update tests and utils

devksingh4 · devksingh4 · commit b2e9f082ff54 · 2025-02-05T20:14:13.000Z
diff --git a/generate_jwt.js b/generate_jwt.js
@@ -1,36 +1,36 @@
-import jwt from 'jsonwebtoken';
+import jwt from "jsonwebtoken";
 import * as dotenv from "dotenv";
 dotenv.config();
 
-const username = process.env.JWTGEN_USERNAME || 'infra@acm.illinois.edu'
+const username = process.env.JWTGEN_USERNAME || "infra@acm.illinois.edu"
 const payload = {
-    aud: "custom_jwt",
-    iss: "custom_jwt",
-    iat: Math.floor(Date.now() / 1000),
-    nbf: Math.floor(Date.now() / 1000),
-    exp: Math.floor(Date.now() / 1000) + (3600 * 24), // Token expires after 24 hour
-    acr: "1",
-    aio: "AXQAi/8TAAAA",
-    amr: ["pwd"],
-    appid: "your-app-id",
-    appidacr: "1",
-    email: username,
-    groups: ["0"],
-    idp: "https://login.microsoftonline.com",
-    ipaddr: "192.168.1.1",
-    name: "Doe, John",
-    oid: "00000000-0000-0000-0000-000000000000",
-    rh: "rh-value",
-    scp: "user_impersonation",
-    sub: "subject",
-    tid: "tenant-id",
-    unique_name: username,
-    uti: "uti-value",
-    ver: "1.0"
+  aud: "custom_jwt",
+  iss: "custom_jwt",
+  iat: Math.floor(Date.now() / 1000),
+  nbf: Math.floor(Date.now() / 1000),
+  exp: Math.floor(Date.now() / 1000) + 3600 * 24, // Token expires after 24 hour
+  acr: "1",
+  aio: "AXQAi/8TAAAA",
+  amr: ["pwd"],
+  appid: "your-app-id",
+  appidacr: "1",
+  email: username,
+  groups: ["0"],
+  idp: "https://login.microsoftonline.com",
+  ipaddr: "192.168.1.1",
+  name: "Doe, John",
+  oid: "00000000-0000-0000-0000-000000000000",
+  rh: "rh-value",
+  scp: "user_impersonation",
+  sub: "subject",
+  tid: "tenant-id",
+  unique_name: username,
+  uti: "uti-value",
+  ver: "1.0",
 };
 
 const secretKey = process.env.JwtSigningKey;
-const token = jwt.sign(payload, secretKey, { algorithm: 'HS256' });
-console.log(`USERNAME=${username}`)
-console.log('=====================')
-console.log(token)
+const token = jwt.sign(payload, secretKey, { algorithm: "HS256" });
+console.log(`USERNAME=${username}`);
+console.log("=====================");
+console.log(token);
diff --git a/src/api/routes/events.ts b/src/api/routes/events.ts
@@ -17,6 +17,7 @@ import {
   DatabaseFetchError,
   DatabaseInsertError,
   DiscordEventError,
+  NotFoundError,
   ValidationError,
 } from "../../common/errors/index.js";
 import { randomUUID } from "crypto";
@@ -85,7 +86,7 @@ const eventsPlugin: FastifyPluginAsync = async (fastify, _options) => {
     "/:id?",
     {
       schema: {
-        response: { 200: responseJsonSchema },
+        response: { 201: responseJsonSchema },
       },
       preValidation: async (request, reply) => {
         await fastify.zodValidateBody(request, reply, postRequestSchema);
@@ -168,7 +169,7 @@ const eventsPlugin: FastifyPluginAsync = async (fastify, _options) => {
           }
           throw new DiscordEventError({});
         }
-        reply.send({
+        reply.status(201).send({
           id: entryUUID,
           resource: `/api/v1/events/${entryUUID}`,
         });
@@ -211,10 +212,15 @@ const eventsPlugin: FastifyPluginAsync = async (fastify, _options) => {
         );
         const items = response.Items?.map((item) => unmarshall(item));
         if (items?.length !== 1) {
-          throw new Error("Event not found");
+          throw new NotFoundError({
+            endpointName: request.url,
+          });
         }
         reply.send(items[0]);
       } catch (e: unknown) {
+        if (e instanceof BaseError) {
+          throw e;
+        }
         if (e instanceof Error) {
           request.log.error("Failed to get from DynamoDB: " + e.toString());
         }
@@ -233,7 +239,7 @@ const eventsPlugin: FastifyPluginAsync = async (fastify, _options) => {
     "/:id",
     {
       schema: {
-        response: { 200: responseJsonSchema },
+        response: { 201: responseJsonSchema },
       },
       onRequest: async (request, reply) => {
         await fastify.authorize(request, reply, [AppRoles.EVENTS_MANAGER]);
@@ -254,7 +260,7 @@ const eventsPlugin: FastifyPluginAsync = async (fastify, _options) => {
           true,
           request.log,
         );
-        reply.send({
+        reply.status(201).send({
           id,
           resource: `/api/v1/events/${id}`,
         });
diff --git a/tests/live/events.test.ts b/tests/live/events.test.ts
@@ -1,11 +1,67 @@
 import { expect, test } from "vitest";
 import { EventsGetResponse } from "../../src/api/routes/events.js";
+import { createJwt } from "./utils.js";
 
 const baseEndpoint = `https://infra-core-api.aws.qa.acmuiuc.org`;
-
+let createdEventUuid;
 test("getting events", async () => {
   const response = await fetch(`${baseEndpoint}/api/v1/events`);
   expect(response.status).toBe(200);
   const responseJson = (await response.json()) as EventsGetResponse;
   expect(responseJson.length).greaterThan(0);
 });
+
+test("creating an event", async () => {
+  const token = await createJwt();
+  const response = await fetch(`${baseEndpoint}/api/v1/events`, {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${token}`,
+      "Content-Type": "application/json",
+    },
+    body: JSON.stringify({
+      title: "Testing Event",
+      description: "An event of all time",
+      start: "2024-12-31T02:00:00",
+      end: "2024-12-31T03:30:00",
+      location: "ACM Room (Siebel 1104)",
+      host: "ACM",
+      featured: true,
+    }),
+  });
+  expect(response.status).toBe(200);
+  const responseJson = await response.json();
+  expect(responseJson).toHaveProperty("id");
+  expect(responseJson).toHaveProperty("resource");
+  createdEventUuid = responseJson.id;
+});
+
+test.runIf(createdEventUuid)(
+  "deleting a previously-created event",
+  async () => {
+    const token = await createJwt();
+    const response = await fetch(
+      `${baseEndpoint}/api/v1/events/${createdEventUuid}`,
+      {
+        method: "DELETE",
+        headers: {
+          Authorization: `Bearer ${token}`,
+        },
+      },
+    );
+    expect(response.status).toBe(201);
+  },
+);
+
+test.runIf(createdEventUuid)(
+  "check that deleted events cannot be found",
+  async () => {
+    const response = await fetch(
+      `${baseEndpoint}/api/v1/events/${createdEventUuid}`,
+      {
+        method: "GET",
+      },
+    );
+    expect(response.status).toBe(404);
+  },
+);
diff --git a/tests/live/stripe.test.ts b/tests/live/stripe.test.ts
@@ -0,0 +1,46 @@
+import { expect, test, describe } from "vitest";
+import { createJwt } from "./utils";
+
+const baseEndpoint = `https://infra-core-api.aws.qa.acmuiuc.org`;
+
+describe("Stripe live API authentication", async () => {
+  const token = await createJwt();
+  test(
+    "Test that auth is present on the GET route",
+    { timeout: 10000 },
+    async () => {
+      const response = await fetch(
+        `${baseEndpoint}/api/v1/stripe/paymentLinks`,
+        { method: "GET" },
+      );
+      expect(response.status).toBe(403);
+    },
+  );
+  test(
+    "Test that auth is present on the POST route",
+    { timeout: 10000 },
+    async () => {
+      const response = await fetch(
+        `${baseEndpoint}/api/v1/stripe/paymentLinks`,
+        { method: "POST" },
+      );
+      expect(response.status).toBe(403);
+    },
+  );
+  test(
+    "Test that getting existing links succeeds",
+    { timeout: 10000 },
+    async () => {
+      const response = await fetch(
+        `${baseEndpoint}/api/v1/stripe/paymentLinks`,
+        {
+          method: "GET",
+          headers: {
+            Authorization: `Bearer ${token}`,
+          },
+        },
+      );
+      expect(response.status).toBe(200);
+    },
+  );
+});
diff --git a/tests/live/utils.ts b/tests/live/utils.ts
@@ -0,0 +1,72 @@
+import jwt from "jsonwebtoken";
+import {
+  SecretsManagerClient,
+  GetSecretValueCommand,
+} from "@aws-sdk/client-secrets-manager";
+
+export const getSecretValue = async (
+  secretId: string,
+): Promise<Record<string, string | number | boolean> | null> => {
+  const smClient = new SecretsManagerClient({
+    region: process.env.AWS_REGION || "us-east-1",
+  });
+  const data = await smClient.send(
+    new GetSecretValueCommand({ SecretId: secretId }),
+  );
+  if (!data.SecretString) {
+    return null;
+  }
+  try {
+    return JSON.parse(data.SecretString) as Record<
+      string,
+      string | number | boolean
+    >;
+  } catch {
+    return null;
+  }
+};
+
+async function getSecrets() {
+  const response = { JWTKEY: "" };
+  let keyData;
+  if (!process.env.JWT_KEY) {
+    keyData = await getSecretValue("infra-core-api-config");
+  }
+  response["JWTKEY"] =
+    process.env.JWT_KEY || (keyData ? keyData["jwt_key"] : "");
+  return response;
+}
+
+export async function createJwt(
+  username: string = "infra@acm.illinois.edu",
+  groups: string[] = ["0"],
+) {
+  const secretData = await getSecrets();
+  const payload = {
+    aud: "custom_jwt",
+    iss: "custom_jwt",
+    iat: Math.floor(Date.now() / 1000),
+    nbf: Math.floor(Date.now() / 1000),
+    exp: Math.floor(Date.now() / 1000) + 3600 * 24, // Token expires after 24 hour
+    acr: "1",
+    aio: "AXQAi/8TAAAA",
+    amr: ["pwd"],
+    appid: "your-app-id",
+    appidacr: "1",
+    email: username,
+    groups,
+    idp: "https://login.microsoftonline.com",
+    ipaddr: "192.168.1.1",
+    name: "Doe, John",
+    oid: "00000000-0000-0000-0000-000000000000",
+    rh: "rh-value",
+    scp: "user_impersonation",
+    sub: "subject",
+    tid: "tenant-id",
+    unique_name: username,
+    uti: "uti-value",
+    ver: "1.0",
+  };
+  const token = jwt.sign(payload, secretData.JWTKEY, { algorithm: "HS256" });
+  return token;
+}
diff --git a/tests/unit/discordEvent.test.ts b/tests/unit/discordEvent.test.ts
@@ -51,7 +51,7 @@ describe("Test Events <-> Discord integration", () => {
         title: "Fall Semiformal",
         paidEventId: "sp24_semiformal",
       });
-    expect(response.statusCode).toBe(200);
+    expect(response.statusCode).toBe(201);
     expect((updateDiscord as Mock).mock.calls.length).toBe(1);
   });
 
@@ -76,7 +76,7 @@ describe("Test Events <-> Discord integration", () => {
         repeats: "weekly",
         paidEventId: "sp24_semiformal",
       });
-    expect(response.statusCode).toBe(200);
+    expect(response.statusCode).toBe(201);
     expect((updateDiscord as Mock).mock.calls.length).toBe(0);
   });
 
diff --git a/tests/unit/eventPost.test.ts b/tests/unit/eventPost.test.ts
@@ -150,7 +150,7 @@ test("Happy path: Adding a non-repeating, featured, paid event", async () => {
       paidEventId: "sp24_semiformal",
     });
 
-  expect(response.statusCode).toBe(200);
+  expect(response.statusCode).toBe(201);
   const responseDataJson = response.body as { id: string; resource: string };
   expect(responseDataJson).toHaveProperty("id");
   const uuid = responseDataJson["id"];
@@ -182,7 +182,7 @@ test("Happy path: Adding a weekly repeating, non-featured, paid event", async ()
       paidEventId: "sp24_semiformal",
     });
 
-  expect(response.statusCode).toBe(200);
+  expect(response.statusCode).toBe(201);
   const responseDataJson = response.body as { id: string; resource: string };
   expect(responseDataJson).toHaveProperty("id");
   const uuid = responseDataJson["id"];
