for #738: tests for revokeOAuthToken
This commit is contained in:
Luke Crouch
Родитель
1a26d3c0e2
Коммит
3e18c45ffc
|
|
@ -117,7 +117,6 @@ async function postUnsubscribe(req, res) {
|
|||
throw new FluentError("user-unsubscribe-token-email-error");
|
||||
}
|
||||
const unsubscribedUser = await DB.removeSubscriberByToken(req.body.token, req.body.emailHash);
|
||||
// FIXME: Should this happen before or after we delete from the DB?
|
||||
await FXA.revokeOAuthToken(unsubscribedUser.fxa_refresh_token);
|
||||
|
||||
// if user backs into unsubscribe page and clicks "unsubscribe" again
|
||||
|
|
|
|||
|
|
@ -12,8 +12,9 @@ exports.seed = function(knex) {
|
|||
{
|
||||
sha1: getSha1("firefoxaccount@test.com"),
|
||||
email: "firefoxaccount@test.com",
|
||||
verification_token: "",
|
||||
verification_token: "0e2cb147-2041-4e5b-8ca9-494e773b2cf1",
|
||||
verified: true,
|
||||
fxa_refresh_token: "4a4792b89434153f1a6262fbd6a4510c00834ff842585fc4f4d972da158f0fc1",
|
||||
},
|
||||
{
|
||||
sha1: getSha1("unverifiedemail@test.com"),
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ const FXA = {
|
|||
};
|
||||
|
||||
try {
|
||||
await got(tokenDestroyUrl, tokenDestroyOptions);
|
||||
return await got(tokenDestroyUrl, tokenDestroyOptions);
|
||||
} catch (e) {
|
||||
log.error("fxa", {stack: e.stack});
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ const httpMocks = require("node-mocks-http");
|
|||
|
||||
const DB = require("../../db/DB");
|
||||
const EmailUtils = require("../../email-utils");
|
||||
const FXA = require("../../lib/fxa");
|
||||
const getSha1 = require("../../sha1-utils");
|
||||
const user = require("../../controllers/user");
|
||||
|
||||
|
|
@ -118,11 +119,13 @@ test("user verify request with invalid token returns error", async () => {
|
|||
});
|
||||
|
||||
|
||||
test("user unsubscribe GET request with valid token returns error", async () => {
|
||||
const validToken = "0e2cb147-2041-4e5b-8ca9-494e773b2cf0";
|
||||
test("user unsubscribe GET request with valid token and hash returns 200 without error", async () => {
|
||||
// from db/seeds/test_subscribers.js
|
||||
const subscriberToken = "0e2cb147-2041-4e5b-8ca9-494e773b2cf1";
|
||||
const subscriberHash = getSha1("firefoxaccount@test.com");
|
||||
|
||||
// Set up mocks
|
||||
const req = { fluentFormat: jest.fn(), query: { token: validToken, hash: "ad9c69bcc69b3399775d2ddbe9b0b229369fca42" } };
|
||||
const req = { fluentFormat: jest.fn(), query: { token: subscriberToken, hash: subscriberHash } };
|
||||
const resp = httpMocks.createResponse();
|
||||
|
||||
// Call code-under-test
|
||||
|
|
@ -132,22 +135,6 @@ test("user unsubscribe GET request with valid token returns error", async () =>
|
|||
});
|
||||
|
||||
|
||||
test("user unsubscribe POST request with valid hash and token unsubscribes user", async () => {
|
||||
const validToken = "0e2cb147-2041-4e5b-8ca9-494e773b2cf0";
|
||||
const validHash = getSha1("unverifiedemail@test.com");
|
||||
// Set up mocks
|
||||
const req = { fluentFormat: jest.fn(), body: { token: validToken, emailHash: validHash }, session: {}};
|
||||
const resp = httpMocks.createResponse();
|
||||
|
||||
// Call code-under-test
|
||||
await user.postUnsubscribe(req, resp);
|
||||
|
||||
expect(resp.statusCode).toEqual(302);
|
||||
const subscriber = await DB.getSubscriberByToken(validToken);
|
||||
expect(subscriber).toBeUndefined();
|
||||
});
|
||||
|
||||
|
||||
test("user unsubscribe GET request with invalid token returns error", async () => {
|
||||
const invalidToken = "123456789";
|
||||
|
||||
|
|
@ -162,6 +149,26 @@ test("user unsubscribe GET request with invalid token returns error", async () =
|
|||
});
|
||||
|
||||
|
||||
test("user unsubscribe POST request with valid hash and token unsubscribes user and calls FXA.revokeOAuthToken", async () => {
|
||||
const validToken = "0e2cb147-2041-4e5b-8ca9-494e773b2cf0";
|
||||
const validHash = getSha1("unverifiedemail@test.com");
|
||||
|
||||
// Set up mocks
|
||||
const req = { fluentFormat: jest.fn(), body: { token: validToken, emailHash: validHash }, session: {}};
|
||||
const resp = httpMocks.createResponse();
|
||||
FXA.revokeOAuthToken = jest.fn();
|
||||
|
||||
// Call code-under-test
|
||||
await user.postUnsubscribe(req, resp);
|
||||
|
||||
expect(resp.statusCode).toEqual(302);
|
||||
const subscriber = await DB.getSubscriberByToken(validToken);
|
||||
expect(subscriber).toBeUndefined();
|
||||
const mockCalls = FXA.revokeOAuthToken.mock.calls;
|
||||
expect(mockCalls.length).toEqual(1);
|
||||
});
|
||||
|
||||
|
||||
test("user unsubscribe POST request with invalid token and throws error", async () => {
|
||||
const invalidToken = "123456789";
|
||||
const invalidHash = "0123456789abcdef";
|
||||
|
|
|
|||
|
|
@ -0,0 +1,23 @@
|
|||
"use strict";
|
||||
|
||||
const got = require("got");
|
||||
|
||||
const FXA = require("../lib/fxa");
|
||||
|
||||
|
||||
jest.mock("got");
|
||||
|
||||
|
||||
test("revokeOAuthToken calls oauth destroy with fxa_refresh_token", async () => {
|
||||
// from db/seeds/test_subscribers.js
|
||||
const token = "4a4792b89434153f1a6262fbd6a4510c00834ff842585fc4f4d972da158f0fc1";
|
||||
|
||||
await FXA.revokeOAuthToken(token);
|
||||
|
||||
const gotCalls = got.mock.calls;
|
||||
expect(gotCalls.length).toEqual(1);
|
||||
const gotCallArgs = gotCalls[0];
|
||||
expect(gotCallArgs[0]).toContain("/v1/destroy");
|
||||
const gotCallOptions = gotCallArgs[1];
|
||||
expect(gotCallOptions.body.refresh_token).toEqual(token);
|
||||
});
|
||||
Загрузка…
Ссылка в новой задаче