1. Atlassian
  2. Atlassian Connect
  3. atlassian-connect-express

Commits

Bob Bergman  committed 22109e2 Merge

Merge branch 'release/v0.6.4'

  • Participants
  • Parent commits f684c45, ffd6627
  • Branches master
  • Tags v0.6.4

Comments (0)

Files changed (10)

File lib/internal/oauth.js

View file
  • Ignore whitespace
 var encode = encodeURIComponent;
 
 exports.verify = function (options, callback) {
+  if (!options.publicKey) return callback(new Error('OAuth verify requires a public key'));
   var verifier = crypto.createVerify(options.signatureMethod);
   var normParams = normaliseRequestParams(options.query);
   var signatureBase = createSignatureBase(options.method, options.url, normParams);

File lib/middleware/oauth.js

View file
  • Ignore whitespace
         }
         else {
           req.session.acOauthVerified = true;
+          addon.emit('oauth_verification_successful');
           next();
         }
       });

File lib/middleware/webhook-oauth.js

View file
  • Ignore whitespace
   var enabled = addon.descriptor.webhooks('remote_plugin_enabled')[0];
   var enabledUrl = enabled && basePath + enabled.url;
   return function (req, res, next) {
+    addon.emit('webhook_oauth_verification_triggered');
     // allows disabling of oauth for testing/debugging
     if (/no-oauth/.test(process.env.AC_OPTS)) return next();
     var path = urls.parse(req.url).pathname;
     if (!enabled || path !== enabledUrl) {
       // not an installation request, so authenticate normally
       addon.authenticate()(req, res, function () {
-        addon.emit('other_webhook_oauth_verification_triggered');
+        addon.emit('other_webhook_oauth_verification_successful');
         next();
       });
     } else {
               return sendError('Public keys do not match.');
             }
             // the installation request has been validated, so proceed
-            addon.emit('enabled_webhook_oauth_verification_triggered');
+            addon.emit('enabled_webhook_oauth_verification_successful');
             next();
           },
           function (err) {

File lib/store/jugglingdb.js

View file
  • Ignore whitespace
     self._AddonSettings.all({key: key, clientKey: clientKey}, function(err, arry){
       if (err) return promise.reject(err);
       if (arry.length === 0) return promise.resolve(null);
-      promise.resolve(arry[0]);
+      promise.resolve(arry[0].val);
     });
   });
   return promise;
           val: val
         }, function(err, model){
           if (err) return fail(err);
-          promise.resolve(model);
+          promise.resolve(model.val);
         });
       },
       fail

File package.json

View file
  • Ignore whitespace
 {
   "name": "atlassian-connect-express",
-  "version": "0.6.3",
+  "version": "0.6.4",
   "description": "Library for building Atlassian Add-ons on top of Express",
   "dependencies": {
     "express": "~3.3.4",

File test/oauth_test.js

View file
  • Ignore whitespace
   });
 
   it('should oauth-verify routes that require authentication', function(done){
-    var spy = sinon.spy();
-    addon.once('oauth_verification_triggered', spy);
+    var triggered = sinon.spy();
+    addon.once('oauth_verification_triggered', triggered);
+    var successful = sinon.spy();
+    addon.once('oauth_verification_successful', successful);
 
     app.get(
       '/oauth-pass',
     request(signedUrl, {jar: false}, function (err, res) {
       assert.equal(err, null);
       assert.equal(res.statusCode, 204);
-      assert(spy.called);
+      assert.ok(triggered.called);
+      assert.ok(successful.called);
       done();
     });
 
   });
 
   it('should fail to oauth-verify with an unknown client key', function(done){
-    var spy = sinon.spy();
-    addon.once('oauth_verification_triggered', spy);
+    var triggered = sinon.spy();
+    addon.once('oauth_verification_triggered', triggered);
+    var successful = sinon.spy();
+    addon.once('oauth_verification_successful', successful);
 
     app.get(
       '/oauth-unknown-key',
       assert.equal(err, null);
       assert.equal(res.statusCode, 401);
       assert.equal(res.body, 'OAuth consumer unknownClientKey not approved to make requests.');
-      assert(spy.called);
+      assert.ok(triggered.called);
+      assert.ok(!successful.called);
+      addon.removeListener('oauth_verification_successful', successful);
       done();
     });
 
   });
 
   it('should fail to oauth-verify when signed with a bad private key', function(done){
-    var spy = sinon.spy();
-    addon.once('oauth_verification_triggered', spy);
+    var triggered = sinon.spy();
+    addon.once('oauth_verification_triggered', triggered);
+    var successful = sinon.spy();
+    addon.once('oauth_verification_successful', successful);
 
     app.get(
       '/oauth-bad-private-key',
       assert.equal(err, null);
       assert.equal(res.statusCode, 401);
       assert.equal(res.body, 'OAuth request not authenticated: Invalid signature');
-      assert(spy.called);
+      assert.ok(triggered.called);
+      assert.ok(!successful.called);
+      addon.removeListener('oauth_verification_successful', successful);
       done();
     });
 
   });
 
   it('should not oauth-verify unprotected routes', function(done){
-    var spy = sinon.spy();
-    addon.once('oauth_verification_triggered', spy);
+    var triggered = sinon.spy();
+    addon.once('oauth_verification_triggered', triggered);
+    var successful = sinon.spy();
+    addon.once('oauth_verification_successful', successful);
 
     app.get(
       '/unprotected',
       assert.equal(err, null);
       assert.equal(res.statusCode, 200);
       assert.equal(res.body, 'Yay');
-      assert.ok(!spy.called);
-      addon.removeListener('oauth_verification_triggered', spy);
+      assert.ok(!triggered.called);
+      addon.removeListener('oauth_verification_successful', triggered);
+      assert.ok(!successful.called);
+      addon.removeListener('oauth_verification_successful', successful);
       done();
     });
 

File test/registration_test.js

View file
  • Ignore whitespace
   it('should store the host details after installation', function(done){
     addon.on('host_settings_saved', function(key, settings){
       addon.settings.get('clientInfo', key).then(function(d){
-        assert.deepEqual(d.val, settings);
+        assert.deepEqual(d, settings);
         done();
       });
     });

File test/store_test.js

View file
  • Ignore whitespace
   it('should store client info', function(done){
     addon.on('host_settings_saved', function(err, settings){
       addon.settings.get('clientInfo', addOnSettings.clientKey).then(function(settings){
-        assert(settings.clientKey, addOnSettings.clientKey);
+        assert.equal(settings.clientKey, addOnSettings.clientKey);
         done();
-      }).then(null, done);
+      });
     });
   });
 
   it('should allow storing arbitrary key/values', function(done){
     addon.settings.set('arbitrarySetting', 'someValue', addOnSettings.clientKey).then(function(setting){
-      assert(setting.val, '\"someValue\"');
+      assert.equal(setting, 'someValue');
       done();
     })
   });
 
   it('should allow storing arbitrary key/values as JSON', function(done){
     addon.settings.set('arbitrarySetting2', {data: 1}, addOnSettings.clientKey).then(function(setting){
-      assert(setting.val, { data: 1});
+      assert.deepEqual(setting, {data: 1});
       done();
     })
   });

File test/upm_registration_test.js

View file
  • Ignore whitespace
   it('should store the host details after installation', function(done){
     addon.on('host_settings_saved', function(key, settings){
       addon.settings.get('clientInfo', key).then(function(d){
-        assert.deepEqual(d.val, settings);
+        assert.deepEqual(d, settings);
         done();
       });
     });

File test/webhook_test.js

View file
  • Ignore whitespace
   });
 
   it('should perform special oauth verification for the enabled webhook', function(done){
-    var spy = sinon.spy();
-    addon.once('enabled_webhook_oauth_verification_triggered', spy);
+    var triggered = sinon.spy();
+    addon.once('webhook_oauth_verification_triggered', triggered);
+    var successful = sinon.spy();
+    addon.once('enabled_webhook_oauth_verification_successful', successful);
 
     addon.once('remote_plugin_enabled', function (key, body, req) {
-      assert(spy.called);
+      assert(triggered.called);
+      assert(successful.called);
       done();
     });
 
   });
 
   it('should perform normal oauth verification for other webhooks', function(done){
-    var spy = sinon.spy();
-    addon.once('other_webhook_oauth_verification_triggered', spy);
+    var triggered = sinon.spy();
+    addon.once('webhook_oauth_verification_triggered', triggered);
+    var successful = sinon.spy();
+    addon.once('other_webhook_oauth_verification_successful', successful);
 
     addon.once('remote_plugin_test_hook', function (key, body, req) {
-      assert(spy.called);
+      assert(triggered.called);
+      assert(successful.called);
       done();
     });