Merge branch 'main' into sdlsdl

author: Dylan Conway <dylan.conway567@gmail.com> 2023-10-14 12:58:30 -0700
committer: Dylan Conway <dylan.conway567@gmail.com> 2023-10-14 12:58:30 -0700
commit: f9add8b6bea4df3cdbd56a21f17e4cab1a854e4e (patch)
tree: 8e5306104d81c67b771181337bba02cd9ec39453 /test/js/third_party/jsonwebtoken/async_sign.test.js
parent: 81a1a58d66c598ea35c42453d0ba4c6341a940fc (diff)
parent: 9b5e66453b0879ed77b71dcdbe50e4efa184261e (diff)
download: bun-f9add8b6bea4df3cdbd56a21f17e4cab1a854e4e.tar.gz
bun-f9add8b6bea4df3cdbd56a21f17e4cab1a854e4e.tar.zst
bun-f9add8b6bea4df3cdbd56a21f17e4cab1a854e4e.zip
1 files changed, 159 insertions, 0 deletions
diff --git a/test/js/third_party/jsonwebtoken/async_sign.test.js b/test/js/third_party/jsonwebtoken/async_sign.test.js
new file mode 100644
index 000000000..6efb838d0
--- /dev/null
+++ b/test/js/third_party/jsonwebtoken/async_sign.test.js
@@ -0,0 +1,159 @@
+import jwt from "jsonwebtoken";
+import { expect, describe, it } from "bun:test";
+import jws from "jws";
+import { generateKeyPairSync } from "crypto";
+var PS_SUPPORTED = true;
+
+describe("signing a token asynchronously", function () {
+  describe("when signing a token", function () {
+    var secret = "shhhhhh";
+
+    it("should return the same result as singing synchronously", function (done) {
+      jwt.sign({ foo: "bar" }, secret, { algorithm: "HS256" }, function (err, asyncToken) {
+        if (err) return done(err);
+        var syncToken = jwt.sign({ foo: "bar" }, secret, { algorithm: "HS256" });
+        expect(typeof asyncToken).toBe("string");
+        expect(asyncToken.split(".")).toHaveLength(3);
+        expect(asyncToken).toEqual(syncToken);
+        done();
+      });
+    });
+
+    it("should work with empty options", function (done) {
+      jwt.sign({ abc: 1 }, "secret", {}, function (err) {
+        expect(err).toBeNull();
+        done();
+      });
+    });
+
+    it("should work without options object at all", function (done) {
+      jwt.sign({ abc: 1 }, "secret", function (err) {
+        expect(err).toBeNull();
+        done();
+      });
+    });
+
+    it("should work with none algorithm where secret is set", function (done) {
+      jwt.sign({ foo: "bar" }, "secret", { algorithm: "none" }, function (err, token) {
+        expect(typeof token).toBe("string");
+        expect(token.split(".")).toHaveLength(3);
+        done();
+      });
+    });
+
+    //Known bug: https://github.com/brianloveswords/node-jws/issues/62
+    //If you need this use case, you need to go for the non-callback-ish code style.
+    it.skip("should work with none algorithm where secret is falsy", function (done) {
+      jwt.sign({ foo: "bar" }, undefined, { algorithm: "none" }, function (err, token) {
+        expect(typeof token).toBe("string");
+        expect(token.split(".")).toHaveLength(3);
+        done();
+      });
+    });
+
+    it("should return error when secret is not a cert for RS256", function (done) {
+      //this throw an error because the secret is not a cert and RS256 requires a cert.
+      jwt.sign({ foo: "bar" }, secret, { algorithm: "RS256" }, function (err) {
+        expect(err).toBeTruthy();
+        done();
+      });
+    });
+
+    it("should not work for RS algorithms when modulus length is less than 2048 when allowInsecureKeySizes is false or not set", function (done) {
+      const { privateKey } = generateKeyPairSync("rsa", { modulusLength: 1024 });
+
+      jwt.sign({ foo: "bar" }, privateKey, { algorithm: "RS256" }, function (err) {
+        expect(err).toBeTruthy();
+        done();
+      });
+    });
+
+    it("should work for RS algorithms when modulus length is less than 2048 when allowInsecureKeySizes is true", function (done) {
+      const { privateKey } = generateKeyPairSync("rsa", { modulusLength: 1024 });
+
+      jwt.sign({ foo: "bar" }, privateKey, { algorithm: "RS256", allowInsecureKeySizes: true }, done);
+    });
+
+    if (PS_SUPPORTED) {
+      it("should return error when secret is not a cert for PS256", function (done) {
+        //this throw an error because the secret is not a cert and PS256 requires a cert.
+        jwt.sign({ foo: "bar" }, secret, { algorithm: "PS256" }, function (err) {
+          expect(err).toBeTruthy();
+          done();
+        });
+      });
+    }
+
+    it("should return error on wrong arguments", function (done) {
+      //this throw an error because the secret is not a cert and RS256 requires a cert.
+      jwt.sign({ foo: "bar" }, secret, { notBefore: {} }, function (err) {
+        expect(err).toBeTruthy();
+        done();
+      });
+    });
+
+    it("should return error on wrong arguments (2)", function (done) {
+      jwt.sign("string", "secret", { noTimestamp: true }, function (err) {
+        expect(err).toBeTruthy();
+        expect(err).toBeInstanceOf(Error);
+        done();
+      });
+    });
+
+    it("should not stringify the payload", function (done) {
+      jwt.sign("string", "secret", {}, function (err, token) {
+        if (err) {
+          return done(err);
+        }
+        expect(jws.decode(token).payload).toEqual("string");
+        done();
+      });
+    });
+
+    describe("when mutatePayload is not set", function () {
+      it("should not apply claims to the original payload object (mutatePayload defaults to false)", function (done) {
+        var originalPayload = { foo: "bar" };
+        jwt.sign(originalPayload, "secret", { notBefore: 60, expiresIn: 600 }, function (err) {
+          if (err) {
+            return done(err);
+          }
+          expect(originalPayload).not.toHaveProperty("nbf");
+          expect(originalPayload).not.toHaveProperty("exp");
+          done();
+        });
+      });
+    });
+
+    describe("when mutatePayload is set to true", function () {
+      it("should apply claims directly to the original payload object", function (done) {
+        var originalPayload = { foo: "bar" };
+        jwt.sign(originalPayload, "secret", { notBefore: 60, expiresIn: 600, mutatePayload: true }, function (err) {
+          if (err) {
+            return done(err);
+          }
+          expect(originalPayload).toHaveProperty("nbf");
+          expect(originalPayload).toHaveProperty("exp");
+          done();
+        });
+      });
+    });
+
+    describe("secret must have a value", function () {
+      [undefined, "", 0].forEach(function (secret) {
+        it(
+          "should return an error if the secret is falsy and algorithm is not set to none: " +
+            (typeof secret === "string" ? "(empty string)" : secret),
+          function (done) {
+            // This is needed since jws will not answer for falsy secrets
+            jwt.sign("string", secret, {}, function (err, token) {
+              expect(err).toBeTruthy();
+              expect(err.message).toEqual("secretOrPrivateKey must have a value");
+              expect(token).toBeFalsy();
+              done();
+            });
+          },
+        );
+      });
+    });
+  });
+});
author	Dylan Conway <dylan.conway567@gmail.com>	2023-10-14 12:58:30 -0700
committer	Dylan Conway <dylan.conway567@gmail.com>	2023-10-14 12:58:30 -0700
commit	f9add8b6bea4df3cdbd56a21f17e4cab1a854e4e (patch)
tree	8e5306104d81c67b771181337bba02cd9ec39453 /test/js/third_party/jsonwebtoken/async_sign.test.js
parent	81a1a58d66c598ea35c42453d0ba4c6341a940fc (diff)
parent	9b5e66453b0879ed77b71dcdbe50e4efa184261e (diff)
download	bun-f9add8b6bea4df3cdbd56a21f17e4cab1a854e4e.tar.gz bun-f9add8b6bea4df3cdbd56a21f17e4cab1a854e4e.tar.zst bun-f9add8b6bea4df3cdbd56a21f17e4cab1a854e4e.zip