nest-encrypt-cycle 2.0.0 → 2.0.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nest-encrypt-cycle",
-  "version": "2.0.0",
+  "version": "2.0.2",
   "description": "A NestJS interceptor that encrypts/decrypts request and response bodies",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/test-query-params.js

@@ -0,0 +1,99 @@
+/**
+ * Query Parameter 처리 테스트
+ * Whitelist에 /api/test가 있으면 /api/test?id=1도 매칭되어야 함
+ */
+const { EncryptService } = require('./dist/src/encrypt.service');
+
+const KEY = '0123456789abcdef0123456789abcdef';
+
+// Whitelist에 /api/users 추가
+const encryptService = new EncryptService({
+  key: KEY,
+  whiteList: [
+    { method: 'GET', pathname: '/api/users' },
+    { method: 'POST', pathname: '/api/data' },
+  ],
+});
+
+console.log('🧪 Query Parameter Whitelist Test\n');
+console.log('='.repeat(80));
+
+const testCases = [
+  {
+    name: 'Whitelisted path without query params',
+    pathname: '/api/users',
+    method: 'GET',
+    data: 'test data',
+    shouldEncrypt: false,
+  },
+  {
+    name: 'Whitelisted path WITH query params (should still be whitelisted)',
+    pathname: '/api/users?id=123',
+    method: 'GET',
+    data: 'test data',
+    shouldEncrypt: false,
+    note: '❌ This will FAIL with old code, ✅ PASS with new code',
+  },
+  {
+    name: 'Whitelisted path with multiple query params',
+    pathname: '/api/users?id=123&page=2&limit=10',
+    method: 'GET',
+    data: 'test data',
+    shouldEncrypt: false,
+    note: '❌ This will FAIL with old code, ✅ PASS with new code',
+  },
+  {
+    name: 'Non-whitelisted path',
+    pathname: '/api/secret',
+    method: 'GET',
+    data: 'test data',
+    shouldEncrypt: true,
+  },
+  {
+    name: 'Non-whitelisted path with query params',
+    pathname: '/api/secret?id=1',
+    method: 'GET',
+    data: 'test data',
+    shouldEncrypt: true,
+  },
+];
+
+let allPassed = true;
+
+for (const testCase of testCases) {
+  console.log(`\n📋 ${testCase.name}`);
+  if (testCase.note) {
+    console.log(`   ${testCase.note}`);
+  }
+  console.log(`   Path: ${testCase.pathname}`);
+  console.log(`   Method: ${testCase.method}`);
+
+  // Note: interceptor에서 pathname을 split('?')[0]으로 처리하므로
+  // 여기서도 동일하게 처리
+  const cleanPathname = testCase.pathname.split('?')[0];
+  const result = encryptService.encrypt(testCase.data, cleanPathname, testCase.method);
+
+  const wasEncrypted = result !== testCase.data;
+  const expectedBehavior = testCase.shouldEncrypt;
+
+  if (wasEncrypted === expectedBehavior) {
+    console.log(`   ✅ PASSED: Data was ${wasEncrypted ? 'encrypted' : 'NOT encrypted'} (as expected)`);
+  } else {
+    console.log(`   ❌ FAILED: Data was ${wasEncrypted ? 'encrypted' : 'NOT encrypted'} (expected ${expectedBehavior ? 'encrypted' : 'NOT encrypted'})`);
+    allPassed = false;
+  }
+}
+
+console.log('\n' + '='.repeat(80));
+console.log();
+
+if (allPassed) {
+  console.log('✅ All query parameter tests PASSED!');
+  console.log('\nNow whitelist works correctly with query parameters:');
+  console.log('  - /api/users         → whitelisted');
+  console.log('  - /api/users?id=1    → whitelisted (query params ignored)');
+  console.log('  - /api/users?page=2  → whitelisted (query params ignored)');
+} else {
+  console.log('❌ Some tests FAILED.');
+  process.exit(1);
+}

package/test-wildcard.js

@@ -0,0 +1,154 @@
+/**
+ * Wildcard Pattern Matching Test
+ * Test various wildcard patterns in whitelist
+ */
+const { EncryptService } = require('./dist/src/encrypt.service');
+
+const KEY = '0123456789abcdef0123456789abcdef';
+
+console.log('🧪 Wildcard Pattern Matching Test\n');
+console.log('='.repeat(80));
+
+// Test Case 1: Simple wildcard at the end
+console.log('\n📋 Test 1: /api/users/* pattern');
+console.log('-'.repeat(80));
+
+const service1 = new EncryptService({
+  key: KEY,
+  whiteList: [
+    { method: 'GET', pathname: '/api/users/*' },
+  ],
+});
+
+const testCases1 = [
+  { pathname: '/api/users/123', expected: false, desc: 'Match: /api/users/123' },
+  { pathname: '/api/users/abc', expected: false, desc: 'Match: /api/users/abc' },
+  { pathname: '/api/users/uuid-1234', expected: false, desc: 'Match: /api/users/uuid-1234' },
+  { pathname: '/api/users', expected: true, desc: 'No match: /api/users (no trailing segment)' },
+  { pathname: '/api/users/123/profile', expected: true, desc: 'No match: /api/users/123/profile (too deep)' },
+  { pathname: '/api/posts/1', expected: true, desc: 'No match: /api/posts/1 (different path)' },
+];
+
+let allPassed = true;
+
+for (const test of testCases1) {
+  const result = service1.encrypt('test data', test.pathname, 'GET');
+  const wasEncrypted = result !== 'test data';
+  const passed = wasEncrypted === test.expected;
+
+  console.log(`${passed ? '✅' : '❌'} ${test.desc}`);
+  if (!passed) {
+    console.log(`   Expected: ${test.expected ? 'encrypted' : 'NOT encrypted'}, Got: ${wasEncrypted ? 'encrypted' : 'NOT encrypted'}`);
+    allPassed = false;
+  }
+}
+
+// Test Case 2: Wildcard in the middle
+console.log('\n📋 Test 2: /api/*/profile pattern');
+console.log('-'.repeat(80));
+
+const service2 = new EncryptService({
+  key: KEY,
+  whiteList: [
+    { method: 'GET', pathname: '/api/*/profile' },
+  ],
+});
+
+const testCases2 = [
+  { pathname: '/api/users/profile', expected: false, desc: 'Match: /api/users/profile' },
+  { pathname: '/api/123/profile', expected: false, desc: 'Match: /api/123/profile' },
+  { pathname: '/api/admin/profile', expected: false, desc: 'Match: /api/admin/profile' },
+  { pathname: '/api/profile', expected: true, desc: 'No match: /api/profile (missing middle segment)' },
+  { pathname: '/api/users/123/profile', expected: true, desc: 'No match: /api/users/123/profile (too many segments)' },
+  { pathname: '/api/users/settings', expected: true, desc: 'No match: /api/users/settings (wrong ending)' },
+];
+
+for (const test of testCases2) {
+  const result = service2.encrypt('test data', test.pathname, 'GET');
+  const wasEncrypted = result !== 'test data';
+  const passed = wasEncrypted === test.expected;
+
+  console.log(`${passed ? '✅' : '❌'} ${test.desc}`);
+  if (!passed) {
+    console.log(`   Expected: ${test.expected ? 'encrypted' : 'NOT encrypted'}, Got: ${wasEncrypted ? 'encrypted' : 'NOT encrypted'}`);
+    allPassed = false;
+  }
+}
+
+// Test Case 3: Multiple wildcards
+console.log('\n📋 Test 3: /api/*/posts/* pattern');
+console.log('-'.repeat(80));
+
+const service3 = new EncryptService({
+  key: KEY,
+  whiteList: [
+    { method: 'POST', pathname: '/api/*/posts/*' },
+  ],
+});
+
+const testCases3 = [
+  { pathname: '/api/users/posts/123', method: 'POST', expected: false, desc: 'Match: /api/users/posts/123' },
+  { pathname: '/api/admin/posts/456', method: 'POST', expected: false, desc: 'Match: /api/admin/posts/456' },
+  { pathname: '/api/users/posts', method: 'POST', expected: true, desc: 'No match: /api/users/posts (missing last segment)' },
+  { pathname: '/api/users/posts/123', method: 'GET', expected: true, desc: 'No match: wrong method (GET instead of POST)' },
+];
+
+for (const test of testCases3) {
+  const result = service3.encrypt('test data', test.pathname, test.method);
+  const wasEncrypted = result !== 'test data';
+  const passed = wasEncrypted === test.expected;
+
+  console.log(`${passed ? '✅' : '❌'} ${test.desc}`);
+  if (!passed) {
+    console.log(`   Expected: ${test.expected ? 'encrypted' : 'NOT encrypted'}, Got: ${wasEncrypted ? 'encrypted' : 'NOT encrypted'}`);
+    allPassed = false;
+  }
+}
+
+// Test Case 4: Mix of exact and wildcard patterns
+console.log('\n📋 Test 4: Mixed exact and wildcard patterns');
+console.log('-'.repeat(80));
+
+const service4 = new EncryptService({
+  key: KEY,
+  whiteList: [
+    { method: 'GET', pathname: '/api/health' },          // Exact
+    { method: 'GET', pathname: '/api/users/*' },         // Wildcard
+    { method: 'POST', pathname: '/api/*/create' },       // Wildcard
+  ],
+});
+
+const testCases4 = [
+  { pathname: '/api/health', method: 'GET', expected: false, desc: 'Match (exact): /api/health' },
+  { pathname: '/api/users/123', method: 'GET', expected: false, desc: 'Match (wildcard): /api/users/123' },
+  { pathname: '/api/posts/create', method: 'POST', expected: false, desc: 'Match (wildcard): /api/posts/create' },
+  { pathname: '/api/users/create', method: 'POST', expected: false, desc: 'Match (wildcard): /api/users/create' },
+  { pathname: '/api/unknown', method: 'GET', expected: true, desc: 'No match: /api/unknown' },
+];
+
+for (const test of testCases4) {
+  const result = service4.encrypt('test data', test.pathname, test.method);
+  const wasEncrypted = result !== 'test data';
+  const passed = wasEncrypted === test.expected;
+
+  console.log(`${passed ? '✅' : '❌'} ${test.desc}`);
+  if (!passed) {
+    console.log(`   Expected: ${test.expected ? 'encrypted' : 'NOT encrypted'}, Got: ${wasEncrypted ? 'encrypted' : 'NOT encrypted'}`);
+    allPassed = false;
+  }
+}
+
+console.log('\n' + '='.repeat(80));
+console.log();
+
+if (allPassed) {
+  console.log('✅ All wildcard pattern tests PASSED!\n');
+  console.log('Wildcard patterns now supported:');
+  console.log('  - /api/users/*           → matches /api/users/123, /api/users/abc');
+  console.log('  - /api/*/profile         → matches /api/users/profile, /api/admin/profile');
+  console.log('  - /api/*/posts/*         → matches /api/users/posts/1, /api/admin/posts/2');
+  console.log('  - Can mix exact + wildcard patterns in same whitelist');
+} else {
+  console.log('❌ Some tests FAILED.');
+  process.exit(1);
+}