Slight test improvement for presentCredential API

Signed-off-by: Felix Hoops <9974641+jfelixh@users.noreply.github.com>
GAIA-X4PLC-AAD · Oct 26, 2024 · f5facfb · f5facfb
1 parent a4a8265
commit f5facfb
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 6 deletions.
diff --git a/vclogin/__tests__/unit/pages/api/clientMetadata.test.ts b/vclogin/__tests__/unit/pages/api/clientMetadata.test.ts
@@ -8,7 +8,7 @@ import { createMocks } from "node-mocks-http";
 import handler from "@/api/clientMetadata";
 import type { NextApiRequest, NextApiResponse } from "next";
 
-describe("/api/clientMetadata", () => {
+describe("test /api/clientMetadata", () => {
   const mockRequest = () => {
     const { req, res } = createMocks<NextApiRequest, NextApiResponse>({
       method: "GET",

diff --git a/vclogin/__tests__/unit/pages/api/presentCredential.test.ts b/vclogin/__tests__/unit/pages/api/presentCredential.test.ts
@@ -3,14 +3,16 @@
  * SPDX-License-Identifier: MIT
  */
 
-import { describe, it, expect } from "vitest";
+import { describe, it, expect, vi } from "vitest";
 import { RequestMethod, createMocks } from "node-mocks-http";
 import handler from "@/api/presentCredential";
 import type { NextApiRequest, NextApiResponse } from "next";
 import * as jose from "jose";
 import { keyToDID, keyToVerificationMethod } from "@spruceid/didkit-wasm-node";
+import { Checked, IPresentationDefinition, PEX } from "@sphereon/pex";
+import { reloadConfiguredLoginPolicy } from "@/config/loginPolicy";
 
-describe("api/test/presentCredential", () => {
+describe("test api/presentCredential", () => {
   const mockRequest = (method: RequestMethod) => {
     const { req, res } = createMocks<NextApiRequest, NextApiResponse>({
       method: method,
@@ -30,7 +32,13 @@ describe("api/test/presentCredential", () => {
     expect(res.statusCode).toBe(200);
   });
 
-  it("returns valid JWT", async () => {
+  it("returns valid JWT on GET", async () => {
+    vi.stubEnv(
+      "LOGIN_POLICY",
+      "./__tests__/testdata/policies/acceptEmailFromAltmeConstr.json",
+    );
+    reloadConfiguredLoginPolicy();
+
     const { req, res } = mockRequest("GET");
 
     await handler(req, res);
@@ -71,6 +79,17 @@ describe("api/test/presentCredential", () => {
       typ: "oauth-authz-req+jwt",
     });
 
-    // check that the payload contains a presentation_definition member
+    // check that the payload contains a valid presentation_definition
+    const def = payload.presentation_definition;
+    const checkArray = PEX.validateDefinition(
+      def as IPresentationDefinition,
+    ) as Array<Checked>;
+    const problemCount = checkArray.filter(
+      (check) => check.status !== "info",
+    ).length;
+    expect(problemCount).toBe(0);
+
+    vi.unstubAllEnvs();
+    reloadConfiguredLoginPolicy();
   });
 });
diff --git a/vclogin/middleware.ts b/vclogin/middleware.ts
@@ -13,8 +13,11 @@ export function middleware(req: NextRequest) {
       return new Response("Internal Server Error", { status: 500 });
     }
     const authHeader = req.headers.get("Authorization");
+    if (!authHeader) {
+      return new Response("Unauthorized", { status: 401 });
+    }
     const apiKey = authHeader?.split(" ")[1];
-    if (!authHeader || apiKey !== process.env.INCR_AUTH_API_SECRET) {
+    if (apiKey !== process.env.INCR_AUTH_API_SECRET) {
       return new Response("Unauthorized", { status: 401 });
     }
   }