kopia lustrzana https://gitlab.com/rysiekpl/libresilient
signed-integrity: added test for and for JWT payload not being a valid JSON (ref. #28)
rodzic
bdad3adeff
commit
8bbf48d08f
|
@ -80,6 +80,20 @@ describe("plugin: signed-integrity", () => {
|
|||
// prepare it for inclusion in the JWT
|
||||
noneSignature = btoa(noneSignature).replace(/\//g, '_').replace(/\+/g, '-').replace(/=/g, '')
|
||||
|
||||
// prepare stuff for invalid JWT JSON test
|
||||
var invalidPayload = btoa('not a valid JSON string').replace(/\//g, '_').replace(/\+/g, '-').replace(/=/g, '')
|
||||
// get an valid signature for invalid payload
|
||||
var invalidPayloadSignature = await subtle.sign(
|
||||
{
|
||||
name: "ECDSA",
|
||||
hash: {name: "SHA-384"}
|
||||
},
|
||||
(await generateECDSAKeypair()).privateKey,
|
||||
(header + '.' + invalidPayload)
|
||||
)
|
||||
// prepare it for inclusion in the JWT
|
||||
invalidPayloadSignature = btoa(invalidPayloadSignature).replace(/\//g, '_').replace(/\+/g, '-').replace(/=/g, '')
|
||||
|
||||
global.resolvingFetch = jest.fn((url, init)=>{
|
||||
var content = '{"test": "success"}'
|
||||
var status = 200
|
||||
|
@ -101,6 +115,9 @@ describe("plugin: signed-integrity", () => {
|
|||
// testing bad signature on the integrity JWT
|
||||
} else if (url == 'https://resilient.is/bad-signature.json.integrity') {
|
||||
content = header + '.' + payload + '.' + noneSignature
|
||||
// testing invalid payload
|
||||
} else if (url == 'https://resilient.is/invalid-payload.json.integrity') {
|
||||
content = header + '.' + invalidPayload + '.' + invalidPayloadSignature
|
||||
}
|
||||
|
||||
return Promise.resolve(
|
||||
|
@ -288,6 +305,20 @@ describe("plugin: signed-integrity", () => {
|
|||
}
|
||||
});
|
||||
|
||||
test("it should refuse to fetch content when integrity data not provided and integrity data URL is fetched, but JWT payload is unparseable", async () => {
|
||||
require("../../plugins/signed-integrity.js");
|
||||
|
||||
expect.assertions(4);
|
||||
try {
|
||||
const response = await LibResilientPluginConstructors.get('signed-integrity')(LR, init).fetch('https://resilient.is/invalid-payload.json', {});
|
||||
} catch (e) {
|
||||
expect(resolvingFetch).toHaveBeenCalledTimes(1);
|
||||
expect(resolvingFetch).toHaveBeenCalledWith('https://resilient.is/invalid-payload.json.integrity')
|
||||
expect(e).toBeInstanceOf(Error)
|
||||
expect(e.toString()).toMatch('JWT payload parsing failed')
|
||||
}
|
||||
});
|
||||
|
||||
test("it should fetch and verify content, when integrity data not provided, by fetching the integrity data URL and using integrity data from it", async () => {
|
||||
require("../../plugins/signed-integrity.js");
|
||||
|
||||
|
|
Ładowanie…
Reference in New Issue