107 lines
2.9 KiB
JavaScript
107 lines
2.9 KiB
JavaScript
'use strict'
|
|
|
|
const { expect } = require('chai')
|
|
const Camp = require('camp')
|
|
const got = require('got')
|
|
const queryString = require('query-string')
|
|
const nock = require('nock')
|
|
const config = require('../../../lib/test-config')
|
|
const serverSecrets = require('../../../lib/server-secrets')
|
|
const acceptor = require('./acceptor')
|
|
|
|
const baseUri = `http://127.0.0.1:${config.port}`
|
|
const fakeClientId = 'githubdabomb'
|
|
|
|
describe('Github token acceptor', function() {
|
|
// Frustratingly, potentially undefined properties can't reliably be stubbed
|
|
// with Sinon.
|
|
// https://github.com/sinonjs/sinon/pull/1557
|
|
before(function() {
|
|
serverSecrets.gh_client_id = fakeClientId
|
|
serverSecrets.shieldsIps = []
|
|
})
|
|
after(function() {
|
|
delete serverSecrets.gh_client_id
|
|
delete serverSecrets.shieldsIps
|
|
})
|
|
|
|
let camp
|
|
beforeEach(function(done) {
|
|
camp = Camp.start({ port: config.port, hostname: '::' })
|
|
camp.on('listening', () => done())
|
|
})
|
|
afterEach(function(done) {
|
|
if (camp) {
|
|
camp.close(() => done())
|
|
camp = null
|
|
}
|
|
})
|
|
|
|
beforeEach(function() {
|
|
acceptor.setRoutes(camp)
|
|
})
|
|
|
|
it('should start the OAuth process', async function() {
|
|
const res = await got(`${baseUri}/github-auth`, { followRedirect: false })
|
|
|
|
expect(res.statusCode).to.equal(302)
|
|
|
|
const qs = queryString.stringify({
|
|
client_id: fakeClientId,
|
|
redirect_uri: 'https://img.shields.io/github-auth/done',
|
|
})
|
|
const expectedLocationHeader = `https://github.com/login/oauth/authorize?${qs}`
|
|
expect(res.headers.location).to.equal(expectedLocationHeader)
|
|
})
|
|
|
|
describe('Finishing the OAuth process', function() {
|
|
context('no code is provided', function() {
|
|
it('should return an error', async function() {
|
|
const res = await got(`${baseUri}/github-auth/done`)
|
|
expect(res.body).to.equal(
|
|
'GitHub OAuth authentication failed to provide a code.'
|
|
)
|
|
})
|
|
})
|
|
|
|
const fakeCode = '123456789'
|
|
const fakeAccessToken = 'abcdef'
|
|
|
|
context('a code is provided', function() {
|
|
let scope
|
|
beforeEach(function() {
|
|
nock.enableNetConnect(/127\.0\.0\.1/)
|
|
|
|
scope = nock('https://github.com')
|
|
.post('/login/oauth/access_token')
|
|
.reply((url, requestBody) => {
|
|
expect(queryString.parse(requestBody).code).to.equal(fakeCode)
|
|
return queryString.stringify({ access_token: fakeAccessToken })
|
|
})
|
|
})
|
|
|
|
afterEach(function() {
|
|
if (scope) {
|
|
scope.done()
|
|
scope = null
|
|
}
|
|
})
|
|
|
|
afterEach(function() {
|
|
nock.enableNetConnect()
|
|
nock.cleanAll()
|
|
})
|
|
|
|
it('should finish the OAuth process', async function() {
|
|
const res = await got(`${baseUri}/github-auth/done`, {
|
|
form: true,
|
|
body: { code: fakeCode },
|
|
})
|
|
expect(res.body).to.startWith(
|
|
'<p>Shields.io has received your app-specific GitHub user token.'
|
|
)
|
|
})
|
|
})
|
|
})
|
|
})
|