All files / test/handlers RPInitiatedLogoutRequestSpec.js

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
 
 
1x
1x
1x
1x
1x
1x
1x
 
1x
 
1x
 
 
 
 
 
1x
1x
1x
 
 
 
 
 
 
 
 
1x
1x
1x
1x
1x
 
1x
 
1x
1x
 
 
 
 
1x
1x
1x
1x
 
1x
1x
1x
1x
 
 
 
1x
1x
1x
 
 
1x
1x
1x
1x
 
 
 
 
 
1x
1x
 
1x
 
1x
1x
1x
1x
 
 
1x
1x
1x
1x
 
1x
 
1x
1x
1x
 
 
 
1x
1x
1x
 
 
 
'use strict'
 
const chai = require('chai')
const expect = chai.expect
const sinon = require('sinon')
const sinonChai = require('sinon-chai')
chai.use(sinonChai)
chai.should()
const HttpMocks = require('node-mocks-http')
 
const RPInitiatedLogoutRequest = require('../../src/handlers/RPInitiatedLogoutRequest')
 
const provider = {
  host: {
    logout: () => {}
  }
}
 
const postLogoutRedirectUri = 'https://rp.example.com/goodbye'
const reqNoParams = HttpMocks.createRequest({ method: 'GET', params: {} })
const reqWithParams = HttpMocks.createRequest({
  method: 'GET',
  query: {
    'id_token_hint': {},
    'state': 'abc123',
    'post_logout_redirect_uri': postLogoutRedirectUri
  }
})
 
describe('RPInitiatedLogoutRequest', () => {
  describe('handle()', () => {
    it('should invoke injected host.logout', done => {
      let res = HttpMocks.createResponse()
      let logoutSpy = sinon.stub(provider.host, 'logout', () => Promise.resolve())
 
      RPInitiatedLogoutRequest.handle(reqNoParams, res, provider)
        .then(() => {
          expect(logoutSpy).to.have.been.called
          done()
        })
    })
  })
 
  describe('constructor()', () => {
    it('should parse the incoming request params', done => {
      let res = {}
      let request = new RPInitiatedLogoutRequest(reqWithParams, res, provider)
 
      expect(request).to.have.property('params')
      expect(Object.keys(request.params).length).to.equal(3)
      expect(request.params.state).to.equal('abc123')
      done()
    })
  })
 
  describe('validate()', () => {
    it('should validate the `id_token_hint` param')
    it('should validate that `post_logout_redirect_uri` has been registered')
  })
 
  describe('redirectOrRespond()', () => {
    it('should redirect to RP if logout uri provided', done => {
      let res = HttpMocks.createResponse()
      let req = HttpMocks.createRequest({
        method: 'GET',
        query: {
          'post_logout_redirect_uri': postLogoutRedirectUri
        }
      })
      let request = new RPInitiatedLogoutRequest(req, res, provider)
      request.respond = sinon.stub().throws()
 
      request.redirectOrRespond()
 
      expect(request.respond).to.not.have.been.called
      expect(res.statusCode).to.equal(302)
      expect(res._getRedirectUrl()).to.equal(postLogoutRedirectUri)
      done()
    })
 
    it('should respond with a 204 if no logout uri provided', done => {
      let res = HttpMocks.createResponse()
      let request = new RPInitiatedLogoutRequest(reqNoParams, res, provider)
      request.redirectToRP = sinon.stub().throws()
 
      request.redirectOrRespond()
 
      expect(request.redirectToRP).to.not.have.been.called
      expect(res.statusCode).to.equal(204)
      done()
    })
  })
 
  describe('redirectToRP()', () => {
    it('should redirect to provided URI')
    it('should pass through the state param')
  })
})