Skip to main content


A node.js library for performing FIDO 2.0 / WebAuthn server functionality
// Testing libimport * as chai from "chai";
// Helpersimport { tools } from "../lib/main.js";const assert = chai.assert;const { checkOrigin, checkRpId, checkUrl, checkDomainOrUrl,} = tools;
describe("toolbox", function() { describe("checkOrigin", function() { it("throws on invalid eTLD+1", function() { assert.throws( () => { checkOrigin(""); }, Error, "origin is not a valid eTLD+1", ); });
it("throws on undefined origin", function() { assert.throws( () => { checkOrigin(undefined); }, Error, "Empty Origin", ); });

it("accepts android FacetID", function() { const androidFacetId = "android:apk-key-hash:addf120b430021c36c232c99ef8d926aea2acd6b"; const androidOrigin = checkOrigin(androidFacetId); assert.strictEqual(androidFacetId, androidOrigin); });
it("accepts ios FacetID", function() { const iOSFacetId = "ios:bundle-id:addf120b430021c36c232c99ef8d926aea2acd6b"; const iOSOrigin = checkOrigin(iOSFacetId); assert.strictEqual(iOSFacetId, iOSOrigin); });
it("throws invalid url", function() { assert.throws( () => { checkOrigin("qwertyasdf"); }, Error, "Invalid URL", ); });
it("allows localhost", function() { const ret = checkOrigin("https://localhost:8443"); assert.strictEqual(ret, "https://localhost:8443"); });
it("throws on non-https", function() { assert.throws( () => { checkOrigin(""); }, Error, "origin should be https", ); });
it.skip("allows international domain", function() { const ret = checkOrigin("https://www.食狮.公司.cn:8080"); assert.isTrue(ret); });
it("throws error if origin contains URL path"); it("returns true when origin contains port 443"); it("throws when origin is just a domain"); it("rejects invalid eTLD+1 international domain"); it("allows punycoded domain"); it("correctly compares punycoded and international domain"); });
describe("checkRpId", function() { it("throws on invalid eTLD+1", function() { assert.throws( () => { checkRpId("test"); }, Error, "rpId is not a valid eTLD+1/url", ); });
it("throws on undefined rpId", function() { assert.throws( () => { checkRpId(undefined); }, Error, "rpId must be a string", ); });
it("allows localhost", function() { const ret = checkRpId("test.localhost"); assert.strictEqual(ret, "test.localhost"); });
it("allows fully qualified urls", function() { const ret = checkRpId(""); assert.strictEqual(ret, ""); });
it("rejects http urls", function() { assert.throws( () => { checkRpId(""); }, Error, "rpId should be https", ); });
it("rejects urls that have pathes", function() { assert.throws( () => { checkRpId(""); }, Error, "rpId should not include path in url", );
assert.throws( () => { checkRpId(""); }, Error, "rpId should not include path in url", ); }); });
describe("checkUrl", () => { it("exists", () => { assert.isFunction(checkUrl); });
it("should throw when name param is not specified", () => { assert.throws( () => { checkUrl(""); }, Error, "name not specified in checkUrl", ); });
it("should throw when value is not string", () => { assert.throws( () => { checkUrl(123, "test"); }, Error, "test must be a string", ); });
it("should throw when value is not a valid url", () => { assert.throws( () => { checkUrl("", "test"); }, Error, "test is not a valid eTLD+1/url", ); });
it("should throw when url is not http", () => { assert.throws( () => { checkUrl("file:///home/myuser/files/test.html", "test"); }, Error, "test must be http protocol", ); });
it("should throw when url is not https", () => { assert.throws( () => { checkUrl("", "test"); }, Error, "test should be https", ); });
it("should throw when url has path", () => { assert.throws( () => { checkUrl("", "test"); }, Error, "test should not include path in url", );
assert.throws( () => { checkUrl("", "test"); }, Error, "test should not include path in url", ); });
it("should throw when url has hash", () => { assert.throws( () => { checkUrl("", "test"); }, Error, "test should not include hash in url", ); });
it("should throw when url has credentials", () => { assert.throws( () => { checkUrl("", "test"); }, Error, "test should not include credentials in url", ); });
it("should throw when url has query string", () => { assert.throws( () => { checkUrl("", "test"); }, Error, "test should not include query string in url", ); });
it("should return value when value is valid url", () => { const ret = checkUrl("", "test"); assert.strictEqual(ret, ""); });
it("should allow http when specified in rules", () => { const ret = checkUrl("", "test", { allowHttp: true, }); assert.strictEqual(ret, ""); });
it("should allow path when specified in rules", () => { let ret = checkUrl("", "test", { allowPath: true, }); assert.strictEqual(ret, "");
ret = checkUrl("", "test", { allowPath: true, }); assert.strictEqual(ret, ""); });
it("should allow hash when specified in rules", () => { const ret = checkUrl("", "test", { allowHash: true, }); assert.strictEqual(ret, ""); });
it("should allow credentials when specified in rules", () => { const ret = checkUrl("", "test", { allowCred: true, }); assert.strictEqual(ret, ""); });
it("should allow query string when specified in rules", () => { const ret = checkUrl("", "test", { allowQuery: true, }); assert.strictEqual(ret, ""); }); });
describe("checkDomainOrUrl", () => { it("exists", () => { assert.isFunction(checkDomainOrUrl); });
it("should throw when name param is not specified", () => { assert.throws( () => { checkDomainOrUrl(""); }, Error, "name not specified in checkDomainOrUrl", ); });
it("should throw when value is not string", () => { assert.throws( () => { checkDomainOrUrl(123, "test"); }, Error, "test must be a string", ); });
it("should throw when value is not a valid domain or url", () => { assert.throws( () => { checkDomainOrUrl("test", "test"); }, Error, "test is not a valid eTLD+1/url", ); });
it("should return value when value is valid domain", () => { const ret = checkDomainOrUrl("", "test"); assert.strictEqual(ret, ""); });
it("should return value when value is valid url", () => { const ret = checkDomainOrUrl("", "test"); assert.strictEqual(ret, ""); }); });});