Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EW-660 add factory for ICurrentUser and JwtPayload #5144

Merged
merged 11 commits into from
Jul 30, 2024
Merged

EW-660 add factory for ICurrentUser and JwtPayload #5144

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
3d949c8
add test factory for ICurrentUser
MajedAlaitwniCap Jul 25, 2024
bed1ac3
Merge branch 'main' into EW-660
MajedAlaitwniCap Jul 26, 2024
533d892
adjust ICurrentUserFactory Methods
MajedAlaitwniCap Jul 26, 2024
37b6874
resolve review comments
MajedAlaitwniCap Jul 26, 2024
f67481e
adjust classes name and use faker
MajedAlaitwniCap Jul 29, 2024
f53295c
Merge branch 'main' into EW-660
MajedAlaitwniCap Jul 29, 2024
6ab1387
resolve lint error
MajedAlaitwniCap Jul 29, 2024
dbdfa29
Merge branch 'main' into EW-660
MajedAlaitwniCap Jul 29, 2024
3d024af
import und index file correction
MajedAlaitwniCap Jul 29, 2024
c33f560
Merge branch 'main' into EW-660
MajedAlaitwniCap Jul 29, 2024
b6e3734
Merge branch 'main' into EW-660
MajedAlaitwniCap Jul 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
137 changes: 70 additions & 67 deletions apps/server/src/modules/account/api/account.uc.spec.ts
View file
Open in desktop

Large diffs are not rendered by default.

90 changes: 28 additions & 62 deletions apps/server/src/modules/authentication/mapper/current-user.mapper.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@ import { UserDO } from '@shared/domain/domainobject/user.do';
import { Permission, RoleName } from '@shared/domain/interface';
import { roleFactory, schoolEntityFactory, setupEntities, userDoFactory, userFactory } from '@shared/testing';
import { ICurrentUser, OauthCurrentUser } from '../interface';
import { CreateJwtPayload, JwtPayload } from '../interface/jwt-payload';
import { CreateJwtPayload } from '../interface/jwt-payload';
import { currentUserFactory, jwtPayloadFactory } from '../testing';
import { CurrentUserMapper } from './current-user.mapper';

describe('CurrentUserMapper', () => {
Expand Down Expand Up @@ -221,111 +222,77 @@ describe('CurrentUserMapper', () => {
describe('jwtToICurrentUser', () => {
describe('when JWT is provided with all claims', () => {
const setup = () => {
const jwtPayload: JwtPayload = {
accountId: 'dummyAccountId',
systemId: 'dummySystemId',
roles: ['mockRoleId'],
schoolId: 'dummySchoolId',
userId: 'dummyUserId',
support: true,
isExternalUser: true,
sub: 'dummyAccountId',
jti: 'random string',
aud: 'some audience',
iss: 'feathers',
iat: Math.floor(new Date().getTime() / 1000),
exp: Math.floor(new Date().getTime() / 1000) + 3600,
};
const mockJwtPayload = jwtPayloadFactory.build();

return {
jwtPayload,
mockJwtPayload,
};
};

it('should return current user', () => {
const { jwtPayload } = setup();
const { mockJwtPayload } = setup();

const currentUser = CurrentUserMapper.jwtToICurrentUser(jwtPayload);
const currentUser = CurrentUserMapper.jwtToICurrentUser(mockJwtPayload);

expect(currentUser).toMatchObject({
accountId: jwtPayload.accountId,
systemId: jwtPayload.systemId,
roles: [jwtPayload.roles[0]],
schoolId: jwtPayload.schoolId,
userId: jwtPayload.userId,
impersonated: jwtPayload.support,
accountId: mockJwtPayload.accountId,
systemId: mockJwtPayload.systemId,
roles: [mockJwtPayload.roles[0]],
schoolId: mockJwtPayload.schoolId,
userId: mockJwtPayload.userId,
impersonated: mockJwtPayload.support,
});
});

it('should return current user with default for isExternalUser', () => {
const { jwtPayload } = setup();
const { mockJwtPayload } = setup();

const currentUser = CurrentUserMapper.jwtToICurrentUser(jwtPayload);
const currentUser = CurrentUserMapper.jwtToICurrentUser(mockJwtPayload);

expect(currentUser).toMatchObject({
isExternalUser: jwtPayload.isExternalUser,
isExternalUser: mockJwtPayload.isExternalUser,
});
});
});

describe('when JWT is provided without optional claims', () => {
const setup = () => {
const jwtPayload: JwtPayload = {
accountId: 'dummyAccountId',
roles: ['mockRoleId'],
schoolId: 'dummySchoolId',
userId: 'dummyUserId',
isExternalUser: false,
sub: 'dummyAccountId',
jti: 'random string',
aud: 'some audience',
iss: 'feathers',
iat: Math.floor(new Date().getTime() / 1000),
exp: Math.floor(new Date().getTime() / 1000) + 3600,
};
const mockJwtPayload = jwtPayloadFactory.build();

return {
jwtPayload,
mockJwtPayload,
};
};

it('should return current user', () => {
const { jwtPayload } = setup();
const { mockJwtPayload } = setup();

const currentUser = CurrentUserMapper.jwtToICurrentUser(jwtPayload);
const currentUser = CurrentUserMapper.jwtToICurrentUser(mockJwtPayload);

expect(currentUser).toMatchObject({
accountId: jwtPayload.accountId,
roles: [jwtPayload.roles[0]],
schoolId: jwtPayload.schoolId,
userId: jwtPayload.userId,
isExternalUser: false,
accountId: mockJwtPayload.accountId,
roles: [mockJwtPayload.roles[0]],
schoolId: mockJwtPayload.schoolId,
userId: mockJwtPayload.userId,
isExternalUser: true,
});
});

it('should return current user with default for isExternalUser', () => {
const { jwtPayload } = setup();
const { mockJwtPayload } = setup();

const currentUser = CurrentUserMapper.jwtToICurrentUser(jwtPayload);
const currentUser = CurrentUserMapper.jwtToICurrentUser(mockJwtPayload);

expect(currentUser).toMatchObject({
isExternalUser: false,
isExternalUser: true,
});
});
});
});

describe('mapCurrentUserToCreateJwtPayload', () => {
it('should map current user to create jwt payload', () => {
const currentUser: ICurrentUser = {
accountId: 'dummyAccountId',
systemId: 'dummySystemId',
roles: ['mockRoleId'],
schoolId: 'dummySchoolId',
userId: 'dummyUserId',
impersonated: true,
isExternalUser: false,
};
const currentUser = currentUserFactory.build();

const createJwtPayload: CreateJwtPayload = CurrentUserMapper.mapCurrentUserToCreateJwtPayload(currentUser);

Expand All @@ -335,7 +302,6 @@ describe('CurrentUserMapper', () => {
roles: currentUser.roles,
schoolId: currentUser.schoolId,
userId: currentUser.userId,
support: currentUser.impersonated,
isExternalUser: false,
});
});
Expand Down
15 changes: 5 additions & 10 deletions apps/server/src/modules/authentication/services/authentication.service.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
import { createMock, DeepMocked } from '@golevelup/ts-jest';
import { AccountService, Account } from '@modules/account';
import { ICurrentUser } from '@modules/authentication';
import { Account, AccountService } from '@modules/account';
import { UnauthorizedException } from '@nestjs/common';
import { ConfigService } from '@nestjs/config';
import { JwtService } from '@nestjs/jwt';
import { Test, TestingModule } from '@nestjs/testing';
import jwt from 'jsonwebtoken';
import { BruteForceError } from '../errors/brute-force.error';
import { JwtValidationAdapter } from '../helper/jwt-validation.adapter';
import { AuthenticationService } from './authentication.service';
import { UserAccountDeactivatedLoggableException } from '../loggable/user-account-deactivated-exception';
import { currentUserFactory } from '../testing';
import { AuthenticationService } from './authentication.service';

jest.mock('jsonwebtoken');

Expand Down Expand Up @@ -114,13 +114,8 @@ describe('AuthenticationService', () => {
describe('generateJwt', () => {
describe('when generating new jwt', () => {
it('should pass the correct parameters', async () => {
const mockCurrentUser: ICurrentUser = {
accountId: 'mockAccountId',
roles: ['student'],
schoolId: 'mockSchoolId',
userId: 'mockUserId',
isExternalUser: false,
};
const mockCurrentUser = currentUserFactory.withRole('random role').build();

await authenticationService.generateJwt(mockCurrentUser);
expect(jwtService.sign).toBeCalledWith(
mockCurrentUser,
Expand Down
47 changes: 23 additions & 24 deletions apps/server/src/modules/authentication/strategy/jwt.strategy.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
import { ObjectId } from '@mikro-orm/mongodb';
import { JwtModule } from '@nestjs/jwt';
import { PassportModule } from '@nestjs/passport';
import { Test, TestingModule } from '@nestjs/testing';
Expand All @@ -7,24 +6,15 @@ import { createMock, DeepMocked } from '@golevelup/ts-jest';
import { UnauthorizedException } from '@nestjs/common';
import { setupEntities } from '@shared/testing';
import { jwtConstants } from '../constants';
import { JwtPayload } from '../interface/jwt-payload';

import { JwtValidationAdapter } from '../helper/jwt-validation.adapter';
import { jwtPayloadFactory } from '../testing';
import { JwtStrategy } from './jwt.strategy';

describe('jwt strategy', () => {
let validationAdapter: DeepMocked<JwtValidationAdapter>;
let strategy: JwtStrategy;
let module: TestingModule;
const jwtPayload: JwtPayload = {
accountId: new ObjectId().toHexString(),
userId: new ObjectId().toHexString(),
schoolId: new ObjectId().toHexString(),
roles: [new ObjectId().toHexString()],
jti: 'someRandomString',
systemId: new ObjectId().toHexString(),
support: true,
} as JwtPayload;

beforeAll(async () => {
await setupEntities();
Expand Down Expand Up @@ -55,39 +45,48 @@ describe('jwt strategy', () => {

describe('when authenticate a user with jwt', () => {
const setup = () => {
const mockJwtPayload = jwtPayloadFactory.build();

Fshmit marked this conversation as resolved.
Show resolved Hide resolved
validationAdapter.isWhitelisted.mockResolvedValueOnce();
validationAdapter.isWhitelisted.mockClear();
return {
mockJwtPayload,
};
};

it('should check jwt for being whitelisted', async () => {
setup();
await strategy.validate(jwtPayload);
expect(validationAdapter.isWhitelisted).toHaveBeenCalledWith(jwtPayload.accountId, jwtPayload.jti);
const { mockJwtPayload } = setup();
await strategy.validate(mockJwtPayload);
expect(validationAdapter.isWhitelisted).toHaveBeenCalledWith(mockJwtPayload.accountId, mockJwtPayload.jti);
});

it('should return user', async () => {
setup();
const user = await strategy.validate(jwtPayload);
const { mockJwtPayload } = setup();
const user = await strategy.validate(mockJwtPayload);
expect(user).toMatchObject({
userId: jwtPayload.userId,
roles: [jwtPayload.roles[0]],
schoolId: jwtPayload.schoolId,
accountId: jwtPayload.accountId,
systemId: jwtPayload.systemId,
impersonated: jwtPayload.support,
userId: mockJwtPayload.userId,
roles: [mockJwtPayload.roles[0]],
schoolId: mockJwtPayload.schoolId,
accountId: mockJwtPayload.accountId,
systemId: mockJwtPayload.systemId,
impersonated: mockJwtPayload.support,
});
});
});

describe('when jwt is not whitelisted', () => {
const setup = () => {
const mockJwtPayload = jwtPayloadFactory.build();
validationAdapter.isWhitelisted.mockRejectedValueOnce(null);
validationAdapter.isWhitelisted.mockClear();
return {
mockJwtPayload,
};
};

it('should throw an UnauthorizedException', async () => {
setup();
await expect(() => strategy.validate(jwtPayload)).rejects.toThrow(UnauthorizedException);
const { mockJwtPayload } = setup();
await expect(() => strategy.validate(mockJwtPayload)).rejects.toThrow(UnauthorizedException);
});
});
});
8 changes: 2 additions & 6 deletions apps/server/src/modules/authentication/strategy/oauth2.strategy.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import { UserDO } from '@shared/domain/domainobject/user.do';
import { RoleName } from '@shared/domain/interface';
import { EntityId } from '@shared/domain/types';
import { userDoFactory } from '@shared/testing';
import { accountDoFactory } from '@modules/account/testing';

import { ICurrentUser, OauthCurrentUser } from '../interface';

Expand Down Expand Up @@ -56,12 +57,7 @@ describe('Oauth2Strategy', () => {
const setup = () => {
const systemId: EntityId = 'systemId';
const user: UserDO = userDoFactory.withRoles([{ id: 'roleId', name: RoleName.USER }]).buildWithId();
const account: Account = new Account({
id: 'accountId',
createdAt: new Date(),
updatedAt: new Date(),
username: 'username',
});
const account = accountDoFactory.build();

const idToken = 'idToken';
oauthService.authenticateUser.mockResolvedValue(
Expand Down
48 changes: 24 additions & 24 deletions apps/server/src/modules/authentication/strategy/ws-jwt.strategy.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,18 @@
import { ObjectId } from '@mikro-orm/mongodb';
import { JwtModule } from '@nestjs/jwt';
import { PassportModule } from '@nestjs/passport';
import { Test, TestingModule } from '@nestjs/testing';
import { createMock, DeepMocked } from '@golevelup/ts-jest';
import { WsException } from '@nestjs/websockets';
import { setupEntities } from '@shared/testing';
import { jwtConstants } from '../constants';
import { JwtPayload } from '../interface/jwt-payload';
import { JwtValidationAdapter } from '../helper/jwt-validation.adapter';
import { WsJwtStrategy } from './ws-jwt.strategy';
import { jwtPayloadFactory } from '../testing';

describe('jwt strategy', () => {
let validationAdapter: DeepMocked<JwtValidationAdapter>;
let strategy: WsJwtStrategy;
let module: TestingModule;
const jwtPayload: JwtPayload = {
accountId: new ObjectId().toHexString(),
userId: new ObjectId().toHexString(),
schoolId: new ObjectId().toHexString(),
roles: [new ObjectId().toHexString()],
jti: 'someRandomString',
systemId: new ObjectId().toHexString(),
support: true,
} as JwtPayload;

beforeAll(async () => {
await setupEntities();
Expand Down Expand Up @@ -53,39 +43,49 @@ describe('jwt strategy', () => {

describe('when authenticate a user with jwt', () => {
const setup = () => {
const mockJwtPayload = jwtPayloadFactory.build();

Fshmit marked this conversation as resolved.
Show resolved Hide resolved
validationAdapter.isWhitelisted.mockResolvedValueOnce();
validationAdapter.isWhitelisted.mockClear();
return {
mockJwtPayload,
};
};

it('should check jwt for being whitelisted', async () => {
setup();
await strategy.validate(jwtPayload);
expect(validationAdapter.isWhitelisted).toHaveBeenCalledWith(jwtPayload.accountId, jwtPayload.jti);
const { mockJwtPayload } = setup();
await strategy.validate(mockJwtPayload);
expect(validationAdapter.isWhitelisted).toHaveBeenCalledWith(mockJwtPayload.accountId, mockJwtPayload.jti);
});

it('should return user', async () => {
setup();
const user = await strategy.validate(jwtPayload);
const { mockJwtPayload } = setup();
const user = await strategy.validate(mockJwtPayload);
expect(user).toMatchObject({
userId: jwtPayload.userId,
roles: [jwtPayload.roles[0]],
schoolId: jwtPayload.schoolId,
accountId: jwtPayload.accountId,
systemId: jwtPayload.systemId,
impersonated: jwtPayload.support,
userId: mockJwtPayload.userId,
roles: [mockJwtPayload.roles[0]],
schoolId: mockJwtPayload.schoolId,
accountId: mockJwtPayload.accountId,
systemId: mockJwtPayload.systemId,
impersonated: mockJwtPayload.support,
});
});
});

describe('when jwt is not whitelisted', () => {
const setup = () => {
const mockJwtPayload = jwtPayloadFactory.build();

validationAdapter.isWhitelisted.mockRejectedValueOnce(null);
validationAdapter.isWhitelisted.mockClear();
return {
mockJwtPayload,
};
};

it('should throw an UnauthorizedException', async () => {
setup();
await expect(() => strategy.validate(jwtPayload)).rejects.toThrow(WsException);
const { mockJwtPayload } = setup();
await expect(() => strategy.validate(mockJwtPayload)).rejects.toThrow(WsException);
});
});
});
Loading
Loading