diff options
Diffstat (limited to 'test/js/third_party/jsonwebtoken/schema.test.js')
| -rw-r--r-- | test/js/third_party/jsonwebtoken/schema.test.js | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/test/js/third_party/jsonwebtoken/schema.test.js b/test/js/third_party/jsonwebtoken/schema.test.js new file mode 100644 index 000000000..5d3845d46 --- /dev/null +++ b/test/js/third_party/jsonwebtoken/schema.test.js @@ -0,0 +1,72 @@ +var PS_SUPPORTED = true; +import jwt from "jsonwebtoken"; +import { expect, describe, it } from "bun:test"; +import fs from "fs"; + +describe("schema", function () { + describe("sign options", function () { + var cert_rsa_priv = fs.readFileSync(__dirname + "/rsa-private.pem"); + var cert_ecdsa_priv = fs.readFileSync(__dirname + "/ecdsa-private.pem"); + var cert_secp384r1_priv = fs.readFileSync(__dirname + "/secp384r1-private.pem"); + var cert_secp521r1_priv = fs.readFileSync(__dirname + "/secp521r1-private.pem"); + + function sign(options, secretOrPrivateKey) { + jwt.sign({ foo: 123 }, secretOrPrivateKey, options); + } + + it("should validate algorithm", function () { + expect(function () { + sign({ algorithm: "foo" }, cert_rsa_priv); + }).toThrow(/"algorithm" must be a valid string enum value/); + sign({ algorithm: "none" }, null); + sign({ algorithm: "RS256" }, cert_rsa_priv); + sign({ algorithm: "RS384" }, cert_rsa_priv); + sign({ algorithm: "RS512" }, cert_rsa_priv); + if (PS_SUPPORTED) { + sign({ algorithm: "PS256" }, cert_rsa_priv); + sign({ algorithm: "PS384" }, cert_rsa_priv); + sign({ algorithm: "PS512" }, cert_rsa_priv); + } + sign({ algorithm: "ES256" }, cert_ecdsa_priv); + sign({ algorithm: "ES384" }, cert_secp384r1_priv); + sign({ algorithm: "ES512" }, cert_secp521r1_priv); + sign({ algorithm: "HS256" }, "superSecret"); + sign({ algorithm: "HS384" }, "superSecret"); + sign({ algorithm: "HS512" }, "superSecret"); + }); + + it("should validate header", function () { + expect(function () { + sign({ header: "foo" }, "superSecret"); + }).toThrow(/"header" must be an object/); + sign({ header: {} }, "superSecret"); + }); + + it("should validate encoding", function () { + expect(function () { + sign({ encoding: 10 }, "superSecret"); + }).toThrow(/"encoding" must be a string/); + sign({ encoding: "utf8" }, "superSecret"); + }); + + it("should validate noTimestamp", function () { + expect(function () { + sign({ noTimestamp: 10 }, "superSecret"); + }).toThrow(/"noTimestamp" must be a boolean/); + sign({ noTimestamp: true }, "superSecret"); + }); + }); + + describe("sign payload registered claims", function () { + function sign(payload) { + jwt.sign(payload, "foo123"); + } + + it("should validate exp", function () { + expect(function () { + sign({ exp: "1 monkey" }); + }).toThrow(/"exp" should be a number of seconds/); + sign({ exp: 10.1 }); + }); + }); +}); |