@webex/internal-plugin-encryption 3.0.0-beta.4 → 3.0.0-beta.400

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. package/README.md +1 -3
  2. package/dist/config.js +0 -9
  3. package/dist/config.js.map +1 -1
  4. package/dist/constants.js +14 -0
  5. package/dist/constants.js.map +1 -0
  6. package/dist/encryption.js +25 -74
  7. package/dist/encryption.js.map +1 -1
  8. package/dist/ensure-buffer.browser.js +0 -12
  9. package/dist/ensure-buffer.browser.js.map +1 -1
  10. package/dist/ensure-buffer.js +5 -12
  11. package/dist/ensure-buffer.js.map +1 -1
  12. package/dist/index.js +7 -33
  13. package/dist/index.js.map +1 -1
  14. package/dist/kms-batcher.js +7 -30
  15. package/dist/kms-batcher.js.map +1 -1
  16. package/dist/kms-certificate-validation.js +24 -90
  17. package/dist/kms-certificate-validation.js.map +1 -1
  18. package/dist/kms-dry-error-interceptor.js +1 -23
  19. package/dist/kms-dry-error-interceptor.js.map +1 -1
  20. package/dist/kms-errors.js +21 -51
  21. package/dist/kms-errors.js.map +1 -1
  22. package/dist/kms.js +88 -218
  23. package/dist/kms.js.map +1 -1
  24. package/package.json +15 -15
  25. package/src/config.js +3 -3
  26. package/src/constants.js +3 -0
  27. package/src/encryption.js +74 -57
  28. package/src/ensure-buffer.browser.js +0 -1
  29. package/src/ensure-buffer.js +5 -5
  30. package/src/index.js +120 -96
  31. package/src/kms-batcher.js +53 -45
  32. package/src/kms-certificate-validation.js +48 -50
  33. package/src/kms-dry-error-interceptor.js +8 -4
  34. package/src/kms-errors.js +47 -16
  35. package/src/kms.js +219 -212
  36. package/test/integration/spec/encryption.js +313 -231
  37. package/test/integration/spec/kms.js +532 -405
  38. package/test/integration/spec/payload-transfom.js +69 -69
  39. package/test/unit/spec/encryption.js +21 -18
  40. package/test/unit/spec/kms-certificate-validation.js +76 -34
  41. package/test/unit/spec/kms-errors.js +70 -0
  42. package/test/unit/spec/kms.js +103 -0
package/test/integration/spec/encryption.js CHANGED
@@ -17,39 +17,48 @@ describe('Encryption', function () {
17
17
 
18
18
  let key, user, webex;
19
19
 
20
- const PLAINTEXT = 'Admiral, if we go "by the book". like Lieutenant Saavik, hours could seem like days.';
20
+ const PLAINTEXT =
21
+ 'Admiral, if we go "by the book". like Lieutenant Saavik, hours could seem like days.';
21
22
  let FILE = makeLocalUrl('/sample-image-small-one.png');
22
23
 
23
- before('create test user', () => testUsers.create({count: 1})
24
- .then((users) => {
24
+ before('create test user', () =>
25
+ testUsers.create({count: 1}).then((users) => {
25
26
  user = users[0];
26
27
  webex = new WebexCore({
27
28
  credentials: {
28
- authorization: user.token
29
- }
29
+ authorization: user.token,
30
+ },
30
31
  });
31
32
  assert.isTrue(webex.isAuthenticated || webex.canAuthorize);
32
- }));
33
+ })
34
+ );
33
35
 
34
- before('create unbound key', () => webex.internal.encryption.kms.createUnboundKeys({count: 1})
35
- .then(([k]) => {
36
+ before('create unbound key', () =>
37
+ webex.internal.encryption.kms.createUnboundKeys({count: 1}).then(([k]) => {
36
38
  key = k;
37
- }));
39
+ })
40
+ );
38
41
 
39
- before('fetch file fixture', () => webex.request({
40
- uri: FILE,
41
- responseType: 'buffer'
42
- })
43
- .then((res) => { FILE = res.body; }));
42
+ before('fetch file fixture', () =>
43
+ webex
44
+ .request({
45
+ uri: FILE,
46
+ responseType: 'buffer',
47
+ })
48
+ .then((res) => {
49
+ FILE = res.body;
50
+ })
51
+ );
44
52
 
45
53
  after(() => webex && webex.internal.mercury.disconnect());
46
54
 
47
55
  describe('#decryptBinary()', () => {
48
- it('decrypts a binary file', () => webex.internal.encryption.encryptBinary(FILE)
49
- .then(({scr, cdata}) => {
56
+ it('decrypts a binary file', () =>
57
+ webex.internal.encryption.encryptBinary(FILE).then(({scr, cdata}) => {
50
58
  scr.loc = 'file:///file.enc';
51
59
 
52
- return webex.internal.encryption.encryptScr(key, scr)
60
+ return webex.internal.encryption
61
+ .encryptScr(key, scr)
53
62
  .then((cipherScr) => webex.internal.encryption.decryptScr(key, cipherScr))
54
63
  .then((decryptedScr) => webex.internal.encryption.decryptBinary(decryptedScr, cdata))
55
64
  .then((f) => {
@@ -61,47 +70,50 @@ describe('Encryption', function () {
61
70
  });
62
71
 
63
72
  describe('#decryptScr()', () => {
64
- it('decrypts an scr', () => webex.internal.encryption.encryptBinary(FILE)
65
- .then(({scr}) => {
73
+ it('decrypts an scr', () =>
74
+ webex.internal.encryption.encryptBinary(FILE).then(({scr}) => {
66
75
  scr.loc = 'file:///file.enc';
67
76
 
68
- return webex.internal.encryption.encryptScr(key, scr)
77
+ return webex.internal.encryption
78
+ .encryptScr(key, scr)
69
79
  .then((cipherScr) => webex.internal.encryption.decryptScr(key, cipherScr))
70
80
  .then((decryptedScr) => assert.deepEqual(decryptedScr, scr));
71
81
  }));
72
82
  });
73
83
 
74
84
  describe('#decryptText()', () => {
75
- it('decrypts text', () => webex.internal.encryption.encryptText(key, PLAINTEXT)
76
- .then((ciphertext) => {
77
- assert.notEqual(ciphertext, PLAINTEXT);
85
+ it('decrypts text', () =>
86
+ webex.internal.encryption
87
+ .encryptText(key, PLAINTEXT)
88
+ .then((ciphertext) => {
89
+ assert.notEqual(ciphertext, PLAINTEXT);
78
90
 
79
- return webex.internal.encryption.decryptText(key, ciphertext);
80
- })
81
- .then((plaintext) => assert.equal(plaintext, PLAINTEXT)));
91
+ return webex.internal.encryption.decryptText(key, ciphertext);
92
+ })
93
+ .then((plaintext) => assert.equal(plaintext, PLAINTEXT)));
82
94
  });
83
95
 
84
96
  describe('#getKey()', () => {
85
97
  let fetchKeySpy, otherWebex, otherUser, storageGetSpy;
86
98
 
87
- before('create test user', () => testUsers.create({count: 1})
88
- .then((users) => {
99
+ before('create test user', () =>
100
+ testUsers.create({count: 1}).then((users) => {
89
101
  otherUser = users[0];
90
102
  otherWebex = new WebexCore({
91
103
  credentials: {
92
- authorization: otherUser.token
93
- }
104
+ authorization: otherUser.token,
105
+ },
94
106
  });
95
107
  assert.isTrue(otherWebex.canAuthorize);
96
- }));
108
+ })
109
+ );
97
110
 
98
- before('create kms resource', () => webex.internal.encryption.kms.createResource({
99
- key,
100
- userIds: [
101
- webex.internal.device.userId,
102
- otherUser.id
103
- ]
104
- }));
111
+ before('create kms resource', () =>
112
+ webex.internal.encryption.kms.createResource({
113
+ key,
114
+ userIds: [webex.internal.device.userId, otherUser.id],
115
+ })
116
+ );
105
117
 
106
118
  after(() => otherWebex && otherWebex.internal.mercury.disconnect());
107
119
 
@@ -115,141 +127,174 @@ describe('Encryption', function () {
115
127
  storageGetSpy.restore();
116
128
  });
117
129
 
118
- it('shortcircuits if it receives a key instead of a keyUri', () => webex.internal.encryption.getKey(key)
119
- // Reminder: If this starts failing after a node-jose upgrade, it probably
120
- // implies node-jose stopped shortcircuiting correctly.
121
- .then((k) => assert.equal(k, key)));
122
-
123
- it('attempts to retrieve the specified key from the local cache', () => otherWebex.internal.encryption.getKey(key.uri)
124
- .then((k) => assert.calledWith(storageGetSpy, k.uri)));
125
-
126
- it('fetches the key from the kms', () => otherWebex.internal.encryption.unboundedStorage.del(key.uri)
127
- .then(() => assert.notCalled(fetchKeySpy))
128
- .then(() => otherWebex.internal.encryption.getKey(key.uri))
129
- .then(() => assert.calledOnce(fetchKeySpy)));
130
-
131
- it('stores the newly retrieved key', () => otherWebex.internal.encryption.getKey(key.uri)
132
- .then((k) => otherWebex.internal.encryption.unboundedStorage.get(k.uri))
133
- .then((str) => JSON.parse(str))
134
- .then((k2) => {
135
- assert.property(k2, 'jwk');
136
- assert.property(k2.jwk, 'k');
137
- assert.equal(key.jwk.kid, k2.jwk.kid);
138
- }));
130
+ it('shortcircuits if it receives a key instead of a keyUri', () =>
131
+ webex.internal.encryption
132
+ .getKey(key)
133
+ // Reminder: If this starts failing after a node-jose upgrade, it probably
134
+ // implies node-jose stopped shortcircuiting correctly.
135
+ .then((k) => assert.equal(k, key)));
136
+
137
+ it('attempts to retrieve the specified key from the local cache', () =>
138
+ otherWebex.internal.encryption
139
+ .getKey(key.uri)
140
+ .then((k) => assert.calledWith(storageGetSpy, k.uri)));
141
+
142
+ it('fetches the key from the kms', () =>
143
+ otherWebex.internal.encryption.unboundedStorage
144
+ .del(key.uri)
145
+ .then(() => assert.notCalled(fetchKeySpy))
146
+ .then(() => otherWebex.internal.encryption.getKey(key.uri))
147
+ .then(() => assert.calledOnce(fetchKeySpy)));
148
+
149
+ it('stores the newly retrieved key', () =>
150
+ otherWebex.internal.encryption
151
+ .getKey(key.uri)
152
+ .then((k) => otherWebex.internal.encryption.unboundedStorage.get(k.uri))
153
+ .then((str) => JSON.parse(str))
154
+ .then((k2) => {
155
+ assert.property(k2, 'jwk');
156
+ assert.property(k2.jwk, 'k');
157
+ assert.equal(key.jwk.kid, k2.jwk.kid);
158
+ }));
139
159
  });
140
160
 
141
- describe('#download()', () => {
142
- it('downloads and decrypts an encrypted file', () => webex.internal.encryption.encryptBinary(FILE)
143
- .then(({scr, cdata}) => webex.request({
144
- method: 'POST',
145
- uri: makeLocalUrl('/files/upload'),
146
- body: cdata
147
- })
148
- .then((res) => {
149
- scr.loc = makeLocalUrl(res.body.loc, {full: true});
150
-
151
- return webex.internal.encryption.encryptScr(key, scr);
152
- }))
153
- .then((cipherScr) => webex.internal.encryption.decryptScr(key, cipherScr))
154
- .then((scr) => webex.internal.encryption.download(scr))
155
- .then((f) => file.isMatchingFile(f, FILE)
156
- .then((result) => assert.deepEqual(result, true))));
157
-
158
- it('downloads and decrypts an encrypted file with options param', () => webex.internal.encryption.encryptBinary(FILE)
159
- .then(({scr, cdata}) => webex.request({
160
- method: 'POST',
161
- uri: makeLocalUrl('/files/upload'),
162
- body: cdata
163
- })
164
- .then((res) => {
165
- scr.loc = makeLocalUrl(res.body.loc, {full: true});
166
-
167
- return webex.internal.encryption.encryptScr(key, scr);
168
- }))
169
- .then((cipherScr) => webex.internal.encryption.decryptScr(key, cipherScr))
170
- .then((scr) => {
171
- const options = {
172
- params: {
173
- allow: 'none'
174
- }
175
- };
176
-
177
- return webex.internal.encryption.download(scr, options);
178
- })
179
- .then((f) => file.isMatchingFile(f, FILE))
180
- .then((result) => assert.deepEqual(result, true)));
161
+ // SPARK-413317
162
+ describe.skip('#download()', () => {
163
+ it('downloads and decrypts an encrypted file', () =>
164
+ webex.internal.encryption
165
+ .encryptBinary(FILE)
166
+ .then(({scr, cdata}) =>
167
+ webex
168
+ .request({
169
+ method: 'POST',
170
+ uri: makeLocalUrl('/files/upload'),
171
+ body: cdata,
172
+ })
173
+ .then((res) => {
174
+ scr.loc = makeLocalUrl(res.body.loc, {full: true});
175
+
176
+ return webex.internal.encryption.encryptScr(key, scr);
177
+ })
178
+ )
179
+ .then((cipherScr) => webex.internal.encryption.decryptScr(key, cipherScr))
180
+ .then((scr) => webex.internal.encryption.download(scr))
181
+ .then((f) =>
182
+ file.isMatchingFile(f, FILE).then((result) => assert.deepEqual(result, true))
183
+ ));
184
+
185
+ it('downloads and decrypts an encrypted file with options param', () =>
186
+ webex.internal.encryption
187
+ .encryptBinary(FILE)
188
+ .then(({scr, cdata}) =>
189
+ webex
190
+ .request({
191
+ method: 'POST',
192
+ uri: makeLocalUrl('/files/upload'),
193
+ body: cdata,
194
+ })
195
+ .then((res) => {
196
+ scr.loc = makeLocalUrl(res.body.loc, {full: true});
197
+
198
+ return webex.internal.encryption.encryptScr(key, scr);
199
+ })
200
+ )
201
+ .then((cipherScr) => webex.internal.encryption.decryptScr(key, cipherScr))
202
+ .then((scr) => {
203
+ const options = {
204
+ params: {
205
+ allow: 'none',
206
+ },
207
+ };
208
+
209
+ return webex.internal.encryption.download(scr, options);
210
+ })
211
+ .then((f) => file.isMatchingFile(f, FILE))
212
+ .then((result) => assert.deepEqual(result, true)));
181
213
 
182
214
  it('emits progress events', () => {
183
215
  const spy = sinon.spy();
184
216
 
185
- return webex.internal.encryption.encryptBinary(FILE)
186
- .then(({scr, cdata}) => webex.request({
187
- method: 'POST',
188
- uri: makeLocalUrl('/files/upload'),
189
- body: cdata
190
- })
191
- .then((res) => {
192
- scr.loc = makeLocalUrl(res.body.loc, {full: true});
193
-
194
- return webex.internal.encryption.encryptScr(key, scr);
195
- }))
217
+ return webex.internal.encryption
218
+ .encryptBinary(FILE)
219
+ .then(({scr, cdata}) =>
220
+ webex
221
+ .request({
222
+ method: 'POST',
223
+ uri: makeLocalUrl('/files/upload'),
224
+ body: cdata,
225
+ })
226
+ .then((res) => {
227
+ scr.loc = makeLocalUrl(res.body.loc, {full: true});
228
+
229
+ return webex.internal.encryption.encryptScr(key, scr);
230
+ })
231
+ )
196
232
  .then((cipherScr) => webex.internal.encryption.decryptScr(key, cipherScr))
197
- .then((scr) => webex.internal.encryption.download(scr)
198
- .on('progress', spy))
233
+ .then((scr) => webex.internal.encryption.download(scr).on('progress', spy))
199
234
  .then(() => assert.called(spy));
200
235
  });
201
236
 
202
- it('checks body of the API call /downloads/endpoints', () => webex.internal.encryption.encryptBinary(FILE)
203
- .then(({scr, cdata}) => webex.request({
204
- method: 'POST',
205
- uri: makeLocalUrl('/files/upload'),
206
- body: cdata
207
- })
208
- .then((res) => {
209
- scr.loc = makeLocalUrl(res.body.loc, {full: true});
210
-
211
- return webex.internal.encryption.encryptScr(key, scr);
212
- }))
213
- .then((cipherScr) => webex.internal.encryption.decryptScr(key, cipherScr))
214
- .then((scr) => {
215
- const options = {
216
- params: {
217
- allow: ['unchecked', 'evaluating']
218
- }
219
- };
220
-
221
- return webex.internal.encryption.download(scr, options);
222
- })
223
- .then((f) => file.isMatchingFile(f, FILE))
224
- .then((result) => assert.deepEqual(result, true)));
225
-
226
- it('checks _fetchDownloadUrl()', () => webex.internal.encryption.encryptBinary(FILE)
227
- .then(({scr, cdata}) => webex.request({
228
- method: 'POST',
229
- uri: makeLocalUrl('/files/upload'),
230
- body: cdata
231
- })
232
- .then((res) => {
233
- scr.loc = makeLocalUrl(res.body.loc, {full: true});
234
-
235
- return webex.internal.encryption.encryptScr(key, scr);
236
- }))
237
- .then((cipherScr) => webex.internal.encryption.decryptScr(key, cipherScr))
238
- .then((scr) => {
239
- const options = {
240
- params: {
241
- allow: ['unchecked', 'evaluating']
242
- }
243
- };
244
-
245
- return webex.internal.encryption._fetchDownloadUrl(scr, options);
246
- })
247
- .then((result) => assert.isString(result)));
237
+ it('checks body of the API call /downloads/endpoints', () =>
238
+ webex.internal.encryption
239
+ .encryptBinary(FILE)
240
+ .then(({scr, cdata}) =>
241
+ webex
242
+ .request({
243
+ method: 'POST',
244
+ uri: makeLocalUrl('/files/upload'),
245
+ body: cdata,
246
+ })
247
+ .then((res) => {
248
+ scr.loc = makeLocalUrl(res.body.loc, {full: true});
249
+
250
+ return webex.internal.encryption.encryptScr(key, scr);
251
+ })
252
+ )
253
+ .then((cipherScr) => webex.internal.encryption.decryptScr(key, cipherScr))
254
+ .then((scr) => {
255
+ const options = {
256
+ params: {
257
+ allow: ['unchecked', 'evaluating'],
258
+ },
259
+ };
260
+
261
+ return webex.internal.encryption.download(scr, options);
262
+ })
263
+ .then((f) => file.isMatchingFile(f, FILE))
264
+ .then((result) => assert.deepEqual(result, true)));
265
+
266
+ it('checks _fetchDownloadUrl()', () =>
267
+ webex.internal.encryption
268
+ .encryptBinary(FILE)
269
+ .then(({scr, cdata}) =>
270
+ webex
271
+ .request({
272
+ method: 'POST',
273
+ uri: makeLocalUrl('/files/upload'),
274
+ body: cdata,
275
+ })
276
+ .then((res) => {
277
+ scr.loc = makeLocalUrl(res.body.loc, {full: true});
278
+
279
+ return webex.internal.encryption.encryptScr(key, scr);
280
+ })
281
+ )
282
+ .then((cipherScr) => webex.internal.encryption.decryptScr(key, cipherScr))
283
+ .then((scr) => {
284
+ const options = {
285
+ params: {
286
+ allow: ['unchecked', 'evaluating'],
287
+ },
288
+ };
289
+
290
+ return webex.internal.encryption._fetchDownloadUrl(scr, options);
291
+ })
292
+ .then((result) => assert.isString(result)));
248
293
  });
249
294
 
250
295
  describe('#encryptBinary()', () => {
251
- it('encrypts a binary file', () => webex.internal.encryption.encryptBinary(FILE)
252
- .then(({scr, cdata}) => {
296
+ it('encrypts a binary file', () =>
297
+ webex.internal.encryption.encryptBinary(FILE).then(({scr, cdata}) => {
253
298
  assert.property(scr, 'enc');
254
299
  assert.property(scr, 'key');
255
300
  assert.property(scr, 'iv');
@@ -262,106 +307,143 @@ describe('Encryption', function () {
262
307
  });
263
308
 
264
309
  describe('#encryptScr()', () => {
265
- it('encrypts an scr', () => webex.internal.encryption.encryptBinary(FILE)
266
- .then(({scr}) => {
267
- scr.loc = 'file:///file.enc';
310
+ it('encrypts an scr', () =>
311
+ webex.internal.encryption
312
+ .encryptBinary(FILE)
313
+ .then(({scr}) => {
314
+ scr.loc = 'file:///file.enc';
268
315
 
269
- return webex.internal.encryption.encryptScr(key, scr);
270
- })
271
- .then((cipherScr) => assert.isString(cipherScr)));
316
+ return webex.internal.encryption.encryptScr(key, scr);
317
+ })
318
+ .then((cipherScr) => assert.isString(cipherScr)));
272
319
  });
273
320
 
274
321
  describe('#encryptText()', () => {
275
- it('encrypts text', () => webex.internal.encryption.encryptText(key, PLAINTEXT)
276
- .then((ciphertext) => assert.notEqual(ciphertext, PLAINTEXT)));
322
+ it('encrypts text', () =>
323
+ webex.internal.encryption
324
+ .encryptText(key, PLAINTEXT)
325
+ .then((ciphertext) => assert.notEqual(ciphertext, PLAINTEXT)));
277
326
  });
278
327
 
279
328
  describe('#onBehalfOf', () => {
280
329
  let complianceUser;
281
330
 
282
- before('create compliance officer test user', () => testUsers.create({
283
- count: 1,
284
- config: {
285
- roles: [{name: 'spark.kms_orgagent'}]
286
- }
287
- })
288
- .then((users) => {
289
- complianceUser = users[0];
290
- complianceUser.webex = new WebexCore({
291
- credentials: {
292
- authorization: complianceUser.token
293
- }
294
- });
295
- assert.isTrue(complianceUser.webex.canAuthorize);
296
- }));
331
+ before('create compliance officer test user', () =>
332
+ testUsers
333
+ .create({
334
+ count: 1,
335
+ config: {
336
+ roles: [{name: 'spark.kms_orgagent'}],
337
+ },
338
+ })
339
+ .then((users) => {
340
+ complianceUser = users[0];
341
+ complianceUser.webex = new WebexCore({
342
+ credentials: {
343
+ authorization: complianceUser.token,
344
+ },
345
+ });
346
+ assert.isTrue(complianceUser.webex.canAuthorize);
347
+ })
348
+ );
297
349
 
298
350
  after(() => complianceUser && complianceUser.webex.internal.mercury.disconnect());
299
351
 
300
- it('decrypt text', () => webex.internal.encryption.encryptText(key, PLAINTEXT)
301
- .then((ciphertext) => {
302
- assert.notEqual(ciphertext, PLAINTEXT);
352
+ it('decrypt text', () =>
353
+ webex.internal.encryption
354
+ .encryptText(key, PLAINTEXT)
355
+ .then((ciphertext) => {
356
+ assert.notEqual(ciphertext, PLAINTEXT);
303
357
 
304
- return complianceUser.webex.internal.encryption.decryptText(key, ciphertext, {onBehalfOf: user.id});
305
- })
306
- .then((plaintext) => assert.equal(plaintext, PLAINTEXT)));
358
+ return complianceUser.webex.internal.encryption.decryptText(key, ciphertext, {
359
+ onBehalfOf: user.id,
360
+ });
361
+ })
362
+ .then((plaintext) => assert.equal(plaintext, PLAINTEXT)));
307
363
 
308
- it('encrypt and decrypt text', () => complianceUser.webex.internal.encryption.encryptText(key, PLAINTEXT, {onBehalfOf: user.id})
309
- .then((ciphertext) => {
310
- assert.notEqual(ciphertext, PLAINTEXT);
364
+ it('encrypt and decrypt text', () =>
365
+ complianceUser.webex.internal.encryption
366
+ .encryptText(key, PLAINTEXT, {onBehalfOf: user.id})
367
+ .then((ciphertext) => {
368
+ assert.notEqual(ciphertext, PLAINTEXT);
311
369
 
312
- return complianceUser.webex.internal.encryption.decryptText(key, ciphertext, {onBehalfOf: user.id});
313
- })
314
- .then((plaintext) => assert.equal(plaintext, PLAINTEXT)));
370
+ return complianceUser.webex.internal.encryption.decryptText(key, ciphertext, {
371
+ onBehalfOf: user.id,
372
+ });
373
+ })
374
+ .then((plaintext) => assert.equal(plaintext, PLAINTEXT)));
315
375
 
316
- it('decrypt scr', () => webex.internal.encryption.encryptBinary(FILE)
317
- .then(({scr}) => {
376
+ it('decrypt scr', () =>
377
+ webex.internal.encryption.encryptBinary(FILE).then(({scr}) => {
318
378
  scr.loc = 'file:///file.enc';
319
379
 
320
- return webex.internal.encryption.encryptScr(key, scr)
321
- .then((cipherScr) => complianceUser.webex.internal.encryption.decryptScr(key, cipherScr, {onBehalfOf: user.id}))
380
+ return webex.internal.encryption
381
+ .encryptScr(key, scr)
382
+ .then((cipherScr) =>
383
+ complianceUser.webex.internal.encryption.decryptScr(key, cipherScr, {
384
+ onBehalfOf: user.id,
385
+ })
386
+ )
322
387
  .then((decryptedScr) => assert.deepEqual(decryptedScr, scr));
323
388
  }));
324
389
 
325
- it('decrypt scr', () => webex.internal.encryption.encryptBinary(FILE)
326
- .then(({scr}) => {
390
+ it('decrypt scr', () =>
391
+ webex.internal.encryption.encryptBinary(FILE).then(({scr}) => {
327
392
  scr.loc = 'file:///file.enc';
328
393
 
329
- return complianceUser.webex.internal.encryption.encryptScr(key, scr, {onBehalfOf: user.id})
330
- .then((cipherScr) => complianceUser.webex.internal.encryption.decryptScr(key, cipherScr, {onBehalfOf: user.id}))
394
+ return complianceUser.webex.internal.encryption
395
+ .encryptScr(key, scr, {onBehalfOf: user.id})
396
+ .then((cipherScr) =>
397
+ complianceUser.webex.internal.encryption.decryptScr(key, cipherScr, {
398
+ onBehalfOf: user.id,
399
+ })
400
+ )
331
401
  .then((decryptedScr) => assert.deepEqual(decryptedScr, scr));
332
402
  }));
333
403
 
334
- it('getKey', () => complianceUser.webex.internal.encryption.getKey(key.uri, {onBehalfOf: user.id})
335
- .then((key2) => {
336
- assert.property(key2, 'uri');
337
- assert.property(key2, 'jwk');
338
- assert.notEqual(key2, key);
339
- assert.equal(key2.uri, key.uri);
340
- }));
341
-
342
- it('getKey forbidden as compliance officer does not have access', () => complianceUser.webex.internal.encryption.getKey(key.uri)
343
- .then(
404
+ it('getKey', () =>
405
+ complianceUser.webex.internal.encryption
406
+ .getKey(key.uri, {onBehalfOf: user.id})
407
+ .then((key2) => {
408
+ assert.property(key2, 'uri');
409
+ assert.property(key2, 'jwk');
410
+ assert.notEqual(key2, key);
411
+ assert.equal(key2.uri, key.uri);
412
+ }));
413
+
414
+ it('getKey forbidden as compliance officer does not have access', () =>
415
+ complianceUser.webex.internal.encryption.getKey(key.uri).then(
344
416
  (value) => expect.fail(`Compliance officer has retrieved key without onBehalfOf: ${value}`),
345
417
  (error) => expect(error.body.status).to.equal(403)
346
418
  ));
347
419
 
348
- it('getKey forbidden as user does not have access', () => complianceUser.webex.internal.encryption.getKey(key.uri, {onBehalfOf: '7851fe79-7c87-40cc-ac36-8b77b011b399'})
349
- .then(
350
- (value) => expect.fail(`Should not be found as 7851fe79-7c87-40cc-ac36-8b77b011b399 does not have access ${value}`),
351
- (error) => expect(error.body.status).to.equal(403)
352
- ));
353
-
354
- it('getKey onBehalfOf and then by compliance officer only', () => complianceUser.webex.internal.encryption.getKey(key.uri, {onBehalfOf: user.id})
355
- .then((key2) => {
356
- assert.property(key2, 'uri');
357
- assert.property(key2, 'jwk');
358
- assert.notEqual(key2, key);
359
- assert.equal(key2.uri, key.uri);
360
- })
361
- .then(() => complianceUser.webex.internal.encryption.getKey(key.uri))
362
- .then(
363
- (value) => expect.fail(`Compliance should no longer be able to retrieve key as onBehalfOf was not set: ${value}`),
364
- (error) => expect(error.body.status).to.equal(403)
365
- ));
420
+ it('getKey forbidden as user does not have access', () =>
421
+ complianceUser.webex.internal.encryption
422
+ .getKey(key.uri, {onBehalfOf: '7851fe79-7c87-40cc-ac36-8b77b011b399'})
423
+ .then(
424
+ (value) =>
425
+ expect.fail(
426
+ `Should not be found as 7851fe79-7c87-40cc-ac36-8b77b011b399 does not have access ${value}`
427
+ ),
428
+ (error) => expect(error.body.status).to.equal(403)
429
+ ));
430
+
431
+ it('getKey onBehalfOf and then by compliance officer only', () =>
432
+ complianceUser.webex.internal.encryption
433
+ .getKey(key.uri, {onBehalfOf: user.id})
434
+ .then((key2) => {
435
+ assert.property(key2, 'uri');
436
+ assert.property(key2, 'jwk');
437
+ assert.notEqual(key2, key);
438
+ assert.equal(key2.uri, key.uri);
439
+ })
440
+ .then(() => complianceUser.webex.internal.encryption.getKey(key.uri))
441
+ .then(
442
+ (value) =>
443
+ expect.fail(
444
+ `Compliance should no longer be able to retrieve key as onBehalfOf was not set: ${value}`
445
+ ),
446
+ (error) => expect(error.body.status).to.equal(403)
447
+ ));
366
448
  });
367
449
  });