Spaces:

helloya20
/

chat

Configuration error

App Files Files Community

chat / api /strategies /appleStrategy.test.js

helloya20's picture

Upload 2345 files

f0743f4 verified 3 months ago

history blame contribute delete

12.4 kB

	const jwt = require('jsonwebtoken');
	const mongoose = require('mongoose');
	const { isEnabled } = require('@librechat/api');
	const { logger } = require('@librechat/data-schemas');
	const { Strategy: AppleStrategy } = require('passport-apple');
	const { MongoMemoryServer } = require('mongodb-memory-server');
	const { createSocialUser, handleExistingUser } = require('./process');
	const socialLogin = require('./socialLogin');
	const { findUser } = require('~/models');
	const { User } = require('~/db/models');

	jest.mock('jsonwebtoken');
	jest.mock('@librechat/data-schemas', () => {
	const actualModule = jest.requireActual('@librechat/data-schemas');
	return {
	...actualModule,
	logger: {
	error: jest.fn(),
	debug: jest.fn(),
	info: jest.fn(),
	warn: jest.fn(),
	},
	};
	});
	jest.mock('./process', () => ({
	createSocialUser: jest.fn(),
	handleExistingUser: jest.fn(),
	}));
	jest.mock('@librechat/api', () => ({
	...jest.requireActual('@librechat/api'),
	isEnabled: jest.fn(),
	}));
	jest.mock('~/models', () => ({
	findUser: jest.fn(),
	}));
	jest.mock('~/server/services/Config', () => ({
	getAppConfig: jest.fn().mockResolvedValue({
	fileStrategy: 'local',
	balance: { enabled: false },
	}),
	}));

	describe('Apple Login Strategy', () => {
	let mongoServer;
	let appleStrategyInstance;
	const OLD_ENV = process.env;
	let getProfileDetails;

	// Start and stop in-memory MongoDB
	beforeAll(async () => {
	mongoServer = await MongoMemoryServer.create();
	const mongoUri = mongoServer.getUri();
	await mongoose.connect(mongoUri);
	});

	afterAll(async () => {
	await mongoose.disconnect();
	await mongoServer.stop();
	process.env = OLD_ENV;
	});

	beforeEach(async () => {
	// Reset environment variables
	process.env = { ...OLD_ENV };
	process.env.APPLE_CLIENT_ID = 'fake_client_id';
	process.env.APPLE_TEAM_ID = 'fake_team_id';
	process.env.APPLE_CALLBACK_URL = '/auth/apple/callback';
	process.env.DOMAIN_SERVER = 'https://example.com';
	process.env.APPLE_KEY_ID = 'fake_key_id';
	process.env.APPLE_PRIVATE_KEY_PATH = '/path/to/fake/private/key';
	process.env.ALLOW_SOCIAL_REGISTRATION = 'true';

	// Clear mocks and database
	jest.clearAllMocks();
	await User.deleteMany({});

	// Define getProfileDetails within the test scope
	getProfileDetails = ({ idToken, profile }) => {
	if (!idToken) {
	logger.error('idToken is missing');
	throw new Error('idToken is missing');
	}

	const decoded = jwt.decode(idToken);
	if (!decoded) {
	logger.error('Failed to decode idToken');
	throw new Error('idToken is invalid');
	}

	console.log('Decoded token:', decoded);

	logger.debug(`Decoded Apple JWT: ${JSON.stringify(decoded, null, 2)}`);

	return {
	email: decoded.email,
	id: decoded.sub,
	avatarUrl: null, // Apple does not provide an avatar URL
	username: decoded.email ? decoded.email.split('@')[0].toLowerCase() : `user_${decoded.sub}`,
	name: decoded.name
	? `${decoded.name.firstName} ${decoded.name.lastName}`
	: profile.displayName \|\| null,
	emailVerified: true, // Apple verifies the email
	};
	};

	// Mock isEnabled based on environment variable
	isEnabled.mockImplementation((flag) => {
	if (flag === 'true') {
	return true;
	}
	if (flag === 'false') {
	return false;
	}
	return false;
	});

	// Initialize the strategy with the mocked getProfileDetails
	const appleLogin = socialLogin('apple', getProfileDetails);
	appleStrategyInstance = new AppleStrategy(
	{
	clientID: process.env.APPLE_CLIENT_ID,
	teamID: process.env.APPLE_TEAM_ID,
	callbackURL: `${process.env.DOMAIN_SERVER}${process.env.APPLE_CALLBACK_URL}`,
	keyID: process.env.APPLE_KEY_ID,
	privateKeyLocation: process.env.APPLE_PRIVATE_KEY_PATH,
	passReqToCallback: false,
	},
	appleLogin,
	);
	});

	const mockProfile = {
	displayName: 'John Doe',
	};

	describe('getProfileDetails', () => {
	it('should throw an error if idToken is missing', () => {
	expect(() => {
	getProfileDetails({ idToken: null, profile: mockProfile });
	}).toThrow('idToken is missing');
	expect(logger.error).toHaveBeenCalledWith('idToken is missing');
	});

	it('should throw an error if idToken cannot be decoded', () => {
	jwt.decode.mockReturnValue(null);
	expect(() => {
	getProfileDetails({ idToken: 'invalid_id_token', profile: mockProfile });
	}).toThrow('idToken is invalid');
	expect(logger.error).toHaveBeenCalledWith('Failed to decode idToken');
	});

	it('should extract user details correctly from idToken', () => {
	const fakeDecodedToken = {
	email: 'john.doe@example.com',
	sub: 'apple-sub-1234',
	name: {
	firstName: 'John',
	lastName: 'Doe',
	},
	};

	jwt.decode.mockReturnValue(fakeDecodedToken);

	const profileDetails = getProfileDetails({
	idToken: 'fake_id_token',
	profile: mockProfile,
	});

	expect(jwt.decode).toHaveBeenCalledWith('fake_id_token');
	expect(logger.debug).toHaveBeenCalledWith(expect.stringContaining('Decoded Apple JWT'));
	expect(profileDetails).toEqual({
	email: 'john.doe@example.com',
	id: 'apple-sub-1234',
	avatarUrl: null,
	username: 'john.doe',
	name: 'John Doe',
	emailVerified: true,
	});
	});

	it('should handle missing email and use sub for username', () => {
	const fakeDecodedToken = {
	sub: 'apple-sub-5678',
	};

	jwt.decode.mockReturnValue(fakeDecodedToken);

	const profileDetails = getProfileDetails({
	idToken: 'fake_id_token',
	profile: mockProfile,
	});

	expect(profileDetails).toEqual({
	email: undefined,
	id: 'apple-sub-5678',
	avatarUrl: null,
	username: 'user_apple-sub-5678',
	name: 'John Doe',
	emailVerified: true,
	});
	});
	});

	describe('Strategy verify callback', () => {
	const tokenset = {
	id_token: 'fake_id_token',
	};

	const decodedToken = {
	email: 'jane.doe@example.com',
	sub: 'apple-sub-9012',
	name: {
	firstName: 'Jane',
	lastName: 'Doe',
	},
	};

	const fakeAccessToken = 'fake_access_token';
	const fakeRefreshToken = 'fake_refresh_token';

	beforeEach(() => {
	jwt.decode.mockReturnValue(decodedToken);
	findUser.mockResolvedValue(null);
	});

	it('should create a new user if one does not exist and registration is allowed', async () => {
	// Mock findUser to return null (user does not exist)
	findUser.mockResolvedValue(null);

	// Mock createSocialUser to create a user
	createSocialUser.mockImplementation(async (userData) => {
	const user = new User(userData);
	await user.save();
	return user;
	});

	const mockVerifyCallback = jest.fn();

	// Invoke the verify callback with correct arguments
	await new Promise((resolve) => {
	appleStrategyInstance._verify(
	fakeAccessToken,
	fakeRefreshToken,
	tokenset.id_token,
	mockProfile,
	(err, user) => {
	mockVerifyCallback(err, user);
	resolve();
	},
	);
	});

	expect(mockVerifyCallback).toHaveBeenCalledWith(null, expect.any(User));
	const user = mockVerifyCallback.mock.calls[0][1];
	expect(user.email).toBe('jane.doe@example.com');
	expect(user.username).toBe('jane.doe');
	expect(user.name).toBe('Jane Doe');
	expect(user.provider).toBe('apple');
	});

	it('should handle existing user and update avatarUrl', async () => {
	// Create an existing user without saving to database
	const existingUser = new User({
	email: 'jane.doe@example.com',
	username: 'jane.doe',
	name: 'Jane Doe',
	provider: 'apple',
	providerId: 'apple-sub-9012',
	avatarUrl: 'old_avatar.png',
	});

	// Mock findUser to return the existing user
	findUser.mockResolvedValue(existingUser);

	// Mock handleExistingUser to update avatarUrl without saving to database
	handleExistingUser.mockImplementation(async (user, avatarUrl) => {
	user.avatarUrl = avatarUrl;
	// Don't call save() to avoid database operations
	return user;
	});

	const mockVerifyCallback = jest.fn();

	// Invoke the verify callback with correct arguments
	await new Promise((resolve) => {
	appleStrategyInstance._verify(
	fakeAccessToken,
	fakeRefreshToken,
	tokenset.id_token,
	mockProfile,
	(err, user) => {
	mockVerifyCallback(err, user);
	resolve();
	},
	);
	});

	expect(mockVerifyCallback).toHaveBeenCalledWith(null, existingUser);
	expect(existingUser.avatarUrl).toBeNull(); // As per getProfileDetails
	expect(handleExistingUser).toHaveBeenCalledWith(
	existingUser,
	null,
	expect.objectContaining({
	fileStrategy: 'local',
	balance: { enabled: false },
	}),
	'jane.doe@example.com',
	);
	});

	it('should handle missing idToken gracefully', async () => {
	const mockVerifyCallback = jest.fn();

	// Invoke the verify callback with missing id_token
	await new Promise((resolve) => {
	appleStrategyInstance._verify(
	fakeAccessToken,
	fakeRefreshToken,
	null, // idToken is missing
	mockProfile,
	(err, user) => {
	mockVerifyCallback(err, user);
	resolve();
	},
	);
	});

	expect(mockVerifyCallback).toHaveBeenCalledWith(expect.any(Error), undefined);
	expect(mockVerifyCallback.mock.calls[0][0].message).toBe('idToken is missing');
	// Ensure createSocialUser and handleExistingUser were not called
	expect(createSocialUser).not.toHaveBeenCalled();
	expect(handleExistingUser).not.toHaveBeenCalled();
	});

	it('should handle decoding errors gracefully', async () => {
	// Simulate decoding failure by returning null
	jwt.decode.mockReturnValue(null);

	const mockVerifyCallback = jest.fn();

	// Invoke the verify callback with correct arguments
	await new Promise((resolve) => {
	appleStrategyInstance._verify(
	fakeAccessToken,
	fakeRefreshToken,
	tokenset.id_token,
	mockProfile,
	(err, user) => {
	mockVerifyCallback(err, user);
	resolve();
	},
	);
	});

	expect(mockVerifyCallback).toHaveBeenCalledWith(expect.any(Error), undefined);
	expect(mockVerifyCallback.mock.calls[0][0].message).toBe('idToken is invalid');
	// Ensure createSocialUser and handleExistingUser were not called
	expect(createSocialUser).not.toHaveBeenCalled();
	expect(handleExistingUser).not.toHaveBeenCalled();
	// Ensure logger.error was called
	expect(logger.error).toHaveBeenCalledWith('Failed to decode idToken');
	});

	it('should handle errors during user creation', async () => {
	// Mock findUser to return null (user does not exist)
	findUser.mockResolvedValue(null);

	// Mock createSocialUser to throw an error
	createSocialUser.mockImplementation(() => {
	throw new Error('Database error');
	});

	const mockVerifyCallback = jest.fn();

	// Invoke the verify callback with correct arguments
	await new Promise((resolve) => {
	appleStrategyInstance._verify(
	fakeAccessToken,
	fakeRefreshToken,
	tokenset.id_token,
	mockProfile,
	(err, user) => {
	mockVerifyCallback(err, user);
	resolve();
	},
	);
	});

	expect(mockVerifyCallback).toHaveBeenCalledWith(expect.any(Error), undefined);
	expect(mockVerifyCallback.mock.calls[0][0].message).toBe('Database error');
	// Ensure logger.error was called
	expect(logger.error).toHaveBeenCalledWith('[appleLogin]', expect.any(Error));
	});
	});
	});