diff --git a/src/lib/crypto.js b/src/lib/crypto.js index b5d0247..48ad20c 100644 --- a/src/lib/crypto.js +++ b/src/lib/crypto.js @@ -76,6 +76,8 @@ module.exports = { _.reduce(objectClaims, (c, oClaims, objectType) => { if (_.isObject(oClaims) && !_.isEmpty(oClaims)) { c[`io.hull.as${_.upperFirst(objectType)}`] = oClaims; + } else if (_.isString(oClaims) && !_.isEmpty(oClaims) && objectType !== subjectType) { + c[`io.hull.as${_.upperFirst(objectType)}`] = { id: oClaims }; } return c; }, claims); diff --git a/tests/client-tests.js b/tests/client-tests.js index 3855384..bf05a8f 100644 --- a/tests/client-tests.js +++ b/tests/client-tests.js @@ -98,6 +98,23 @@ describe("Hull", () => { .that.eql({ email: "foo@bar.com" }); }); + it("should allow to link a user using its id to an account", () => { + const hull = new Hull({ id: "562123b470df84b740000042", secret: "1234", organization: "test" }); + + const scoped = hull.asUser("1234").account({ domain: "hull.io" }); + const scopedJwtClaims = jwt.decode(scoped.configuration().accessToken, scoped.configuration().secret); + + expect(scopedJwtClaims) + .to.have.property("io.hull.subjectType") + .that.eql("account"); + expect(scopedJwtClaims) + .to.have.property("io.hull.asAccount") + .that.eql({ domain: "hull.io" }); + expect(scopedJwtClaims) + .to.have.property("io.hull.asUser") + .that.eql({ id: "1234" }); + }); + it("should allow to resolve an existing account user is linked to", () => { const hull = new Hull({ id: "562123b470df84b740000042", secret: "1234", organization: "test" }); @@ -126,6 +143,6 @@ describe("Hull", () => { .to.not.throw(Error); expect(hull.asAccount.bind(null, { external_id: "1234" })) .to.not.throw(Error); - }) + }); }); });