/
webhook_test.go
151 lines (131 loc) · 4.17 KB
/
webhook_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
package convoy_go
import (
"bytes"
"net/http"
"testing"
"github.com/stretchr/testify/require"
)
func Test_Webhook_VerifyRequest(t *testing.T) {
tests := map[string]struct {
opts *WebhookOpts
req func() *http.Request
expectedError error
}{
"invalid_header": {
opts: &WebhookOpts{
SigHeader: "",
Secret: "random_secret",
},
req: func() *http.Request {
body := bytes.NewBuffer([]byte(``))
req, err := http.NewRequest(http.MethodPost, "localhost:5005", body)
require.NoError(t, err)
return req
},
expectedError: ErrInvalidHeader,
},
"should_verify_simple_hex_signature": {
opts: &WebhookOpts{
Secret: "8IX9njirDG",
Hash: "SHA512",
Encoding: "hex",
},
req: func() *http.Request {
body := bytes.NewBuffer([]byte(`{"email":"test@gmail.com","first_name":"test","last_name":"test"}`))
req, err := http.NewRequest(http.MethodPost, "localhost:5005", body)
require.NoError(t, err)
req.Header.Add(DefaultSigHeader,
"666060cbe1348bbc7ec98f4e93dda8eaaf11bbf283d6a2dd56e841b2ef12fcd465c846903f709942473e1442604798186746f04848702c44a773f80672de7b21")
return req
},
expectedError: nil,
},
"should_verify_simple_base64_signature": {
opts: &WebhookOpts{
Secret: "8IX9njirDG",
Hash: "SHA512",
Encoding: "base64",
},
req: func() *http.Request {
body := bytes.NewBuffer([]byte(`{"email":"test@gmail.com","first_name":"test","last_name":"test"}`))
req, err := http.NewRequest(http.MethodPost, "localhost:5005", body)
require.NoError(t, err)
req.Header.Add(DefaultSigHeader,
"ZmBgy+E0i7x+yY9Ok92o6q8Ru/KD1qLdVuhBsu8S/NRlyEaQP3CZQkc+FEJgR5gYZ0bwSEhwLESnc/gGct57IQ==")
return req
},
expectedError: nil,
},
"invalid_signature_header": {
opts: &WebhookOpts{
Secret: "8IX9njirDG",
Hash: "SHA512",
Encoding: "base64",
},
req: func() *http.Request {
body := bytes.NewBuffer([]byte(`{"email":"test@gmail.com","first_name":"test","last_name":"test"}`))
req, err := http.NewRequest(http.MethodPost, "localhost:5005", body)
require.NoError(t, err)
req.Header.Add(DefaultSigHeader,
"d33C9sJXVO4CnE1hisHHQzUf0inr5KWJH7T8+zvgATTWEgAq5vErZR/xihDXqtok5ubv77xGP/RE++NphZnWLg==")
return req
},
expectedError: ErrInvalidSignature,
},
"should_verify_advanced_hex_signature": {
opts: &WebhookOpts{
Secret: "Convoy",
Hash: "SHA256",
Encoding: "hex",
},
req: func() *http.Request {
body := bytes.NewBuffer([]byte(`{"email":"test@gmail.com"}`))
req, err := http.NewRequest(http.MethodPost, "localhost:5005", body)
require.NoError(t, err)
req.Header.Add(DefaultSigHeader,
"t=2048976161,v1=c6c39e1bd410fc1dc4db90e97039f006d088c950a275296767595d330195088f,v1=6594ee0713f1cc1f54c3f713d06a60718cd10949c7684412f159034d49621e07")
return req
},
expectedError: nil,
},
"should_verify_advanced_base64_signature": {
opts: &WebhookOpts{
Secret: "8IX9njirDG",
Hash: "SHA256",
Encoding: "base64",
},
req: func() *http.Request {
body := bytes.NewBuffer([]byte(`{"email":"test@gmail.com"}`))
req, err := http.NewRequest(http.MethodPost, "localhost:5005", body)
require.NoError(t, err)
req.Header.Add(DefaultSigHeader,
"t=2048976161,v1=afdb90313acfa15a3fc425755ae651a204947710315bb2a90bccaa87fce88998,v1=fLBDCBUiX5iIs0L5zfNq45h23EkX1HAMpFF+2lHrnes=")
return req
},
},
"invalid_timestamp_header": {
opts: &WebhookOpts{
SigHeader: "t=2202-1-1,v1=U5yBiZmFYHiom0A5hEnfLPCoQzndno4ocR45W/zkO+w=",
Secret: "8IX9njirDG",
Hash: "SHA256",
Encoding: "base64",
},
req: func() *http.Request {
body := bytes.NewBuffer([]byte(`{"email":"test@gmail.com"}`))
req, err := http.NewRequest(http.MethodPost, "localhost:5005", body)
require.NoError(t, err)
req.Header.Add(DefaultSigHeader,
"t=2202-1-1,v1=U5yBiZmFYHiom0A5hEnfLPCoQzndno4ocR45W/zkO+w=")
return req
},
expectedError: ErrInvalidHeader,
},
}
for name, tc := range tests {
t.Run(name, func(t *testing.T) {
w := NewWebhook(tc.opts)
err := w.VerifyRequest(tc.req())
require.ErrorIs(t, err, tc.expectedError)
})
}
}