mirror of
https://github.com/oven-sh/bun
synced 2026-02-13 12:29:07 +00:00
35109160ca
* oops * createSecretKey but weird error * use the right prototype, do not add a function called export lol * HMAC JWT export + base64 fix * Fix Equals, Fix Get KeySize, add complete export RSA * fix RSA export * add EC exports * X25519 and ED25519 export + fixes * fix default exports * better asymmetricKeyType * fix private exports * fix symmetricKeySize * createPublicKey validations + refactor * jwt + der fixes * oopsies * add PEM into createPublicKey * cleanup * WIP * bunch of fixes * public from private + private OKP * encrypted keys fixes * oops * fix clear tls error, add some support to jwk and other formats on publicEncrypt/publicDecrypt * more fixes and tests working * more fixes more tests * more clear hmac errors * more tests and fixes * add generateKeyPair * more tests passing, some skips * fix EC key from private * fix OKP JWK * nodejs ignores ext and key_ops on KeyObject.exports * add EC sign verify test * some fixes * add crypto.generateKeyPairSync(type, options) * more fixes and more tests * fix hmac tests * jsonwebtoken tests * oops * oops2 * generated files * revert package.json * vm tests * todos instead of failues * toBunString -> toString * undo simdutf * improvements * unlikely * cleanup * cleanup 2 * oops * move _generateKeyPairSync checks to native
134 lines
4.8 KiB
JavaScript
134 lines
4.8 KiB
JavaScript
"use strict";
|
|
|
|
import jwt from "jsonwebtoken";
|
|
import { expect, describe, it } from "bun:test";
|
|
import util from "util";
|
|
import testUtils from "./test-utils";
|
|
|
|
function signWithSubject(subject, payload, callback) {
|
|
const options = { algorithm: "HS256" };
|
|
if (subject !== undefined) {
|
|
options.subject = subject;
|
|
}
|
|
testUtils.signJWTHelper(payload, "secret", options, callback);
|
|
}
|
|
|
|
describe("subject", function () {
|
|
describe('`jwt.sign` "subject" option validation', function () {
|
|
[true, false, null, -1, 0, 1, -1.1, 1.1, -Infinity, Infinity, NaN, [], ["foo"], {}, { foo: "bar" }].forEach(
|
|
subject => {
|
|
it(`should error with with value ${util.inspect(subject)}`, function (done) {
|
|
signWithSubject(subject, {}, err => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(err).toBeInstanceOf(Error);
|
|
expect(err).toHaveProperty("message", '"subject" must be a string');
|
|
});
|
|
});
|
|
});
|
|
},
|
|
);
|
|
|
|
// undefined needs special treatment because {} is not the same as {subject: undefined}
|
|
it("should error with with value undefined", function (done) {
|
|
testUtils.signJWTHelper({}, "secret", { subject: undefined, algorithm: "HS256" }, err => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(err).toBeInstanceOf(Error);
|
|
expect(err).toHaveProperty("message", '"subject" must be a string');
|
|
});
|
|
});
|
|
});
|
|
|
|
it('should error when "sub" is in payload', function (done) {
|
|
signWithSubject("foo", { sub: "bar" }, err => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(err).toBeInstanceOf(Error);
|
|
expect(err).toHaveProperty(
|
|
"message",
|
|
'Bad "options.subject" option. The payload already has an "sub" property.',
|
|
);
|
|
});
|
|
});
|
|
});
|
|
|
|
it("should error with a string payload", function (done) {
|
|
signWithSubject("foo", "a string payload", err => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(err).toBeInstanceOf(Error);
|
|
expect(err).toHaveProperty("message", "invalid subject option for string payload");
|
|
});
|
|
});
|
|
});
|
|
|
|
it("should error with a Buffer payload", function (done) {
|
|
signWithSubject("foo", new Buffer("a Buffer payload"), err => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(err).toBeInstanceOf(Error);
|
|
expect(err).toHaveProperty("message", "invalid subject option for object payload");
|
|
});
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('when signing and verifying a token with "subject" option', function () {
|
|
it('should verify with a string "subject"', function (done) {
|
|
signWithSubject("foo", {}, (e1, token) => {
|
|
testUtils.verifyJWTHelper(token, "secret", { subject: "foo" }, (e2, decoded) => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(e1).toBeNull();
|
|
expect(e2).toBeNull();
|
|
expect(decoded).toHaveProperty("sub", "foo");
|
|
});
|
|
});
|
|
});
|
|
});
|
|
|
|
it('should verify with a string "sub"', function (done) {
|
|
signWithSubject(undefined, { sub: "foo" }, (e1, token) => {
|
|
testUtils.verifyJWTHelper(token, "secret", { subject: "foo" }, (e2, decoded) => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(e1).toBeNull();
|
|
expect(e2).toBeNull();
|
|
expect(decoded).toHaveProperty("sub", "foo");
|
|
});
|
|
});
|
|
});
|
|
});
|
|
|
|
it('should not verify "sub" if verify "subject" option not provided', function (done) {
|
|
signWithSubject(undefined, { sub: "foo" }, (e1, token) => {
|
|
testUtils.verifyJWTHelper(token, "secret", {}, (e2, decoded) => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(e1).toBeNull();
|
|
expect(e2).toBeNull();
|
|
expect(decoded).toHaveProperty("sub", "foo");
|
|
});
|
|
});
|
|
});
|
|
});
|
|
|
|
it('should error if "sub" does not match verify "subject" option', function (done) {
|
|
signWithSubject(undefined, { sub: "foo" }, (e1, token) => {
|
|
testUtils.verifyJWTHelper(token, "secret", { subject: "bar" }, e2 => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(e1).toBeNull();
|
|
expect(e2).toBeInstanceOf(jwt.JsonWebTokenError);
|
|
expect(e2).toHaveProperty("message", "jwt subject invalid. expected: bar");
|
|
});
|
|
});
|
|
});
|
|
});
|
|
|
|
it('should error without "sub" and with verify "subject" option', function (done) {
|
|
signWithSubject(undefined, {}, (e1, token) => {
|
|
testUtils.verifyJWTHelper(token, "secret", { subject: "foo" }, e2 => {
|
|
testUtils.asyncCheck(done, () => {
|
|
expect(e1).toBeNull();
|
|
expect(e2).toBeInstanceOf(jwt.JsonWebTokenError);
|
|
expect(e2).toHaveProperty("message", "jwt subject invalid. expected: foo");
|
|
});
|
|
});
|
|
});
|
|
});
|
|
});
|
|
});
|