mirror
/
libresilient
kopia lustrzana https://gitlab.com/rysiekpl/libresilient
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

signed-integrity: added tests for configured public key not loading, and for JWT syntactically invalid (ref. #28)

merge-requests/9/merge
Michał 'rysiek' Woźniak 2022-01-13 02:31:31 +00:00
rodzic 44fede8882
commit bdad3adeff
1 zmienionych plików z 31 dodań i 0 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

31
__tests__/plugins/signed-integrity.test.js
Wyświetl plik

@ -92,6 +92,9 @@ describe("plugin: signed-integrity", () => {
content = '{"test": "fail"}'
status = 404
statusText = "Not Found"
// testing invalid base64-encoded data
} else if (url == 'https://resilient.is/invalid-base64.json.integrity') {
content = 'a' + '.' + payload + '.' + signature
// testing "alg: none" on the integrity JWT
} else if (url == 'https://resilient.is/alg-none.json.integrity') {
content = noneHeader + '.' + payload + '.'
@ -158,6 +161,20 @@ describe("plugin: signed-integrity", () => {
}
});
test("it should throw an error if the configured public key is impossible to load", async () => {
require("../../plugins/signed-integrity.js");
init.publicKey = 'NOTAKEY'
expect.assertions(2);
try {
await LibResilientPluginConstructors.get('signed-integrity')(LR, init).fetch('https://resilient.is/test.json')
} catch (e) {
expect(e).toBeInstanceOf(Error)
expect(e.toString()).toMatch('Unable to load the public key')
}
});
test("it should throw an error when there are more than one wrapped plugins configured", async () => {
require("../../plugins/signed-integrity.js");
init = {
@ -229,6 +246,20 @@ describe("plugin: signed-integrity", () => {
}
});
test("it should refuse to fetch content when integrity data not provided and integrity data URL is fetched, but JWT is invalid", async () => {
require("../../plugins/signed-integrity.js");
expect.assertions(4);
try {
const response = await LibResilientPluginConstructors.get('signed-integrity')(LR, init).fetch('https://resilient.is/invalid-base64.json', {});
} catch (e) {
expect(resolvingFetch).toHaveBeenCalledTimes(1);
expect(resolvingFetch).toHaveBeenCalledWith('https://resilient.is/invalid-base64.json.integrity')
expect(e).toBeInstanceOf(Error)
expect(e.toString()).toMatch('Invalid base64-encoded string')
}
});
test("it should refuse to fetch content when integrity data not provided and integrity data URL is fetched, but JWT uses alg: none", async () => {
require("../../plugins/signed-integrity.js");