Initial JWT auth implementation

packages/client-common/__tests__/integration/auth.test.ts

@@ -1,23 +1,25 @@
 import { type ClickHouseClient } from '@clickhouse/client-common'
 import { createSimpleTable } from '@test/fixtures/simple_table'
-import { getAuthFromEnv } from '@test/utils/env'
+import { EnvKeys, getAuthFromEnv, getFromEnv } from '@test/utils/env'
 import { createTestClient, guid } from '../utils'
 
 describe('authentication', () => {
-  let client: ClickHouseClient
+  let invalidAuthClient: ClickHouseClient
   beforeEach(() => {
-    client = createTestClient({
-      username: 'gibberish',
-      password: 'gibberish',
+    invalidAuthClient = createTestClient({
+      auth: {
+        username: 'gibberish',
+        password: 'gibberish',
+      },
     })
   })
   afterEach(async () => {
-    await client.close()
+    await invalidAuthClient.close()
   })
 
   it('provides authentication error details', async () => {
     await expectAsync(
-      client.query({
+      invalidAuthClient.query({
         query: 'SELECT number FROM system.numbers LIMIT 3',
       }),
     ).toBeRejectedWith(
@@ -51,13 +53,13 @@ describe('authentication', () => {
     it('should with with insert and select', async () => {
       tableName = `simple_table_${guid()}`
       await createSimpleTable(defaultClient, tableName)
-      await client.insert({
+      await invalidAuthClient.insert({
         table: tableName,
         format: 'JSONEachRow',
         values,
         auth,
       })
-      const rs = await client.query({
+      const rs = await invalidAuthClient.query({
         query: `SELECT * FROM ${tableName} ORDER BY id ASC`,
         format: 'JSONEachRow',
         auth,
@@ -68,11 +70,11 @@ describe('authentication', () => {
     it('should work with command and select', async () => {
       tableName = `simple_table_${guid()}`
       await createSimpleTable(defaultClient, tableName)
-      await client.command({
+      await invalidAuthClient.command({
         query: `INSERT INTO ${tableName} VALUES (1, 'foo', [3, 4])`,
         auth,
       })
-      const rs = await client.query({
+      const rs = await invalidAuthClient.query({
         query: `SELECT * FROM ${tableName} ORDER BY id ASC`,
         format: 'JSONEachRow',
         auth,
@@ -81,7 +83,7 @@ describe('authentication', () => {
     })
 
     it('should work with exec', async () => {
-      const { stream } = await client.exec({
+      const { stream } = await invalidAuthClient.exec({
         query: 'SELECT 42, 144 FORMAT CSV',
         auth,
       })
@@ -94,4 +96,46 @@ describe('authentication', () => {
       expect(result).toEqual('42,144\n')
     })
   })
+
+  // FIXME
+  describe('JWT auth', () => {
+    let jwtClient: ClickHouseClient
+    const accessToken = getFromEnv(EnvKeys.jwt_access_token)
+
+    afterEach(async () => {
+      await jwtClient.close()
+    })
+
+    it('should work with client configuration', async () => {
+      jwtClient = createTestClient({
+        url: `https://${getFromEnv(EnvKeys.host)}:8443`,
+        auth: {
+          access_token: accessToken,
+        },
+      })
+      const rs = await jwtClient.query({
+        query: 'SELECT 42 AS result',
+        format: 'JSONEachRow',
+      })
+      expect(await rs.json()).toEqual([{ result: 42 }])
+    })
+
+    it('should override the client instance auth', async () => {
+      jwtClient = createTestClient({
+        url: `https://${getFromEnv(EnvKeys.host)}:8443`,
+        auth: {
+          username: 'gibberish',
+          password: 'gibberish',
+        },
+      })
+      const rs = await jwtClient.query({
+        query: 'SELECT 42 AS result',
+        format: 'JSONEachRow',
+        auth: {
+          access_token: accessToken,
+        },
+      })
+      expect(await rs.json()).toEqual([{ result: 42 }])
+    })
+  })
 })