Bad test II

Author: RickCarlino

__tests__/config.js

@@ -0,0 +1,7 @@
+"use strict";
+require("jest");
+describe("foo", function () {
+    it("bars", function () {
+        expect(true).toBe((true));
+    });
+});

__tests__/index.js

@@ -0,0 +1,6 @@
+"use strict";
+describe("foo", function () {
+    it("bars", function () {
+        expect(true).toBe((true));
+    });
+});

__tests__/logger.js

@@ -0,0 +1,6 @@
+"use strict";
+describe("foo", function () {
+    it("bars", function () {
+        expect(true).toBe((true));
+    });
+});

__tests__/on_ready.js

@@ -0,0 +1,6 @@
+"use strict";
+describe("foo", function () {
+    it("bars", function () {
+        expect(true).toBe((true));
+    });
+});

__tests__/security/authenticate.js

@@ -0,0 +1,35 @@
+"use strict";
+var verify_token_1 = require("../../app/security/verify_token");
+var fetch_real_token_1 = require("../../support/fetch_real_token");
+var EMAIL = "[email protected]";
+var PASSWORD = "password123";
+var validJWT;
+var invalidJWT = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbkBhZG1pbi5jb20iLCJpYXQiOjE0NTg4MTk1MzYsImp0aSI6ImE0MWQxMGU1LTk3NDUtNDEzOS1hYmJlLWQ5MjgzY2M2MGRjMiIsImlzcyI6ImZhcm1ib3Qtd2ViLWFwcCIsImV4cCI6MTQ1OTE2NTEzNiwiYWxnIjoiUlMyNTYifQ.reuRxMr_WMgu9prisSjGBuIuKRQw9Tmc5U_kWJyzFm0';
+describe("token verification", function () {
+    beforeAll(function (done) {
+        fetch_real_token_1.fetchRealJWT()
+            .then(function (token) {
+            validJWT = token;
+            done();
+        });
+    });
+    it("knows when you're lying", function (done) {
+        function assertions(error) {
+            expect(error.message).toBeDefined();
+            done();
+        }
+        verify_token_1.verifyToken(invalidJWT).then(assertions, assertions);
+    });
+    it("knows when you're telling the truth", function (done) {
+        function assertions(data) {
+            expect(data.sub).toEqual('[email protected]');
+            expect(data.iss).toEqual('//localhost:3000');
+            done();
+        }
+        function failure(error) {
+            fail("Failed to validate JWT. Error is above.");
+            done();
+        }
+        verify_token_1.verifyToken(validJWT).then(assertions, failure);
+    });
+});

__tests__/security/authenticate.ts

@@ -1,4 +1,4 @@
-import { authenticate as auth } from "../../app/security/authenticate";
+import { authenticate as auth } from "../../app/authentication/authenticate";
 import { verifyToken as verify } from '../../app/security/verify_token';
 import { fetchRealJWT } from "../../support/fetch_real_token";
 

__tests__/security/authorize_publish.js

@@ -0,0 +1,6 @@
+"use strict";
+describe("foo", function () {
+    it("bars", function () {
+        expect(true).toBe((true));
+    });
+});

__tests__/security/authorize_subscribe.js

@@ -0,0 +1,6 @@
+"use strict";
+describe("foo", function () {
+    it("bars", function () {
+        expect(true).toBe((true));
+    });
+});

__tests__/security/can_use_topic.js

@@ -0,0 +1,6 @@
+"use strict";
+describe("foo", function () {
+    it("bars", function () {
+        expect(true).toBe((true));
+    });
+});

__tests__/security/verify_token.js

@@ -0,0 +1,35 @@
+"use strict";
+var verify_token_1 = require("../../app/security/verify_token");
+var fetch_real_token_1 = require("../../support/fetch_real_token");
+var EMAIL = "[email protected]";
+var PASSWORD = "password123";
+var validJWT;
+var invalidJWT = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbkBhZG1pbi5jb20iLCJpYXQiOjE0NTg4MTk1MzYsImp0aSI6ImE0MWQxMGU1LTk3NDUtNDEzOS1hYmJlLWQ5MjgzY2M2MGRjMiIsImlzcyI6ImZhcm1ib3Qtd2ViLWFwcCIsImV4cCI6MTQ1OTE2NTEzNiwiYWxnIjoiUlMyNTYifQ.reuRxMr_WMgu9prisSjGBuIuKRQw9Tmc5U_kWJyzFm0';
+describe("token verification", function () {
+    beforeAll(function (done) {
+        fetch_real_token_1.fetchRealJWT()
+            .then(function (token) {
+            validJWT = token;
+            done();
+        });
+    });
+    it("knows when you're lying", function (done) {
+        function assertions(error) {
+            expect(error.message).toBeDefined();
+            done();
+        }
+        verify_token_1.verifyToken(invalidJWT).then(assertions, assertions);
+    });
+    it("knows when you're telling the truth", function (done) {
+        function assertions(data) {
+            expect(data.sub).toEqual('[email protected]');
+            expect(data.iss).toEqual('//localhost:3000');
+            done();
+        }
+        function failure(error) {
+            fail("Failed to validate JWT. Error is above.");
+            done();
+        }
+        verify_token_1.verifyToken(validJWT).then(assertions, failure);
+    });
+});

__tests__/security/verify_token.ts

@@ -1,4 +1,4 @@
-import { authenticate as auth } from "../../app/security/authenticate";
+import { authenticate as auth } from "../../app/authentication/authenticate";
 import { verifyToken as verify } from '../../app/security/verify_token';
 import { fetchRealJWT } from "../../support/fetch_real_token";
 

app/authentication/authenticate.js

@@ -0,0 +1,19 @@
+"use strict";
+// test@test.com password123
+var verify_token_1 = require("../security/verify_token");
+var logger_1 = require("../logger");
+var authenticate_ok_1 = require("./authenticate_ok");
+var authenticate_no_1 = require("./authenticate_no");
+/** Determine if user is authorized to use the server. */
+function authenticate(client, username, password, callback) {
+    logger_1.log("AUTH START");
+    var ok = authenticate_ok_1.authenticateOk(client, callback, username);
+    var no = authenticate_no_1.authenticateNo(client, callback, username);
+    if (username && password) {
+        verify_token_1.verifyToken(password.toString()).then(ok, no);
+    }
+    else {
+        no(new Error("username and password required"));
+    }
+}
+exports.authenticate = authenticate;

app/authentication/authenticate_no.js

@@ -0,0 +1,13 @@
+"use strict";
+var logger_1 = require("../logger");
+/** Creates a function that is triggered when a JWT is invalid. */
+function authenticateNo(client, callback, username) {
+    return function (error) {
+        logger_1.log("AUTH FAIL " + username);
+        logger_1.log(error.message);
+        logger_1.log(error);
+        client.authError = error;
+        callback(null, false);
+    };
+}
+exports.authenticateNo = authenticateNo;

app/authentication/authenticate_ok.js

@@ -0,0 +1,11 @@
+"use strict";
+var logger_1 = require("../logger");
+/** Creates a function that is triggered when a JWT is invalid. */
+function authenticateOk(client, callback, username) {
+    return function (permissions) {
+        logger_1.log("AUTH OK " + username);
+        client.permissions = permissions;
+        callback(null, true);
+    };
+}
+exports.authenticateOk = authenticateOk;

app/authorization/authorize_publish.js

@@ -0,0 +1,7 @@
+"use strict";
+var can_use_topic_1 = require("./can_use_topic");
+/** Determines if a user is allowed to publish to a particular topic. */
+function authorizePublish(client, topic, payload, callback) {
+    callback(null, can_use_topic_1.canUseTopic(client, topic));
+}
+exports.authorizePublish = authorizePublish;

app/authorization/authorize_subscribe.js

@@ -0,0 +1,7 @@
+"use strict";
+var can_use_topic_1 = require("./can_use_topic");
+/** Determines if a user is allowed to listen to a particular topic. */
+function authorizeSubscribe(client, topic, callback) {
+    callback(null, can_use_topic_1.canUseTopic(client, topic));
+}
+exports.authorizeSubscribe = authorizeSubscribe;

app/authorization/can_use_topic.js

@@ -0,0 +1,21 @@
+"use strict";
+var logger_1 = require("../logger");
+/** If a user has a bot of id XYZ, then they may access any topic
+ *  following pattern bot/XYZ/# */
+function canUseTopic(client, topic) {
+    var hasBot = topic &&
+        client &&
+        client.permissions &&
+        client.permissions.bot;
+    if (!hasBot) {
+        logger_1.log("Tried to access topic " +
+            (topic || "???") +
+            " but no bot/topic provided.");
+        return false;
+    }
+    ;
+    var botID = client.permissions.bot;
+    var allowedTopic = "bot/" + botID + "/";
+    return topic.startsWith(allowedTopic);
+}
+exports.canUseTopic = canUseTopic;

app/config.js

@@ -0,0 +1,33 @@
+"use strict";
+var logger_1 = require("./logger");
+exports.webAppUrl = process.env.WEB_API_URL || "http://localhost:3000";
+logger_1.log("Using " + exports.webAppUrl + " as API URL");
+function generateConfig(sslDomain) {
+    if (sslDomain === void 0) { sslDomain = ""; }
+    var SSL_DIR = "/etc/letsencrypt/live/" + sslDomain + "/";
+    var config = {
+        allowNonSecure: true,
+        port: 1883,
+        http: {
+            port: 3002,
+            bundle: true,
+            static: "./public"
+        },
+        https: {
+            port: 443
+        },
+        secure: {
+            port: 8883,
+            keyPath: SSL_DIR + "privkey.pem",
+            certPath: SSL_DIR + "cert.pem"
+        }
+    };
+    // Remove SSL features if SSL_DOMAIN
+    // was not set.
+    if (!sslDomain) {
+        delete config.https;
+        delete config.secure;
+    }
+    return config;
+}
+exports.generateConfig = generateConfig;

app/index.js

@@ -0,0 +1,6 @@
+"use strict";
+var mosca_1 = require("mosca");
+var config_1 = require("./config");
+var on_ready_1 = require("./on_ready");
+var server = new mosca_1.Server(config_1.generateConfig(process.env.SSL_DOMAIN));
+server.on("ready", on_ready_1.onReady(server));

app/logger.js

@@ -0,0 +1,7 @@
+"use strict";
+function log(args) {
+    if (!process.env.DISABLE_LOGS) {
+        console.log.apply(this, arguments);
+    }
+}
+exports.log = log;

app/on_ready.js

@@ -0,0 +1,32 @@
+"use strict";
+var authenticate_1 = require("./authentication/authenticate");
+var authorize_publish_1 = require("./authorization/authorize_publish");
+var authorize_subscribe_1 = require("./authorization/authorize_subscribe");
+var logger_1 = require("./logger");
+exports.onReady = function (server) { return function () {
+    logger_1.log("Server online");
+    server.on("clientConnected", function () { return logger_1.log("clientConnected"); });
+    server.on("clientDisconnecting", function () { return logger_1.log("clientDisconnecting"); });
+    server.on("clientDisconnected", function () { return logger_1.log("clientDisconnected"); });
+    server.on("published", function () {
+        logger_1.log("\n=== Incoming Message ===");
+        var output;
+        try {
+            console.log(arguments[0].topic);
+            var s = String.fromCharCode.apply(null, new Uint16Array(arguments[0].payload));
+            output = JSON.stringify(JSON.parse(s), null, 2);
+        }
+        catch (error) {
+            output = arguments[0].payload;
+        }
+        finally {
+            console.log(output);
+        }
+    });
+    server.on("subscribed", function () { return logger_1.log("subscribed"); });
+    server.on("unsubscribed", function () { return logger_1.log("unsubscribed"); });
+    server.on("error", function () { return logger_1.log("error"); });
+    server.authenticate = authenticate_1.authenticate;
+    server.authorizePublish = authorize_publish_1.authorizePublish;
+    server.authorizeSubscribe = authorize_subscribe_1.authorizeSubscribe;
+}; };

app/security/verify_token.js

@@ -0,0 +1,29 @@
+"use strict";
+var config_1 = require("../config");
+var axios_1 = require("axios");
+var jwt = require("jsonwebtoken");
+var logger_1 = require("../logger");
+var url = config_1.webAppUrl + "/api/public_key";
+function keyOk(resp) {
+    logger_1.log("Downloaded certificate from " + url);
+    return new Buffer(resp.data, "utf8");
+}
+function no(error) {
+    logger_1.log("Unable to download certificate from " + url);
+    logger_1.log("Is the FarmBot API running?");
+    process.exit();
+}
+var getCertificate = axios_1.default.get(url).then(keyOk, no);
+function verifyToken(token) {
+    function no(error) {
+        logger_1.log("Unable to verify token " + url);
+    }
+    function ok(cert) {
+        logger_1.log("Did fetch certificate. Will verify token with certificate.");
+        return jwt.verify(token, cert, { algorithms: ["RS256"] });
+    }
+    logger_1.log("Will fetch certificate...");
+    return getCertificate.then(ok, no);
+}
+exports.verifyToken = verifyToken;
+;

support/fetch_real_token.js

@@ -0,0 +1,18 @@
+"use strict";
+var axios_1 = require("axios");
+var p = axios_1.default.post("http://localhost:3000/api/tokens", {
+    user: {
+        email: "[email protected]",
+        password: "password123"
+    }
+});
+function fetchRealJWT() {
+    function ok(resp) {
+        return resp.data.token.encoded;
+    }
+    function no() {
+        console.log("\n        We test the MQTT server against a real running API instance on localhost:3000.\n        Something went wrong while testing.\n        Usually, this means you are not running a server.\n        ");
+    }
+    return p.then(ok, no);
+}
+exports.fetchRealJWT = fetchRealJWT;