mirror of
https://github.com/oven-sh/bun
synced 2026-02-11 11:29:02 +00:00
35109160ca
* oops * createSecretKey but weird error * use the right prototype, do not add a function called export lol * HMAC JWT export + base64 fix * Fix Equals, Fix Get KeySize, add complete export RSA * fix RSA export * add EC exports * X25519 and ED25519 export + fixes * fix default exports * better asymmetricKeyType * fix private exports * fix symmetricKeySize * createPublicKey validations + refactor * jwt + der fixes * oopsies * add PEM into createPublicKey * cleanup * WIP * bunch of fixes * public from private + private OKP * encrypted keys fixes * oops * fix clear tls error, add some support to jwk and other formats on publicEncrypt/publicDecrypt * more fixes and tests working * more fixes more tests * more clear hmac errors * more tests and fixes * add generateKeyPair * more tests passing, some skips * fix EC key from private * fix OKP JWK * nodejs ignores ext and key_ops on KeyObject.exports * add EC sign verify test * some fixes * add crypto.generateKeyPairSync(type, options) * more fixes and more tests * fix hmac tests * jsonwebtoken tests * oops * oops2 * generated files * revert package.json * vm tests * todos instead of failues * toBunString -> toString * undo simdutf * improvements * unlikely * cleanup * cleanup 2 * oops * move _generateKeyPairSync checks to native
73 lines
2.5 KiB
JavaScript
73 lines
2.5 KiB
JavaScript
var PS_SUPPORTED = true;
|
|
import jwt from "jsonwebtoken";
|
|
import { expect, describe, it } from "bun:test";
|
|
import fs from "fs";
|
|
|
|
describe("schema", function () {
|
|
describe("sign options", function () {
|
|
var cert_rsa_priv = fs.readFileSync(__dirname + "/rsa-private.pem");
|
|
var cert_ecdsa_priv = fs.readFileSync(__dirname + "/ecdsa-private.pem");
|
|
var cert_secp384r1_priv = fs.readFileSync(__dirname + "/secp384r1-private.pem");
|
|
var cert_secp521r1_priv = fs.readFileSync(__dirname + "/secp521r1-private.pem");
|
|
|
|
function sign(options, secretOrPrivateKey) {
|
|
jwt.sign({ foo: 123 }, secretOrPrivateKey, options);
|
|
}
|
|
|
|
it("should validate algorithm", function () {
|
|
expect(function () {
|
|
sign({ algorithm: "foo" }, cert_rsa_priv);
|
|
}).toThrow(/"algorithm" must be a valid string enum value/);
|
|
sign({ algorithm: "none" }, null);
|
|
sign({ algorithm: "RS256" }, cert_rsa_priv);
|
|
sign({ algorithm: "RS384" }, cert_rsa_priv);
|
|
sign({ algorithm: "RS512" }, cert_rsa_priv);
|
|
if (PS_SUPPORTED) {
|
|
sign({ algorithm: "PS256" }, cert_rsa_priv);
|
|
sign({ algorithm: "PS384" }, cert_rsa_priv);
|
|
sign({ algorithm: "PS512" }, cert_rsa_priv);
|
|
}
|
|
sign({ algorithm: "ES256" }, cert_ecdsa_priv);
|
|
sign({ algorithm: "ES384" }, cert_secp384r1_priv);
|
|
sign({ algorithm: "ES512" }, cert_secp521r1_priv);
|
|
sign({ algorithm: "HS256" }, "superSecret");
|
|
sign({ algorithm: "HS384" }, "superSecret");
|
|
sign({ algorithm: "HS512" }, "superSecret");
|
|
});
|
|
|
|
it("should validate header", function () {
|
|
expect(function () {
|
|
sign({ header: "foo" }, "superSecret");
|
|
}).toThrow(/"header" must be an object/);
|
|
sign({ header: {} }, "superSecret");
|
|
});
|
|
|
|
it("should validate encoding", function () {
|
|
expect(function () {
|
|
sign({ encoding: 10 }, "superSecret");
|
|
}).toThrow(/"encoding" must be a string/);
|
|
sign({ encoding: "utf8" }, "superSecret");
|
|
});
|
|
|
|
it("should validate noTimestamp", function () {
|
|
expect(function () {
|
|
sign({ noTimestamp: 10 }, "superSecret");
|
|
}).toThrow(/"noTimestamp" must be a boolean/);
|
|
sign({ noTimestamp: true }, "superSecret");
|
|
});
|
|
});
|
|
|
|
describe("sign payload registered claims", function () {
|
|
function sign(payload) {
|
|
jwt.sign(payload, "foo123");
|
|
}
|
|
|
|
it("should validate exp", function () {
|
|
expect(function () {
|
|
sign({ exp: "1 monkey" });
|
|
}).toThrow(/"exp" should be a number of seconds/);
|
|
sign({ exp: 10.1 });
|
|
});
|
|
});
|
|
});
|