From e81660defc116ed4a27a16ee4143f8c950987149 Mon Sep 17 00:00:00 2001
From: tholulomo <fatexjames@yahoo.com>
Date: Sat, 7 Oct 2023 13:05:28 -0400
Subject: [PATCH] feat(#378): jwt service middleware refactoring

---
 .../spec/middlewares/isInternal.spec.js       | 86 ++++++++++++++-----
 resfulservice/src/middlewares/isInternal.js   |  6 +-
 2 files changed, 68 insertions(+), 24 deletions(-)

diff --git a/resfulservice/spec/middlewares/isInternal.spec.js b/resfulservice/spec/middlewares/isInternal.spec.js
index 681ccb47..ea943712 100644
--- a/resfulservice/spec/middlewares/isInternal.spec.js
+++ b/resfulservice/spec/middlewares/isInternal.spec.js
@@ -1,25 +1,69 @@
-const { expect, should } = require('chai');
-const { setInternal, getInternal } = require('../../src/middlewares/isInternal');
+const { expect } = require('chai');
+const sinon = require('sinon');
 const { logger } = require('../common/utils');
+const { mockUser, next } = require('../mocks');
+const jwtService = require('../../src/utils/jwtService')
+const { setInternal, getInternal } = require('../../src/middlewares/isInternal');
+
+describe('isInternal Middleware service', function () {
+  afterEach(() => sinon.restore());
+
+  const req = { 
+    logger,
+    get: () => {}
+  }
 
-should();
+  const res = {
+    header: () => {},
+    status: () => {},
+    json: () => {},
+    send: () => {}
+  };
 
-describe('isInternal middleware service', function() {
-  it.skip('rejects req.isInternal undefined values', function() {
-    expect(getInternal.bind(this, {logger}, {}, () => {})).to.throw('Not authorized.');
-  });
+  context('getInternal', () => {
+    it('rejects unauthorized request when no authorization header', async function () {
+      sinon.stub(req, 'get').returns(null)
+      try {
+        getInternal(req, res, next);
+      } catch (error) {
+        expect(error.message).to.equal('Not authorized.');
+      }
+    });
+  
+    it('rejects unauthorized request when decoding token throws error', async function () {
+      sinon.stub(req, 'get').returns("Bearer i2od2nlw4aeiavi2q3")
+      sinon.stub(jwtService, 'decodeToken').throws('JsonWebTokenError: jwt malformed');
+      try {
+        getInternal(req, res, next);
+      } catch (error) {
+        expect(error.message).to.equals('JsonWebTokenError: jwt malformed');
+      }
+    });
+  
+    it('authorizes request', async function () {
+      sinon.stub(req, 'get').returns("Bearer i2od2nlw4aeiavi2q3")
+      const  nextSpy = sinon.spy();
+      sinon.stub(jwtService, 'decodeToken').returns(mockUser);
+      getInternal(req, res, nextSpy);
+      sinon.assert.calledOnce(nextSpy);
+    });
+  })
 
-  it.skip('authorizes request', async function() {
-    let req = {
-      logger,
-      isInternal: undefined,
-      internal: false,
-      get: () => ({}),
-    };
-    setInternal(req, {}, () => {});
-    req.isInternal = req.signedToken;
-    req.signedToken.should.exist;
-    getInternal(req, {}, () => {});
-    req.internal.should.equal(true);
-  });
-});
\ No newline at end of file
+  context('setInternal', () => {
+    
+    it('rejects unauthorized request when decoding token throws error', async function () {
+      sinon.stub(jwtService, 'signToken').throws('Error');
+      try {
+        setInternal(req, res, next);
+      } catch (error) {
+        expect(error.message).to.equals('Error');
+      }
+    });
+  
+    it('authorizes request', async function () {
+      sinon.stub(jwtService, 'signToken').returns({ token: 'adia4kla49qnpove'});
+      const result = setInternal(req, res, next);
+      expect(result).to.have.property('token');
+    });
+  })
+});
diff --git a/resfulservice/src/middlewares/isInternal.js b/resfulservice/src/middlewares/isInternal.js
index ebcbe5b0..7b83ebf9 100644
--- a/resfulservice/src/middlewares/isInternal.js
+++ b/resfulservice/src/middlewares/isInternal.js
@@ -1,4 +1,4 @@
-const { decodeToken, signToken } = require('../utils/jwtService');
+const jwtService = require('../utils/jwtService');
 const { errorWriter } = require('../utils/logWriter');
 
 exports.getInternal = (req, res, next) => {
@@ -8,7 +8,7 @@ exports.getInternal = (req, res, next) => {
     throw errorWriter(req, 'Not authorized.', 'getInternal()', 403);
   }
   try {
-    decodedToken = decodeToken(req, isInternal);
+    decodedToken = jwtService.decodeToken(req, isInternal);
   } catch (err) {
     throw errorWriter(req, err, 'getInternal()', 500);
   }
@@ -19,7 +19,7 @@ exports.getInternal = (req, res, next) => {
 exports.setInternal = (req, payload) => {
   let signedToken;
   try {
-    signedToken = signToken(req, {
+    signedToken = jwtService.signToken(req, {
       ...payload,
       isInternal: true
     });