mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-02-10 23:36:14 -05:00
9e96b04542
- this is a small part of a bit of cleanup of our test files - the goal is to make the existing tests clearer with a view to making it easier to write more tests - this makes the test structure follow the codebase structure more closely - eventually we will colocate the tests as we break the codebase down further
98 lines
2.9 KiB
JavaScript
98 lines
2.9 KiB
JavaScript
const errors = require('@tryghost/errors');
|
|
const {authenticateContentApiKey} = require('../../../../../../core/server/services/auth/api-key/content');
|
|
const models = require('../../../../../../core/server/models');
|
|
const should = require('should');
|
|
const sinon = require('sinon');
|
|
const testUtils = require('../../../../../utils');
|
|
|
|
describe('Content API Key Auth', function () {
|
|
before(models.init);
|
|
|
|
this.beforeEach(function () {
|
|
const fakeApiKey = {
|
|
id: '1234',
|
|
type: 'content',
|
|
secret: Buffer.from('testing').toString('hex'),
|
|
get(prop) {
|
|
return this[prop];
|
|
}
|
|
};
|
|
this.fakeApiKey = fakeApiKey;
|
|
|
|
this.apiKeyStub = sinon.stub(models.ApiKey, 'findOne');
|
|
this.apiKeyStub.returns(Promise.resolve());
|
|
this.apiKeyStub.withArgs({secret: fakeApiKey.secret}).returns(Promise.resolve(fakeApiKey));
|
|
});
|
|
|
|
afterEach(function () {
|
|
sinon.restore();
|
|
});
|
|
|
|
it('should authenticate with known+valid key', function (done) {
|
|
const req = {
|
|
query: {
|
|
key: this.fakeApiKey.secret
|
|
}
|
|
};
|
|
const res = {};
|
|
|
|
authenticateContentApiKey(req, res, (arg) => {
|
|
should.not.exist(arg);
|
|
req.api_key.should.eql(this.fakeApiKey);
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('shouldn\'t authenticate with invalid/unknown key', function (done) {
|
|
const req = {
|
|
query: {
|
|
key: 'unknown'
|
|
}
|
|
};
|
|
const res = {};
|
|
|
|
authenticateContentApiKey(req, res, function next(err) {
|
|
should.exist(err);
|
|
should.equal(err instanceof errors.UnauthorizedError, true);
|
|
err.code.should.eql('UNKNOWN_CONTENT_API_KEY');
|
|
should.not.exist(req.api_key);
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('shouldn\'t authenticate with a non-content-api key', function (done) {
|
|
const req = {
|
|
query: {
|
|
key: this.fakeApiKey.secret
|
|
}
|
|
};
|
|
const res = {};
|
|
|
|
this.fakeApiKey.type = 'admin';
|
|
|
|
authenticateContentApiKey(req, res, function next(err) {
|
|
should.exist(err);
|
|
should.equal(err instanceof errors.UnauthorizedError, true);
|
|
err.code.should.eql('INVALID_API_KEY_TYPE');
|
|
should.not.exist(req.api_key);
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('shouldn\'t authenticate with invalid request', function (done) {
|
|
const req = {
|
|
query: {
|
|
key: [this.fakeApiKey.secret, '']
|
|
}
|
|
};
|
|
const res = {};
|
|
|
|
authenticateContentApiKey(req, res, function next(err) {
|
|
should.exist(err);
|
|
should.equal(err instanceof errors.BadRequestError, true);
|
|
err.code.should.eql('INVALID_REQUEST');
|
|
should.not.exist(req.api_key);
|
|
done();
|
|
});
|
|
});
|
|
});
|