Merge pull request #241 from nrotta/master

Added/fixed test removed in #166
dwyl · Jun 27, 2017 · f2560e6 · f2560e6
2 parents b8f62ac + e4ba8f1
commit f2560e6
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 21 deletions.
diff --git a/lib/index.js b/lib/index.js
@@ -152,8 +152,9 @@ internals.implementation = function (server, options) {
                 if (verify_err) {
                   keysTried++;
                   if (keysTried >= keys.length) {
+                    var err_message = (verify_err.message === 'jwt expired' ? 'Expired token' : 'Invalid token');
                     return reply(raiseError('unauthorized',
-                      'Invalid token', tokenType), null, { credentials: null });
+                      err_message, tokenType), null, { credentials: null });
                   }
                   // There are still other keys that might work
 

diff --git a/test/basic.test.js b/test/basic.test.js
@@ -88,26 +88,25 @@ test("Try using an incorrect secret to sign the JWT", function(t) {
   });
 });
 
-// see: https://github.com/dwyl/hapi-auth-jwt2/issues/166
-// test.only("Try using an expired token", function(t) {
-//   // use the token as the 'authorization' header in requests
-//   var token = JWT.sign({ id: 123, "name": "Charlie" }, secret, { expiresInSeconds: 1 });
-//   console.log(" - - - - - - token  - - - - -")
-//   console.log(token);
-//   var options = {
-//     method: "POST",
-//     url: "/privado",
-//     headers: { authorization: "Bearer " + token  }
-//   };
-//   // server.inject lets us simulate an http request
-//   setTimeout(function () {
-//     server.inject(options, function(response) {
-//       t.equal(response.statusCode, 401, "Expired token should be invalid");
-//       t.equal(response.result.message, 'Token expired', 'Message should be "Token expired"');
-//       t.end();
-//     });
-//   }, 1000);
-// });
+test("Try using an expired token", function(t) {
+  // use the token as the 'authorization' header in requests
+  var token = JWT.sign({ id: 123, "name": "Charlie" }, secret, { expiresIn: '1s' });
+  console.log(" - - - - - - token  - - - - -")
+  console.log(token);
+  var options = {
+    method: "POST",
+    url: "/privado",
+    headers: { authorization: "Bearer " + token  }
+  };
+  // server.inject lets us simulate an http request
+  setTimeout(function () {
+    server.inject(options, function(response) {
+      t.equal(response.statusCode, 401, "Expired token should be invalid");
+      t.equal(response.result.message, 'Expired token', 'Message should be "Expired token"');
+      t.end();
+    });
+  }, 1100);
+});
 
 test("Token is well formed but is allowed=false so should be denied", function(t) {
   // use the token as the 'authorization' header in requests