Merge pull request #5216 from novuhq/fix-api-key-migration-widget-ini…

…tilize-failure fix: api key migration widget initialize failure
novuhq · Feb 20, 2024 · 100cce6 · 100cce6
2 parents 81e4c8a + daf321c
commit 100cce6
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 2 deletions.
diff --git a/apps/api/src/app/widgets/e2e/initialize-widget-session.e2e.ts b/apps/api/src/app/widgets/e2e/initialize-widget-session.e2e.ts
@@ -10,6 +10,8 @@ import {
   InvalidateCacheService,
 } from '@novu/application-generic';
 
+import { encryptApiKeysMigration } from '../../../../migrations/encrypt-api-keys/encrypt-api-keys-migration';
+
 const integrationRepository = new IntegrationRepository();
 const subscriberId = '12345';
 
@@ -97,11 +99,23 @@ describe('Initialize Session - /widgets/session/initialize (POST)', async () =>
     const invalidSecretKey = 'invalid-secret-key';
     const invalidSubscriberHmacHash = createHash(invalidSecretKey, subscriberId);
 
-    const responseInvalidSecretKey = await initWidgetSession(subscriberId, session, invalidSecretKey);
+    const responseInvalidSecretKey = await initWidgetSession(subscriberId, session, invalidSubscriberHmacHash);
 
     expect(responseInvalidSecretKey.body?.data?.profile).to.not.exist;
     expect(responseInvalidSecretKey.body.message).to.contain('Please provide a valid HMAC hash');
   });
+
+  it('should pass api key migration regression tests', async function () {
+    const validSecretKey = session.environment.apiKeys[0].key;
+
+    const invalidSubscriberHmacHash = createHash(validSecretKey, subscriberId);
+
+    await encryptApiKeysMigration();
+
+    const response = await initWidgetSession(subscriberId, session, invalidSubscriberHmacHash);
+
+    expect(response.status).to.equal(201);
+  });
 });
 
 async function initWidgetSession(subscriberIdentifier: string, session, hmacHash?: string) {

diff --git a/apps/api/src/app/widgets/usecases/initialize-session/initialize-session.usecase.ts b/apps/api/src/app/widgets/usecases/initialize-session/initialize-session.usecase.ts
@@ -10,6 +10,7 @@ import {
   SelectIntegration,
   AuthService,
   createHash,
+  decryptApiKey,
 } from '@novu/application-generic';
 
 import { ApiException } from '../../../shared/exceptions/api.exception';
@@ -84,7 +85,8 @@ export class InitializeSession {
 }
 
 function validateNotificationCenterEncryption(environment, command: InitializeSessionCommand) {
-  const hmacHash = createHash(environment.apiKeys[0].key, command.subscriberId);
+  const key = decryptApiKey(environment.apiKeys[0].key);
+  const hmacHash = createHash(key, command.subscriberId);
   if (hmacHash !== command.hmacHash) {
     throw new ApiException('Please provide a valid HMAC hash');
   }