3 var Url = require('url');
\r
4 var Code = require('code');
\r
5 var Hawk = require('../lib');
\r
6 var Lab = require('lab');
\r
16 var lab = exports.lab = Lab.script();
\r
17 var describe = lab.experiment;
\r
19 var expect = Code.expect;
\r
22 describe('Hawk', function () {
\r
24 var credentialsFunc = function (id, callback) {
\r
28 key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
\r
29 algorithm: (id === '1' ? 'sha1' : 'sha256'),
\r
33 return callback(null, credentials);
\r
36 it('generates a header then successfully parse it (configuration)', function (done) {
\r
40 url: '/resource/4?filter=a',
\r
41 host: 'example.com',
\r
45 credentialsFunc('123456', function (err, credentials1) {
\r
47 req.authorization = Hawk.client.header(Url.parse('http://example.com:8080/resource/4?filter=a'), req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
\r
48 expect(req.authorization).to.exist();
\r
50 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
52 expect(err).to.not.exist();
\r
53 expect(credentials2.user).to.equal('steve');
\r
54 expect(artifacts.ext).to.equal('some-app-data');
\r
60 it('generates a header then successfully parse it (node request)', function (done) {
\r
64 url: '/resource/4?filter=a',
\r
66 host: 'example.com:8080',
\r
67 'content-type': 'text/plain;x=y'
\r
71 var payload = 'some not so random text';
\r
73 credentialsFunc('123456', function (err, credentials1) {
\r
75 var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
\r
76 req.headers.authorization = reqHeader.field;
\r
78 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
80 expect(err).to.not.exist();
\r
81 expect(credentials2.user).to.equal('steve');
\r
82 expect(artifacts.ext).to.equal('some-app-data');
\r
83 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
\r
87 'content-type': 'text/plain'
\r
91 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
\r
92 expect(res.headers['server-authorization']).to.exist();
\r
94 expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(true);
\r
100 it('generates a header then successfully parse it (absolute request uri)', function (done) {
\r
104 url: 'http://example.com:8080/resource/4?filter=a',
\r
106 host: 'example.com:8080',
\r
107 'content-type': 'text/plain;x=y'
\r
111 var payload = 'some not so random text';
\r
113 credentialsFunc('123456', function (err, credentials1) {
\r
115 var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
\r
116 req.headers.authorization = reqHeader.field;
\r
118 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
120 expect(err).to.not.exist();
\r
121 expect(credentials2.user).to.equal('steve');
\r
122 expect(artifacts.ext).to.equal('some-app-data');
\r
123 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
\r
127 'content-type': 'text/plain'
\r
131 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
\r
132 expect(res.headers['server-authorization']).to.exist();
\r
134 expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(true);
\r
140 it('generates a header then successfully parse it (no server header options)', function (done) {
\r
144 url: '/resource/4?filter=a',
\r
146 host: 'example.com:8080',
\r
147 'content-type': 'text/plain;x=y'
\r
151 var payload = 'some not so random text';
\r
153 credentialsFunc('123456', function (err, credentials1) {
\r
155 var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
\r
156 req.headers.authorization = reqHeader.field;
\r
158 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
160 expect(err).to.not.exist();
\r
161 expect(credentials2.user).to.equal('steve');
\r
162 expect(artifacts.ext).to.equal('some-app-data');
\r
163 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
\r
167 'content-type': 'text/plain'
\r
171 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts);
\r
172 expect(res.headers['server-authorization']).to.exist();
\r
174 expect(Hawk.client.authenticate(res, credentials2, artifacts)).to.equal(true);
\r
180 it('generates a header then fails to parse it (missing server header hash)', function (done) {
\r
184 url: '/resource/4?filter=a',
\r
186 host: 'example.com:8080',
\r
187 'content-type': 'text/plain;x=y'
\r
191 var payload = 'some not so random text';
\r
193 credentialsFunc('123456', function (err, credentials1) {
\r
195 var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
\r
196 req.headers.authorization = reqHeader.field;
\r
198 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
200 expect(err).to.not.exist();
\r
201 expect(credentials2.user).to.equal('steve');
\r
202 expect(artifacts.ext).to.equal('some-app-data');
\r
203 expect(Hawk.server.authenticatePayload(payload, credentials2, artifacts, req.headers['content-type'])).to.equal(true);
\r
207 'content-type': 'text/plain'
\r
211 res.headers['server-authorization'] = Hawk.server.header(credentials2, artifacts);
\r
212 expect(res.headers['server-authorization']).to.exist();
\r
214 expect(Hawk.client.authenticate(res, credentials2, artifacts, { payload: 'some reply' })).to.equal(false);
\r
220 it('generates a header then successfully parse it (with hash)', function (done) {
\r
224 url: '/resource/4?filter=a',
\r
225 host: 'example.com',
\r
229 credentialsFunc('123456', function (err, credentials1) {
\r
231 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
\r
232 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
234 expect(err).to.not.exist();
\r
235 expect(credentials2.user).to.equal('steve');
\r
236 expect(artifacts.ext).to.equal('some-app-data');
\r
242 it('generates a header then successfully parse it then validate payload', function (done) {
\r
246 url: '/resource/4?filter=a',
\r
247 host: 'example.com',
\r
251 credentialsFunc('123456', function (err, credentials1) {
\r
253 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
\r
254 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
256 expect(err).to.not.exist();
\r
257 expect(credentials2.user).to.equal('steve');
\r
258 expect(artifacts.ext).to.equal('some-app-data');
\r
259 expect(Hawk.server.authenticatePayload('hola!', credentials2, artifacts)).to.be.true();
\r
260 expect(Hawk.server.authenticatePayload('hello!', credentials2, artifacts)).to.be.false();
\r
266 it('generates a header then successfully parses and validates payload', function (done) {
\r
270 url: '/resource/4?filter=a',
\r
271 host: 'example.com',
\r
275 credentialsFunc('123456', function (err, credentials1) {
\r
277 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
\r
278 Hawk.server.authenticate(req, credentialsFunc, { payload: 'hola!' }, function (err, credentials2, artifacts) {
\r
280 expect(err).to.not.exist();
\r
281 expect(credentials2.user).to.equal('steve');
\r
282 expect(artifacts.ext).to.equal('some-app-data');
\r
288 it('generates a header then successfully parse it (app)', function (done) {
\r
292 url: '/resource/4?filter=a',
\r
293 host: 'example.com',
\r
297 credentialsFunc('123456', function (err, credentials1) {
\r
299 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased' }).field;
\r
300 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
302 expect(err).to.not.exist();
\r
303 expect(credentials2.user).to.equal('steve');
\r
304 expect(artifacts.ext).to.equal('some-app-data');
\r
305 expect(artifacts.app).to.equal('asd23ased');
\r
311 it('generates a header then successfully parse it (app, dlg)', function (done) {
\r
315 url: '/resource/4?filter=a',
\r
316 host: 'example.com',
\r
320 credentialsFunc('123456', function (err, credentials1) {
\r
322 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased', dlg: '23434szr3q4d' }).field;
\r
323 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
325 expect(err).to.not.exist();
\r
326 expect(credentials2.user).to.equal('steve');
\r
327 expect(artifacts.ext).to.equal('some-app-data');
\r
328 expect(artifacts.app).to.equal('asd23ased');
\r
329 expect(artifacts.dlg).to.equal('23434szr3q4d');
\r
335 it('generates a header then fail authentication due to bad hash', function (done) {
\r
339 url: '/resource/4?filter=a',
\r
340 host: 'example.com',
\r
344 credentialsFunc('123456', function (err, credentials1) {
\r
346 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
\r
347 Hawk.server.authenticate(req, credentialsFunc, { payload: 'byebye!' }, function (err, credentials2, artifacts) {
\r
349 expect(err).to.exist();
\r
350 expect(err.output.payload.message).to.equal('Bad payload hash');
\r
356 it('generates a header for one resource then fail to authenticate another', function (done) {
\r
360 url: '/resource/4?filter=a',
\r
361 host: 'example.com',
\r
365 credentialsFunc('123456', function (err, credentials1) {
\r
367 req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
\r
368 req.url = '/something/else';
\r
370 Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
\r
372 expect(err).to.exist();
\r
373 expect(credentials2).to.exist();
\r