Skip to content
This repository has been archived by the owner on Jul 15, 2024. It is now read-only.

Commit

Permalink
Release 0.2.0. Bump cassava dependency version. Use the cassava testi…
Browse files Browse the repository at this point in the history 
…ng functions.
  • Loading branch information
jeff committed Jun 30, 2017
1 parent 2fc0a2c commit 47d547c
Show file tree
Hide file tree
Showing 7 changed files with 66 additions and 189 deletions.
12 changes: 6 additions & 6 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,16 +23,16 @@
},
"homepage": "https://github.com/Giftbit/giftbit-cassava#readme",
"peerDependencies": {
"cassava": "^0.1.0"
"cassava": "0.2.0"
},
"devDependencies": {
"@types/aws-lambda": "^0.0.14",
"@types/chai": "^4.0.1",
"@types/cookie": "^0.3.0",
"@types/jsonwebtoken": "^7.2.1",
"@types/mocha": "^2.2.41",
"@types/node": "^8.0.5",
"aws-sdk": "^2.78.0",
"@types/node": "^8.0.6",
"aws-sdk": "^2.80.0",
"chai": "^4.0.2",
"mocha": "^3.4.2",
"rimraf": "^2.6.1",
Expand Down
21 changes: 19 additions & 2 deletions src/jwtauth/AuthorizationBadge.ts
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import * as cassava from "cassava";
import {JwtPayload} from "./JwtPayload";
import {RolesConfig} from "../secureConfig/RolesConfig";

Expand Down Expand Up @@ -104,7 +105,7 @@ export class AuthorizationBadge {
}

const lastSeparatorIx = scope.lastIndexOf(":");
if (lastSeparatorIx == -1) {
if (lastSeparatorIx === -1) {
return null;
}

Expand All @@ -113,10 +114,26 @@ export class AuthorizationBadge {

isBadgeAuthorized(scope: string): boolean {
for (; scope; scope = this.getParentScope(scope)) {
if (this.effectiveScopes.indexOf(scope) != -1) {
if (this.effectiveScopes.indexOf(scope) !== -1) {
return true;
}
}
return false;
}

requireScopes(...scopes: string[]): void {
for (let scope of scopes) {
if (!this.isBadgeAuthorized(scope)) {
throw new cassava.RestError(cassava.httpStatusCode.clientError.FORBIDDEN);
}
}
}

requireIds(...ids: ("giftbitUserId" | "merchantId" | "cardId" | "programId" | "recipientId" | "templateId" | "teamMemberId" | "serviceId")[]): void {
for (let id of ids) {
if (!this[id]) {
throw new cassava.RestError(cassava.httpStatusCode.clientError.FORBIDDEN);
}
}
}
}
167 changes: 33 additions & 134 deletions src/jwtauth/JwtAuthorizationRoute.test.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import * as cassava from "cassava";
import * as chai from "chai";
import {createTestProxyEvent} from "./createTestProxyEvent";
import {JwtAuthorizationRoute} from "./JwtAuthorizationRoute";
import {AuthorizationBadge} from "./AuthorizationBadge";

Expand All @@ -10,8 +9,8 @@ describe("JwtAuthorizationRoute", () => {
const router = new cassava.Router();
const jwtAuthorizationRoute = new JwtAuthorizationRoute(Promise.resolve({secretkey:"secret"}));
jwtAuthorizationRoute.logErrors = false;
router.addCustomRoute(jwtAuthorizationRoute);
router.addCustomRoute({
router.route(jwtAuthorizationRoute);
router.route({
matches: () => true,
handle: async evt => {
const auth = evt.meta["auth"] as AuthorizationBadge;
Expand All @@ -25,21 +24,11 @@ describe("JwtAuthorizationRoute", () => {
}
});

const proxyEvent = createTestProxyEvent("/foo/bar", {
const resp = await cassava.testing.testRouter(router, cassava.testing.createTestProxyEvent("/foo/bar", "GET", {
headers: {
Authorization: "Bearer eyJ2ZXIiOjEsInZhdiI6MSwiYWxnIjoiSFMyNTYiLCJ0eXAiOiJKV1QifQ.eyJnIjp7Imd1aSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQtVEVTVCIsImdtaSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQifSwiaWF0IjoiMjAxNi0xMi0xMlQyMDoxMTo0MC45OTcrMDAwMCIsInNjb3BlcyI6WyJDIiwiVCIsIlIiLCJDRUMiLCJDRVIiLCJVQSIsIkYiXX0.uZxYrUPqwJk5oTTtDWaPOYzhRSt5dzRS4OZGYP8u2Po"
}
});

const resp = await new Promise<cassava.ProxyResponse>((resolve, reject) => {
router.getLambdaHandler()(proxyEvent, {} as any, (err, res) => {
if (err) {
reject(err);
} else {
resolve(res);
}
});
});
}));

chai.assert.isObject(resp);
chai.assert.equal(resp.statusCode, 200, JSON.stringify(resp));
Expand All @@ -51,8 +40,8 @@ describe("JwtAuthorizationRoute", () => {
const router = new cassava.Router();
const jwtAuthorizationRoute = new JwtAuthorizationRoute(Promise.resolve({secretkey:"secret"}));
jwtAuthorizationRoute.logErrors = false;
router.addCustomRoute(jwtAuthorizationRoute);
router.addCustomRoute({
router.route(jwtAuthorizationRoute);
router.route({
matches: () => true,
handle: async evt => {
const auth = evt.meta["auth"] as AuthorizationBadge;
Expand All @@ -66,22 +55,12 @@ describe("JwtAuthorizationRoute", () => {
}
});

const proxyEvent = createTestProxyEvent("/foo/bar", {
const resp = await cassava.testing.testRouter(router, cassava.testing.createTestProxyEvent("/foo/bar", "GET", {
headers: {
Cookie: "gb_jwt_session=eyJ2ZXIiOjEsInZhdiI6MSwiYWxnIjoiSFMyNTYiLCJ0eXAiOiJKV1QifQ.eyJnIjp7Imd1aSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQtVEVTVCIsImdtaSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQifSwiaWF0IjoiMjAxNi0xMi0xMlQyMDoxMTo0MC45OTcrMDAwMCIsInNjb3BlcyI6WyJDIiwiVCIsIlIiLCJDRUMiLCJDRVIiLCJVQSIsIkYiXX0; gb_jwt_signature=uZxYrUPqwJk5oTTtDWaPOYzhRSt5dzRS4OZGYP8u2Po",
"X-Requested-With": "XMLHttpRequest"
}
});

const resp = await new Promise<cassava.ProxyResponse>((resolve, reject) => {
router.getLambdaHandler()(proxyEvent, {} as any, (err, res) => {
if (err) {
reject(err);
} else {
resolve(res);
}
});
});
}));

chai.assert.isObject(resp);
chai.assert.equal(resp.statusCode, 200, JSON.stringify(resp));
Expand All @@ -93,8 +72,8 @@ describe("JwtAuthorizationRoute", () => {
const router = new cassava.Router();
const jwtAuthorizationRoute = new JwtAuthorizationRoute(Promise.resolve({secretkey:"secret"}));
jwtAuthorizationRoute.logErrors = false;
router.addCustomRoute(jwtAuthorizationRoute);
router.addCustomRoute({
router.route(jwtAuthorizationRoute);
router.route({
matches: () => true,
handle: async evt => {
const auth = evt.meta["auth"] as AuthorizationBadge;
Expand All @@ -108,22 +87,12 @@ describe("JwtAuthorizationRoute", () => {
}
});

const proxyEvent = createTestProxyEvent("/foo/bar", {
const resp = await cassava.testing.testRouter(router, cassava.testing.createTestProxyEvent("/foo/bar", "GET", {
headers: {
Cookie: "gb_jwt_session=eyJ2ZXIiOjEsInZhdiI6MSwiYWxnIjoiSFMyNTYiLCJ0eXAiOiJKV1QifQ.eyJnIjp7Imd1aSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQtVEVTVCIsImdtaSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQifSwiaWF0IjoiMjAxNi0xMi0xMlQyMDoxMTo0MC45OTcrMDAwMCIsInNjb3BlcyI6WyJDIiwiVCIsIlIiLCJDRUMiLCJDRVIiLCJVQSIsIkYiXX0; gb_jwt_signature=uZxYrUPqwJk5oTTtDWaPOYzhRSt5dzRS4OZGYP8u2Po",
"x-requested-with": "XMLHttpRequest"
}
});

const resp = await new Promise<cassava.ProxyResponse>((resolve, reject) => {
router.getLambdaHandler()(proxyEvent, {} as any, (err, res) => {
if (err) {
reject(err);
} else {
resolve(res);
}
});
});
}));

chai.assert.isObject(resp);
chai.assert.equal(resp.statusCode, 200, JSON.stringify(resp));
Expand All @@ -134,23 +103,13 @@ describe("JwtAuthorizationRoute", () => {
const router = new cassava.Router();
const jwtAuthorizationRoute = new JwtAuthorizationRoute(Promise.resolve({secretkey:"secret"}));
jwtAuthorizationRoute.logErrors = false;
router.addCustomRoute(jwtAuthorizationRoute);
router.route(jwtAuthorizationRoute);

const proxyEvent = createTestProxyEvent("/foo/bar", {
const resp = await cassava.testing.testRouter(router, cassava.testing.createTestProxyEvent("/foo/bar", "GET", {
headers: {
Authorization: "Bearer eyJ2ZXIiOjEsInZhdiI6MSwiYWxnIjoiSFMyNTYiLCJ0eXAiOiJKV1QifQ.eyJnIjp7Imd1aSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQtVEVTVCIsImdtaSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQifSwiaWF0IjoiMjAxNi0xMi0xMlQyMDoxMTo0MC45OTcrMDAwMCIsImV4cCI6IjIwMTYtMTItMTJUMjA6MTE6NDAuOTk3KzAwMDAiLCJzY29wZXMiOlsiQyIsIlQiLCJSIiwiQ0VDIiwiQ0VSIiwiVUEiLCJGIl19.Wyqsgd_QvLT2bRkK8O6WAPOnC-0deYm6xuwHORzzQWo"
}
});

const resp = await new Promise<cassava.ProxyResponse>((resolve, reject) => {
router.getLambdaHandler()(proxyEvent, {} as any, (err, res) => {
if (err) {
reject(err);
} else {
resolve(res);
}
});
});
}));

chai.assert.isObject(resp);
chai.assert.equal(resp.statusCode, 401, JSON.stringify(resp));
Expand All @@ -160,23 +119,13 @@ describe("JwtAuthorizationRoute", () => {
const router = new cassava.Router();
const jwtAuthorizationRoute = new JwtAuthorizationRoute(Promise.resolve({secretkey:"secret"}));
jwtAuthorizationRoute.logErrors = false;
router.addCustomRoute(jwtAuthorizationRoute);
router.route(jwtAuthorizationRoute);

const proxyEvent = createTestProxyEvent("/foo/bar", {
const resp = await cassava.testing.testRouter(router, cassava.testing.createTestProxyEvent("/foo/bar", "GET", {
headers: {
Authorization: "Bearer eyJ2ZXIiOjEsInZhdiI6MSwiYWxnIjoiSFMyNTYiLCJ0eXAiOiJKV1QifQ.eyJnIjp7Imd1aSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQtVEVTVCIsImdtaSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQifSwiaWF0IjoiMjAxNi0xMi0xMlQyMDoxMTo0MC45OTcrMDAwMCIsInNjb3BlcyI6WyJDIiwiVCIsIlIiLCJDRUMiLCJDRVIiLCJVQSIsIkYiXX0.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
});

const resp = await new Promise<cassava.ProxyResponse>((resolve, reject) => {
router.getLambdaHandler()(proxyEvent, {} as any, (err, res) => {
if (err) {
reject(err);
} else {
resolve(res);
}
});
});
}));

chai.assert.isObject(resp);
chai.assert.equal(resp.statusCode, 401, JSON.stringify(resp));
Expand All @@ -186,24 +135,14 @@ describe("JwtAuthorizationRoute", () => {
const router = new cassava.Router();
const jwtAuthorizationRoute = new JwtAuthorizationRoute(Promise.resolve({secretkey:"secret"}));
jwtAuthorizationRoute.logErrors = false;
router.addCustomRoute(jwtAuthorizationRoute);
router.route(jwtAuthorizationRoute);

const proxyEvent = createTestProxyEvent("/foo/bar", {
const resp = await cassava.testing.testRouter(router, cassava.testing.createTestProxyEvent("/foo/bar", "GET", {
headers: {
Cookie: "gb_jwt_session=eyJ2ZXIiOjEsInZhdiI6MSwiYWxnIjoiSFMyNTYiLCJ0eXAiOiJKV1QifQ.eyJnIjp7Imd1aSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQtVEVTVCIsImdtaSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQifSwiaWF0IjoiMjAxNi0xMi0xMlQyMDoxMTo0MC45OTcrMDAwMCIsInNjb3BlcyI6WyJDIiwiVCIsIlIiLCJDRUMiLCJDRVIiLCJVQSIsIkYiXX0; gb_jwt_signature=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"X-Requested-With": "XMLHttpRequest"
}
});

const resp = await new Promise<cassava.ProxyResponse>((resolve, reject) => {
router.getLambdaHandler()(proxyEvent, {} as any, (err, res) => {
if (err) {
reject(err);
} else {
resolve(res);
}
});
});
}));

chai.assert.isObject(resp);
chai.assert.equal(resp.statusCode, 401, JSON.stringify(resp));
Expand All @@ -213,23 +152,13 @@ describe("JwtAuthorizationRoute", () => {
const router = new cassava.Router();
const jwtAuthorizationRoute = new JwtAuthorizationRoute(Promise.resolve({secretkey:"secret"}));
jwtAuthorizationRoute.logErrors = false;
router.addCustomRoute(jwtAuthorizationRoute);
router.route(jwtAuthorizationRoute);

const proxyEvent = createTestProxyEvent("/foo/bar", {
const resp = await cassava.testing.testRouter(router, cassava.testing.createTestProxyEvent("/foo/bar", "GET", {
headers: {
Cookie: "gb_jwt_session=eyJ2ZXIiOjEsInZhdiI6MSwiYWxnIjoiSFMyNTYiLCJ0eXAiOiJKV1QifQ.eyJnIjp7Imd1aSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQtVEVTVCIsImdtaSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQifSwiaWF0IjoiMjAxNi0xMi0xMlQyMDoxMTo0MC45OTcrMDAwMCIsInNjb3BlcyI6WyJDIiwiVCIsIlIiLCJDRUMiLCJDRVIiLCJVQSIsIkYiXX0; gb_jwt_signature=uZxYrUPqwJk5oTTtDWaPOYzhRSt5dzRS4OZGYP8u2Po"
}
});

const resp = await new Promise<cassava.ProxyResponse>((resolve, reject) => {
router.getLambdaHandler()(proxyEvent, {} as any, (err, res) => {
if (err) {
reject(err);
} else {
resolve(res);
}
});
});
}));

chai.assert.isObject(resp);
chai.assert.equal(resp.statusCode, 401, JSON.stringify(resp));
Expand All @@ -239,24 +168,14 @@ describe("JwtAuthorizationRoute", () => {
const router = new cassava.Router();
const jwtAuthorizationRoute = new JwtAuthorizationRoute(Promise.resolve({secretkey:"secret"}));
jwtAuthorizationRoute.logErrors = false;
router.addCustomRoute(jwtAuthorizationRoute);
router.route(jwtAuthorizationRoute);

const proxyEvent = createTestProxyEvent("/foo/bar", {
const resp = await cassava.testing.testRouter(router, cassava.testing.createTestProxyEvent("/foo/bar", "GET", {
headers: {
Cookie: "gb_jwt_session=eyJ2ZXIiOjEsInZhdiI6MSwiYWxnIjoiSFMyNTYiLCJ0eXAiOiJKV1QifQ.eyJnIjp7Imd1aSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQtVEVTVCIsImdtaSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQifSwiaWF0IjoiMjAxNi0xMi0xMlQyMDoxMTo0MC45OTcrMDAwMCIsInNjb3BlcyI6WyJDIiwiVCIsIlIiLCJDRUMiLCJDRVIiLCJVQSIsIkYiXX0; gb_jwt_signature=uZxYrUPqwJk5oTTtDWaPOYzhRSt5dzRS4OZGYP8u2Po",
"X-Requested-With": "xmlhttprequest"
}
});

const resp = await new Promise<cassava.ProxyResponse>((resolve, reject) => {
router.getLambdaHandler()(proxyEvent, {} as any, (err, res) => {
if (err) {
reject(err);
} else {
resolve(res);
}
});
});
}));

chai.assert.isObject(resp);
chai.assert.equal(resp.statusCode, 401, JSON.stringify(resp));
Expand All @@ -266,24 +185,14 @@ describe("JwtAuthorizationRoute", () => {
const router = new cassava.Router();
const jwtAuthorizationRoute = new JwtAuthorizationRoute(Promise.resolve({secretkey:"secret"}));
jwtAuthorizationRoute.logErrors = false;
router.addCustomRoute(jwtAuthorizationRoute);
router.route(jwtAuthorizationRoute);

const proxyEvent = createTestProxyEvent("/foo/bar", {
const resp = await cassava.testing.testRouter(router, cassava.testing.createTestProxyEvent("/foo/bar", "GET", {
headers: {
Cookie: "gb_jwt_signature=uZxYrUPqwJk5oTTtDWaPOYzhRSt5dzRS4OZGYP8u2Po",
"X-Requested-With": "XMLHttpRequest"
}
});

const resp = await new Promise<cassava.ProxyResponse>((resolve, reject) => {
router.getLambdaHandler()(proxyEvent, {} as any, (err, res) => {
if (err) {
reject(err);
} else {
resolve(res);
}
});
});
}));

chai.assert.isObject(resp);
chai.assert.equal(resp.statusCode, 401, JSON.stringify(resp));
Expand All @@ -293,24 +202,14 @@ describe("JwtAuthorizationRoute", () => {
const router = new cassava.Router();
const jwtAuthorizationRoute = new JwtAuthorizationRoute(Promise.resolve({secretkey:"secret"}));
jwtAuthorizationRoute.logErrors = false;
router.addCustomRoute(jwtAuthorizationRoute);
router.route(jwtAuthorizationRoute);

const proxyEvent = createTestProxyEvent("/foo/bar", {
const resp = await cassava.testing.testRouter(router, cassava.testing.createTestProxyEvent("/foo/bar", "GET", {
headers: {
Cookie: "gb_jwt_session=eyJ2ZXIiOjEsInZhdiI6MSwiYWxnIjoiSFMyNTYiLCJ0eXAiOiJKV1QifQ.eyJnIjp7Imd1aSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQtVEVTVCIsImdtaSI6InVzZXItNzA1MjIxMGJjYjk0NDQ4YjgyNWZmYTY4NTA4ZDI5YWQifSwiaWF0IjoiMjAxNi0xMi0xMlQyMDoxMTo0MC45OTcrMDAwMCIsInNjb3BlcyI6WyJDIiwiVCIsIlIiLCJDRUMiLCJDRVIiLCJVQSIsIkYiXX0",
"X-Requested-With": "XMLHttpRequest"
}
});

const resp = await new Promise<cassava.ProxyResponse>((resolve, reject) => {
router.getLambdaHandler()(proxyEvent, {} as any, (err, res) => {
if (err) {
reject(err);
} else {
resolve(res);
}
});
});
}));

chai.assert.isObject(resp);
chai.assert.equal(resp.statusCode, 401, JSON.stringify(resp));
Expand Down
Loading

0 comments on commit 47d547c

Please sign in to comment.