首頁 探索 說明
註冊 登入
shanpin
/
chat-server
關註 3
讚好 0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
目錄樹: bf846a7082
分支列表 標籤列表
chat-server
/
qq-imsvr
/
node_modules
/
hawk
/
test
/
uri.js

uri.js 16 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457 
  1. // Load modules
    2. 

  2. 

  3. var Http = require('http');
    4. 

  4. var Lab = require('lab');
    5. 

  5. var Hawk = require('../lib');
    6. 

  6. 

  7. 

  8. // Declare internals
    9. 

  9. 

  10. var internals = {};
    11. 

  11. 

  12. 

  13. // Test shortcuts
    14. 

  14. 

  15. var expect = Lab.expect;
    16. 

  16. var before = Lab.before;
    17. 

  17. var after = Lab.after;
    18. 

  18. var describe = Lab.experiment;
    19. 

  19. var it = Lab.test;
    20. 

  20. 

  21. 

  22. describe('Hawk', function () {
    23. 

  23. 

  24.     describe('Uri', function () {
    25. 

  25. 

  26.         var credentialsFunc = function (id, callback) {
    27. 

  27. 

  28.             var credentials = {
    29. 

  29.                 id: id,
    30. 

  30.                 key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
    31. 

  31.                 algorithm: 'sha256',
    32. 

  32.                 user: 'steve'
    33. 

  33.             };
    34. 

  34. 

  35.             return callback(null, credentials);
    36. 

  36.         };
    37. 

  37. 

  38.         it('should generate a bewit then successfully authenticate it', function (done) {
    39. 

  39. 

  40.             var req = {
    41. 

  41.                 method: 'GET',
    42. 

  42.                 url: '/resource/4?a=1&b=2',
    43. 

  43.                 host: 'example.com',
    44. 

  44.                 port: 80
    45. 

  45.             };
    46. 

  46. 

  47.             credentialsFunc('123456', function (err, credentials) {
    48. 

  48. 

  49.                 var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials, ttlSec: 60 * 60 * 24 * 365 * 100, ext: 'some-app-data' });
    50. 

  50.                 req.url += '&bewit=' + bewit;
    51. 

  51. 

  52.                 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    53. 

  53. 

  54.                     expect(err).to.not.exist;
    55. 

  55.                     expect(credentials.user).to.equal('steve');
    56. 

  56.                     expect(attributes.ext).to.equal('some-app-data');
    57. 

  57.                     done();
    58. 

  58.                 });
    59. 

  59.             });
    60. 

  60.         });
    61. 

  61. 

  62.         it('should generate a bewit then successfully authenticate it (no ext)', function (done) {
    63. 

  63. 

  64.             var req = {
    65. 

  65.                 method: 'GET',
    66. 

  66.                 url: '/resource/4?a=1&b=2',
    67. 

  67.                 host: 'example.com',
    68. 

  68.                 port: 80
    69. 

  69.             };
    70. 

  70. 

  71.             credentialsFunc('123456', function (err, credentials) {
    72. 

  72. 

  73.                 var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials, ttlSec: 60 * 60 * 24 * 365 * 100 });
    74. 

  74.                 req.url += '&bewit=' + bewit;
    75. 

  75. 

  76.                 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    77. 

  77. 

  78.                     expect(err).to.not.exist;
    79. 

  79.                     expect(credentials.user).to.equal('steve');
    80. 

  80.                     done();
    81. 

  81.                 });
    82. 

  82.             });
    83. 

  83.         });
    84. 

  84. 

  85.         it('should successfully authenticate a request (last param)', function (done) {
    86. 

  86. 

  87.             var req = {
    88. 

  88.                 method: 'GET',
    89. 

  89.                 url: '/resource/4?a=1&b=2&bewit=MTIzNDU2XDQ1MTE0ODQ2MjFcMzFjMmNkbUJFd1NJRVZDOVkva1NFb2c3d3YrdEVNWjZ3RXNmOGNHU2FXQT1cc29tZS1hcHAtZGF0YQ',
    90. 

  90.                 host: 'example.com',
    91. 

  91.                 port: 8080
    92. 

  92.             };
    93. 

  93. 

  94.             Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    95. 

  95. 

  96.                 expect(err).to.not.exist;
    97. 

  97.                 expect(credentials.user).to.equal('steve');
    98. 

  98.                 expect(attributes.ext).to.equal('some-app-data');
    99. 

  99.                 done();
    100. 

  100.             });
    101. 

  101.         });
    102. 

  102. 

  103.         it('should successfully authenticate a request (first param)', function (done) {
    104. 

  104. 

  105.             var req = {
    106. 

  106.                 method: 'GET',
    107. 

  107.                 url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2MjFcMzFjMmNkbUJFd1NJRVZDOVkva1NFb2c3d3YrdEVNWjZ3RXNmOGNHU2FXQT1cc29tZS1hcHAtZGF0YQ&a=1&b=2',
    108. 

  108.                 host: 'example.com',
    109. 

  109.                 port: 8080
    110. 

  110.             };
    111. 

  111. 

  112.             Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    113. 

  113. 

  114.                 expect(err).to.not.exist;
    115. 

  115.                 expect(credentials.user).to.equal('steve');
    116. 

  116.                 expect(attributes.ext).to.equal('some-app-data');
    117. 

  117.                 done();
    118. 

  118.             });
    119. 

  119.         });
    120. 

  120. 

  121.         it('should successfully authenticate a request (only param)', function (done) {
    122. 

  122. 

  123.             var req = {
    124. 

  124.                 method: 'GET',
    125. 

  125.                 url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2NDFcZm1CdkNWT3MvcElOTUUxSTIwbWhrejQ3UnBwTmo4Y1VrSHpQd3Q5OXJ1cz1cc29tZS1hcHAtZGF0YQ',
    126. 

  126.                 host: 'example.com',
    127. 

  127.                 port: 8080
    128. 

  128.             };
    129. 

  129. 

  130.             Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    131. 

  131. 

  132.                 expect(err).to.not.exist;
    133. 

  133.                 expect(credentials.user).to.equal('steve');
    134. 

  134.                 expect(attributes.ext).to.equal('some-app-data');
    135. 

  135.                 done();
    136. 

  136.             });
    137. 

  137.         });
    138. 

  138. 

  139.         it('should fail on multiple authentication', function (done) {
    140. 

  140. 

  141.             var req = {
    142. 

  142.                 method: 'GET',
    143. 

  143.                 url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2NDFcZm1CdkNWT3MvcElOTUUxSTIwbWhrejQ3UnBwTmo4Y1VrSHpQd3Q5OXJ1cz1cc29tZS1hcHAtZGF0YQ',
    144. 

  144.                 host: 'example.com',
    145. 

  145.                 port: 8080,
    146. 

  146.                 authorization: 'Basic asdasdasdasd'
    147. 

  147.             };
    148. 

  148. 

  149.             Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    150. 

  150. 

  151.                 expect(err).to.exist;
    152. 

  152.                 expect(err.response.payload.message).to.equal('Multiple authentications');
    153. 

  153.                 done();
    154. 

  154.             });
    155. 

  155.         });
    156. 

  156. 

  157.         it('should fail on method other than GET', function (done) {
    158. 

  158. 

  159.             credentialsFunc('123456', function (err, credentials) {
    160. 

  160. 

  161.                 var req = {
    162. 

  162.                     method: 'POST',
    163. 

  163.                     url: '/resource/4?filter=a',
    164. 

  164.                     host: 'example.com',
    165. 

  165.                     port: 8080
    166. 

  166.                 };
    167. 

  167. 

  168.                 var exp = Math.floor(Hawk.utils.now() / 1000) + 60;
    169. 

  169.                 var ext = 'some-app-data';
    170. 

  170.                 var mac = Hawk.crypto.calculateMac('bewit', credentials, {
    171. 

  171.                     timestamp: exp,
    172. 

  172.                     nonce: '',
    173. 

  173.                     method: req.method,
    174. 

  174.                     resource: req.url,
    175. 

  175.                     host: req.host,
    176. 

  176.                     port: req.port,
    177. 

  177.                     ext: ext
    178. 

  178.                 });
    179. 

  179. 

  180.                 var bewit = credentials.id + '\\' + exp + '\\' + mac + '\\' + ext;
    181. 

  181. 

  182.                 req.url += '&bewit=' + Hawk.utils.base64urlEncode(bewit);
    183. 

  183. 

  184.                 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    185. 

  185. 

  186.                     expect(err).to.exist;
    187. 

  187.                     expect(err.response.payload.message).to.equal('Invalid method');
    188. 

  188.                     done();
    189. 

  189.                 });
    190. 

  190.             });
    191. 

  191.         });
    192. 

  192. 

  193.         it('should fail on invalid host header', function (done) {
    194. 

  194. 

  195.             var req = {
    196. 

  196.                 method: 'GET',
    197. 

  197.                 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
    198. 

  198.                 headers: {
    199. 

  199.                     host: 'example.com:something'
    200. 

  200.                 }
    201. 

  201.             };
    202. 

  202. 

  203.             Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    204. 

  204. 

  205.                 expect(err).to.exist;
    206. 

  206.                 expect(err.response.payload.message).to.equal('Invalid Host header');
    207. 

  207.                 done();
    208. 

  208.             });
    209. 

  209.         });
    210. 

  210. 

  211.         it('should fail on empty bewit', function (done) {
    212. 

  212. 

  213.             var req = {
    214. 

  214.                 method: 'GET',
    215. 

  215.                 url: '/resource/4?bewit=',
    216. 

  216.                 host: 'example.com',
    217. 

  217.                 port: 8080
    218. 

  218.             };
    219. 

  219. 

  220.             Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    221. 

  221. 

  222.                 expect(err).to.exist;
    223. 

  223.                 expect(err.response.payload.message).to.equal('Empty bewit');
    224. 

  224.                 expect(err.isMissing).to.not.exist;
    225. 

  225.                 done();
    226. 

  226.             });
    227. 

  227.         });
    228. 

  228. 

  229.         it('should fail on invalid bewit', function (done) {
    230. 

  230. 

  231.             var req = {
    232. 

  232.                 method: 'GET',
    233. 

  233.                 url: '/resource/4?bewit=*',
    234. 

  234.                 host: 'example.com',
    235. 

  235.                 port: 8080
    236. 

  236.             };
    237. 

  237. 

  238.             Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    239. 

  239. 

  240.                 expect(err).to.exist;
    241. 

  241.                 expect(err.response.payload.message).to.equal('Invalid bewit encoding');
    242. 

  242.                 expect(err.isMissing).to.not.exist;
    243. 

  243.                 done();
    244. 

  244.             });
    245. 

  245.         });
    246. 

  246. 

  247.         it('should fail on missing bewit', function (done) {
    248. 

  248. 

  249.             var req = {
    250. 

  250.                 method: 'GET',
    251. 

  251.                 url: '/resource/4',
    252. 

  252.                 host: 'example.com',
    253. 

  253.                 port: 8080
    254. 

  254.             };
    255. 

  255. 

  256.             Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    257. 

  257. 

  258.                 expect(err).to.exist;
    259. 

  259.                 expect(err.response.payload.message).to.not.exist;
    260. 

  260.                 expect(err.isMissing).to.equal(true);
    261. 

  261.                 done();
    262. 

  262.             });
    263. 

  263.         });
    264. 

  264. 

  265.         it('should fail on invalid bewit structure', function (done) {
    266. 

  266. 

  267.             var req = {
    268. 

  268.                 method: 'GET',
    269. 

  269.                 url: '/resource/4?bewit=abc',
    270. 

  270.                 host: 'example.com',
    271. 

  271.                 port: 8080
    272. 

  272.             };
    273. 

  273. 

  274.             Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    275. 

  275. 

  276.                 expect(err).to.exist;
    277. 

  277.                 expect(err.response.payload.message).to.equal('Invalid bewit structure');
    278. 

  278.                 done();
    279. 

  279.             });
    280. 

  280.         });
    281. 

  281. 

  282.         it('should fail on empty bewit attribute', function (done) {
    283. 

  283. 

  284.             var req = {
    285. 

  285.                 method: 'GET',
    286. 

  286.                 url: '/resource/4?bewit=YVxcY1xk',
    287. 

  287.                 host: 'example.com',
    288. 

  288.                 port: 8080
    289. 

  289.             };
    290. 

  290. 

  291.             Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    292. 

  292. 

  293.                 expect(err).to.exist;
    294. 

  294.                 expect(err.response.payload.message).to.equal('Missing bewit attributes');
    295. 

  295.                 done();
    296. 

  296.             });
    297. 

  297.         });
    298. 

  298. 

  299.         it('should fail on expired access', function (done) {
    300. 

  300. 

  301.             var req = {
    302. 

  302.                 method: 'GET',
    303. 

  303.                 url: '/resource/4?a=1&b=2&bewit=MTIzNDU2XDEzNTY0MTg1ODNcWk1wZlMwWU5KNHV0WHpOMmRucTRydEk3NXNXTjFjeWVITTcrL0tNZFdVQT1cc29tZS1hcHAtZGF0YQ',
    304. 

  304.                 host: 'example.com',
    305. 

  305.                 port: 8080
    306. 

  306.             };
    307. 

  307. 

  308.             Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
    309. 

  309. 

  310.                 expect(err).to.exist;
    311. 

  311.                 expect(err.response.payload.message).to.equal('Access expired');
    312. 

  312.                 done();
    313. 

  313.             });
    314. 

  314.         });
    315. 

  315. 

  316.         it('should fail on credentials function error', function (done) {
    317. 

  317. 

  318.             var req = {
    319. 

  319.                 method: 'GET',
    320. 

  320.                 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
    321. 

  321.                 host: 'example.com',
    322. 

  322.                 port: 8080
    323. 

  323.             };
    324. 

  324. 

  325.             Hawk.uri.authenticate(req, function (id, callback) { callback(Hawk.error.badRequest('Boom')); }, {}, function (err, credentials, attributes) {
    326. 

  326. 

  327.                 expect(err).to.exist;
    328. 

  328.                 expect(err.response.payload.message).to.equal('Boom');
    329. 

  329.                 done();
    330. 

  330.             });
    331. 

  331.         });
    332. 

  332. 

  333.         it('should fail on null credentials function response', function (done) {
    334. 

  334. 

  335.             var req = {
    336. 

  336.                 method: 'GET',
    337. 

  337.                 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
    338. 

  338.                 host: 'example.com',
    339. 

  339.                 port: 8080
    340. 

  340.             };
    341. 

  341. 

  342.             Hawk.uri.authenticate(req, function (id, callback) { callback(null, null); }, {}, function (err, credentials, attributes) {
    343. 

  343. 

  344.                 expect(err).to.exist;
    345. 

  345.                 expect(err.response.payload.message).to.equal('Unknown credentials');
    346. 

  346.                 done();
    347. 

  347.             });
    348. 

  348.         });
    349. 

  349. 

  350.         it('should fail on invalid credentials function response', function (done) {
    351. 

  351. 

  352.             var req = {
    353. 

  353.                 method: 'GET',
    354. 

  354.                 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
    355. 

  355.                 host: 'example.com',
    356. 

  356.                 port: 8080
    357. 

  357.             };
    358. 

  358. 

  359.             Hawk.uri.authenticate(req, function (id, callback) { callback(null, {}); }, {}, function (err, credentials, attributes) {
    360. 

  360. 

  361.                 expect(err).to.exist;
    362. 

  362.                 expect(err.message).to.equal('Invalid credentials');
    363. 

  363.                 done();
    364. 

  364.             });
    365. 

  365.         });
    366. 

  366. 

  367.         it('should fail on invalid credentials function response (unknown algorithm)', function (done) {
    368. 

  368. 

  369.             var req = {
    370. 

  370.                 method: 'GET',
    371. 

  371.                 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
    372. 

  372.                 host: 'example.com',
    373. 

  373.                 port: 8080
    374. 

  374.             };
    375. 

  375. 

  376.             Hawk.uri.authenticate(req, function (id, callback) { callback(null, { key: 'xxx', algorithm: 'xxx' }); }, {}, function (err, credentials, attributes) {
    377. 

  377. 

  378.                 expect(err).to.exist;
    379. 

  379.                 expect(err.message).to.equal('Unknown algorithm');
    380. 

  380.                 done();
    381. 

  381.             });
    382. 

  382.         });
    383. 

  383. 

  384.         it('should fail on expired access', function (done) {
    385. 

  385. 

  386.             var req = {
    387. 

  387.                 method: 'GET',
    388. 

  388.                 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
    389. 

  389.                 host: 'example.com',
    390. 

  390.                 port: 8080
    391. 

  391.             };
    392. 

  392. 

  393.             Hawk.uri.authenticate(req, function (id, callback) { callback(null, { key: 'xxx', algorithm: 'sha256' }); }, {}, function (err, credentials, attributes) {
    394. 

  394. 

  395.                 expect(err).to.exist;
    396. 

  396.                 expect(err.response.payload.message).to.equal('Bad mac');
    397. 

  397.                 done();
    398. 

  398.             });
    399. 

  399.         });
    400. 

  400.     });
    401. 

  401. 

  402.     describe('#getBewit', function () {
    403. 

  403. 

  404.         it('should return a valid bewit value', function (done) {
    405. 

  405. 

  406.             var credentials = {
    407. 

  407.                 id: '123456',
    408. 

  408.                 key: '2983d45yun89q',
    409. 

  409.                 algorithm: 'sha256'
    410. 

  410.             };
    411. 

  411. 

  412.             var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
    413. 

  413.             expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdca3NjeHdOUjJ0SnBQMVQxekRMTlBiQjVVaUtJVTl0T1NKWFRVZEc3WDloOD1ceGFuZHlhbmR6');
    414. 

  414.             done();
    415. 

  415.         });
    416. 

  416. 

  417.         it('should return an empty bewit on invalid credentials', function (done) {
    418. 

  418. 

  419.             var credentials = {
    420. 

  420.                 key: '2983d45yun89q',
    421. 

  421.                 algorithm: 'sha256'
    422. 

  422.             };
    423. 

  423. 

  424.             var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
    425. 

  425.             expect(bewit).to.equal('');
    426. 

  426.             done();
    427. 

  427.         });
    428. 

  428. 

  429.         it('should return an empty bewit on invalid algorithm', function (done) {
    430. 

  430. 

  431.             var credentials = {
    432. 

  432.                 id: '123456',
    433. 

  433.                 key: '2983d45yun89q',
    434. 

  434.                 algorithm: 'hmac-sha-0'
    435. 

  435.             };
    436. 

  436. 

  437.             var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, ext: 'xandyandz' });
    438. 

  438.             expect(bewit).to.equal('');
    439. 

  439.             done();
    440. 

  440.         });
    441. 

  441. 

  442.         it('should return an empty bewit on missing options', function (done) {
    443. 

  443. 

  444.             var credentials = {
    445. 

  445.                 id: '123456',
    446. 

  446.                 key: '2983d45yun89q',
    447. 

  447.                 algorithm: 'hmac-sha-0'
    448. 

  448.             };
    449. 

  449. 

  450.             var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow');
    451. 

  451.             expect(bewit).to.equal('');
    452. 

  452.             done();
    453. 

  453.         });
    454. 

  454.     });
    455. 

  455. });
    456. 

  456. 

  457.