npm - @velocitycareerlabs/server-careerwallet - Versions diffs - 1.25.0-dev-build.12642c864 - Mend

@velocitycareerlabs/server-careerwallet 1.25.0-dev-build.12642c864

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (252) hide show

package/test/push-gateway-auth.test.js ADDED Viewed

@@ -0,0 +1,208 @@
+const {
+  generateKeyPair,
+  createCommitment,
+} = require('@velocitycareerlabs/crypto');
+const nock = require('nock');
+const { generateDocJwt } = require('@velocitycareerlabs/jwt');
+const initRequest = require('@velocitycareerlabs/request');
+const canonicalize = require('canonicalize');
+const {
+  CredentialCheckResultValue,
+} = require('@velocitycareerlabs/verifiable-credentials');
+const {
+  pushGatewayAuth,
+} = require('../src/controllers/api/v0.6/push/push-gateway-auth');
+describe('Validate authorization token for the push gateway', () => {
+  const { privateKey: rootPrivateKey } = generateKeyPair();
+  const hostUrl = 'https://oracle.vnf';
+  const traceId = '123b';
+  const exchangeId = '234a';
+  const did = 'did:velocity:123';
+  const kid = `${did}#key-1`;
+  const verifiedProfile = ({
+    permittedVelocityServiceCategory = ['Issuer'],
+    credentialChecks = {},
+  } = {}) => ({
+    credentialChecks: {
+      TRUSTED_ISSUER: 'PASS',
+      UNEXPIRED: 'NOT_APPLICABLE',
+      UNREVOKED: 'NOT_CHECKED',
+      UNTAMPERED: 'PASS',
+      checked: new Date(),
+      ...credentialChecks,
+    },
+    credentialSubject: {
+      supportsSecureMessages: false,
+      id: did,
+      permittedVelocityServiceCategory,
+    },
+    id: did,
+    issuanceDate: new Date(),
+    issuer: {
+      id: 'did:ion:root-did',
+    },
+    type: ['OrganizationBasicProfile-v1.0', 'VerifiableCredential'],
+  });
+  const { publicKey, privateKey } = generateKeyPair({ format: 'jwk' });
+  const body = {
+    testUndefined: undefined,
+    data: { exchangeId },
+  };
+  const bodyHash = createCommitment(canonicalize(body));
+  let authHeader;
+  let context;
+  beforeEach(async () => {
+    nock.cleanAll();
+    const authToken = await generateDocJwt({ hash: bodyHash }, privateKey, {
+      issuer: did,
+      kid,
+      subject: exchangeId,
+      audience: 'https://oracle.vnf',
+    });
+    authHeader = `Bearer ${authToken}`;
+    context = {
+      traceId,
+      config: { hostUrl, rootPrivateKey },
+      body,
+      headers: { authorization: authHeader },
+      registrarFetch: initRequest({
+        prefixUrl: 'http://registrar.localhost.test',
+      })({ log: console }),
+    };
+  });
+  it('Should confirm a valid auth token', async () => {
+    nock('http://registrar.localhost.test')
+      .get(`/api/v0.6/resolve-kid/${encodeURIComponent(kid)}?format=jwk`)
+      .reply(200, publicKey);
+    nock('http://registrar.localhost.test')
+      .get(
+        `/api/v0.6/organizations/${encodeURIComponent(did)}/verified-profile`
+      )
+      .reply(200, verifiedProfile());
+    await pushGatewayAuth(context);
+  });
+  it('Should throw an error if invalid hash', async () => {
+    nock('http://registrar.localhost.test')
+      .get(`/api/v0.6/resolve-kid/${encodeURIComponent(kid)}?format=jwk`)
+      .reply(200, publicKey);
+    await expect(
+      pushGatewayAuth({
+        ...context,
+        body: { ...body, newKey: 'the initial parameters was changed' },
+      })
+    ).rejects.toMatchObject({
+      message: 'Invalid hash',
+    });
+  });
+  it('Should throw an error if kid cannot be resolved', async () => {
+    nock('http://registrar.localhost.test')
+      .get(`/api/v0.6/resolve-kid/${encodeURIComponent(kid)}?format=jwk`)
+      .reply(404, publicKey);
+    await expect(pushGatewayAuth(context)).rejects.toMatchObject({
+      message: 'kid_not_found',
+    });
+  });
+  it('Should throw an error if kid resolution encounters an error', async () => {
+    nock('http://registrar.localhost.test')
+      .get(`/api/v0.6/resolve-kid/${encodeURIComponent(kid)}?format=jwk`)
+      .reply(500);
+    await expect(pushGatewayAuth(context)).rejects.toMatchObject({
+      message: 'kid_resolution_error',
+    });
+  });
+  it('Should throw an error if did cannot be found', async () => {
+    nock('http://registrar.localhost.test')
+      .get(`/api/v0.6/resolve-kid/${encodeURIComponent(kid)}?format=jwk`)
+      .reply(200, publicKey);
+    nock('http://registrar.localhost.test')
+      .get(
+        `/api/v0.6/organizations/${encodeURIComponent(did)}/verified-profile`
+      )
+      .reply(404);
+    await expect(pushGatewayAuth(context)).rejects.toMatchObject({
+      message: 'issuer_not_found',
+    });
+  });
+  it('Should throw an error if did cannot be resolved', async () => {
+    nock('http://registrar.localhost.test')
+      .get(`/api/v0.6/resolve-kid/${encodeURIComponent(kid)}?format=jwk`)
+      .reply(200, publicKey);
+    nock('http://registrar.localhost.test')
+      .get(
+        `/api/v0.6/organizations/${encodeURIComponent(did)}/verified-profile`
+      )
+      .reply(500);
+    await expect(pushGatewayAuth(context)).rejects.toMatchObject({
+      message: 'issuer_resolution_error',
+    });
+  });
+  it('Should throw an error if invalid permittedVelocityServiceCategory', async () => {
+    nock('http://registrar.localhost.test')
+      .get(`/api/v0.6/resolve-kid/${encodeURIComponent(kid)}?format=jwk`)
+      .reply(200, publicKey);
+    nock('http://registrar.localhost.test')
+      .get(
+        `/api/v0.6/organizations/${encodeURIComponent(did)}/verified-profile`
+      )
+      .reply(200, verifiedProfile({ permittedVelocityServiceCategory: [] }));
+    await expect(pushGatewayAuth(context)).rejects.toMatchObject({
+      message:
+        // eslint-disable-next-line max-len
+        'Invalid organization profile due to permitted service categories do not include one of IdentityIssuer,IdDocumentIssuer,NotaryIdDocumentIssuer,ContactIssuer,NotaryContactIssuer,NotaryIssuer,Issuer,Inspector',
+    });
+  });
+  it('Should throw an error if verify organisation not pass', async () => {
+    const failedChecks = [
+      {
+        check: { UNEXPIRED: CredentialCheckResultValue.FAIL },
+        message: 'Invalid organization profile due to expired_credential',
+      },
+      {
+        check: { UNTAMPERED: CredentialCheckResultValue.FAIL },
+        message: 'Invalid organization profile due to tampered_credential',
+      },
+      {
+        check: { TRUSTED_ISSUER: CredentialCheckResultValue.FAIL },
+        message: 'Invalid organization profile due to untrusted_issuer',
+      },
+      {
+        check: { UNREVOKED: CredentialCheckResultValue.FAIL },
+        message: 'Invalid organization profile due to revoked_credential',
+      },
+    ];
+    for (const { check, message } of failedChecks) {
+      nock('http://registrar.localhost.test')
+        .get(`/api/v0.6/resolve-kid/${encodeURIComponent(kid)}?format=jwk`)
+        .reply(200, publicKey);
+      nock('http://registrar.localhost.test')
+        .get(
+          `/api/v0.6/organizations/${encodeURIComponent(did)}/verified-profile`
+        )
+        .reply(200, verifiedProfile({ credentialChecks: { ...check } }));
+      // eslint-disable-next-line no-await-in-loop
+      await expect(pushGatewayAuth(context)).rejects.toThrowError(message);
+    }
+  });
+});

package/test/reference-countries-controller.test.js ADDED Viewed

@@ -0,0 +1,45 @@
+const buildFastify = require('./helpers/careerwallet-build-fastify');
+const url = '/reference/countries';
+describe('Reference countries Test Suite', () => {
+  let fastify;
+  beforeAll(async () => {
+    fastify = buildFastify();
+    await fastify.ready();
+  });
+  beforeEach(async () => {});
+  afterAll(async () => {
+    await fastify.close();
+  });
+  it('Should 400 with malformatted "lge" query parameter', async () => {
+    const response = await fastify.injectJson({
+      method: 'GET',
+      url: `${url}?lge=foo`,
+    });
+    expect(response.statusCode).toEqual(400);
+    expect(response.json.message).toEqual('"lge" query parameter is malformed');
+  });
+  it('Should 200 fallback to english with an unsupported "lge" query parameter', async () => {
+    const response = await fastify.injectJson({
+      method: 'GET',
+      url: `${url}?lge=zz`,
+    });
+    expect(response.statusCode).toEqual(200);
+    expect(response.json[1].name).toEqual('Albania');
+  });
+  it('Should 200 default to english version without "lge" query parameter', async () => {
+    const response = await fastify.injectJson({
+      method: 'GET',
+      url,
+    });
+    expect(response.statusCode).toEqual(200);
+    expect(response.json[1].name).toEqual('Albania');
+  });
+});

package/test/reference-personas-controller.test.js ADDED Viewed

@@ -0,0 +1,179 @@
+const { first, map, omit } = require('lodash/fp');
+const { mongoDb } = require('@spencejs/spence-mongo-repos');
+const nock = require('nock');
+const buildFastify = require('./helpers/careerwallet-build-fastify');
+const initPersonaFactory = require('./factories/persona-factory');
+const url = '/reference/personas';
+describe('Reference personas', () => {
+  let fastify;
+  let persistPersona;
+  beforeAll(async () => {
+    fastify = buildFastify();
+    await fastify.ready();
+    ({ persistPersona } = initPersonaFactory(fastify));
+  });
+  beforeEach(async () => {
+    nock.cleanAll();
+    mongoDb().collection('personas').deleteMany({});
+    mongoDb().collection('credentialSchemas').deleteMany({});
+  });
+  afterAll(async () => {
+    await fastify.close();
+    nock.cleanAll();
+    nock.restore();
+  });
+  it('Should 200 with empty array if no personas setup', async () => {
+    const response = await fastify.injectJson({
+      method: 'GET',
+      url,
+    });
+    expect(response.statusCode).toEqual(200);
+    expect(response.json).toEqual([]);
+  });
+  it('should 200 personas even if the credential descriptor doesnt exist', async () => {
+    nock('http://registrar.localhost.test')
+      .get(
+        '/api/v0.6/credential-type-descriptors/NoManifestType?includeDisplay=true'
+      )
+      .reply(404);
+    const personas = await Promise.all([
+      persistPersona({
+        vcs: [
+          {
+            type: ['NoManifestType'],
+            jwt_vc: 'eyesdklfsdkkljsd456',
+          },
+        ],
+      }),
+    ]);
+    const response = await fastify.injectJson({
+      method: 'GET',
+      url,
+    });
+    expect(response.statusCode).toEqual(200);
+    expect(response.json).toEqual(
+      map(
+        (persona) => ({
+          ...omit(['_id'], persona),
+          vcs: map(
+            (vc) => ({
+              ...vc,
+              output_descriptors: [
+                {
+                  id: first(vc.type),
+                },
+              ],
+            }),
+            persona.vcs
+          ),
+        }),
+        personas
+      )
+    );
+    expect(response.json).toHaveLength(1);
+  });
+  it('Should 200 personas if persona setup', async () => {
+    nock('http://registrar.localhost.test')
+      .get(
+        '/api/v0.6/credential-type-descriptors/EducationDegreeGraduationV1.0?includeDisplay=true'
+      )
+      .reply(200, {
+        id: 'EducationDegreeGraduationV1.0',
+        display: { title: { text: 'Education Degree' } },
+      });
+    nock('http://registrar.localhost.test')
+      .get(
+        '/api/v0.6/credential-type-descriptors/EmailV1.0?includeDisplay=true'
+      )
+      .reply(200, {
+        id: 'EmailV1.0',
+        display: { title: { text: 'Email' } },
+      });
+    const didKeyMetadatum = {
+      did: 'did:example:123456789abcdefghi',
+      kid: 'did:example:123456789abcdefghi#0',
+      keyId: '65ba702ac8670c687d3b066f',
+      publicJwk: {
+        crv: 'secp256k1',
+        kty: 'EC',
+        x: 'e907f5476c57e73423f1c9b393bc1d0a4d56280ac155396cc879f2441a523cdc',
+        y: '89d4dcc86d540c6eea39d178eedc30213e782f251e03b76f4273106808dd0d4f',
+      },
+    };
+    const [personaWithoutDid, personaWithDid] = await Promise.all([
+      persistPersona({
+        vcs: [
+          {
+            type: ['EducationDegreeGraduationV1.0'],
+            jwt_vc: 'eyesdklfsdkkljsd456',
+          },
+          { type: ['EmailV1.0'], jwt_vc: 'caccacacaacacaca123' },
+        ],
+      }),
+      persistPersona({
+        name: 'Jane Foobar',
+        email: 'jane.foobar@example.com',
+        vcs: [{ type: ['EmailV1.0'], jwt_vc: 'caccacacaacacaca123' }],
+        ...didKeyMetadatum,
+      }),
+    ]);
+    const response = await fastify.injectJson({
+      method: 'GET',
+      url,
+    });
+    expect(response.statusCode).toEqual(200);
+    expect(response.json).toEqual(
+      expect.arrayContaining([
+        {
+          ...omit(['_id'], personaWithoutDid),
+          vcs: map(
+            (vc) => ({
+              ...vc,
+              output_descriptors: [
+                {
+                  id: first(vc.type),
+                  display: expect.objectContaining({
+                    title: expect.any(Object),
+                  }),
+                },
+              ],
+            }),
+            personaWithoutDid.vcs
+          ),
+        },
+        {
+          ...omit(['_id'], personaWithDid),
+          ...didKeyMetadatum,
+          vcs: map(
+            (vc) => ({
+              ...vc,
+              output_descriptors: [
+                {
+                  id: first(vc.type),
+                  display: expect.objectContaining({
+                    title: expect.any(Object),
+                  }),
+                },
+              ],
+            }),
+            personaWithDid.vcs
+          ),
+        },
+      ])
+    );
+    expect(response.json).toHaveLength(2);
+  });
+});

package/test/root.test.js ADDED Viewed

@@ -0,0 +1,21 @@
+const buildFastify = require('./helpers/careerwallet-build-fastify');
+describe('root healthcheck', () => {
+  let fastify;
+  beforeAll(async () => {
+    fastify = buildFastify();
+  });
+  afterAll(async () => {
+    await fastify.close();
+  });
+  it('should generate text', async () => {
+    const result = await fastify.inject({
+      method: 'GET',
+      url: '/',
+    });
+    expect(result.statusCode).toEqual(200);
+    expect(result.body).not.toBe(null);
+  });
+});

package/test/swagger.test.js ADDED Viewed

@@ -0,0 +1,21 @@
+const buildFastify = require('./helpers/careerwallet-build-fastify');
+describe('swagger json', () => {
+  let fastify;
+  beforeAll(async () => {
+    fastify = buildFastify();
+  });
+  afterAll(async () => {
+    await fastify.close();
+  });
+  it('should generate json', async () => {
+    const result = await fastify.injectJson({
+      method: 'GET',
+      url: 'documentation/json',
+    });
+    expect(result.statusCode).toEqual(200);
+    expect(result.json).not.toBe(null);
+  });
+});