nhs-notify-digital-letters/lambdas/pdm-mock-lambda/src/__tests__/authenticator.test.ts at 121c58924c1968c9b63b9f0b4f66a7ea3794ee82 · NHSDigital/nhs-notify-digital-letters · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
import type { Logger } from 'utils';
import { createAuthenticator } from 'authenticator';

const mockLogger: Logger = {
  debug: jest.fn(),
  info: jest.fn(),
  warn: jest.fn(),
  error: jest.fn(),
  child: jest.fn(),
} as any;

describe('Authenticator', () => {
  beforeEach(() => {
    jest.clearAllMocks();
  });

  describe('with mock token', () => {
    it('should authenticate successfully with valid Bearer token', async () => {
      const authenticator = createAuthenticator(mockLogger);

      const result = await authenticator({
        headers: { Authorization: 'Bearer test-token' },
      });

      expect(result.isValid).toBe(true);
    });

    it('should reject request with missing Authorization header', async () => {
      const authenticator = createAuthenticator(mockLogger);

      const result = await authenticator({ headers: {} });

      expect(result.isValid).toBe(false);
      expect(result).toHaveProperty('error');
      expect((result as { isValid: false; error: any }).error).toBeDefined();
      expect((result as { isValid: false; error: any }).error.statusCode).toBe(
        401,
      );
      expect((result as { isValid: false; error: any }).error.body).toContain(
        'ACCESS_DENIED',
      );
      expect((result as { isValid: false; error: any }).error.body).toContain(
        'Missing Authentication Token',
      );
    });

    it('should reject request with invalid token type', async () => {
      const authenticator = createAuthenticator(mockLogger);

      const result = await authenticator({
        headers: { Authorization: 'Basic test-token' },
      });

      expect(result.isValid).toBe(false);
      expect(result).toHaveProperty('error');
      expect((result as { isValid: false; error: any }).error.statusCode).toBe(
        401,
      );
      expect((result as { isValid: false; error: any }).error.body).toContain(
        'Invalid Access Token',
      );
    });

    it('should handle lowercase authorization header', async () => {
      const authenticator = createAuthenticator(mockLogger);

      const result = await authenticator({
        headers: { authorization: 'Bearer test-token' },
      });

      expect(result.isValid).toBe(true);
    });
  });
});