align service-worker tests with service worker

folio-org · Oct 27, 2023 · d28ce9d · d28ce9d
1 parent a7505d3
commit d28ce9d
Showing 1 changed file with 69 additions and 47 deletions.
diff --git a/src/service-worker.test.js b/src/service-worker.test.js
@@ -115,69 +115,59 @@ describe('messageToClient', () => {
 });
 
 describe('isPermissibleRequest', () => {
-  it('accepts endpoints when AT is valid', () => {
-    const req = { url: 'monkey' };
-    const te = { atExpires: Date.now() + 1000, rtExpires: Date.now() + 1000 };
-    expect(isPermissibleRequest(req, te, '')).toBe(true);
-  });
-
-  describe('accepts endpoints that do not require authorization', () => {
-    it('/authn/refresh', () => {
-      const req = { url: '/authn/refresh' };
-      const te = {};
-
+  describe('when AT is valid', () => {
+    it('when AT is valid, accepts any endpoint', () => {
+      const req = { url: 'monkey' };
+      const te = { atExpires: Date.now() + 1000, rtExpires: Date.now() + 1000 };
       expect(isPermissibleRequest(req, te, '')).toBe(true);
     });
+  });
 
-    it('/bl-users/_self', () => {
-      const req = { url: '/bl-users/_self' };
-      const te = {};
+  describe('when AT is invalid or missing', () => {
+    describe('accepts known endpoints that do not require authorization', () => {
+      it('/bl-users/forgotten/password', () => {
+        const req = { url: '/bl-users/forgotten/password' };
+        const te = {};
 
-      expect(isPermissibleRequest(req, te, '')).toBe(true);
-    });
+        expect(isPermissibleRequest(req, te, '')).toBe(true);
+      });
 
-    it('/bl-users/forgotten/password', () => {
-      const req = { url: '/bl-users/forgotten/password' };
-      const te = {};
+      it('/bl-users/forgotten/username', () => {
+        const req = { url: '/bl-users/forgotten/username' };
+        const te = {};
 
-      expect(isPermissibleRequest(req, te, '')).toBe(true);
-    });
+        expect(isPermissibleRequest(req, te, '')).toBe(true);
+      });
 
-    it('/bl-users/forgotten/username', () => {
-      const req = { url: '/bl-users/forgotten/username' };
-      const te = {};
+      it('/bl-users/login-with-expiry', () => {
+        const req = { url: '/bl-users/login-with-expiry' };
+        const te = {};
 
-      expect(isPermissibleRequest(req, te, '')).toBe(true);
-    });
+        expect(isPermissibleRequest(req, te, '')).toBe(true);
+      });
 
-    it('/bl-users/login-with-expiry', () => {
-      const req = { url: '/bl-users/login-with-expiry' };
-      const te = {};
+      it('/bl-users/password-reset', () => {
+        const req = { url: '/bl-users/password-reset' };
+        const te = {};
 
-      expect(isPermissibleRequest(req, te, '')).toBe(true);
-    });
+        expect(isPermissibleRequest(req, te, '')).toBe(true);
+      });
 
-    it('/bl-users/password-reset', () => {
-      const req = { url: '/bl-users/password-reset' };
-      const te = {};
+      it('/saml/check', () => {
+        const req = { url: '/saml/check' };
+        const te = {};
 
-      expect(isPermissibleRequest(req, te, '')).toBe(true);
+        expect(isPermissibleRequest(req, te, '')).toBe(true);
+      });
     });
 
-    it('/saml/check', () => {
-      const req = { url: '/saml/check' };
+    it('rejects unknown endpoints', () => {
+      const req = { url: '/monkey/bagel/is/not/known/to/stripes/at/least/i/hope/not' };
       const te = {};
 
-      expect(isPermissibleRequest(req, te, '')).toBe(true);
+      expect(isPermissibleRequest(req, te, '')).toBe(false);
     });
   });
-
-  it('rejects unknown endpoints', () => {
-    const req = { url: '/monkey/bagel/is/not/known/to/stripes/at/least/i/hope/not' };
-    const te = {};
-
-    expect(isPermissibleRequest(req, te, '')).toBe(false);
-  });
 });
 
 describe('isLogoutRequest', () => {
@@ -296,7 +286,8 @@ describe('passThrough', () => {
       expect(res).toEqual(response);
     });
 
-    it('requests with valid ATs succeed', async () => {
+    // request was valid, response is success; we should receive response
+    it('requests with valid ATs succeed with success response', async () => {
       const oUrl = 'https://trinity.edu';
       const req = { url: `${oUrl}/manhattan` };
       const event = {
@@ -313,6 +304,31 @@ describe('passThrough', () => {
       expect(res).toEqual(response);
     });
 
+    // request was valid, response is error; we should receive response
+    it('requests with valid ATs succeed with error response', async () => {
+      const oUrl = 'https://trinity.edu';
+      const req = { url: `${oUrl}/manhattan` };
+      const event = {
+        request: {
+          clone: () => req,
+        }
+      };
+      const tokenExpiration = { atExpires: Date.now() + 10000 };
+
+      const response = {
+        ok: false,
+        status: 403,
+        headers: { 'content-type': 'text/plain' },
+        clone: () => ({
+          text: () => Promise.resolve('Access for user \'barbie\' (c0ffeeee-dead-beef-dead-coffeecoffee) requires permission: pink.is.the.new.black')
+        }),
+      };
+      global.fetch = jest.fn(() => Promise.resolve(response));
+
+      const res = await passThrough(event, tokenExpiration, oUrl);
+      expect(res).toEqual(response);
+    });
+
     it('requests with false-valid AT data succeed via RTR', async () => {
       const oUrl = 'https://trinity.edu';
       const req = { url: `${oUrl}/manhattan` };
@@ -328,7 +344,13 @@ describe('passThrough', () => {
 
       const response = 'los alamos';
       global.fetch = jest.fn()
-        .mockReturnValueOnce(Promise.resolve({ ok: false }))
+        .mockReturnValueOnce(Promise.resolve({
+          status: 403,
+          headers: { 'content-type': 'text/plain' },
+          clone: () => ({
+            text: () => Promise.resolve('Token missing, access requires permission:'),
+          }),
+        }))
         .mockReturnValueOnce(Promise.resolve({
           ok: true,
           json: () => Promise.resolve({