From 1badacdb73ed3e63d656df69b5efbe463b6494ff Mon Sep 17 00:00:00 2001
From: James Garbutt <43081j@users.noreply.github.com>
Date: Fri, 17 May 2024 22:12:24 +0100
Subject: [PATCH] test: add tests for middleware bodies (#48)

---
 src/__tests__/verifyKey.ts           | 33 ++++++++++++++++
 src/__tests__/verifyKeyMiddleware.ts | 59 ++++++++++++++++++++++++++++
 2 files changed, 92 insertions(+)

diff --git a/src/__tests__/verifyKey.ts b/src/__tests__/verifyKey.ts
index 1ea37f4..c88ff48 100644
--- a/src/__tests__/verifyKey.ts
+++ b/src/__tests__/verifyKey.ts
@@ -134,4 +134,37 @@ describe('verify key method', () => {
 			),
 		).toBe(false);
 	});
+
+	it('supports array buffers', () => {
+		const signedRequest = signRequestWithKeyPair(
+			pingRequestBody,
+			validKeyPair.secretKey,
+		);
+		const encoder = new TextEncoder();
+		const bodyEncoded = encoder.encode(signedRequest.body);
+		expect(
+			verifyKey(
+				bodyEncoded.buffer,
+				signedRequest.signature,
+				signedRequest.timestamp,
+				validKeyPair.publicKey,
+			),
+		).toBe(true);
+	});
+
+	it('invalid body data type', () => {
+		const signedRequest = signRequestWithKeyPair(
+			pingRequestBody,
+			validKeyPair.secretKey,
+		);
+		const invalidBody = {} as unknown as string;
+		expect(
+			verifyKey(
+				invalidBody,
+				signedRequest.signature,
+				signedRequest.timestamp,
+				validKeyPair.publicKey,
+			),
+		).toBe(false);
+	});
 });
diff --git a/src/__tests__/verifyKeyMiddleware.ts b/src/__tests__/verifyKeyMiddleware.ts
index 4f71b5e..5cb6c33 100644
--- a/src/__tests__/verifyKeyMiddleware.ts
+++ b/src/__tests__/verifyKeyMiddleware.ts
@@ -48,8 +48,16 @@ const exampleAutocompleteResponse = {
 	},
 };
 
+let requestBody: unknown = undefined;
+
 expressApp.post(
 	'/interactions',
+	(req, _res, next) => {
+		if (requestBody) {
+			req.body = requestBody;
+		}
+		next();
+	},
 	verifyKeyMiddleware(Buffer.from(validKeyPair.publicKey).toString('hex')),
 	(req: Request, res: Response) => {
 		const interaction = req.body;
@@ -79,6 +87,11 @@ beforeAll(async () => {
 });
 
 describe('verify key middleware', () => {
+	afterEach(() => {
+		requestBody = undefined;
+		jest.restoreAllMocks();
+	});
+
 	it('valid ping', async () => {
 		// Sign and verify a valid ping request
 		const signedRequest = signRequestWithKeyPair(
@@ -245,6 +258,52 @@ describe('verify key middleware', () => {
 		);
 		expect(exampleRequestResponse.status).toBe(401);
 	});
+
+	it('missing public key', async () => {
+		expect(() => verifyKeyMiddleware('')).toThrow(
+			'You must specify a Discord client public key',
+		);
+	});
+
+	it('handles string bodies from middleware', async () => {
+		const signedRequest = signRequestWithKeyPair(
+			pingRequestBody,
+			validKeyPair.secretKey,
+		);
+		requestBody = signedRequest.body;
+		const exampleRequestResponse = await sendExampleRequest(
+			exampleInteractionsUrl,
+			{
+				'x-signature-ed25519': signedRequest.signature,
+				'x-signature-timestamp': signedRequest.timestamp,
+				'content-type': 'application/json',
+			},
+			'',
+		);
+		expect(exampleRequestResponse.status).toBe(200);
+	});
+
+	it('warns on unknown bodies from middleware', async () => {
+		const warnSpy = jest.spyOn(console, 'warn').mockImplementation(() => {
+			return;
+		});
+		const signedRequest = signRequestWithKeyPair(
+			pingRequestBody,
+			validKeyPair.secretKey,
+		);
+		requestBody = JSON.parse(signedRequest.body);
+		const exampleRequestResponse = await sendExampleRequest(
+			exampleInteractionsUrl,
+			{
+				'x-signature-ed25519': signedRequest.signature,
+				'x-signature-timestamp': signedRequest.timestamp,
+				'content-type': 'application/json',
+			},
+			'',
+		);
+		expect(exampleRequestResponse.status).toBe(200);
+		expect(warnSpy).toBeCalled();
+	});
 });
 
 afterAll(() => {