npm - @velocitycareerlabs/server-webwallet - Versions diffs - 1.25.0-dev-build.12642c864 - Mend

@velocitycareerlabs/server-webwallet 1.25.0-dev-build.12642c864

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (193) hide show

package/test/issuing-controller/issuing-by-deeplink.test.js ADDED Viewed

@@ -0,0 +1,492 @@
+const nock = require('nock');
+const { mongoDb } = require('@spencejs/spence-mongo-repos');
+const { omit } = require('lodash/fp');
+const { errorResponseMatcher } = require('@velocitycareerlabs/tests-helpers');
+const {
+  VCLFinalizeOffersDescriptor,
+  VCLCredentialManifestDescriptorByDeepLink,
+  VCLFilter,
+  VCLDeepLink,
+  VCLOrganizationsSearchDescriptor,
+  VCLProvider,
+  VCLGenerateOffersDescriptor,
+  VCLVerifiableCredential,
+} = require('@velocitycareerlabs/vnf-nodejs-wallet-sdk');
+const { deepLink } = require('./mocks');
+jest.mock('@velocitycareerlabs/vnf-nodejs-wallet-sdk', () => {
+  const originalModule = jest.requireActual(
+    '@velocitycareerlabs/vnf-nodejs-wallet-sdk'
+  );
+  const { vclMockCredentialManifest } = require('./mocks');
+  const { mockOffers } = require('./mocks/offers');
+  const { mockIssuers } = require('./mocks/issuers');
+  const { mockAcceptedCredentials } = require('./mocks/accepted-credentials');
+  return {
+    ...originalModule,
+    VCLProvider: {
+      getInstance: jest.fn().mockReturnValue({
+        initialize: jest.fn().mockResolvedValue(null),
+        getCredentialManifest: jest
+          .fn()
+          .mockResolvedValue(vclMockCredentialManifest),
+        generateOffers: jest.fn().mockResolvedValue(mockOffers),
+        searchForOrganizations: jest.fn().mockResolvedValue(mockIssuers),
+        finalizeOffers: jest.fn().mockResolvedValue(mockAcceptedCredentials),
+      }),
+    },
+  };
+});
+const vclSdk = VCLProvider.getInstance();
+const initAccountsFactory = require('../factories/accounts');
+const initCredentialsFactory = require('../factories/credentials');
+const { mockSchema } = require('../mocks');
+const { mockOffers, mockParsedResponse } = require('./mocks');
+const buildFastify = require('../helpers/webwallet-build-fastify');
+const { vclMockCredentialManifest } = require('./mocks/credential-manifest');
+const { Jwk } = require('../mocks/jwk');
+const { WebWalletServerError } = require('../../src/errors/error-codes');
+const idToken =
+  // eslint-disable-next-line max-len
+  'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IktFWSJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlzcyI6Imh0dHBzOi8vbG9jYWxob3N0LyIsImF1ZCI6ImZvbyIsInNjb3BlIjoicmVhZDp1c2VycyJ9.VwIIUqx9T-AxqbfL_FyNRAeOxTwiC2JpcwtrqnEWN3DdF07ijUkF1WYy8Ahfr_p4R3KnoPbiefZnIbVANCt-lt0ej32rfil2yHhQEsvFxSOjcrx6ARmPp0YAfWlN-5Sotzkxy29jaOZMEDkmRFZg3jkdC7wosPW_S6M-olC4g3HHfylpZI8O3Jdd87Qr9wD_QtUzANwnPbl2Q-9NEyxVjAZIWg_HWK9JAAaf_2IY5VwHBvyp0oeQSEHKi4hogcM59EOc4FxdR5WH45B_PenVa6W4mHFBkH8sAXxt2Zs9s2efujkfWYfyXvgL_lN7vT-TEADlAPP2L6CpWpDISOMsQWUSgGHcN_KwRh_E7qJwahR6mv4QHY6ReEoyjkmSS3swrD1l74jNs7QLAdsMywvzCMDsHabs7DYcEMGQBdP14PJ_ucLFnkivZeBDAc6sS445ocbyrpyO40XMaMorD5khRd9ej89SxR7d_v0W6Ne2Nn4XgW3pAZzu5Rdc4JvqfzLFxkp95jxy1MTAddjWISPmNOYYyXHM9SSqSpqVECOFS0f4z2zycHRqXUcOytWrvED6VGo9x7-IVCgu8vFzj0zToIWQmsDs3UoH9RnV12z0PMwGXQzca1lT_zGwJxBF3e4zJjmcJ05OMF2JgZ2_G48O3M4Dtb0jlgWbKLd0kWlIFzQ';
+describe('Test Deep Link issuing controller', () => {
+  let fastify;
+  let persistAccounts;
+  let persistCredentials;
+  beforeAll(async () => {
+    fastify = buildFastify();
+    await fastify.ready();
+    ({ persistAccounts } = initAccountsFactory(fastify));
+    ({ persistCredentials } = initCredentialsFactory(fastify));
+  });
+  beforeEach(async () => {
+    nock('https://localhost/').get('/.well-known/jwks.json').reply(200, Jwk);
+    await persistAccounts({
+      userId: '1234567890',
+      did: 'did:example:123',
+    });
+  });
+  afterEach(async () => {
+    nock.cleanAll();
+    jest.clearAllMocks();
+    await mongoDb().collection('credentials').deleteMany();
+    await mongoDb().collection('accounts').deleteMany();
+  });
+  afterAll(async () => {
+    nock.restore();
+    await mongoDb().collection('accounts').deleteMany();
+    await fastify.close();
+  });
+  describe('GET /issuing/deep-link/manifest - get manifest by deep link', () => {
+    it('should return credential manifest successfully for issuing request', async () => {
+      const response = await fastify.injectJson({
+        method: 'GET',
+        url: `/issuing/deep-link/get-credential-manifest?link=${encodeURIComponent(
+          deepLink
+        )}`,
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+      });
+      expect(response.statusCode).toBe(200);
+      expect(vclSdk.getCredentialManifest).toHaveBeenCalledTimes(1);
+      expect(vclSdk.getCredentialManifest).toHaveBeenCalledWith(
+        new VCLCredentialManifestDescriptorByDeepLink(new VCLDeepLink(deepLink))
+      );
+      const { credentialManifest } = response.json;
+      expect(credentialManifest).toEqual({
+        presentation: {
+          exchange_id: expect.any(String),
+          exp: expect.any(Number),
+          iat: expect.any(Number),
+          iss: expect.any(String),
+          issuer: expect.any(Object),
+          metadata: expect.any(Object),
+          nbf: expect.any(Number),
+          presentation_definition: expect.any(Object),
+          output_descriptors: expect.any(Array),
+        },
+        jwt: expect.any(String),
+        link: expect.any(String),
+        verifiedProfile: expect.any(Object),
+      });
+    });
+  });
+  describe('GET /issuing/deep-link/offers - get offers by deep link', () => {
+    it('should return offers by pre-auth token (vendorOriginContext) successfully', async () => {
+      const schemaNock = nockSchemaRequest(fastify);
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/offers',
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+        payload: {
+          credentialManifest: {
+            jwt: vclMockCredentialManifest.jwt.encodedJwt,
+            link: vclMockCredentialManifest.deepLink.value,
+            verifiedProfile: vclMockCredentialManifest.verifiedProfile.payload,
+          },
+        },
+      });
+      expect(response.statusCode).toBe(200);
+      expect(vclSdk.getCredentialManifest).toBeCalledTimes(0); // important!
+      expect(vclSdk.generateOffers).toBeCalledTimes(1);
+      expect(vclSdk.generateOffers).toBeCalledWith(
+        expect.objectContaining(
+          new VCLGenerateOffersDescriptor(vclMockCredentialManifest, [], [], [])
+        )
+      );
+      expect(vclSdk.searchForOrganizations).toBeCalledTimes(1);
+      expect(vclSdk.searchForOrganizations).toBeCalledWith(
+        new VCLOrganizationsSearchDescriptor(
+          new VCLFilter(mockOffers.all[0].payload.issuer.id)
+        )
+      );
+      expect(schemaNock.isDone()).toBe(true);
+      const { offers, credentialManifest } = response.json;
+      expect(credentialManifest.jwt).toBe(
+        vclMockCredentialManifest.jwt.encodedJwt
+      );
+      expect(offers).toEqual(mockOffers.all.map((offer) => offer.payload));
+    });
+    it('should return offers by Input Credentials successfully', async () => {
+      const schemaNock = nockSchemaRequest(fastify);
+      const inputCredential = await persistCredentials({
+        encodedCredential: 'InputCredentialForOffers',
+      });
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/offers',
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+        payload: {
+          credentialManifest: {
+            jwt: vclMockCredentialManifest.jwt.encodedJwt,
+            link: vclMockCredentialManifest.deepLink.value,
+            verifiedProfile: vclMockCredentialManifest.verifiedProfile.payload,
+          },
+          inputCredentials: [inputCredential._id],
+        },
+      });
+      expect(response.statusCode).toBe(200);
+      expect(vclSdk.getCredentialManifest).toBeCalledTimes(0); // important!
+      expect(vclSdk.generateOffers).toBeCalledTimes(1);
+      expect(vclSdk.generateOffers).toBeCalledWith(
+        expect.objectContaining(
+          new VCLGenerateOffersDescriptor(
+            vclMockCredentialManifest,
+            [],
+            [],
+            [
+              new VCLVerifiableCredential(
+                'OpenBadgeV2.0',
+                'InputCredentialForOffers'
+              ),
+            ]
+          )
+        )
+      );
+      expect(vclSdk.searchForOrganizations).toHaveBeenCalledTimes(1);
+      expect(vclSdk.searchForOrganizations).toHaveBeenCalledWith(
+        new VCLOrganizationsSearchDescriptor(
+          new VCLFilter(mockOffers.all[0].payload.issuer.id)
+        )
+      );
+      expect(schemaNock.isDone()).toBe(true);
+      const { offers, credentialManifest } = response.json;
+      expect(credentialManifest.jwt).toBe(
+        vclMockCredentialManifest.jwt.encodedJwt
+      );
+      expect(offers).toEqual(mockOffers.all.map((offer) => offer.payload));
+    });
+    it('should return 401 if no access token is provided', async () => {
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/offers',
+        payload: {
+          link: deepLink,
+        },
+      });
+      expect(response.statusCode).toBe(401);
+    });
+    it('should return 400 if no link is provided', async () => {
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/offers',
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+      });
+      expect(response.statusCode).toBe(400);
+    });
+  });
+  describe('POST /issuing/deep-link/accept-offers - accept offers by deep link', () => {
+    it('should return offers successfully', async () => {
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/accept-offers',
+        payload: {
+          credentialManifest: {
+            jwt: vclMockCredentialManifest.jwt.encodedJwt,
+            link: vclMockCredentialManifest.deepLink.value,
+            verifiedProfile: vclMockCredentialManifest.verifiedProfile.payload,
+            vendorOriginContext: vclMockCredentialManifest.vendorOriginContext,
+          },
+          token: mockOffers.sessionToken.value,
+          challenge: 'some challenge',
+          offerIds: mockOffers.all.map((offer) => offer.payload.id),
+        },
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+      });
+      expect(response.statusCode).toBe(200);
+      expect(response.json).toEqual(mockParsedResponse);
+      expect(vclSdk.getCredentialManifest).toBeCalledTimes(0); // important!
+      expect(vclSdk.finalizeOffers).toBeCalledTimes(1);
+      expect(vclSdk.finalizeOffers).toBeCalledWith(
+        expect.objectContaining(
+          new VCLFinalizeOffersDescriptor(
+            vclMockCredentialManifest,
+            'some challenge',
+            mockOffers.all.map((offer) => offer.payload.id),
+            []
+          )
+        ),
+        expect.objectContaining({
+          value: mockOffers.sessionToken.value,
+        })
+      );
+      const savedCredential = await mongoDb()
+        .collection('credentials')
+        .findOne();
+      expect({
+        ...omit(['_id'], savedCredential),
+        id: savedCredential._id.toHexString(),
+        updatedAt: savedCredential.updatedAt.toISOString(),
+        createdAt: savedCredential.createdAt.toISOString(),
+      }).toEqual(mockParsedResponse.passedCredentials[0]);
+    });
+    it('should not allow accepting offers if email is not verified', async () => {
+      await mongoDb()
+        .collection('accounts')
+        .updateOne(
+          { userId: '1234567890' },
+          { $unset: { verificationInfo: '' } }
+        );
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/accept-offers',
+        payload: {
+          credentialManifest: {
+            jwt: vclMockCredentialManifest.jwt.encodedJwt,
+            link: vclMockCredentialManifest.deepLink.value,
+            verifiedProfile: vclMockCredentialManifest.verifiedProfile.payload,
+          },
+          token: mockOffers.sessionToken.value,
+          offerIds: mockOffers.all.map((offer) => offer.id),
+        },
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+      });
+      expect(response.statusCode).toBe(403);
+      expect(response.json).toEqual(
+        errorResponseMatcher({
+          statusCode: 403,
+          error: 'Forbidden',
+          errorCode: WebWalletServerError,
+          message: 'Email verification is required.',
+        })
+      );
+    });
+    it('should not allow accepting offers if phone is not verified', async () => {
+      await mongoDb()
+        .collection('accounts')
+        .updateOne(
+          { userId: '1234567890' },
+          { $unset: { 'verificationInfo.phone': '' } }
+        );
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/accept-offers',
+        payload: {
+          credentialManifest: {
+            jwt: vclMockCredentialManifest.jwt.encodedJwt,
+            link: vclMockCredentialManifest.deepLink.value,
+            verifiedProfile: vclMockCredentialManifest.verifiedProfile.payload,
+          },
+          token: mockOffers.sessionToken.value,
+          offerIds: mockOffers.all.map((offer) => offer.id),
+        },
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+      });
+      expect(response.statusCode).toBe(403);
+      expect(response.json).toEqual(
+        errorResponseMatcher({
+          statusCode: 403,
+          error: 'Forbidden',
+          errorCode: WebWalletServerError,
+          message: 'Phone verification is required.',
+        })
+      );
+    });
+    it('should not allow accepting offers if profile is not completed', async () => {
+      await mongoDb()
+        .collection('accounts')
+        .updateOne({ userId: '1234567890' }, { $unset: { profileName: '' } });
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/accept-offers',
+        payload: {
+          credentialManifest: {
+            jwt: vclMockCredentialManifest.jwt.encodedJwt,
+            link: vclMockCredentialManifest.deepLink.value,
+            verifiedProfile: vclMockCredentialManifest.verifiedProfile.payload,
+          },
+          token: mockOffers.sessionToken.value,
+          offerIds: mockOffers.all.map((offer) => offer.id),
+        },
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+      });
+      expect(response.statusCode).toBe(403);
+      expect(response.json).toEqual(
+        errorResponseMatcher({
+          statusCode: 403,
+          error: 'Forbidden',
+          errorCode: WebWalletServerError,
+          message: 'Profile is not completed.',
+        })
+      );
+    });
+    it('should return 401 if no access token is provided', async () => {
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/accept-offers',
+        payload: {
+          link: deepLink,
+          token: mockOffers.sessionToken.value,
+          offerIds: mockOffers.all.map((offer) => offer.id),
+        },
+      });
+      expect(response.statusCode).toBe(401);
+    });
+    it('should return 400 if no link is provided', async () => {
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/accept-offers',
+        payload: {
+          token: mockOffers.sessionToken.value,
+          offerIds: mockOffers.all.map((offer) => offer.id),
+        },
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+      });
+      expect(response.statusCode).toBe(400);
+    });
+    it('should return 400 if no token is provided', async () => {
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/accept-offers',
+        payload: {
+          link: deepLink,
+          offerIds: mockOffers.all.map((offer) => offer.id),
+        },
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+      });
+      expect(response.statusCode).toBe(400);
+    });
+    it('should return 400 if no offerIds is provided', async () => {
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/issuing/deep-link/accept-offers',
+        payload: {
+          link: deepLink,
+          token: mockOffers.sessionToken.value,
+        },
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+      });
+      expect(response.statusCode).toBe(400);
+    });
+  });
+});
+const nockSchemaRequest = (fastify) => {
+  return nock(fastify.config.libUrl)
+    .get('/display-descriptors/open-badge-v2.0.descriptor.json')
+    .once()
+    .reply(200, mockSchema);
+};