kopia lustrzana https://gitlab.com/rysiekpl/libresilient
signed-integrity: added tests for configured public key not loading, and for JWT syntactically invalid (ref. #28)
rodzic
44fede8882
commit
bdad3adeff
|
@ -92,6 +92,9 @@ describe("plugin: signed-integrity", () => {
|
|||
content = '{"test": "fail"}'
|
||||
status = 404
|
||||
statusText = "Not Found"
|
||||
// testing invalid base64-encoded data
|
||||
} else if (url == 'https://resilient.is/invalid-base64.json.integrity') {
|
||||
content = 'a' + '.' + payload + '.' + signature
|
||||
// testing "alg: none" on the integrity JWT
|
||||
} else if (url == 'https://resilient.is/alg-none.json.integrity') {
|
||||
content = noneHeader + '.' + payload + '.'
|
||||
|
@ -158,6 +161,20 @@ describe("plugin: signed-integrity", () => {
|
|||
}
|
||||
});
|
||||
|
||||
test("it should throw an error if the configured public key is impossible to load", async () => {
|
||||
require("../../plugins/signed-integrity.js");
|
||||
|
||||
init.publicKey = 'NOTAKEY'
|
||||
|
||||
expect.assertions(2);
|
||||
try {
|
||||
await LibResilientPluginConstructors.get('signed-integrity')(LR, init).fetch('https://resilient.is/test.json')
|
||||
} catch (e) {
|
||||
expect(e).toBeInstanceOf(Error)
|
||||
expect(e.toString()).toMatch('Unable to load the public key')
|
||||
}
|
||||
});
|
||||
|
||||
test("it should throw an error when there are more than one wrapped plugins configured", async () => {
|
||||
require("../../plugins/signed-integrity.js");
|
||||
init = {
|
||||
|
@ -229,6 +246,20 @@ describe("plugin: signed-integrity", () => {
|
|||
}
|
||||
});
|
||||
|
||||
test("it should refuse to fetch content when integrity data not provided and integrity data URL is fetched, but JWT is invalid", async () => {
|
||||
require("../../plugins/signed-integrity.js");
|
||||
|
||||
expect.assertions(4);
|
||||
try {
|
||||
const response = await LibResilientPluginConstructors.get('signed-integrity')(LR, init).fetch('https://resilient.is/invalid-base64.json', {});
|
||||
} catch (e) {
|
||||
expect(resolvingFetch).toHaveBeenCalledTimes(1);
|
||||
expect(resolvingFetch).toHaveBeenCalledWith('https://resilient.is/invalid-base64.json.integrity')
|
||||
expect(e).toBeInstanceOf(Error)
|
||||
expect(e.toString()).toMatch('Invalid base64-encoded string')
|
||||
}
|
||||
});
|
||||
|
||||
test("it should refuse to fetch content when integrity data not provided and integrity data URL is fetched, but JWT uses alg: none", async () => {
|
||||
require("../../plugins/signed-integrity.js");
|
||||
|
||||
|
|
Ładowanie…
Reference in New Issue