From 8db0267a96a251b668a2b32ca7bab4a4b29f3eb5 Mon Sep 17 00:00:00 2001 From: Andrew Nester Date: Wed, 10 Oct 2018 11:16:05 +0000 Subject: [PATCH 1/2] Fixed error message when empty string passed as expiresIn or notBefore option --- sign.js | 4 ++-- test/claim-exp.test.js | 4 ++-- test/claim-nbf.test.js | 3 ++- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/sign.js b/sign.js index c608f4d..de80b02 100644 --- a/sign.js +++ b/sign.js @@ -9,8 +9,8 @@ var isString = require('lodash.isstring'); var once = require('lodash.once'); var sign_options_schema = { - expiresIn: { isValid: function(value) { return isInteger(value) || isString(value); }, message: '"expiresIn" should be a number of seconds or string representing a timespan' }, - notBefore: { isValid: function(value) { return isInteger(value) || isString(value); }, message: '"notBefore" should be a number of seconds or string representing a timespan' }, + expiresIn: { isValid: function(value) { return isInteger(value) || (isString(value) && value); }, message: '"expiresIn" should be a number of seconds or string representing a timespan' }, + notBefore: { isValid: function(value) { return isInteger(value) || (isString(value) && value); }, message: '"notBefore" should be a number of seconds or string representing a timespan' }, audience: { isValid: function(value) { return isString(value) || Array.isArray(value); }, message: '"audience" must be a string or array' }, algorithm: { isValid: includes.bind(null, ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512', 'none']), message: '"algorithm" must be a valid string enum value' }, header: { isValid: isPlainObject, message: '"header" must be an object' }, diff --git a/test/claim-exp.test.js b/test/claim-exp.test.js index 816d12e..dfe248b 100644 --- a/test/claim-exp.test.js +++ b/test/claim-exp.test.js @@ -46,12 +46,12 @@ describe('expires', function() { }); }); - // TODO this should throw the same error as other invalid inputs it(`should error with with value ''`, function (done) { signWithExpiresIn('', {}, (err) => { testUtils.asyncCheck(done, () => { expect(err).to.be.instanceOf(Error); - expect(err).to.have.property('message', 'val is not a non-empty string or a valid number. val=""'); + expect(err).to.have.property('message') + .match(/"expiresIn" should be a number of seconds or string representing a timespan/); }); }); }); diff --git a/test/claim-nbf.test.js b/test/claim-nbf.test.js index f36396c..8290705 100644 --- a/test/claim-nbf.test.js +++ b/test/claim-nbf.test.js @@ -51,7 +51,8 @@ describe('not before', function() { signWithNotBefore('', {}, (err) => { testUtils.asyncCheck(done, () => { expect(err).to.be.instanceOf(Error); - expect(err).to.have.property('message', 'val is not a non-empty string or a valid number. val=""'); + expect(err).to.have.property('message') + .match(/"notBefore" should be a number of seconds or string representing a timespan/); }); }); }); From 8532d26c579feac8eecc39de8e876e5e4246871f Mon Sep 17 00:00:00 2001 From: Andrew Nester Date: Wed, 17 Oct 2018 12:33:16 +0000 Subject: [PATCH 2/2] Moved tests to option validation block --- test/claim-exp.test.js | 11 +---------- test/claim-nbf.test.js | 12 +----------- 2 files changed, 2 insertions(+), 21 deletions(-) diff --git a/test/claim-exp.test.js b/test/claim-exp.test.js index dfe248b..94360f6 100644 --- a/test/claim-exp.test.js +++ b/test/claim-exp.test.js @@ -29,6 +29,7 @@ describe('expires', function() { Infinity, NaN, ' ', + '', 'invalid', [], ['foo'], @@ -46,16 +47,6 @@ describe('expires', function() { }); }); - it(`should error with with value ''`, function (done) { - signWithExpiresIn('', {}, (err) => { - testUtils.asyncCheck(done, () => { - expect(err).to.be.instanceOf(Error); - expect(err).to.have.property('message') - .match(/"expiresIn" should be a number of seconds or string representing a timespan/); - }); - }); - }); - // undefined needs special treatment because {} is not the same as {expiresIn: undefined} it('should error with with value undefined', function (done) { testUtils.signJWTHelper({}, undefined, {expiresIn: undefined, algorithm: 'none'}, (err) => { diff --git a/test/claim-nbf.test.js b/test/claim-nbf.test.js index 8290705..1aa5cda 100644 --- a/test/claim-nbf.test.js +++ b/test/claim-nbf.test.js @@ -28,6 +28,7 @@ describe('not before', function() { -Infinity, Infinity, NaN, + '', ' ', 'invalid', [], @@ -46,17 +47,6 @@ describe('not before', function() { }); }); - // TODO this should throw the same error as other invalid inputs - it(`should error with with value ''`, function (done) { - signWithNotBefore('', {}, (err) => { - testUtils.asyncCheck(done, () => { - expect(err).to.be.instanceOf(Error); - expect(err).to.have.property('message') - .match(/"notBefore" should be a number of seconds or string representing a timespan/); - }); - }); - }); - // undefined needs special treatment because {} is not the same as {notBefore: undefined} it('should error with with value undefined', function (done) { testUtils.signJWTHelper({}, undefined, {notBefore: undefined, algorithm: 'none'}, (err) => {