-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathsecurity.test.js
55 lines (50 loc) · 2.18 KB
/
security.test.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import { once } from "node:events";
import { WebSocket } from "ws";
import { describe, beforeEach, afterEach, expect, jest } from "@jest/globals";
import { Channel } from "#src/models/channel.js";
import { WS_CLOSE_CODE } from "#src/shared/enums.js";
import { timeouts } from "#src/config.js";
import { LocalNetwork } from "#tests/utils/network.js";
const HTTP_INTERFACE = "0.0.0.0";
const PORT = 62348;
describe("Security", () => {
/** @type {LocalNetwork} */
let network;
beforeEach(async () => {
network = new LocalNetwork();
await network.start(HTTP_INTERFACE, PORT);
jest.useFakeTimers();
});
afterEach(() => {
network.close();
jest.useRealTimers();
});
test("Authentication fails with wrong JWT", async () => {
const channelUUID = await network.getChannelUUID();
const channel = Channel.records.get(channelUUID);
network.makeJwt = () => "wrong-JWT";
await expect(network.connect(channelUUID, 54)).rejects.toThrow();
expect(channel.sessions.size).toBe(0);
});
test("Websocket does timeout if the authentication process is not started", async () => {
jest.spyOn(global, "setTimeout");
const websocket = new WebSocket(`ws://${HTTP_INTERFACE}:${PORT}`);
await once(websocket, "open");
jest.advanceTimersByTime(timeouts.authentication + 100);
const [event] = await once(websocket, "close");
expect(event).toBe(WS_CLOSE_CODE.TIMEOUT);
});
test("cannot use the default jwt key to access a keyed channel", async () => {
const channelUUID = await network.getChannelUUID({ key: "channel-specific-key" });
const channel = Channel.records.get(channelUUID);
await expect(network.connect(channelUUID, 3)).rejects.toThrow();
expect(channel.sessions.size).toBe(0);
});
test("can join a keyed channel with the appropriate key", async () => {
const key = "channel-specific-key";
const channelUUID = await network.getChannelUUID({ key });
const channel = Channel.records.get(channelUUID);
await network.connect(channelUUID, 4, { key });
expect(channel.sessions.size).toBe(1);
});
});