overleaf/libraries/access-token-encryptor/test/unit/js/AccessTokenEncryptorTests.js
Jakob Ackermann 01aebbf69d Merge pull request #11559 from overleaf/jpa-access-token-encryptor-remove-v1
[access-token-encryptor] drop support for legacy v1 token scheme

GitOrigin-RevId: 2d32453ad38119fa45cfd77463091f2c91dfe647
2023-02-02 18:22:42 +00:00

125 lines
4.2 KiB
JavaScript

const chai = require('chai')
chai.should()
const { expect } = chai
const modulePath = '../../../index.js'
const SandboxedModule = require('sandboxed-module')
describe('AccessTokenEncryptor', function () {
beforeEach(function () {
this.testObject = { hello: 'world' }
this.encrypted2015 =
'2015.1:473a66fb5d816bc716f278ab819d88a5:+mTg7O9sgUND8pNQFG6h2GE='
this.encrypted2016 =
'2016.1:76a7d64a444ccee1a515b49c44844a69:m5YSkexUsLjcF4gLncm72+k='
this.encrypted2019 =
'2019.1:627143b2ab185a020c8720253a4c984e:7gnY6Ez3/Y3UWgLHLfBtJsE=:bf75cecb6aeea55b3c060e1122d2a82d'
this.badLabel = 'xxxxxx:c7a39310056b694c:jQf+Uh5Den3JREtvc82GW5Q='
this.badKey = '2015.1:d7a39310056b694c:jQf+Uh5Den3JREtvc82GW5Q='
this.badCipherText = '2015.1:c7a39310056b694c:xQf+Uh5Den3JREtvc82GW5Q='
this.settings = {
cipherLabel: '2019.1',
cipherPasswords: {
2016.1: '11111111111111111111111111111111111111',
2015.1: '22222222222222222222222222222222222222',
2019.1: '33333333333333333333333333333333333333',
},
}
this.AccessTokenEncryptor = SandboxedModule.require(modulePath, {
globals: {
Buffer,
},
requires: {
'@overleaf/logger': {
err() {},
},
},
})
this.encryptor = new this.AccessTokenEncryptor(this.settings)
})
describe('encrypt', function () {
it('should encrypt the object', function (done) {
this.encryptor.encryptJson(this.testObject, (err, encrypted) => {
expect(err).to.be.null
encrypted.should.match(
/^2019.1:[0-9a-f]{32}:[a-zA-Z0-9=+/]+:[0-9a-f]{32}$/
)
done()
})
})
it('should encrypt the object differently the next time', function (done) {
this.encryptor.encryptJson(this.testObject, (err, encrypted1) => {
expect(err).to.be.null
this.encryptor.encryptJson(this.testObject, (err, encrypted2) => {
expect(err).to.be.null
encrypted1.should.not.equal(encrypted2)
done()
})
})
})
})
describe('decrypt', function () {
it('should decrypt the string to get the same object', function (done) {
this.encryptor.encryptJson(this.testObject, (err, encrypted) => {
expect(err).to.be.null
this.encryptor.decryptToJson(encrypted, (err, decrypted) => {
expect(err).to.be.null
expect(decrypted).to.deep.equal(this.testObject)
done()
})
})
})
it('should not be able to decrypt 2015 string', function (done) {
this.encryptor.decryptToJson(this.encrypted2015, (err, decrypted) => {
expect(err).to.exist
expect(err.message).to.equal('token scheme v1 is not supported anymore')
expect(decrypted).to.not.exist
done()
})
})
it('should not be able to decrypt a 2016 string', function (done) {
this.encryptor.decryptToJson(this.encrypted2016, (err, decrypted) => {
expect(err).to.exist
expect(err.message).to.equal('token scheme v1 is not supported anymore')
expect(decrypted).to.not.exist
done()
})
})
it('should decrypt an 2019 string to get the same object', function (done) {
this.encryptor.decryptToJson(this.encrypted2019, (err, decrypted) => {
expect(err).to.be.null
expect(decrypted).to.deep.equal(this.testObject)
done()
})
})
it('should return an error when decrypting an invalid label', function (done) {
this.encryptor.decryptToJson(this.badLabel, (err, decrypted) => {
expect(err).to.be.instanceof(Error)
expect(decrypted).to.be.undefined
done()
})
})
it('should return an error when decrypting an invalid key', function (done) {
this.encryptor.decryptToJson(this.badKey, (err, decrypted) => {
expect(err).to.be.instanceof(Error)
expect(decrypted).to.be.undefined
done()
})
})
it('should return an error when decrypting an invalid ciphertext', function (done) {
this.encryptor.decryptToJson(this.badCipherText, (err, decrypted) => {
expect(err).to.be.instanceof(Error)
expect(decrypted).to.be.undefined
done()
})
})
})
})