mirror of
https://github.com/oven-sh/bun
synced 2026-02-12 11:59:00 +00:00
35109160ca
* oops * createSecretKey but weird error * use the right prototype, do not add a function called export lol * HMAC JWT export + base64 fix * Fix Equals, Fix Get KeySize, add complete export RSA * fix RSA export * add EC exports * X25519 and ED25519 export + fixes * fix default exports * better asymmetricKeyType * fix private exports * fix symmetricKeySize * createPublicKey validations + refactor * jwt + der fixes * oopsies * add PEM into createPublicKey * cleanup * WIP * bunch of fixes * public from private + private OKP * encrypted keys fixes * oops * fix clear tls error, add some support to jwk and other formats on publicEncrypt/publicDecrypt * more fixes and tests working * more fixes more tests * more clear hmac errors * more tests and fixes * add generateKeyPair * more tests passing, some skips * fix EC key from private * fix OKP JWK * nodejs ignores ext and key_ops on KeyObject.exports * add EC sign verify test * some fixes * add crypto.generateKeyPairSync(type, options) * more fixes and more tests * fix hmac tests * jsonwebtoken tests * oops * oops2 * generated files * revert package.json * vm tests * todos instead of failues * toBunString -> toString * undo simdutf * improvements * unlikely * cleanup * cleanup 2 * oops * move _generateKeyPairSync checks to native
84 lines
3.0 KiB
JavaScript
84 lines
3.0 KiB
JavaScript
"use strict";
|
|
|
|
import jwt from "jsonwebtoken";
|
|
import { expect, describe, it, beforeEach } from "bun:test";
|
|
import util from "util";
|
|
import testUtils from "./test-utils";
|
|
|
|
function signWithKeyId(keyid, payload, callback) {
|
|
const options = { algorithm: "HS256" };
|
|
if (keyid !== undefined) {
|
|
options.keyid = keyid;
|
|
}
|
|
testUtils.signJWTHelper(payload, "secret", options, callback);
|
|
}
|
|
|
|
describe("keyid", function () {
|
|
describe('`jwt.sign` "keyid" option validation', function () {
|
|
[true, false, null, -1, 0, 1, -1.1, 1.1, -Infinity, Infinity, NaN, [], ["foo"], {}, { foo: "bar" }].forEach(
|
|
keyid => {
|
|
it(`should error with with value ${util.inspect(keyid)}`, function (done) {
|
|
signWithKeyId(keyid, {}, err => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(err).toBeInstanceOf(Error);
|
|
expect(err).toHaveProperty("message", '"keyid" must be a string');
|
|
});
|
|
});
|
|
});
|
|
},
|
|
);
|
|
|
|
// undefined needs special treatment because {} is not the same as {keyid: undefined}
|
|
it("should error with with value undefined", function (done) {
|
|
testUtils.signJWTHelper({}, "secret", { keyid: undefined, algorithm: "HS256" }, err => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(err).toBeInstanceOf(Error);
|
|
expect(err).toHaveProperty("message", '"keyid" must be a string');
|
|
});
|
|
});
|
|
});
|
|
});
|
|
|
|
describe("when signing a token", function () {
|
|
it('should not add "kid" header when "keyid" option not provided', function (done) {
|
|
signWithKeyId(undefined, {}, (err, token) => {
|
|
testUtils.asyncCheck(done, () => {
|
|
const decoded = jwt.decode(token, { complete: true });
|
|
expect(err).toBeNull();
|
|
expect(decoded.header).not.toHaveProperty("kid");
|
|
});
|
|
});
|
|
});
|
|
|
|
it('should add "kid" header when "keyid" option is provided and an object payload', function (done) {
|
|
signWithKeyId("foo", {}, (err, token) => {
|
|
testUtils.asyncCheck(done, () => {
|
|
const decoded = jwt.decode(token, { complete: true });
|
|
expect(err).toBeNull();
|
|
expect(decoded.header).toHaveProperty("kid", "foo");
|
|
});
|
|
});
|
|
});
|
|
|
|
it('should add "kid" header when "keyid" option is provided and a Buffer payload', function (done) {
|
|
signWithKeyId("foo", new Buffer("a Buffer payload"), (err, token) => {
|
|
testUtils.asyncCheck(done, () => {
|
|
const decoded = jwt.decode(token, { complete: true });
|
|
expect(err).toBeNull();
|
|
expect(decoded.header).toHaveProperty("kid", "foo");
|
|
});
|
|
});
|
|
});
|
|
|
|
it('should add "kid" header when "keyid" option is provided and a string payload', function (done) {
|
|
signWithKeyId("foo", "a string payload", (err, token) => {
|
|
testUtils.asyncCheck(done, () => {
|
|
const decoded = jwt.decode(token, { complete: true });
|
|
expect(err).toBeNull();
|
|
expect(decoded.header).toHaveProperty("kid", "foo");
|
|
});
|
|
});
|
|
});
|
|
});
|
|
});
|