@enbox/dwn-server 0.0.2 → 0.0.3

package/dist/esm/tests/http-api.spec.js

@@ -1,21 +1,17 @@
-// node.js 18 and earlier,  needs globalThis.crypto polyfill
-import sinon from 'sinon';
-import { DataStream, DwnErrorCode, ProtocolsConfigure, RecordsQuery, TestDataGenerator, Time, } from '@enbox/dwn-sdk-js';
+import { Convert } from '@enbox/common';
 import { expect } from 'chai';
-import fetch from 'node-fetch';
-import { webcrypto } from 'node:crypto';
-import { useFakeTimers } from 'sinon';
-import request from 'supertest';
+import log from 'loglevel';
 import { v4 as uuidv4 } from 'uuid';
+import { webcrypto } from 'node:crypto';
+import { DataStream, DwnErrorCode, ProtocolsConfigure, RecordsQuery, TestDataGenerator, Time, } from '@enbox/dwn-sdk-js';
+import sinon, { useFakeTimers } from 'sinon';
+import CommonScenarioValidator from './common-scenario-validator.js';
 import { config } from '../src/config.js';
-import log from 'loglevel';
+import { getTestDwn } from './test-dwn.js';
 import { HttpApi } from '../src/http-api.js';
+import { RegistrationManager } from '../src/registration/registration-manager.js';
 import { createJsonRpcRequest, JsonRpcErrorCodes, } from '../src/lib/json-rpc.js';
-import { getTestDwn } from './test-dwn.js';
 import { createRecordsWriteMessage, getDwnResponse, getFileAsReadStream, } from './utils.js';
-import { RegistrationManager } from '../src/registration/registration-manager.js';
-import CommonScenarioValidator from './common-scenario-validator.js';
-import { Convert } from '@enbox/common';
 if (!globalThis.crypto) {
     // @ts-ignore
     globalThis.crypto = webcrypto;
@@ -26,9 +22,11 @@ describe('http api', function () {
     let registrationManager;
     let dwn;
     let clock;
+    let baseUrl;
     before(async function () {
         clock = useFakeTimers({ shouldAdvanceTime: true });
-        // TODO: Remove direct use of default config to avoid changes bleed/pollute between tests - https://github.com/TBD54566975/dwn-server/issues/144
+        // TODO: Remove direct use of default config to avoid changes bleed/pollute between tests - https://github.com/enboxorg/enbox/issues/144
+        config.packageJsonPath = './package.json'; // default is Docker path; override for local tests
         config.registrationStoreUrl = 'sqlite://';
         config.registrationProofOfWorkEnabled = true;
         config.termsOfServiceFilePath = './tests/fixtures/terms-of-service.txt';
@@ -43,7 +41,8 @@ describe('http api', function () {
     });
     beforeEach(async function () {
         sinon.restore();
-        await httpApi.start(3000);
+        await httpApi.start(0);
+        baseUrl = `http://localhost:${httpApi.server.port}`;
         // generate a new persona for each test to avoid state pollution
         alice = await TestDataGenerator.generateDidKeyPersona();
         await registrationManager.recordTenantRegistration({ did: alice.did, termsOfServiceHash: registrationManager.getTermsOfServiceHash() });
@@ -57,19 +56,21 @@ describe('http api', function () {
     });
     describe('/ (rpc)', function () {
         it('responds with a 400 if no dwn-request header is provided', async function () {
-            const response = await request(httpApi.api).post('/').send();
-            expect(response.statusCode).to.equal(400);
-            const body = response.body;
+            const response = await fetch(baseUrl, {
+                method: 'POST',
+            });
+            expect(response.status).to.equal(400);
+            const body = (await response.json());
             expect(body.error.code).to.equal(JsonRpcErrorCodes.BadRequest);
             expect(body.error.message).to.equal('request payload required.');
         });
         it('responds with a 400 if parsing dwn request fails', async function () {
-            const response = await request(httpApi.api)
-                .post('/')
-                .set('dwn-request', ';;;;@!#@!$$#!@%')
-                .send();
-            expect(response.statusCode).to.equal(400);
-            const body = response.body;
+            const response = await fetch(baseUrl, {
+                method: 'POST',
+                headers: { 'dwn-request': ';;;;@!#@!$$#!@%' },
+            });
+            expect(response.status).to.equal(400);
+            const body = (await response.json());
             expect(body.error.code).to.equal(JsonRpcErrorCodes.BadRequest);
             expect(body.error.message).to.include('JSON');
         });
@@ -85,7 +86,7 @@ describe('http api', function () {
             });
             const dataBytes = await DataStream.toBytes(dataStream);
             // Attempt an initial RecordsWrite with the invalid message to ensure the DWN returns an error.
-            const responseInitialWrite = await fetch('http://localhost:3000', {
+            const responseInitialWrite = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -105,15 +106,17 @@ describe('http api', function () {
             // `access-control-expose-headers` returned in each HTTP response. This is necessary to enable applications
             // that have CORS enabled to read and parse DWeb Messages that are returned as Response headers, particularly
             // in the case of RecordsRead messages.
-            // TODO: github.com/TBD54566975/dwn-server/issues/50
+            // TODO: github.com/enboxorg/enbox/issues/50
             // Consider replacing this test with a more robust method of testing, such as writing Playwright tests
             // that run in a browser to verify that the `dwn-response` header can be read from the `fetch()` response
             // when CORS mode is enabled.
-            const response = await request(httpApi.api).post('/').send();
+            const response = await fetch(baseUrl, {
+                method: 'POST',
+            });
             // Check if the 'access-control-expose-headers' header is present
-            expect(response.headers).to.have.property('access-control-expose-headers');
+            expect(response.headers.has('access-control-expose-headers')).to.be.true;
             // Check if the 'dwn-response' header is listed in 'access-control-expose-headers'
-            const exposedHeaders = response.headers['access-control-expose-headers'];
+            const exposedHeaders = response.headers.get('access-control-expose-headers');
             expect(exposedHeaders).to.include('dwn-response');
         });
         it('works fine when no request body is provided', async function () {
@@ -128,19 +131,20 @@ describe('http api', function () {
                 message: recordsQuery.toJSON(),
                 target: alice.did,
             });
-            const response = await request(httpApi.api)
-                .post('/')
-                .set('dwn-request', JSON.stringify(dwnRequest))
-                .send();
-            expect(response.statusCode).to.equal(200);
-            expect(response.body.id).to.equal(requestId);
-            expect(response.body.error).to.not.exist;
-            expect(response.body.result.reply.status.code).to.equal(200);
+            const response = await fetch(baseUrl, {
+                method: 'POST',
+                headers: { 'dwn-request': JSON.stringify(dwnRequest) },
+            });
+            expect(response.status).to.equal(200);
+            const body = await response.json();
+            expect(body.id).to.equal(requestId);
+            expect(body.error).to.not.exist;
+            expect(body.result.reply.status.code).to.equal(200);
         });
     });
     describe('P0 Scenarios', function () {
         it('should be able to read and write a protocol record', async function () {
-            await CommonScenarioValidator.sanityTestDwnReadWrite(config.baseUrl, alice);
+            await CommonScenarioValidator.sanityTestDwnReadWrite(baseUrl, alice);
         });
     });
     describe('RecordsWrite', function () {
@@ -153,7 +157,7 @@ describe('http api', function () {
                 message: initialWrite.toJSON(),
                 target: alice.did,
             });
-            const responseInitialWrite = await fetch('http://localhost:3000', {
+            const responseInitialWrite = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -176,7 +180,7 @@ describe('http api', function () {
                 message: overWrite.toJSON(),
                 target: alice.did,
             });
-            const responseOverwrite = await fetch('http://localhost:3000', {
+            const responseOverwrite = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -197,7 +201,7 @@ describe('http api', function () {
                 message: tombstone.toJSON(),
                 target: alice.did,
             });
-            const responeTombstone = await fetch('http://localhost:3000', {
+            const responeTombstone = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -208,7 +212,7 @@ describe('http api', function () {
     });
     describe('health check', function () {
         it('returns a health check', async function () {
-            const response = await fetch('http://localhost:3000/health', {
+            const response = await fetch(`${baseUrl}/health`, {
                 method: 'GET',
             });
             expect(response.status).to.equal(200);
@@ -216,7 +220,7 @@ describe('http api', function () {
     });
     describe('default http get response', function () {
         it('returns returns a default message', async function () {
-            const response = await fetch('http://localhost:3000/', {
+            const response = await fetch(`${baseUrl}/`, {
                 method: 'GET',
             });
             expect(response.status).to.equal(200);
@@ -236,7 +240,7 @@ describe('http api', function () {
                 message: recordsWrite.toJSON(),
                 target: alice.did,
             });
-            let response = await fetch('http://localhost:3000', {
+            let response = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -249,7 +253,7 @@ describe('http api', function () {
             expect(body.error).to.not.exist;
             const { reply } = body.result;
             expect(reply.status.code).to.equal(202);
-            response = await fetch(`http://localhost:3000/${alice.did}/records/${recordsWrite.message.recordId}`);
+            response = await fetch(`${baseUrl}/${alice.did}/records/${recordsWrite.message.recordId}`);
             const blob = await response.blob();
             expect(blob.size).to.equal(size);
         });
@@ -265,7 +269,7 @@ describe('http api', function () {
                 message: recordsWrite.toJSON(),
                 target: alice.did,
             });
-            let response = await fetch('http://localhost:3000', {
+            let response = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -278,22 +282,22 @@ describe('http api', function () {
             expect(body.error).to.not.exist;
             const { reply } = body.result;
             expect(reply.status.code).to.equal(202);
-            response = await fetch(`http://localhost:3000/${alice.did}/records/${recordsWrite.message.recordId}`);
+            response = await fetch(`${baseUrl}/${alice.did}/records/${recordsWrite.message.recordId}`);
             expect(response.status).to.equal(404);
         });
         it('returns a 404 if record does not exist', async function () {
             const { recordsWrite } = await createRecordsWriteMessage(alice);
-            const response = await fetch(`http://localhost:3000/${alice.did}/records/${recordsWrite.message.recordId}`);
+            const response = await fetch(`${baseUrl}/${alice.did}/records/${recordsWrite.message.recordId}`);
             expect(response.status).to.equal(404);
         });
         it('returns a 404 for invalid or unauthorized did', async function () {
             const unauthorized = await TestDataGenerator.generateDidKeyPersona();
             const { recordsWrite } = await createRecordsWriteMessage(unauthorized);
-            const response = await fetch(`http://localhost:3000/${unauthorized.did}/records/${recordsWrite.message.recordId}`);
+            const response = await fetch(`${baseUrl}/${unauthorized.did}/records/${recordsWrite.message.recordId}`);
             expect(response.status).to.equal(404);
         });
         it('returns a 404 for invalid record id', async function () {
-            const response = await fetch(`http://localhost:3000/${alice.did}/records/kaka`);
+            const response = await fetch(`${baseUrl}/${alice.did}/records/kaka`);
             expect(response.status).to.equal(404);
         });
     });
@@ -311,7 +315,7 @@ describe('http api', function () {
                 message: recordsWrite.toJSON(),
                 target: alice.did,
             });
-            let response = await fetch('http://localhost:3000', {
+            let response = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -324,7 +328,7 @@ describe('http api', function () {
             expect(body.error).to.not.exist;
             const { reply } = body.result;
             expect(reply.status.code).to.equal(202);
-            response = await fetch(`http://localhost:3000/${alice.did}/read/records/${recordsWrite.message.recordId}`);
+            response = await fetch(`${baseUrl}/${alice.did}/read/records/${recordsWrite.message.recordId}`);
             const blob = await response.blob();
             expect(blob.size).to.equal(size);
         });
@@ -340,7 +344,7 @@ describe('http api', function () {
                 message: recordsWrite.toJSON(),
                 target: alice.did,
             });
-            let response = await fetch('http://localhost:3000', {
+            let response = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -353,22 +357,22 @@ describe('http api', function () {
             expect(body.error).to.not.exist;
             const { reply } = body.result;
             expect(reply.status.code).to.equal(202);
-            response = await fetch(`http://localhost:3000/${alice.did}/read/records/${recordsWrite.message.recordId}`);
+            response = await fetch(`${baseUrl}/${alice.did}/read/records/${recordsWrite.message.recordId}`);
             expect(response.status).to.equal(404);
         });
         it('returns a 404 if record does not exist', async function () {
             const { recordsWrite } = await createRecordsWriteMessage(alice);
-            const response = await fetch(`http://localhost:3000/${alice.did}/read/records/${recordsWrite.message.recordId}`);
+            const response = await fetch(`${baseUrl}/${alice.did}/read/records/${recordsWrite.message.recordId}`);
             expect(response.status).to.equal(404);
         });
         it('returns a 404 for invalid or unauthorized did', async function () {
             const unauthorized = await TestDataGenerator.generateDidKeyPersona();
             const { recordsWrite } = await createRecordsWriteMessage(unauthorized);
-            const response = await fetch(`http://localhost:3000/${unauthorized.did}/read/records/${recordsWrite.message.recordId}`);
+            const response = await fetch(`${baseUrl}/${unauthorized.did}/read/records/${recordsWrite.message.recordId}`);
             expect(response.status).to.equal(404);
         });
         it('returns a 404 for invalid record id', async function () {
-            const response = await fetch(`http://localhost:3000/${alice.did}/read/records/kaka`);
+            const response = await fetch(`${baseUrl}/${alice.did}/read/records/kaka`);
             expect(response.status).to.equal(404);
         });
     });
@@ -393,7 +397,7 @@ describe('http api', function () {
                 message: protocolConfigure.toJSON(),
                 target: alice.did,
             });
-            const response = await fetch('http://localhost:3000', {
+            const response = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -402,7 +406,7 @@ describe('http api', function () {
             expect(response.status).to.equal(200);
             // Fetch the protocol definition using the HTTP API
             const base64urlEncodedProtocol = Convert.string(protocolConfigure.message.descriptor.definition.protocol).toBase64Url();
-            const protocolUrl = `http://localhost:3000/${alice.did}/read/protocols/${base64urlEncodedProtocol}`;
+            const protocolUrl = `${baseUrl}/${alice.did}/read/protocols/${base64urlEncodedProtocol}`;
             const protocolQueryResponse = await fetch(protocolUrl);
             expect(protocolQueryResponse.status).to.equal(200);
             // get the JSON response
@@ -429,7 +433,7 @@ describe('http api', function () {
                 message: protocolConfigure.toJSON(),
                 target: alice.did,
             });
-            const response = await fetch('http://localhost:3000', {
+            const response = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -438,12 +442,12 @@ describe('http api', function () {
             expect(response.status).to.equal(200);
             // Fetch the protocol definition using the HTTP API
             const base64urlEncodedProtocol = Convert.string(protocolConfigure.message.descriptor.definition.protocol).toBase64Url();
-            const protocolUrl = `http://localhost:3000/${alice.did}/read/protocols/${base64urlEncodedProtocol}`;
+            const protocolUrl = `${baseUrl}/${alice.did}/read/protocols/${base64urlEncodedProtocol}`;
             const protocolQueryResponse = await fetch(protocolUrl);
             expect(protocolQueryResponse.status).to.equal(404);
         });
         it('returns a 400 if protocol is not base64url encoded', async function () {
-            const protocolUrl = `http://localhost:3000/${alice.did}/read/protocols/invalid-protocol`;
+            const protocolUrl = `${baseUrl}/${alice.did}/read/protocols/invalid-protocol`;
             const protocolQueryResponse = await fetch(protocolUrl);
             expect(protocolQueryResponse.status).to.equal(400);
             expect(await protocolQueryResponse.text()).to.equal('Bad Request');
@@ -470,7 +474,7 @@ describe('http api', function () {
                 message: protocolConfigurePublished.toJSON(),
                 target: alice.did,
             });
-            const response = await fetch('http://localhost:3000', {
+            const response = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -495,7 +499,7 @@ describe('http api', function () {
                 message: protocolConfigureNotPublished.toJSON(),
                 target: alice.did,
             });
-            const response2 = await fetch('http://localhost:3000', {
+            const response2 = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest2),
@@ -503,7 +507,7 @@ describe('http api', function () {
             });
             expect(response2.status).to.equal(200);
             // now query for a list of protocols
-            const protocolQueryUrl = `http://localhost:3000/${alice.did}/query/protocols`;
+            const protocolQueryUrl = `${baseUrl}/${alice.did}/query/protocols`;
             const protocolQueryResponse = await fetch(protocolQueryUrl);
             expect(protocolQueryResponse.status).to.equal(200);
             // get the JSON response
@@ -534,7 +538,7 @@ describe('http api', function () {
                 message: protocolConfigure.toJSON(),
                 target: alice.did,
             });
-            const response = await fetch('http://localhost:3000', {
+            const response = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -556,7 +560,7 @@ describe('http api', function () {
                 message: recordsWrite.toJSON(),
                 target: alice.did,
             });
-            const recordsWriteResponse = await fetch('http://localhost:3000', {
+            const recordsWriteResponse = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(recordsWriteDwnRequest),
@@ -568,7 +572,7 @@ describe('http api', function () {
             expect(responseJson.result.reply.status.code).to.equal(202);
             // Fetch the record using the HTTP API
             const base64urlEncodedProtocol = Convert.string(protocolConfigure.message.descriptor.definition.protocol).toBase64Url();
-            const protocolUrl = `http://localhost:3000/${alice.did}/read/protocols/${base64urlEncodedProtocol}/foo`;
+            const protocolUrl = `${baseUrl}/${alice.did}/read/protocols/${base64urlEncodedProtocol}/foo`;
             const recordReadResponse = await fetch(protocolUrl);
             expect(recordReadResponse.status).to.equal(200);
             // get the data response
@@ -583,7 +587,7 @@ describe('http api', function () {
         it('removes the trailing slash from the protocol path', async function () {
             const recordsQueryCreateSpy = sinon.spy(RecordsQuery, 'create');
             const base64urlEncodedProtocol = Convert.string('http://example.com/protocol').toBase64Url();
-            const protocolUrl = `http://localhost:3000/${alice.did}/read/protocols/${base64urlEncodedProtocol}/foo/`; // trailing slash
+            const protocolUrl = `${baseUrl}/${alice.did}/read/protocols/${base64urlEncodedProtocol}/foo/`; // trailing slash
             const recordReadResponse = await fetch(protocolUrl);
             expect(recordReadResponse.status).to.equal(404);
             expect(recordsQueryCreateSpy.calledOnce).to.be.true;
@@ -610,7 +614,7 @@ describe('http api', function () {
                 message: protocolConfigure.toJSON(),
                 target: alice.did,
             });
-            const response = await fetch('http://localhost:3000', {
+            const response = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -632,7 +636,7 @@ describe('http api', function () {
                 message: recordsWrite.toJSON(),
                 target: alice.did,
             });
-            const recordsWriteResponse = await fetch('http://localhost:3000', {
+            const recordsWriteResponse = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(recordsWriteDwnRequest),
@@ -644,20 +648,20 @@ describe('http api', function () {
             expect(responseJson.result.reply.status.code).to.equal(202);
             // Fetch the record using the HTTP API
             const base64urlEncodedProtocol = Convert.string(protocolConfigure.message.descriptor.definition.protocol).toBase64Url();
-            const protocolUrl = `http://localhost:3000/${alice.did}/read/protocols/${base64urlEncodedProtocol}/foo`;
+            const protocolUrl = `${baseUrl}/${alice.did}/read/protocols/${base64urlEncodedProtocol}/foo`;
             const recordReadResponse = await fetch(protocolUrl);
             expect(recordReadResponse.status).to.equal(404);
         });
         it('returns a 400 if protocol path is not provided', async function () {
-            // Fetch a protocol record without providing a protocol path 
+            // Fetch a protocol record without providing a protocol path
             const base64urlEncodedProtocol = Convert.string('http://example.com/protocol').toBase64Url();
-            const protocolUrl = `http://localhost:3000/${alice.did}/read/protocols/${base64urlEncodedProtocol}/`; // missing protocol path
+            const protocolUrl = `${baseUrl}/${alice.did}/read/protocols/${base64urlEncodedProtocol}/`; // missing protocol path
             const recordReadResponse = await fetch(protocolUrl);
             expect(recordReadResponse.status).to.equal(400);
             expect(await recordReadResponse.text()).to.equal('protocol path is required');
         });
         it('returns a 400 error if protocol cannot be base64url encoded', async function () {
-            const protocolUrl = `http://localhost:3000/${alice.did}/read/protocols/invalid-protocol/foo`;
+            const protocolUrl = `${baseUrl}/${alice.did}/read/protocols/invalid-protocol/foo`;
             const recordReadResponse = await fetch(protocolUrl);
             expect(recordReadResponse.status).to.equal(400);
             expect(await recordReadResponse.text()).to.equal('Bad Request');
@@ -677,7 +681,7 @@ describe('http api', function () {
                 message: recordsWrite.toJSON(),
                 target: alice.did,
             });
-            const response = await fetch('http://localhost:3000', {
+            const response = await fetch(baseUrl, {
                 method: 'POST',
                 headers: {
                     'dwn-request': JSON.stringify(dwnRequest),
@@ -690,11 +694,11 @@ describe('http api', function () {
             expect(body.error).to.not.exist;
             const { reply } = body.result;
             expect(reply.status.code).to.equal(202);
-            const { entries } = await fetch(`http://localhost:3000/${alice.did}/query?filter.recordId=${recordsWrite.message.recordId}&other.random.param=unused-value`).then(response => response.json());
+            const { entries } = await fetch(`${baseUrl}/${alice.did}/query?filter.recordId=${recordsWrite.message.recordId}&other.random.param=unused-value`).then(response => response.json());
             expect(entries?.length).to.equal(1);
         });
         it('should return 400 if user provide invalid query', async function () {
-            const response = await fetch(`http://localhost:3000/${alice.did}/query?filter=invalid-filter`);
+            const response = await fetch(`${baseUrl}/${alice.did}/query?filter=invalid-filter`);
             expect(response.status).to.equal(400);
             const responseBody = await response.json();
             expect(responseBody.code).to.equal(DwnErrorCode.SchemaValidatorAdditionalPropertyNotAllowed);
@@ -702,7 +706,7 @@ describe('http api', function () {
     });
     describe('/info', function () {
         it('verify /info has some of the fields it is supposed to have', async function () {
-            const resp = await fetch(`http://localhost:3000/info`);
+            const resp = await fetch(`${baseUrl}/info`);
             expect(resp.status).to.equal(200);
             const info = await resp.json();
             expect(info['url']).to.equal('http://localhost:3000');
@@ -711,7 +715,7 @@ describe('http api', function () {
             expect(info['registrationRequirements']).to.include('proof-of-work-sha256-v0');
         });
         it('verify /info signals websocket support', async function () {
-            let resp = await fetch(`http://localhost:3000/info`);
+            let resp = await fetch(`${baseUrl}/info`);
             expect(resp.status).to.equal(200);
             let info = await resp.json();
             expect(info['server']).to.equal('@enbox/dwn-server');
@@ -720,8 +724,9 @@ describe('http api', function () {
             await httpApi.close();
             config.webSocketSupport = false;
             httpApi = await HttpApi.create(config, dwn, registrationManager);
-            await httpApi.start(3000);
-            resp = await fetch(`http://localhost:3000/info`);
+            await httpApi.start(0);
+            baseUrl = `http://localhost:${httpApi.server.port}`;
+            resp = await fetch(`${baseUrl}/info`);
             expect(resp.status).to.equal(200);
             info = await resp.json();
             expect(info['server']).to.equal('@enbox/dwn-server');
@@ -737,8 +742,9 @@ describe('http api', function () {
             const packageJsonConfig = config.packageJsonPath;
             config.packageJsonPath = '/some/invalid/file.json';
             httpApi = await HttpApi.create(config, dwn, registrationManager);
-            await httpApi.start(3000);
-            const resp = await fetch(`http://localhost:3000/info`);
+            await httpApi.start(0);
+            baseUrl = `http://localhost:${httpApi.server.port}`;
+            const resp = await fetch(`${baseUrl}/info`);
             const info = await resp.json();
             expect(resp.status).to.equal(200);
             // check that server name exists in the info object
@@ -758,8 +764,9 @@ describe('http api', function () {
             const serverName = config.serverName;
             config.serverName = '@enbox/dwn-server-2';
             httpApi = await HttpApi.create(config, dwn, registrationManager);
-            await httpApi.start(3000);
-            const resp = await fetch(`http://localhost:3000/info`);
+            await httpApi.start(0);
+            baseUrl = `http://localhost:${httpApi.server.port}`;
+            const resp = await fetch(`${baseUrl}/info`);
             const info = await resp.json();
             expect(resp.status).to.equal(200);
             // verify that the custom server name was passed to the info endpoint