26 lines
1.3 KiB
JavaScript
26 lines
1.3 KiB
JavaScript
"use strict";
|
|
const test = require("node:test");
|
|
const assert = require("node:assert/strict");
|
|
const { SessionManager } = require("./session-manager");
|
|
const zhulan = { pid: "ICE-GL-ZL-001", name: "铸澜" };
|
|
|
|
test("one approval creates a reusable bounded session", () => {
|
|
const m = new SessionManager({ absoluteTtl: 100, idleTtl: 20 });
|
|
const { token } = m.create(zhulan, "BS-SG-001", ["code-repo"], 10);
|
|
assert.equal(m.verify(token, zhulan, "BS-SG-001", "code-repo", 11).ok, true);
|
|
assert.equal(m.verify(token, zhulan, "BS-SG-001", "code-repo", 12).ok, true);
|
|
});
|
|
test("session is bound to identity server and scope", () => {
|
|
const m = new SessionManager();
|
|
const { token } = m.create(zhulan, "BS-SG-001", ["code-repo"], 10);
|
|
assert.equal(m.verify(token, { pid: "ICE-GL-ZY001" }, "BS-SG-001", "code-repo", 11).ok, false);
|
|
assert.equal(m.verify(token, zhulan, "OTHER", "code-repo", 11).ok, false);
|
|
assert.equal(m.verify(token, zhulan, "BS-SG-001", "system-arch", 11).ok, false);
|
|
});
|
|
test("end signal revokes immediately", () => {
|
|
const m = new SessionManager();
|
|
const { token } = m.create(zhulan, "BS-SG-001", ["code-repo"], 10);
|
|
assert.equal(m.end(token, zhulan), true);
|
|
assert.equal(m.verify(token, zhulan, "BS-SG-001", "code-repo", 11).ok, false);
|
|
});
|