Skip to content

Commit

Permalink
Adjust ValidateAndDecodeToken UTs
Browse files Browse the repository at this point in the history
  • Loading branch information
@sashaCher
sashaCher committed Aug 9, 2021
1 parent bdd7a81 commit c4eedc7
Showing 1 changed file with 146 additions and 50 deletions.
196 changes: 146 additions & 50 deletions ...app/domain/authentication/authn-jwt/validate_and_decode/validate_and_decode_token_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,17 @@
)
}

let(:mocked_signing_key_interface_factory_valid) { double("MockedSigningKeyInterfaceFactoryValid") }
let(:mocked_signing_key_interface_factory_invalid) { double("MockedSigningKeyInterfaceFactoryInvalid") }
let(:mocked_signing_key_interface_factory_failed) { double("MockedSigningKeyInterfaceFactoryFailed") }

let(:signing_key_interface_factory_error) { "signing key interface factory error" }

let(:mocked_fetch_signing_key_interface_valid) { double("MockedSigningKeyInterfaceValid") }
let(:mocked_fetch_signing_key_interface_failed) { double("MockedSigningKeyInterfaceFailed") }

let(:fetch_signing_key_interface_error) { "fetch signing key interface error" }

let(:mocked_fetch_signing_key_failed_on_1st_time) { double("MockedFetchSigningKeyInvalid") }
let(:mocked_fetch_signing_key_failed_on_2nd_time) { double("MockedFetchSigningKeyInvalid") }
let(:mocked_fetch_signing_key_always_succeed) { double("MockedFetchSigningKey") }
Expand All @@ -67,6 +78,8 @@ def valid_decoded_token(claims)
token_dictionary
end

let(:valid_signing_key_uri) { "http://valid_signing_key_uri" }

let(:jwks_from_1st_call) { " jwks from 1st call "}
let(:jwks_from_2nd_call) { " jwks from 2nd call "}
let(:verification_options_for_signature_only_1st_call) {
Expand Down Expand Up @@ -123,28 +136,68 @@ def valid_decoded_token(claims)
let(:mocked_verify_and_decode_token_succeed_to_validate_claims_when_keys_updated) { double("MockedVerifyAndDecodeTokenSucceedToValidateClaims") }

before(:each) do
allow(mocked_fetch_signing_key_interface_valid).to(
receive(:signing_key_uri).and_return(valid_signing_key_uri)
)

allow(mocked_signing_key_interface_factory_valid).to(
receive(:call).and_return(mocked_fetch_signing_key_interface_valid)
)

allow(mocked_fetch_signing_key_interface_failed).to(
receive(:signing_key_uri).and_raise(fetch_signing_key_interface_error)
)

allow(mocked_signing_key_interface_factory_invalid).to(
receive(:call).and_return(mocked_fetch_signing_key_interface_failed)
)

allow(mocked_signing_key_interface_factory_failed).to(
receive(:call).and_raise(signing_key_interface_factory_error)
)

allow(mocked_fetch_signing_key_failed_on_1st_time).to(
receive(:call).with(refresh: false).and_raise(fetch_signing_key_1st_time_error)
receive(:call).with(
refresh: false,
cache_key: anything(),
signing_key_interface: anything()
).and_raise(fetch_signing_key_1st_time_error)
)

allow(mocked_fetch_signing_key_failed_on_2nd_time).to(
receive(:call).with(refresh: false).and_return(jwks_from_2nd_call)
receive(:call).with(
refresh: false,
cache_key: anything(),
signing_key_interface: anything()
).and_return(jwks_from_2nd_call)
)

allow(mocked_fetch_signing_key_failed_on_2nd_time).to(
receive(:call).with(refresh: true).and_raise(fetch_signing_key_2nd_time_error)
receive(:call).with(
refresh: true,
cache_key: anything(),
signing_key_interface: anything()
).and_raise(fetch_signing_key_2nd_time_error)
)

allow(mocked_verify_and_decode_token_invalid).to(
receive(:call).and_raise(verify_and_decode_token_error)
)

allow(mocked_fetch_signing_key_always_succeed).to(
receive(:call).with(refresh: false).and_return(jwks_from_1st_call)
receive(:call).with(
refresh: false,
cache_key: anything(),
signing_key_interface: anything()
).and_return(jwks_from_1st_call)
)

allow(mocked_fetch_signing_key_always_succeed).to(
receive(:call).with(refresh: true).and_return(jwks_from_2nd_call)
receive(:call).with(
refresh: true,
cache_key: anything(),
signing_key_interface: anything()
).and_return(jwks_from_2nd_call)
)

allow(mocked_verify_and_decode_token_succeed_on_1st_time).to(
Expand Down Expand Up @@ -266,8 +319,7 @@ def valid_decoded_token(claims)
context "with nil value" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new().call(
authentication_parameters: authentication_parameters_with_nil_token,
fetch_signing_key: ::Authentication::AuthnJwt::SigningKey::FetchSigningKeyInterface
authentication_parameters: authentication_parameters_with_nil_token
)
end

Expand All @@ -279,8 +331,7 @@ def valid_decoded_token(claims)
context "with empty value" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new().call(
authentication_parameters: authentication_parameters_with_empty_token,
fetch_signing_key: ::Authentication::AuthnJwt::SigningKey::FetchSigningKeyInterface
authentication_parameters: authentication_parameters_with_empty_token
)
end

Expand All @@ -291,15 +342,49 @@ def valid_decoded_token(claims)
end

context "Failed to fetch keys" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new().call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_failed_on_1st_time
)
context "When error is during signing key factory call" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_failed_on_1st_time,
signing_key_interface_factory: mocked_signing_key_interface_factory_failed
).call(
authentication_parameters: authentication_parameters_with_valid_token
)
end

it "raises an error" do
expect { subject }.to raise_error(signing_key_interface_factory_error)
end
end

context "When error is during signing_key_uri call" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_failed_on_1st_time,
signing_key_interface_factory: mocked_signing_key_interface_factory_invalid
).call(
authentication_parameters: authentication_parameters_with_valid_token
)
end

it "raises an error" do
expect { subject }.to raise_error(fetch_signing_key_interface_error)
end
end

it "raises an error" do
expect { subject }.to raise_error(fetch_signing_key_1st_time_error)
context "When error is during fetching from cache" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_failed_on_1st_time,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token
)
end

it "raises an error" do
expect { subject }.to raise_error(fetch_signing_key_1st_time_error)
end
end
end

Expand All @@ -308,10 +393,11 @@ def valid_decoded_token(claims)
context "and failed to fetch keys from provider" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
verify_and_decode_token: mocked_verify_and_decode_token_invalid
fetch_signing_key_from_cache: mocked_fetch_signing_key_failed_on_2nd_time,
verify_and_decode_token: mocked_verify_and_decode_token_invalid,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_failed_on_2nd_time
authentication_parameters: authentication_parameters_with_valid_token
)
end

Expand All @@ -323,10 +409,11 @@ def valid_decoded_token(claims)
context "and succeed to fetch keys from provider" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
verify_and_decode_token: mocked_verify_and_decode_token_invalid
fetch_signing_key_from_cache: mocked_fetch_signing_key_always_succeed,
verify_and_decode_token: mocked_verify_and_decode_token_invalid,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_always_succeed
authentication_parameters: authentication_parameters_with_valid_token
)
end

Expand All @@ -340,12 +427,13 @@ def valid_decoded_token(claims)
context "and keys are not updated" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_always_succeed,
verify_and_decode_token: mocked_verify_and_decode_token_succeed_on_2nd_time,
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_valid,
get_verification_option_by_jwt_claim: mocked_get_verification_option_by_jwt_claim_valid,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_always_succeed
authentication_parameters: authentication_parameters_with_valid_token
)
end

Expand All @@ -357,12 +445,13 @@ def valid_decoded_token(claims)
context "and keys are updated" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_always_succeed,
verify_and_decode_token: mocked_verify_and_decode_token_succeed_on_1st_time,
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_valid,
get_verification_option_by_jwt_claim: mocked_get_verification_option_by_jwt_claim_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_always_succeed
get_verification_option_by_jwt_claim: mocked_get_verification_option_by_jwt_claim_valid,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token
)
end

Expand All @@ -378,11 +467,12 @@ def valid_decoded_token(claims)
context "and failed to fetch enforced claims" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_always_succeed,
verify_and_decode_token: mocked_verify_and_decode_token_succeed_on_1st_time,
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_invalid
).call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_always_succeed
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_invalid,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token
)
end

Expand All @@ -395,11 +485,12 @@ def valid_decoded_token(claims)
context "with empty claims list to validate" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_always_succeed,
verify_and_decode_token: mocked_verify_and_decode_token_succeed_on_1st_time,
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_with_empty_claims
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_with_empty_claims,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_always_succeed,
authentication_parameters: authentication_parameters_with_valid_token
)
end

Expand All @@ -411,11 +502,12 @@ def valid_decoded_token(claims)
context "with mandatory claims which do not exist in token" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_always_succeed,
verify_and_decode_token: mocked_verify_and_decode_token_succeed_on_1st_time,
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_with_not_exist_claims_in_token
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_with_not_exist_claims_in_token,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_always_succeed
authentication_parameters: authentication_parameters_with_valid_token
)
end

Expand All @@ -427,12 +519,13 @@ def valid_decoded_token(claims)
context "and failed to get verification options" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_always_succeed,
verify_and_decode_token: mocked_verify_and_decode_token_succeed_on_1st_time,
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_valid,
get_verification_option_by_jwt_claim: mocked_get_verification_option_by_jwt_claim_invalid
get_verification_option_by_jwt_claim: mocked_get_verification_option_by_jwt_claim_invalid,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_always_succeed
authentication_parameters: authentication_parameters_with_valid_token
)
end

Expand All @@ -451,12 +544,13 @@ def valid_decoded_token(claims)
context "and failed to validate claims" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_always_succeed,
verify_and_decode_token: mocked_verify_and_decode_token_failed_to_validate_claims,
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_valid,
get_verification_option_by_jwt_claim: mocked_get_verification_option_by_jwt_claim_valid
get_verification_option_by_jwt_claim: mocked_get_verification_option_by_jwt_claim_valid,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_always_succeed
authentication_parameters: authentication_parameters_with_valid_token
)
end

Expand All @@ -469,12 +563,13 @@ def valid_decoded_token(claims)
context "and keys are not updated" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_always_succeed,
verify_and_decode_token: mocked_verify_and_decode_token_succeed_to_validate_claims_when_keys_not_updated,
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_valid,
get_verification_option_by_jwt_claim: mocked_get_verification_option_by_jwt_claim_valid
get_verification_option_by_jwt_claim: mocked_get_verification_option_by_jwt_claim_valid,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_always_succeed
authentication_parameters: authentication_parameters_with_valid_token
)
end

Expand All @@ -486,12 +581,13 @@ def valid_decoded_token(claims)
context "and keys are updated" do
subject do
::Authentication::AuthnJwt::ValidateAndDecode::ValidateAndDecodeToken.new(
fetch_signing_key_from_cache: mocked_fetch_signing_key_always_succeed,
verify_and_decode_token: mocked_verify_and_decode_token_succeed_to_validate_claims_when_keys_updated,
fetch_jwt_claims_to_validate: mocked_fetch_jwt_claims_to_validate_valid,
get_verification_option_by_jwt_claim: mocked_get_verification_option_by_jwt_claim_valid
get_verification_option_by_jwt_claim: mocked_get_verification_option_by_jwt_claim_valid,
signing_key_interface_factory: mocked_signing_key_interface_factory_valid
).call(
authentication_parameters: authentication_parameters_with_valid_token,
fetch_signing_key: mocked_fetch_signing_key_always_succeed
authentication_parameters: authentication_parameters_with_valid_token
)
end

Expand Down

0 comments on commit c4eedc7

Please sign in to comment.