-
Notifications
You must be signed in to change notification settings - Fork 52
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
16 changed files
with
606 additions
and
276 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,8 @@ | ||
const jestExpect = require('expect'); | ||
const { expect } = require('chai'); | ||
const sinon = require('sinon'); | ||
const ApiKeyService = require('./ApiKeyService'); | ||
const ApiKeyRepository = require('../repositories/ApiKeyRepository'); | ||
const HttpError = require('../utils/HttpError'); | ||
const Session = require('../infra/database/Session'); | ||
const ApiKey = require('../models/ApiKey'); | ||
|
||
describe('ApiKey', () => { | ||
let apiKey; | ||
|
@@ -13,24 +12,46 @@ describe('ApiKey', () => { | |
}); | ||
|
||
it('empty key should throw error', async () => { | ||
await jestExpect(async () => { | ||
await apiKey.check(undefined); | ||
}).rejects.toThrow(/no API key/); | ||
let error; | ||
try { | ||
await apiKey.check(); | ||
} catch (e) { | ||
error = e; | ||
} | ||
expect(error.message).eql('Invalid access - no API key'); | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
Kpoke
Author
Collaborator
|
||
}); | ||
|
||
it('key which do not exist should throw error', async () => { | ||
sinon | ||
.stub(ApiKeyRepository.prototype, 'getByApiKey') | ||
.throws(new HttpError(404)); | ||
await jestExpect(async () => { | ||
await apiKey.check('not_exist'); | ||
}).rejects.toThrow(/Invalid/); | ||
ApiKeyRepository.prototype.getByApiKey.restore(); | ||
let error; | ||
const getApiKeyStub = sinon | ||
.stub(ApiKey.prototype, 'getByApiKey') | ||
.resolves(); | ||
try { | ||
await apiKey.check('api key'); | ||
} catch (e) { | ||
error = e; | ||
} | ||
expect(error.message).eql('Invalid API access'); | ||
getApiKeyStub.restore(); | ||
}); | ||
|
||
it('key with false tree_token_api_access should not pass', async () => { | ||
let error; | ||
const getApiKeyStub = sinon | ||
.stub(ApiKey.prototype, 'getByApiKey') | ||
.resolves({ tree_token_api_access: false }); | ||
try { | ||
await apiKey.check('api key'); | ||
} catch (e) { | ||
error = e; | ||
} | ||
expect(error.message).eql('Invalid API access, apiKey was deprecated'); | ||
getApiKeyStub.restore(); | ||
}); | ||
|
||
it('good key should pass', async () => { | ||
sinon.stub(ApiKeyRepository.prototype, 'getByApiKey').returns({}); | ||
sinon.stub(ApiKey.prototype, 'getByApiKey').returns({}); | ||
await apiKey.check('not_exist'); | ||
ApiKeyRepository.prototype.getByApiKey.restore(); | ||
ApiKey.prototype.getByApiKey.restore(); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
const { expect } = require('chai'); | ||
const Sinon = require('sinon'); | ||
const AuthService = require('./AuthService'); | ||
const HashService = require('./HashService'); | ||
const JWTService = require('./JWTService'); | ||
const WalletService = require('./WalletService'); | ||
|
||
describe('AuthService', () => { | ||
it('signin', async () => { | ||
const walletObject = { salt: 'salt', password: 'hash' }; | ||
const getByIdOrNameStub = Sinon.stub( | ||
WalletService.prototype, | ||
'getByIdOrName', | ||
).resolves(walletObject); | ||
const sha512Stub = Sinon.stub(HashService, 'sha512').returns('hash'); | ||
const jwtSignStub = Sinon.stub(JWTService, 'sign').resolves('token'); | ||
const details = { wallet: 'wallet', password: 'password' }; | ||
const token = await AuthService.signIn(details); | ||
expect(getByIdOrNameStub.calledOnceWithExactly(details.wallet)).eql(true); | ||
expect(sha512Stub.calledOnceWithExactly(details.password, 'salt')).eql( | ||
true, | ||
); | ||
expect(jwtSignStub.calledOnceWithExactly(walletObject)).eql(true); | ||
expect(token).eql('token'); | ||
getByIdOrNameStub.restore(); | ||
sha512Stub.restore(); | ||
jwtSignStub.restore(); | ||
}); | ||
|
||
it('failed signin', async () => { | ||
const walletObject = { salt: 'salt', password: 'password' }; | ||
const getByIdOrNameStub = Sinon.stub( | ||
WalletService.prototype, | ||
'getByIdOrName', | ||
).resolves(walletObject); | ||
const sha512Stub = Sinon.stub(HashService, 'sha512').returns('hash'); | ||
const jwtSignStub = Sinon.stub(JWTService, 'sign').resolves('token'); | ||
const details = { wallet: 'wallet', password: 'password' }; | ||
const token = await AuthService.signIn(details); | ||
expect(getByIdOrNameStub.calledOnceWithExactly(details.wallet)).eql(true); | ||
expect(sha512Stub.calledOnceWithExactly(details.password, 'salt')).eql( | ||
true, | ||
); | ||
expect(jwtSignStub.notCalled).eql(true); | ||
expect(token).eql(false); | ||
getByIdOrNameStub.restore(); | ||
sha512Stub.restore(); | ||
jwtSignStub.restore(); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,15 @@ | ||
const Crypto = require('crypto'); | ||
|
||
const sha512 = (password, salt) => { | ||
const hash = Crypto.createHmac( | ||
'sha512', | ||
salt, | ||
); /** Hashing algorithm sha512 */ | ||
hash.update(password); | ||
const value = hash.digest('hex'); | ||
return value; | ||
}; | ||
class HashService { | ||
static sha512(password, salt) { | ||
const hash = Crypto.createHmac( | ||
'sha512', | ||
salt, | ||
); /** Hashing algorithm sha512 */ | ||
hash.update(password); | ||
const value = hash.digest('hex'); | ||
return value; | ||
} | ||
} | ||
|
||
module.exports = { sha512 }; | ||
module.exports = HashService; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
const { expect } = require('chai'); | ||
const Sinon = require('sinon'); | ||
const Crypto = require('crypto'); | ||
const HashService = require('./HashService'); | ||
|
||
describe('HashService', () => { | ||
it('sha512', async () => { | ||
const hashUpdateStub = Sinon.stub(); | ||
const hashDigestStub = Sinon.stub().returns('hash'); | ||
const cryptoStub = Sinon.stub(Crypto, 'createHmac').returns({ | ||
update: hashUpdateStub, | ||
digest: hashDigestStub, | ||
}); | ||
const hash = HashService.sha512('password', 'salt'); | ||
expect(cryptoStub.calledOnceWithExactly('sha512', 'salt')).eql(true); | ||
expect(hashUpdateStub.calledOnceWithExactly('password')).eql(true); | ||
expect(hashDigestStub.calledOnceWithExactly('hex')).eql(true); | ||
expect(hash).eql('hash'); | ||
cryptoStub.restore(); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,16 +1,12 @@ | ||
const {expect} = require("chai"); | ||
const JWTService = require("./JWTService"); | ||
const { expect } = require('chai'); | ||
const JWTService = require('./JWTService'); | ||
|
||
|
||
|
||
describe("JWTService", () => { | ||
|
||
it("signed payload should be able to be verified", () => { | ||
const payload = {id: 1}; | ||
const jwtService = new JWTService(); | ||
const token = jwtService.sign(payload); | ||
describe('JWTService', () => { | ||
it('signed payload should be able to be verified', () => { | ||
const payload = { id: 1 }; | ||
const token = JWTService.sign(payload); | ||
expect(token).match(/\S+/); | ||
const result = jwtService.verify(`Bearer ${token}`); | ||
expect(result).property("id").eq(1); | ||
const result = JWTService.verify(`Bearer ${token}`); | ||
expect(result).property('id').eq(1); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
If we want to stick with chai, I rememeber there is a plugin for chai to support better API for checking error