Add new test for http agent

Author: kamicut

.env.test

@@ -2,4 +2,5 @@ NEXTAUTH_URL=http://127.0.0.1:3000
 NEXTAUTH_SECRET=next-auth-cypress-secret
 DATABASE_URL=postgres://postgres:postgres@localhost:5434/osm-teams-test
 TESTING=true
-LOG_LEVEL=silent
+LOG_LEVEL=silent
+AUTH_URL=http://127.0.0.1:3000

src/pages/api/introspect.js

@@ -0,0 +1,24 @@
+const { decode } = require('next-auth/jwt')
+/**
+ * !! This function is only used for testing
+ * purposes, it mocks the hydra access token introspection
+ */
+export default async function handler(req, res) {
+  if (req.method === 'POST') {
+    // Process a POST request
+    const { token } = req.body
+    const decodedToken = await decode({
+      token,
+      secret: process.env.NEXT_AUTH_SECRET,
+    })
+
+    const result = {
+      active: true,
+      sub: decodedToken.userId,
+    }
+
+    res.status(200).json(result)
+  } else {
+    res.status(400)
+  }
+}

tests/api/team-api.test.js

@@ -4,9 +4,11 @@ const { resetDb, disconnectDb } = require('../utils/db-helpers')
 const createAgent = require('../utils/create-agent')
 
 let user1Agent
+let user1HttpAgent
 test.before(async () => {
   await resetDb()
   user1Agent = await createAgent({ id: 1 })
+  user1HttpAgent = await createAgent({ id: 1, http: true })
 })
 
 test.after.always(disconnectDb)
@@ -252,7 +254,13 @@ test('get my teams list', async (t) => {
       data: teams,
     },
   } = await user1Agent.get(`/api/my/teams`).expect(200)
+
   t.is(total, 2)
   t.is(teams[0].name, 'Team 1')
   t.is(teams[1].name, 'Team 2')
+
+  const httpApiResponse = await user1HttpAgent.get(`/api/my/teams`).expect(200)
+
+  // Has to be the same
+  t.deepEqual(httpApiResponse.body.data, teams)
 })

tests/utils/create-agent.js

@@ -1,13 +1,17 @@
+const logger = require('../../src/lib/logger')
 const getSessionToken = require('./get-session-token')
 
-async function createAgent(user) {
+async function createAgent(user, http = false) {
   const agent = require('supertest').agent('http://localhost:3000')
 
   if (user) {
     const encryptedToken = await getSessionToken(
       user,
       process.env.NEXTAUTH_SECRET
     )
+    if (http) {
+      agent.set('Authorization', `Bearer ${encryptedToken}`)
+    }
     agent.set('Cookie', [`next-auth.session-token=${encryptedToken}`])
   }
 

tests/utils/get-session-token.js

@@ -5,7 +5,7 @@ async function getSessionToken(userObj, secret) {
   const token = { ...userObj, userId: userObj.id }
 
   // Function logic derived from https://github.com/nextauthjs/next-auth/blob/5c1826a8d1f8d8c2d26959d12375704b0a693bfc/packages/next-auth/src/jwt/index.ts#L113-L121
-  const encryptionSecret = await await hkdf(
+  const encryptionSecret = await hkdf(
     'sha256',
     secret,
     '',