test: add some tests

Yizack · Jun 29, 2024 · fff9828 · fff9828
1 parent a49152a
commit fff9828
Show file tree

Hide file tree

Showing 9 changed files with 160 additions and 5 deletions.
diff --git a/test/basic.test.ts b/test/basic.test.ts
@@ -5,11 +5,6 @@ import { setup, $fetch } from '@nuxt/test-utils'
 describe('ssr', async () => {
   await setup({
     rootDir: fileURLToPath(new URL('./fixtures/basic', import.meta.url)),
-    nuxtConfig: {
-      runtimeConfig: {
-
-      },
-    },
   })
 
   it('renders the index page', async () => {

diff --git a/test/fixtures/basic/nuxt.config.ts b/test/fixtures/basic/nuxt.config.ts
@@ -2,4 +2,22 @@ export default defineNuxtConfig({
   modules: [
     '../../../src/module',
   ],
+  runtimeConfig: {
+    webhook: {
+      github: {
+        secretKey: 'testGitHubSecretKey',
+      },
+      paddle: {
+        webhookId: 'testPaddleWebhookId',
+      },
+      paypal: {
+        clientId: '',
+        secretKey: '',
+        webhookId: '',
+      },
+      twitch: {
+        secretKey: 'testTwitchSecretKey',
+      },
+    },
+  },
 })
diff --git a/test/fixtures/basic/server/api/webhooks/github.post.ts b/test/fixtures/basic/server/api/webhooks/github.post.ts
@@ -0,0 +1,10 @@
+import { defineEventHandler, createError } from 'h3'
+import { isValidGithubWebhook } from './../../../../../../src/runtime/server/utils/webhooks'
+
+export default defineEventHandler(async (event) => {
+  const isValidWebhook = await isValidGithubWebhook(event)
+
+  if (!isValidWebhook) throw createError({ statusCode: 401, statusMessage: 'Unauthorized: webhook is not valid' })
+
+  return { isValidWebhook }
+})
diff --git a/test/fixtures/basic/server/api/webhooks/paddle.post.ts b/test/fixtures/basic/server/api/webhooks/paddle.post.ts
@@ -0,0 +1,10 @@
+import { defineEventHandler, createError } from 'h3'
+import { isValidPaddleWebhook } from './../../../../../../src/runtime/server/utils/webhooks'
+
+export default defineEventHandler(async (event) => {
+  const isValidWebhook = await isValidPaddleWebhook(event)
+
+  if (!isValidWebhook) throw createError({ statusCode: 401, statusMessage: 'Unauthorized: webhook is not valid' })
+
+  return { isValidWebhook }
+})
diff --git a/test/fixtures/basic/server/api/webhooks/paypal.post.ts b/test/fixtures/basic/server/api/webhooks/paypal.post.ts
@@ -0,0 +1,10 @@
+import { defineEventHandler, createError } from 'h3'
+import { isValidPaypalWebhook } from './../../../../../../src/runtime/server/utils/webhooks'
+
+export default defineEventHandler(async (event) => {
+  const isValidWebhook = await isValidPaypalWebhook(event)
+
+  if (!isValidWebhook) throw createError({ statusCode: 401, statusMessage: 'Unauthorized: webhook is not valid' })
+
+  return { isValidWebhook }
+})
diff --git a/test/fixtures/basic/server/api/webhooks/twitch.post.ts b/test/fixtures/basic/server/api/webhooks/twitch.post.ts
@@ -0,0 +1,10 @@
+import { defineEventHandler, createError } from 'h3'
+import { isValidTwitchWebhook } from './../../../../../../src/runtime/server/utils/webhooks'
+
+export default defineEventHandler(async (event) => {
+  const isValidWebhook = await isValidTwitchWebhook(event)
+
+  if (!isValidWebhook) throw createError({ statusCode: 401, statusMessage: 'Unauthorized: webhook is not valid' })
+
+  return { isValidWebhook }
+})
diff --git a/test/github.test.ts b/test/github.test.ts
@@ -0,0 +1,31 @@
+import { fileURLToPath } from 'node:url'
+import { subtle } from 'node:crypto'
+import { Buffer } from 'node:buffer'
+import { describe, it, expect } from 'vitest'
+import { setup, $fetch } from '@nuxt/test-utils'
+
+describe('github', async () => {
+  await setup({
+    rootDir: fileURLToPath(new URL('./fixtures/basic', import.meta.url)),
+  })
+
+  it('valid GitHub webhook', async () => {
+    const body = 'testBody'
+    const secretKey = 'testGitHubSecretKey'
+    const encoder = new TextEncoder()
+    const signature = await subtle.importKey('raw', encoder.encode(secretKey), { name: 'HMAC', hash: 'SHA-256' }, false, ['sign'])
+    const hmac = await subtle.sign('HMAC', signature, encoder.encode(body))
+    const computedHash = Buffer.from(hmac).toString('hex')
+    const validSignature = `sha256=${computedHash}`
+
+    const headers = { 'X-Hub-Signature-256': validSignature }
+
+    const response = await $fetch<{ isValidWebhook: boolean }>('/api/webhooks/github', {
+      method: 'POST',
+      headers,
+      body,
+    })
+
+    expect(response).toStrictEqual({ isValidWebhook: true })
+  })
+})
diff --git a/test/paddle.test.ts b/test/paddle.test.ts
@@ -0,0 +1,33 @@
+import { fileURLToPath } from 'node:url'
+import { subtle } from 'node:crypto'
+import { Buffer } from 'node:buffer'
+import { describe, it, expect } from 'vitest'
+import { setup, $fetch } from '@nuxt/test-utils'
+
+describe('paddle', async () => {
+  await setup({
+    rootDir: fileURLToPath(new URL('./fixtures/basic', import.meta.url)),
+  })
+
+  it('valid Paddle webhook', async () => {
+    const timestamp = Math.floor(Date.now() / 1000)
+    const body = 'testBody'
+    const webhookId = 'testPaddleWebhookId'
+    const encoder = new TextEncoder()
+    const signature = await subtle.importKey('raw', encoder.encode(webhookId), { name: 'HMAC', hash: 'SHA-256' }, false, ['sign'])
+    const hmac = await subtle.sign('HMAC', signature, encoder.encode(`${timestamp}:${body}`))
+    const computedHash = Buffer.from(hmac).toString('hex')
+
+    const validSignature = `h1=${computedHash};ts=${timestamp}`
+
+    const headers = { 'paddle-signature': validSignature }
+
+    const response = await $fetch<{ isValidWebhook: boolean }>('/api/webhooks/paddle', {
+      method: 'POST',
+      headers,
+      body,
+    })
+
+    expect(response).toStrictEqual({ isValidWebhook: true })
+  })
+})
diff --git a/test/twitch.test.ts b/test/twitch.test.ts
@@ -0,0 +1,38 @@
+import { fileURLToPath } from 'node:url'
+import { subtle } from 'node:crypto'
+import { Buffer } from 'node:buffer'
+import { describe, it, expect } from 'vitest'
+import { setup, $fetch } from '@nuxt/test-utils'
+
+describe('github', async () => {
+  await setup({
+    rootDir: fileURLToPath(new URL('./fixtures/basic', import.meta.url)),
+  })
+
+  it('valid GitHub webhook', async () => {
+    const timestamp = Math.floor(Date.now() / 1000)
+    const body = 'testBody'
+    const messageId = 'testMessageId'
+    const secretKey = 'testTwitchSecretKey'
+    const message = messageId + timestamp + body
+    const encoder = new TextEncoder()
+    const signature = await subtle.importKey('raw', encoder.encode(secretKey), { name: 'HMAC', hash: 'SHA-256' }, false, ['sign'])
+    const hmac = await subtle.sign('HMAC', signature, encoder.encode(message))
+    const computedHash = Buffer.from(hmac).toString('hex')
+    const validSignature = `sha256=${computedHash}`
+
+    const headers = {
+      'Twitch-Eventsub-Message-Id': messageId,
+      'Twitch-Eventsub-Message-Timestamp': timestamp.toString(),
+      'Twitch-Eventsub-Message-Signature': validSignature,
+    }
+
+    const response = await $fetch<{ isValidWebhook: boolean }>('/api/webhooks/twitch', {
+      method: 'POST',
+      headers,
+      body,
+    })
+
+    expect(response).toStrictEqual({ isValidWebhook: true })
+  })
+})