@prosopo/api-express-router 3.0.47 → 3.1.18

package/src/tests/unit/middlewares/authMiddleware.unit.test.ts

@@ -0,0 +1,183 @@
+// Copyright 2021-2026 Prosopo (UK) Ltd.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import { hexToU8a, isHex } from "@polkadot/util";
+import { ProsopoEnvError } from "@prosopo/common";
+import { type Logger, getLogger } from "@prosopo/logger";
+import type { KeyringPair } from "@prosopo/types";
+import type { JWTVerifyResult } from "@prosopo/util-crypto";
+import type { NextFunction, Request, Response } from "express";
+import { describe, expect, it, vi } from "vitest";
+import { authMiddleware } from "../../../middlewares/authMiddleware.js";
+
+const loggerOuter = getLogger("info", import.meta.url);
+
+const mockLogger = {
+	debug: vi.fn().mockImplementation(loggerOuter.debug.bind(loggerOuter)),
+	log: vi.fn().mockImplementation(loggerOuter.log.bind(loggerOuter)),
+	info: vi.fn().mockImplementation(loggerOuter.info.bind(loggerOuter)),
+	error: vi.fn().mockImplementation(loggerOuter.error.bind(loggerOuter)),
+	trace: vi.fn().mockImplementation(loggerOuter.trace.bind(loggerOuter)),
+	fatal: vi.fn().mockImplementation(loggerOuter.fatal.bind(loggerOuter)),
+	warn: vi.fn().mockImplementation(loggerOuter.warn.bind(loggerOuter)),
+} as unknown as Logger;
+
+vi.mock("@polkadot/util", async (importOriginal) => {
+	const actual = await importOriginal();
+
+	return {
+		// @ts-ignore
+		...actual,
+		hexToU8a: vi.fn(),
+		isHex: vi.fn(),
+	};
+});
+
+const mockPair = {
+	publicKey: "mockPublicKey",
+	verify: vi.fn(),
+	jwtVerify: vi.fn(),
+} as unknown as KeyringPair;
+const mockEnv = {
+	pair: mockPair,
+	authAccount: mockPair,
+	logger: mockLogger,
+	jwtVerify: vi.fn(),
+};
+
+describe("authMiddleware", () => {
+	it("should call next() if signature is valid", async () => {
+		const mockLogger = {
+			debug: vi.fn().mockImplementation(loggerOuter.debug.bind(loggerOuter)),
+			log: vi.fn().mockImplementation(loggerOuter.log.bind(loggerOuter)),
+			info: vi.fn().mockImplementation(loggerOuter.info.bind(loggerOuter)),
+			error: vi.fn().mockImplementation(loggerOuter.error.bind(loggerOuter)),
+			trace: vi.fn().mockImplementation(loggerOuter.trace.bind(loggerOuter)),
+			fatal: vi.fn().mockImplementation(loggerOuter.fatal.bind(loggerOuter)),
+			warn: vi.fn().mockImplementation(loggerOuter.warn.bind(loggerOuter)),
+		} as unknown as Logger;
+		const mockReq = {
+			url: "/v1/prosopo/provider/captcha/image",
+			originalUrl: "/v1/prosopo/provider/captcha/image",
+			headers: {
+				Authorization: "Bearer mockToken",
+			},
+			logger: mockLogger,
+		} as unknown as Request;
+
+		const mockRes = {
+			status: vi.fn().mockReturnThis(),
+			json: vi.fn(),
+		} as unknown as Response;
+
+		const mockNext = vi.fn() as unknown as NextFunction;
+
+		vi.mocked(isHex).mockReturnValue(true);
+		vi.mocked(hexToU8a).mockReturnValue(new Uint8Array());
+		vi.mocked(mockPair.jwtVerify).mockReturnValue({
+			isValid: true,
+		} as unknown as JWTVerifyResult);
+
+		const middleware = authMiddleware(mockEnv.pair, mockEnv.authAccount);
+		await middleware(mockReq, mockRes, mockNext);
+
+		expect(mockNext).toHaveBeenCalled();
+		expect(mockRes.status).not.toHaveBeenCalled();
+	});
+
+	it("should return 401 if jwt is invalid", async () => {
+		const mockLogger = {
+			debug: vi.fn().mockImplementation(loggerOuter.debug.bind(loggerOuter)),
+			log: vi.fn().mockImplementation(loggerOuter.log.bind(loggerOuter)),
+			info: vi.fn().mockImplementation(loggerOuter.info.bind(loggerOuter)),
+			error: vi.fn().mockImplementation(loggerOuter.error.bind(loggerOuter)),
+			trace: vi.fn().mockImplementation(loggerOuter.trace.bind(loggerOuter)),
+			fatal: vi.fn().mockImplementation(loggerOuter.fatal.bind(loggerOuter)),
+			warn: vi.fn().mockImplementation(loggerOuter.warn.bind(loggerOuter)),
+		} as unknown as Logger;
+		const mockReq = {
+			url: "/v1/prosopo/provider/captcha/image",
+			originalUrl: "/v1/prosopo/provider/captcha/image",
+			headers: {
+				Authorization: "Bearer mockToken",
+			},
+			logger: mockLogger,
+			i18n: vi.fn().mockReturnValue({
+				t: (key: string) => key,
+			}),
+		} as unknown as Request;
+
+		const mockRes = {
+			status: vi.fn().mockReturnThis(),
+			json: vi.fn(),
+		} as unknown as Response;
+
+		const mockNext = vi.fn() as unknown as NextFunction;
+
+		vi.mocked(isHex).mockReturnValue(true);
+		vi.mocked(hexToU8a).mockReturnValue(new Uint8Array());
+		vi.mocked(mockPair.jwtVerify).mockReturnValue({
+			isValid: false,
+		} as unknown as JWTVerifyResult);
+
+		const middleware = authMiddleware(mockEnv.pair, mockEnv.authAccount);
+		await middleware(mockReq, mockRes, mockNext);
+
+		expect(mockNext).not.toHaveBeenCalled();
+		expect(mockRes.status).toHaveBeenCalledWith(401);
+		expect(mockRes.json).toHaveBeenCalledWith({
+			error: new ProsopoEnvError("API.UNAUTHORIZED", {
+				context: { i18n: mockReq.i18n, code: 401 },
+			}),
+		});
+	});
+
+	it("should return 401 if key pair is missing", async () => {
+		const mockLogger = {
+			debug: vi.fn().mockImplementation(loggerOuter.debug.bind(loggerOuter)),
+			log: vi.fn().mockImplementation(loggerOuter.log.bind(loggerOuter)),
+			info: vi.fn().mockImplementation(loggerOuter.info.bind(loggerOuter)),
+			error: vi.fn().mockImplementation(loggerOuter.error.bind(loggerOuter)),
+			trace: vi.fn().mockImplementation(loggerOuter.trace.bind(loggerOuter)),
+			fatal: vi.fn().mockImplementation(loggerOuter.fatal.bind(loggerOuter)),
+			warn: vi.fn().mockImplementation(loggerOuter.warn.bind(loggerOuter)),
+		} as unknown as Logger;
+		const mockReq = {
+			url: "/v1/prosopo/provider/captcha/image",
+			originalUrl: "/v1/prosopo/provider/captcha/image",
+			headers: {
+				Authorization: "Bearer mockToken",
+			},
+			logger: mockLogger,
+		} as unknown as Request;
+
+		const mockRes = {
+			status: vi.fn().mockReturnThis(),
+			json: vi.fn(),
+		} as unknown as Response;
+
+		const mockNext = vi.fn() as unknown as NextFunction;
+
+		const middleware = authMiddleware(undefined, undefined);
+		await middleware(mockReq, mockRes, mockNext);
+
+		expect(mockNext).not.toHaveBeenCalled();
+		expect(mockRes.status).toHaveBeenCalledWith(401);
+		expect(mockRes.json).toHaveBeenCalledWith({
+			error: new ProsopoEnvError("API.UNAUTHORIZED", {
+				context: { i18n: mockReq.i18n, code: 401 },
+			}),
+		});
+	});
+});

package/tsconfig.cjs.json

@@ -0,0 +1,34 @@
+{
+	"extends": "../../tsconfig.cjs.json",
+	"compilerOptions": {
+		"rootDir": "./src",
+		"outDir": "./dist/cjs"
+	},
+	"include": ["./src"],
+	"references": [
+		{
+			"path": "../api-route/tsconfig.cjs.json"
+		},
+		{
+			"path": "../common/tsconfig.cjs.json"
+		},
+		{
+			"path": "../logger/tsconfig.cjs.json"
+		},
+		{
+			"path": "../../dev/config/tsconfig.cjs.json"
+		},
+		{
+			"path": "../env/tsconfig.cjs.json"
+		},
+		{
+			"path": "../locale/tsconfig.cjs.json"
+		},
+		{
+			"path": "../types/tsconfig.cjs.json"
+		},
+		{
+			"path": "../util-crypto/tsconfig.cjs.json"
+		}
+	]
+}

package/tsconfig.json

@@ -0,0 +1,41 @@
+{
+	"extends": "../../tsconfig.esm.json",
+	"compilerOptions": {
+		"rootDir": "./src",
+		"outDir": "./dist"
+	},
+	"include": [
+		"./src",
+		"express.d.ts",
+		"src/**/*.ts",
+		"src/**/*.tsx",
+		"src/**/*.json",
+		"src/**/*.d.ts"
+	],
+	"references": [
+		{
+			"path": "../api-route"
+		},
+		{
+			"path": "../common"
+		},
+		{
+			"path": "../logger"
+		},
+		{
+			"path": "../../dev/config/tsconfig.json"
+		},
+		{
+			"path": "../env"
+		},
+		{
+			"path": "../locale"
+		},
+		{
+			"path": "../types"
+		},
+		{
+			"path": "../util-crypto"
+		}
+	]
+}