Added tests for isAuthenticated and getDecodedToken ✅

Author: Drakota

tests/__snapshots__/hasRole.test.ts.snap

@@ -44,7 +44,7 @@ Array [
 
 exports[`Testing hasRole directive without handler overriding should prevent accessing a query without the necessary roles 1`] = `
 Array [
-  [GraphQLError: Insufficient roles. Missing one of these: USER, ADMIN, SUPER_ADMIN],
+  [GraphQLError: Insufficient roles. Missing one of these: USER],
 ]
 `;
 

tests/__snapshots__/isAuthenticated.test.ts.snap

@@ -0,0 +1,25 @@
+// Jest Snapshot v1, https://goo.gl/fbAQLP
+
+exports[`Testing isAuthenticated directive with handler overriding should override the isAuthenticated default handler correctly and throw an error 1`] = `
+Array [
+  [GraphQLError: Authorization header: Bearer TOKEN],
+]
+`;
+
+exports[`Testing isAuthenticated directive without handler overriding should allow accessing a mutation authenticated 1`] = `
+Object {
+  "protectedMutation": "@MUTATION Input: foo Protected Input: undefined",
+}
+`;
+
+exports[`Testing isAuthenticated directive without handler overriding should allow accessing a mutation's input authenticated 1`] = `
+Object {
+  "protectedMutation": "@MUTATION Input: foo Protected Input: bar",
+}
+`;
+
+exports[`Testing isAuthenticated directive without handler overriding should allow accessing a query's input authenticated 1`] = `
+Object {
+  "protectedQuery": "@QUERY Input: foo Protected Input: undefined",
+}
+`;

tests/getDecodedToken.test.ts

@@ -0,0 +1,15 @@
+// import jwt from "jsonwebtoken";
+
+import { getDecodedToken } from "../src/utils/getDecodedToken";
+
+describe("Testing the getDecodedToken function", () => {
+  it("should throw an error when there is no authorization header passed", async () => {
+    expect(() => getDecodedToken({})).toThrow(/Authorization header missing.../);
+  });
+
+  it("should throw an error when the JWT_SECRET environment variable is not set", async () => {
+    expect(() => getDecodedToken({ req: { headers: { authorization: "token" } } })).toThrow(
+      /Missing JWT_SECRET environment variable.../,
+    );
+  });
+});

tests/hasPermission.test.ts

@@ -9,7 +9,6 @@ describe("Testing hasPermission directive without handler overriding", () => {
   let client: ApolloServerTestClient;
 
   beforeAll(() => {
-    const authDirectives = createAuthDirectives();
     client = createClient({
       typeDefs: gql`
         input TestInput {
@@ -23,19 +22,6 @@ describe("Testing hasPermission directive without handler overriding", () => {
           protectedMutation(data: TestInput!): String!
         }
       `,
-      resolvers: {
-        Query: {
-          protectedQuery: (parent, args) =>
-            `@QUERY Input: ${args.data.input} Protected Input: ${args.data.protectedInput}`,
-        },
-        Mutation: {
-          protectedMutation: (parent, args) =>
-            `@MUTATION Input: ${args.data.input} Protected Input: ${args.data.protectedInput}`,
-        },
-      },
-      schemaDirectives: {
-        ...authDirectives,
-      },
     });
   });
 
@@ -58,7 +44,7 @@ describe("Testing hasPermission directive without handler overriding", () => {
   });
 
   it("should prevent accessing a query without the necessary permissions", async () => {
-    (getDecodedToken as any) = jest.fn(() => ({ permissions: ["INVALID_PERMISSION"] }));
+    (getDecodedToken as any) = jest.fn(() => ({ permissions: ["PROTECTED_INPUT"] }));
     const res = await client.query({
       query: gql`
         query protectedQuery($data: TestInput!) {

tests/hasRole.test.ts

@@ -9,11 +9,10 @@ describe("Testing hasRole directive without handler overriding", () => {
   let client: ApolloServerTestClient;
 
   beforeAll(() => {
-    const authDirectives = createAuthDirectives();
     client = createClient({
       typeDefs: gql`
         input TestInput {
-          input: String! @hasRole(roles: ["USER", "ADMIN", "SUPER_ADMIN"])
+          input: String!
           protectedInput: String @hasRole(roles: ["SUPER_ADMIN"])
         }
         type Query {
@@ -23,19 +22,6 @@ describe("Testing hasRole directive without handler overriding", () => {
           protectedMutation(data: TestInput!): String! @hasRole(roles: ["ADMIN", "SUPER_ADMIN"])
         }
       `,
-      resolvers: {
-        Query: {
-          protectedQuery: (parent, args) =>
-            `@QUERY Input: ${args.data.input} Protected Input: ${args.data.protectedInput}`,
-        },
-        Mutation: {
-          protectedMutation: (parent, args) =>
-            `@MUTATION Input: ${args.data.input} Protected Input: ${args.data.protectedInput}`,
-        },
-      },
-      schemaDirectives: {
-        ...authDirectives,
-      },
     });
   });
 
@@ -58,7 +44,7 @@ describe("Testing hasRole directive without handler overriding", () => {
   });
 
   it("should prevent accessing a query without the necessary roles", async () => {
-    (getDecodedToken as any) = jest.fn(() => ({ roles: ["INVALID_ROLE"] }));
+    (getDecodedToken as any) = jest.fn(() => ({ roles: ["ADMIN"] }));
     const res = await client.query({
       query: gql`
         query protectedQuery($data: TestInput!) {

tests/isAuthenticated.test.ts

@@ -0,0 +1,134 @@
+import { ApolloServerTestClient } from "apollo-server-testing";
+import gql from "graphql-tag";
+import jwt from "jsonwebtoken";
+
+import { createAuthDirectives } from "../src";
+import { createClient } from "./utils/createClient";
+
+describe("Testing isAuthenticated directive without handler overriding", () => {
+  let client: ApolloServerTestClient;
+
+  beforeAll(() => {
+    process.env.JWT_SECRET = "jest";
+    const token = jwt.sign({}, process.env.JWT_SECRET);
+    client = createClient(
+      {
+        typeDefs: gql`
+          input TestInput {
+            input: String!
+            protectedInput: String @isAuthenticated
+          }
+          type Query {
+            protectedQuery(data: TestInput!): String!
+          }
+          type Mutation {
+            protectedMutation(data: TestInput!): String! @isAuthenticated
+          }
+        `,
+      },
+      {
+        req: { headers: { authorization: `Bearer ${token}` } },
+      },
+    );
+  });
+
+  afterAll(() => {
+    delete process.env.JWT_SECRET;
+  });
+
+  it("should allow accessing a query's input authenticated", async () => {
+    const res = await client.query({
+      query: gql`
+        query protectedQuery($data: TestInput!) {
+          protectedQuery(data: $data)
+        }
+      `,
+      variables: {
+        data: {
+          input: "foo",
+        },
+      },
+    });
+
+    expect(res.data).toMatchSnapshot();
+  });
+
+  it("should allow accessing a mutation authenticated", async () => {
+    const res = await client.mutate({
+      mutation: gql`
+        mutation protectedMutation($data: TestInput!) {
+          protectedMutation(data: $data)
+        }
+      `,
+      variables: {
+        data: {
+          input: "foo",
+        },
+      },
+    });
+
+    expect(res.data).toMatchSnapshot();
+  });
+
+  it("should allow accessing a mutation's input authenticated", async () => {
+    const res = await client.mutate({
+      mutation: gql`
+        mutation protectedMutation($data: TestInput!) {
+          protectedMutation(data: $data)
+        }
+      `,
+      variables: {
+        data: {
+          input: "foo",
+          protectedInput: "bar",
+        },
+      },
+    });
+
+    expect(res.data).toMatchSnapshot();
+  });
+});
+
+describe("Testing isAuthenticated directive with handler overriding", () => {
+  let client: ApolloServerTestClient;
+
+  beforeAll(() => {
+    const authDirectives = createAuthDirectives({
+      isAuthenticatedHandler: ctx => {
+        throw new Error(`Authorization header: ${ctx.req.headers.authorization}`);
+      },
+    });
+    client = createClient(
+      {
+        typeDefs: gql`
+          type Query {
+            protectedQuery: String! @isAuthenticated
+          }
+        `,
+        resolvers: {
+          Query: {
+            protectedQuery: () => "Protected Query",
+          },
+        },
+        schemaDirectives: {
+          ...authDirectives,
+        },
+      },
+      {
+        req: { headers: { authorization: `Bearer TOKEN` } },
+      },
+    );
+  });
+
+  it("should override the isAuthenticated default handler correctly and throw an error", async () => {
+    const res = await client.query({
+      query: gql`
+        {
+          protectedQuery
+        }
+      `,
+    });
+
+    expect(res.errors).toMatchSnapshot();
+  });
+});

tests/utils/createClient.ts

@@ -1,18 +1,35 @@
 import { ApolloServer, makeExecutableSchema, IExecutableSchemaDefinition } from "apollo-server-express";
 import { ApolloServerTestClient, createTestClient } from "apollo-server-testing";
 
-import { authTypeDefs } from "../../src";
+import { authTypeDefs, createAuthDirectives } from "../../src";
 
-export const createClient = (schemaDefinition: IExecutableSchemaDefinition<any>): ApolloServerTestClient => {
+export const createClient = (
+  schemaDefinition: IExecutableSchemaDefinition<any>,
+  additionalContext?: any,
+): ApolloServerTestClient => {
+  const authDirectives = createAuthDirectives();
   const schema = makeExecutableSchema({
+    resolvers: {
+      Query: {
+        protectedQuery: (parent, args) =>
+          `@QUERY Input: ${args.data.input} Protected Input: ${args.data.protectedInput}`,
+      },
+      Mutation: {
+        protectedMutation: (parent, args) =>
+          `@MUTATION Input: ${args.data.input} Protected Input: ${args.data.protectedInput}`,
+      },
+    },
+    schemaDirectives: {
+      ...authDirectives,
+    },
     ...schemaDefinition,
     typeDefs: [schemaDefinition.typeDefs as any, authTypeDefs],
   });
   return createTestClient(
     new ApolloServer({
       schema,
       context(ctx) {
-        return { ...ctx };
+        return { ...ctx, ...additionalContext };
       },
     }),
   );