diff options
Diffstat (limited to 'node_modules/needle/test/basic_auth_spec.js')
| -rw-r--r-- | node_modules/needle/test/basic_auth_spec.js | 196 |
1 files changed, 196 insertions, 0 deletions
diff --git a/node_modules/needle/test/basic_auth_spec.js b/node_modules/needle/test/basic_auth_spec.js new file mode 100644 index 0000000..343f1db --- /dev/null +++ b/node_modules/needle/test/basic_auth_spec.js @@ -0,0 +1,196 @@ +var helpers = require('./helpers'), + should = require('should'), + needle = require('./../'), + server; + +var port = 7707; + +describe('Basic Auth', function() { + + before(function(done) { + server = helpers.server({ port: port }, done); + }) + + after(function(done) { + server.close(done); + }) + + ///////////////// helpers + + var get_auth = function(header) { + var token = header.split(/\s+/).pop(); + return token && Buffer.from(token, 'base64').toString().split(':'); + } + + describe('when neither username or password are passed', function() { + + it('doesnt send any Authorization headers', function(done) { + needle.get('localhost:' + port, { parse: true }, function(err, resp) { + var sent_headers = resp.body.headers; + Object.keys(sent_headers).should.not.containEql('authorization'); + done(); + }) + }) + + }) + + describe('when username is an empty string, and password is a valid string', function() { + + var opts = { username: '', password: 'foobar', parse: true }; + + it('doesnt send any Authorization headers', function(done) { + needle.get('localhost:' + port, { parse: true }, function(err, resp) { + var sent_headers = resp.body.headers; + Object.keys(sent_headers).should.not.containEql('authorization'); + done(); + }) + }) + + }); + + describe('when username is a valid string, but no username is passed', function() { + + var opts = { username: 'foobar', parse: true }; + + it('sends Authorization header', function(done) { + needle.get('localhost:' + port, opts, function(err, resp) { + var sent_headers = resp.body.headers; + Object.keys(sent_headers).should.containEql('authorization'); + done(); + }) + }) + + it('Basic Auth only includes username, without colon', function(done) { + needle.get('localhost:' + port, opts, function(err, resp) { + var sent_headers = resp.body.headers; + var auth = get_auth(sent_headers['authorization']); + auth[0].should.equal('foobar'); + auth.should.have.lengthOf(1); + done(); + }) + }) + + }) + + describe('when username is a valid string, and password is null', function() { + + var opts = { username: 'foobar', password: null, parse: true }; + + it('sends Authorization header', function(done) { + needle.get('localhost:' + port, opts, function(err, resp) { + var sent_headers = resp.body.headers; + Object.keys(sent_headers).should.containEql('authorization'); + done(); + }) + }) + + it('Basic Auth only includes both username and password', function(done) { + needle.get('localhost:' + port, opts, function(err, resp) { + var sent_headers = resp.body.headers; + var auth = get_auth(sent_headers['authorization']); + auth[0].should.equal('foobar'); + auth[1].should.equal(''); + done(); + }) + }) + + }) + + describe('when username is a valid string, and password is an empty string', function() { + + var opts = { username: 'foobar', password: '', parse: true }; + + it('sends Authorization header', function(done) { + needle.get('localhost:' + port, opts, function(err, resp) { + var sent_headers = resp.body.headers; + Object.keys(sent_headers).should.containEql('authorization'); + done(); + }) + }) + + it('Basic Auth only includes both username and password', function(done) { + needle.get('localhost:' + port, opts, function(err, resp) { + var sent_headers = resp.body.headers; + var auth = get_auth(sent_headers['authorization']); + auth[0].should.equal('foobar'); + auth[1].should.equal(''); + auth.should.have.lengthOf(2); + done(); + }) + }) + + }) + + describe('when username AND password are non empty strings', function() { + + var opts = { username: 'foobar', password: 'jakub', parse: true }; + + it('sends Authorization header', function(done) { + needle.get('localhost:' + port, opts, function(err, resp) { + var sent_headers = resp.body.headers; + Object.keys(sent_headers).should.containEql('authorization'); + done(); + }) + }) + + it('Basic Auth only includes both user and password', function(done) { + needle.get('localhost:' + port, opts, function(err, resp) { + var sent_headers = resp.body.headers; + var auth = get_auth(sent_headers['authorization']); + auth[0].should.equal('foobar'); + auth[1].should.equal('jakub'); + auth.should.have.lengthOf(2); + done(); + }) + }) + + }) + + describe('URL with @ but not username/pass', function() { + it('doesnt send Authorization header', function(done) { + var url = 'localhost:' + port + '/abc/@def/xyz.zip'; + + needle.get(url, {}, function(err, resp) { + var sent_headers = resp.body.headers; + Object.keys(sent_headers).should.not.containEql('authorization'); + done(); + }) + }) + + it('sends user:pass headers if passed via options', function(done) { + var url = 'localhost:' + port + '/abc/@def/xyz.zip'; + + needle.get(url, { username: 'foo' }, function(err, resp) { + var sent_headers = resp.body.headers; + Object.keys(sent_headers).should.containEql('authorization'); + sent_headers['authorization'].should.eql('Basic Zm9v') + done(); + }) + }) + }) + + describe('when username/password are included in URL', function() { + var opts = { parse: true }; + + it('sends Authorization header', function(done) { + needle.get('foobar:jakub@localhost:' + port, opts, function(err, resp) { + var sent_headers = resp.body.headers; + Object.keys(sent_headers).should.containEql('authorization'); + done(); + }) + }) + + it('Basic Auth only includes both user and password', function(done) { + needle.get('foobar:jakub@localhost:' + port, opts, function(err, resp) { + var sent_headers = resp.body.headers; + var auth = get_auth(sent_headers['authorization']); + auth[0].should.equal('foobar'); + auth[1].should.equal('jakub'); + auth.should.have.lengthOf(2); + done(); + }) + }) + + }) + +}) |