From d122f086ebe0176a4c66765a97ce29f2bf51ad99 Mon Sep 17 00:00:00 2001 From: davidpatrick Date: Sun, 16 Feb 2020 09:19:23 -0800 Subject: [PATCH] fix linter issues --- .circleci/config.yml | 3 + .eslintrc | 14 +- package-lock.json | 206 +++++++++++++++++++--- package.json | 5 +- src/JwksClient.js | 53 +++--- src/integrations/passport.js | 2 +- src/utils.js | 4 +- tests/cache.tests.js | 10 +- tests/jwksClient.tests.js | 314 ++++++++++++++++----------------- tests/koa.tests.js | 326 +++++++++++++++++------------------ tests/passport.tests.js | 12 +- 11 files changed, 560 insertions(+), 389 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 22948e1b..ff863cc8 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -23,6 +23,9 @@ jobs: key: npm-packages-{{ checksum "package-lock.json" }} paths: - ./node_modules + - run: + name: Run Linter + command: npm run lint - run: name: Run Tests command: npm run test:ci diff --git a/.eslintrc b/.eslintrc index 97c895ab..7e339ee3 100644 --- a/.eslintrc +++ b/.eslintrc @@ -1,10 +1,12 @@ { "parser": "babel-eslint", - "ecmaFeatures": { - "arrowFunctions": true, - "blockBindings": true, - "generators": true, - "modules": true + "parserOptions": { + "ecmaFeatures": { + "arrowFunctions": true, + "blockBindings": true, + "generators": true, + "modules": true + } }, "rules": { "array-bracket-spacing": [2, "always"], @@ -31,4 +33,4 @@ "plugins": [ "babel" ] -} \ No newline at end of file +} diff --git a/package-lock.json b/package-lock.json index 55077089..50063ae4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -876,16 +876,194 @@ } }, "babel-eslint": { - "version": "6.1.2", - "resolved": "https://registry.npmjs.org/babel-eslint/-/babel-eslint-6.1.2.tgz", - "integrity": "sha1-UpNBn+NnLWZZjTJ9qWlFZ7pqXy8=", + "version": "8.2.6", + "resolved": "https://registry.npmjs.org/babel-eslint/-/babel-eslint-8.2.6.tgz", + "integrity": "sha512-aCdHjhzcILdP8c9lej7hvXKvQieyRt20SF102SIGyY4cUIiw6UaAtK4j2o3dXX74jEmy0TJ0CEhv4fTIM3SzcA==", "dev": true, "requires": { - "babel-traverse": "^6.0.20", - "babel-types": "^6.0.19", - "babylon": "^6.0.18", - "lodash.assign": "^4.0.0", - "lodash.pickby": "^4.0.0" + "@babel/code-frame": "7.0.0-beta.44", + "@babel/traverse": "7.0.0-beta.44", + "@babel/types": "7.0.0-beta.44", + "babylon": "7.0.0-beta.44", + "eslint-scope": "3.7.1", + "eslint-visitor-keys": "^1.0.0" + }, + "dependencies": { + "@babel/code-frame": { + "version": "7.0.0-beta.44", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.0.0-beta.44.tgz", + "integrity": "sha512-cuAuTTIQ9RqcFRJ/Y8PvTh+paepNcaGxwQwjIDRWPXmzzyAeCO4KqS9ikMvq0MCbRk6GlYKwfzStrcP3/jSL8g==", + "dev": true, + "requires": { + "@babel/highlight": "7.0.0-beta.44" + } + }, + "@babel/generator": { + "version": "7.0.0-beta.44", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.0.0-beta.44.tgz", + "integrity": "sha512-5xVb7hlhjGcdkKpMXgicAVgx8syK5VJz193k0i/0sLP6DzE6lRrU1K3B/rFefgdo9LPGMAOOOAWW4jycj07ShQ==", + "dev": true, + "requires": { + "@babel/types": "7.0.0-beta.44", + "jsesc": "^2.5.1", + "lodash": "^4.2.0", + "source-map": "^0.5.0", + "trim-right": "^1.0.1" + } + }, + "@babel/helper-function-name": { + "version": "7.0.0-beta.44", + "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.0.0-beta.44.tgz", + "integrity": "sha512-MHRG2qZMKMFaBavX0LWpfZ2e+hLloT++N7rfM3DYOMUOGCD8cVjqZpwiL8a0bOX3IYcQev1ruciT0gdFFRTxzg==", + "dev": true, + "requires": { + "@babel/helper-get-function-arity": "7.0.0-beta.44", + "@babel/template": "7.0.0-beta.44", + "@babel/types": "7.0.0-beta.44" + } + }, + "@babel/helper-get-function-arity": { + "version": "7.0.0-beta.44", + "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.0.0-beta.44.tgz", + "integrity": "sha512-w0YjWVwrM2HwP6/H3sEgrSQdkCaxppqFeJtAnB23pRiJB5E/O9Yp7JAAeWBl+gGEgmBFinnTyOv2RN7rcSmMiw==", + "dev": true, + "requires": { + "@babel/types": "7.0.0-beta.44" + } + }, + "@babel/helper-split-export-declaration": { + "version": "7.0.0-beta.44", + "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.0.0-beta.44.tgz", + "integrity": "sha512-aQ7QowtkgKKzPGf0j6u77kBMdUFVBKNHw2p/3HX/POt5/oz8ec5cs0GwlgM8Hz7ui5EwJnzyfRmkNF1Nx1N7aA==", + "dev": true, + "requires": { + "@babel/types": "7.0.0-beta.44" + } + }, + "@babel/highlight": { + "version": "7.0.0-beta.44", + "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.0.0-beta.44.tgz", + "integrity": "sha512-Il19yJvy7vMFm8AVAh6OZzaFoAd0hbkeMZiX3P5HGD+z7dyI7RzndHB0dg6Urh/VAFfHtpOIzDUSxmY6coyZWQ==", + "dev": true, + "requires": { + "chalk": "^2.0.0", + "esutils": "^2.0.2", + "js-tokens": "^3.0.0" + } + }, + "@babel/template": { + "version": "7.0.0-beta.44", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.0.0-beta.44.tgz", + "integrity": "sha512-w750Sloq0UNifLx1rUqwfbnC6uSUk0mfwwgGRfdLiaUzfAOiH0tHJE6ILQIUi3KYkjiCDTskoIsnfqZvWLBDng==", + "dev": true, + "requires": { + "@babel/code-frame": "7.0.0-beta.44", + "@babel/types": "7.0.0-beta.44", + "babylon": "7.0.0-beta.44", + "lodash": "^4.2.0" + } + }, + "@babel/traverse": { + "version": "7.0.0-beta.44", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.0.0-beta.44.tgz", + "integrity": "sha512-UHuDz8ukQkJCDASKHf+oDt3FVUzFd+QYfuBIsiNu/4+/ix6pP/C+uQZJ6K1oEfbCMv/IKWbgDEh7fcsnIE5AtA==", + "dev": true, + "requires": { + "@babel/code-frame": "7.0.0-beta.44", + "@babel/generator": "7.0.0-beta.44", + "@babel/helper-function-name": "7.0.0-beta.44", + "@babel/helper-split-export-declaration": "7.0.0-beta.44", + "@babel/types": "7.0.0-beta.44", + "babylon": "7.0.0-beta.44", + "debug": "^3.1.0", + "globals": "^11.1.0", + "invariant": "^2.2.0", + "lodash": "^4.2.0" + } + }, + "@babel/types": { + "version": "7.0.0-beta.44", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.0.0-beta.44.tgz", + "integrity": "sha512-5eTV4WRmqbaFM3v9gHAIljEQJU4Ssc6fxL61JN+Oe2ga/BwyjzjamwkCVVAQjHGuAX8i0BWo42dshL8eO5KfLQ==", + "dev": true, + "requires": { + "esutils": "^2.0.2", + "lodash": "^4.2.0", + "to-fast-properties": "^2.0.0" + } + }, + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "dev": true, + "requires": { + "color-convert": "^1.9.0" + } + }, + "babylon": { + "version": "7.0.0-beta.44", + "resolved": "https://registry.npmjs.org/babylon/-/babylon-7.0.0-beta.44.tgz", + "integrity": "sha512-5Hlm13BJVAioCHpImtFqNOF2H3ieTOHd0fmFGMxOJ9jgeFqeAwsv3u5P5cR7CSeFrkgHsT19DgFJkHV0/Mcd8g==", + "dev": true + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "dev": true, + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "debug": { + "version": "3.2.6", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", + "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", + "dev": true, + "requires": { + "ms": "^2.1.1" + } + }, + "eslint-scope": { + "version": "3.7.1", + "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-3.7.1.tgz", + "integrity": "sha1-PWPD7f2gLgbgGkUq2IyqzHzctug=", + "dev": true, + "requires": { + "esrecurse": "^4.1.0", + "estraverse": "^4.1.1" + } + }, + "globals": { + "version": "11.12.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true + }, + "jsesc": { + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", + "dev": true + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "dev": true, + "requires": { + "has-flag": "^3.0.0" + } + }, + "to-fast-properties": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", + "dev": true + } } }, "babel-generator": { @@ -4950,12 +5128,6 @@ "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==", "dev": true }, - "lodash.assign": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.2.0.tgz", - "integrity": "sha1-DZnzzNem0mHRm9rrkkUAXShYCOc=", - "dev": true - }, "lodash.clonedeep": { "version": "4.5.0", "resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz", @@ -5002,12 +5174,6 @@ "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz", "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w=" }, - "lodash.pickby": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/lodash.pickby/-/lodash.pickby-4.6.0.tgz", - "integrity": "sha1-feoh2MGNdwOifHBMFdO4SmfjOv8=", - "dev": true - }, "lodash.set": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", diff --git a/package.json b/package.json index 91fffd63..83b89e20 100644 --- a/package.json +++ b/package.json @@ -19,7 +19,7 @@ "@types/nock": "^10.0.3", "babel-cli": "^6.9.0", "babel-core": "^6.9.0", - "babel-eslint": "^6.0.4", + "babel-eslint": "^8.2.6", "babel-preset-es2015": "^6.9.0", "babel-preset-stage-0": "^6.5.0", "chai": "^3.5.0", @@ -43,6 +43,7 @@ "clean": "rimraf lib/", "clean:ts": "rimraf ts-output/", "compile": "babel -d lib/ src/", + "lint": "eslint ./src ./tests", "prepublish": "npm run clean && npm run compile", "test:ts": "npm run clean:ts && tsc && NODE_ENV=test mocha --require babel-core/register --exit --timeout 5000 $(find ./ts-output -name *.tests.js)", "test:js": "NODE_ENV=test mocha --require babel-core/register --exit --timeout 5000 $(find ./tests -name *.tests.js)", @@ -66,4 +67,4 @@ "url": "https://github.com/auth0/node-jwks-rsa/issues" }, "homepage": "https://github.com/auth0/node-jwks-rsa#readme" -} \ No newline at end of file +} diff --git a/src/JwksClient.js b/src/JwksClient.js index d8318e69..63544e74 100644 --- a/src/JwksClient.js +++ b/src/JwksClient.js @@ -1,7 +1,6 @@ import debug from 'debug'; import request from 'request'; -import ArgumentError from './errors/ArgumentError'; import JwksError from './errors/JwksError'; import SigningKeyNotFoundError from './errors/SigningKeyNotFoundError'; @@ -41,7 +40,7 @@ export class JwksClient { strictSSL: this.options.strictSsl, headers: this.options.requestHeaders, agentOptions: this.options.requestAgentOptions, - proxy: this.options.proxy, + proxy: this.options.proxy }, (err, res) => { if (err || res.statusCode < 200 || res.statusCode >= 300) { this.logger('Failure:', res && res.body || err); @@ -67,32 +66,32 @@ export class JwksClient { } const signingKeys = keys - .filter((key) => { - if(key.kty !== 'RSA'){ - return false; - } - if(!key.kid){ - return false; - } - if(key.hasOwnProperty('use') && key.use !== 'sig'){ - return false; - } - return ((key.x5c && key.x5c.length) || (key.n && key.e)); + .filter((key) => { + if(key.kty !== 'RSA') { + return false; + } + if(!key.kid) { + return false; + } + if(key.hasOwnProperty('use') && key.use !== 'sig') { + return false; + } + return ((key.x5c && key.x5c.length) || (key.n && key.e)); }) - .map(key => { - const jwk = { - kid: key.kid, - nbf: key.nbf - }; - const hasCertificateChain = key.x5c && key.x5c.length; - if (hasCertificateChain){ - jwk.publicKey = certToPEM(key.x5c[0]); - jwk.getPublicKey = () => jwk.publicKey; - } else { - jwk.rsaPublicKey = rsaPublicKeyToPEM(key.n, key.e); - jwk.getPublicKey = () => jwk.rsaPublicKey; - } - return jwk; + .map(key => { + const jwk = { + kid: key.kid, + nbf: key.nbf + }; + const hasCertificateChain = key.x5c && key.x5c.length; + if (hasCertificateChain) { + jwk.publicKey = certToPEM(key.x5c[0]); + jwk.getPublicKey = () => jwk.publicKey; + } else { + jwk.rsaPublicKey = rsaPublicKeyToPEM(key.n, key.e); + jwk.getPublicKey = () => jwk.rsaPublicKey; + } + return jwk; }); if (!signingKeys.length) { diff --git a/src/integrations/passport.js b/src/integrations/passport.js index a0b682b9..bebc7b33 100644 --- a/src/integrations/passport.js +++ b/src/integrations/passport.js @@ -23,7 +23,7 @@ module.exports.passportJwtSecret = (options) => { const onError = options.handleSigningKeyError || handleSigningKeyError; return function secretProvider(req, rawJwtToken, cb) { - const decoded = jwt.decode(rawJwtToken, { complete: true }) + const decoded = jwt.decode(rawJwtToken, { complete: true }); // Only RS256 is supported. if (!decoded || !decoded.header || decoded.header.alg !== 'RS256') { diff --git a/src/utils.js b/src/utils.js index c75dcba5..73578ca6 100644 --- a/src/utils.js +++ b/src/utils.js @@ -50,8 +50,8 @@ export function rsaPublicKeyToPEM(modulusB64, exponentB64) { const der = new Buffer(encodedPubkey, 'hex') .toString('base64'); - let pem = `-----BEGIN RSA PUBLIC KEY-----\n`; + let pem = '-----BEGIN RSA PUBLIC KEY-----\n'; pem += `${der.match(/.{1,64}/g).join('\n')}`; - pem += `\n-----END RSA PUBLIC KEY-----\n`; + pem += '\n-----END RSA PUBLIC KEY-----\n'; return pem; }; diff --git a/tests/cache.tests.js b/tests/cache.tests.js index a45f38f7..fb288d66 100644 --- a/tests/cache.tests.js +++ b/tests/cache.tests.js @@ -17,8 +17,8 @@ describe('JwksClient (cache)', () => { before((done) => { nock(jwksHost) - .get('/.well-known/jwks.json') - .reply(200, x5cSingle); + .get('/.well-known/jwks.json') + .reply(200, x5cSingle); client = new JwksClient({ cache: true, @@ -33,7 +33,7 @@ describe('JwksClient (cache)', () => { nock.cleanAll(); done(); }); - }) + }); it('should ignore the cache when the KID isnt cached and make a requst', (done) => { client.getSigningKey('12345', (err) => { @@ -41,14 +41,14 @@ describe('JwksClient (cache)', () => { expect(err.code).to.equal('ENOTFOUND'); done(); }); - }) + }); it('should fetch the key from the cache', (done) => { client.getSigningKey('NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA', (err, key) => { expect(key.kid).to.equal('NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA'); done(); }); - }) + }); }); }); }); diff --git a/tests/jwksClient.tests.js b/tests/jwksClient.tests.js index c9522c7d..c03fbb5d 100644 --- a/tests/jwksClient.tests.js +++ b/tests/jwksClient.tests.js @@ -1,22 +1,22 @@ -import nock from "nock"; -import { expect } from "chai"; +import nock from 'nock'; +import { expect } from 'chai'; -import { x5cMultiple } from "./keys"; -import { JwksClient } from "../src/JwksClient"; +import { x5cMultiple } from './keys'; +import { JwksClient } from '../src/JwksClient'; -describe("JwksClient", () => { - const jwksHost = "http://my-authz-server"; - const proxy = "my-proxy-server:2815"; +describe('JwksClient', () => { + const jwksHost = 'http://my-authz-server'; + const proxy = 'my-proxy-server:2815'; beforeEach(() => { nock.cleanAll(); }); - describe("#getKeys", () => { - it("should handle errors", done => { + describe('#getKeys', () => { + it('should handle errors', done => { nock(jwksHost) - .get("/.well-known/jwks.json") - .reply(500, "Unknown Server Error"); + .get('/.well-known/jwks.json') + .reply(500, 'Unknown Server Error'); const client = new JwksClient({ jwksUri: `${jwksHost}/.well-known/jwks.json` @@ -24,29 +24,29 @@ describe("JwksClient", () => { client.getKeys(err => { expect(err).not.to.be.null; - expect(err.message).to.equal("Unknown Server Error"); + expect(err.message).to.equal('Unknown Server Error'); done(); }); }); - it("should return keys", done => { + it('should return keys', done => { nock(jwksHost) - .get("/.well-known/jwks.json") + .get('/.well-known/jwks.json') .reply(200, { keys: [ { - alg: "RS256", - kty: "RSA", - use: "sig", - x5c: ["pk1"], - kid: "ABC" + alg: 'RS256', + kty: 'RSA', + use: 'sig', + x5c: [ 'pk1' ], + kid: 'ABC' }, { - alg: "RS256", - kty: "RSA", - use: "sig", + alg: 'RS256', + kty: 'RSA', + use: 'sig', x5c: [], - kid: "123" + kid: '123' } ] }); @@ -59,37 +59,37 @@ describe("JwksClient", () => { expect(err).to.be.null; expect(keys).not.to.be.null; expect(keys.length).to.equal(2); - expect(keys[1].kid).to.equal("123"); + expect(keys[1].kid).to.equal('123'); done(); }); }); - it("should set request agentOptions when provided", done => { + it('should set request agentOptions when provided', done => { nock(jwksHost) - .get("./well-known/jwks.json") + .get('./well-known/jwks.json') .reply(function() { expect(this.req.agentOptions).not.to.be.null; - expect(this.req.agentOptions["ca"]).to.be.equal("loadCA()"); + expect(this.req.agentOptions['ca']).to.be.equal('loadCA()'); return 200; }); const client = new JwksClient({ jwksUri: `${jwksHost}/.well-known/jwks.json`, requestAgentOptions: { - ca: "loadCA()" + ca: 'loadCA()' } }); - client.getKeys((err, keys) => { + client.getKeys(() => { done(); }); }); - it("should not set request agentOptions by default", done => { + it('should not set request agentOptions by default', done => { nock(jwksHost) - .get("/.well-known/jwks.json") + .get('/.well-known/jwks.json') .reply(function() { - expect(this.req).to.not.have.property("agentOptions"); + expect(this.req).to.not.have.property('agentOptions'); return 200; }); @@ -97,35 +97,35 @@ describe("JwksClient", () => { jwksUri: `${jwksHost}/.well-known/jwks.json` }); - client.getKeys((err, keys) => { + client.getKeys(() => { done(); }); }); - it("should send extra header", done => { + it('should send extra header', done => { nock(jwksHost) - .get("/.well-known/jwks.json") - .reply(function(uri, requestBody) { + .get('/.well-known/jwks.json') + .reply(function() { expect(this.req.headers).not.to.be.null; - expect(this.req.headers["user-agent"]).to.be.equal("My-bot"); + expect(this.req.headers['user-agent']).to.be.equal('My-bot'); expect(Object.keys(this.req.headers).length).to.be.equal(3); return ( 200, { keys: [ { - alg: "RS256", - kty: "RSA", - use: "sig", - x5c: ["pk1"], - kid: "ABC" + alg: 'RS256', + kty: 'RSA', + use: 'sig', + x5c: [ 'pk1' ], + kid: 'ABC' }, { - alg: "RS256", - kty: "RSA", - use: "sig", + alg: 'RS256', + kty: 'RSA', + use: 'sig', x5c: [], - kid: "123" + kid: '123' } ] } @@ -135,40 +135,40 @@ describe("JwksClient", () => { const client = new JwksClient({ jwksUri: `${jwksHost}/.well-known/jwks.json`, requestHeaders: { - "User-Agent": "My-bot" + 'User-Agent': 'My-bot' } }); - client.getKeys((err, keys) => { + client.getKeys(() => { done(); }); }); - it("should not send the extra headers when not provided", done => { + it('should not send the extra headers when not provided', done => { nock(jwksHost) - .get("/.well-known/jwks.json") - .reply(function(uri, requestBody) { + .get('/.well-known/jwks.json') + .reply(function() { expect(this.req.headers).not.to.be.null; - expect(this.req.headers["accept"]).not.to.be.undefined; - expect(this.req.headers["host"]).not.to.be.undefined; + expect(this.req.headers['accept']).not.to.be.undefined; + expect(this.req.headers['host']).not.to.be.undefined; expect(Object.keys(this.req.headers).length).to.be.equal(2); return ( 200, { keys: [ { - alg: "RS256", - kty: "RSA", - use: "sig", - x5c: ["pk1"], - kid: "ABC" + alg: 'RS256', + kty: 'RSA', + use: 'sig', + x5c: [ 'pk1' ], + kid: 'ABC' }, { - alg: "RS256", - kty: "RSA", - use: "sig", + alg: 'RS256', + kty: 'RSA', + use: 'sig', x5c: [], - kid: "123" + kid: '123' } ] } @@ -179,12 +179,12 @@ describe("JwksClient", () => { jwksUri: `${jwksHost}/.well-known/jwks.json` }); - client.getKeys((err, keys) => { + client.getKeys(() => { done(); }); }); - it("should use a proxy if specified", done => { + it('should use a proxy if specified', done => { const expectedError = { message: 'expectedError' }; nock(`http://${proxy}`) .get(() => true) @@ -193,9 +193,9 @@ describe("JwksClient", () => { const client = new JwksClient({ jwksUri: `${jwksHost}/.well-known/jwks.json`, requestHeaders: { - "User-Agent": "My-bot" + 'User-Agent': 'My-bot' }, - proxy: `http://username:password@${proxy}`, + proxy: `http://username:password@${proxy}` }); client.getKeys((err) => { @@ -205,11 +205,11 @@ describe("JwksClient", () => { }); }); - describe("#getSigningKeys", () => { - it("should handle errors", done => { + describe('#getSigningKeys', () => { + it('should handle errors', done => { nock(jwksHost) - .get("/.well-known/jwks.json") - .reply(500, "Unknown Server Error"); + .get('/.well-known/jwks.json') + .reply(500, 'Unknown Server Error'); const client = new JwksClient({ jwksUri: `${jwksHost}/.well-known/jwks.json` @@ -217,36 +217,36 @@ describe("JwksClient", () => { client.getSigningKeys(err => { expect(err).not.to.be.null; - expect(err.message).to.equal("Unknown Server Error"); + expect(err.message).to.equal('Unknown Server Error'); done(); }); }); - it("should return signing keys (with x5c and mod/exp)", done => { + it('should return signing keys (with x5c and mod/exp)', done => { nock(jwksHost) - .get("/.well-known/jwks.json") + .get('/.well-known/jwks.json') .reply(200, { keys: [ { - alg: "RS256", - kty: "RSA", - use: "sig", + alg: 'RS256', + kty: 'RSA', + use: 'sig', x5c: [ - "MIIDDTCCAfWgAwIBAgIJAJVkuSv2H8mDMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTAeFw0xNDA1MTQyMTIyMjZaFw0yODAxMjEyMTIyMjZaMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6jWASkHhXz5Ug6t5BsYBrXDIgrWu05f3oq2fE+5J5REKJiY0Ddc+Kda34ZwOptnUoef3JwKPDAckTJQDugweNNZPwOmFMRKj4xqEpxEkIX8C+zHs41Q6x54ZZy0xU+WvTGcdjzyZTZ/h0iOYisswFQT/s6750tZG0BOBtZ5qS/80tmWH7xFitgewdWteJaASE/eO1qMtdNsp9fxOtN5U/pZDUyFm3YRfOcODzVqp3wOz+dcKb7cdZN11EYGZOkjEekpcedzHCo9H4aOmdKCpytqL/9FXoihcBMg39s1OW3cfwfgf5/kvOJdcqR4PoATQTfsDVoeMWVB4XLGR6SC5kCAwEAAaNQME4wHQYDVR0OBBYEFHDYn9BQdup1CoeoFi0Rmf5xn/W9MB8GA1UdIwQYMBaAFHDYn9BQdup1CoeoFi0Rmf5xn/W9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGLpQZdd2ICVnGjc6CYfT3VNoujKYWk7E0shGaCXFXptrZ8yaryfo6WAizTfgOpQNJH+Jz+QsCjvkRt6PBSYX/hb5OUDU2zNJN48/VOw57nzWdjI70H2Ar4oJLck36xkIRs/+QX+mSNCjZboRwh0LxanXeALHSbCgJkbzWbjVnfJEQUP9P/7NGf0MkO5I95C/Pz9g91y8gU+R3imGppLy9Zx+OwADFwKAEJak4JrNgcjHBQenakAXnXP6HG4hHH4MzO8LnLiKv8ZkKVL67da/80PcpO0miMNPaqBBMd2Cy6GzQYE0ag6k0nk+DMIFn7K+o21gjUuOEJqIbAvhbf2KcM=" + 'MIIDDTCCAfWgAwIBAgIJAJVkuSv2H8mDMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTAeFw0xNDA1MTQyMTIyMjZaFw0yODAxMjEyMTIyMjZaMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6jWASkHhXz5Ug6t5BsYBrXDIgrWu05f3oq2fE+5J5REKJiY0Ddc+Kda34ZwOptnUoef3JwKPDAckTJQDugweNNZPwOmFMRKj4xqEpxEkIX8C+zHs41Q6x54ZZy0xU+WvTGcdjzyZTZ/h0iOYisswFQT/s6750tZG0BOBtZ5qS/80tmWH7xFitgewdWteJaASE/eO1qMtdNsp9fxOtN5U/pZDUyFm3YRfOcODzVqp3wOz+dcKb7cdZN11EYGZOkjEekpcedzHCo9H4aOmdKCpytqL/9FXoihcBMg39s1OW3cfwfgf5/kvOJdcqR4PoATQTfsDVoeMWVB4XLGR6SC5kCAwEAAaNQME4wHQYDVR0OBBYEFHDYn9BQdup1CoeoFi0Rmf5xn/W9MB8GA1UdIwQYMBaAFHDYn9BQdup1CoeoFi0Rmf5xn/W9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGLpQZdd2ICVnGjc6CYfT3VNoujKYWk7E0shGaCXFXptrZ8yaryfo6WAizTfgOpQNJH+Jz+QsCjvkRt6PBSYX/hb5OUDU2zNJN48/VOw57nzWdjI70H2Ar4oJLck36xkIRs/+QX+mSNCjZboRwh0LxanXeALHSbCgJkbzWbjVnfJEQUP9P/7NGf0MkO5I95C/Pz9g91y8gU+R3imGppLy9Zx+OwADFwKAEJak4JrNgcjHBQenakAXnXP6HG4hHH4MzO8LnLiKv8ZkKVL67da/80PcpO0miMNPaqBBMd2Cy6GzQYE0ag6k0nk+DMIFn7K+o21gjUuOEJqIbAvhbf2KcM=' ], n: - "vqNYBKQeFfPlSDq3kGxgGtcMiCta7Tl_eirZ8T7knlEQomJjQN1z4p1rfhnA6m2dSh5_cnAo8MByRMlAO6DB401k_A6YUxEqPjGoSnESQhfwL7MezjVDrHnhlnLTFT5a9MZx2PPJlNn-HSI5iKyzAVBP-zrvnS1kbQE4G1nmpL_zS2ZYfvEWK2B7B1a14loBIT947Woy102yn1_E603lT-lkNTIWbdhF85w4PNWqnfA7P51wpvtx1k3XURgZk6SMR6Slx53McKj0fho6Z0oKnK2ov_0VeiKFwEyDf2zU5bdx_B-B_n-S84l1ypHg-gBNBN-wNWh4xZUHhcsZHpILmQ", - e: "AQAB", - kid: "RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg", - x5t: "RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg" + 'vqNYBKQeFfPlSDq3kGxgGtcMiCta7Tl_eirZ8T7knlEQomJjQN1z4p1rfhnA6m2dSh5_cnAo8MByRMlAO6DB401k_A6YUxEqPjGoSnESQhfwL7MezjVDrHnhlnLTFT5a9MZx2PPJlNn-HSI5iKyzAVBP-zrvnS1kbQE4G1nmpL_zS2ZYfvEWK2B7B1a14loBIT947Woy102yn1_E603lT-lkNTIWbdhF85w4PNWqnfA7P51wpvtx1k3XURgZk6SMR6Slx53McKj0fho6Z0oKnK2ov_0VeiKFwEyDf2zU5bdx_B-B_n-S84l1ypHg-gBNBN-wNWh4xZUHhcsZHpILmQ', + e: 'AQAB', + kid: 'RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg', + x5t: 'RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg' }, { - kid: "IdTokenSigningKeyContainer", - use: "sig", - kty: "RSA", - e: "AQAB", + kid: 'IdTokenSigningKeyContainer', + use: 'sig', + kty: 'RSA', + e: 'AQAB', n: - "tLDZVZ2Eq_DFwNp24yeSq_Ha0MYbYOJs_WXIgVxQGabu5cZ9561OUtYWdB6xXXZLaZxFG02P5U2rC_CT1r0lPfC_KHYrviJ5Y_Ekif7iFV_1omLAiRksQziwA1i-hND32N5kxwEGNmZViVjWMBZ43wbIdWss4IMhrJy1WNQ07Fqp1Ee6o7QM1hTBve7bbkJkUAfjtC7mwIWqZdWoYIWBTZRXvhMgs_Aeb_pnDekosqDoWQ5aMklk3NvaaBBESqlRAJZUUf5WDFoJh7yRELOFF4lWJxtArTEiQPWVTX6PCs0klVPU6SRQqrtc4kKLCp1AC5EJqPYRGiEJpSz2nUhmAQ" + 'tLDZVZ2Eq_DFwNp24yeSq_Ha0MYbYOJs_WXIgVxQGabu5cZ9561OUtYWdB6xXXZLaZxFG02P5U2rC_CT1r0lPfC_KHYrviJ5Y_Ekif7iFV_1omLAiRksQziwA1i-hND32N5kxwEGNmZViVjWMBZ43wbIdWss4IMhrJy1WNQ07Fqp1Ee6o7QM1hTBve7bbkJkUAfjtC7mwIWqZdWoYIWBTZRXvhMgs_Aeb_pnDekosqDoWQ5aMklk3NvaaBBESqlRAJZUUf5WDFoJh7yRELOFF4lWJxtArTEiQPWVTX6PCs0klVPU6SRQqrtc4kKLCp1AC5EJqPYRGiEJpSz2nUhmAQ' } ] }); @@ -259,49 +259,49 @@ describe("JwksClient", () => { expect(err).to.be.null; expect(keys).not.to.be.null; expect(keys.length).to.equal(2); - const pubkey0 = keys[0].publicKey || keys[0].rsaPublicKey + const pubkey0 = keys[0].publicKey || keys[0].rsaPublicKey; expect(pubkey0).not.to.be.null; expect(keys[0].getPublicKey()).to.equal(keys[0].publicKey); - expect(keys[1].kid).to.equal("IdTokenSigningKeyContainer"); - expect(keys[0].kid).to.equal("RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg"); - const pubkey1 = keys[1].publicKey || keys[1].rsaPublicKey + expect(keys[1].kid).to.equal('IdTokenSigningKeyContainer'); + expect(keys[0].kid).to.equal('RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg'); + const pubkey1 = keys[1].publicKey || keys[1].rsaPublicKey; expect(pubkey1).not.to.be.null; expect(keys[1].getPublicKey()).to.equal(keys[1].rsaPublicKey); done(); }); }); - it("should return signing keys (with x5c)", done => { + it('should return signing keys (with x5c)', done => { nock(jwksHost) - .get("/.well-known/jwks.json") + .get('/.well-known/jwks.json') .reply(200, { keys: [ { - alg: "RS256", - kty: "RSA", - use: "sig", + alg: 'RS256', + kty: 'RSA', + use: 'sig', x5c: [ - "MIIDDTCCAfWgAwIBAgIJAJVkuSv2H8mDMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTAeFw0xNDA1MTQyMTIyMjZaFw0yODAxMjEyMTIyMjZaMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6jWASkHhXz5Ug6t5BsYBrXDIgrWu05f3oq2fE+5J5REKJiY0Ddc+Kda34ZwOptnUoef3JwKPDAckTJQDugweNNZPwOmFMRKj4xqEpxEkIX8C+zHs41Q6x54ZZy0xU+WvTGcdjzyZTZ/h0iOYisswFQT/s6750tZG0BOBtZ5qS/80tmWH7xFitgewdWteJaASE/eO1qMtdNsp9fxOtN5U/pZDUyFm3YRfOcODzVqp3wOz+dcKb7cdZN11EYGZOkjEekpcedzHCo9H4aOmdKCpytqL/9FXoihcBMg39s1OW3cfwfgf5/kvOJdcqR4PoATQTfsDVoeMWVB4XLGR6SC5kCAwEAAaNQME4wHQYDVR0OBBYEFHDYn9BQdup1CoeoFi0Rmf5xn/W9MB8GA1UdIwQYMBaAFHDYn9BQdup1CoeoFi0Rmf5xn/W9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGLpQZdd2ICVnGjc6CYfT3VNoujKYWk7E0shGaCXFXptrZ8yaryfo6WAizTfgOpQNJH+Jz+QsCjvkRt6PBSYX/hb5OUDU2zNJN48/VOw57nzWdjI70H2Ar4oJLck36xkIRs/+QX+mSNCjZboRwh0LxanXeALHSbCgJkbzWbjVnfJEQUP9P/7NGf0MkO5I95C/Pz9g91y8gU+R3imGppLy9Zx+OwADFwKAEJak4JrNgcjHBQenakAXnXP6HG4hHH4MzO8LnLiKv8ZkKVL67da/80PcpO0miMNPaqBBMd2Cy6GzQYE0ag6k0nk+DMIFn7K+o21gjUuOEJqIbAvhbf2KcM=" + 'MIIDDTCCAfWgAwIBAgIJAJVkuSv2H8mDMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTAeFw0xNDA1MTQyMTIyMjZaFw0yODAxMjEyMTIyMjZaMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6jWASkHhXz5Ug6t5BsYBrXDIgrWu05f3oq2fE+5J5REKJiY0Ddc+Kda34ZwOptnUoef3JwKPDAckTJQDugweNNZPwOmFMRKj4xqEpxEkIX8C+zHs41Q6x54ZZy0xU+WvTGcdjzyZTZ/h0iOYisswFQT/s6750tZG0BOBtZ5qS/80tmWH7xFitgewdWteJaASE/eO1qMtdNsp9fxOtN5U/pZDUyFm3YRfOcODzVqp3wOz+dcKb7cdZN11EYGZOkjEekpcedzHCo9H4aOmdKCpytqL/9FXoihcBMg39s1OW3cfwfgf5/kvOJdcqR4PoATQTfsDVoeMWVB4XLGR6SC5kCAwEAAaNQME4wHQYDVR0OBBYEFHDYn9BQdup1CoeoFi0Rmf5xn/W9MB8GA1UdIwQYMBaAFHDYn9BQdup1CoeoFi0Rmf5xn/W9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGLpQZdd2ICVnGjc6CYfT3VNoujKYWk7E0shGaCXFXptrZ8yaryfo6WAizTfgOpQNJH+Jz+QsCjvkRt6PBSYX/hb5OUDU2zNJN48/VOw57nzWdjI70H2Ar4oJLck36xkIRs/+QX+mSNCjZboRwh0LxanXeALHSbCgJkbzWbjVnfJEQUP9P/7NGf0MkO5I95C/Pz9g91y8gU+R3imGppLy9Zx+OwADFwKAEJak4JrNgcjHBQenakAXnXP6HG4hHH4MzO8LnLiKv8ZkKVL67da/80PcpO0miMNPaqBBMd2Cy6GzQYE0ag6k0nk+DMIFn7K+o21gjUuOEJqIbAvhbf2KcM=' ], n: - "vqNYBKQeFfPlSDq3kGxgGtcMiCta7Tl_eirZ8T7knlEQomJjQN1z4p1rfhnA6m2dSh5_cnAo8MByRMlAO6DB401k_A6YUxEqPjGoSnESQhfwL7MezjVDrHnhlnLTFT5a9MZx2PPJlNn-HSI5iKyzAVBP-zrvnS1kbQE4G1nmpL_zS2ZYfvEWK2B7B1a14loBIT947Woy102yn1_E603lT-lkNTIWbdhF85w4PNWqnfA7P51wpvtx1k3XURgZk6SMR6Slx53McKj0fho6Z0oKnK2ov_0VeiKFwEyDf2zU5bdx_B-B_n-S84l1ypHg-gBNBN-wNWh4xZUHhcsZHpILmQ", - e: "AQAB", - kid: "RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg", - x5t: "RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg" + 'vqNYBKQeFfPlSDq3kGxgGtcMiCta7Tl_eirZ8T7knlEQomJjQN1z4p1rfhnA6m2dSh5_cnAo8MByRMlAO6DB401k_A6YUxEqPjGoSnESQhfwL7MezjVDrHnhlnLTFT5a9MZx2PPJlNn-HSI5iKyzAVBP-zrvnS1kbQE4G1nmpL_zS2ZYfvEWK2B7B1a14loBIT947Woy102yn1_E603lT-lkNTIWbdhF85w4PNWqnfA7P51wpvtx1k3XURgZk6SMR6Slx53McKj0fho6Z0oKnK2ov_0VeiKFwEyDf2zU5bdx_B-B_n-S84l1ypHg-gBNBN-wNWh4xZUHhcsZHpILmQ', + e: 'AQAB', + kid: 'RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg', + x5t: 'RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg' }, { - alg: "RS256", - kty: "RSA", - use: "sig", + alg: 'RS256', + kty: 'RSA', + use: 'sig', nbf: 123, x5c: [ - "MIIDGzCCAgOgAwIBAgIJAPQM5+PwmOcPMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGXNhbmRyaW5vLWRldi5ldS5hdXRoMC5jb20wHhcNMTUwMzMxMDkwNTQ3WhcNMjgxMjA3MDkwNTQ3WjAkMSIwIAYDVQQDDBlzYW5kcmluby1kZXYuZXUuYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/SECtT7H4rxKtX2HpGhSyeYTe3Vet8YQpjBAr+1TnQ1fcYfvfmnVRHvhmTwABktD1erF1lxFsrRw92yBDOHlL7lj1n2fcfLftSoStgvRHVg52kR+CkBVQ6/mF1lYkefIjik6YRMf55Eu4FqDyVG2dgd5EA8kNO4J8OPc7vAtZyXrRYOZjVXbEgyjje/V+OpMQxAHP2Er11TLuzJjioP0ICVqhAZdq2sLk7agoxn64md6fqOk4N+7lJkU4+412VD0qYwKxD7nGsEclYawKoZD9/xhCk2qfQ/HptIumrdQ5ox3Sq5t2a7VKa41dBUQ1MQtXG2iY7S9RlfcMIyQwGhOQIDAQABo1AwTjAdBgNVHQ4EFgQUHpS1fvO/54G2c1VpEDNUZRSl44gwHwYDVR0jBBgwFoAUHpS1fvO/54G2c1VpEDNUZRSl44gwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAtm9I0nr6eXF5aq4yllfiqZcQ6mKrJLH9Rm4Jv+olniNynTcnpwprRVLToIawc8MmzIGZTtCn7u+dSxWf1UNE+SH7XgEnGtO74239vleEx1+Tf5viIdsnCxgvFiPdOqRlc9KcFSWd6a7RzcglnyU7GEx0K5GLv1wPA6qEM+3uwNwjAyVSu5dFw8kCfaSvlk5rXKRUzSoW9NVomw6+tADR8vMZS+4KThZ+4GH0rMN4KjIaRFxW8OMVYOn12uq33fLCd6MuPHW/rklxLbQBoHIU/ClNhbD0t6f00w9lHhPy4IP73rv7Oow0Ny6i70Iq0ijqj+kAtnrphlOvLFxqn6nCvQ==" + 'MIIDGzCCAgOgAwIBAgIJAPQM5+PwmOcPMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGXNhbmRyaW5vLWRldi5ldS5hdXRoMC5jb20wHhcNMTUwMzMxMDkwNTQ3WhcNMjgxMjA3MDkwNTQ3WjAkMSIwIAYDVQQDDBlzYW5kcmluby1kZXYuZXUuYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/SECtT7H4rxKtX2HpGhSyeYTe3Vet8YQpjBAr+1TnQ1fcYfvfmnVRHvhmTwABktD1erF1lxFsrRw92yBDOHlL7lj1n2fcfLftSoStgvRHVg52kR+CkBVQ6/mF1lYkefIjik6YRMf55Eu4FqDyVG2dgd5EA8kNO4J8OPc7vAtZyXrRYOZjVXbEgyjje/V+OpMQxAHP2Er11TLuzJjioP0ICVqhAZdq2sLk7agoxn64md6fqOk4N+7lJkU4+412VD0qYwKxD7nGsEclYawKoZD9/xhCk2qfQ/HptIumrdQ5ox3Sq5t2a7VKa41dBUQ1MQtXG2iY7S9RlfcMIyQwGhOQIDAQABo1AwTjAdBgNVHQ4EFgQUHpS1fvO/54G2c1VpEDNUZRSl44gwHwYDVR0jBBgwFoAUHpS1fvO/54G2c1VpEDNUZRSl44gwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAtm9I0nr6eXF5aq4yllfiqZcQ6mKrJLH9Rm4Jv+olniNynTcnpwprRVLToIawc8MmzIGZTtCn7u+dSxWf1UNE+SH7XgEnGtO74239vleEx1+Tf5viIdsnCxgvFiPdOqRlc9KcFSWd6a7RzcglnyU7GEx0K5GLv1wPA6qEM+3uwNwjAyVSu5dFw8kCfaSvlk5rXKRUzSoW9NVomw6+tADR8vMZS+4KThZ+4GH0rMN4KjIaRFxW8OMVYOn12uq33fLCd6MuPHW/rklxLbQBoHIU/ClNhbD0t6f00w9lHhPy4IP73rv7Oow0Ny6i70Iq0ijqj+kAtnrphlOvLFxqn6nCvQ==' ], n: - "v_SECtT7H4rxKtX2HpGhSyeYTe3Vet8YQpjBAr-1TnQ1fcYfvfmnVRHvhmTwABktD1erF1lxFsrRw92yBDOHlL7lj1n2fcfLftSoStgvRHVg52kR-CkBVQ6_mF1lYkefIjik6YRMf55Eu4FqDyVG2dgd5EA8kNO4J8OPc7vAtZyXrRYOZjVXbEgyjje_V-OpMQxAHP2Er11TLuzJjioP0ICVqhAZdq2sLk7agoxn64md6fqOk4N-7lJkU4-412VD0qYwKxD7nGsEclYawKoZD9_xhCk2qfQ_HptIumrdQ5ox3Sq5t2a7VKa41dBUQ1MQtXG2iY7S9RlfcMIyQwGhOQ", - e: "AQAB", - kid: "NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA", - x5t: "NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA" + 'v_SECtT7H4rxKtX2HpGhSyeYTe3Vet8YQpjBAr-1TnQ1fcYfvfmnVRHvhmTwABktD1erF1lxFsrRw92yBDOHlL7lj1n2fcfLftSoStgvRHVg52kR-CkBVQ6_mF1lYkefIjik6YRMf55Eu4FqDyVG2dgd5EA8kNO4J8OPc7vAtZyXrRYOZjVXbEgyjje_V-OpMQxAHP2Er11TLuzJjioP0ICVqhAZdq2sLk7agoxn64md6fqOk4N-7lJkU4-412VD0qYwKxD7nGsEclYawKoZD9_xhCk2qfQ_HptIumrdQ5ox3Sq5t2a7VKa41dBUQ1MQtXG2iY7S9RlfcMIyQwGhOQ', + e: 'AQAB', + kid: 'NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA', + x5t: 'NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA' } ] }); @@ -317,10 +317,10 @@ describe("JwksClient", () => { expect(keys[0].publicKey).not.to.be.null; expect(keys[0].getPublicKey()).to.equal(keys[0].publicKey); expect(keys[0].kid).to.equal( - "RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg" + 'RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg' ); expect(keys[1].kid).to.equal( - "NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA" + 'NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA' ); expect(keys[1].publicKey).not.to.be.null; expect(keys[1].getPublicKey()).to.equal(keys[1].publicKey); @@ -329,45 +329,45 @@ describe("JwksClient", () => { }); }); - it("should return signing keys (mod/exp)", done => { + it('should return signing keys (mod/exp)', done => { nock(jwksHost) - .get("/.well-known/jwks.json") + .get('/.well-known/jwks.json') .reply(200, { keys: [ { - kid: "IdTokenSigningKeyContainer", - use: "sig", - kty: "RSA", - e: "AQAB", + kid: 'IdTokenSigningKeyContainer', + use: 'sig', + kty: 'RSA', + e: 'AQAB', n: - "tLDZVZ2Eq_DFwNp24yeSq_Ha0MYbYOJs_WXIgVxQGabu5cZ9561OUtYWdB6xXXZLaZxFG02P5U2rC_CT1r0lPfC_KHYrviJ5Y_Ekif7iFV_1omLAiRksQziwA1i-hND32N5kxwEGNmZViVjWMBZ43wbIdWss4IMhrJy1WNQ07Fqp1Ee6o7QM1hTBve7bbkJkUAfjtC7mwIWqZdWoYIWBTZRXvhMgs_Aeb_pnDekosqDoWQ5aMklk3NvaaBBESqlRAJZUUf5WDFoJh7yRELOFF4lWJxtArTEiQPWVTX6PCs0klVPU6SRQqrtc4kKLCp1AC5EJqPYRGiEJpSz2nUhmAQ" + 'tLDZVZ2Eq_DFwNp24yeSq_Ha0MYbYOJs_WXIgVxQGabu5cZ9561OUtYWdB6xXXZLaZxFG02P5U2rC_CT1r0lPfC_KHYrviJ5Y_Ekif7iFV_1omLAiRksQziwA1i-hND32N5kxwEGNmZViVjWMBZ43wbIdWss4IMhrJy1WNQ07Fqp1Ee6o7QM1hTBve7bbkJkUAfjtC7mwIWqZdWoYIWBTZRXvhMgs_Aeb_pnDekosqDoWQ5aMklk3NvaaBBESqlRAJZUUf5WDFoJh7yRELOFF4lWJxtArTEiQPWVTX6PCs0klVPU6SRQqrtc4kKLCp1AC5EJqPYRGiEJpSz2nUhmAQ' }, { - kid: "IdTokenSigningKeyContainer.v2", + kid: 'IdTokenSigningKeyContainer.v2', nbf: 1459289287, - use: "sig", - kty: "RSA", - e: "AQAB", + use: 'sig', + kty: 'RSA', + e: 'AQAB', n: - "s4W7xjkQZP3OwG7PfRgcYKn8eRYXHiz1iK503fS-K2FZo-Ublwwa2xFZWpsUU_jtoVCwIkaqZuo6xoKtlMYXXvfVHGuKBHEBVn8b8x_57BQWz1d0KdrNXxuMvtFe6RzMqiMqzqZrzae4UqVCkYqcR9gQx66Ehq7hPmCxJCkg7ajo7fu6E7dPd34KH2HSYRsaaEA_BcKTeb9H1XE_qEKjog68wUU9Ekfl3FBIRN-1Ah_BoktGFoXyi_jt0-L0-gKcL1BLmUlGzMusvRbjI_0-qj-mc0utGdRjY-xIN2yBj8vl4DODO-wMwfp-cqZbCd9TENyHaTb8iA27s-73L3ExOQ" + 's4W7xjkQZP3OwG7PfRgcYKn8eRYXHiz1iK503fS-K2FZo-Ublwwa2xFZWpsUU_jtoVCwIkaqZuo6xoKtlMYXXvfVHGuKBHEBVn8b8x_57BQWz1d0KdrNXxuMvtFe6RzMqiMqzqZrzae4UqVCkYqcR9gQx66Ehq7hPmCxJCkg7ajo7fu6E7dPd34KH2HSYRsaaEA_BcKTeb9H1XE_qEKjog68wUU9Ekfl3FBIRN-1Ah_BoktGFoXyi_jt0-L0-gKcL1BLmUlGzMusvRbjI_0-qj-mc0utGdRjY-xIN2yBj8vl4DODO-wMwfp-cqZbCd9TENyHaTb8iA27s-73L3ExOQ' }, { - kid: "IdTokenSigningKeyContainer.v3", + kid: 'IdTokenSigningKeyContainer.v3', nbf: 1459289287, - kty: "RSA", - e: "AQAB", + kty: 'RSA', + e: 'AQAB', n: - "s4W7xjkQZP3OwG7PfRgcYKn8eRYXHiz1iK503fS-K2FZo-Ublwwa2xFZWpsUU_jtoVCwIkaqZuo6xoKtlMYXXvfVHGuKBHEBVn8b8x_57BQWz1d0KdrNXxuMvtFe6RzMqiMqzqZrzae4UqVCkYqcR9gQx66Ehq7hPmCxJCkg7ajo7fu6E7dPd34KH2HSYRsaaEA_BcKTeb9H1XE_qEKjog68wUU9Ekfl3FBIRN-1Ah_BoktGFoXyi_jt0-L0-gKcL1BLmUlGzMusvRbjI_0-qj-mc0utGdRjY-xIN2yBj8vl4DODO-wMwfp-cqZbCd9TENyHaTb8iA27s-73L3ExOQ" + 's4W7xjkQZP3OwG7PfRgcYKn8eRYXHiz1iK503fS-K2FZo-Ublwwa2xFZWpsUU_jtoVCwIkaqZuo6xoKtlMYXXvfVHGuKBHEBVn8b8x_57BQWz1d0KdrNXxuMvtFe6RzMqiMqzqZrzae4UqVCkYqcR9gQx66Ehq7hPmCxJCkg7ajo7fu6E7dPd34KH2HSYRsaaEA_BcKTeb9H1XE_qEKjog68wUU9Ekfl3FBIRN-1Ah_BoktGFoXyi_jt0-L0-gKcL1BLmUlGzMusvRbjI_0-qj-mc0utGdRjY-xIN2yBj8vl4DODO-wMwfp-cqZbCd9TENyHaTb8iA27s-73L3ExOQ' }, { - kid: "IdTokenSigningKeyContainer.v4", + kid: 'IdTokenSigningKeyContainer.v4', nbf: 1459289287, - use: "enc", - kty: "RSA", - e: "AQAB", + use: 'enc', + kty: 'RSA', + e: 'AQAB', n: - "s4W7xjkQZP3OwG7PfRgcYKn8eRYXHiz1iK503fS-K2FZo-Ublwwa2xFZWpsUU_jtoVCwIkaqZuo6xoKtlMYXXvfVHGuKBHEBVn8b8x_57BQWz1d0KdrNXxuMvtFe6RzMqiMqzqZrzae4UqVCkYqcR9gQx66Ehq7hPmCxJCkg7ajo7fu6E7dPd34KH2HSYRsaaEA_BcKTeb9H1XE_qEKjog68wUU9Ekfl3FBIRN-1Ah_BoktGFoXyi_jt0-L0-gKcL1BLmUlGzMusvRbjI_0-qj-mc0utGdRjY-xIN2yBj8vl4DODO-wMwfp-cqZbCd9TENyHaTb8iA27s-73L3ExOQ" - }, + 's4W7xjkQZP3OwG7PfRgcYKn8eRYXHiz1iK503fS-K2FZo-Ublwwa2xFZWpsUU_jtoVCwIkaqZuo6xoKtlMYXXvfVHGuKBHEBVn8b8x_57BQWz1d0KdrNXxuMvtFe6RzMqiMqzqZrzae4UqVCkYqcR9gQx66Ehq7hPmCxJCkg7ajo7fu6E7dPd34KH2HSYRsaaEA_BcKTeb9H1XE_qEKjog68wUU9Ekfl3FBIRN-1Ah_BoktGFoXyi_jt0-L0-gKcL1BLmUlGzMusvRbjI_0-qj-mc0utGdRjY-xIN2yBj8vl4DODO-wMwfp-cqZbCd9TENyHaTb8iA27s-73L3ExOQ' + } ] }); @@ -381,8 +381,8 @@ describe("JwksClient", () => { expect(keys.length).to.equal(3); expect(keys[0].rsaPublicKey).not.to.be.null; expect(keys[0].getPublicKey()).to.equal(keys[0].rsaPublicKey); - expect(keys[0].kid).to.equal("IdTokenSigningKeyContainer"); - expect(keys[1].kid).to.equal("IdTokenSigningKeyContainer.v2"); + expect(keys[0].kid).to.equal('IdTokenSigningKeyContainer'); + expect(keys[1].kid).to.equal('IdTokenSigningKeyContainer.v2'); expect(keys[1].rsaPublicKey).not.to.be.null; expect(keys[1].getPublicKey()).to.equal(keys[1].rsaPublicKey); expect(keys[1].nbf).to.equal(1459289287); @@ -392,35 +392,35 @@ describe("JwksClient", () => { }); }); - it("should only take the signing keys from the keys", done => { + it('should only take the signing keys from the keys', done => { nock(jwksHost) - .get("/.well-known/jwks.json") + .get('/.well-known/jwks.json') .reply(200, { keys: [ { - kty: "something", - use: "else", + kty: 'something', + use: 'else', x5c: [ - "MIIDDTCCAfWgAwIBAgIJAJVkuSv2H8mDMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTAeFw0xNDA1MTQyMTIyMjZaFw0yODAxMjEyMTIyMjZaMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6jWASkHhXz5Ug6t5BsYBrXDIgrWu05f3oq2fE+5J5REKJiY0Ddc+Kda34ZwOptnUoef3JwKPDAckTJQDugweNNZPwOmFMRKj4xqEpxEkIX8C+zHs41Q6x54ZZy0xU+WvTGcdjzyZTZ/h0iOYisswFQT/s6750tZG0BOBtZ5qS/80tmWH7xFitgewdWteJaASE/eO1qMtdNsp9fxOtN5U/pZDUyFm3YRfOcODzVqp3wOz+dcKb7cdZN11EYGZOkjEekpcedzHCo9H4aOmdKCpytqL/9FXoihcBMg39s1OW3cfwfgf5/kvOJdcqR4PoATQTfsDVoeMWVB4XLGR6SC5kCAwEAAaNQME4wHQYDVR0OBBYEFHDYn9BQdup1CoeoFi0Rmf5xn/W9MB8GA1UdIwQYMBaAFHDYn9BQdup1CoeoFi0Rmf5xn/W9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGLpQZdd2ICVnGjc6CYfT3VNoujKYWk7E0shGaCXFXptrZ8yaryfo6WAizTfgOpQNJH+Jz+QsCjvkRt6PBSYX/hb5OUDU2zNJN48/VOw57nzWdjI70H2Ar4oJLck36xkIRs/+QX+mSNCjZboRwh0LxanXeALHSbCgJkbzWbjVnfJEQUP9P/7NGf0MkO5I95C/Pz9g91y8gU+R3imGppLy9Zx+OwADFwKAEJak4JrNgcjHBQenakAXnXP6HG4hHH4MzO8LnLiKv8ZkKVL67da/80PcpO0miMNPaqBBMd2Cy6GzQYE0ag6k0nk+DMIFn7K+o21gjUuOEJqIbAvhbf2KcM=" + 'MIIDDTCCAfWgAwIBAgIJAJVkuSv2H8mDMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTAeFw0xNDA1MTQyMTIyMjZaFw0yODAxMjEyMTIyMjZaMB0xGzAZBgNVBAMMEnNhbmRyaW5vLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6jWASkHhXz5Ug6t5BsYBrXDIgrWu05f3oq2fE+5J5REKJiY0Ddc+Kda34ZwOptnUoef3JwKPDAckTJQDugweNNZPwOmFMRKj4xqEpxEkIX8C+zHs41Q6x54ZZy0xU+WvTGcdjzyZTZ/h0iOYisswFQT/s6750tZG0BOBtZ5qS/80tmWH7xFitgewdWteJaASE/eO1qMtdNsp9fxOtN5U/pZDUyFm3YRfOcODzVqp3wOz+dcKb7cdZN11EYGZOkjEekpcedzHCo9H4aOmdKCpytqL/9FXoihcBMg39s1OW3cfwfgf5/kvOJdcqR4PoATQTfsDVoeMWVB4XLGR6SC5kCAwEAAaNQME4wHQYDVR0OBBYEFHDYn9BQdup1CoeoFi0Rmf5xn/W9MB8GA1UdIwQYMBaAFHDYn9BQdup1CoeoFi0Rmf5xn/W9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGLpQZdd2ICVnGjc6CYfT3VNoujKYWk7E0shGaCXFXptrZ8yaryfo6WAizTfgOpQNJH+Jz+QsCjvkRt6PBSYX/hb5OUDU2zNJN48/VOw57nzWdjI70H2Ar4oJLck36xkIRs/+QX+mSNCjZboRwh0LxanXeALHSbCgJkbzWbjVnfJEQUP9P/7NGf0MkO5I95C/Pz9g91y8gU+R3imGppLy9Zx+OwADFwKAEJak4JrNgcjHBQenakAXnXP6HG4hHH4MzO8LnLiKv8ZkKVL67da/80PcpO0miMNPaqBBMd2Cy6GzQYE0ag6k0nk+DMIFn7K+o21gjUuOEJqIbAvhbf2KcM=' ], n: - "vqNYBKQeFfPlSDq3kGxgGtcMiCta7Tl_eirZ8T7knlEQomJjQN1z4p1rfhnA6m2dSh5_cnAo8MByRMlAO6DB401k_A6YUxEqPjGoSnESQhfwL7MezjVDrHnhlnLTFT5a9MZx2PPJlNn-HSI5iKyzAVBP-zrvnS1kbQE4G1nmpL_zS2ZYfvEWK2B7B1a14loBIT947Woy102yn1_E603lT-lkNTIWbdhF85w4PNWqnfA7P51wpvtx1k3XURgZk6SMR6Slx53McKj0fho6Z0oKnK2ov_0VeiKFwEyDf2zU5bdx_B-B_n-S84l1ypHg-gBNBN-wNWh4xZUHhcsZHpILmQ", - e: "AQAB", - kid: "RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg", - x5t: "RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg" + 'vqNYBKQeFfPlSDq3kGxgGtcMiCta7Tl_eirZ8T7knlEQomJjQN1z4p1rfhnA6m2dSh5_cnAo8MByRMlAO6DB401k_A6YUxEqPjGoSnESQhfwL7MezjVDrHnhlnLTFT5a9MZx2PPJlNn-HSI5iKyzAVBP-zrvnS1kbQE4G1nmpL_zS2ZYfvEWK2B7B1a14loBIT947Woy102yn1_E603lT-lkNTIWbdhF85w4PNWqnfA7P51wpvtx1k3XURgZk6SMR6Slx53McKj0fho6Z0oKnK2ov_0VeiKFwEyDf2zU5bdx_B-B_n-S84l1ypHg-gBNBN-wNWh4xZUHhcsZHpILmQ', + e: 'AQAB', + kid: 'RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg', + x5t: 'RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg' }, { - kty: "something", - use: "else", + kty: 'something', + use: 'else', nbf: 123, x5c: [ - "MIIDGzCCAgOgAwIBAgIJAPQM5+PwmOcPMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGXNhbmRyaW5vLWRldi5ldS5hdXRoMC5jb20wHhcNMTUwMzMxMDkwNTQ3WhcNMjgxMjA3MDkwNTQ3WjAkMSIwIAYDVQQDDBlzYW5kcmluby1kZXYuZXUuYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/SECtT7H4rxKtX2HpGhSyeYTe3Vet8YQpjBAr+1TnQ1fcYfvfmnVRHvhmTwABktD1erF1lxFsrRw92yBDOHlL7lj1n2fcfLftSoStgvRHVg52kR+CkBVQ6/mF1lYkefIjik6YRMf55Eu4FqDyVG2dgd5EA8kNO4J8OPc7vAtZyXrRYOZjVXbEgyjje/V+OpMQxAHP2Er11TLuzJjioP0ICVqhAZdq2sLk7agoxn64md6fqOk4N+7lJkU4+412VD0qYwKxD7nGsEclYawKoZD9/xhCk2qfQ/HptIumrdQ5ox3Sq5t2a7VKa41dBUQ1MQtXG2iY7S9RlfcMIyQwGhOQIDAQABo1AwTjAdBgNVHQ4EFgQUHpS1fvO/54G2c1VpEDNUZRSl44gwHwYDVR0jBBgwFoAUHpS1fvO/54G2c1VpEDNUZRSl44gwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAtm9I0nr6eXF5aq4yllfiqZcQ6mKrJLH9Rm4Jv+olniNynTcnpwprRVLToIawc8MmzIGZTtCn7u+dSxWf1UNE+SH7XgEnGtO74239vleEx1+Tf5viIdsnCxgvFiPdOqRlc9KcFSWd6a7RzcglnyU7GEx0K5GLv1wPA6qEM+3uwNwjAyVSu5dFw8kCfaSvlk5rXKRUzSoW9NVomw6+tADR8vMZS+4KThZ+4GH0rMN4KjIaRFxW8OMVYOn12uq33fLCd6MuPHW/rklxLbQBoHIU/ClNhbD0t6f00w9lHhPy4IP73rv7Oow0Ny6i70Iq0ijqj+kAtnrphlOvLFxqn6nCvQ==" + 'MIIDGzCCAgOgAwIBAgIJAPQM5+PwmOcPMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGXNhbmRyaW5vLWRldi5ldS5hdXRoMC5jb20wHhcNMTUwMzMxMDkwNTQ3WhcNMjgxMjA3MDkwNTQ3WjAkMSIwIAYDVQQDDBlzYW5kcmluby1kZXYuZXUuYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/SECtT7H4rxKtX2HpGhSyeYTe3Vet8YQpjBAr+1TnQ1fcYfvfmnVRHvhmTwABktD1erF1lxFsrRw92yBDOHlL7lj1n2fcfLftSoStgvRHVg52kR+CkBVQ6/mF1lYkefIjik6YRMf55Eu4FqDyVG2dgd5EA8kNO4J8OPc7vAtZyXrRYOZjVXbEgyjje/V+OpMQxAHP2Er11TLuzJjioP0ICVqhAZdq2sLk7agoxn64md6fqOk4N+7lJkU4+412VD0qYwKxD7nGsEclYawKoZD9/xhCk2qfQ/HptIumrdQ5ox3Sq5t2a7VKa41dBUQ1MQtXG2iY7S9RlfcMIyQwGhOQIDAQABo1AwTjAdBgNVHQ4EFgQUHpS1fvO/54G2c1VpEDNUZRSl44gwHwYDVR0jBBgwFoAUHpS1fvO/54G2c1VpEDNUZRSl44gwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAtm9I0nr6eXF5aq4yllfiqZcQ6mKrJLH9Rm4Jv+olniNynTcnpwprRVLToIawc8MmzIGZTtCn7u+dSxWf1UNE+SH7XgEnGtO74239vleEx1+Tf5viIdsnCxgvFiPdOqRlc9KcFSWd6a7RzcglnyU7GEx0K5GLv1wPA6qEM+3uwNwjAyVSu5dFw8kCfaSvlk5rXKRUzSoW9NVomw6+tADR8vMZS+4KThZ+4GH0rMN4KjIaRFxW8OMVYOn12uq33fLCd6MuPHW/rklxLbQBoHIU/ClNhbD0t6f00w9lHhPy4IP73rv7Oow0Ny6i70Iq0ijqj+kAtnrphlOvLFxqn6nCvQ==' ], n: - "v_SECtT7H4rxKtX2HpGhSyeYTe3Vet8YQpjBAr-1TnQ1fcYfvfmnVRHvhmTwABktD1erF1lxFsrRw92yBDOHlL7lj1n2fcfLftSoStgvRHVg52kR-CkBVQ6_mF1lYkefIjik6YRMf55Eu4FqDyVG2dgd5EA8kNO4J8OPc7vAtZyXrRYOZjVXbEgyjje_V-OpMQxAHP2Er11TLuzJjioP0ICVqhAZdq2sLk7agoxn64md6fqOk4N-7lJkU4-412VD0qYwKxD7nGsEclYawKoZD9_xhCk2qfQ_HptIumrdQ5ox3Sq5t2a7VKa41dBUQ1MQtXG2iY7S9RlfcMIyQwGhOQ", - e: "AQAB", - kid: "NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA", - x5t: "NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA" + 'v_SECtT7H4rxKtX2HpGhSyeYTe3Vet8YQpjBAr-1TnQ1fcYfvfmnVRHvhmTwABktD1erF1lxFsrRw92yBDOHlL7lj1n2fcfLftSoStgvRHVg52kR-CkBVQ6_mF1lYkefIjik6YRMf55Eu4FqDyVG2dgd5EA8kNO4J8OPc7vAtZyXrRYOZjVXbEgyjje_V-OpMQxAHP2Er11TLuzJjioP0ICVqhAZdq2sLk7agoxn64md6fqOk4N-7lJkU4-412VD0qYwKxD7nGsEclYawKoZD9_xhCk2qfQ_HptIumrdQ5ox3Sq5t2a7VKa41dBUQ1MQtXG2iY7S9RlfcMIyQwGhOQ', + e: 'AQAB', + kid: 'NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA', + x5t: 'NkFCNEE1NDFDNTQ5RTQ5OTE1QzRBMjYyMzY0NEJCQTJBMjJBQkZCMA' } ] }); @@ -431,28 +431,28 @@ describe("JwksClient", () => { client.getSigningKeys(err => { expect(err).not.to.be.null; - expect(err.name).to.equal("JwksError"); + expect(err.name).to.equal('JwksError'); expect(err.message).to.equal( - "The JWKS endpoint did not contain any signing keys" + 'The JWKS endpoint did not contain any signing keys' ); done(); }); }); }); - describe("#getSigningKey", () => { - it("should return error if signing key is not found", done => { + describe('#getSigningKey', () => { + it('should return error if signing key is not found', done => { nock(jwksHost) - .get("/.well-known/jwks.json") + .get('/.well-known/jwks.json') .reply(200, x5cMultiple); const client = new JwksClient({ jwksUri: `${jwksHost}/.well-known/jwks.json` }); - client.getSigningKey("1234", err => { + client.getSigningKey('1234', err => { expect(err).not.to.be.null; - expect(err.name).to.equal("SigningKeyNotFoundError"); + expect(err.name).to.equal('SigningKeyNotFoundError'); done(); }); }); diff --git a/tests/koa.tests.js b/tests/koa.tests.js index 36187bd3..7029f86e 100644 --- a/tests/koa.tests.js +++ b/tests/koa.tests.js @@ -23,177 +23,177 @@ describe('koaJwtSecret', () => { expect(err instanceof jwksRsa.ArgumentError).to.be.true; }); - it('should accept the secret function', () => { - koaJwt({ - debug: true, - secret: jwksRsa.koaJwtSecret({ - jwksUri: 'http://localhost/.well-known/jwks.json' - }) - }); + it('should accept the secret function', () => { + koaJwt({ + debug: true, + secret: jwksRsa.koaJwtSecret({ + jwksUri: 'http://localhost/.well-known/jwks.json' + }) }); + }); - it('should not provide a key if token is invalid', done => { - - const app = new Koa(); - app.use(koaJwt({ - debug: true, - secret: jwksRsa.koaJwtSecret({ - jwksUri: 'http://localhost/.well-known/jwks.json' - }) - })); - - request(app.listen()) - .get('/') - .set('Authorization', 'Bearer abc') - .expect(401) - .end((err, res) => { - expect(res.text).to.equal('Invalid token'); - done(); - }); - }); + it('should not provide a key if token is invalid', done => { + + const app = new Koa(); + app.use(koaJwt({ + debug: true, + secret: jwksRsa.koaJwtSecret({ + jwksUri: 'http://localhost/.well-known/jwks.json' + }) + })); + + request(app.listen()) + .get('/') + .set('Authorization', 'Bearer abc') + .expect(401) + .end((err, res) => { + expect(res.text).to.equal('Invalid token'); + done(); + }); + }); - it('should not provide a key if token is HS256', (done) => { - const app = new Koa(); - app.use(koaJwt({ - debug: true, - secret: jwksRsa.koaJwtSecret({ - jwksUri: 'http://localhost/.well-known/jwks.json' - }) - })); - - const token = createSymmetricToken('mykey', { sub: 'john' }); - - request(app.listen()) - .get('/') - .set('Authorization', `Bearer ${ token }`) - .expect(401) - .end((err, res) => { - expect(res.text).to.equal('Missing / invalid token algorithm'); - done(); - }); - }); + it('should not provide a key if token is HS256', (done) => { + const app = new Koa(); + app.use(koaJwt({ + debug: true, + secret: jwksRsa.koaJwtSecret({ + jwksUri: 'http://localhost/.well-known/jwks.json' + }) + })); + + const token = createSymmetricToken('mykey', { sub: 'john' }); + + request(app.listen()) + .get('/') + .set('Authorization', `Bearer ${ token }`) + .expect(401) + .end((err, res) => { + expect(res.text).to.equal('Missing / invalid token algorithm'); + done(); + }); + }); - it('should not provide a key if token is RS256 and no KID was provided', (done) => { - const app = new Koa(); - app.use(koaJwt({ - debug: true, - secret: jwksRsa.koaJwtSecret({ - jwksUri: 'http://localhost/.well-known/jwks.json' - }) - })); - - const token = createToken(privateKey, null, { sub: 'john' }); - jwksEndpoint('http://localhost', [ { pub: publicKey, kid: '123' } ]); - - request(app.listen()) - .get('/') - .set('Authorization', `Bearer ${ token }`) - .expect(401) - .end((err, res) => { - expect(res.text).to.equal('Unable to find a signing key that matches \'null\''); - done(); - }); - }); + it('should not provide a key if token is RS256 and no KID was provided', (done) => { + const app = new Koa(); + app.use(koaJwt({ + debug: true, + secret: jwksRsa.koaJwtSecret({ + jwksUri: 'http://localhost/.well-known/jwks.json' + }) + })); + + const token = createToken(privateKey, null, { sub: 'john' }); + jwksEndpoint('http://localhost', [ { pub: publicKey, kid: '123' } ]); + + request(app.listen()) + .get('/') + .set('Authorization', `Bearer ${ token }`) + .expect(401) + .end((err, res) => { + expect(res.text).to.equal('Unable to find a signing key that matches \'null\''); + done(); + }); + }); - it('should not provide a key if token is RS256 and invalid KID was provided', (done) => { - const app = new Koa(); - app.use(koaJwt({ - debug: true, - secret: jwksRsa.koaJwtSecret({ - jwksUri: 'http://localhost/.well-known/jwks.json' - }) - })); - - const token = createToken(privateKey, '456', { sub: 'john' }); - jwksEndpoint('http://localhost', [ { pub: publicKey, kid: '123' } ]); - - request(app.listen()) - .get('/') - .set('Authorization', `Bearer ${ token }`) - .expect(401) - .end((err, res) => { - expect(res.text).to.equal('Unable to find a signing key that matches \'456\''); - done(); - }); - }); + it('should not provide a key if token is RS256 and invalid KID was provided', (done) => { + const app = new Koa(); + app.use(koaJwt({ + debug: true, + secret: jwksRsa.koaJwtSecret({ + jwksUri: 'http://localhost/.well-known/jwks.json' + }) + })); + + const token = createToken(privateKey, '456', { sub: 'john' }); + jwksEndpoint('http://localhost', [ { pub: publicKey, kid: '123' } ]); + + request(app.listen()) + .get('/') + .set('Authorization', `Bearer ${ token }`) + .expect(401) + .end((err, res) => { + expect(res.text).to.equal('Unable to find a signing key that matches \'456\''); + done(); + }); + }); - it('should not authenticate the user if KID matches but the keys don\'t', (done) => { - const app = new Koa(); - app.use(koaJwt({ - debug: true, - secret: jwksRsa.koaJwtSecret({ - jwksUri: 'http://localhost/.well-known/jwks.json' - }) - })); - - const token = createToken(privateKey, '123', { sub: 'john' }); - jwksEndpoint('http://localhost', [ { pub: randomPublicKey1, kid: '123' } ]); - - request(app.listen()) - .get('/') - .set('Authorization', `Bearer ${ token }`) - .expect(401) - .end((err, res) => { - expect(res.text).to.equal('invalid signature'); - done(); - }); - }); + it('should not authenticate the user if KID matches but the keys don\'t', (done) => { + const app = new Koa(); + app.use(koaJwt({ + debug: true, + secret: jwksRsa.koaJwtSecret({ + jwksUri: 'http://localhost/.well-known/jwks.json' + }) + })); + + const token = createToken(privateKey, '123', { sub: 'john' }); + jwksEndpoint('http://localhost', [ { pub: randomPublicKey1, kid: '123' } ]); + + request(app.listen()) + .get('/') + .set('Authorization', `Bearer ${ token }`) + .expect(401) + .end((err, res) => { + expect(res.text).to.equal('invalid signature'); + done(); + }); + }); - it('should allow returning an error if key not found', (done) => { - - const app = new Koa(); - app.use(koaJwt({ - debug: true, - secret: jwksRsa.koaJwtSecret({ - jwksUri: 'http://localhost/.well-known/jwks.json', - handleSigningKeyError: (err) => { - if (err instanceof jwksRsa.SigningKeyNotFoundError) { - return Promise.resolve( - new Error('this is bad') - ); - } - } - }) - })); - - const token = createToken(privateKey, '456', { sub: 'john' }); - jwksEndpoint('http://localhost', [ { pub: randomPublicKey1, kid: '123' } ]); - - request(app.listen()) - .get('/') - .set('Authorization', `Bearer ${ token }`) - .expect(401) - .end((err, res) => { - expect(res.text).to.equal('this is bad'); - done(); - }); - }); + it('should allow returning an error if key not found', (done) => { + + const app = new Koa(); + app.use(koaJwt({ + debug: true, + secret: jwksRsa.koaJwtSecret({ + jwksUri: 'http://localhost/.well-known/jwks.json', + handleSigningKeyError: (err) => { + if (err instanceof jwksRsa.SigningKeyNotFoundError) { + return Promise.resolve( + new Error('this is bad') + ); + } + } + }) + })); + + const token = createToken(privateKey, '456', { sub: 'john' }); + jwksEndpoint('http://localhost', [ { pub: randomPublicKey1, kid: '123' } ]); + + request(app.listen()) + .get('/') + .set('Authorization', `Bearer ${ token }`) + .expect(401) + .end((err, res) => { + expect(res.text).to.equal('this is bad'); + done(); + }); + }); - it('should work if the token matches a signing key', (done) => { - const app = new Koa(); - app.use(koaJwt({ - debug: true, - secret: jwksRsa.koaJwtSecret({ - jwksUri: 'http://localhost/.well-known/jwks.json' - }), - algorithms: ['RS256'] - })); - app.use((ctx) => { - ctx.body = ctx.state.user; - ctx.status = 200; - }); - - const token = createToken(privateKey, '123', { sub: 'john' }); - jwksEndpoint('http://localhost', [ { pub: publicKey, kid: '123' } ]); - - request(app.listen()) - .get('/') - .set('Authorization', `Bearer ${ token }`) - .expect(200) - .end((err, res) => { - expect(res.body.sub).to.equal('john'); - done(); - }); + it('should work if the token matches a signing key', (done) => { + const app = new Koa(); + app.use(koaJwt({ + debug: true, + secret: jwksRsa.koaJwtSecret({ + jwksUri: 'http://localhost/.well-known/jwks.json' + }), + algorithms: [ 'RS256' ] + })); + app.use((ctx) => { + ctx.body = ctx.state.user; + ctx.status = 200; }); + const token = createToken(privateKey, '123', { sub: 'john' }); + jwksEndpoint('http://localhost', [ { pub: publicKey, kid: '123' } ]); + + request(app.listen()) + .get('/') + .set('Authorization', `Bearer ${ token }`) + .expect(200) + .end((err, res) => { + expect(res.body.sub).to.equal('john'); + done(); + }); + }); + }); diff --git a/tests/passport.tests.js b/tests/passport.tests.js index bc727fad..35b6a64d 100644 --- a/tests/passport.tests.js +++ b/tests/passport.tests.js @@ -144,7 +144,7 @@ describe('passportJwtSecret', () => { ); const token = createToken(privateKey, null, { sub: 'john' }); - jwksEndpoint('http://localhost', [{ pub: publicKey, kid: '123' }]); + jwksEndpoint('http://localhost', [ { pub: publicKey, kid: '123' } ]); request(app.listen()) .get('/') @@ -187,7 +187,7 @@ describe('passportJwtSecret', () => { ); const token = createToken(privateKey, '456', { sub: 'john' }); - jwksEndpoint('http://localhost', [{ pub: publicKey, kid: '123' }]); + jwksEndpoint('http://localhost', [ { pub: publicKey, kid: '123' } ]); request(app.listen()) .get('/') @@ -230,7 +230,7 @@ describe('passportJwtSecret', () => { ); const token = createToken(privateKey, '123', { sub: 'john' }); - jwksEndpoint('http://localhost', [{ pub: randomPublicKey1, kid: '123' }]); + jwksEndpoint('http://localhost', [ { pub: randomPublicKey1, kid: '123' } ]); request(app.listen()) .get('/') @@ -276,7 +276,7 @@ describe('passportJwtSecret', () => { ); const token = createToken(privateKey, '456', { sub: 'john' }); - jwksEndpoint('http://localhost', [{ pub: randomPublicKey1, kid: '123' }]); + jwksEndpoint('http://localhost', [ { pub: randomPublicKey1, kid: '123' } ]); request(app.listen()) .get('/') @@ -297,7 +297,7 @@ describe('passportJwtSecret', () => { jwksUri: 'http://localhost/.well-known/jwks.json' }), jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(), - algorithms: ['RS256'] + algorithms: [ 'RS256' ] }, (jwt_payload, done) => done(null, jwt_payload) ) @@ -312,7 +312,7 @@ describe('passportJwtSecret', () => { ); const token = createToken(privateKey, '123', { sub: 'john' }); - jwksEndpoint('http://localhost', [{ pub: publicKey, kid: '123' }]); + jwksEndpoint('http://localhost', [ { pub: publicKey, kid: '123' } ]); request(app.listen()) .get('/')