simonvareille/keyserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check for already verified user id on publicKey.verify()

Browse Source
This commit is contained in:
Tankred Hase
2016-06-14 13:13:34 +02:00
parent a60d8b86a9
commit 1ab934da31
3 changed files with 214 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
test/integration/public-key-test.js
View File

@@ -15,27 +15,32 @@ describe('Public Key Integration Tests', function() {
this.timeout(20000);
let publicKey, email, mongo, pgp,
sendEmailStub, publicKeyArmored, emailParams;
sendEmailStub, publicKeyArmored, publicKeyArmored2, mailsSent;
const DB_TYPE = 'publickey';
const primaryEmail = 'test1@example.com';
const primaryEmail2 = 'test2@example.com';
const origin = { host:'localhost', protocol:'http' };
before(function *() {
publicKeyArmored = require('fs').readFileSync(__dirname + '/../key3.asc', 'utf8');
publicKeyArmored2 = require('fs').readFileSync(__dirname + '/../key4.asc', 'utf8');
mongo = new Mongo();
yield mongo.init(config.mongo);
});
beforeEach(function *() {
yield mongo.clear(DB_TYPE);
emailParams = null;
mailsSent = [];
sendEmailStub = sinon.stub().returns(Promise.resolve({ response:'250' }));
sendEmailStub.withArgs(sinon.match(recipient => {
return recipient.to.address === primaryEmail;
mailsSent[mailsSent.length] = {to:recipient.to.address};
return true;
}), sinon.match(params => {
emailParams = params;
return params.nonce !== undefined && params.keyId !== undefined;
mailsSent[mailsSent.length - 1].params = params;
expect(params.nonce).to.exist;
expect(params.keyId).to.exist;
return true;
}));
sinon.stub(nodemailer, 'createTransport').returns({
templateSender: () => { return sendEmailStub; }
@@ -62,24 +67,26 @@ describe('Public Key Integration Tests', function() {
describe('put', () => {
it('should persist key and send verification email with primaryEmail', function *() {
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
expect(emailParams.nonce).to.exist;
expect(mailsSent.length).to.equal(1);
expect(mailsSent[0].to).to.equal(primaryEmail);
expect(mailsSent[0].params.keyId).to.exist;
expect(mailsSent[0].params.nonce).to.exist;
});
it('should persist key and send verification email without primaryEmail', function *() {
yield publicKey.put({ publicKeyArmored, origin });
expect(emailParams.nonce).to.exist;
expect(mailsSent.length).to.equal(4);
});
it('should work twice if not yet verified', function *() {
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
expect(emailParams.nonce).to.exist;
emailParams = null;
expect(mailsSent.length).to.equal(1);
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
expect(emailParams.nonce).to.exist;
expect(mailsSent.length).to.equal(2);
});
it('should throw 304 if key already exists', function *() {
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
yield publicKey.verify(emailParams);
yield publicKey.verify(mailsSent[0].params);
try {
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
expect(false).to.be.true;
@@ -90,11 +97,9 @@ describe('Public Key Integration Tests', function() {
});
describe('verify', () => {
beforeEach(function *() {
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
});
it('should update the document', function *() {
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
let emailParams = mailsSent[0].params;
yield publicKey.verify(emailParams);
let gotten = yield mongo.get({ keyId:emailParams.keyId }, DB_TYPE);
expect(gotten.userIds[0].verified).to.be.true;
@@ -104,6 +109,8 @@ describe('Public Key Integration Tests', function() {
});
it('should not find the document', function *() {
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
let emailParams = mailsSent[0].params;
try {
yield publicKey.verify({ keyId:emailParams.keyId, nonce:'fake_nonce' });
expect(true).to.be.false;
@@ -116,6 +123,25 @@ describe('Public Key Integration Tests', function() {
expect(gotten.userIds[1].verified).to.be.false;
expect(gotten.userIds[1].nonce).to.exist;
});
it('should not verify a second key for already verified user id of another key', function *() {
yield publicKey.put({ publicKeyArmored, primaryEmail:primaryEmail2, origin });
expect(mailsSent.length).to.equal(1);
yield publicKey.put({ publicKeyArmored:publicKeyArmored2, primaryEmail:primaryEmail2, origin });
expect(mailsSent.length).to.equal(2);
yield publicKey.verify(mailsSent[1].params);
try {
yield publicKey.verify(mailsSent[0].params);
expect(true).to.be.false;
} catch(e) {
expect(e.status).to.equal(304);
}
let gotten = yield mongo.get({ keyId:mailsSent[0].params.keyId }, DB_TYPE);
expect(gotten.userIds[1].email).to.equal(primaryEmail2);
expect(gotten.userIds[1].verified).to.be.false;
expect(gotten.userIds[1].nonce).to.equal(mailsSent[0].params.nonce);
});
});
describe('getVerified', () => {
@@ -125,7 +151,7 @@ describe('Public Key Integration Tests', function() {
beforeEach(function *() {
key = pgp.parseKey(publicKeyArmored);
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
yield publicKey.verify(emailParams);
yield publicKey.verify(mailsSent[0].params);
});
it('by fingerprint', function *() {
@@ -189,8 +215,11 @@ describe('Public Key Integration Tests', function() {
});
describe('get', () => {
let emailParams;
beforeEach(function *() {
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
emailParams = mailsSent[0].params;
});
it('should return verified key by key id', function *() {
@@ -246,29 +275,23 @@ describe('Public Key Integration Tests', function() {
beforeEach(function *() {
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
keyId = emailParams.keyId;
keyId = mailsSent[0].params.keyId;
});
it('should work for verified key', function *() {
yield publicKey.verify(emailParams);
emailParams = null;
yield publicKey.verify(mailsSent[0].params);
yield publicKey.requestRemove({ keyId, origin });
expect(emailParams.keyId).to.exist;
expect(emailParams.nonce).to.exist;
expect(mailsSent.length).to.equal(5);
});
it('should work for unverified key', function *() {
emailParams = null;
yield publicKey.requestRemove({ keyId, origin });
expect(emailParams.keyId).to.exist;
expect(emailParams.nonce).to.exist;
expect(mailsSent.length).to.equal(5);
});
it('should work by email address', function *() {
emailParams = null;
yield publicKey.requestRemove({ email:primaryEmail, origin });
expect(emailParams.keyId).to.exist;
expect(emailParams.nonce).to.exist;
expect(mailsSent.length).to.equal(2);
});
it('should throw 404 for no key', function *() {
@@ -287,13 +310,12 @@ describe('Public Key Integration Tests', function() {
beforeEach(function *() {
yield publicKey.put({ publicKeyArmored, primaryEmail, origin });
keyId = emailParams.keyId;
emailParams = null;
keyId = mailsSent[0].params.keyId;
yield publicKey.requestRemove({ keyId, origin });
});
it('should remove key', function *() {
yield publicKey.verifyRemove(emailParams);
yield publicKey.verifyRemove(mailsSent[1].params);
let key = yield mongo.get({ keyId }, DB_TYPE);
expect(key).to.not.exist;
});
@@ -301,7 +323,7 @@ describe('Public Key Integration Tests', function() {
it('should throw 404 for no key', function *() {
yield mongo.remove({ keyId }, DB_TYPE);
try {
yield publicKey.verifyRemove(emailParams);
yield publicKey.verifyRemove(mailsSent[1].params);
expect(false).to.be.true;
} catch(e) {
expect(e.status).to.equal(404);