@hookflo/tern 4.0.2 → 4.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,83 +0,0 @@
1
- "use strict";
2
- var __importDefault = (this && this.__importDefault) || function (mod) {
3
- return (mod && mod.__esModule) ? mod : { "default": mod };
4
- };
5
- Object.defineProperty(exports, "__esModule", { value: true });
6
- const crypto_1 = __importDefault(require("crypto"));
7
- const shared_1 = require("./shared");
8
- const __1 = __importDefault(require(".."));
9
- const secret = 'whsec_test_secret';
10
- const payload = `${JSON.stringify({ type: 'payment_intent.succeeded', data: { amount: 2000 } })}\n`;
11
- function buildStripeSignature(body, secret) {
12
- const timestamp = Math.floor(Date.now() / 1000);
13
- const signed = `${timestamp}.${body}`;
14
- const hmac = crypto_1.default
15
- .createHmac('sha256', secret.replace('whsec_', ''))
16
- .update(signed)
17
- .digest('hex');
18
- return `t=${timestamp},v1=${hmac}`;
19
- }
20
- // ── Test 1: raw stream — no middleware ran ───────────────────
21
- async function testRawStream() {
22
- const sig = buildStripeSignature(payload, secret); // ✓ fixed: was missing secret arg
23
- const chunks = [Buffer.from(payload, 'utf8')];
24
- const req = {
25
- method: 'POST',
26
- headers: {
27
- 'stripe-signature': sig,
28
- 'content-type': 'application/json',
29
- },
30
- body: undefined,
31
- on: (event, cb) => {
32
- if (event === 'data') {
33
- for (const chunk of chunks)
34
- cb(chunk);
35
- }
36
- if (event === 'end') {
37
- cb();
38
- }
39
- },
40
- };
41
- const webReq = await (0, shared_1.toWebRequest)(req);
42
- const result = await __1.default.verifyWithPlatformConfig(webReq, 'stripe', secret);
43
- console.log('Test 1 Raw stream (no middleware):', result.isValid ? '✓ PASS' : `✗ FAIL — ${result.error}`);
44
- }
45
- // ── Test 2: Buffer body — express.raw() ran ──────────────────
46
- async function testBufferBody() {
47
- const sig = buildStripeSignature(payload, secret);
48
- const req = {
49
- method: 'POST',
50
- headers: {
51
- 'content-type': 'application/json',
52
- 'stripe-signature': sig,
53
- },
54
- body: Buffer.from(payload, 'utf8'),
55
- };
56
- const webReq = await (0, shared_1.toWebRequest)(req);
57
- const result = await __1.default.verifyWithPlatformConfig(webReq, 'stripe', secret);
58
- console.log('Test 2 Buffer body (express.raw):', result.isValid ? '✓ PASS' : `✗ FAIL — ${result.error}`);
59
- }
60
- // ── Test 3: parsed object — express.json() ran ───────────────
61
- async function testParsedObject() {
62
- // signature computed against raw payload including \n
63
- const sig = buildStripeSignature(payload, secret);
64
- const req = {
65
- method: 'POST',
66
- headers: {
67
- 'content-type': 'application/json',
68
- 'stripe-signature': sig,
69
- },
70
- body: JSON.parse(payload), // \n gone, bytes lost
71
- };
72
- const webReq = await (0, shared_1.toWebRequest)(req);
73
- const result = await __1.default.verifyWithPlatformConfig(webReq, 'stripe', secret);
74
- // should FAIL — \n was in original signature but lost after JSON.parse
75
- console.log('Test 3 Parsed object (express.json):', !result.isValid ? '✓ FAILS AS EXPECTED' : '✗ SHOULD HAVE FAILED');
76
- }
77
- async function run() {
78
- await testRawStream(); // no middleware → should PASS
79
- await testBufferBody(); // express.raw() → should PASS
80
- await testParsedObject(); // express.json() → should FAIL as expected
81
- console.log('\nDone. Test 3 failing is correct behavior.');
82
- }
83
- run();
@@ -1 +0,0 @@
1
- export {};
@@ -1,4 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- const test_1 = require("./test");
4
- (0, test_1.runTests)();
package/dist/test.d.ts DELETED
@@ -1,2 +0,0 @@
1
- declare function runTests(): Promise<void>;
2
- export { runTests };