Sha256: 361a39e552383f7759a4667f6a8f9ab04f2a17c4b38f84e4c7bada23c5dfdced

Contents?: true

Size: 1.37 KB

Versions: 5

Compression:

Stored size: 1.37 KB

Contents

# frozen_string_literal: true

require 'spec_helper'

describe Osso::Admin do
  let(:jwt_url) { 'https://foo.com/jwt' }
  let(:jwt_hmac_secret) { SecureRandom.hex(32) }

  before do
    ENV['JWT_URL'] = jwt_url
    ENV['JWT_HMAC_SECRET'] = jwt_hmac_secret
  end

  describe 'get /admin' do
    it 'redirects to JWT_URL without a session or token' do
      get('/admin')

      expect(last_response).to be_redirect
      follow_redirect!
      expect(last_request.url).to eq(jwt_url)
    end

    it 'redirects to JWT_URL with an invalid token' do
      get('/admin', token: SecureRandom.hex(32))

      expect(last_response).to be_redirect
      follow_redirect!
      expect(last_request.url).to eq(jwt_url)
    end

    it 'chomps the token and redirects to request path with valid token' do
      token = JWT.encode(
        { email: 'admin@saas.com', scope: 'admin' },
        jwt_hmac_secret,
        'HS256',
      )

      get('/admin', { admin_token: token })

      expect(last_response).to be_redirect
      follow_redirect!
      expect(last_request.url).to match('/admin')
    end

    it 'renders the admin page for a valid session token' do
      token = JWT.encode(
        { email: 'admin@saas.com', scope: 'admin' },
        jwt_hmac_secret,
        'HS256',
      )

      get('/admin', {}, 'rack.session' => { admin_token: token })

      expect(last_response).to be_ok
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
osso-0.0.3.3 spec/routes/admin_spec.rb
osso-0.0.3 spec/routes/admin_spec.rb
osso-0.0.2.10 spec/routes/admin_spec.rb
osso-0.0.2.9 spec/routes/admin_spec.rb
osso-0.0.2.8 spec/routes/admin_spec.rb