UNPKG

avo-inspector

Version:

[![npm version](https://badge.fury.io/js/avo-inspector.svg)](https://badge.fury.io/js/avo-inspector)

192 lines (191 loc) 10.7 kB
"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; var __generator = (this && this.__generator) || function (thisArg, body) { var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g; return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g; function verb(n) { return function (v) { return step([n, v]); }; } function step(op) { if (f) throw new TypeError("Generator is already executing."); while (g && (g = 0, op[0] && (_ = 0)), _) try { if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (y = 0, t) op = [op[0] & 2, t.value]; switch (op[0]) { case 0: case 1: t = op; break; case 4: _.label++; return { value: op[1], done: false }; case 5: _.label++; y = op[1]; op = [0]; continue; case 7: op = _.ops.pop(); _.trys.pop(); continue; default: if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; } if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; } if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; } if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; } if (t[2]) _.ops.pop(); _.trys.pop(); continue; } op = body.call(thisArg, _); } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; } if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true }; } }; Object.defineProperty(exports, "__esModule", { value: true }); /** * Integration tests for encryption in AvoNetworkCallsHandler. * * Covers: * - publicEncryptionKey in base body when non-null and non-empty * - Prod negative test: no encryptedPropertyValue in prod env payload * - Dev positive test: encryptedPropertyValue present in dev env payload */ var AvoGuid_1 = require("../AvoGuid"); var AvoStreamId_1 = require("../AvoStreamId"); var AvoNetworkCallsHandler_1 = require("../AvoNetworkCallsHandler"); var p256_1 = require("@noble/curves/p256"); var constants_1 = require("./constants"); function bytesToHex(bytes) { return Array.from(bytes) .map(function (b) { return b.toString(16).padStart(2, "0"); }) .join(""); } function generateTestKeyPair() { var privateKeyBytes = p256_1.p256.utils.randomPrivateKey(); var publicKeyBytes = p256_1.p256.getPublicKey(privateKeyBytes, false); return { privateKey: bytesToHex(privateKeyBytes).padStart(64, "0"), publicKey: bytesToHex(publicKeyBytes), }; } var keyPair = generateTestKeyPair(); describe("AvoNetworkCallsHandler encryption integration", function () { var now = new Date(); beforeAll(function () { // @ts-ignore jest.spyOn(global, "Date").mockImplementation(function () { return now; }); jest .spyOn(AvoStreamId_1.AvoStreamId, "initialize") .mockResolvedValue(constants_1.mockedReturns.ANONYMOUS_ID); jest .spyOn(AvoGuid_1.default, "newGuid") .mockImplementation(function () { return constants_1.mockedReturns.GUID; }); }); afterAll(function () { jest.restoreAllMocks(); }); test("publicEncryptionKey is included in base body when non-null and non-empty", function () { return __awaiter(void 0, void 0, void 0, function () { var handler, body; return __generator(this, function (_a) { switch (_a.label) { case 0: handler = new AvoNetworkCallsHandler_1.AvoNetworkCallsHandler("test-api-key", "dev", "TestApp", "1.0.0", "1.0.0", keyPair.publicKey); return [4 /*yield*/, handler.bodyForEventSchemaCall("testEvent", [{ propertyName: "name", propertyType: "string" }], null, null, { name: "Alice" })]; case 1: body = _a.sent(); expect(body.publicEncryptionKey).toBe(keyPair.publicKey); return [2 /*return*/]; } }); }); }); test("publicEncryptionKey is NOT included in base body when null", function () { return __awaiter(void 0, void 0, void 0, function () { var handler, body; return __generator(this, function (_a) { switch (_a.label) { case 0: handler = new AvoNetworkCallsHandler_1.AvoNetworkCallsHandler("test-api-key", "dev", "TestApp", "1.0.0", "1.0.0"); return [4 /*yield*/, handler.bodyForEventSchemaCall("testEvent", [{ propertyName: "name", propertyType: "string" }], null, null)]; case 1: body = _a.sent(); expect(body.publicEncryptionKey).toBeUndefined(); return [2 /*return*/]; } }); }); }); test("publicEncryptionKey is NOT included in base body when empty string", function () { return __awaiter(void 0, void 0, void 0, function () { var handler, body; return __generator(this, function (_a) { switch (_a.label) { case 0: handler = new AvoNetworkCallsHandler_1.AvoNetworkCallsHandler("test-api-key", "dev", "TestApp", "1.0.0", "1.0.0", ""); return [4 /*yield*/, handler.bodyForEventSchemaCall("testEvent", [{ propertyName: "name", propertyType: "string" }], null, null)]; case 1: body = _a.sent(); expect(body.publicEncryptionKey).toBeUndefined(); return [2 /*return*/]; } }); }); }); test("Prod negative test: no encryptedPropertyValue in prod env payload", function () { return __awaiter(void 0, void 0, void 0, function () { var handler, body, _i, _a, prop; return __generator(this, function (_b) { switch (_b.label) { case 0: handler = new AvoNetworkCallsHandler_1.AvoNetworkCallsHandler("test-api-key", "prod", "TestApp", "1.0.0", "1.0.0", keyPair.publicKey); return [4 /*yield*/, handler.bodyForEventSchemaCall("testEvent", [{ propertyName: "name", propertyType: "string" }], null, null, { name: "Alice" })]; case 1: body = _b.sent(); // In prod, shouldEncrypt returns false, so no encryption for (_i = 0, _a = body.eventProperties; _i < _a.length; _i++) { prop = _a[_i]; expect(prop.encryptedPropertyValue).toBeUndefined(); } return [2 /*return*/]; } }); }); }); test("Dev positive test: encryptedPropertyValue present in dev env payload", function () { return __awaiter(void 0, void 0, void 0, function () { var handler, body; return __generator(this, function (_a) { switch (_a.label) { case 0: handler = new AvoNetworkCallsHandler_1.AvoNetworkCallsHandler("test-api-key", "dev", "TestApp", "1.0.0", "1.0.0", keyPair.publicKey); return [4 /*yield*/, handler.bodyForEventSchemaCall("testEvent", [{ propertyName: "name", propertyType: "string" }], null, null, { name: "Alice" })]; case 1: body = _a.sent(); expect(body.eventProperties).toHaveLength(1); expect(body.eventProperties[0].encryptedPropertyValue).toBeDefined(); expect(typeof body.eventProperties[0].encryptedPropertyValue).toBe("string"); return [2 /*return*/]; } }); }); }); test("Staging positive test: encryptedPropertyValue present in staging env payload", function () { return __awaiter(void 0, void 0, void 0, function () { var handler, body; return __generator(this, function (_a) { switch (_a.label) { case 0: handler = new AvoNetworkCallsHandler_1.AvoNetworkCallsHandler("test-api-key", "staging", "TestApp", "1.0.0", "1.0.0", keyPair.publicKey); return [4 /*yield*/, handler.bodyForEventSchemaCall("testEvent", [{ propertyName: "price", propertyType: "float" }], null, null, { price: 9.99 })]; case 1: body = _a.sent(); expect(body.eventProperties).toHaveLength(1); expect(body.eventProperties[0].encryptedPropertyValue).toBeDefined(); return [2 /*return*/]; } }); }); }); test("List-type properties are omitted in encrypted payload", function () { return __awaiter(void 0, void 0, void 0, function () { var handler, body; return __generator(this, function (_a) { switch (_a.label) { case 0: handler = new AvoNetworkCallsHandler_1.AvoNetworkCallsHandler("test-api-key", "dev", "TestApp", "1.0.0", "1.0.0", keyPair.publicKey); return [4 /*yield*/, handler.bodyForEventSchemaCall("testEvent", [ { propertyName: "tags", propertyType: "list", children: ["string"] }, { propertyName: "name", propertyType: "string" }, ], null, null, { tags: ["a", "b"], name: "Alice" })]; case 1: body = _a.sent(); // list property should be omitted expect(body.eventProperties).toHaveLength(1); expect(body.eventProperties[0].propertyName).toBe("name"); return [2 /*return*/]; } }); }); }); });