@adobe/ccweb-add-on-ssl 0.1.0

package/src/test/app/WxpSSLReader.spec.ts

@@ -0,0 +1,244 @@
+/********************************************************************************
+ * MIT License
+
+ * © Copyright 2023 Adobe. All rights reserved.
+
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ ********************************************************************************/
+
+import type { Preferences, Logger } from "@adobe/ccweb-add-on-core";
+import { ADD_ON_PREFERENCES_FILE, PreferenceJson } from "@adobe/ccweb-add-on-core";
+import { assert } from "chai";
+import devcert from "@adobe/ccweb-add-on-devcert";
+import type { Stats } from "fs-extra";
+import fs from "fs-extra";
+import "mocha";
+import sinon from "sinon";
+import type { StubbedInstance } from "ts-sinon";
+import { stubInterface } from "ts-sinon";
+import type { SSLReader } from "../../app/index.js";
+import { WxpSSLReader } from "../../app/index.js";
+
+describe("WxpSSLReader", () => {
+    let sandbox: sinon.SinonSandbox;
+
+    let preferences: StubbedInstance<Preferences>;
+    let logger: StubbedInstance<Logger>;
+    let sslReader: SSLReader;
+
+    beforeEach(() => {
+        sandbox = sinon.createSandbox();
+
+        preferences = stubInterface<Preferences>();
+        logger = stubInterface<Logger>();
+        sslReader = new WxpSSLReader(preferences, logger);
+    });
+
+    afterEach(() => {
+        sandbox.restore();
+    });
+
+    describe("isCustomSSL", () => {
+        it(`should return false if SSL settings are not present in '${ADD_ON_PREFERENCES_FILE}' for the provided hostname.`, async () => {
+            const hostname = "localhost";
+            const userPreference = new PreferenceJson({});
+
+            preferences.get.returns(userPreference);
+
+            const isCustomSSL = sslReader.isCustomSSL(hostname);
+
+            assert.equal(isCustomSSL, false);
+        });
+
+        it(`should return true if SSL settings are present in '${ADD_ON_PREFERENCES_FILE}' for the provided hostname.`, async () => {
+            const hostname = "localhost";
+            const userPreference = new PreferenceJson({
+                ssl: {
+                    [hostname]: {
+                        certificatePath: "/some-directory/localhost/ssl/certificate.cert",
+                        keyPath: "/some-directory/localhost/ssl/private-key.key"
+                    }
+                }
+            });
+
+            preferences.get.returns(userPreference);
+
+            const isCustomSSL = sslReader.isCustomSSL(hostname);
+
+            assert.equal(isCustomSSL, true);
+        });
+    });
+
+    describe("isWxpSSL", () => {
+        it("should return false if devcert SSL certificate is not present for the provided hostname.", async () => {
+            const hostname = "localhost";
+
+            sandbox.stub(devcert, "hasCertificateFor").withArgs(hostname).returns(false);
+
+            const isWxpSSL = sslReader.isWxpSSL(hostname);
+
+            assert.equal(isWxpSSL, false);
+        });
+
+        it("should return false if devcert SSL certificate is not present for the provided hostname.", async () => {
+            const hostname = "localhost";
+
+            sandbox.stub(devcert, "hasCertificateFor").withArgs(hostname).returns(false);
+
+            const isWxpSSL = sslReader.isWxpSSL(hostname);
+
+            assert.equal(isWxpSSL, false);
+        });
+    });
+
+    describe("read", async () => {
+        it("should log error and exit when SSL certificate path is invalid for manually set up SSL.", async () => {
+            const hostname = "localhost";
+
+            const certificatePath = "/some-directory/localhost/ssl/";
+            const keyPath = "/some-directory/localhost/ssl/private-key.key";
+            const userPreference = new PreferenceJson({
+                ssl: { [hostname]: { certificatePath, keyPath } }
+            });
+            preferences.get.returns(userPreference);
+
+            const existsStub = sandbox.stub(fs, "existsSync");
+            existsStub.withArgs(certificatePath).returns(true);
+            existsStub.withArgs(keyPath).returns(true);
+
+            const certificateStats = <Stats>{ isFile: () => false };
+            const keyStats = <Stats>{ isFile: () => true };
+            const lstatStub = sandbox.stub(fs, "lstatSync");
+            lstatStub.withArgs(certificatePath).returns(certificateStats);
+            lstatStub.withArgs(keyPath).returns(keyStats);
+
+            logger.error.returns();
+            const exitStub = sandbox.stub(process, "exit");
+
+            await sslReader.read(hostname);
+
+            assert.equal(logger.error.calledOnceWith("Invalid SSL certificate file path."), true);
+            assert.equal(exitStub.calledWith(1), true);
+        });
+
+        it("should log error and exit when SSL key path is invalid for manually set up SSL.", async () => {
+            const hostname = "localhost";
+
+            const certificatePath = "/some-directory/localhost/ssl/certificate.cert";
+            const keyPath = "/some-directory/localhost/ssl/";
+            const userPreference = new PreferenceJson({
+                ssl: { [hostname]: { certificatePath, keyPath } }
+            });
+            preferences.get.returns(userPreference);
+
+            const existsStub = sandbox.stub(fs, "existsSync");
+            existsStub.withArgs(certificatePath).returns(true);
+            existsStub.withArgs(keyPath).returns(true);
+
+            const certificateStats = <Stats>{ isFile: () => true };
+            const keyStats = <Stats>{ isFile: () => false };
+            const lstatStub = sandbox.stub(fs, "lstatSync");
+            lstatStub.withArgs(certificatePath).returns(certificateStats);
+            lstatStub.withArgs(keyPath).returns(keyStats);
+
+            logger.error.returns();
+            const exitStub = sandbox.stub(process, "exit");
+
+            await sslReader.read(hostname);
+
+            assert.equal(logger.error.calledOnceWith("Invalid SSL key file path."), true);
+            assert.equal(exitStub.calledWith(1), true);
+        });
+
+        it("should read and return SSL certificate and key data for manually set up SSL.", async () => {
+            const hostname = "localhost";
+
+            const certificatePath = "/some-directory/localhost/ssl/certificate.cert";
+            const keyPath = "/some-directory/localhost/ssl/private-key.key";
+            const userPreference = new PreferenceJson({
+                ssl: { [hostname]: { certificatePath, keyPath } }
+            });
+            preferences.get.returns(userPreference);
+
+            const existsStub = sandbox.stub(fs, "existsSync");
+            existsStub.withArgs(certificatePath).returns(true);
+            existsStub.withArgs(keyPath).returns(true);
+
+            const stats = <Stats>{ isFile: () => true };
+            const lstatStub = sandbox.stub(fs, "lstatSync");
+            lstatStub.withArgs(certificatePath).returns(stats);
+            lstatStub.withArgs(keyPath).returns(stats);
+
+            const certificateData = <Buffer>{};
+            const keyData = <Buffer>{};
+            const readFileStub = sandbox.stub(fs, "readFileSync");
+            readFileStub.withArgs(certificatePath).returns(certificateData);
+            readFileStub.withArgs(keyPath).returns(keyData);
+
+            const sslData = await sslReader.read(hostname);
+
+            assert.equal(sslData.cert, certificateData);
+            assert.equal(sslData.key, keyData);
+        });
+
+        it("should read and return SSL certificate and key data for automatically set up SSL.", async () => {
+            const hostname = "localhost";
+
+            const userPreference = new PreferenceJson({});
+            preferences.get.returns(userPreference);
+
+            sandbox.stub(devcert, "hasCertificateFor").withArgs(hostname).returns(true);
+
+            const certificateData = <Buffer>{};
+            const keyData = <Buffer>{};
+
+            const certificateForStub = sandbox.stub(devcert, "certificateFor");
+            // @ts-ignore -- IReturnData mock response
+            certificateForStub.withArgs(hostname).returns({ cert: certificateData, key: keyData });
+
+            const sslData = await sslReader.read(hostname);
+
+            assert.equal(sslData.cert, certificateData);
+            assert.equal(sslData.key, keyData);
+        });
+
+        it("should log error and exit when SSL is not set up.", async () => {
+            const hostname = "localhost";
+
+            const userPreference = new PreferenceJson({});
+            preferences.get.returns(userPreference);
+
+            sandbox.stub(devcert, "hasCertificateFor").returns(false);
+
+            logger.error.returns();
+            const exitStub = sandbox.stub(process, "exit");
+
+            await sslReader.read(hostname);
+
+            assert.equal(
+                logger.error.calledOnceWith(
+                    "No SSL related certificate or key files were found. Please retry after setting them up.",
+                    { postfix: "\n" }
+                ),
+                true
+            );
+            assert.equal(exitStub.calledWith(1), true);
+        });
+    });
+});

package/src/test/commands/setup.spec.ts

@@ -0,0 +1,161 @@
+/********************************************************************************
+ * MIT License
+
+ * © Copyright 2023 Adobe. All rights reserved.
+
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ ********************************************************************************/
+
+import type { AnalyticsConsent, AnalyticsService } from "@adobe/ccweb-add-on-analytics";
+import { ITypes as IAnalyticsTypes } from "@adobe/ccweb-add-on-analytics";
+import type { AccountService } from "@adobe/ccweb-add-on-developer-terms";
+import { ITypes as IDeveloperTermsTypes } from "@adobe/ccweb-add-on-developer-terms";
+import { Config } from "@oclif/core";
+import chai, { assert, expect } from "chai";
+import chaiAsPromised from "chai-as-promised";
+import "mocha";
+import { createRequire } from "module";
+import sinon from "sinon";
+import type { StubbedInstance } from "ts-sinon";
+import { stubInterface } from "ts-sinon";
+import { AnalyticsErrorMarkers } from "../../AnalyticsMarkers.js";
+import type { CommandExecutor, SetupCommandExecutor } from "../../app/index.js";
+import { Setup } from "../../commands/setup.js";
+import { IContainer, ITypes } from "../../config/index.js";
+import { SetupCommandOptions } from "../../models/SetupCommandOptions.js";
+import type { CommandValidator } from "../../validators/CommandValidator.js";
+import type { SetupCommandValidator } from "../../validators/SetupCommandValidator.js";
+
+chai.use(chaiAsPromised);
+
+const { test } = createRequire(import.meta.url)("@oclif/test");
+
+describe("Setup", () => {
+    let sandbox: sinon.SinonSandbox;
+
+    let container: sinon.SinonStub;
+    let namedContainer: sinon.SinonStub;
+
+    let commandExecutor: StubbedInstance<CommandExecutor>;
+    let commandValidator: StubbedInstance<CommandValidator>;
+
+    let accountService: StubbedInstance<AccountService>;
+
+    let analyticsConsent: StubbedInstance<AnalyticsConsent>;
+    let analyticsService: StubbedInstance<AnalyticsService>;
+
+    beforeEach(() => {
+        sandbox = sinon.createSandbox();
+
+        commandExecutor = stubInterface<SetupCommandExecutor>();
+        commandExecutor.execute.resolves();
+
+        commandValidator = stubInterface<SetupCommandValidator>();
+        commandValidator.validate.resolves();
+
+        namedContainer = sandbox.stub(IContainer, "getNamed");
+        namedContainer.withArgs(ITypes.CommandValidator, "setup").returns(commandValidator);
+        namedContainer.withArgs(ITypes.CommandExecutor, "setup").returns(commandExecutor);
+
+        accountService = stubInterface();
+        accountService.invalidateToken.resolves();
+        accountService.seekTermsOfUseConsent.resolves();
+
+        analyticsConsent = stubInterface();
+        analyticsService = stubInterface();
+
+        container = sandbox.stub(IContainer, "get");
+        container.withArgs(IDeveloperTermsTypes.AccountService).returns(accountService);
+        container.withArgs(IAnalyticsTypes.AnalyticsConsent).returns(analyticsConsent);
+        container.withArgs(IAnalyticsTypes.AnalyticsService).returns(analyticsService);
+    });
+
+    afterEach(() => {
+        sandbox.restore();
+    });
+
+    describe("setup", () => {
+        test.stdout()
+            .command(["setup", "--hostname=localhost", "--login", "--analytics=on", "--verbose"])
+            .it("should execute succesfully when correct parameters are passed.", async () => {
+                analyticsConsent.set.resolves();
+
+                const options = new SetupCommandOptions("localhost", false, true);
+                assert.equal(commandValidator.validate.calledOnceWith(options), true);
+                assert.equal(commandExecutor.execute.calledOnceWith(options), true);
+            });
+    });
+
+    describe("run", () => {
+        it("should execute succesfully when correct parameters are passed without analytics.", async () => {
+            analyticsConsent.get.resolves(true);
+
+            const hostname = "localhost";
+            const setup = new Setup(["--hostname", hostname, "--login", "--verbose"], new Config({ root: "." }));
+
+            await setup.run();
+
+            assert.equal(accountService.invalidateToken.callCount, 1);
+            assert.equal(accountService.seekTermsOfUseConsent.callCount, 1);
+
+            assert.equal(analyticsConsent.get.callCount, 1);
+
+            const options = new SetupCommandOptions(hostname, false, true);
+            assert.equal(commandValidator.validate.calledOnceWith(options), true);
+            assert.equal(commandExecutor.execute.calledOnceWith(options), true);
+        });
+
+        it("should execute succesfully when correct parameters are passed with analytics.", async () => {
+            analyticsConsent.get.resolves(true);
+            analyticsConsent.set.withArgs(false).resolves();
+
+            const hostname = "localhost";
+            const setup = new Setup(
+                ["--hostname", hostname, "--login", "--analytics", "off", "--verbose"],
+                new Config({ root: "." })
+            );
+
+            await setup.run();
+
+            assert.equal(accountService.invalidateToken.callCount, 1);
+            assert.equal(accountService.seekTermsOfUseConsent.callCount, 1);
+
+            assert.equal(analyticsConsent.set.calledOnceWith(false), true);
+
+            const options = new SetupCommandOptions(hostname, false, true);
+            assert.equal(commandValidator.validate.calledOnceWith(options), true);
+            assert.equal(commandExecutor.execute.calledOnceWith(options), true);
+        });
+    });
+
+    describe("catch", () => {
+        it("should fail when incorrect parameters are passed.", async () => {
+            const setup = new Setup(["--incorrect-flag"], new Config({ root: "." }));
+
+            const error = new Error("Nonexistent flag: --incorrect-flag\nSee more help with --help");
+
+            await expect(setup.catch(error)).to.be.rejectedWith();
+
+            assert.equal(
+                analyticsService.postEvent.calledOnceWith(AnalyticsErrorMarkers.ERROR_SSL_SETUP, error.message, false),
+                true
+            );
+        });
+    });
+});

package/src/test/data/cert/cert.pem

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDDTCCAfWgAwIBAgIJANy345GHiO8LMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
+BAMMB2RldmNlcnQwHhcNMjMwMTA5MTg0NjE1WhcNMjUwNDEzMTg0NjE1WjASMRAw
+DgYDVQQDDAdkZXZjZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+zMJ6C9B/REkgpP+/MMsmzZyQRy51PTj6YqjfOjvyrQs51b5dJU/0v95d45nIyyR5
+lrmLBHUhZ1K5BgGst5l/II1NKi3U2h80vanSxvmDPklIp+8is44I8Cwcnjd+Q/Rs
+69dsEHlHVNRXGNJNARyBxvz5wqDqCBvxakM8/jxzUeDX1Q1lQV/O7uX5q+uqhSVf
+6EP1sdKYfNfoOfbXpJBdmy95wmiL/+iNGP5WdM+nHq8KE1A2Vyye9z+SoQ/uy6S8
+y9JfaJv5ZbokLyNnOWdo2CaXFZfV8f3ldToMLr4kx1+mtEkU1HGzd6Jcfl/J5f+2
+nCPULUS+d//olLCq241gYQIDAQABo2YwZDAdBgNVHQ4EFgQUXrmMwaS+eDQ2rjCa
+phGDBqkKm9AwHwYDVR0jBBgwFoAUXrmMwaS+eDQ2rjCaphGDBqkKm9AwEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEB
+AKTMd/gynO+Ah3kbBZG6WTWFlhlbp4S7vHUnb3iZhLxTvxXluLAwVEhlbTlwcfxi
+dWo5ywJCGOSQ7f4J3ev650u3xhizGRIV7oWv/tuKoj4vIRVRBYHqr+o3D6DMqbqY
+myKKFaSRY6fyP642MCHhHAARULacEDmtNpvUxj3sjO8M2VEuViaYDKupTl5XN28L
+muvVdgGLq2rLKxP/mpnd/uDPsD3yp7HnIHyhOsZ6R5eZN8sKOSz9YjjBli8SvDoF
+lT2emSG3kN3lDjS+5y5NASJAABWSvQomhbsgoVY+jQIi6Pr1TbJ6fSAghVh7z5ck
+fPFAVALLDHw/HDHiGeaxdAk=
+-----END CERTIFICATE-----

package/src/test/data/cert/key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAuEgbmzEUvSDoBQK56Zcm2F2LrLFUkoh0ix1+tVB/6NH1fPiA
+nUhmrKg9MleuJoiQ5iPFSVjPpotGISGjwiQ2QK4GT2bXhRGh2Jz0quCd0F2ud7Ey
+59bIRtINM7A5xmtD5t09Cn+XYuDj0cWkmljfasNDnp+K+Behu4chbQlPxysUwh3t
+wMLG+Vule59bhswdEkbtRTYFBUch/5PjNLGyqqxO79STSV8ptX9bi0B00gXkM+Hn
+ejdSLKw56+7oJVo5F4JohlZ6D02rWc4LvPAV8dahQ+NcBWkqWH54bcbCdX49kEY9
+F9g4H6/dMgwr3PNHfA9m8QysTpyvKhZVGOlJDwIDAQABAoIBADhKdnxSYsZe7eDR
+815COLBw6sCGrpHQMuFn0hOqklfZAsb41bi1q/9jqMXe+Kh2oORb2uDLyypRcsue
+Dfq4uwXI4s6QWJciSrDzSN2FnU9PvoJ7U1R0TFstwLCgTRWqIGS+Ae5aCTFABvdG
+C0DGkwB2wwoKLBYaieHRpkk7Re5NWukPfovizZ0zUyJUY3jLi5+2QRIL9vbNOFsx
+Dk06jwy/WS82F1liojTnj9357QoU/8y/1pLFXesORYL+GJ3dhNkVhNBiOSAS+I8w
+K3Mtl7+teZHNycIpTpaimqQHHhLiVjtQ7rs1nh7JNOkozJY9PRCQ/becUYUGrvS2
+mkuH5HECgYEA2Xp0bcF1B8DJj+QDYJdwTnItiQR3asensqeJMYRBHT9afPtxDUfY
+47ANwrHyos1zl89pU+7pCJ9Xl6CAE6+aIonskPa6Z2Zr8PIZKB22GPOSscOUzm/g
+ZbMYIjvkxXvRmFZgWN1X2RVjMvCsaO9FZDze7kxLivSv6W4HC/ZO+UcCgYEA2Oxa
+B0z4/tcqloYVUFsBrElmLDMtGikb1UiM6A8854auNpZ/MG+0cWDDxlQOpfAi0L/8
+SX6lh67OiIYVQYpzv4/40kFY9/ErlSozU8efb2pbtHtQpKDjlzYrJqeCLihH5reZ
+ufnDz2bkYk5lU9B2E95luqJMdw0ROxVqAKoqFfkCgYByM/LV/AQnyR5PmG4JmBza
+pOyyigznnua6U24g+ZFz+WPcQ/HvBm6nyji/p9CBm5/69WkbMVdgNsS5lAgNzmYD
+gygeS+JBEDDYu1lojomkeqvq+4i2C1vsK+sddxRAfC/pblpz7/AEyE1qX6Y6CIQJ
+CkoLGzeERc/mpee/aV25WwKBgQCgXPIdTZERzH1Gc+9TzUOKW2S2LksceOGDpjPM
+5l7vBkjKQC3c3+e0nYV9m+yMTd9fFV7r8j1q9hbnJMCYCEOTjVq0DO05tseyaVUy
+jXPXSPhsj3FJk0tNIRV7aQA7ITouXPK/Yt6X+AfEiRItiQGRpKrt80e2ByoC1Mzd
+mu6r+QKBgEGqJvUG148rhUuuirC+JLxzcSymAHpEnRggFDXI0szKLogClZfs8z8k
+TYDmERfjCLNH/RtmyY20APdN32DBWgS/MOGtp9yKumTJq//nXD8oNKFj2ejNLFZH
+SmQgjKI4E/CcX4LQzaLI/FIf191MISR9/p+Ah/eF38VCEnJfAWrp
+-----END RSA PRIVATE KEY-----

package/src/test/models/SetupCommandOptions.spec.ts

@@ -0,0 +1,53 @@
+/********************************************************************************
+ * MIT License
+
+ * © Copyright 2023 Adobe. All rights reserved.
+
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ ********************************************************************************/
+
+import { assert } from "chai";
+import "mocha";
+import { SetupCommandOptions } from "../../models/index.js";
+
+describe("SetupCommandOptions", () => {
+    describe("constructor", () => {
+        const runs = [
+            {
+                hostname: "localhost",
+                useExisting: false,
+                verbose: false
+            },
+            {
+                hostname: "localhost.adobe.com",
+                useExisting: true,
+                verbose: true
+            }
+        ];
+        runs.forEach(run => {
+            it("should create a new instance.", () => {
+                const commandOptions = new SetupCommandOptions(run.hostname, run.useExisting, run.verbose);
+
+                assert.equal(commandOptions.hostname, run.hostname);
+                assert.equal(commandOptions.useExisting, run.useExisting);
+                assert.equal(commandOptions.verbose, run.verbose);
+            });
+        });
+    });
+});

package/src/test/validators/SetupCommandValidator.spec.ts

@@ -0,0 +1,168 @@
+/********************************************************************************
+ * MIT License
+
+ * © Copyright 2023 Adobe. All rights reserved.
+
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ ********************************************************************************/
+
+import type { AnalyticsService } from "@adobe/ccweb-add-on-analytics";
+import type { Logger } from "@adobe/ccweb-add-on-core";
+import { DEFAULT_HOST_NAME } from "@adobe/ccweb-add-on-core";
+import type { AccountService } from "@adobe/ccweb-add-on-developer-terms";
+import chai, { assert, expect } from "chai";
+import chaiAsPromised from "chai-as-promised";
+import "mocha";
+import type { SinonStub } from "sinon";
+import sinon from "sinon";
+import type { StubbedInstance } from "ts-sinon";
+import { stubInterface } from "ts-sinon";
+import { AnalyticsErrorMarkers } from "../../AnalyticsMarkers.js";
+import { SetupCommandOptions } from "../../models/SetupCommandOptions.js";
+import type { CommandValidator } from "../../validators/index.js";
+import { SetupCommandValidator } from "../../validators/index.js";
+
+chai.use(chaiAsPromised);
+
+describe("SetupCommandValidator", () => {
+    let sandbox: sinon.SinonSandbox;
+
+    let processExitStub: SinonStub;
+
+    let accountService: StubbedInstance<AccountService>;
+
+    let analyticsService: StubbedInstance<AnalyticsService>;
+    let logger: StubbedInstance<Logger>;
+
+    let commandValidator: CommandValidator;
+
+    beforeEach(() => {
+        sandbox = sinon.createSandbox();
+
+        processExitStub = sandbox.stub(process, "exit");
+        processExitStub.throws();
+
+        accountService = stubInterface();
+
+        analyticsService = stubInterface();
+        logger = stubInterface();
+
+        commandValidator = new SetupCommandValidator(accountService, analyticsService, logger);
+    });
+
+    afterEach(() => {
+        sandbox.restore();
+    });
+
+    describe("validate", () => {
+        it(`should log error and exit when a non-privileged user provides a hostname other than ${DEFAULT_HOST_NAME}.`, async () => {
+            accountService.isUserPrivileged.resolves(false);
+
+            const options = new SetupCommandOptions("localhost.adobe.com", true, true);
+
+            const eventData = [
+                "--hostname",
+                options.hostname,
+                "--useExisting",
+                options.useExisting,
+                "--isUserPrivileged",
+                false
+            ];
+
+            await expect(commandValidator.validate(options)).to.be.rejected;
+
+            assert.equal(processExitStub.calledOnce, true);
+            assert.equal(
+                logger.error.calledOnceWith("Invalid hostname. Only 'localhost' is allowed.", {
+                    prefix: "\n",
+                    postfix: "\n"
+                }),
+                true
+            );
+            assert.equal(
+                analyticsService.postEvent.calledOnceWith(
+                    AnalyticsErrorMarkers.ERROR_SSL_INVALID_HOSTNAME,
+                    eventData.join(" "),
+                    false
+                ),
+                true
+            );
+        });
+
+        it(`should return when a non-privileged user provides the hostname as ${DEFAULT_HOST_NAME}.`, async () => {
+            accountService.isUserPrivileged.resolves(false);
+
+            const options = new SetupCommandOptions("localhost", true, true);
+            await commandValidator.validate(options);
+
+            assert.equal(processExitStub.callCount, 0);
+            assert.equal(logger.error.callCount, 0);
+        });
+
+        let hostnames = ["", "foobar", "localhost.com"];
+        hostnames.forEach(hostname => {
+            it(`should log error and exit when a privileged user provides an invalid hostname: '${hostname}'.`, async () => {
+                accountService.isUserPrivileged.resolves(true);
+
+                const options = new SetupCommandOptions(hostname, true, true);
+
+                const eventData = [
+                    "--hostname",
+                    options.hostname,
+                    "--useExisting",
+                    options.useExisting,
+                    "--isUserPrivileged",
+                    true
+                ];
+
+                await expect(commandValidator.validate(options)).to.be.rejected;
+
+                assert.equal(processExitStub.calledOnce, true);
+                assert.equal(
+                    logger.error.calledOnceWith("Invalid hostname. Only 'localhost' and '*.adobe.com' are allowed.", {
+                        prefix: "\n",
+                        postfix: "\n"
+                    }),
+                    true
+                );
+                assert.equal(
+                    analyticsService.postEvent.calledOnceWith(
+                        AnalyticsErrorMarkers.ERROR_SSL_INVALID_HOSTNAME,
+                        eventData.join(" "),
+                        false
+                    ),
+                    true
+                );
+            });
+        });
+
+        hostnames = ["localhost", "localhost.adobe.com", "random.adobe.com"];
+        hostnames.forEach(hostname => {
+            it(`should return when a privileged user provides a valid hostname: '${hostname}'.`, async () => {
+                accountService.isUserPrivileged.resolves(true);
+
+                const options = new SetupCommandOptions(hostname, true, true);
+                await commandValidator.validate(options);
+
+                assert.equal(processExitStub.callCount, 0);
+                assert.equal(logger.error.callCount, 0);
+            });
+        });
+    });
+});