handled simulating user granting application access, getting rsvp, and app exchanging rsvp for a user ticket for #8

Author: travi

data/auth/grants.json

@@ -0,0 +1,8 @@
+[
+    {
+        "id": "0",
+        "app": "foo",
+        "user": "travi",
+        "exp": "1485498119999"
+    }
+]

lib/api/auth/grants.js

@@ -0,0 +1,11 @@
+'use strict';
+
+const grants = require('../../../data/auth/grants');
+
+function getById(id, callback) {
+    callback(null, grants[id]);
+}
+
+module.exports = {
+    getById
+};

lib/api/auth/strategy.js

@@ -1,10 +1,13 @@
-const apps = require('./apps');
+const
+    apps = require('./apps'),
+    grants = require('./grants');
 
 exports.register = function (server, options, next) {
     server.auth.strategy('oz', 'oz', 'optional', {
         oz: {
             encryptionPassword: 'password',
-            loadAppFunc: apps.getById
+            loadAppFunc: apps.getById,
+            loadGrantFunc: grants.getById
         }
     });
 

test/integration/features/step_definitions/auth.js

@@ -2,30 +2,60 @@
 
 const
     oz = require('oz'),
-    apps = require('../../../../data/auth/apps');
+    hoek = require('hoek'),
+    apps = require('../../../../data/auth/apps'),
+    grants = require('../../../../data/auth/grants');
 
-function getOzTicket(callback) {
+function makeOzRequest(requestDetails, appDetails, callback) {
     const
-        url = `http://example.com/oz/app`,
         method = 'POST',
-        appTicket = apps.foo;
+        url = `http://example.com${requestDetails.endpoint}`;
 
     this.requestTo(
         {
             url,
             method,
             headers: {
-                authorization: oz.client.header(url, method, appTicket).field
-            }
+                authorization: oz.client.header(url, method, appDetails).field
+            },
+            payload: requestDetails.payload
         },
         () => {
+            //console.log(this.getResponseBody());
             assert.equals(this.getResponseStatus(), 200);
 
-            callback();
+            callback(null, this.serverResponse.result.entity);
         }
     );
 }
 
+function requestAppTicket(appDetails, callback) {
+    makeOzRequest.call(this, {endpoint: '/oz/app'}, appDetails, callback);
+}
+
+function simulateUserGettingRsvpByGrantingScopes(callback) {
+    oz.ticket.rsvp(apps.foo, grants[0], 'password', {}, callback);
+}
+
+function exchangeRsvpForUserTicket(appTicket, rsvp, callback) {
+    makeOzRequest.call(this, {
+        endpoint: '/oz/rsvp',
+        payload: JSON.stringify({rsvp})
+    }, appTicket, callback);
+}
+
+function getUserTicket(callback) {
+    requestAppTicket.call(this, apps.foo, (err, appTicket) => {
+        hoek.assert(!err, err);
+
+        simulateUserGettingRsvpByGrantingScopes.call(this, (err, rsvp) => {
+            hoek.assert(!err, err);
+
+            exchangeRsvpForUserTicket.call(this, appTicket, rsvp, callback);
+        });
+    });
+}
+
 module.exports = function () {
     this.World = require('../support/world.js').World;
 
@@ -34,6 +64,6 @@ module.exports = function () {
     });
 
     this.Given(/^request includes oz ticket$/, function (callback) {
-        getOzTicket.call(this, callback);
+        getUserTicket.call(this, callback);
     });
 };

test/integration/features/support/world.js

@@ -16,6 +16,7 @@ module.exports.World = function World() {
             server.inject({
                 method: options.method,
                 url: options.url,
+                payload: options.payload,
                 headers
             }, (response) => {
                 this.serverResponse = response;

test/unit/api/auth/grants-test.js

@@ -0,0 +1,23 @@
+'use strict';
+
+const
+    proxyquire = require('proxyquire'),
+    any = require('../../../helpers/any');
+
+suite('api authorization', function () {
+    const
+        grantList = any.listOf(any.simpleObject),
+        grants = proxyquire('../../../../lib/api/auth/grants', {
+            '../../../data/auth/grants': grantList
+        });
+
+    test('that grant is retrieved by id', function () {
+        const
+            callback = sinon.spy(),
+            grantId = any.int(grantList.length - 1);
+
+        grants.getById(grantId, callback);
+
+        assert.calledWith(callback, null, grantList[grantId]);
+    });
+});

test/unit/api/auth/strategy-test.js

@@ -1,6 +1,7 @@
 const
     auth = require('../../../../lib/api/auth/strategy'),
-    apps = require('../../../../lib/api/auth/apps');
+    apps = require('../../../../lib/api/auth/apps'),
+    grants = require('../../../../lib/api/auth/grants');
 
 suite('api authorization', function () {
     test('that the plugin is defined', () => {
@@ -19,7 +20,8 @@ suite('api authorization', function () {
 
         assert.calledWith(strategy, 'oz', 'oz', 'optional', {oz: {
             encryptionPassword: 'password',
-            loadAppFunc: apps.getById
+            loadAppFunc: apps.getById,
+            loadGrantFunc: grants.getById
         }});
         assert.calledOnce(next);
     });