kopia lustrzana https://gitlab.com/rysiekpl/libresilient
signed-integrity: added test for actually using the integrity data from the JWT (ref. #28)
Michał 'rysiek' Woźniak
rodzic
5254644402
commit
44fede8882
|
|
@ -257,4 +257,16 @@ describe("plugin: signed-integrity", () => {
|
|||
}
|
||||
});
|
||||
|
||||
test("it should fetch and verify content, when integrity data not provided, by fetching the integrity data URL and using integrity data from it", async () => {
|
||||
require("../../plugins/signed-integrity.js");
|
||||
|
||||
const response = await LibResilientPluginConstructors.get('signed-integrity')(LR, init).fetch('https://resilient.is/test.json', {});
|
||||
|
||||
expect(resolvingFetch).toHaveBeenCalledTimes(2);
|
||||
expect(resolvingFetch).toHaveBeenNthCalledWith(1, 'https://resilient.is/test.json.integrity')
|
||||
expect(resolvingFetch).toHaveBeenNthCalledWith(2, 'https://resilient.is/test.json', {integrity: "sha256-eiMrFuthzteJuj8fPwUMyNQMb2SMW7VITmmt2oAxGj0="})
|
||||
expect(await response.json()).toEqual({test: "success"})
|
||||
expect(response.url).toEqual('https://resilient.is/test.json')
|
||||
});
|
||||
|
||||
});
|
||||
|
|
|
|||
|
|
@ -154,7 +154,17 @@
|
|||
// unpack it
|
||||
var header = atob(b64urlDecode(jwt[0]))
|
||||
var payload = atob(b64urlDecode(jwt[1]))
|
||||
LR.log(pluginName, `got a valid, signed JWT with integrity data:\n- header : ${header}\n- payload: ${payload}`)
|
||||
try {
|
||||
payload = JSON.parse(payload)
|
||||
} catch (e) {
|
||||
throw new Error(`JWT payload parsing failed: ${e}`)
|
||||
}
|
||||
if ('integrity' in payload) {
|
||||
LR.log(pluginName, `got a correct, validated JWT; integrity: ${payload.integrity}`)
|
||||
init.integrity = payload.integrity
|
||||
} else {
|
||||
throw new Error(`JWT payload did not contain integrity data.`)
|
||||
}
|
||||
|
||||
} else {
|
||||
// we want to error out here, because we did get the integrity file,
|
||||
|
|
|
|||
Ładowanie…
Reference in New Issue