diff --git a/package-lock.json b/package-lock.json index c6305a529..3d88ff26e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -65,7 +65,7 @@ "devDependencies": { "@stylistic/stylelint-plugin": "^3.1.3", "babel-plugin-transform-import-meta": "^2.3.3", - "eslint": "^9.30.1", + "eslint": "^9.31.0", "eslint-plugin-jest": "^29.0.1", "eslint-plugin-react": "^7.37.5", "globals": "^16.3.0", @@ -76,7 +76,7 @@ "stylelint": "^16.21.1", "stylelint-config-recess-order": "^7.1.0", "stylelint-config-recommended": "^16.0.0", - "supertest": "^7.1.1" + "supertest": "^7.1.3" }, "engines": { "node": "^20.18.x", @@ -2058,10 +2058,11 @@ } }, "node_modules/@eslint/js": { - "version": "9.30.1", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.30.1.tgz", - "integrity": "sha512-zXhuECFlyep42KZUhWjfvsmXGX39W8K8LFb8AWXM9gSV9dQB+MrJGLKvW6Zw0Ggnbpw0VHTtrhFXYe3Gym18jg==", + "version": "9.31.0", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.31.0.tgz", + "integrity": "sha512-LOm5OVt7D4qiKCqoiPbA7LWmI+tbw1VbTUowBcUMgQSuM6poJufkFkYDcQpo5KfgD39TnNySV26QjOh7VFpSyw==", "dev": true, + "license": "MIT", "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, @@ -5960,18 +5961,19 @@ } }, "node_modules/eslint": { - "version": "9.30.1", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.30.1.tgz", - "integrity": "sha512-zmxXPNMOXmwm9E0yQLi5uqXHs7uq2UIiqEKo3Gq+3fwo1XrJ+hijAZImyF7hclW3E6oHz43Yk3RP8at6OTKflQ==", + "version": "9.31.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.31.0.tgz", + "integrity": "sha512-QldCVh/ztyKJJZLr4jXNUByx3gR+TDYZCRXEktiZoUR3PGy4qCmSbkxcIle8GEwGpb5JBZazlaJ/CxLidXdEbQ==", "dev": true, + "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.2.0", "@eslint-community/regexpp": "^4.12.1", "@eslint/config-array": "^0.21.0", "@eslint/config-helpers": "^0.3.0", - "@eslint/core": "^0.14.0", + "@eslint/core": "^0.15.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "9.30.1", + "@eslint/js": "9.31.0", "@eslint/plugin-kit": "^0.3.1", "@humanfs/node": "^0.16.6", "@humanwhocodes/module-importer": "^1.0.1", @@ -6137,6 +6139,19 @@ "url": "https://opencollective.com/eslint" } }, + "node_modules/eslint/node_modules/@eslint/core": { + "version": "0.15.1", + "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.15.1.tgz", + "integrity": "sha512-bkOp+iumZCCbt1K1CmWf0R9pM5yKpDv+ZXtvSyQpudrI9kuFLp+bM2WOPXImuD/ceQuaa8f5pj93Y7zyECIGNA==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "@types/json-schema": "^7.0.15" + }, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, "node_modules/eslint/node_modules/escape-string-regexp": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", @@ -13302,9 +13317,9 @@ } }, "node_modules/superagent": { - "version": "10.2.1", - "resolved": "https://registry.npmjs.org/superagent/-/superagent-10.2.1.tgz", - "integrity": "sha512-O+PCv11lgTNJUzy49teNAWLjBZfc+A1enOwTpLlH6/rsvKcTwcdTT8m9azGkVqM7HBl5jpyZ7KTPhHweokBcdg==", + "version": "10.2.2", + "resolved": "https://registry.npmjs.org/superagent/-/superagent-10.2.2.tgz", + "integrity": "sha512-vWMq11OwWCC84pQaFPzF/VO3BrjkCeewuvJgt1jfV0499Z1QSAWN4EqfMM5WlFDDX9/oP8JjlDKpblrmEoyu4Q==", "license": "MIT", "dependencies": { "component-emitter": "^1.3.0", @@ -13334,14 +13349,14 @@ } }, "node_modules/supertest": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/supertest/-/supertest-7.1.1.tgz", - "integrity": "sha512-aI59HBTlG9e2wTjxGJV+DygfNLgnWbGdZxiA/sgrnNNikIW8lbDvCtF6RnhZoJ82nU7qv7ZLjrvWqCEm52fAmw==", + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/supertest/-/supertest-7.1.3.tgz", + "integrity": "sha512-ORY0gPa6ojmg/C74P/bDoS21WL6FMXq5I8mawkEz30/zkwdu0gOeqstFy316vHG6OKxqQ+IbGneRemHI8WraEw==", "dev": true, "license": "MIT", "dependencies": { "methods": "^1.1.2", - "superagent": "^10.2.1" + "superagent": "^10.2.2" }, "engines": { "node": ">=14.18.0" diff --git a/package.json b/package.json index cb6ff04a4..d46d91327 100644 --- a/package.json +++ b/package.json @@ -138,7 +138,7 @@ "devDependencies": { "@stylistic/stylelint-plugin": "^3.1.3", "babel-plugin-transform-import-meta": "^2.3.3", - "eslint": "^9.30.1", + "eslint": "^9.31.0", "eslint-plugin-jest": "^29.0.1", "eslint-plugin-react": "^7.37.5", "globals": "^16.3.0", @@ -149,6 +149,6 @@ "stylelint": "^16.21.1", "stylelint-config-recess-order": "^7.1.0", "stylelint-config-recommended": "^16.0.0", - "supertest": "^7.1.1" + "supertest": "^7.1.3" } } diff --git a/server/token.js b/server/token.js index 7a23dff4b..feaea8d33 100644 --- a/server/token.js +++ b/server/token.js @@ -5,21 +5,16 @@ import config from './config.js'; const generateAccessToken = (account)=>{ const payload = account; - // When the token was issued - payload.issued = (new Date()); - // Which service issued the Token - payload.issuer = config.get('authentication_token_issuer'); - // Which service is the token intended for - payload.audience = config.get('authentication_token_audience'); - // The signing key for signing the token + payload.issued = (new Date()); // When the token was issued + payload.issuer = config.get('authentication_token_issuer'); // Which service issued the Token + payload.audience = config.get('authentication_token_audience'); // Which service is the token intended for + const secret = config.get('authentication_token_secret'); // The signing key for signing the token + delete payload.password; delete payload._id; - const secret = config.get('authentication_token_secret'); - const token = jwt.encode(payload, secret); - return token; }; -export default generateAccessToken; \ No newline at end of file +export default generateAccessToken; diff --git a/server/token.spec.js b/server/token.spec.js new file mode 100644 index 000000000..24ebb7f7c --- /dev/null +++ b/server/token.spec.js @@ -0,0 +1,27 @@ +import { expect, jest } from '@jest/globals'; +import config from './config.js'; + +import generateAccessToken from './token'; + +describe('Tests for Token', ()=>{ + it('Get token', ()=>{ + + // Mock the Config module, so we aren't grabbing actual secrets for testing + jest.mock('./config.js'); + config.get = jest.fn((param)=>{ + // The requested key name will be reflected to the output + return param; + }); + + const account = {}; + + const token = generateAccessToken(account); + + // If these tests fail, the config mock has failed + expect(account).toHaveProperty('issuer', 'authentication_token_issuer'); + expect(account).toHaveProperty('audience', 'authentication_token_audience'); + + // Because the inputs are fixed, this JWT key should be static + expect(typeof token).toBe('string'); + }); +}); \ No newline at end of file diff --git a/tests/html/safeHTML.test.js b/tests/html/safeHTML.test.js index 51fa1e995..cb5466a48 100644 --- a/tests/html/safeHTML.test.js +++ b/tests/html/safeHTML.test.js @@ -4,6 +4,17 @@ require('jsdom-global')(); import { safeHTML } from '../../client/homebrew/brewRenderer/safeHTML'; +test('Exit if no document', function() { + const doc = document; + document = undefined; + + const result = safeHTML(''); + + document = doc; + + expect(result).toBe(null); +}); + test('Javascript via href', function() { const source = `Click me`; const rendered = safeHTML(source);