Adding tests, bumping packages with audit warnings

2025-12-09 00:35:46 +02:00
parent 58363c2c1d
commit b8d4208caf
7 changed files with 2183 additions and 467 deletions
--- a/test/services/auth-oidc/callback/callback.test.ts
+++ b/test/services/auth-oidc/callback/callback.test.ts
@@ -1,11 +1,71 @@
-// For more information about this file see https://dove.feathersjs.com/guides/cli/service.test.html
 import assert from 'assert';
 import { app } from '../../../../src/app';
+import * as sinon from 'sinon';
+import config from 'config';
+import { Issuer } from 'openid-client';

 describe('auth-oidc/callback service', () => {
+    let sandbox: sinon.SinonSandbox;
+
+    beforeEach(() => {
+        sandbox = sinon.createSandbox();
+    });
+
+    afterEach(() => {
+        sandbox.restore();
+    });
+
    it('registered the service', () => {
        const service = app.service('auth-oidc/callback');

        assert.ok(service, 'Registered the service');
    });
+
+    it('completes OIDC authentication and sets user session', async () => {
+        const service = app.service('auth-oidc/callback');
+
+        const configGetStub = sandbox.stub(config, 'get');
+        configGetStub.withArgs('oidc.gatewayUri').returns('https://oidc.example.com');
+        configGetStub.withArgs('oidc.clientId').returns('client123');
+        configGetStub.withArgs('oidc.clientSecret').returns('secret123');
+        configGetStub.withArgs('oidc.redirectUris').returns(['https://app.example.com/auth-oidc/callback']);
+        configGetStub.withArgs('clientUrl').returns('https://app.example.com');
+
+        const mockTokenSet = {
+            access_token: 'access123',
+            id_token: 'id123',
+        };
+
+        const mockUserinfo = {
+            sub: 'user123',
+            email: 'user@example.com',
+            name: 'Test User',
+        };
+
+        const mockClient = {
+            callback: sandbox.stub().resolves(mockTokenSet),
+            userinfo: sandbox.stub().resolves(mockUserinfo),
+        };
+
+        const mockIssuer = {
+            Client: sandbox.stub().returns(mockClient),
+        };
+
+        sandbox.stub(Issuer, 'discover').resolves(mockIssuer as any);
+
+        const params = {
+            session: { codeVerifier: 'verifier123' } as any,
+            query: {
+                iss: 'https://oidc.example.com',
+                code: 'authcode123',
+            },
+        };
+
+        const result = await service.find(params);
+
+        assert.strictEqual(result, '/', 'Result should be the redirect path');
+        assert.deepStrictEqual(params.session.user, mockUserinfo, 'User info should be stored in session');
+        assert.ok(mockClient.callback.calledOnce, 'Callback should be called');
+        assert.ok(mockClient.userinfo.calledOnce, 'Userinfo should be fetched');
+    });
 });