feat: add PKCE support for OAuth2 Authorization Code flows (#5361)

* Add PKCE support. * Fix tests * Update oauth2.md * Rename usePkce * Fix the BrokenComponent error * Update oauth2.md * Remove isCode variable. Remove uuid4 dependency. * Remove utils functions * Import crypto * Fix tests * Fix the tests * Cleanup * Fix code_challenge generation * Move code challenge and verifier to utils for mocks. Update tests. * Mock the PKCE methods in the utils file properly. * Add missing expect * use target-method spies * Add comments to explain test values. * Get rid of jsrsasign.
2019-10-07 20:24:43 -04:00
parent 8cabcffddf
commit 139592e353
12 changed files with 3542 additions and 7681 deletions
--- a/test/mocha/core/utils.js
+++ b/test/mocha/core/utils.js
@@ -28,6 +28,8 @@ import {
  getSampleSchema,
  paramToIdentifier,
  paramToValue,
+  generateCodeVerifier,
+  createCodeChallenge,
 } from "core/utils"
 import win from "core/window"

@@ -1402,4 +1404,27 @@ describe("utils", function() {
      expect(res).toEqual("asdf")
    })
  })
+
+  describe("generateCodeVerifier", function() {
+    it("should generate a value of at least 43 characters", () => {
+      const codeVerifier = generateCodeVerifier()
+
+      // Source: https://tools.ietf.org/html/rfc7636#section-4.1
+      expect(codeVerifier.length).toBeGreaterThanOrEqualTo(43)
+    })
+  })
+
+  describe("createCodeChallenge", function() {
+    it("should hash the input using SHA256 and output the base64 url encoded value", () => {
+      // The `codeVerifier` has been randomly generated
+      const codeVerifier = "cY8OJ9MKvZ7hxQeIyRYD7KFmKA5znSFJ2rELysvy2UI"
+
+      // This value is the `codeVerifier` hashed using SHA256, which has been
+      // encoded using base64 url format.
+      // Source: https://tools.ietf.org/html/rfc7636#section-4.2
+      const expectedCodeChallenge = "LD9lx2p2PbvGkojuJy7-Elex7RnckzmqR7oIXjd4u84"
+
+      expect(createCodeChallenge(codeVerifier)).toBe(expectedCodeChallenge)
+    })
+  })
 })