fix: re-add examples to readme for convenience

Author: levino

.pnp.cjs

@@ -16,7 +16,129 @@ authentication in your koa or express app. This is why I made this tool, which r
 
 ## Usage
 
-Please see the [example test](example/authentication.test.js) of a simple [koa app](example/api.js). Usage for `express`, `hapi` or `graphql` is similar.
+Consider a basic `koa` app (works also with `express`, `hapi` or `graphql`):
+
+```js
+// api.js
+import Koa from 'koa'
+import Router from 'koa-router'
+import jwt from 'koa-jwt'
+import jwksRsa from 'jwks-rsa'
+const createApp = ({ jwksUri }) => {
+  const app = new Koa()
+  // We set up the jwksRsa client as usual (with production host)
+  // We switch off caching to show how things work in ours tests.
+  app.use(
+    jwt({
+      secret: jwksRsa.koaJwtSecret({
+        cache: false,
+        jwksUri,
+      }),
+      audience: 'private',
+      issuer: 'master',
+      algorithms: ['RS256'],
+    })
+  )
+  const router = new Router()
+  // This route is protected by the authentication middleware
+  router.get('/', (ctx) => {
+    ctx.body = 'Authenticated!'
+  })
+  app.use(router.middleware())
+  return app
+}
+export default createApp
+```
+
+You can test this app like so:
+
+```js
+// authentication.test.js
+import createJWKSMock from '../src/index.js'
+import createApp from './api.js'
+import supertest from 'supertest'
+
+describe('Some tests for authentication for our api', () => {
+  let jwksMock, server, request
+  beforeEach(() => {
+    ;({ jwksMock, server, request } = createContext())
+  })
+  afterEach(async () => await tearDown({ jwksMock, server }))
+  test('should not get access without correct token', async () => {
+    // We start intercepting queries (see below)
+    jwksMock.start()
+    const { status } = await request.get('/')
+    expect(status).toEqual(401)
+  })
+
+  test('should get access with mock token when jwksMock is running', async () => {
+    // Again we start intercepting queries
+    jwksMock.start()
+    const access_token = jwksMock.token({
+      aud: 'private',
+      iss: 'master',
+    })
+    const { status } = await request
+      .get('/')
+      .set('Authorization', `Bearer ${access_token}`)
+    expect(status).toEqual(200)
+  })
+  test('should not get access with mock token when jwksMock is not running', async () => {
+    // Now we do not intercept queries. The queries of the middleware for the JKWS will
+    // go to the production server and the local key will be invalid.
+    const access_token = jwksMock.token({
+      aud: 'private',
+      iss: 'master',
+    })
+    const { status } = await request
+      .get('/')
+      .set('Authorization', `Bearer ${access_token}`)
+    expect(status).toEqual(401)
+  })
+})
+test('Another example with a non-auth0-style jkwsUri', async () => {
+  const jwksMock = createJWKSMock(
+    'https://keycloak.somedomain.com/auth/realm/application',
+    '/protocol/openid-connect/certs'
+  )
+  // We start our app.
+  const server = createApp({
+    jwksUri:
+      'https://keycloak.somedomain.com/auth/realm/application/protocol/openid-connect/certs',
+  }).listen()
+  const request = supertest(server)
+  jwksMock.start()
+  const access_token = jwksMock.token({
+    aud: 'private',
+    iss: 'master',
+  })
+  const { status } = await request
+    .get('/')
+    .set('Authorization', `Bearer ${access_token}`)
+  await tearDown({ jwksMock, server })
+  expect(status).toEqual(200)
+})
+const createContext = () => {
+  // This creates the local PKI
+  const jwksMock = createJWKSMock('https://levino.eu.auth0.com/')
+  // We start our app.
+  const server = createApp({
+    jwksUri: 'https://levino.eu.auth0.com/.well-known/jwks.json',
+  }).listen()
+  const request = supertest(server)
+  return {
+    jwksMock,
+    request,
+    server,
+  }
+}
+const tearDown = async ({ jwksMock, server }) => {
+  await server.close()
+  await jwksMock.stop()
+}
+```
+
+You can also find [this example in the repo](example/authentication.test.js).
 
 ## Under the hood
 

.prettierrc .prettierrc.yml

@@ -1,28 +1,28 @@
-import Koa from "koa";
-import Router from "koa-router";
-import jwt from "koa-jwt";
-import jwksRsa from "jwks-rsa";
+import Koa from 'koa'
+import Router from 'koa-router'
+import jwt from 'koa-jwt'
+import jwksRsa from 'jwks-rsa'
 const createApp = ({ jwksUri }) => {
-    const app = new Koa();
-    // We set up the jwksRsa client as usual (with production host)
-    // We switch off caching to show how things work in ours tests.
-    app.use(jwt({
-        secret: jwksRsa.koaJwtSecret({
-            cache: false,
-            jwksUri,
-        }),
-        audience: 'private',
-        issuer: 'master',
-        algorithms: ['RS256'],
-    }));
-    const router = new Router();
-    // This route is protected by the authentication middleware
-    router.get('/', (ctx) => {
-        ctx.body = 'Authenticated!';
-    });
-    app.use(router.middleware());
-    return app;
-};
-export default createApp;
-
-
+  const app = new Koa()
+  // We set up the jwksRsa client as usual (with production host)
+  // We switch off caching to show how things work in ours tests.
+  app.use(
+    jwt({
+      secret: jwksRsa.koaJwtSecret({
+        cache: false,
+        jwksUri,
+      }),
+      audience: 'private',
+      issuer: 'master',
+      algorithms: ['RS256'],
+    })
+  )
+  const router = new Router()
+  // This route is protected by the authentication middleware
+  router.get('/', (ctx) => {
+    ctx.body = 'Authenticated!'
+  })
+  app.use(router.middleware())
+  return app
+}
+export default createApp

README.md

@@ -1,78 +1,82 @@
-import createJWKSMock from "../src/index.js";
-import createApp from "./api.js";
-import supertest from "supertest";
+import createJWKSMock from '../src/index.js'
+import createApp from './api.js'
+import supertest from 'supertest'
 
 describe('Some tests for authentication for our api', () => {
-    let jwksMock, server, request;
-    beforeEach(() => {
-        ;
-        ({ jwksMock, server, request } = createContext());
-    });
-    afterEach(async () => await tearDown({ jwksMock, server }));
-    test('should not get access without correct token', async () => {
-        // We start intercepting queries (see below)
-        jwksMock.start();
-        const { status } = await request.get('/');
-        expect(status).toEqual(401);
-    });
-    test('should get access with mock token when jwksMock is running', async () => {
-        // Again we start intercepting queries
-        jwksMock.start();
-        const access_token = jwksMock.token({
-            aud: 'private',
-            iss: 'master',
-        });
-        const { status } = await request
-            .get('/')
-            .set('Authorization', `Bearer ${access_token}`);
-        expect(status).toEqual(200);
-    });
-    test('should not get access with mock token when jwksMock is not running', async () => {
-        // Now we do not intercept queries. The queries of the middleware for the JKWS will
-        // go to the production server and the local key will be invalid.
-        const access_token = jwksMock.token({
-            aud: 'private',
-            iss: 'master',
-        });
-        const { status } = await request
-            .get('/')
-            .set('Authorization', `Bearer ${access_token}`);
-        expect(status).toEqual(401);
-    });
-});
-test('Another example with a non-auth0-style jkwsUri', async () => {
-    const jwksMock = createJWKSMock('https://keycloak.somedomain.com/auth/realm/application', '/protocol/openid-connect/certs');
-    // We start our app.
-    const server = createApp({
-        jwksUri: 'https://keycloak.somedomain.com/auth/realm/application/protocol/openid-connect/certs',
-    }).listen();
-    const request = supertest(server);
-    jwksMock.start();
+  let jwksMock, server, request
+  beforeEach(() => {
+    ;({ jwksMock, server, request } = createContext())
+  })
+  afterEach(async () => await tearDown({ jwksMock, server }))
+  test('should not get access without correct token', async () => {
+    // We start intercepting queries (see below)
+    jwksMock.start()
+    const { status } = await request.get('/')
+    expect(status).toEqual(401)
+  })
+
+  test('should get access with mock token when jwksMock is running', async () => {
+    // Again we start intercepting queries
+    jwksMock.start()
     const access_token = jwksMock.token({
-        aud: 'private',
-        iss: 'master',
-    });
+      aud: 'private',
+      iss: 'master',
+    })
     const { status } = await request
-        .get('/')
-        .set('Authorization', `Bearer ${access_token}`);
-    await tearDown({ jwksMock, server });
-    expect(status).toEqual(200);
-});
+      .get('/')
+      .set('Authorization', `Bearer ${access_token}`)
+    expect(status).toEqual(200)
+  })
+  test('should not get access with mock token when jwksMock is not running', async () => {
+    // Now we do not intercept queries. The queries of the middleware for the JKWS will
+    // go to the production server and the local key will be invalid.
+    const access_token = jwksMock.token({
+      aud: 'private',
+      iss: 'master',
+    })
+    const { status } = await request
+      .get('/')
+      .set('Authorization', `Bearer ${access_token}`)
+    expect(status).toEqual(401)
+  })
+})
+test('Another example with a non-auth0-style jkwsUri', async () => {
+  const jwksMock = createJWKSMock(
+    'https://keycloak.somedomain.com/auth/realm/application',
+    '/protocol/openid-connect/certs'
+  )
+  // We start our app.
+  const server = createApp({
+    jwksUri:
+      'https://keycloak.somedomain.com/auth/realm/application/protocol/openid-connect/certs',
+  }).listen()
+  const request = supertest(server)
+  jwksMock.start()
+  const access_token = jwksMock.token({
+    aud: 'private',
+    iss: 'master',
+  })
+  const { status } = await request
+    .get('/')
+    .set('Authorization', `Bearer ${access_token}`)
+  await tearDown({ jwksMock, server })
+  expect(status).toEqual(200)
+})
 const createContext = () => {
-    // This creates the local PKI
-    const jwksMock = createJWKSMock('https://hardfork.eu.auth0.com/');
-    // We start our app.
-    const server = createApp({
-        jwksUri: 'https://hardfork.eu.auth0.com/.well-known/jwks.json',
-    }).listen();
-    const request = supertest(server);
-    return {
-        jwksMock,
-        request,
-        server,
-    };
-};
+  // This creates the local PKI
+  const jwksMock = createJWKSMock('https://levino.eu.auth0.com/')
+  // We start our app.
+  const server = createApp({
+    jwksUri: 'https://levino.eu.auth0.com/.well-known/jwks.json',
+  }).listen()
+  const request = supertest(server)
+  return {
+    jwksMock,
+    request,
+    server,
+  }
+}
 const tearDown = async ({ jwksMock, server }) => {
-    await server.close();
-    await jwksMock.stop();
-};
+  await server.close()
+  await jwksMock.stop()
+}

example/api.js

@@ -59,7 +59,7 @@
     "@types/base64-url": "^2.2.0",
     "@types/chai": "^4.3.3",
     "@types/chai-as-promised": "^7.1.5",
-    "@types/jest": "^29.1.2",
+    "@types/jest": "^29.4.2",
     "@types/jsonwebtoken": "^9.0.1",
     "@types/nock": "^11.1.0",
     "@types/node": "^18.15.3",

example/authentication.test.js

@@ -11,6 +11,7 @@ const createJWKSMock = (
     ...keypair,
     jwksOrigin,
   })
+
   let jwksUrlInterceptor: nock.Interceptor
 
   const kid = () => JWKS.keys[0].kid

package.json

@@ -1231,7 +1231,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@types/jest@npm:^29.1.2":
+"@types/jest@npm:^29.4.2":
   version: 29.4.2
   resolution: "@types/jest@npm:29.4.2"
   dependencies:
@@ -4436,7 +4436,7 @@ __metadata:
     "@types/base64-url": "npm:^2.2.0"
     "@types/chai": "npm:^4.3.3"
     "@types/chai-as-promised": "npm:^7.1.5"
-    "@types/jest": "npm:^29.1.2"
+    "@types/jest": "npm:^29.4.2"
     "@types/jsonwebtoken": "npm:^9.0.1"
     "@types/nock": "npm:^11.1.0"
     "@types/node": "npm:^18.15.3"