diff options
Diffstat (limited to 'spec/lib')
-rw-r--r-- | spec/lib/gitlab/jwt_authenticatable_spec.rb | 8 | ||||
-rw-r--r-- | spec/lib/gitlab/middleware/multipart_spec.rb | 4 | ||||
-rw-r--r-- | spec/lib/json_web_token/hmac_token_spec.rb | 4 |
3 files changed, 11 insertions, 5 deletions
diff --git a/spec/lib/gitlab/jwt_authenticatable_spec.rb b/spec/lib/gitlab/jwt_authenticatable_spec.rb index 92d5feceb75..9a06f9b91df 100644 --- a/spec/lib/gitlab/jwt_authenticatable_spec.rb +++ b/spec/lib/gitlab/jwt_authenticatable_spec.rb @@ -172,11 +172,17 @@ RSpec.describe Gitlab::JwtAuthenticatable do end it 'raises an error if iat is invalid' do - encoded_message = JWT.encode(payload.merge(iat: 'wrong'), test_class.secret, 'HS256') + encoded_message = JWT.encode(payload.merge(iat: Time.current.to_i + 1), test_class.secret, 'HS256') expect { test_class.decode_jwt(encoded_message, iat_after: true) }.to raise_error(JWT::DecodeError) end + it 'raises InvalidPayload exception if iat is a string' do + expect do + JWT.encode(payload.merge(iat: 'wrong'), test_class.secret, 'HS256') + end.to raise_error(JWT::InvalidPayload) + end + it 'raises an error if iat is absent' do encoded_message = JWT.encode(payload, test_class.secret, 'HS256') diff --git a/spec/lib/gitlab/middleware/multipart_spec.rb b/spec/lib/gitlab/middleware/multipart_spec.rb index 294a5ee82ed..509a4bb921b 100644 --- a/spec/lib/gitlab/middleware/multipart_spec.rb +++ b/spec/lib/gitlab/middleware/multipart_spec.rb @@ -175,7 +175,7 @@ RSpec.describe Gitlab::Middleware::Multipart do end it 'raises an error' do - expect { subject }.to raise_error(JWT::VerificationError, 'Signature verification raised') + expect { subject }.to raise_error(JWT::VerificationError, 'Signature verification failed') end end @@ -191,7 +191,7 @@ RSpec.describe Gitlab::Middleware::Multipart do end it 'raises an error' do - expect { subject }.to raise_error(JWT::VerificationError, 'Signature verification raised') + expect { subject }.to raise_error(JWT::VerificationError, 'Signature verification failed') end end end diff --git a/spec/lib/json_web_token/hmac_token_spec.rb b/spec/lib/json_web_token/hmac_token_spec.rb index 016084eaf69..7c486b2fe1b 100644 --- a/spec/lib/json_web_token/hmac_token_spec.rb +++ b/spec/lib/json_web_token/hmac_token_spec.rb @@ -50,8 +50,8 @@ RSpec.describe JSONWebToken::HMACToken do context 'that was generated using a different secret' do let(:encoded_token) { described_class.new('some other secret').encoded } - it "raises exception saying 'Signature verification raised" do - expect { decoded_token }.to raise_error(JWT::VerificationError, 'Signature verification raised') + it "raises exception saying 'Signature verification failed" do + expect { decoded_token }.to raise_error(JWT::VerificationError, 'Signature verification failed') end end |