-
-
Notifications
You must be signed in to change notification settings - Fork 48
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(medusa-plugin-auth): added oauth2 as login strategy (#119)
- Loading branch information
1 parent
e95fe7b
commit 4dde834
Showing
11 changed files
with
770 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
191 changes: 191 additions & 0 deletions
191
...ges/medusa-plugin-auth/src/auth-strategies/oauth2/__tests__/admin/verify-callback.spec.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,191 @@ | ||
import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; | ||
import { OAuth2AdminStrategy } from '../../admin'; | ||
import { AUTH_PROVIDER_KEY } from '../../../../types'; | ||
import { OAUTH2_ADMIN_STRATEGY_NAME, OAuth2AuthOptions } from '../../types'; | ||
|
||
describe('OAuth2 admin strategy verify callback', function() { | ||
const existsEmail = '[email protected]'; | ||
const existsEmailWithProviderKey = '[email protected]'; | ||
const existsEmailWithWrongProviderKey = '[email protected]'; | ||
|
||
let container: MedusaContainer; | ||
let req: Request; | ||
let accessToken: string; | ||
let refreshToken: string; | ||
let profile: { emails: { value: string }[]; name?: { givenName?: string; familyName?: string } }; | ||
let oauth2AdminStrategy: OAuth2AdminStrategy; | ||
|
||
beforeEach(() => { | ||
profile = { | ||
emails: [{ value: existsEmail }], | ||
}; | ||
|
||
container = { | ||
resolve: (name: string) => { | ||
const container_ = { | ||
userService: { | ||
retrieveByEmail: jest.fn().mockImplementation(async (email: string) => { | ||
if (email === existsEmail) { | ||
return { | ||
id: 'test', | ||
}; | ||
} | ||
|
||
if (email === existsEmailWithProviderKey) { | ||
return { | ||
id: 'test2', | ||
metadata: { | ||
[AUTH_PROVIDER_KEY]: OAUTH2_ADMIN_STRATEGY_NAME, | ||
}, | ||
}; | ||
} | ||
|
||
if (email === existsEmailWithWrongProviderKey) { | ||
return { | ||
id: 'test3', | ||
metadata: { | ||
[AUTH_PROVIDER_KEY]: 'fake_provider_key', | ||
}, | ||
}; | ||
} | ||
|
||
return; | ||
}), | ||
}, | ||
}; | ||
|
||
return container_[name]; | ||
}, | ||
} as MedusaContainer; | ||
}); | ||
|
||
describe('when strict is set to admin', function() { | ||
beforeEach(() => { | ||
oauth2AdminStrategy = new OAuth2AdminStrategy( | ||
container, | ||
{} as ConfigModule, | ||
{ | ||
authorizationURL: 'http://localhost', | ||
tokenURL: 'http://localhost', | ||
clientID: 'fake', | ||
clientSecret: 'fake', | ||
admin: {}, | ||
} as OAuth2AuthOptions, | ||
'admin', | ||
); | ||
}); | ||
|
||
afterEach(() => { | ||
jest.clearAllMocks(); | ||
}); | ||
|
||
it('should succeed', async () => { | ||
profile = { | ||
emails: [{ value: existsEmailWithProviderKey }], | ||
}; | ||
|
||
const data = await oauth2AdminStrategy.validate(req, accessToken, refreshToken, profile); | ||
expect(data).toEqual( | ||
expect.objectContaining({ | ||
id: 'test2', | ||
}), | ||
); | ||
}); | ||
|
||
it('should fail when a user exists without the auth provider metadata', async () => { | ||
profile = { | ||
emails: [{ value: existsEmail }], | ||
}; | ||
|
||
const err = await oauth2AdminStrategy.validate(req, accessToken, refreshToken, profile).catch((err) => err); | ||
expect(err).toEqual(new Error(`Admin with email ${existsEmail} already exists`)); | ||
}); | ||
|
||
it('should fail when a user exists with the wrong auth provider key', async () => { | ||
profile = { | ||
emails: [{ value: existsEmailWithWrongProviderKey }], | ||
}; | ||
|
||
const err = await oauth2AdminStrategy.validate(req, accessToken, refreshToken, profile).catch((err) => err); | ||
expect(err).toEqual(new Error(`Admin with email ${existsEmailWithWrongProviderKey} already exists`)); | ||
}); | ||
|
||
it('should fail when the user does not exist', async () => { | ||
profile = { | ||
emails: [{ value: 'fake' }], | ||
}; | ||
|
||
const err = await oauth2AdminStrategy.validate(req, accessToken, refreshToken, profile).catch((err) => err); | ||
expect(err).toEqual(new Error(`Unable to authenticate the user with the email fake`)); | ||
}); | ||
}); | ||
|
||
describe('when strict is set for store only', function() { | ||
beforeEach(() => { | ||
oauth2AdminStrategy = new OAuth2AdminStrategy( | ||
container, | ||
{} as ConfigModule, | ||
{ | ||
authorizationURL: 'http://localhost', | ||
tokenURL: 'http://localhost', | ||
clientID: 'fake', | ||
clientSecret: 'fake', | ||
admin: {}, | ||
} as OAuth2AuthOptions, | ||
'store', | ||
); | ||
}); | ||
|
||
afterEach(() => { | ||
jest.clearAllMocks(); | ||
}); | ||
|
||
it('should succeed', async () => { | ||
profile = { | ||
emails: [{ value: existsEmailWithProviderKey }], | ||
}; | ||
|
||
const data = await oauth2AdminStrategy.validate(req, accessToken, refreshToken, profile); | ||
expect(data).toEqual( | ||
expect.objectContaining({ | ||
id: 'test2', | ||
}), | ||
); | ||
}); | ||
|
||
it('should succeed when a user exists without the auth provider metadata', async () => { | ||
profile = { | ||
emails: [{ value: existsEmail }], | ||
}; | ||
|
||
const data = await oauth2AdminStrategy.validate(req, accessToken, refreshToken, profile); | ||
expect(data).toEqual( | ||
expect.objectContaining({ | ||
id: 'test', | ||
}), | ||
); | ||
}); | ||
|
||
it('should succeed when a user exists with the wrong auth provider key', async () => { | ||
profile = { | ||
emails: [{ value: existsEmailWithWrongProviderKey }], | ||
}; | ||
|
||
const data = await oauth2AdminStrategy.validate(req, accessToken, refreshToken, profile); | ||
expect(data).toEqual( | ||
expect.objectContaining({ | ||
id: 'test3', | ||
}), | ||
); | ||
}); | ||
|
||
it('should fail when the user does not exist', async () => { | ||
profile = { | ||
emails: [{ value: 'fake' }], | ||
}; | ||
|
||
const err = await oauth2AdminStrategy.validate(req, accessToken, refreshToken, profile).catch((err) => err); | ||
expect(err).toEqual(new Error(`Unable to authenticate the user with the email fake`)); | ||
}); | ||
}); | ||
}); |
Oops, something went wrong.
4dde834
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Successfully deployed to the following URLs:
medusa-plugins – ./
medusa-plugins.vercel.app
medusa-plugins-git-main-adrien2p.vercel.app
medusa-plugins-adrien2p.vercel.app