Projektstart

2026-01-22 15:49:12 +01:00
parent 7212eb6f7a
commit 57e5f652f8
10637 changed files with 2598792 additions and 64 deletions
--- a/backend/node_modules/@fastify/jwt/test/options.test.js
+++ b/backend/node_modules/@fastify/jwt/test/options.test.js
@@ -0,0 +1,147 @@
+'use strict'
+
+const { test } = require('node:test')
+const Fastify = require('fastify')
+const jwt = require('../jwt')
+const { AssertionError } = require('node:assert')
+
+test('Options validation', async function (t) {
+  t.plan(3)
+
+  await t.test('Options are required', async function (t) {
+    t.plan(1)
+
+    const fastify = Fastify()
+    await t.assert.rejects(() => fastify.register(jwt).ready(), new AssertionError({ expected: true, operator: '==', message: 'missing secret' }))
+  })
+
+  await t.test('Request method aliases', async function (t) {
+    t.plan(6)
+
+    await t.test('jwtDecode fail', async function (t) {
+      t.plan(1)
+
+      const fastify = Fastify()
+      await t.assert.rejects(() => fastify.register(jwt, {
+        secret: 'sec',
+        jwtDecode: true
+      }).ready(), new AssertionError({ expected: true, operator: '==', message: 'Invalid options.jwtDecode', actual: false }))
+    })
+
+    await t.test('jwtDecode success', async function (t) {
+      const fastify = Fastify()
+      await fastify.register(jwt, {
+        secret: 'sec',
+        jwtDecode: 'hello'
+      })
+    })
+
+    await t.test('jwtVerify fail', async function (t) {
+      t.plan(1)
+
+      const fastify = Fastify()
+
+      await t.assert.rejects(() => fastify.register(jwt, {
+        secret: 'sec',
+        jwtVerify: 123
+      }).ready(), new AssertionError({ expected: true, operator: '==', message: 'Invalid options.jwtVerify', actual: false }))
+    })
+
+    await t.test('jwtVerify success', async function (t) {
+      const fastify = Fastify()
+      await fastify.register(jwt, {
+        secret: 'sec',
+        jwtVerify: String('hello')
+      }).ready()
+    })
+
+    await t.test('jwtSign fail', async function (t) {
+      t.plan(1)
+
+      const fastify = Fastify()
+      await t.assert.rejects(() => fastify.register(jwt, {
+        secret: 'sec',
+        jwtSign: {}
+      }).ready(), new AssertionError({ expected: true, operator: '==', message: 'Invalid options.jwtSign', actual: false }))
+    })
+
+    await t.test('jwtSign success', async function (t) {
+      const fastify = Fastify()
+      await fastify.register(jwt, {
+        secret: 'sec',
+        jwtSign: ''
+      }).ready()
+    })
+  })
+
+  await t.test('Secret formats', async function (t) {
+    t.plan(2)
+
+    await t.test('RS/ES algorithm in sign options and secret as string', async function (t) {
+      t.plan(2)
+
+      await t.test('RS algorithm (Must return an error)', async function (t) {
+        t.plan(1)
+
+        const fastify = Fastify()
+        await t.assert.rejects(() => fastify.register(jwt, {
+          secret: 'test',
+          sign: {
+            algorithm: 'RS256',
+            aud: 'Some audience',
+            iss: 'Some issuer',
+            sub: 'Some subject'
+          }
+        }).ready(), new Error('RSA Signatures set as Algorithm in the options require a private and public key to be set as the secret'))
+      })
+
+      await t.test('ES algorithm (Must return an error)', async function (t) {
+        t.plan(1)
+        const fastify = Fastify()
+        await t.assert.rejects(() => fastify.register(jwt, {
+          secret: 'test',
+          sign: {
+            algorithm: 'ES256',
+            aud: 'Some audience',
+            iss: 'Some issuer',
+            sub: 'Some subject'
+          }
+        }).ready(), new Error('ECDSA Signatures set as Algorithm in the options require a private and public key to be set as the secret'))
+      })
+    })
+
+    await t.test('RS/ES algorithm in sign options and secret as a Buffer', async function (t) {
+      t.plan(2)
+
+      await t.test('RS algorithm (Must return an error)', async function (t) {
+        t.plan(1)
+
+        const fastify = Fastify()
+        await t.assert.rejects(() => fastify.register(jwt, {
+          secret: Buffer.from('some secret', 'base64'),
+          sign: {
+            algorithm: 'RS256',
+            aud: 'Some audience',
+            iss: 'Some issuer',
+            sub: 'Some subject'
+          }
+        }).ready(), new Error('RSA Signatures set as Algorithm in the options require a private and public key to be set as the secret'))
+      })
+
+      await t.test('ES algorithm (Must return an error)', async function (t) {
+        t.plan(1)
+        const fastify = Fastify()
+
+        await t.assert.rejects(() => fastify.register(jwt, {
+          secret: Buffer.from('some secret', 'base64'),
+          sign: {
+            algorithm: 'ES256',
+            aud: 'Some audience',
+            iss: 'Some issuer',
+            sub: 'Some subject'
+          }
+        }).ready(), new Error('ECDSA Signatures set as Algorithm in the options require a private and public key to be set as the secret'))
+      })
+    })
+  })
+})