mirror of
https://github.com/elyby/accounts-frontend.git
synced 2024-12-27 23:40:28 +05:30
Disable bearer header for refresh-token request
This commit is contained in:
parent
b017147359
commit
7374ac3564
@ -1,6 +1,9 @@
|
||||
/**
|
||||
* Applies Bearer header for all requests
|
||||
*
|
||||
* req.options.token is used to override current token.
|
||||
* Pass null to disable bearer header at all
|
||||
*
|
||||
* @param {object} store - redux store
|
||||
* @param {function} store.getState
|
||||
*
|
||||
@ -13,7 +16,7 @@ export default function bearerHeaderMiddleware({getState}) {
|
||||
|
||||
let {token} = accounts.active ? accounts.active : user;
|
||||
|
||||
if (req.options.token) {
|
||||
if (req.options.token || req.options.token === null) {
|
||||
token = req.options.token;
|
||||
}
|
||||
|
||||
|
@ -86,7 +86,8 @@ const authentication = {
|
||||
requestToken(refreshToken) {
|
||||
return request.post(
|
||||
'/api/authentication/refresh-token',
|
||||
{refresh_token: refreshToken}
|
||||
{refresh_token: refreshToken}, // eslint-disable-line
|
||||
{token: null}
|
||||
).then((resp) => ({
|
||||
token: resp.access_token
|
||||
}));
|
||||
|
@ -22,30 +22,44 @@ describe('bearerHeaderMiddleware', () => {
|
||||
});
|
||||
|
||||
it('should set Authorization header', () => {
|
||||
const data = {
|
||||
let data = {
|
||||
options: {
|
||||
headers: {}
|
||||
}
|
||||
};
|
||||
|
||||
middleware.before(data);
|
||||
data = middleware.before(data);
|
||||
|
||||
expectBearerHeader(data, token);
|
||||
});
|
||||
|
||||
it('overrides user.token with options.token if available', () => {
|
||||
const tokenOverride = 'tokenOverride';
|
||||
const data = {
|
||||
let data = {
|
||||
options: {
|
||||
headers: {},
|
||||
token: tokenOverride
|
||||
}
|
||||
};
|
||||
|
||||
middleware.before(data);
|
||||
data = middleware.before(data);
|
||||
|
||||
expectBearerHeader(data, tokenOverride);
|
||||
});
|
||||
|
||||
it('disables token if options.token is null', () => {
|
||||
const tokenOverride = null;
|
||||
let data = {
|
||||
options: {
|
||||
headers: {},
|
||||
token: tokenOverride
|
||||
}
|
||||
};
|
||||
|
||||
data = middleware.before(data);
|
||||
|
||||
expect(data.options.headers.Authorization, 'to be undefined');
|
||||
});
|
||||
});
|
||||
|
||||
describe('when legacy token available', () => {
|
||||
@ -58,13 +72,13 @@ describe('bearerHeaderMiddleware', () => {
|
||||
});
|
||||
|
||||
it('should set Authorization header', () => {
|
||||
const data = {
|
||||
let data = {
|
||||
options: {
|
||||
headers: {}
|
||||
}
|
||||
};
|
||||
|
||||
middleware.before(data);
|
||||
data = middleware.before(data);
|
||||
|
||||
expectBearerHeader(data, token);
|
||||
});
|
||||
@ -77,13 +91,13 @@ describe('bearerHeaderMiddleware', () => {
|
||||
})
|
||||
});
|
||||
|
||||
const data = {
|
||||
let data = {
|
||||
options: {
|
||||
headers: {}
|
||||
}
|
||||
};
|
||||
|
||||
middleware.before(data);
|
||||
data = middleware.before(data);
|
||||
|
||||
expect(data.options.headers.Authorization, 'to be undefined');
|
||||
});
|
||||
|
@ -1,4 +1,5 @@
|
||||
import expect from 'unexpected';
|
||||
import sinon from 'sinon';
|
||||
|
||||
import request from 'services/request';
|
||||
import authentication from 'services/api/authentication';
|
||||
@ -121,4 +122,52 @@ describe('authentication api', () => {
|
||||
]);
|
||||
});
|
||||
});
|
||||
|
||||
describe('#requestToken', () => {
|
||||
const refreshToken = 'refresh-token';
|
||||
|
||||
beforeEach(() => {
|
||||
sinon.stub(request, 'post').named('request.post');
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
request.post.restore();
|
||||
});
|
||||
|
||||
it('should request refresh-token api', () => {
|
||||
request.post.returns(Promise.resolve({}));
|
||||
|
||||
authentication.requestToken(refreshToken);
|
||||
|
||||
expect(request.post, 'to have a call satisfying', [
|
||||
'/api/authentication/refresh-token', {
|
||||
refresh_token: refreshToken // eslint-disable-line
|
||||
}, {}
|
||||
]);
|
||||
});
|
||||
|
||||
it('should disable bearer auth for request', () => {
|
||||
request.post.returns(Promise.resolve({}));
|
||||
|
||||
authentication.requestToken(refreshToken);
|
||||
|
||||
expect(request.post, 'to have a call satisfying', [
|
||||
'/api/authentication/refresh-token', {
|
||||
refresh_token: refreshToken // eslint-disable-line
|
||||
}, {token: null}
|
||||
]);
|
||||
});
|
||||
|
||||
it('should resolve with token', () => {
|
||||
const token = 'token';
|
||||
|
||||
request.post.returns(Promise.resolve({
|
||||
access_token: token // eslint-disable-line
|
||||
}));
|
||||
|
||||
return expect(authentication.requestToken(refreshToken),
|
||||
'to be fulfilled with', {token}
|
||||
);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
Loading…
Reference in New Issue
Block a user