mirrors/bun.sh
1
0
Fork 0
mirror of https://github.com/oven-sh/bun synced 2026-02-11 03:18:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
20d33e480bbf332d94de022904301576c82e3865
bun.sh/test/js/third_party/jsonwebtoken/jwt.hs.test.js
Ciro Spaciari 35109160ca feat(KeyObject) (#5940) 
* oops

* createSecretKey but weird error

* use the right prototype, do not add a function called export lol

* HMAC JWT export + base64 fix

* Fix Equals, Fix Get KeySize, add complete export RSA

* fix RSA export

* add EC exports

* X25519 and ED25519 export + fixes

* fix default exports

* better asymmetricKeyType

* fix private exports

* fix symmetricKeySize

* createPublicKey validations + refactor

* jwt + der fixes

* oopsies

* add PEM into createPublicKey

* cleanup

* WIP

* bunch of fixes

* public from private + private OKP

* encrypted keys fixes

* oops

* fix clear tls error, add some support to jwk and other formats on publicEncrypt/publicDecrypt

* more fixes and tests working

* more fixes more tests

* more clear hmac errors

* more tests and fixes

* add generateKeyPair

* more tests passing, some skips

* fix EC key from private

* fix OKP JWK

* nodejs ignores ext and key_ops on KeyObject.exports

* add EC sign verify test

* some fixes

* add crypto.generateKeyPairSync(type, options)

* more fixes and more tests

* fix hmac tests

* jsonwebtoken tests

* oops

* oops2

* generated files

* revert package.json

* vm tests

* todos instead of failues

* toBunString -> toString

* undo simdutf

* improvements

* unlikely

* cleanup

* cleanup 2

* oops

* move _generateKeyPairSync checks to native
2023-10-07 15:22:45 -07:00

141 lines
4.9 KiB
JavaScript
Raw Blame History

import jwt from "jsonwebtoken";
import { expect, describe, it } from "bun:test";
import jws from "jws";
import { generateKeyPairSync } from "crypto";
describe("HS256", function () {
describe("when signing using HS256", function () {
it("should throw if the secret is an asymmetric key", function () {
const { privateKey } = generateKeyPairSync("rsa", { modulusLength: 2048 });
expect(function () {
jwt.sign({ foo: "bar" }, privateKey, { algorithm: "HS256" });
}).toThrow("must be a symmetric key");
});
it("should throw if the payload is undefined", function () {
expect(function () {
jwt.sign(undefined, "secret", { algorithm: "HS256" });
}).toThrow("payload is required");
});
it("should throw if options is not a plain object", function () {
expect(function () {
jwt.sign({ foo: "bar" }, "secret", ["HS256"]);
}).toThrow('Expected "options" to be a plain object');
});
});
describe("with a token signed using HS256", function () {
var secret = "shhhhhh";
var token = jwt.sign({ foo: "bar" }, secret, { algorithm: "HS256" });
it("should be syntactically valid", function () {
expect(typeof token).toBe("string");
expect(token.split(".")).toHaveLength(3);
});
it("should be able to validate without options", function (done) {
var callback = function (err, decoded) {
if (err) return done(err);
expect(decoded).toBeDefined();
expect(decoded.foo).toBeDefined();
expect("bar").toBe(decoded.foo);
done();
};
callback.issuer = "shouldn't affect";
jwt.verify(token, secret, callback);
});
it("should validate with secret", function (done) {
jwt.verify(token, secret, function (err, decoded) {
if (err) return done(err);
expect(decoded).toBeDefined();
expect(decoded.foo).toBeDefined();
done();
});
});
it("should throw with invalid secret", function (done) {
jwt.verify(token, "invalid secret", function (err, decoded) {
expect(decoded).toBeUndefined();
expect(err).toBeTruthy();
done();
});
});
it("should throw with secret and token not signed", function (done) {
const header = { alg: "none" };
const payload = { foo: "bar" };
const token = jws.sign({ header, payload, secret: "secret", encoding: "utf8" });
jwt.verify(token, "secret", function (err, decoded) {
expect(decoded).toBeUndefined();
expect(err).toBeTruthy();
done();
});
});
it("should throw with falsy secret and token not signed", function (done) {
const header = { alg: "none" };
const payload = { foo: "bar" };
const token = jws.sign({ header, payload, secret: null, encoding: "utf8" });
jwt.verify(token, "secret", function (err, decoded) {
expect(decoded).toBeUndefined();
expect(err).toBeTruthy();
done();
});
});
it("should throw when verifying null", function (done) {
jwt.verify(null, "secret", function (err, decoded) {
expect(decoded).toBeUndefined();
expect(err).toBeTruthy();
done();
});
});
it("should return an error when the token is expired", function (done) {
var token = jwt.sign({ exp: 1 }, secret, { algorithm: "HS256" });
jwt.verify(token, secret, { algorithm: "HS256" }, function (err, decoded) {
expect(decoded).toBeUndefined();
expect(err).toBeTruthy();
done();
});
});
it('should NOT return an error when the token is expired with "ignoreExpiration"', function (done) {
var token = jwt.sign({ exp: 1, foo: "bar" }, secret, { algorithm: "HS256" });
jwt.verify(token, secret, { algorithm: "HS256", ignoreExpiration: true }, function (err, decoded) {
if (err) return done(err);
expect(decoded).toBeDefined();
expect("bar").toBe(decoded.foo);
expect(decoded.foo).toBeDefined();
done();
});
});
it("should default to HS256 algorithm when no options are passed", function () {
var token = jwt.sign({ foo: "bar" }, secret);
var verifiedToken = jwt.verify(token, secret);
expect(verifiedToken).toBeDefined();
expect("bar").toBe(verifiedToken.foo);
});
});
describe("should fail verification gracefully with trailing space in the jwt", function () {
var secret = "shhhhhh";
var token = jwt.sign({ foo: "bar" }, secret, { algorithm: "HS256" });
it('should return the "invalid token" error', function (done) {
var malformedToken = token + " "; // corrupt the token by adding a space
jwt.verify(malformedToken, secret, { algorithm: "HS256", ignoreExpiration: true }, function (err) {
expect(err).not.toBeNull();
expect("JsonWebTokenError").toBe(err.name);
expect("invalid token").toBe(err.message);
done();
});
});
});
});
Reference in New Issue View Git Blame Copy Permalink