@lifeready/core 1.0.1 → 1.0.2

package/src/lib/api/key-exchange2.service.spec.ts

@@ -1,892 +0,0 @@
-import { TestBed } from '@angular/core/testing';
-import { environment } from 'projects/lr-auth-app/src/environments/environment';
-import {
-  loginTestUser,
-  logoutUser,
-} from '../auth/life-ready-auth.service.spec';
-import {
-  deleteAllTps2,
-  getTp2,
-} from '../trusted-parties/trusted-party2.service.spec';
-import { ProfileService } from '../users/profile.service';
-import { LrExpiredCodeException } from '../_common/exceptions';
-import {
-  lrConfigureTestingModule,
-  lrExpectAsyncThrow,
-  lrExpectGqlErrorCodes,
-  lrit,
-} from '../_common/tests';
-import { KeyExchangeFragment } from './key-exchange2.gql';
-import {
-  KeyExchange2Service,
-  SendContactCardInput,
-} from './key-exchange2.service';
-import { LrGraphQLService, LrMergedMutation } from './lr-graphql';
-import { MessageService } from './message.service';
-
-const TIMEOUT = 1000 * 60 * 10;
-
-export async function cancelAllKeyExchanges(username, password) {
-  const keyExchange2 = TestBed.inject(KeyExchange2Service);
-  const lrGraphQL = TestBed.inject(LrGraphQLService);
-
-  await loginTestUser(username, password);
-
-  const kes = await keyExchange2.getKeyExchanges({
-    state: 'IN_PROGRESS',
-  });
-
-  const mutations = kes.map((ke) =>
-    ke.isInitiator
-      ? keyExchange2.cancelKeyExchangeMutation(ke.id)
-      : keyExchange2.declineKeyExchangeMutation(ke.id, ke.token)
-  );
-
-  return lrGraphQL.lrMutate(LrMergedMutation.create(mutations));
-}
-
-// export async function completeAllKeyExchanges(username, password) {
-//   const keyExchange2 = TestBed.inject(KeyExchange2Service);
-//   const lrGraphQL = TestBed.inject(LrGraphQLService);
-
-//   await loginTestUser(username, password);
-
-//   const kes = await keyExchange2.getKeyExchanges({
-//     state: 'IN_PROGRESS',
-//   });
-
-//   return Promise.all(
-//     kes.map(
-//       (ke) =>
-//         ke.state == 'IN_PROGRESS' &&
-//         lrGraphQL.lrMutate<any>(
-//           ke.isInitiator
-//             ? keyExchange2.cancelKeyExchange(ke.id)
-//             : keyExchange2.declineKeyExchange(ke.id, ke.token)
-//         )
-//     )
-//   );
-// }
-
-const scc1: SendContactCardInput = {
-  ownerCipherDataClearJson: {
-    data: 'User 1 private data', // use this to store the references to the fields in the master CC
-  },
-  sharedCipherDataClearJson: {
-    name: { name: 'User 1 CC info to be shared with user 2' },
-    phones: [{ label: 'null', value: '0432 123 456' }],
-  },
-  ownerPlainDataJson: {
-    name: {
-      name: '1 First Last',
-      firstName: '1 First',
-      lastName: '1 Last ',
-      title: '1 Dr',
-    },
-  },
-};
-const scc2: SendContactCardInput = {
-  ownerCipherDataClearJson: {
-    data: 'User 2 private data', // use this to store the references to the fields in the master CC
-  },
-  sharedCipherDataClearJson: {
-    name: { name: 'User 2 CC info to be shared with user 1' },
-    phones: [{ label: 'null', value: '+61 1111 222 333' }],
-  },
-  ownerPlainDataJson: {
-    name: {
-      name: '2 First Last',
-      firstName: '2 First',
-      lastName: '2 Last ',
-      title: '2 Dr',
-    },
-  },
-};
-
-describe('KeyExchange2Service', () => {
-  let keyExchange2: KeyExchange2Service;
-  let messageService: MessageService;
-  let profileService: ProfileService;
-  // let userService: UserService;
-  // let trustedPartyService: TrustedPartyService;
-  // let sccService: SharedContactCardService;
-  let lrGraphQL: LrGraphQLService;
-
-  beforeEach(async () => {
-    lrConfigureTestingModule();
-    keyExchange2 = TestBed.inject(KeyExchange2Service);
-    profileService = TestBed.inject(ProfileService);
-    messageService = TestBed.inject(MessageService);
-    lrGraphQL = TestBed.inject(LrGraphQLService);
-  }, TIMEOUT);
-
-  lrit(
-    'should exchange keys and send messages',
-    async () => {
-      if (!environment.test) {
-        return;
-      }
-
-      const {
-        username: username1,
-        password: password1,
-      } = environment.test.users[0];
-      const {
-        username: username2,
-        password: password2,
-      } = environment.test.users[1];
-
-      // ------------------------------------------------------
-      // Prepare
-      // ------------------------------------------------------
-      await cancelAllKeyExchanges(username1, password1);
-      await cancelAllKeyExchanges(username2, password2);
-      await deleteAllTps2(username1, password1);
-      await deleteAllTps2(username2, password2);
-
-      // ------------------------------------------------------
-      // Test User 1
-      // ------------------------------------------------------
-      await loginTestUser(username1, password1);
-
-      const msg1 = 'from initiator';
-      const {
-        lrMutation: initiatedLrMutation,
-        otKeyK: initiatedOtKeyK,
-      } = await keyExchange2.initiateOtk({ message: msg1, contactCard: scc1 });
-
-      const { initiateKeyExchangeOtk: initiated } = await lrGraphQL.lrMutate(
-        initiatedLrMutation
-      );
-
-      expect(initiated.keyExchange.responderEmailAddress).toBeNull();
-      expect(initiatedOtKeyK).toBeTruthy();
-      expect(initiated.keyExchange.id).toBeTruthy();
-
-      let ke: KeyExchangeFragment;
-      ke = await keyExchange2.getKeyExchange(initiated.keyExchange.id);
-
-      expect(ke.id).toBeTruthy();
-      expect(ke.token).toBeTruthy();
-      expect(ke.initiatorActionRequired).toBe(false);
-      expect(ke.responderActionRequired).toBe(true);
-      expect(ke.state).toEqual('IN_PROGRESS');
-      expect(ke.otk.state).toEqual('OTK_INITIATED');
-
-      const {
-        lrMutation: cancelledMutation,
-        otKeyK: cancelledOtKeyK,
-      } = await keyExchange2.initiateOtk({
-        message: 'to be cancelled by initiator',
-        contactCard: scc1,
-      });
-      const { initiateKeyExchangeOtk: cancelled } = await lrGraphQL.lrMutate(
-        cancelledMutation
-      );
-
-      const {
-        lrMutation: declinedMutation,
-        otKeyK: declinedOtKeyK,
-      } = await keyExchange2.initiateOtk({
-        message: 'to be declined by responder',
-        contactCard: scc1,
-      });
-      const { initiateKeyExchangeOtk: declined } = await lrGraphQL.lrMutate(
-        declinedMutation
-      );
-
-      const {
-        lrMutation: declinedAfterAcceptMutation,
-        otKeyK: declinedAfterAcceptOtKeyK,
-      } = await keyExchange2.initiateOtk({
-        message: 'to be declined by responder after accepting',
-        contactCard: scc1,
-      });
-      const {
-        initiateKeyExchangeOtk: declinedAfterAccept,
-      } = await lrGraphQL.lrMutate(declinedAfterAcceptMutation);
-
-      // Initiator cancels
-      await lrGraphQL.lrMutate(
-        keyExchange2.cancelKeyExchange(cancelled.keyExchange.id)
-      );
-
-      ke = await keyExchange2.getKeyExchange(cancelled.keyExchange.id);
-      expect(ke.state).toEqual('CANCELLED');
-
-      console.log('----------------------------------------------------------');
-      console.log(JSON.stringify(ke, null, 2));
-
-      // ------------------------------------------------------
-      // Logout
-      // ------------------------------------------------------
-      await logoutUser();
-
-      // Responder declines
-      await lrGraphQL.lrMutate(
-        await keyExchange2.declineKeyExchange(
-          declined.keyExchange.id,
-          declined.keyExchange.token
-        ),
-        {
-          includeKeyGraph: false,
-        }
-      );
-
-      ke = await keyExchange2.getKeyExchange(declined.keyExchange.id, {
-        token: declined.keyExchange.token,
-        otKeyK: declinedOtKeyK,
-      });
-      expect(ke.state).toEqual('DECLINED');
-
-      console.log('----------------------------------------------------------');
-      console.log(JSON.stringify(ke, null, 2));
-
-      // Responder declines again should fail
-      (
-        await lrExpectAsyncThrow(
-          lrGraphQL.lrMutate(
-            keyExchange2.declineKeyExchange(
-              declined.keyExchange.id,
-              declined.keyExchange.token
-            )
-          )
-        )
-      ).toBeTruthy();
-
-      // Check message can be extract pre auth
-      ke = await keyExchange2.getKeyExchange(initiated.keyExchange.id, {
-        token: initiated.keyExchange.token,
-        otKeyK: initiatedOtKeyK,
-      });
-      expect(ke.otk.otKeyCipherClearJson.initiator.message).toEqual(msg1);
-
-      // ------------------------------------------------------
-      // Test User 2
-      // ------------------------------------------------------
-      await loginTestUser(username2, password2);
-
-      // Responder accepts then declines
-      // Note that declining a key exchange will always invalidate the current shared key. So make
-      // sure to do this first before the next test that accepts the exchange.
-      ke = await keyExchange2.getKeyExchange(
-        declinedAfterAccept.keyExchange.id,
-        {
-          token: declinedAfterAccept.keyExchange.token,
-          otKeyK: declinedAfterAcceptOtKeyK,
-        }
-      );
-
-      await lrGraphQL.lrMutate(
-        keyExchange2.respondOtk({
-          keyExchangeId: ke.id,
-          token: ke.token,
-          decryptedOtk: {
-            otKeyCipherClearJson: ke.otk.otKeyCipherClearJson,
-            otKey: ke.otk.otKey,
-          },
-          message: { message: 'will be declined after accepting' },
-          responderContactCard: scc2,
-          initiatorContactCard: {
-            receiverCipherDataClearJson:
-              ke.otk.otKeyCipherClearJson.initiator.contactCard
-                .sharedCipherDataClearJson,
-          },
-        })
-      );
-
-      await lrGraphQL.lrMutate(
-        keyExchange2.declineKeyExchange(
-          declinedAfterAccept.keyExchange.id,
-          declinedAfterAccept.keyExchange.token
-        )
-      );
-
-      ke = await keyExchange2.getKeyExchange(
-        declinedAfterAccept.keyExchange.id
-      );
-      expect(ke.state).toEqual('DECLINED');
-
-      // Declining again throws error
-      (
-        await lrExpectAsyncThrow(
-          lrGraphQL.lrMutate(
-            keyExchange2.declineKeyExchange(
-              declinedAfterAccept.keyExchange.id,
-              declinedAfterAccept.keyExchange.token
-            )
-          )
-        )
-      ).toBeTruthy();
-
-      // Accept
-      ke = await keyExchange2.getKeyExchange(initiated.keyExchange.id, {
-        token: initiated.keyExchange.token,
-        otKeyK: initiatedOtKeyK,
-      });
-
-      const msg2 = 'from responder';
-      const accepted = (
-        await lrGraphQL.lrMutate(
-          keyExchange2.respondOtk({
-            keyExchangeId: ke.id,
-            token: ke.token,
-            decryptedOtk: {
-              otKeyCipherClearJson: ke.otk.otKeyCipherClearJson,
-              otKey: ke.otk.otKey,
-            },
-            message: msg2,
-            responderContactCard: scc2,
-            initiatorContactCard: {
-              receiverCipherDataClearJson:
-                ke.otk.otKeyCipherClearJson.initiator.contactCard
-                  .sharedCipherDataClearJson,
-            },
-          })
-        )
-      ).respondKeyExchangeOtk;
-      expect(accepted.keyExchange.initiatorActionRequired).toBe(true);
-      expect(accepted.keyExchange.responderActionRequired).toBe(false);
-      expect(accepted.keyExchange.state).toEqual('IN_PROGRESS');
-      expect(accepted.keyExchange.otk.state).toEqual('OTK_ACCEPTED');
-
-      // Send message from User 2 to User 1 using username
-      const plainMessageJson2to1 = {
-        plain: 'plain message from test user 2 to test user 1',
-      };
-      const plainCipherMessageJson2to1 =
-        'cipher message from test user 2 to test user 1';
-      const message2to1 = await messageService.sendMessage({
-        username: username1,
-        plainMessageJson: plainMessageJson2to1,
-        plainCipherMessageJson: plainCipherMessageJson2to1,
-      });
-
-      // ------------------------------------------------------
-      // Test User 1
-      // ------------------------------------------------------
-      await loginTestUser(username1, password1);
-
-      ke = await keyExchange2.getKeyExchange(initiated.keyExchange.id);
-
-      const completed = (
-        await lrGraphQL.lrMutate(
-          keyExchange2.completeOtk({
-            keyExchangeId: ke.id,
-            initiatorRootKeyCipher: ke.initiatorRootKeyCipher,
-            initiatorOneTimePbkCipher: ke.otk.initiatorOneTimePbkCipher,
-            responderContactCard: {
-              receiverCipherDataClearJson:
-                ke.otk.initiatorOneTimePbkCipherClearJson.responder.contactCard
-                  .sharedCipherDataClearJson,
-            },
-          })
-        )
-      ).completeKeyExchangeOtk;
-      expect(completed.keyExchange.initiatorActionRequired).toBe(false);
-      expect(completed.keyExchange.responderActionRequired).toBe(false);
-      expect(completed.keyExchange.state).toEqual('COMPLETED');
-      expect(completed.keyExchange.otk.state).toEqual('OTK_COMPLETED');
-
-      const userSharedKey = (
-        await keyExchange2.getCurrentUserSharedKey({
-          username: username2,
-        })
-      ).currentUserSharedKey.userSharedKey;
-
-      expect(userSharedKey.sharedKey.id).toEqual(
-        completed.userSharedKey.sharedKey.id,
-        'Current user shared key not set to the new one just shared.'
-      );
-
-      // Get message from user 2
-      const message2to1Copy = await messageService.getMessage(
-        message2to1.message.id
-      );
-      expect(JSON.stringify(message2to1Copy.plainMessageJson)).toEqual(
-        JSON.stringify(plainMessageJson2to1)
-      );
-      expect(
-        JSON.stringify(message2to1Copy.plainSignedCipherMessageJson)
-      ).toEqual(JSON.stringify(plainCipherMessageJson2to1));
-
-      // Send message from User 1 to User 2 using userId
-      const plainMessageJson1to2 = {
-        plain: 'plain message from test user 1 to test user 2',
-      };
-      const plainCipherMessageJson1to2 =
-        'cipher message from test user 1 to test user 2';
-      const message1to2 = await messageService.sendMessage({
-        username: username2,
-        plainMessageJson: plainMessageJson1to2,
-        plainCipherMessageJson: plainCipherMessageJson1to2,
-      });
-
-      // ------------------------------------------------------
-      // Test User 2
-      // ------------------------------------------------------
-      await loginTestUser(username2, password2);
-      const message1to2Copy = await messageService.getMessage(
-        message1to2.message.id
-      );
-      expect(JSON.stringify(message1to2Copy.plainMessageJson)).toEqual(
-        JSON.stringify(plainMessageJson1to2)
-      );
-      expect(
-        JSON.stringify(message1to2Copy.plainSignedCipherMessageJson)
-      ).toEqual(JSON.stringify(plainCipherMessageJson1to2));
-    },
-    TIMEOUT
-  );
-
-  lrit(
-    'should exchange keys with specific user',
-    async () => {
-      if (!environment.test) {
-        return;
-      }
-
-      const {
-        username: username1,
-        password: password1,
-        email: email1,
-      } = environment.test.users[0];
-      const {
-        username: username2,
-        password: password2,
-        email: email2,
-      } = environment.test.users[1];
-      const {
-        username: username3,
-        password: password3,
-        email: email3,
-      } = environment.test.users[2];
-
-      // ------------------------------------------------------
-      // Prepare
-      // ------------------------------------------------------
-      await cancelAllKeyExchanges(username1, password1);
-      await cancelAllKeyExchanges(username2, password2);
-      await cancelAllKeyExchanges(username3, password3);
-      await deleteAllTps2(username1, password1);
-      await deleteAllTps2(username2, password2);
-      await deleteAllTps2(username3, password3);
-
-      // ------------------------------------------------------
-      // Test User 1
-      // ------------------------------------------------------
-      const msg1 = 'from initiator';
-      let ke: KeyExchangeFragment;
-
-      await loginTestUser(username1, password1);
-
-      const {
-        lrMutation: initiatedLrMutation,
-        otKeyK: initiatedOtKeyK,
-      } = await keyExchange2.initiateOtk({
-        email: email2,
-        message: msg1,
-        contactCard: scc1,
-        upgrade: true,
-      });
-
-      const { initiateKeyExchangeOtk: initiated } = await lrGraphQL.lrMutate(
-        initiatedLrMutation
-      );
-
-      expect(initiated.keyExchange.responderEmailAddress).toEqual(email2);
-
-      // ------------------------------------------------------
-      // Not signed in
-      // ------------------------------------------------------
-      await logoutUser();
-      (
-        await lrExpectAsyncThrow(
-          keyExchange2.getKeyExchange(initiated.keyExchange.id)
-        )
-      ).toBeTruthy();
-
-      // ------------------------------------------------------
-      // Test User 3
-      // ------------------------------------------------------
-      await loginTestUser(username3, password3);
-      // No access since not targeted at User3
-      (
-        await lrExpectAsyncThrow(
-          keyExchange2.getKeyExchange(initiated.keyExchange.id)
-        )
-      ).toBeTruthy();
-      // But can still access via the direct link
-      ke = await keyExchange2.getKeyExchange(initiated.keyExchange.id, {
-        token: initiated.keyExchange.token,
-        otKeyK: initiatedOtKeyK,
-      });
-      // Can not accept because it's sent to user2.
-      (
-        await lrExpectAsyncThrow(
-          lrGraphQL.lrMutate(
-            keyExchange2.respondOtk({
-              keyExchangeId: ke.id,
-              token: ke.token,
-              decryptedOtk: {
-                otKey: ke.otk.otKey,
-                otKeyCipherClearJson: ke.otk.otKeyCipherClearJson,
-              },
-              message: {
-                message: 'can not accept because it is targeted to user2',
-              },
-              responderContactCard: scc2,
-              initiatorContactCard: {
-                receiverCipherDataClearJson:
-                  ke.otk.otKeyCipherClearJson.initiator.contactCard
-                    .sharedCipherDataClearJson,
-              },
-            })
-          )
-        )
-      ).toBeTruthy();
-
-      // ------------------------------------------------------
-      // Test User 2
-      // ------------------------------------------------------
-      await loginTestUser(username2, password2);
-      ke = await keyExchange2.getKeyExchange(initiated.keyExchange.id);
-      const accepted = (
-        await lrGraphQL.lrMutate(
-          keyExchange2.respondOtk({
-            keyExchangeId: ke.id,
-            token: ke.token,
-            decryptedOtk: {
-              otKey: ke.otk.otKey,
-              otKeyCipherClearJson: ke.otk.otKeyCipherClearJson,
-            },
-            message: { message: 'user2 can accept' },
-            responderContactCard: scc2,
-            initiatorContactCard: {
-              receiverCipherDataClearJson:
-                ke.otk.otKeyCipherClearJson.initiator.contactCard
-                  .sharedCipherDataClearJson,
-            },
-          })
-        )
-      ).respondKeyExchangeOtk;
-      expect(accepted.userSharedKey).toBeTruthy();
-      expect(accepted.keyExchange.initiatorActionRequired).toBe(true);
-      expect(accepted.keyExchange.responderActionRequired).toBe(false);
-      expect(accepted.keyExchange.state).toEqual('IN_PROGRESS');
-      expect(accepted.keyExchange.otk.state).toEqual('OTK_ACCEPTED');
-
-      // ------------------------------------------------------
-      // Test User 1
-      // ------------------------------------------------------
-      await loginTestUser(username1, password1);
-      ke = await keyExchange2.getKeyExchange(initiated.keyExchange.id);
-
-      const completed = (
-        await lrGraphQL.lrMutate(
-          keyExchange2.completeOtk({
-            keyExchangeId: ke.id,
-            initiatorRootKeyCipher: ke.initiatorRootKeyCipher,
-            initiatorOneTimePbkCipher: ke.otk.initiatorOneTimePbkCipher,
-            responderContactCard: {
-              receiverCipherDataClearJson:
-                ke.otk.initiatorOneTimePbkCipherClearJson.responder.contactCard
-                  .sharedCipherDataClearJson,
-            },
-          })
-        )
-      ).completeKeyExchangeOtk;
-      expect(completed.userSharedKey).toBeTruthy();
-      expect(completed.keyExchange.initiatorActionRequired).toBe(false);
-      expect(completed.keyExchange.responderActionRequired).toBe(false);
-      expect(completed.keyExchange.state).toEqual('COMPLETED');
-      expect(completed.keyExchange.otk.state).toEqual('OTK_COMPLETED');
-    },
-    TIMEOUT
-  );
-
-  lrit(
-    'should create shared contact cards',
-    async () => {
-      const {
-        username: username1,
-        password: password1,
-      } = environment.test.users[0];
-      const {
-        username: username2,
-        password: password2,
-      } = environment.test.users[1];
-
-      // ------------------------------------------------------
-      // Prepare
-      // ------------------------------------------------------
-      await cancelAllKeyExchanges(username1, password1);
-      await cancelAllKeyExchanges(username2, password2);
-      await deleteAllTps2(username1, password1);
-      await deleteAllTps2(username2, password2);
-
-      let ke: KeyExchangeFragment;
-
-      // ------------------------------------------------------
-      // Test User 1
-      // ------------------------------------------------------
-      await loginTestUser(username1, password1);
-      const msg1 = 'from initiator';
-
-      const {
-        lrMutation: initiatedLrMutation,
-        otKeyK: initiatedOtKeyK,
-      } = await keyExchange2.initiateOtk({
-        message: msg1,
-        contactCard: scc1,
-      });
-
-      const { initiateKeyExchangeOtk: initiated } = await lrGraphQL.lrMutate(
-        initiatedLrMutation
-      );
-
-      expect(initiated.keyExchange.responderEmailAddress).toBeNull();
-
-      // ------------------------------------------------------
-      // Test User 2
-      // ------------------------------------------------------
-      await loginTestUser(username2, password2);
-
-      ke = await keyExchange2.getKeyExchange(initiated.keyExchange.id, {
-        token: initiated.keyExchange.token,
-        otKeyK: initiatedOtKeyK,
-      });
-
-      const { respondKeyExchangeOtk: accepted } = await lrGraphQL.lrMutate(
-        keyExchange2.respondOtk({
-          keyExchangeId: ke.id,
-          token: ke.token,
-          decryptedOtk: {
-            otKey: ke.otk.otKey,
-            otKeyCipherClearJson: ke.otk.otKeyCipherClearJson,
-          },
-          message: 'user2 can accept',
-          responderContactCard: scc2,
-          initiatorContactCard: {
-            receiverCipherDataClearJson:
-              ke.otk.otKeyCipherClearJson.initiator.contactCard
-                .sharedCipherDataClearJson,
-          },
-        })
-      );
-
-      // ------------------------------------------------------
-      // Test User 1
-      // ------------------------------------------------------
-      await loginTestUser(username1, password1);
-
-      ke = await keyExchange2.getKeyExchange(initiated.keyExchange.id);
-
-      expect(
-        ke.initiatorRootKeyCipherClearJson.initiatorContactCard
-          .sharedCipherDataClearJson
-      ).toEqual(scc1.sharedCipherDataClearJson);
-
-      expect(
-        ke.otk.initiatorOneTimePbkCipherClearJson.responder.contactCard
-          .sharedCipherDataClearJson
-      ).toEqual(scc2.sharedCipherDataClearJson);
-
-      const { completeKeyExchangeOtk: completed } = await lrGraphQL.lrMutate(
-        keyExchange2.completeOtk({
-          keyExchangeId: ke.id,
-          initiatorRootKeyCipher: ke.initiatorRootKeyCipher,
-          initiatorOneTimePbkCipher: ke.otk.initiatorOneTimePbkCipher,
-          responderContactCard: {
-            receiverCipherDataClearJson:
-              ke.otk.initiatorOneTimePbkCipherClearJson.responder.contactCard
-                .sharedCipherDataClearJson,
-          },
-        })
-      );
-    },
-    TIMEOUT
-  );
-
-  lrit(
-    'should invite existing user via email',
-    async () => {
-      const {
-        username: username1,
-        password: password1,
-        email: email1,
-      } = environment.test.users[0];
-      const {
-        username: username2,
-        password: password2,
-        email: email2,
-      } = environment.test.users[1];
-      const {
-        username: username3,
-        password: password3,
-        email: email3,
-      } = environment.test.users[2];
-
-      // ------------------------------------------------------
-      // Prepare
-      // ------------------------------------------------------
-      await cancelAllKeyExchanges(username1, password1);
-      await cancelAllKeyExchanges(username2, password2);
-      await cancelAllKeyExchanges(username3, password3);
-      await deleteAllTps2(username1, password1);
-      await deleteAllTps2(username2, password2);
-      await deleteAllTps2(username3, password3);
-
-      let ke: KeyExchangeFragment;
-
-      // ------------------------------------------------------
-      // Test User 1
-      // ------------------------------------------------------
-      await loginTestUser(username1, password1);
-      const msg1 = 'from initiator';
-
-      const {
-        lrMutation: initiatedLrMutation,
-        otKeyK: initiatedOtKeyK,
-      } = await keyExchange2.initiateOtk({
-        message: msg1,
-        contactCard: scc1,
-        email: email2,
-        upgrade: true,
-      });
-
-      const { initiateKeyExchangeOtk: initiated } = await lrGraphQL.lrMutate(
-        initiatedLrMutation
-      );
-
-      expect(initiated.keyExchange.responder).toBeNull(
-        'Initiator can not access responder information unless responder accepts invite.'
-      );
-
-      // ------------------------------------------------------
-      // No user
-      // ------------------------------------------------------
-      await logoutUser();
-
-      // Unauthenticated users need to have the token and the raw otKey in order to access the invite.
-      ke = await keyExchange2.getKeyExchange(initiated.keyExchange.id, {
-        token: initiated.keyExchange.token,
-        otKeyK: initiatedOtKeyK,
-      });
-
-      // Can read the invite. This is so that the responder can get some more information about
-      // the invite before needing to login.
-      expect(ke.otk.otKeyCipherClearJson.initiator.message).toEqual(msg1);
-
-      // ------------------------------------------------------
-      // Test User 3
-      // ------------------------------------------------------
-      // but can not accept it as a user3 because the email has been upgraded to invite the
-      // existing user2.
-      await loginTestUser(username3, password3);
-
-      (
-        await lrExpectGqlErrorCodes(
-          lrGraphQL.lrMutate(
-            keyExchange2.respondOtk({
-              keyExchangeId: ke.id,
-              token: ke.token,
-              decryptedOtk: {
-                otKeyCipherClearJson: ke.otk.otKeyCipherClearJson,
-                otKey: ke.otk.otKey,
-              },
-              responderContactCard: scc2,
-              initiatorContactCard: {
-                receiverCipherDataClearJson:
-                  ke.otk.otKeyCipherClearJson.initiator.contactCard
-                    .sharedCipherDataClearJson,
-              },
-            })
-          )
-        )
-      ).toContain('BAD_ARGUMENT');
-
-      // ------------------------------------------------------
-      // Test User 2
-      // ------------------------------------------------------
-      await loginTestUser(username2, password2);
-
-      // The invite is to the existing user 2, so user 2 should be able to list it.
-      // And since we cancelled all the invites at the start of this test, there should
-      // be only one invite for user 2.
-      let kes = await keyExchange2.getKeyExchanges({ state: 'IN_PROGRESS' });
-      expect(kes.length).toBe(1);
-      ke = kes[0];
-      expect(ke.otk.otKeyCipherClearJson.initiator.message).toEqual(msg1);
-
-      ke = (
-        await lrGraphQL.lrMutate(
-          keyExchange2.respondOtk({
-            keyExchangeId: ke.id,
-            token: ke.token,
-            decryptedOtk: {
-              otKeyCipherClearJson: ke.otk.otKeyCipherClearJson,
-              otKey: ke.otk.otKey,
-            },
-            responderContactCard: scc2,
-            initiatorContactCard: {
-              receiverCipherDataClearJson:
-                ke.otk.otKeyCipherClearJson.initiator.contactCard
-                  .sharedCipherDataClearJson,
-            },
-          })
-        )
-      ).respondKeyExchangeOtk.keyExchange;
-
-      expect(ke.responder).toBeDefined(
-        'Responder can access responder information now that key exchange has been responded to.'
-      );
-      console.log('ke', ke);
-
-      // ------------------------------------------------------
-      // Test User 1
-      // ------------------------------------------------------
-      await loginTestUser(username1, password1);
-
-      kes = await keyExchange2.getKeyExchanges({ state: 'IN_PROGRESS' });
-      expect(kes.length).toBe(1);
-      ke = kes[0];
-      expect(ke.otk.otKeyCipher).toBeNull(
-        'Should have been deleted because data is no longer useful'
-      );
-      expect(ke.responder).toBeDefined(
-        'Initiator can access responder information now that key exchange has been responded to.'
-      );
-
-      const ownerCipherDataClearJson2 =
-        'User 1 private data modified in completeOtk';
-
-      const completed = (
-        await lrGraphQL.lrMutate(
-          keyExchange2.completeOtk({
-            keyExchangeId: ke.id,
-            initiatorRootKeyCipher: ke.initiatorRootKeyCipher,
-            initiatorOneTimePbkCipher: ke.otk.initiatorOneTimePbkCipher,
-            responderContactCard: {
-              receiverCipherDataClearJson:
-                ke.otk.initiatorOneTimePbkCipherClearJson.responder.contactCard
-                  .sharedCipherDataClearJson,
-            },
-            initiatorContactCard: {
-              ownerCipherDataClearJson: ownerCipherDataClearJson2,
-            },
-          })
-        )
-      ).completeKeyExchangeOtk;
-
-      expect(completed.keyExchange.state).toEqual('COMPLETED');
-      expect(completed.keyExchange.otk.state).toEqual('OTK_COMPLETED');
-
-      const U1_TP_U2 = await getTp2(completed.tp.id);
-      expect(U1_TP_U2.myContactCard.ownerCipherDataClearJson).toEqual(
-        ownerCipherDataClearJson2
-      );
-    },
-    TIMEOUT
-  );
-});