3 var Http = require('http');
\r
4 var Url = require('url');
\r
5 var Code = require('code');
\r
6 var Hawk = require('../lib');
\r
7 var Hoek = require('hoek');
\r
8 var Lab = require('lab');
\r
11 // Declare internals
\r
18 var lab = exports.lab = Lab.script();
\r
19 var describe = lab.experiment;
\r
21 var expect = Code.expect;
\r
24 describe('Uri', function () {
\r
26 var credentialsFunc = function (id, callback) {
\r
30 key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
\r
31 algorithm: (id === '1' ? 'sha1' : 'sha256'),
\r
35 return callback(null, credentials);
\r
38 it('should generate a bewit then successfully authenticate it', function (done) {
\r
42 url: '/resource/4?a=1&b=2',
\r
43 host: 'example.com',
\r
47 credentialsFunc('123456', function (err, credentials1) {
\r
49 var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100, ext: 'some-app-data' });
\r
50 req.url += '&bewit=' + bewit;
\r
52 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
\r
54 expect(err).to.not.exist();
\r
55 expect(credentials2.user).to.equal('steve');
\r
56 expect(attributes.ext).to.equal('some-app-data');
\r
62 it('should generate a bewit then successfully authenticate it (no ext)', function (done) {
\r
66 url: '/resource/4?a=1&b=2',
\r
67 host: 'example.com',
\r
71 credentialsFunc('123456', function (err, credentials1) {
\r
73 var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100 });
\r
74 req.url += '&bewit=' + bewit;
\r
76 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
\r
78 expect(err).to.not.exist();
\r
79 expect(credentials2.user).to.equal('steve');
\r
85 it('should successfully authenticate a request (last param)', function (done) {
\r
89 url: '/resource/4?a=1&b=2&bewit=MTIzNDU2XDQ1MTE0ODQ2MjFcMzFjMmNkbUJFd1NJRVZDOVkva1NFb2c3d3YrdEVNWjZ3RXNmOGNHU2FXQT1cc29tZS1hcHAtZGF0YQ',
\r
90 host: 'example.com',
\r
94 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
96 expect(err).to.not.exist();
\r
97 expect(credentials.user).to.equal('steve');
\r
98 expect(attributes.ext).to.equal('some-app-data');
\r
103 it('should successfully authenticate a request (first param)', function (done) {
\r
107 url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2MjFcMzFjMmNkbUJFd1NJRVZDOVkva1NFb2c3d3YrdEVNWjZ3RXNmOGNHU2FXQT1cc29tZS1hcHAtZGF0YQ&a=1&b=2',
\r
108 host: 'example.com',
\r
112 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
114 expect(err).to.not.exist();
\r
115 expect(credentials.user).to.equal('steve');
\r
116 expect(attributes.ext).to.equal('some-app-data');
\r
121 it('should successfully authenticate a request (only param)', function (done) {
\r
125 url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2NDFcZm1CdkNWT3MvcElOTUUxSTIwbWhrejQ3UnBwTmo4Y1VrSHpQd3Q5OXJ1cz1cc29tZS1hcHAtZGF0YQ',
\r
126 host: 'example.com',
\r
130 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
132 expect(err).to.not.exist();
\r
133 expect(credentials.user).to.equal('steve');
\r
134 expect(attributes.ext).to.equal('some-app-data');
\r
139 it('should fail on multiple authentication', function (done) {
\r
143 url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2NDFcZm1CdkNWT3MvcElOTUUxSTIwbWhrejQ3UnBwTmo4Y1VrSHpQd3Q5OXJ1cz1cc29tZS1hcHAtZGF0YQ',
\r
144 host: 'example.com',
\r
146 authorization: 'Basic asdasdasdasd'
\r
149 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
151 expect(err).to.exist();
\r
152 expect(err.output.payload.message).to.equal('Multiple authentications');
\r
157 it('should fail on method other than GET', function (done) {
\r
159 credentialsFunc('123456', function (err, credentials1) {
\r
163 url: '/resource/4?filter=a',
\r
164 host: 'example.com',
\r
168 var exp = Math.floor(Hawk.utils.now() / 1000) + 60;
\r
169 var ext = 'some-app-data';
\r
170 var mac = Hawk.crypto.calculateMac('bewit', credentials1, {
\r
173 method: req.method,
\r
180 var bewit = credentials1.id + '\\' + exp + '\\' + mac + '\\' + ext;
\r
182 req.url += '&bewit=' + Hoek.base64urlEncode(bewit);
\r
184 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
\r
186 expect(err).to.exist();
\r
187 expect(err.output.payload.message).to.equal('Invalid method');
\r
193 it('should fail on invalid host header', function (done) {
\r
197 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
\r
199 host: 'example.com:something'
\r
203 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
205 expect(err).to.exist();
\r
206 expect(err.output.payload.message).to.equal('Invalid Host header');
\r
211 it('should fail on empty bewit', function (done) {
\r
215 url: '/resource/4?bewit=',
\r
216 host: 'example.com',
\r
220 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
222 expect(err).to.exist();
\r
223 expect(err.output.payload.message).to.equal('Empty bewit');
\r
224 expect(err.isMissing).to.not.exist();
\r
229 it('should fail on invalid bewit', function (done) {
\r
233 url: '/resource/4?bewit=*',
\r
234 host: 'example.com',
\r
238 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
240 expect(err).to.exist();
\r
241 expect(err.output.payload.message).to.equal('Invalid bewit encoding');
\r
242 expect(err.isMissing).to.not.exist();
\r
247 it('should fail on missing bewit', function (done) {
\r
251 url: '/resource/4',
\r
252 host: 'example.com',
\r
256 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
258 expect(err).to.exist();
\r
259 expect(err.output.payload.message).to.not.exist();
\r
260 expect(err.isMissing).to.equal(true);
\r
265 it('should fail on invalid bewit structure', function (done) {
\r
269 url: '/resource/4?bewit=abc',
\r
270 host: 'example.com',
\r
274 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
276 expect(err).to.exist();
\r
277 expect(err.output.payload.message).to.equal('Invalid bewit structure');
\r
282 it('should fail on empty bewit attribute', function (done) {
\r
286 url: '/resource/4?bewit=YVxcY1xk',
\r
287 host: 'example.com',
\r
291 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
293 expect(err).to.exist();
\r
294 expect(err.output.payload.message).to.equal('Missing bewit attributes');
\r
299 it('should fail on missing bewit id attribute', function (done) {
\r
303 url: '/resource/4?bewit=XDQ1NTIxNDc2MjJcK0JFbFhQMXhuWjcvd1Nrbm1ldGhlZm5vUTNHVjZNSlFVRHk4NWpTZVJ4VT1cc29tZS1hcHAtZGF0YQ',
\r
304 host: 'example.com',
\r
308 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
310 expect(err).to.exist();
\r
311 expect(err.output.payload.message).to.equal('Missing bewit attributes');
\r
316 it('should fail on expired access', function (done) {
\r
320 url: '/resource/4?a=1&b=2&bewit=MTIzNDU2XDEzNTY0MTg1ODNcWk1wZlMwWU5KNHV0WHpOMmRucTRydEk3NXNXTjFjeWVITTcrL0tNZFdVQT1cc29tZS1hcHAtZGF0YQ',
\r
321 host: 'example.com',
\r
325 Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
\r
327 expect(err).to.exist();
\r
328 expect(err.output.payload.message).to.equal('Access expired');
\r
333 it('should fail on credentials function error', function (done) {
\r
337 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
\r
338 host: 'example.com',
\r
342 Hawk.uri.authenticate(req, function (id, callback) {
\r
344 callback(Hawk.error.badRequest('Boom'));
\r
345 }, {}, function (err, credentials, attributes) {
\r
347 expect(err).to.exist();
\r
348 expect(err.output.payload.message).to.equal('Boom');
\r
353 it('should fail on credentials function error with credentials', function (done) {
\r
357 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
\r
358 host: 'example.com',
\r
362 Hawk.uri.authenticate(req, function (id, callback) {
\r
364 callback(Hawk.error.badRequest('Boom'), { some: 'value' });
\r
365 }, {}, function (err, credentials, attributes) {
\r
367 expect(err).to.exist();
\r
368 expect(err.output.payload.message).to.equal('Boom');
\r
369 expect(credentials.some).to.equal('value');
\r
374 it('should fail on null credentials function response', function (done) {
\r
378 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
\r
379 host: 'example.com',
\r
383 Hawk.uri.authenticate(req, function (id, callback) {
\r
385 callback(null, null);
\r
386 }, {}, function (err, credentials, attributes) {
\r
388 expect(err).to.exist();
\r
389 expect(err.output.payload.message).to.equal('Unknown credentials');
\r
394 it('should fail on invalid credentials function response', function (done) {
\r
398 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
\r
399 host: 'example.com',
\r
403 Hawk.uri.authenticate(req, function (id, callback) {
\r
405 callback(null, {});
\r
406 }, {}, function (err, credentials, attributes) {
\r
408 expect(err).to.exist();
\r
409 expect(err.message).to.equal('Invalid credentials');
\r
414 it('should fail on invalid credentials function response (unknown algorithm)', function (done) {
\r
418 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
\r
419 host: 'example.com',
\r
423 Hawk.uri.authenticate(req, function (id, callback) {
\r
425 callback(null, { key: 'xxx', algorithm: 'xxx' });
\r
426 }, {}, function (err, credentials, attributes) {
\r
428 expect(err).to.exist();
\r
429 expect(err.message).to.equal('Unknown algorithm');
\r
434 it('should fail on expired access', function (done) {
\r
438 url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
\r
439 host: 'example.com',
\r
443 Hawk.uri.authenticate(req, function (id, callback) {
\r
445 callback(null, { key: 'xxx', algorithm: 'sha256' });
\r
446 }, {}, function (err, credentials, attributes) {
\r
448 expect(err).to.exist();
\r
449 expect(err.output.payload.message).to.equal('Bad mac');
\r
454 describe('getBewit()', function () {
\r
456 it('returns a valid bewit value', function (done) {
\r
458 var credentials = {
\r
460 key: '2983d45yun89q',
\r
461 algorithm: 'sha256'
\r
464 var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
\r
465 expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdca3NjeHdOUjJ0SnBQMVQxekRMTlBiQjVVaUtJVTl0T1NKWFRVZEc3WDloOD1ceGFuZHlhbmR6');
\r
469 it('returns a valid bewit value (explicit port)', function (done) {
\r
471 var credentials = {
\r
473 key: '2983d45yun89q',
\r
474 algorithm: 'sha256'
\r
477 var bewit = Hawk.uri.getBewit('https://example.com:8080/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
\r
478 expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcaFpiSjNQMmNLRW80a3kwQzhqa1pBa1J5Q1p1ZWc0V1NOYnhWN3ZxM3hIVT1ceGFuZHlhbmR6');
\r
482 it('returns a valid bewit value (null ext)', function (done) {
\r
484 var credentials = {
\r
486 key: '2983d45yun89q',
\r
487 algorithm: 'sha256'
\r
490 var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: null });
\r
491 expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcSUdZbUxnSXFMckNlOEN4dktQczRKbFdJQStValdKSm91d2dBUmlWaENBZz1c');
\r
495 it('returns a valid bewit value (parsed uri)', function (done) {
\r
497 var credentials = {
\r
499 key: '2983d45yun89q',
\r
500 algorithm: 'sha256'
\r
503 var bewit = Hawk.uri.getBewit(Url.parse('https://example.com/somewhere/over/the/rainbow'), { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
\r
504 expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdca3NjeHdOUjJ0SnBQMVQxekRMTlBiQjVVaUtJVTl0T1NKWFRVZEc3WDloOD1ceGFuZHlhbmR6');
\r
508 it('errors on invalid options', function (done) {
\r
510 var credentials = {
\r
512 key: '2983d45yun89q',
\r
513 algorithm: 'sha256'
\r
516 var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', 4);
\r
517 expect(bewit).to.equal('');
\r
521 it('errors on missing uri', function (done) {
\r
523 var credentials = {
\r
525 key: '2983d45yun89q',
\r
526 algorithm: 'sha256'
\r
529 var bewit = Hawk.uri.getBewit('', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
\r
530 expect(bewit).to.equal('');
\r
534 it('errors on invalid uri', function (done) {
\r
536 var credentials = {
\r
538 key: '2983d45yun89q',
\r
539 algorithm: 'sha256'
\r
542 var bewit = Hawk.uri.getBewit(5, { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
\r
543 expect(bewit).to.equal('');
\r
547 it('errors on invalid credentials (id)', function (done) {
\r
549 var credentials = {
\r
550 key: '2983d45yun89q',
\r
551 algorithm: 'sha256'
\r
554 var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
\r
555 expect(bewit).to.equal('');
\r
559 it('errors on missing credentials', function (done) {
\r
561 var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { ttlSec: 3000, ext: 'xandyandz' });
\r
562 expect(bewit).to.equal('');
\r
566 it('errors on invalid credentials (key)', function (done) {
\r
568 var credentials = {
\r
570 algorithm: 'sha256'
\r
573 var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
\r
574 expect(bewit).to.equal('');
\r
578 it('errors on invalid algorithm', function (done) {
\r
580 var credentials = {
\r
582 key: '2983d45yun89q',
\r
583 algorithm: 'hmac-sha-0'
\r
586 var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, ext: 'xandyandz' });
\r
587 expect(bewit).to.equal('');
\r
591 it('errors on missing options', function (done) {
\r
593 var credentials = {
\r
595 key: '2983d45yun89q',
\r
596 algorithm: 'hmac-sha-0'
\r
599 var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow');
\r
600 expect(bewit).to.equal('');
\r
605 describe('authenticateMessage()', function () {
\r
607 it('should generate an authorization then successfully parse it', function (done) {
\r
609 credentialsFunc('123456', function (err, credentials1) {
\r
611 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
\r
612 expect(auth).to.exist();
\r
614 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
\r
616 expect(err).to.not.exist();
\r
617 expect(credentials2.user).to.equal('steve');
\r
623 it('should fail authorization on mismatching host', function (done) {
\r
625 credentialsFunc('123456', function (err, credentials1) {
\r
627 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
\r
628 expect(auth).to.exist();
\r
630 Hawk.server.authenticateMessage('example1.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
\r
632 expect(err).to.exist();
\r
633 expect(err.message).to.equal('Bad mac');
\r
639 it('should fail authorization on stale timestamp', function (done) {
\r
641 credentialsFunc('123456', function (err, credentials1) {
\r
643 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
\r
644 expect(auth).to.exist();
\r
646 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { localtimeOffsetMsec: 100000 }, function (err, credentials2) {
\r
648 expect(err).to.exist();
\r
649 expect(err.message).to.equal('Stale timestamp');
\r
655 it('overrides timestampSkewSec', function (done) {
\r
657 credentialsFunc('123456', function (err, credentials1) {
\r
659 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1, localtimeOffsetMsec: 100000 });
\r
660 expect(auth).to.exist();
\r
662 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { timestampSkewSec: 500 }, function (err, credentials2) {
\r
664 expect(err).to.not.exist();
\r
670 it('should fail authorization on invalid authorization', function (done) {
\r
672 credentialsFunc('123456', function (err, credentials1) {
\r
674 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
\r
675 expect(auth).to.exist();
\r
678 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
\r
680 expect(err).to.exist();
\r
681 expect(err.message).to.equal('Invalid authorization');
\r
687 it('should fail authorization on bad hash', function (done) {
\r
689 credentialsFunc('123456', function (err, credentials1) {
\r
691 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
\r
692 expect(auth).to.exist();
\r
694 Hawk.server.authenticateMessage('example.com', 8080, 'some message1', auth, credentialsFunc, {}, function (err, credentials2) {
\r
696 expect(err).to.exist();
\r
697 expect(err.message).to.equal('Bad message hash');
\r
703 it('should fail authorization on nonce error', function (done) {
\r
705 credentialsFunc('123456', function (err, credentials1) {
\r
707 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
\r
708 expect(auth).to.exist();
\r
710 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {
\r
711 nonceFunc: function (key, nonce, ts, callback) {
\r
713 callback(new Error('kaboom'));
\r
715 }, function (err, credentials2) {
\r
717 expect(err).to.exist();
\r
718 expect(err.message).to.equal('Invalid nonce');
\r
724 it('should fail authorization on credentials error', function (done) {
\r
726 credentialsFunc('123456', function (err, credentials1) {
\r
728 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
\r
729 expect(auth).to.exist();
\r
731 var errFunc = function (id, callback) {
\r
733 callback(new Error('kablooey'));
\r
736 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
\r
738 expect(err).to.exist();
\r
739 expect(err.message).to.equal('kablooey');
\r
745 it('should fail authorization on missing credentials', function (done) {
\r
747 credentialsFunc('123456', function (err, credentials1) {
\r
749 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
\r
750 expect(auth).to.exist();
\r
752 var errFunc = function (id, callback) {
\r
757 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
\r
759 expect(err).to.exist();
\r
760 expect(err.message).to.equal('Unknown credentials');
\r
766 it('should fail authorization on invalid credentials', function (done) {
\r
768 credentialsFunc('123456', function (err, credentials1) {
\r
770 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
\r
771 expect(auth).to.exist();
\r
773 var errFunc = function (id, callback) {
\r
775 callback(null, {});
\r
778 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
\r
780 expect(err).to.exist();
\r
781 expect(err.message).to.equal('Invalid credentials');
\r
787 it('should fail authorization on invalid credentials algorithm', function (done) {
\r
789 credentialsFunc('123456', function (err, credentials1) {
\r
791 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
\r
792 expect(auth).to.exist();
\r
794 var errFunc = function (id, callback) {
\r
796 callback(null, { key: '123', algorithm: '456' });
\r
799 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
\r
801 expect(err).to.exist();
\r
802 expect(err.message).to.equal('Unknown algorithm');
\r
808 it('should fail on missing host', function (done) {
\r
810 credentialsFunc('123456', function (err, credentials1) {
\r
812 var auth = Hawk.client.message(null, 8080, 'some message', { credentials: credentials1 });
\r
813 expect(auth).to.not.exist();
\r
818 it('should fail on missing credentials', function (done) {
\r
820 var auth = Hawk.client.message('example.com', 8080, 'some message', {});
\r
821 expect(auth).to.not.exist();
\r
825 it('should fail on invalid algorithm', function (done) {
\r
827 credentialsFunc('123456', function (err, credentials1) {
\r
829 var creds = Hoek.clone(credentials1);
\r
830 creds.algorithm = 'blah';
\r
831 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: creds });
\r
832 expect(auth).to.not.exist();
\r