UNPKG

pagaris

Version:

Pagaris API client for Node

126 lines (109 loc) 5.1 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
const { Pagaris, Signature, assert } = require('./helpers') describe('Signature', function() { it('is accessible', function() { assert.doesNotThrow(function() { Signature }); assert(Signature instanceof Function) }) describe('constructor', function() { it('defaults timestamp to current time and body to empty str', function () { let signature = new Signature() assert.equal(signature.path, undefined) assert.equal(signature.method, undefined) assert.equal(signature.body, '') assert(() => { signature.timestamp instanceof Number }) let timestampDiff = Math.floor(Date.now() / 1000) - signature.timestamp assert(timestampDiff <= 1) }) it('accepts parameters', function () { let body = JSON.stringify({ a: 'b' }) let signature = new Signature('/api/v1', 'POST', body, 54321) assert.equal(signature.path, '/api/v1') assert.equal(signature.method, 'POST') assert.equal(signature.body, body) assert.equal(signature.timestamp, 54321) }) }) describe('value and #headerValue()', function () { it('returns a string to use for Authorization header', function () { context('without configuring Pagaris', function () { it('does not break', function () { Pagaris.applicationId = undefined Pagaris.privateKey = undefined let signature = new Signature('/pagaris_webhooks', 'GET', '', 1546353010) assert(signature.value.length) assert(signature.headerValue().length) // Passing 'falsey' body is equivalent to passing empty string signature = new Signature('/pagaris_webhooks', 'GET', undefined, 1546353010) assert(signature.value.length) assert(signature.headerValue().length) signature = new Signature('/pagaris_webhooks', 'GET', null, 1546353010) assert(signature.value.length) assert(signature.headerValue().length) }) }) context('after configuring Pagaris', function () { Pagaris.applicationId = 'APPLICATION_ID' Pagaris.privateKey = 'SOMETHING' let signature = new Signature('/pagaris_webhooks', 'GET', '', 1546353010) let expectedValue = 'e6e81a7604bb5e175bc051e7b03c0cabb3037e6ecc37296c009650f9765aa4eb' assert.equal(signature.value, expectedValue) let expHeaderVal = `Pagaris APPLICATION_ID:1546353010:${expectedValue}` assert.equal(signature.headerValue(), expHeaderVal) let path = '/webhooks/pagaris/' // Note the trailing slash let body = JSON.stringify({ order: { amount: 1500.43 } }) signature = new Signature(path, 'POST', body, 1546353010) expectedValue = 'bc0331d59d5af6a139d6856bcb03825fb4519395f429b031bed7b51769dcbc99' assert.equal(signature.value, expectedValue) expHeaderVal = `Pagaris APPLICATION_ID:1546353010:${expectedValue}` assert.equal(signature.headerValue(), expHeaderVal) path = '/webhooks/pagaris' signature = new Signature(path, 'POST', body, 1546353010) expectedValue = '7c6725b0aecbd659f3e83e6b685be56ee9f04c720abe1c3b3f5713b2d3f6378e' assert.equal(signature.value, expectedValue) expHeaderVal = `Pagaris APPLICATION_ID:1546353010:${expectedValue}` assert.equal(signature.headerValue(), expHeaderVal) }) }) }) describe('validate', function () { // This is needed for all of the tests in this context, and is otherwise // overwritten by the test helper hook beforeEach(function () { Pagaris.applicationId = 'APPLICATION_ID' Pagaris.privateKey = 'SOMETHING' }) const timestamp = 1588292752 const path = '/pagaris_webhooks' const body = JSON.stringify({ order: { amount: 1500.43 } }) it('returns false for empty headers', function () { assert(!Signature.validate()) assert(!Signature.validate('', path)) assert(!Signature.validate('', path, body)) }) it('returns false for invalid headers', function () { const headerValue = `Pagaris ${Pagaris.applicationId}:${timestamp}` assert(!Signature.validate(headerValue, path, body)) }) it('returns false for headers that do not match', function () { let headerValue = `Pagaris ${Pagaris.applicationId}:${timestamp}:aaaaa` assert(!Signature.validate(headerValue, path, body)) // Also if authorization type is not set headerValue = `${Pagaris.applicationId}:${timestamp}:aaaaa` assert(!Signature.validate(headerValue, path, body)) }) it('returns true for valid headers', function () { const signature = 'c750515774c4aca4bede26c1885a13583e787f01809f99086f1af95e6b11172f' let val = `Pagaris ${Pagaris.applicationId}:${timestamp}:${signature}` assert(Signature.validate(val, path, body)) // Also if authorization type is not set anotherVal = `${Pagaris.applicationId}:${timestamp}:${signature}` assert(Signature.validate(anotherVal, path, body)) }) }) })