', function () {
\r
26 var credentialsFunc = function (id, callback) {
\r
30 key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
\r
31 algorithm: (id === '1' ? 'sha1' : 'sha256'),
\r
35 return callback(null, credentials);
\r
38 it('should generate a bewit then successfully authenticate it', function (done) {
\r
42 url: '/resource/4?a=1&b=2',
\r
43 host: 'example.com',
\r
47 credentialsFunc('123456', function (err, credentials1) {
\r
49 var bewit = Browser.client.bewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100, ext: 'some-app-data' });
\r
50 req.url += '&bewit=' + bewit;
\r
52 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
\r
54 expect(err).to.not.exist();
\r
55 expect(credentials2.user).to.equal('steve');
\r
56 expect(attributes.ext).to.equal('some-app-data');
\r
62 it('should generate a bewit then successfully authenticate it (no ext)', function (done) {
\r
66 url: '/resource/4?a=1&b=2',
\r
67 host: 'example.com',
\r
71 credentialsFunc('123456', function (err, credentials1) {
\r
73 var bewit = Browser.client.bewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100 });
\r
74 req.url += '&bewit=' + bewit;
\r
76 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
\r
78 expect(err).to.not.exist();
\r
79 expect(credentials2.user).to.equal('steve');
\r
85 describe('bewit()', function () {
\r
87 it('returns a valid bewit value', function (done) {
\r
91 key: '2983d45yun89q',
\r
95 var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
\r
96 expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdca3NjeHdOUjJ0SnBQMVQxekRMTlBiQjVVaUtJVTl0T1NKWFRVZEc3WDloOD1ceGFuZHlhbmR6');
\r
100 it('returns a valid bewit value (explicit HTTP port)', function (done) {
\r
102 var credentials = {
\r
104 key: '2983d45yun89q',
\r
105 algorithm: 'sha256'
\r
108 var bewit = Browser.client.bewit('http://example.com:8080/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
\r
109 expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcaFpiSjNQMmNLRW80a3kwQzhqa1pBa1J5Q1p1ZWc0V1NOYnhWN3ZxM3hIVT1ceGFuZHlhbmR6');
\r
113 it('returns a valid bewit value (explicit HTTPS port)', function (done) {
\r
115 var credentials = {
\r
117 key: '2983d45yun89q',
\r
118 algorithm: 'sha256'
\r
121 var bewit = Browser.client.bewit('https://example.com:8043/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
\r
122 expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcL2t4UjhwK0xSaTdvQTRnUXc3cWlxa3BiVHRKYkR4OEtRMC9HRUwvVytTUT1ceGFuZHlhbmR6');
\r
126 it('returns a valid bewit value (null ext)', function (done) {
\r
128 var credentials = {
\r
130 key: '2983d45yun89q',
\r
131 algorithm: 'sha256'
\r
134 var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: null });
\r
135 expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcSUdZbUxnSXFMckNlOEN4dktQczRKbFdJQStValdKSm91d2dBUmlWaENBZz1c');
\r
139 it('errors on invalid options', function (done) {
\r
141 var credentials = {
\r
143 key: '2983d45yun89q',
\r
144 algorithm: 'sha256'
\r
147 var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', 4);
\r
148 expect(bewit).to.equal('');
\r
152 it('errors on missing uri', function (done) {
\r
154 var credentials = {
\r
156 key: '2983d45yun89q',
\r
157 algorithm: 'sha256'
\r
160 var bewit = Browser.client.bewit('', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
\r
161 expect(bewit).to.equal('');
\r
165 it('errors on invalid uri', function (done) {
\r
167 var credentials = {
\r
169 key: '2983d45yun89q',
\r
170 algorithm: 'sha256'
\r
173 var bewit = Browser.client.bewit(5, { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
\r
174 expect(bewit).to.equal('');
\r
178 it('errors on invalid credentials (id)', function (done) {
\r
180 var credentials = {
\r
181 key: '2983d45yun89q',
\r
182 algorithm: 'sha256'
\r
185 var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
\r
186 expect(bewit).to.equal('');
\r
190 it('errors on missing credentials', function (done) {
\r
192 var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { ttlSec: 3000, ext: 'xandyandz' });
\r
193 expect(bewit).to.equal('');
\r
197 it('errors on invalid credentials (key)', function (done) {
\r
199 var credentials = {
\r
201 algorithm: 'sha256'
\r
204 var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
\r
205 expect(bewit).to.equal('');
\r
209 it('errors on invalid algorithm', function (done) {
\r
211 var credentials = {
\r
213 key: '2983d45yun89q',
\r
214 algorithm: 'hmac-sha-0'
\r
217 var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, ext: 'xandyandz' });
\r
218 expect(bewit).to.equal('');
\r
222 it('errors on missing options', function (done) {
\r
224 var credentials = {
\r
226 key: '2983d45yun89q',
\r
227 algorithm: 'hmac-sha-0'
\r
230 var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow');
\r
231 expect(bewit).to.equal('');
\r
236 it('generates a header then successfully parse it (configuration)', function (done) {
\r
240 url: '/resource/4?filter=a',
\r
241 host: 'example.com',
\r
245 credentialsFunc('123456', function (err, credentials1) {
\r
247 req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
\r
248 expect(req.authorization).to.exist();
\r
250 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
252 expect(err).to.not.exist();
\r
253 expect(credentials2.user).to.equal('steve');
\r
254 expect(artifacts.ext).to.equal('some-app-data');
\r
260 it('generates a header then successfully parse it (node request)', function (done) {
\r
264 url: '/resource/4?filter=a',
\r
266 host: 'example.com:8080',
\r
267 'content-type': 'text/plain;x=y'
\r
271 var payload = 'some not so random text';
\r
273 credentialsFunc('123456', function (err, credentials1) {
\r
275 var reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
\r
276 req.headers.authorization = reqHeader.field;
\r
278 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
280 expect(err).to.not.exist();
\r
281 expect(credentials2.user).to.equal('steve');
\r
282 expect(artifacts.ext).to.equal('some-app-data');
\r
283 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
\r
287 'content-type': 'text/plain'
\r
289 getResponseHeader: function (header) {
\r
291 return res.headers[header.toLowerCase()];
\r
295 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
\r
296 expect(res.headers['server-authorization']).to.exist();
\r
298 expect(Browser.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(true);
\r
304 it('generates a header then successfully parse it (browserify)', function (done) {
\r
308 url: '/resource/4?filter=a',
\r
310 host: 'example.com:8080',
\r
311 'content-type': 'text/plain;x=y'
\r
315 var payload = 'some not so random text';
\r
317 credentialsFunc('123456', function (err, credentials1) {
\r
319 var reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
\r
320 req.headers.authorization = reqHeader.field;
\r
322 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
324 expect(err).to.not.exist();
\r
325 expect(credentials2.user).to.equal('steve');
\r
326 expect(artifacts.ext).to.equal('some-app-data');
\r
327 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
\r
331 'content-type': 'text/plain'
\r
333 getHeader: function (header) {
\r
335 return res.headers[header.toLowerCase()];
\r
339 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
\r
340 expect(res.headers['server-authorization']).to.exist();
\r
342 expect(Browser.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(true);
\r
348 it('generates a header then successfully parse it (time offset)', function (done) {
\r
352 url: '/resource/4?filter=a',
\r
353 host: 'example.com',
\r
357 credentialsFunc('123456', function (err, credentials1) {
\r
359 req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', localtimeOffsetMsec: 100000 }).field;
\r
360 expect(req.authorization).to.exist();
\r
362 Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 100000 }, function (err, credentials2, artifacts) {
\r
364 expect(err).to.not.exist();
\r
365 expect(credentials2.user).to.equal('steve');
\r
366 expect(artifacts.ext).to.equal('some-app-data');
\r
372 it('generates a header then successfully parse it (no server header options)', function (done) {
\r
376 url: '/resource/4?filter=a',
\r
378 host: 'example.com:8080',
\r
379 'content-type': 'text/plain;x=y'
\r
383 var payload = 'some not so random text';
\r
385 credentialsFunc('123456', function (err, credentials1) {
\r
387 var reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
\r
388 req.headers.authorization = reqHeader.field;
\r
390 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
392 expect(err).to.not.exist();
\r
393 expect(credentials2.user).to.equal('steve');
\r
394 expect(artifacts.ext).to.equal('some-app-data');
\r
395 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
\r
399 'content-type': 'text/plain'
\r
401 getResponseHeader: function (header) {
\r
403 return res.headers[header.toLowerCase()];
\r
407 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts);
\r
408 expect(res.headers['server-authorization']).to.exist();
\r
410 expect(Browser.client.authenticate(res, credentials2, artifacts)).to.equal(true);
\r
416 it('generates a header then successfully parse it (no server header)', function (done) {
\r
420 url: '/resource/4?filter=a',
\r
422 host: 'example.com:8080',
\r
423 'content-type': 'text/plain;x=y'
\r
427 var payload = 'some not so random text';
\r
429 credentialsFunc('123456', function (err, credentials1) {
\r
431 var reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
\r
432 req.headers.authorization = reqHeader.field;
\r
434 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
436 expect(err).to.not.exist();
\r
437 expect(credentials2.user).to.equal('steve');
\r
438 expect(artifacts.ext).to.equal('some-app-data');
\r
439 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
\r
443 'content-type': 'text/plain'
\r
445 getResponseHeader: function (header) {
\r
447 return res.headers[header.toLowerCase()];
\r
451 expect(Browser.client.authenticate(res, credentials2, artifacts)).to.equal(true);
\r
457 it('generates a header with stale ts and successfully authenticate on second call', function (done) {
\r
461 url: '/resource/4?filter=a',
\r
462 host: 'example.com',
\r
466 credentialsFunc('123456', function (err, credentials1) {
\r
468 Browser.utils.setNtpOffset(60 * 60 * 1000);
\r
469 var header = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' });
\r
470 req.authorization = header.field;
\r
471 expect(req.authorization).to.exist();
\r
473 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts2) {
\r
475 expect(err).to.exist();
\r
476 expect(err.message).to.equal('Stale timestamp');
\r
480 'www-authenticate': err.output.headers['WWW-Authenticate']
\r
482 getResponseHeader: function (lookup) {
\r
484 return res.headers[lookup.toLowerCase()];
\r
488 expect(Browser.utils.getNtpOffset()).to.equal(60 * 60 * 1000);
\r
489 expect(Browser.client.authenticate(res, credentials2, header.artifacts)).to.equal(true);
\r
490 expect(Browser.utils.getNtpOffset()).to.equal(0);
\r
492 req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials2, ext: 'some-app-data' }).field;
\r
493 expect(req.authorization).to.exist();
\r
495 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials3, artifacts3) {
\r
497 expect(err).to.not.exist();
\r
498 expect(credentials3.user).to.equal('steve');
\r
499 expect(artifacts3.ext).to.equal('some-app-data');
\r
506 it('generates a header with stale ts and successfully authenticate on second call (manual localStorage)', function (done) {
\r
510 url: '/resource/4?filter=a',
\r
511 host: 'example.com',
\r
515 credentialsFunc('123456', function (err, credentials1) {
\r
517 var localStorage = new Browser.internals.LocalStorage();
\r
519 Browser.utils.setStorage(localStorage);
\r
521 Browser.utils.setNtpOffset(60 * 60 * 1000);
\r
522 var header = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' });
\r
523 req.authorization = header.field;
\r
524 expect(req.authorization).to.exist();
\r
526 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts2) {
\r
528 expect(err).to.exist();
\r
529 expect(err.message).to.equal('Stale timestamp');
\r
533 'www-authenticate': err.output.headers['WWW-Authenticate']
\r
535 getResponseHeader: function (lookup) {
\r
537 return res.headers[lookup.toLowerCase()];
\r
541 expect(parseInt(localStorage.getItem('hawk_ntp_offset'))).to.equal(60 * 60 * 1000);
\r
542 expect(Browser.utils.getNtpOffset()).to.equal(60 * 60 * 1000);
\r
543 expect(Browser.client.authenticate(res, credentials2, header.artifacts)).to.equal(true);
\r
544 expect(Browser.utils.getNtpOffset()).to.equal(0);
\r
545 expect(parseInt(localStorage.getItem('hawk_ntp_offset'))).to.equal(0);
\r
547 req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials2, ext: 'some-app-data' }).field;
\r
548 expect(req.authorization).to.exist();
\r
550 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials3, artifacts3) {
\r
552 expect(err).to.not.exist();
\r
553 expect(credentials3.user).to.equal('steve');
\r
554 expect(artifacts3.ext).to.equal('some-app-data');
\r
561 it('generates a header then fails to parse it (missing server header hash)', function (done) {
\r
565 url: '/resource/4?filter=a',
\r
567 host: 'example.com:8080',
\r
568 'content-type': 'text/plain;x=y'
\r
572 var payload = 'some not so random text';
\r
574 credentialsFunc('123456', function (err, credentials1) {
\r
576 var reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
\r
577 req.headers.authorization = reqHeader.field;
\r
579 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
581 expect(err).to.not.exist();
\r
582 expect(credentials2.user).to.equal('steve');
\r
583 expect(artifacts.ext).to.equal('some-app-data');
\r
584 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
\r
588 'content-type': 'text/plain'
\r
590 getResponseHeader: function (header) {
\r
592 return res.headers[header.toLowerCase()];
\r
596 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts);
\r
597 expect(res.headers['server-authorization']).to.exist();
\r
599 expect(Browser.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(false);
\r
605 it('generates a header then successfully parse it (with hash)', function (done) {
\r
609 url: '/resource/4?filter=a',
\r
610 host: 'example.com',
\r
614 credentialsFunc('123456', function (err, credentials1) {
\r
616 req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
\r
617 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
619 expect(err).to.not.exist();
\r
620 expect(credentials2.user).to.equal('steve');
\r
621 expect(artifacts.ext).to.equal('some-app-data');
\r
627 it('generates a header then successfully parse it then validate payload', function (done) {
\r
631 url: '/resource/4?filter=a',
\r
632 host: 'example.com',
\r
636 credentialsFunc('123456', function (err, credentials1) {
\r
638 req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
\r
639 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
641 expect(err).to.not.exist();
\r
642 expect(credentials2.user).to.equal('steve');
\r
643 expect(artifacts.ext).to.equal('some-app-data');
\r
644 expect(Hawk.server.authenticatePayload('hola!', credentials2, artifacts)).to.be.true();
\r
645 expect(Hawk.server.authenticatePayload('hello!', credentials2, artifacts)).to.be.false();
\r
651 it('generates a header then successfully parse it (app)', function (done) {
\r
655 url: '/resource/4?filter=a',
\r
656 host: 'example.com',
\r
660 credentialsFunc('123456', function (err, credentials1) {
\r
662 req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased' }).field;
\r
663 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
665 expect(err).to.not.exist();
\r
666 expect(credentials2.user).to.equal('steve');
\r
667 expect(artifacts.ext).to.equal('some-app-data');
\r
668 expect(artifacts.app).to.equal('asd23ased');
\r
674 it('generates a header then successfully parse it (app, dlg)', function (done) {
\r
678 url: '/resource/4?filter=a',
\r
679 host: 'example.com',
\r
683 credentialsFunc('123456', function (err, credentials1) {
\r
685 req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased', dlg: '23434szr3q4d' }).field;
\r
686 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
688 expect(err).to.not.exist();
\r
689 expect(credentials2.user).to.equal('steve');
\r
690 expect(artifacts.ext).to.equal('some-app-data');
\r
691 expect(artifacts.app).to.equal('asd23ased');
\r
692 expect(artifacts.dlg).to.equal('23434szr3q4d');
\r
698 it('generates a header then fail authentication due to bad hash', function (done) {
\r
702 url: '/resource/4?filter=a',
\r
703 host: 'example.com',
\r
707 credentialsFunc('123456', function (err, credentials1) {
\r
709 req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
\r
710 Hawk.server.authenticate(req, credentialsFunc, { payload: 'byebye!' }, function (err, credentials2, artifacts) {
\r
712 expect(err).to.exist();
\r
713 expect(err.output.payload.message).to.equal('Bad payload hash');
\r
719 it('generates a header for one resource then fail to authenticate another', function (done) {
\r
723 url: '/resource/4?filter=a',
\r
724 host: 'example.com',
\r
728 credentialsFunc('123456', function (err, credentials1) {
\r
730 req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
\r
731 req.url = '/something/else';
\r
733 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
735 expect(err).to.exist();
\r
736 expect(credentials2).to.exist();
\r
742 describe('client', function () {
\r
744 describe('header()', function () {
\r
746 it('returns a valid authorization header (sha1)', function (done) {
\r
748 var credentials = {
\r
750 key: '2983d45yun89q',
\r
754 var header = Browser.client.header('http://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about' }).field;
\r
755 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="bsvY3IfUllw6V5rvk4tStEvpBhE=", ext="Bazinga!", mac="qbf1ZPG/r/e06F4ht+T77LXi5vw="');
\r
759 it('returns a valid authorization header (sha256)', function (done) {
\r
761 var credentials = {
\r
763 key: '2983d45yun89q',
\r
764 algorithm: 'sha256'
\r
767 var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
\r
768 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", ext="Bazinga!", mac="q1CwFoSHzPZSkbIvl0oYlD+91rBUEvFk763nMjMndj8="');
\r
772 it('returns a valid authorization header (empty payload)', function (done) {
\r
774 var credentials = {
\r
776 key: '2983d45yun89q',
\r
780 var header = Browser.client.header('http://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: '' }).field;
\r
781 expect(header).to.equal('Hawk id=\"123456\", ts=\"1353809207\", nonce=\"Ygvqdz\", hash=\"404ghL7K+hfyhByKKejFBRGgTjU=\", ext=\"Bazinga!\", mac=\"Bh1sj1DOfFRWOdi3ww52nLCJdBE=\"');
\r
785 it('returns a valid authorization header (no ext)', function (done) {
\r
787 var credentials = {
\r
789 key: '2983d45yun89q',
\r
790 algorithm: 'sha256'
\r
793 var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
\r
794 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
\r
798 it('returns a valid authorization header (null ext)', function (done) {
\r
800 var credentials = {
\r
802 key: '2983d45yun89q',
\r
803 algorithm: 'sha256'
\r
806 var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain', ext: null }).field;
\r
807 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
\r
811 it('returns a valid authorization header (uri object)', function (done) {
\r
813 var credentials = {
\r
815 key: '2983d45yun89q',
\r
816 algorithm: 'sha256'
\r
819 var uri = Browser.utils.parseUri('https://example.net/somewhere/over/the/rainbow');
\r
820 var header = Browser.client.header(uri, 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
\r
821 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
\r
825 it('errors on missing options', function (done) {
\r
827 var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST');
\r
828 expect(header.field).to.equal('');
\r
829 expect(header.err).to.equal('Invalid argument type');
\r
833 it('errors on empty uri', function (done) {
\r
835 var credentials = {
\r
837 key: '2983d45yun89q',
\r
838 algorithm: 'sha256'
\r
841 var header = Browser.client.header('', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
\r
842 expect(header.field).to.equal('');
\r
843 expect(header.err).to.equal('Invalid argument type');
\r
847 it('errors on invalid uri', function (done) {
\r
849 var credentials = {
\r
851 key: '2983d45yun89q',
\r
852 algorithm: 'sha256'
\r
855 var header = Browser.client.header(4, 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
\r
856 expect(header.field).to.equal('');
\r
857 expect(header.err).to.equal('Invalid argument type');
\r
861 it('errors on missing method', function (done) {
\r
863 var credentials = {
\r
865 key: '2983d45yun89q',
\r
866 algorithm: 'sha256'
\r
869 var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', '', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
\r
870 expect(header.field).to.equal('');
\r
871 expect(header.err).to.equal('Invalid argument type');
\r
875 it('errors on invalid method', function (done) {
\r
877 var credentials = {
\r
879 key: '2983d45yun89q',
\r
880 algorithm: 'sha256'
\r
883 var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 5, { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
\r
884 expect(header.field).to.equal('');
\r
885 expect(header.err).to.equal('Invalid argument type');
\r
889 it('errors on missing credentials', function (done) {
\r
891 var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { ext: 'Bazinga!', timestamp: 1353809207 });
\r
892 expect(header.field).to.equal('');
\r
893 expect(header.err).to.equal('Invalid credentials object');
\r
897 it('errors on invalid credentials (id)', function (done) {
\r
899 var credentials = {
\r
900 key: '2983d45yun89q',
\r
901 algorithm: 'sha256'
\r
904 var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
\r
905 expect(header.field).to.equal('');
\r
906 expect(header.err).to.equal('Invalid credentials object');
\r
910 it('errors on invalid credentials (key)', function (done) {
\r
912 var credentials = {
\r
914 algorithm: 'sha256'
\r
917 var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
\r
918 expect(header.field).to.equal('');
\r
919 expect(header.err).to.equal('Invalid credentials object');
\r
923 it('errors on invalid algorithm', function (done) {
\r
925 var credentials = {
\r
927 key: '2983d45yun89q',
\r
928 algorithm: 'hmac-sha-0'
\r
931 var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, payload: 'something, anything!', ext: 'Bazinga!', timestamp: 1353809207 });
\r
932 expect(header.field).to.equal('');
\r
933 expect(header.err).to.equal('Unknown algorithm');
\r
937 it('uses a pre-calculated payload hash', function (done) {
\r
939 var credentials = {
\r
941 key: '2983d45yun89q',
\r
942 algorithm: 'sha256'
\r
945 var options = { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' };
\r
946 options.hash = Browser.crypto.calculatePayloadHash(options.payload, credentials.algorithm, options.contentType);
\r
947 var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', options).field;
\r
948 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", ext="Bazinga!", mac="q1CwFoSHzPZSkbIvl0oYlD+91rBUEvFk763nMjMndj8="');
\r
953 describe('authenticate()', function () {
\r
955 it('skips tsm validation when missing ts', function (done) {
\r
959 'www-authenticate': 'Hawk error="Stale timestamp"'
\r
961 getResponseHeader: function (header) {
\r
963 return res.headers[header.toLowerCase()];
\r
967 var credentials = {
\r
969 key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
\r
970 algorithm: 'sha256',
\r
978 resource: '/resource/4?filter=a',
\r
979 host: 'example.com',
\r
981 ext: 'some-app-data'
\r
984 expect(Browser.client.authenticate(res, credentials, artifacts)).to.equal(true);
\r
988 it('returns false on invalid header', function (done) {
\r
992 'server-authorization': 'Hawk mac="abc", bad="xyz"'
\r
994 getResponseHeader: function (header) {
\r
996 return res.headers[header.toLowerCase()];
\r
1000 expect(Browser.client.authenticate(res, {})).to.equal(false);
\r
1004 it('returns false on invalid mac', function (done) {
\r
1008 'content-type': 'text/plain',
\r
1009 'server-authorization': 'Hawk mac="_IJRsMl/4oL+nn+vKoeVZPdCHXB4yJkNnBbTbHFZUYE=", hash="f9cDF/TDm7TkYRLnGwRMfeDzT6LixQVLvrIKhh0vgmM=", ext="response-specific"'
\r
1011 getResponseHeader: function (header) {
\r
1013 return res.headers[header.toLowerCase()];
\r
1019 host: 'example.com',
\r
1021 resource: '/resource/4?filter=a',
\r
1024 hash: 'nJjkVtBE5Y/Bk38Aiokwn0jiJxt/0S2WRSUwWLCf5xk=',
\r
1025 ext: 'some-app-data',
\r
1028 mac: 'BlmSe8K+pbKIb6YsZCnt4E1GrYvY1AaYayNR82dGpIk=',
\r
1032 var credentials = {
\r
1034 key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
\r
1035 algorithm: 'sha256',
\r
1039 expect(Browser.client.authenticate(res, credentials, artifacts)).to.equal(false);
\r
1043 it('returns true on ignoring hash', function (done) {
\r
1047 'content-type': 'text/plain',
\r
1048 'server-authorization': 'Hawk mac="XIJRsMl/4oL+nn+vKoeVZPdCHXB4yJkNnBbTbHFZUYE=", hash="f9cDF/TDm7TkYRLnGwRMfeDzT6LixQVLvrIKhh0vgmM=", ext="response-specific"'
\r
1050 getResponseHeader: function (header) {
\r
1052 return res.headers[header.toLowerCase()];
\r
1058 host: 'example.com',
\r
1060 resource: '/resource/4?filter=a',
\r
1063 hash: 'nJjkVtBE5Y/Bk38Aiokwn0jiJxt/0S2WRSUwWLCf5xk=',
\r
1064 ext: 'some-app-data',
\r
1067 mac: 'BlmSe8K+pbKIb6YsZCnt4E1GrYvY1AaYayNR82dGpIk=',
\r
1071 var credentials = {
\r
1073 key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
\r
1074 algorithm: 'sha256',
\r
1078 expect(Browser.client.authenticate(res, credentials, artifacts)).to.equal(true);
\r
1082 it('errors on invalid WWW-Authenticate header format', function (done) {
\r
1086 'www-authenticate': 'Hawk ts="1362346425875", tsm="PhwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", x="Stale timestamp"'
\r
1088 getResponseHeader: function (header) {
\r
1090 return res.headers[header.toLowerCase()];
\r
1094 expect(Browser.client.authenticate(res, {})).to.equal(false);
\r
1098 it('errors on invalid WWW-Authenticate header format', function (done) {
\r
1100 var credentials = {
\r
1102 key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
\r
1103 algorithm: 'sha256',
\r
1109 'www-authenticate': 'Hawk ts="1362346425875", tsm="hwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", error="Stale timestamp"'
\r
1111 getResponseHeader: function (header) {
\r
1113 return res.headers[header.toLowerCase()];
\r
1117 expect(Browser.client.authenticate(res, credentials)).to.equal(false);
\r
1122 describe('message()', function () {
\r
1124 it('generates an authorization then successfully parse it', function (done) {
\r
1126 credentialsFunc('123456', function (err, credentials1) {
\r
1128 var auth = Browser.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
\r
1129 expect(auth).to.exist();
\r
1131 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
\r
1133 expect(err).to.not.exist();
\r
1134 expect(credentials2.user).to.equal('steve');
\r
1140 it('generates an authorization using custom nonce/timestamp', function (done) {
\r
1142 credentialsFunc('123456', function (err, credentials) {
\r
1144 var auth = Browser.client.message('example.com', 8080, 'some message', { credentials: credentials, nonce: 'abc123', timestamp: 1398536270957 });
\r
1145 expect(auth).to.exist();
\r
1146 expect(auth.nonce).to.equal('abc123');
\r
1147 expect(auth.ts).to.equal(1398536270957);
\r
1152 it('errors on missing host', function (done) {
\r
1154 credentialsFunc('123456', function (err, credentials) {
\r
1156 var auth = Browser.client.message(null, 8080, 'some message', { credentials: credentials });
\r
1157 expect(auth).to.not.exist();
\r
1162 it('errors on invalid host', function (done) {
\r
1164 credentialsFunc('123456', function (err, credentials) {
\r
1166 var auth = Browser.client.message(5, 8080, 'some message', { credentials: credentials });
\r
1167 expect(auth).to.not.exist();
\r
1172 it('errors on missing port', function (done) {
\r
1174 credentialsFunc('123456', function (err, credentials) {
\r
1176 var auth = Browser.client.message('example.com', 0, 'some message', { credentials: credentials });
\r
1177 expect(auth).to.not.exist();
\r
1182 it('errors on invalid port', function (done) {
\r
1184 credentialsFunc('123456', function (err, credentials) {
\r
1186 var auth = Browser.client.message('example.com', 'a', 'some message', { credentials: credentials });
\r
1187 expect(auth).to.not.exist();
\r
1192 it('errors on missing message', function (done) {
\r
1194 credentialsFunc('123456', function (err, credentials) {
\r
1196 var auth = Browser.client.message('example.com', 8080, undefined, { credentials: credentials });
\r
1197 expect(auth).to.not.exist();
\r
1202 it('errors on null message', function (done) {
\r
1204 credentialsFunc('123456', function (err, credentials) {
\r
1206 var auth = Browser.client.message('example.com', 8080, null, { credentials: credentials });
\r
1207 expect(auth).to.not.exist();
\r
1212 it('errors on invalid message', function (done) {
\r
1214 credentialsFunc('123456', function (err, credentials) {
\r
1216 var auth = Browser.client.message('example.com', 8080, 5, { credentials: credentials });
\r
1217 expect(auth).to.not.exist();
\r
1222 it('errors on missing credentials', function (done) {
\r
1224 var auth = Browser.client.message('example.com', 8080, 'some message', {});
\r
1225 expect(auth).to.not.exist();
\r
1229 it('errors on missing options', function (done) {
\r
1231 var auth = Browser.client.message('example.com', 8080, 'some message');
\r
1232 expect(auth).to.not.exist();
\r
1236 it('errors on invalid credentials (id)', function (done) {
\r
1238 credentialsFunc('123456', function (err, credentials) {
\r
1240 var creds = Hoek.clone(credentials);
\r
1242 var auth = Browser.client.message('example.com', 8080, 'some message', { credentials: creds });
\r
1243 expect(auth).to.not.exist();
\r
1248 it('errors on invalid credentials (key)', function (done) {
\r
1250 credentialsFunc('123456', function (err, credentials) {
\r
1252 var creds = Hoek.clone(credentials);
\r
1254 var auth = Browser.client.message('example.com', 8080, 'some message', { credentials: creds });
\r
1255 expect(auth).to.not.exist();
\r
1260 it('errors on invalid algorithm', function (done) {
\r
1262 credentialsFunc('123456', function (err, credentials) {
\r
1264 var creds = Hoek.clone(credentials);
\r
1265 creds.algorithm = 'blah';
\r
1266 var auth = Browser.client.message('example.com', 8080, 'some message', { credentials: creds });
\r
1267 expect(auth).to.not.exist();
\r
1273 describe('authenticateTimestamp()', function (done) {
\r
1275 it('validates a timestamp', function (done) {
\r
1277 credentialsFunc('123456', function (err, credentials) {
\r
1279 var tsm = Hawk.crypto.timestampMessage(credentials);
\r
1280 expect(Browser.client.authenticateTimestamp(tsm, credentials)).to.equal(true);
\r
1285 it('validates a timestamp without updating local time', function (done) {
\r
1287 credentialsFunc('123456', function (err, credentials) {
\r
1289 var offset = Browser.utils.getNtpOffset();
\r
1290 var tsm = Hawk.crypto.timestampMessage(credentials, 10000);
\r
1291 expect(Browser.client.authenticateTimestamp(tsm, credentials, false)).to.equal(true);
\r
1292 expect(offset).to.equal(Browser.utils.getNtpOffset());
\r
1297 it('detects a bad timestamp', function (done) {
\r
1299 credentialsFunc('123456', function (err, credentials) {
\r
1301 var tsm = Hawk.crypto.timestampMessage(credentials);
\r
1303 expect(Browser.client.authenticateTimestamp(tsm, credentials)).to.equal(false);
\r
1310 describe('internals', function () {
\r
1312 describe('LocalStorage', function () {
\r
1314 it('goes through the full lifecycle', function (done) {
\r
1316 var storage = new Browser.internals.LocalStorage();
\r
1317 expect(storage.length).to.equal(0);
\r
1318 expect(storage.getItem('a')).to.equal(null);
\r
1319 storage.setItem('a', 5);
\r
1320 expect(storage.length).to.equal(1);
\r
1321 expect(storage.key()).to.equal('a');
\r
1322 expect(storage.key(0)).to.equal('a');
\r
1323 expect(storage.getItem('a')).to.equal('5');
\r
1324 storage.setItem('b', 'test');
\r
1325 expect(storage.key()).to.equal('a');
\r
1326 expect(storage.key(0)).to.equal('a');
\r
1327 expect(storage.key(1)).to.equal('b');
\r
1328 expect(storage.length).to.equal(2);
\r
1329 expect(storage.getItem('b')).to.equal('test');
\r
1330 storage.removeItem('a');
\r
1331 expect(storage.length).to.equal(1);
\r
1332 expect(storage.getItem('a')).to.equal(null);
\r
1333 expect(storage.getItem('b')).to.equal('test');
\r
1335 expect(storage.length).to.equal(0);
\r
1336 expect(storage.getItem('a')).to.equal(null);
\r
1337 expect(storage.getItem('b')).to.equal(null);
\r
1343 describe('utils', function () {
\r
1345 describe('setStorage()', function () {
\r
1347 it('sets storage for the first time', function (done) {
\r
1349 Browser.utils.storage = new Browser.internals.LocalStorage(); // Reset state
\r
1351 expect(Browser.utils.storage.getItem('hawk_ntp_offset')).to.not.exist();
\r
1352 Browser.utils.storage.setItem('test', '1');
\r
1353 Browser.utils.setStorage(new Browser.internals.LocalStorage());
\r
1354 expect(Browser.utils.storage.getItem('test')).to.not.exist();
\r
1355 Browser.utils.storage.setItem('test', '2');
\r
1356 expect(Browser.utils.storage.getItem('test')).to.equal('2');
\r
1361 describe('setNtpOffset()', function (done) {
\r
1363 it('catches localStorage errors', { parallel: false }, function (done) {
\r
1365 var orig = Browser.utils.storage.setItem;
\r
1366 var consoleOrig = console.error;
\r
1368 console.error = function () {
\r
1370 if (count++ === 2) {
\r
1372 console.error = consoleOrig;
\r
1376 Browser.utils.storage.setItem = function () {
\r
1378 Browser.utils.storage.setItem = orig;
\r
1379 throw new Error();
\r
1382 expect(function () {
\r
1384 Browser.utils.setNtpOffset(100);
\r
1385 }).not.to.throw();
\r
1391 describe('parseAuthorizationHeader()', function (done) {
\r
1393 it('returns null on missing header', function (done) {
\r
1395 expect(Browser.utils.parseAuthorizationHeader()).to.equal(null);
\r
1399 it('returns null on bad header syntax (structure)', function (done) {
\r
1401 expect(Browser.utils.parseAuthorizationHeader('Hawk')).to.equal(null);
\r
1405 it('returns null on bad header syntax (parts)', function (done) {
\r
1407 expect(Browser.utils.parseAuthorizationHeader(' ')).to.equal(null);
\r
1411 it('returns null on bad scheme name', function (done) {
\r
1413 expect(Browser.utils.parseAuthorizationHeader('Basic asdasd')).to.equal(null);
\r
1417 it('returns null on bad attribute value', function (done) {
\r
1419 expect(Browser.utils.parseAuthorizationHeader('Hawk test="\t"', ['test'])).to.equal(null);
\r
1423 it('returns null on duplicated attribute', function (done) {
\r
1425 expect(Browser.utils.parseAuthorizationHeader('Hawk test="a", test="b"', ['test'])).to.equal(null);
\r
1430 describe('parseUri()', function () {
\r
1432 it('returns empty object on invalid', function (done) {
\r
1434 var uri = Browser.utils.parseUri('ftp');
\r
1435 expect(uri).to.deep.equal({ host: '', port: '', resource: '' });
\r
1439 it('returns empty port when unknown scheme', function (done) {
\r
1441 var uri = Browser.utils.parseUri('ftp://example.com');
\r
1442 expect(uri.port).to.equal('');
\r
1446 it('returns default port when missing', function (done) {
\r
1448 var uri = Browser.utils.parseUri('http://example.com');
\r
1449 expect(uri.port).to.equal('80');
\r
1453 it('handles unusual characters correctly', function (done) {
\r
1456 protocol: 'http+vnd.my-extension',
\r
1457 user: 'user!$&\'()*+,;=%40my-domain.com',
\r
1458 password: 'pass!$&\'()*+,;=%40:word',
\r
1459 hostname: 'foo-bar.com',
\r
1461 pathname: '/path/%40/!$&\'()*+,;=:@/',
\r
1462 query: 'query%40/!$&\'()*+,;=:@/?',
\r
1463 fragment: 'fragm%40/!$&\'()*+,;=:@/?'
\r
1466 parts.userInfo = parts.user + ':' + parts.password;
\r
1467 parts.authority = parts.userInfo + '@' + parts.hostname + ':' + parts.port;
\r
1468 parts.relative = parts.pathname + '?' + parts.query;
\r
1469 parts.resource = parts.relative + '#' + parts.fragment;
\r
1470 parts.source = parts.protocol + '://' + parts.authority + parts.resource;
\r
1472 var uri = Browser.utils.parseUri(parts.source);
\r
1473 expect(uri.host).to.equal('foo-bar.com');
\r
1474 expect(uri.port).to.equal('99');
\r
1475 expect(uri.resource).to.equal(parts.pathname + '?' + parts.query);
\r
1480 var str = 'https://www.google.ca/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=url';
\r
1481 var base64str = 'aHR0cHM6Ly93d3cuZ29vZ2xlLmNhL3dlYmhwP3NvdXJjZWlkPWNocm9tZS1pbnN0YW50Jmlvbj0xJmVzcHY9MiZpZT1VVEYtOCNxPXVybA';
\r
1483 describe('base64urlEncode()', function () {
\r
1485 it('should base64 URL-safe decode a string', function (done) {
\r
1487 expect(Browser.utils.base64urlEncode(str)).to.equal(base64str);
\r