scope tests

Author: felixheck

test/_helpers.js

@@ -61,6 +61,21 @@ function registerRoutes (server) {
     {
       method: 'GET',
       path: '/role',
+      config: {
+        auth: {
+          strategies: ['keycloak-jwt'],
+          access: {
+            scope: ['editor']
+          }
+        },
+        handler (req, reply) {
+          reply({ foo: 42 })
+        }
+      }
+    },
+    {
+      method: 'GET',
+      path: '/role/guest',
       config: {
         auth: {
           strategies: ['keycloak-jwt'],
@@ -109,11 +124,7 @@ function registerPlugin (server, options = defaults, done = () => {}) {
 function getServer (options, done) {
   const server = new hapi.Server()
 
-  server.connection({
-    host: '127.0.0.1',
-    port: 1337
-  })
-
+  server.connection()
   server.initialize((err) => {
     if (err) throw err
 

test/index.spec.js

@@ -66,7 +66,7 @@ test.cb.serial('authentication does succeed – cached', (t) => {
   })
 })
 
-test.cb.serial('authentication does fail – invalid roles', (t) => {
+test.cb.serial('authentication does success – valid roles', (t) => {
   prototypes.stub('validateAccessToken', fixtures.validation)
   prototypes.stub('userInfo', fixtures.userInfo)
 
@@ -75,7 +75,26 @@ test.cb.serial('authentication does fail – invalid roles', (t) => {
       method: 'GET',
       url: '/role',
       headers: {
-        authorization: `bearer ${fixtures.jwt.content}`
+        authorization: `bearer ${fixtures.jwt.userData}`
+      }
+    }, (res) => {
+      t.truthy(res)
+      t.is(res.statusCode, 200)
+      t.end()
+    })
+  })
+})
+
+test.cb.serial('authentication does fail – invalid roles', (t) => {
+  prototypes.stub('validateAccessToken', fixtures.validation)
+  prototypes.stub('userInfo', fixtures.userInfo)
+
+  helpers.getServer(undefined, (server) => {
+    server.inject({
+      method: 'GET',
+      url: '/role/guest',
+      headers: {
+        authorization: `bearer ${fixtures.jwt.userData}`
       }
     }, (res) => {
       t.truthy(res)