tests: add additional test for secret validation

supabase · Feb 15, 2024 · 9918548 · 9918548
1 parent 84ac666
commit 9918548
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 7 deletions.
diff --git a/internal/conf/configuration.go b/internal/conf/configuration.go
@@ -453,7 +453,7 @@ type ExtensibilityPointConfiguration struct {
 	URI             string   `json:"uri"`
 	Enabled         bool     `json:"enabled"`
 	HookName        string   `json:"hook_name"`
-	HTTPHookSecrets []string `json:"secret"`
+	HTTPHookSecrets []string `json:"secrets"`
 }
 
 func (h *HookConfiguration) Validate() error {
@@ -509,18 +509,15 @@ func validatePostgresPath(u *url.URL) error {
 
 func isValidSecretFormat(secret string) bool {
 	return symmetricSecretFormat.MatchString(secret) || asymmetricSecretFormat.MatchString(secret)
-
 }
 
 func validateHTTPSHookSecrets(secrets []string) error {
 	for _, secret := range secrets {
 		if !isValidSecretFormat(secret) {
-			return fmt.Errorf("secret %s does not conform to secret format", secret)
+			return fmt.Errorf("invalid secret format")
 		}
 	}
-
 	return nil
-
 }
 
 func (e *ExtensibilityPointConfiguration) PopulateExtensibilityPoint() error {

diff --git a/internal/conf/configuration_test.go b/internal/conf/configuration_test.go
@@ -98,19 +98,20 @@ func TestPasswordRequiredCharactersDecode(t *testing.T) {
 	}
 }
 
-func TestValidateExtensibilityPoint(t *testing.T) {
+func TestValidateExtensibilityPointURI(t *testing.T) {
 	cases := []struct {
 		desc        string
 		uri         string
 		expectError bool
 	}{
 		// Positive test cases
+		{desc: "Valid HTTPS URI", uri: "https://asdfgggqqwwerty.website.co/functions/v1/custom-sms-sender", expectError: false},
 		{desc: "Valid Postgres URI", uri: "pg-functions://postgres/auth/verification_hook_reject", expectError: false},
-		{desc: "Valid HTTPS URI", uri: "https://asdfgggqqwwerty.supabase.co/functions/v1/custom-sms-sender", expectError: false},
 		{desc: "Another Valid URI", uri: "pg-functions://postgres/user_management/add_user", expectError: false},
 		{desc: "Another Valid URI", uri: "pg-functions://postgres/MySpeCial/FUNCTION_THAT_YELLS_AT_YOU", expectError: false},
 
 		// Negative test cases
+		{desc: "Invalid HTTPS URI (HTTP)", uri: "http://asdfgggqqwwerty.supabase.co/functions/v1/custom-sms-sender", expectError: false},
 		{desc: "Invalid Schema Name", uri: "pg-functions://postgres/123auth/verification_hook_reject", expectError: true},
 		{desc: "Invalid Function Name", uri: "pg-functions://postgres/auth/123verification_hook_reject", expectError: true},
 		{desc: "Insufficient Path Parts", uri: "pg-functions://postgres/auth", expectError: true},
@@ -126,3 +127,31 @@ func TestValidateExtensibilityPoint(t *testing.T) {
 		}
 	}
 }
+
+func TestValidateExtensibilityPointSecrets(t *testing.T) {
+	validHTTPSURI := "https://asdfgggqqwwerty.website.co/functions/v1/custom-sms-sender"
+	cases := []struct {
+		desc        string
+		secret      []string
+		expectError bool
+	}{
+		// Positive test cases
+		{desc: "Valid Symmetric Secret", secret: []string{""}, expectError: false},
+		{desc: "Valid Asymmetric Secret", secret: []string{""}, expectError: false},
+
+		// Negative test cases
+		{desc: "Invalid Asymmetric Secret", secret: []string{"john", "jill"}, expectError: true},
+		{desc: "Invalid Symmetric Secret", secret: []string{""}, expectError: true},
+	}
+	for _, tc := range cases {
+		ep := ExtensibilityPointConfiguration{URI: validHTTPSURI, HTTPHookSecrets: tc.secret}
+		err := ep.ValidateExtensibilityPoint()
+		if tc.expectError {
+			require.Error(t, err)
+		} else {
+			require.NoError(t, err)
+		}
+
+	}
+
+}