UNPKG

filestack-js

Version:

Official JavaScript library for Filestack

github.com/filestack/filestack-js

filestack/filestack-js

61 lines (59 loc) 8.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
"use strict"; /* * Copyright (c) 2019 by Filestack. * Some rights reserved. * * Licensed under the Apache License, Version 2.0 (the 'License'); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an 'AS IS' BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ Object.defineProperty(exports, "__esModule", { value: true }); var security_1 = require("./security"); describe('api:security', function () { describe('getSecurity', function () { it('should create a proper object with policy & signature', function () { var policy = { expiry: 1523595600, call: ['pick', 'read', 'stat', 'write', 'writeUrl', 'store', 'convert', 'remove', 'exif', 'runWorkflow'], handle: 'TEST_HANDLE', }; var appSecret = 'testAppSecret'; var result = (0, security_1.getSecurity)(policy, appSecret); var expected = { policy: 'eyJleHBpcnkiOjE1MjM1OTU2MDAsImNhbGwiOlsicGljayIsInJlYWQiLCJzdGF0Iiwid3JpdGUiLCJ3cml0ZVVybCIsInN0b3JlIiwiY29udmVydCIsInJlbW92ZSIsImV4aWYiLCJydW5Xb3JrZmxvdyJdLCJoYW5kbGUiOiJURVNUX0hBTkRMRSJ9', signature: '7df0536104cdcc16370ad6494cdbda30c9773a62eec6e5153fa539544db6206e', }; expect(result).toEqual(expected); }); it('should throw error on invalid security params', function () { var policy = { expiry: 'test', call: ['pick1', 'read', 'stat', 'write', 'writeUrl', 'store', 'convert', 'remove', 'exif', 'runWorkflow'], handle: 'TEST_HANDLE', }; var appSecret = 'testAppSecret'; // @ts-ignore expect(function () { return (0, security_1.getSecurity)(policy, appSecret); }).toThrowError('Invalid security params'); }); }); describe('validateWebhookSignature', function () { it('should pass validation on proper signature', function () { var testRawData = '{"id": 6844, "action": "fp.upload", "timestamp": 1559199901, "text": {"url": "http://cdn.filestackapi.dev/xK88QArxRiyVvFzo4p33", "client": "Computer", "data": {"filename": "01 (1).png", "type": "image/png", "size": 881855}}}'; var correctSignature = { signature: '14495b54b246e1352bb69cd91c5c1bfe2221f2d0330414b3df8f5fb2903db730', timestamp: '1559199901', }; var secret = 'Y5cWb1rdRDSTSqEjF5pv'; expect((0, security_1.validateWebhookSignature)(secret, testRawData, correctSignature)).toBeTruthy(); }); }); }); //# sourceMappingURL=data:application/json;charset=utf8;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9saWIvYXBpL3NlY3VyaXR5LnNwZWMubm9kZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUE7Ozs7Ozs7Ozs7Ozs7OztHQWVHOztBQUVILHVDQUFtRTtBQUVuRSxRQUFRLENBQUMsY0FBYyxFQUFFO0lBQ3ZCLFFBQVEsQ0FBQyxhQUFhLEVBQUU7UUFDdEIsRUFBRSxDQUFDLHVEQUF1RCxFQUFFO1lBQzFELElBQU0sTUFBTSxHQUFHO2dCQUNiLE1BQU0sRUFBRSxVQUFVO2dCQUNsQixJQUFJLEVBQUUsQ0FBQyxNQUFNLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxPQUFPLEVBQUUsVUFBVSxFQUFFLE9BQU8sRUFBRSxTQUFTLEVBQUUsUUFBUSxFQUFFLE1BQU0sRUFBRSxhQUFhLENBQUM7Z0JBQ3hHLE1BQU0sRUFBRSxhQUFhO2FBQ3RCLENBQUM7WUFDRixJQUFNLFNBQVMsR0FBRyxlQUFlLENBQUM7WUFDbEMsSUFBTSxNQUFNLEdBQUcsSUFBQSxzQkFBVyxFQUFDLE1BQU0sRUFBRSxTQUFTLENBQUMsQ0FBQztZQUM5QyxJQUFNLFFBQVEsR0FBRztnQkFDZixNQUFNLEVBQ0osOExBQThMO2dCQUNoTSxTQUFTLEVBQUUsa0VBQWtFO2FBQzlFLENBQUM7WUFDRixNQUFNLENBQUMsTUFBTSxDQUFDLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ25DLENBQUMsQ0FBQyxDQUFDO1FBRUgsRUFBRSxDQUFDLCtDQUErQyxFQUFFO1lBQ2xELElBQU0sTUFBTSxHQUFHO2dCQUNiLE1BQU0sRUFBRSxNQUFNO2dCQUNkLElBQUksRUFBRSxDQUFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsTUFBTSxFQUFFLE9BQU8sRUFBRSxVQUFVLEVBQUUsT0FBTyxFQUFFLFNBQVMsRUFBRSxRQUFRLEVBQUUsTUFBTSxFQUFFLGFBQWEsQ0FBQztnQkFDekcsTUFBTSxFQUFFLGFBQWE7YUFDdEIsQ0FBQztZQUNGLElBQU0sU0FBUyxHQUFHLGVBQWUsQ0FBQztZQUNsQyxhQUFhO1lBQ2IsTUFBTSxDQUFDLGNBQU0sT0FBQSxJQUFBLHNCQUFXLEVBQUMsTUFBTSxFQUFFLFNBQVMsQ0FBQyxFQUE5QixDQUE4QixDQUFDLENBQUMsWUFBWSxDQUFDLHlCQUF5QixDQUFDLENBQUM7UUFDdkYsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDLENBQUMsQ0FBQztJQUVILFFBQVEsQ0FBQywwQkFBMEIsRUFBRTtRQUNuQyxFQUFFLENBQUMsNENBQTRDLEVBQUU7WUFDL0MsSUFBTSxXQUFXLEdBQUcsa09BQWtPLENBQUM7WUFFdlAsSUFBTSxnQkFBZ0IsR0FBRztnQkFDdkIsU0FBUyxFQUFFLGtFQUFrRTtnQkFDN0UsU0FBUyxFQUFFLFlBQVk7YUFDeEIsQ0FBQztZQUVGLElBQU0sTUFBTSxHQUFHLHNCQUFzQixDQUFDO1lBRXRDLE1BQU0sQ0FBQyxJQUFBLG1DQUF3QixFQUFDLE1BQU0sRUFBRSxXQUFXLEVBQUUsZ0JBQWdCLENBQUMsQ0FBQyxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ3ZGLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDLENBQUMsQ0FBQyIsImZpbGUiOiJsaWIvYXBpL3NlY3VyaXR5LnNwZWMubm9kZS5qcyIsInNvdXJjZXNDb250ZW50IjpbIi8qXG4gKiBDb3B5cmlnaHQgKGMpIDIwMTkgYnkgRmlsZXN0YWNrLlxuICogU29tZSByaWdodHMgcmVzZXJ2ZWQuXG4gKlxuICogTGljZW5zZWQgdW5kZXIgdGhlIEFwYWNoZSBMaWNlbnNlLCBWZXJzaW9uIDIuMCAodGhlICdMaWNlbnNlJyk7XG4gKiB5b3UgbWF5IG5vdCB1c2UgdGhpcyBmaWxlIGV4Y2VwdCBpbiBjb21wbGlhbmNlIHdpdGggdGhlIExpY2Vuc2UuXG4gKiBZb3UgbWF5IG9idGFpbiBhIGNvcHkgb2YgdGhlIExpY2Vuc2UgYXRcbiAqXG4gKiAgICAgaHR0cDovL3d3dy5hcGFjaGUub3JnL2xpY2Vuc2VzL0xJQ0VOU0UtMi4wXG4gKlxuICogVW5sZXNzIHJlcXVpcmVkIGJ5IGFwcGxpY2FibGUgbGF3IG9yIGFncmVlZCB0byBpbiB3cml0aW5nLCBzb2Z0d2FyZVxuICogZGlzdHJpYnV0ZWQgdW5kZXIgdGhlIExpY2Vuc2UgaXMgZGlzdHJpYnV0ZWQgb24gYW4gJ0FTIElTJyBCQVNJUyxcbiAqIFdJVEhPVVQgV0FSUkFOVElFUyBPUiBDT05ESVRJT05TIE9GIEFOWSBLSU5ELCBlaXRoZXIgZXhwcmVzcyBvciBpbXBsaWVkLlxuICogU2VlIHRoZSBMaWNlbnNlIGZvciB0aGUgc3BlY2lmaWMgbGFuZ3VhZ2UgZ292ZXJuaW5nIHBlcm1pc3Npb25zIGFuZFxuICogbGltaXRhdGlvbnMgdW5kZXIgdGhlIExpY2Vuc2UuXG4gKi9cblxuaW1wb3J0IHsgZ2V0U2VjdXJpdHksIHZhbGlkYXRlV2ViaG9va1NpZ25hdHVyZSB9IGZyb20gJy4vc2VjdXJpdHknO1xuXG5kZXNjcmliZSgnYXBpOnNlY3VyaXR5JywgKCkgPT4ge1xuICBkZXNjcmliZSgnZ2V0U2VjdXJpdHknLCAoKSA9PiB7XG4gICAgaXQoJ3Nob3VsZCBjcmVhdGUgYSBwcm9wZXIgb2JqZWN0IHdpdGggcG9saWN5ICYgc2lnbmF0dXJlJywgKCkgPT4ge1xuICAgICAgY29uc3QgcG9saWN5ID0ge1xuICAgICAgICBleHBpcnk6IDE1MjM1OTU2MDAsXG4gICAgICAgIGNhbGw6IFsncGljaycsICdyZWFkJywgJ3N0YXQnLCAnd3JpdGUnLCAnd3JpdGVVcmwnLCAnc3RvcmUnLCAnY29udmVydCcsICdyZW1vdmUnLCAnZXhpZicsICdydW5Xb3JrZmxvdyddLFxuICAgICAgICBoYW5kbGU6ICdURVNUX0hBTkRMRScsXG4gICAgICB9O1xuICAgICAgY29uc3QgYXBwU2VjcmV0ID0gJ3Rlc3RBcHBTZWNyZXQnO1xuICAgICAgY29uc3QgcmVzdWx0ID0gZ2V0U2VjdXJpdHkocG9saWN5LCBhcHBTZWNyZXQpO1xuICAgICAgY29uc3QgZXhwZWN0ZWQgPSB7XG4gICAgICAgIHBvbGljeTpcbiAgICAgICAgICAnZXlKbGVIQnBjbmtpT2pFMU1qTTFPVFUyTURBc0ltTmhiR3dpT2xzaWNHbGpheUlzSW5KbFlXUWlMQ0p6ZEdGMElpd2lkM0pwZEdVaUxDSjNjbWwwWlZWeWJDSXNJbk4wYjNKbElpd2lZMjl1ZG1WeWRDSXNJbkpsYlc5MlpTSXNJbVY0YVdZaUxDSnlkVzVYYjNKclpteHZkeUpkTENKb1lXNWtiR1VpT2lKVVJWTlVYMGhCVGtSTVJTSjknLFxuICAgICAgICBzaWduYXR1cmU6ICc3ZGYwNTM2MTA0Y2RjYzE2MzcwYWQ2NDk0Y2RiZGEzMGM5NzczYTYyZWVjNmU1MTUzZmE1Mzk1NDRkYjYyMDZlJyxcbiAgICAgIH07XG4gICAgICBleHBlY3QocmVzdWx0KS50b0VxdWFsKGV4cGVjdGVkKTtcbiAgICB9KTtcblxuICAgIGl0KCdzaG91bGQgdGhyb3cgZXJyb3Igb24gaW52YWxpZCBzZWN1cml0eSBwYXJhbXMnLCAoKSA9PiB7XG4gICAgICBjb25zdCBwb2xpY3kgPSB7XG4gICAgICAgIGV4cGlyeTogJ3Rlc3QnLFxuICAgICAgICBjYWxsOiBbJ3BpY2sxJywgJ3JlYWQnLCAnc3RhdCcsICd3cml0ZScsICd3cml0ZVVybCcsICdzdG9yZScsICdjb252ZXJ0JywgJ3JlbW92ZScsICdleGlmJywgJ3J1bldvcmtmbG93J10sXG4gICAgICAgIGhhbmRsZTogJ1RFU1RfSEFORExFJyxcbiAgICAgIH07XG4gICAgICBjb25zdCBhcHBTZWNyZXQgPSAndGVzdEFwcFNlY3JldCc7XG4gICAgICAvLyBAdHMtaWdub3JlXG4gICAgICBleHBlY3QoKCkgPT4gZ2V0U2VjdXJpdHkocG9saWN5LCBhcHBTZWNyZXQpKS50b1Rocm93RXJyb3IoJ0ludmFsaWQgc2VjdXJpdHkgcGFyYW1zJyk7XG4gICAgfSk7XG4gIH0pO1xuXG4gIGRlc2NyaWJlKCd2YWxpZGF0ZVdlYmhvb2tTaWduYXR1cmUnLCAoKSA9PiB7XG4gICAgaXQoJ3Nob3VsZCBwYXNzIHZhbGlkYXRpb24gb24gcHJvcGVyIHNpZ25hdHVyZScsICgpID0+IHtcbiAgICAgIGNvbnN0IHRlc3RSYXdEYXRhID0gJ3tcImlkXCI6IDY4NDQsIFwiYWN0aW9uXCI6IFwiZnAudXBsb2FkXCIsIFwidGltZXN0YW1wXCI6IDE1NTkxOTk5MDEsIFwidGV4dFwiOiB7XCJ1cmxcIjogXCJodHRwOi8vY2RuLmZpbGVzdGFja2FwaS5kZXYveEs4OFFBcnhSaXlWdkZ6bzRwMzNcIiwgXCJjbGllbnRcIjogXCJDb21wdXRlclwiLCBcImRhdGFcIjoge1wiZmlsZW5hbWVcIjogXCIwMSAoMSkucG5nXCIsIFwidHlwZVwiOiBcImltYWdlL3BuZ1wiLCBcInNpemVcIjogODgxODU1fX19JztcblxuICAgICAgY29uc3QgY29ycmVjdFNpZ25hdHVyZSA9IHtcbiAgICAgICAgc2lnbmF0dXJlOiAnMTQ0OTViNTRiMjQ2ZTEzNTJiYjY5Y2Q5MWM1YzFiZmUyMjIxZjJkMDMzMDQxNGIzZGY4ZjVmYjI5MDNkYjczMCcsXG4gICAgICAgIHRpbWVzdGFtcDogJzE1NTkxOTk5MDEnLFxuICAgICAgfTtcblxuICAgICAgY29uc3Qgc2VjcmV0ID0gJ1k1Y1diMXJkUkRTVFNxRWpGNXB2JztcblxuICAgICAgZXhwZWN0KHZhbGlkYXRlV2ViaG9va1NpZ25hdHVyZShzZWNyZXQsIHRlc3RSYXdEYXRhLCBjb3JyZWN0U2lnbmF0dXJlKSkudG9CZVRydXRoeSgpO1xuICAgIH0pO1xuICB9KTtcbn0pO1xuIl19