1 | 'use strict';
|
2 |
|
3 | const assert = require('assert');
|
4 | const crypto = require('crypto');
|
5 | const helper = require('./_helper');
|
6 |
|
7 |
|
8 | let Request = helper.Request;
|
9 | let Response = helper.Response;
|
10 | let pubsub = new helper.createMockConfigClient({
|
11 | key: 'key',
|
12 | secret: 'secret'
|
13 | });
|
14 | const events = {
|
15 | 'com.test.event': null,
|
16 | 'com.test.topic.*': null,
|
17 | 'com.test.*.interior': null,
|
18 | 'com.splatted.**': null
|
19 | };
|
20 |
|
21 | const url = new URL('http://un:pw@axwaylocal.com');
|
22 | pubsub.config = {
|
23 | url: url.href,
|
24 | can_consume: true,
|
25 | auth_type: 'basic',
|
26 | auth_user: url.username,
|
27 | auth_pass: url.password,
|
28 | topics: Object.keys(events)
|
29 | };
|
30 |
|
31 | describe('webhook', function () {
|
32 |
|
33 | it('should validate basic auth credentials are correct', function () {
|
34 |
|
35 | let success = false,
|
36 | res = new Response(),
|
37 | req = new Request({}, {
|
38 | authorization: 'Basic ' + Buffer.from('un:pw').toString('base64')
|
39 | });
|
40 |
|
41 |
|
42 | let authed = pubsub.authenticateWebhook(req, res, () => success = true);
|
43 |
|
44 | assert.ok(success && authed && req._authenticatedWebhook);
|
45 | });
|
46 |
|
47 | it('should validate basic auth credentials are incorrect', function () {
|
48 | let success = false,
|
49 | res = new Response(),
|
50 | req = new Request({}, {
|
51 | authorization: 'Basic ' + Buffer.from('un2:pw2').toString('base64')
|
52 | });
|
53 |
|
54 | let authed = pubsub.authenticateWebhook(req, res, () => success = true);
|
55 |
|
56 | assert.strictEqual(success || authed || !!req._authenticatedWebhook, false);
|
57 |
|
58 | assert.ok(res.wasUnauthorized());
|
59 | });
|
60 |
|
61 | it('should validate auth token are correct', function () {
|
62 |
|
63 | pubsub.config.auth_type = 'token';
|
64 | pubsub.config.url = 'http://axwaylocal.com';
|
65 | pubsub.config.auth_token = 'test-token';
|
66 | delete pubsub.config.auth_user;
|
67 | delete pubsub.config.auth_pass;
|
68 | let success = false,
|
69 | res = new Response(),
|
70 | req = new Request({}, {
|
71 | 'x-auth-token': 'test-token'
|
72 | });
|
73 |
|
74 |
|
75 | let authed = pubsub.authenticateWebhook(req, res, () => success = true);
|
76 | assert.ok(success && authed && req._authenticatedWebhook);
|
77 | });
|
78 |
|
79 | it('should validate auth token are incorrect', function () {
|
80 |
|
81 | let success = false,
|
82 | res = new Response(),
|
83 | req = new Request({}, {
|
84 | 'x-auth-token': 'not-this'
|
85 | });
|
86 |
|
87 | let authed = pubsub.authenticateWebhook(req, res, () => success = true);
|
88 | assert.strictEqual(success || authed || !!req._authenticatedWebhook, false);
|
89 | assert.ok(res.wasUnauthorized());
|
90 | });
|
91 |
|
92 | it('should validate key/secret signature is correct', function () {
|
93 |
|
94 | pubsub.config.auth_type = 'key_secret';
|
95 | delete pubsub.config.auth_token;
|
96 |
|
97 | let success = false,
|
98 | res = new Response(),
|
99 | body = { event: 'com.test.event' },
|
100 | req = new Request(body, {
|
101 | 'x-signature': crypto.createHmac('SHA256', pubsub.secret).update(JSON.stringify(body)).digest('hex')
|
102 | });
|
103 |
|
104 |
|
105 | let authed = pubsub.authenticateWebhook(req, res, () => success = true);
|
106 | assert.ok(success && authed && req._authenticatedWebhook);
|
107 | });
|
108 |
|
109 | it('should validate key/secret signature is incorrect', function () {
|
110 |
|
111 | let success = false,
|
112 | res = new Response(),
|
113 | req = new Request({}, {
|
114 | 'x-signature': 'not-this'
|
115 | });
|
116 |
|
117 | let authed = pubsub.authenticateWebhook(req, res, () => success = true);
|
118 | assert.strictEqual(success || authed || !!req._authenticatedWebhook, false);
|
119 | assert.ok(res.wasUnauthorized());
|
120 | });
|
121 |
|
122 | it('should emit using an exact event name', function (done) {
|
123 | let topic = pubsub.config.topics[0],
|
124 | payload = { topic };
|
125 |
|
126 |
|
127 | pubsub.on('event:' + topic, function (data) {
|
128 |
|
129 | assert.strictEqual(data, payload);
|
130 | done();
|
131 | });
|
132 |
|
133 | pubsub.config.auth_type = null;
|
134 | pubsub.handleWebhook(new Request(payload), new Response());
|
135 | });
|
136 |
|
137 | it('should not receive an unrelated event', function () {
|
138 | let topic = 'com.unrelated.event',
|
139 | payload = { topic };
|
140 |
|
141 |
|
142 | pubsub.on('event:com.different.event', function () {
|
143 | assert.fail('Listener should not have been called');
|
144 | });
|
145 | pubsub.handleWebhook(new Request(payload), new Response());
|
146 | });
|
147 | });
|