-
-
Notifications
You must be signed in to change notification settings - Fork 39
/
Copy pathparser.test.js
92 lines (74 loc) · 3.13 KB
/
parser.test.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
/**
* Module dependencies.
*/
import { Logger } from './logger.js';
import { jest } from '@jest/globals';
import { Parser } from './parser.js';
import { Role } from './role.js';
import * as fixtures from './fixtures.js';
jest.unstable_mockModule('./logger.js', async () => ({
Logger: function Logger() {
return {
format: jest.fn(),
start: jest.fn(),
stop: jest.fn(),
debug: jest.fn(),
info: jest.fn(),
warn: jest.fn(),
error: jest.fn(),
succeed: jest.fn()
}
}
}));
const logger = new Logger();
const parser = new Parser(logger);
/**
* Tests.
*/
test('parses a single role from saml response', async () => {
const assertion = await fixtures.getSampleAssertion(fixtures.SAML_SESSION_BASIC);
const response = await fixtures.getResponseFromAssertion(assertion);
const {
roles,
samlAssertion,
sessionDuration
} = await parser.parseSamlResponse(response)
const expected = [new Role('foobar', 'arn:aws:iam::123456789:role/foobar', 'arn:aws:iam::123456789:saml-provider/GSuite')];
expect(roles).toMatchObject(expected);
expect(samlAssertion).toBe(assertion);
expect(sessionDuration).toBeUndefined();
});
test('parses multiple roles from saml response', async () => {
const assertion = await fixtures.getSampleAssertion(fixtures.SAML_SESSION_BASIC_WITH_MULTIPLE_ROLES);
const response = await fixtures.getResponseFromAssertion(assertion);
const { roles } = await parser.parseSamlResponse(response);
// Note: The order of the role's are as defined in the assertion
const expected = [
new Role('Foobiz', 'arn:aws:iam::987654321:role/Foobiz', 'arn:aws:iam::987654321:saml-provider/GSuite'),
new Role('Admin', 'arn:aws:iam::987654321:role/Admin', 'arn:aws:iam::987654321:saml-provider/GSuite'),
new Role('Foobar', 'arn:aws:iam::123456789:role/Foobar', 'arn:aws:iam::123456789:saml-provider/GSuite')
];
expect(roles).toMatchObject(expected);
});
test('parses custom session duration from saml response', async () => {
const assertion = await fixtures.getSampleAssertion(fixtures.SAML_SESSION_BASIC_WITH_SESSION_DURATION);
const response = await fixtures.getResponseFromAssertion(assertion);
const { roles } = await parser.parseSamlResponse(response)
expect(roles[0].sessionDuration).toBe(43200);
});
test('parses AWS GovCloud (US) ARNs', async () => {
const assertion = await fixtures.getSampleAssertion(fixtures.SAML_SESSION_BASIC_GOV_CLOUD_US);
const response = await fixtures.getResponseFromAssertion(assertion);
const { roles } = await parser.parseSamlResponse(response)
await expect(roles).toEqual([
new Role('Foobar', 'arn:aws-us-gov:iam:us-gov-west-1:123456789012:role/Foobar', 'arn:aws:iam::123456789:saml-provider/GSuite'),
]);
});
test('parses AWS CN ARNs', async () => {
const assertion = await fixtures.getSampleAssertion(fixtures.SAML_SESSION_BASIC_CN);
const response = await fixtures.getResponseFromAssertion(assertion);
const { roles } = await parser.parseSamlResponse(response)
await expect(roles).toEqual([
new Role('Foobar', 'arn:aws-cn:iam::123456789012:role/Foobar', 'arn:aws:iam::123456789:saml-provider/GSuite'),
]);
});