bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-14 15:23:33 +00:00
Code Issues Releases Wiki Activity

[PM-2132] Move all specs to the src directory (#5367)

Browse Source
This commit is contained in:
Oscar Hinton
2023-05-09 11:27:09 +02:00
committed by GitHub
parent 96ba8b3233
commit 5f825e10f9
46 changed files with 117 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
libs/common/src/admin-console/models/domain/collection.spec.ts Normal file
View File

@@ -0,0 +1,66 @@
import { mockEnc } from "../../../../spec";
import { CollectionData } from "../data/collection.data";
import { Collection } from "./collection";
describe("Collection", () => {
let data: CollectionData;
beforeEach(() => {
data = {
id: "id",
organizationId: "orgId",
name: "encName",
externalId: "extId",
readOnly: true,
};
});
it("Convert from empty", () => {
const data = new CollectionData({} as any);
const card = new Collection(data);
expect(card).toEqual({
externalId: null,
hidePasswords: null,
id: null,
name: null,
organizationId: null,
readOnly: null,
});
});
it("Convert", () => {
const collection = new Collection(data);
expect(collection).toEqual({
id: "id",
organizationId: "orgId",
name: { encryptedString: "encName", encryptionType: 0 },
externalId: "extId",
readOnly: true,
hidePasswords: null,
});
});
it("Decrypt", async () => {
const collection = new Collection();
collection.id = "id";
collection.organizationId = "orgId";
collection.name = mockEnc("encName");
collection.externalId = "extId";
collection.readOnly = false;
collection.hidePasswords = false;
const view = await collection.decrypt();
expect(view).toEqual({
externalId: "extId",
hidePasswords: false,
id: "id",
name: "encName",
organizationId: "orgId",
readOnly: false,
});
});
});

171
libs/common/src/admin-console/services/organization/organization.service.spec.ts Normal file
View File

@@ -0,0 +1,171 @@
import { MockProxy, mock, any, mockClear } from "jest-mock-extended";
import { BehaviorSubject, firstValueFrom } from "rxjs";
import { StateService } from "../../../abstractions/state.service";
import { OrganizationData } from "../../models/data/organization.data";
import { OrganizationService } from "./organization.service";
describe("Organization Service", () => {
let organizationService: OrganizationService;
let stateService: MockProxy<StateService>;
let activeAccount: BehaviorSubject<string>;
let activeAccountUnlocked: BehaviorSubject<boolean>;
const resetStateService = async (
customizeStateService: (stateService: MockProxy<StateService>) => void
) => {
mockClear(stateService);
stateService = mock<StateService>();
stateService.activeAccount$ = activeAccount;
stateService.activeAccountUnlocked$ = activeAccountUnlocked;
customizeStateService(stateService);
organizationService = new OrganizationService(stateService);
await new Promise((r) => setTimeout(r, 50));
};
beforeEach(() => {
activeAccount = new BehaviorSubject("123");
activeAccountUnlocked = new BehaviorSubject(true);
stateService = mock<StateService>();
stateService.activeAccount$ = activeAccount;
stateService.activeAccountUnlocked$ = activeAccountUnlocked;
stateService.getOrganizations.calledWith(any()).mockResolvedValue({
"1": organizationData("1", "Test Org"),
});
organizationService = new OrganizationService(stateService);
});
afterEach(() => {
activeAccount.complete();
activeAccountUnlocked.complete();
});
it("getAll", async () => {
const orgs = await organizationService.getAll();
expect(orgs).toHaveLength(1);
const org = orgs[0];
expect(org).toEqual({
id: "1",
name: "Test Org",
identifier: "test",
});
});
describe("canManageSponsorships", () => {
it("can because one is available", async () => {
await resetStateService((stateService) => {
stateService.getOrganizations.mockResolvedValue({
"1": { ...organizationData("1", "Org"), familySponsorshipAvailable: true },
});
});
const result = await organizationService.canManageSponsorships();
expect(result).toBe(true);
});
it("can because one is used", async () => {
await resetStateService((stateService) => {
stateService.getOrganizations.mockResolvedValue({
"1": { ...organizationData("1", "Test Org"), familySponsorshipFriendlyName: "Something" },
});
});
const result = await organizationService.canManageSponsorships();
expect(result).toBe(true);
});
it("can not because one isn't available or taken", async () => {
await resetStateService((stateService) => {
stateService.getOrganizations.mockResolvedValue({
"1": { ...organizationData("1", "Org"), familySponsorshipFriendlyName: null },
});
});
const result = await organizationService.canManageSponsorships();
expect(result).toBe(false);
});
});
describe("get", () => {
it("exists", async () => {
const result = organizationService.get("1");
expect(result).toEqual({
id: "1",
name: "Test Org",
identifier: "test",
});
});
it("does not exist", async () => {
const result = organizationService.get("2");
expect(result).toBe(undefined);
});
});
it("upsert", async () => {
await organizationService.upsert(organizationData("2", "Test 2"));
expect(await firstValueFrom(organizationService.organizations$)).toEqual([
{
id: "1",
name: "Test Org",
identifier: "test",
},
{
id: "2",
name: "Test 2",
identifier: "test",
},
]);
});
describe("getByIdentifier", () => {
it("exists", async () => {
const result = organizationService.getByIdentifier("test");
expect(result).toEqual({
id: "1",
name: "Test Org",
identifier: "test",
});
});
it("does not exist", async () => {
const result = organizationService.getByIdentifier("blah");
expect(result).toBeUndefined();
});
});
describe("delete", () => {
it("exists", async () => {
await organizationService.delete("1");
expect(stateService.getOrganizations).toHaveBeenCalledTimes(2);
expect(stateService.setOrganizations).toHaveBeenCalledTimes(1);
});
it("does not exist", async () => {
organizationService.delete("1");
expect(stateService.getOrganizations).toHaveBeenCalledTimes(2);
});
});
function organizationData(id: string, name: string) {
const data = new OrganizationData({} as any, {} as any);
data.id = id;
data.name = name;
data.identifier = "test";
return data;
}
});

127
libs/common/src/misc/sequentialize.spec.ts Normal file
View File

@@ -0,0 +1,127 @@
import { sequentialize } from "./sequentialize";
describe("sequentialize decorator", () => {
it("should call the function once", async () => {
const foo = new Foo();
const promises = [];
for (let i = 0; i < 10; i++) {
promises.push(foo.bar(1));
}
await Promise.all(promises);
expect(foo.calls).toBe(1);
});
it("should call the function once for each instance of the object", async () => {
const foo = new Foo();
const foo2 = new Foo();
const promises = [];
for (let i = 0; i < 10; i++) {
promises.push(foo.bar(1));
promises.push(foo2.bar(1));
}
await Promise.all(promises);
expect(foo.calls).toBe(1);
expect(foo2.calls).toBe(1);
});
it("should call the function once with key function", async () => {
const foo = new Foo();
const promises = [];
for (let i = 0; i < 10; i++) {
promises.push(foo.baz(1));
}
await Promise.all(promises);
expect(foo.calls).toBe(1);
});
it("should call the function again when already resolved", async () => {
const foo = new Foo();
await foo.bar(1);
expect(foo.calls).toBe(1);
await foo.bar(1);
expect(foo.calls).toBe(2);
});
it("should call the function again when already resolved with a key function", async () => {
const foo = new Foo();
await foo.baz(1);
expect(foo.calls).toBe(1);
await foo.baz(1);
expect(foo.calls).toBe(2);
});
it("should call the function for each argument", async () => {
const foo = new Foo();
await Promise.all([foo.bar(1), foo.bar(1), foo.bar(2), foo.bar(2), foo.bar(3), foo.bar(3)]);
expect(foo.calls).toBe(3);
});
it("should call the function for each argument with key function", async () => {
const foo = new Foo();
await Promise.all([foo.baz(1), foo.baz(1), foo.baz(2), foo.baz(2), foo.baz(3), foo.baz(3)]);
expect(foo.calls).toBe(3);
});
it("should return correct result for each call", async () => {
const foo = new Foo();
const allRes: number[] = [];
await Promise.all([
foo.bar(1).then((res) => allRes.push(res)),
foo.bar(1).then((res) => allRes.push(res)),
foo.bar(2).then((res) => allRes.push(res)),
foo.bar(2).then((res) => allRes.push(res)),
foo.bar(3).then((res) => allRes.push(res)),
foo.bar(3).then((res) => allRes.push(res)),
]);
expect(foo.calls).toBe(3);
expect(allRes.length).toBe(6);
allRes.sort();
expect(allRes).toEqual([2, 2, 4, 4, 6, 6]);
});
it("should return correct result for each call with key function", async () => {
const foo = new Foo();
const allRes: number[] = [];
await Promise.all([
foo.baz(1).then((res) => allRes.push(res)),
foo.baz(1).then((res) => allRes.push(res)),
foo.baz(2).then((res) => allRes.push(res)),
foo.baz(2).then((res) => allRes.push(res)),
foo.baz(3).then((res) => allRes.push(res)),
foo.baz(3).then((res) => allRes.push(res)),
]);
expect(foo.calls).toBe(3);
expect(allRes.length).toBe(6);
allRes.sort();
expect(allRes).toEqual([3, 3, 6, 6, 9, 9]);
});
});
class Foo {
calls = 0;
@sequentialize((args) => "bar" + args[0])
bar(a: number): Promise<number> {
this.calls++;
return new Promise((res) => {
setTimeout(() => {
res(a * 2);
}, Math.random() * 100);
});
}
@sequentialize((args) => "baz" + args[0])
baz(a: number): Promise<number> {
this.calls++;
return new Promise((res) => {
setTimeout(() => {
res(a * 3);
}, Math.random() * 100);
});
}
}

110
libs/common/src/misc/throttle.spec.ts Normal file
View File

@@ -0,0 +1,110 @@
import { sequentialize } from "./sequentialize";
import { throttle } from "./throttle";
describe("throttle decorator", () => {
it("should call the function once at a time", async () => {
const foo = new Foo();
const promises = [];
for (let i = 0; i < 10; i++) {
promises.push(foo.bar(1));
}
await Promise.all(promises);
expect(foo.calls).toBe(10);
});
it("should call the function once at a time for each object", async () => {
const foo = new Foo();
const foo2 = new Foo();
const promises = [];
for (let i = 0; i < 10; i++) {
promises.push(foo.bar(1));
promises.push(foo2.bar(1));
}
await Promise.all(promises);
expect(foo.calls).toBe(10);
expect(foo2.calls).toBe(10);
});
it("should call the function limit at a time", async () => {
const foo = new Foo();
const promises = [];
for (let i = 0; i < 10; i++) {
promises.push(foo.baz(1));
}
await Promise.all(promises);
expect(foo.calls).toBe(10);
});
it("should call the function limit at a time for each object", async () => {
const foo = new Foo();
const foo2 = new Foo();
const promises = [];
for (let i = 0; i < 10; i++) {
promises.push(foo.baz(1));
promises.push(foo2.baz(1));
}
await Promise.all(promises);
expect(foo.calls).toBe(10);
expect(foo2.calls).toBe(10);
});
it("should work together with sequentialize", async () => {
const foo = new Foo();
const promises = [];
for (let i = 0; i < 10; i++) {
promises.push(foo.qux(Math.floor(i / 2) * 2));
}
await Promise.all(promises);
expect(foo.calls).toBe(5);
});
});
class Foo {
calls = 0;
inflight = 0;
@throttle(1, () => "bar")
bar(a: number) {
this.calls++;
this.inflight++;
return new Promise((res) => {
setTimeout(() => {
expect(this.inflight).toBe(1);
this.inflight--;
res(a * 2);
}, Math.random() * 10);
});
}
@throttle(5, () => "baz")
baz(a: number) {
this.calls++;
this.inflight++;
return new Promise((res) => {
setTimeout(() => {
expect(this.inflight).toBeLessThanOrEqual(5);
this.inflight--;
res(a * 3);
}, Math.random() * 10);
});
}
@sequentialize((args) => "qux" + args[0])
@throttle(1, () => "qux")
qux(a: number) {
this.calls++;
this.inflight++;
return new Promise((res) => {
setTimeout(() => {
expect(this.inflight).toBe(1);
this.inflight--;
res(a * 3);
}, Math.random() * 10);
});
}
}

361
libs/common/src/misc/utils.spec.ts Normal file
View File

@@ -0,0 +1,361 @@
import * as path from "path";
import { Utils } from "./utils";
describe("Utils Service", () => {
describe("getDomain", () => {
it("should fail for invalid urls", () => {
expect(Utils.getDomain(null)).toBeNull();
expect(Utils.getDomain(undefined)).toBeNull();
expect(Utils.getDomain(" ")).toBeNull();
expect(Utils.getDomain('https://bit!:"_&ward.com')).toBeNull();
expect(Utils.getDomain("bitwarden")).toBeNull();
});
it("should fail for data urls", () => {
expect(Utils.getDomain("data:image/jpeg;base64,AAA")).toBeNull();
});
it("should fail for about urls", () => {
expect(Utils.getDomain("about")).toBeNull();
expect(Utils.getDomain("about:")).toBeNull();
expect(Utils.getDomain("about:blank")).toBeNull();
});
it("should fail for file url", () => {
expect(Utils.getDomain("file:///C://somefolder/form.pdf")).toBeNull();
});
it("should handle urls without protocol", () => {
expect(Utils.getDomain("bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("wrong://bitwarden.com")).toBe("bitwarden.com");
});
it("should handle valid urls", () => {
expect(Utils.getDomain("bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("http://bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("https://bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("www.bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("http://www.bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("https://www.bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("vault.bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("http://vault.bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("https://vault.bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("www.vault.bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("http://www.vault.bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getDomain("https://www.vault.bitwarden.com")).toBe("bitwarden.com");
expect(
Utils.getDomain("user:password@bitwarden.com:8080/password/sites?and&query#hash")
).toBe("bitwarden.com");
expect(
Utils.getDomain("http://user:password@bitwarden.com:8080/password/sites?and&query#hash")
).toBe("bitwarden.com");
expect(
Utils.getDomain("https://user:password@bitwarden.com:8080/password/sites?and&query#hash")
).toBe("bitwarden.com");
expect(Utils.getDomain("bitwarden.unknown")).toBe("bitwarden.unknown");
expect(Utils.getDomain("http://bitwarden.unknown")).toBe("bitwarden.unknown");
expect(Utils.getDomain("https://bitwarden.unknown")).toBe("bitwarden.unknown");
});
it("should handle valid urls with an underscore in subdomain", () => {
expect(Utils.getDomain("my_vault.bitwarden.com/")).toBe("bitwarden.com");
expect(Utils.getDomain("http://my_vault.bitwarden.com/")).toBe("bitwarden.com");
expect(Utils.getDomain("https://my_vault.bitwarden.com/")).toBe("bitwarden.com");
});
it("should support urls containing umlauts", () => {
expect(Utils.getDomain("bütwarden.com")).toBe("bütwarden.com");
expect(Utils.getDomain("http://bütwarden.com")).toBe("bütwarden.com");
expect(Utils.getDomain("https://bütwarden.com")).toBe("bütwarden.com");
expect(Utils.getDomain("subdomain.bütwarden.com")).toBe("bütwarden.com");
expect(Utils.getDomain("http://subdomain.bütwarden.com")).toBe("bütwarden.com");
expect(Utils.getDomain("https://subdomain.bütwarden.com")).toBe("bütwarden.com");
});
it("should support punycode urls", () => {
expect(Utils.getDomain("xn--btwarden-65a.com")).toBe("xn--btwarden-65a.com");
expect(Utils.getDomain("xn--btwarden-65a.com")).toBe("xn--btwarden-65a.com");
expect(Utils.getDomain("xn--btwarden-65a.com")).toBe("xn--btwarden-65a.com");
expect(Utils.getDomain("subdomain.xn--btwarden-65a.com")).toBe("xn--btwarden-65a.com");
expect(Utils.getDomain("http://subdomain.xn--btwarden-65a.com")).toBe("xn--btwarden-65a.com");
expect(Utils.getDomain("https://subdomain.xn--btwarden-65a.com")).toBe(
"xn--btwarden-65a.com"
);
});
it("should support localhost", () => {
expect(Utils.getDomain("localhost")).toBe("localhost");
expect(Utils.getDomain("http://localhost")).toBe("localhost");
expect(Utils.getDomain("https://localhost")).toBe("localhost");
});
it("should support localhost with subdomain", () => {
expect(Utils.getDomain("subdomain.localhost")).toBe("localhost");
expect(Utils.getDomain("http://subdomain.localhost")).toBe("localhost");
expect(Utils.getDomain("https://subdomain.localhost")).toBe("localhost");
});
it("should support IPv4", () => {
expect(Utils.getDomain("192.168.1.1")).toBe("192.168.1.1");
expect(Utils.getDomain("http://192.168.1.1")).toBe("192.168.1.1");
expect(Utils.getDomain("https://192.168.1.1")).toBe("192.168.1.1");
});
it("should support IPv6", () => {
expect(Utils.getDomain("[2620:fe::fe]")).toBe("2620:fe::fe");
expect(Utils.getDomain("http://[2620:fe::fe]")).toBe("2620:fe::fe");
expect(Utils.getDomain("https://[2620:fe::fe]")).toBe("2620:fe::fe");
});
it("should reject invalid hostnames", () => {
expect(Utils.getDomain("https://mywebsite.com$.mywebsite.com")).toBeNull();
expect(Utils.getDomain("https://mywebsite.com!.mywebsite.com")).toBeNull();
});
});
describe("getHostname", () => {
it("should fail for invalid urls", () => {
expect(Utils.getHostname(null)).toBeNull();
expect(Utils.getHostname(undefined)).toBeNull();
expect(Utils.getHostname(" ")).toBeNull();
expect(Utils.getHostname('https://bit!:"_&ward.com')).toBeNull();
});
it("should fail for data urls", () => {
expect(Utils.getHostname("data:image/jpeg;base64,AAA")).toBeNull();
});
it("should fail for about urls", () => {
expect(Utils.getHostname("about")).toBe("about");
expect(Utils.getHostname("about:")).toBeNull();
expect(Utils.getHostname("about:blank")).toBeNull();
});
it("should fail for file url", () => {
expect(Utils.getHostname("file:///C:/somefolder/form.pdf")).toBeNull();
});
it("should handle valid urls", () => {
expect(Utils.getHostname("bitwarden")).toBe("bitwarden");
expect(Utils.getHostname("http://bitwarden")).toBe("bitwarden");
expect(Utils.getHostname("https://bitwarden")).toBe("bitwarden");
expect(Utils.getHostname("bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getHostname("http://bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getHostname("https://bitwarden.com")).toBe("bitwarden.com");
expect(Utils.getHostname("www.bitwarden.com")).toBe("www.bitwarden.com");
expect(Utils.getHostname("http://www.bitwarden.com")).toBe("www.bitwarden.com");
expect(Utils.getHostname("https://www.bitwarden.com")).toBe("www.bitwarden.com");
expect(Utils.getHostname("vault.bitwarden.com")).toBe("vault.bitwarden.com");
expect(Utils.getHostname("http://vault.bitwarden.com")).toBe("vault.bitwarden.com");
expect(Utils.getHostname("https://vault.bitwarden.com")).toBe("vault.bitwarden.com");
expect(Utils.getHostname("www.vault.bitwarden.com")).toBe("www.vault.bitwarden.com");
expect(Utils.getHostname("http://www.vault.bitwarden.com")).toBe("www.vault.bitwarden.com");
expect(Utils.getHostname("https://www.vault.bitwarden.com")).toBe("www.vault.bitwarden.com");
expect(
Utils.getHostname("user:password@bitwarden.com:8080/password/sites?and&query#hash")
).toBe("bitwarden.com");
expect(
Utils.getHostname("https://user:password@bitwarden.com:8080/password/sites?and&query#hash")
).toBe("bitwarden.com");
expect(Utils.getHostname("https://bitwarden.unknown")).toBe("bitwarden.unknown");
});
it("should handle valid urls with an underscore in subdomain", () => {
expect(Utils.getHostname("my_vault.bitwarden.com/")).toBe("my_vault.bitwarden.com");
expect(Utils.getHostname("http://my_vault.bitwarden.com/")).toBe("my_vault.bitwarden.com");
expect(Utils.getHostname("https://my_vault.bitwarden.com/")).toBe("my_vault.bitwarden.com");
});
it("should support urls containing umlauts", () => {
expect(Utils.getHostname("bütwarden.com")).toBe("bütwarden.com");
expect(Utils.getHostname("http://bütwarden.com")).toBe("bütwarden.com");
expect(Utils.getHostname("https://bütwarden.com")).toBe("bütwarden.com");
expect(Utils.getHostname("subdomain.bütwarden.com")).toBe("subdomain.bütwarden.com");
expect(Utils.getHostname("http://subdomain.bütwarden.com")).toBe("subdomain.bütwarden.com");
expect(Utils.getHostname("https://subdomain.bütwarden.com")).toBe("subdomain.bütwarden.com");
});
it("should support punycode urls", () => {
expect(Utils.getHostname("xn--btwarden-65a.com")).toBe("xn--btwarden-65a.com");
expect(Utils.getHostname("xn--btwarden-65a.com")).toBe("xn--btwarden-65a.com");
expect(Utils.getHostname("xn--btwarden-65a.com")).toBe("xn--btwarden-65a.com");
expect(Utils.getHostname("subdomain.xn--btwarden-65a.com")).toBe(
"subdomain.xn--btwarden-65a.com"
);
expect(Utils.getHostname("http://subdomain.xn--btwarden-65a.com")).toBe(
"subdomain.xn--btwarden-65a.com"
);
expect(Utils.getHostname("https://subdomain.xn--btwarden-65a.com")).toBe(
"subdomain.xn--btwarden-65a.com"
);
});
it("should support localhost", () => {
expect(Utils.getHostname("localhost")).toBe("localhost");
expect(Utils.getHostname("http://localhost")).toBe("localhost");
expect(Utils.getHostname("https://localhost")).toBe("localhost");
});
it("should support localhost with subdomain", () => {
expect(Utils.getHostname("subdomain.localhost")).toBe("subdomain.localhost");
expect(Utils.getHostname("http://subdomain.localhost")).toBe("subdomain.localhost");
expect(Utils.getHostname("https://subdomain.localhost")).toBe("subdomain.localhost");
});
it("should support IPv4", () => {
expect(Utils.getHostname("192.168.1.1")).toBe("192.168.1.1");
expect(Utils.getHostname("http://192.168.1.1")).toBe("192.168.1.1");
expect(Utils.getHostname("https://192.168.1.1")).toBe("192.168.1.1");
});
it("should support IPv6", () => {
expect(Utils.getHostname("[2620:fe::fe]")).toBe("2620:fe::fe");
expect(Utils.getHostname("http://[2620:fe::fe]")).toBe("2620:fe::fe");
expect(Utils.getHostname("https://[2620:fe::fe]")).toBe("2620:fe::fe");
});
});
describe("newGuid", () => {
it("should create a valid guid", () => {
const validGuid =
/^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
expect(Utils.newGuid()).toMatch(validGuid);
});
});
describe("fromByteStringToArray", () => {
it("should handle null", () => {
expect(Utils.fromByteStringToArray(null)).toEqual(null);
});
});
describe("mapToRecord", () => {
it("should handle null", () => {
expect(Utils.mapToRecord(null)).toEqual(null);
});
it("should handle empty map", () => {
expect(Utils.mapToRecord(new Map())).toEqual({});
});
it("should handle convert a Map to a Record", () => {
const map = new Map([
["key1", "value1"],
["key2", "value2"],
]);
expect(Utils.mapToRecord(map)).toEqual({ key1: "value1", key2: "value2" });
});
it("should handle convert a Map to a Record with non-string keys", () => {
const map = new Map([
[1, "value1"],
[2, "value2"],
]);
const result = Utils.mapToRecord(map);
expect(result).toEqual({ 1: "value1", 2: "value2" });
expect(Utils.recordToMap(result)).toEqual(map);
});
it("should not convert an object if it's not a map", () => {
const obj = { key1: "value1", key2: "value2" };
expect(Utils.mapToRecord(obj as any)).toEqual(obj);
});
});
describe("recordToMap", () => {
it("should handle null", () => {
expect(Utils.recordToMap(null)).toEqual(null);
});
it("should handle empty record", () => {
expect(Utils.recordToMap({})).toEqual(new Map());
});
it("should handle convert a Record to a Map", () => {
const record = { key1: "value1", key2: "value2" };
expect(Utils.recordToMap(record)).toEqual(new Map(Object.entries(record)));
});
it("should handle convert a Record to a Map with non-string keys", () => {
const record = { 1: "value1", 2: "value2" };
const result = Utils.recordToMap(record);
expect(result).toEqual(
new Map([
[1, "value1"],
[2, "value2"],
])
);
expect(Utils.mapToRecord(result)).toEqual(record);
});
it("should not convert an object if already a map", () => {
const map = new Map([
["key1", "value1"],
["key2", "value2"],
]);
expect(Utils.recordToMap(map as any)).toEqual(map);
});
});
describe("encodeRFC3986URIComponent", () => {
it("returns input string with expected encoded chars", () => {
expect(Utils.encodeRFC3986URIComponent("test'user@example.com")).toBe(
"test%27user%40example.com"
);
expect(Utils.encodeRFC3986URIComponent("(test)user@example.com")).toBe(
"%28test%29user%40example.com"
);
expect(Utils.encodeRFC3986URIComponent("testuser!@example.com")).toBe(
"testuser%21%40example.com"
);
expect(Utils.encodeRFC3986URIComponent("Test*User@example.com")).toBe(
"Test%2AUser%40example.com"
);
});
});
describe("normalizePath", () => {
it("removes a single traversal", () => {
expect(Utils.normalizePath("../test")).toBe("test");
});
it("removes deep traversals", () => {
expect(Utils.normalizePath("../../test")).toBe("test");
});
it("removes intermediate traversals", () => {
expect(Utils.normalizePath("test/../test")).toBe("test");
});
it("removes multiple encoded traversals", () => {
expect(
Utils.normalizePath("api/sends/access/..%2f..%2f..%2fapi%2fsends%2faccess%2fsendkey")
).toBe(path.normalize("api/sends/access/sendkey"));
});
});
describe("getUrl", () => {
it("assumes a http protocol if no protocol is specified", () => {
const urlString = "www.exampleapp.com.au:4000";
const actual = Utils.getUrl(urlString);
expect(actual.protocol).toBe("http:");
});
});
});

2
libs/common/src/models/domain/account-keys.spec.ts
View File

@@ -1,4 +1,4 @@
import { makeStaticByteArray } from "../../../spec/utils";
import { makeStaticByteArray } from "../../../spec";
import { Utils } from "../../misc/utils";
import { AccountKeys, EncryptionPair } from "./account";

76
libs/common/src/models/domain/enc-array-buffer.spec.ts Normal file
View File

@@ -0,0 +1,76 @@
import { makeStaticByteArray } from "../../../spec";
import { EncryptionType } from "../../enums";
import { EncArrayBuffer } from "./enc-array-buffer";
describe("encArrayBuffer", () => {
describe("parses the buffer", () => {
test.each([
[EncryptionType.AesCbc128_HmacSha256_B64, "AesCbc128_HmacSha256_B64"],
[EncryptionType.AesCbc256_HmacSha256_B64, "AesCbc256_HmacSha256_B64"],
])("with %c%s", (encType: EncryptionType) => {
const iv = makeStaticByteArray(16, 10);
const mac = makeStaticByteArray(32, 20);
// We use the minimum data length of 1 to test the boundary of valid lengths
const data = makeStaticByteArray(1, 100);
const array = new Uint8Array(1 + iv.byteLength + mac.byteLength + data.byteLength);
array.set([encType]);
array.set(iv, 1);
array.set(mac, 1 + iv.byteLength);
array.set(data, 1 + iv.byteLength + mac.byteLength);
const actual = new EncArrayBuffer(array.buffer);
expect(actual.encryptionType).toEqual(encType);
expect(actual.ivBytes).toEqualBuffer(iv);
expect(actual.macBytes).toEqualBuffer(mac);
expect(actual.dataBytes).toEqualBuffer(data);
});
it("with AesCbc256_B64", () => {
const encType = EncryptionType.AesCbc256_B64;
const iv = makeStaticByteArray(16, 10);
// We use the minimum data length of 1 to test the boundary of valid lengths
const data = makeStaticByteArray(1, 100);
const array = new Uint8Array(1 + iv.byteLength + data.byteLength);
array.set([encType]);
array.set(iv, 1);
array.set(data, 1 + iv.byteLength);
const actual = new EncArrayBuffer(array.buffer);
expect(actual.encryptionType).toEqual(encType);
expect(actual.ivBytes).toEqualBuffer(iv);
expect(actual.dataBytes).toEqualBuffer(data);
expect(actual.macBytes).toBeNull();
});
});
describe("throws if the buffer has an invalid length", () => {
test.each([
[EncryptionType.AesCbc128_HmacSha256_B64, 50, "AesCbc128_HmacSha256_B64"],
[EncryptionType.AesCbc256_HmacSha256_B64, 50, "AesCbc256_HmacSha256_B64"],
[EncryptionType.AesCbc256_B64, 18, "AesCbc256_B64"],
])("with %c%c%s", (encType: EncryptionType, minLength: number) => {
// Generate invalid byte array
// Minus 1 to leave room for the encType, minus 1 to make it invalid
const invalidBytes = makeStaticByteArray(minLength - 2);
const invalidArray = new Uint8Array(1 + invalidBytes.buffer.byteLength);
invalidArray.set([encType]);
invalidArray.set(invalidBytes, 1);
expect(() => new EncArrayBuffer(invalidArray.buffer)).toThrow(
"Error parsing encrypted ArrayBuffer"
);
});
});
it("doesn't parse the buffer if the encryptionType is not supported", () => {
// Starting at 9 implicitly gives us an invalid encType
const bytes = makeStaticByteArray(50, 9);
expect(() => new EncArrayBuffer(bytes)).toThrow("Error parsing encrypted ArrayBuffer");
});
});

266
libs/common/src/models/domain/enc-string.spec.ts Normal file
View File

@@ -0,0 +1,266 @@
// eslint-disable-next-line no-restricted-imports
import { Substitute, Arg } from "@fluffy-spoon/substitute";
import { mock, MockProxy } from "jest-mock-extended";
import { CryptoService } from "../../abstractions/crypto.service";
import { EncryptService } from "../../abstractions/encrypt.service";
import { EncryptionType } from "../../enums";
import { ContainerService } from "../../services/container.service";
import { EncString } from "./enc-string";
import { SymmetricCryptoKey } from "./symmetric-crypto-key";
describe("EncString", () => {
afterEach(() => {
(window as any).bitwardenContainerService = undefined;
});
describe("Rsa2048_OaepSha256_B64", () => {
it("constructor", () => {
const encString = new EncString(EncryptionType.Rsa2048_OaepSha256_B64, "data");
expect(encString).toEqual({
data: "data",
encryptedString: "3.data",
encryptionType: 3,
});
});
describe("isSerializedEncString", () => {
it("is true if valid", () => {
expect(EncString.isSerializedEncString("3.data")).toBe(true);
});
it("is false if invalid", () => {
expect(EncString.isSerializedEncString("3.data|test")).toBe(false);
});
});
describe("parse existing", () => {
it("valid", () => {
const encString = new EncString("3.data");
expect(encString).toEqual({
data: "data",
encryptedString: "3.data",
encryptionType: 3,
});
});
it("invalid", () => {
const encString = new EncString("3.data|test");
expect(encString).toEqual({
encryptedString: "3.data|test",
encryptionType: 3,
});
});
});
describe("decrypt", () => {
const encString = new EncString(EncryptionType.Rsa2048_OaepSha256_B64, "data");
const cryptoService = Substitute.for<CryptoService>();
cryptoService.getOrgKey(null).resolves(null);
const encryptService = Substitute.for<EncryptService>();
encryptService.decryptToUtf8(encString, Arg.any()).resolves("decrypted");
beforeEach(() => {
(window as any).bitwardenContainerService = new ContainerService(
cryptoService,
encryptService
);
});
it("decrypts correctly", async () => {
const decrypted = await encString.decrypt(null);
expect(decrypted).toBe("decrypted");
});
it("result should be cached", async () => {
const decrypted = await encString.decrypt(null);
encryptService.received(1).decryptToUtf8(Arg.any(), Arg.any());
expect(decrypted).toBe("decrypted");
});
});
});
describe("AesCbc256_B64", () => {
it("constructor", () => {
const encString = new EncString(EncryptionType.AesCbc256_B64, "data", "iv");
expect(encString).toEqual({
data: "data",
encryptedString: "0.iv|data",
encryptionType: 0,
iv: "iv",
});
});
describe("isSerializedEncString", () => {
it("is true if valid", () => {
expect(EncString.isSerializedEncString("0.iv|data")).toBe(true);
});
it("is false if invalid", () => {
expect(EncString.isSerializedEncString("0.iv|data|mac")).toBe(false);
});
});
describe("parse existing", () => {
it("valid", () => {
const encString = new EncString("0.iv|data");
expect(encString).toEqual({
data: "data",
encryptedString: "0.iv|data",
encryptionType: 0,
iv: "iv",
});
});
it("invalid", () => {
const encString = new EncString("0.iv|data|mac");
expect(encString).toEqual({
encryptedString: "0.iv|data|mac",
encryptionType: 0,
});
});
});
});
describe("AesCbc256_HmacSha256_B64", () => {
it("constructor", () => {
const encString = new EncString(EncryptionType.AesCbc256_HmacSha256_B64, "data", "iv", "mac");
expect(encString).toEqual({
data: "data",
encryptedString: "2.iv|data|mac",
encryptionType: 2,
iv: "iv",
mac: "mac",
});
});
describe("isSerializedEncString", () => {
it("is true if valid", () => {
expect(EncString.isSerializedEncString("2.iv|data|mac")).toBe(true);
});
it("is false if invalid", () => {
expect(EncString.isSerializedEncString("2.iv|data")).toBe(false);
});
});
it("valid", () => {
const encString = new EncString("2.iv|data|mac");
expect(encString).toEqual({
data: "data",
encryptedString: "2.iv|data|mac",
encryptionType: 2,
iv: "iv",
mac: "mac",
});
});
it("invalid", () => {
const encString = new EncString("2.iv|data");
expect(encString).toEqual({
encryptedString: "2.iv|data",
encryptionType: 2,
});
});
});
it("Exit early if null", () => {
const encString = new EncString(null);
expect(encString).toEqual({
encryptedString: null,
});
});
describe("decrypt", () => {
let cryptoService: MockProxy<CryptoService>;
let encryptService: MockProxy<EncryptService>;
let encString: EncString;
beforeEach(() => {
cryptoService = mock<CryptoService>();
encryptService = mock<EncryptService>();
encString = new EncString(null);
(window as any).bitwardenContainerService = new ContainerService(
cryptoService,
encryptService
);
});
it("handles value it can't decrypt", async () => {
encryptService.decryptToUtf8.mockRejectedValue("error");
(window as any).bitwardenContainerService = new ContainerService(
cryptoService,
encryptService
);
const decrypted = await encString.decrypt(null);
expect(decrypted).toBe("[error: cannot decrypt]");
expect(encString).toEqual({
decryptedValue: "[error: cannot decrypt]",
encryptedString: null,
});
});
it("uses provided key without depending on CryptoService", async () => {
const key = mock<SymmetricCryptoKey>();
await encString.decrypt(null, key);
expect(cryptoService.getKeyForUserEncryption).not.toHaveBeenCalled();
expect(encryptService.decryptToUtf8).toHaveBeenCalledWith(encString, key);
});
it("gets an organization key if required", async () => {
const orgKey = mock<SymmetricCryptoKey>();
cryptoService.getOrgKey.calledWith("orgId").mockResolvedValue(orgKey);
await encString.decrypt("orgId", null);
expect(cryptoService.getOrgKey).toHaveBeenCalledWith("orgId");
expect(encryptService.decryptToUtf8).toHaveBeenCalledWith(encString, orgKey);
});
it("gets the user's decryption key if required", async () => {
const userKey = mock<SymmetricCryptoKey>();
cryptoService.getKeyForUserEncryption.mockResolvedValue(userKey);
await encString.decrypt(null, null);
expect(cryptoService.getKeyForUserEncryption).toHaveBeenCalledWith();
expect(encryptService.decryptToUtf8).toHaveBeenCalledWith(encString, userKey);
});
});
describe("toJSON", () => {
it("Should be represented by the encrypted string", () => {
const encString = new EncString(EncryptionType.AesCbc256_B64, "data", "iv");
expect(encString.toJSON()).toBe(encString.encryptedString);
});
it("returns null if object is null", () => {
expect(EncString.fromJSON(null)).toBeNull();
});
});
});

86
libs/common/src/models/domain/symmetric-crypto-key.spec.ts Normal file
View File

@@ -0,0 +1,86 @@
import { makeStaticByteArray } from "../../../spec";
import { EncryptionType } from "../../enums";
import { SymmetricCryptoKey } from "./symmetric-crypto-key";
describe("SymmetricCryptoKey", () => {
it("errors if no key", () => {
const t = () => {
new SymmetricCryptoKey(null);
};
expect(t).toThrowError("Must provide key");
});
describe("guesses encKey from key length", () => {
it("AesCbc256_B64", () => {
const key = makeStaticByteArray(32);
const cryptoKey = new SymmetricCryptoKey(key);
expect(cryptoKey).toEqual({
encKey: key,
encKeyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=",
encType: 0,
key: key,
keyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=",
macKey: null,
});
});
it("AesCbc128_HmacSha256_B64", () => {
const key = makeStaticByteArray(32);
const cryptoKey = new SymmetricCryptoKey(key, EncryptionType.AesCbc128_HmacSha256_B64);
expect(cryptoKey).toEqual({
encKey: key.slice(0, 16),
encKeyB64: "AAECAwQFBgcICQoLDA0ODw==",
encType: 1,
key: key,
keyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=",
macKey: key.slice(16, 32),
macKeyB64: "EBESExQVFhcYGRobHB0eHw==",
});
});
it("AesCbc256_HmacSha256_B64", () => {
const key = makeStaticByteArray(64);
const cryptoKey = new SymmetricCryptoKey(key);
expect(cryptoKey).toEqual({
encKey: key.slice(0, 32),
encKeyB64: "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=",
encType: 2,
key: key,
keyB64:
"AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+Pw==",
macKey: key.slice(32, 64),
macKeyB64: "ICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj8=",
});
});
it("unknown length", () => {
const t = () => {
new SymmetricCryptoKey(makeStaticByteArray(30));
};
expect(t).toThrowError("Unable to determine encType.");
});
});
it("toJSON creates object for serialization", () => {
const key = new SymmetricCryptoKey(makeStaticByteArray(64).buffer);
const actual = key.toJSON();
const expected = { keyB64: key.keyB64 };
expect(actual).toEqual(expected);
});
it("fromJSON hydrates new object", () => {
const expected = new SymmetricCryptoKey(makeStaticByteArray(64).buffer);
const actual = SymmetricCryptoKey.fromJSON({ keyB64: expected.keyB64 });
expect(actual).toEqual(expected);
expect(actual).toBeInstanceOf(SymmetricCryptoKey);
});
});

58
libs/common/src/services/console-log.service.spec.ts Normal file
View File

@@ -0,0 +1,58 @@
import { interceptConsole, restoreConsole } from "../../spec";
import { ConsoleLogService } from "./consoleLog.service";
let caughtMessage: any;
describe("ConsoleLogService", () => {
let logService: ConsoleLogService;
beforeEach(() => {
caughtMessage = {};
interceptConsole(caughtMessage);
logService = new ConsoleLogService(true);
});
afterAll(() => {
restoreConsole();
});
it("filters messages below the set threshold", () => {
logService = new ConsoleLogService(true, () => true);
logService.debug("debug");
logService.info("info");
logService.warning("warning");
logService.error("error");
expect(caughtMessage).toEqual({});
});
it("only writes debug messages in dev mode", () => {
logService = new ConsoleLogService(false);
logService.debug("debug message");
expect(caughtMessage.log).toBeUndefined();
});
it("writes debug/info messages to console.log", () => {
logService.debug("this is a debug message");
expect(caughtMessage).toMatchObject({
log: { "0": "this is a debug message" },
});
logService.info("this is an info message");
expect(caughtMessage).toMatchObject({
log: { "0": "this is an info message" },
});
});
it("writes warning messages to console.warn", () => {
logService.warning("this is a warning message");
expect(caughtMessage).toMatchObject({
warn: { 0: "this is a warning message" },
});
});
it("writes error messages to console.error", () => {
logService.error("this is an error message");
expect(caughtMessage).toMatchObject({
error: { 0: "this is an error message" },
});
});
});

38
libs/common/src/services/crypto.service.spec.ts Normal file
View File

@@ -0,0 +1,38 @@
import { mock, mockReset } from "jest-mock-extended";
import { CryptoFunctionService } from "../abstractions/cryptoFunction.service";
import { EncryptService } from "../abstractions/encrypt.service";
import { LogService } from "../abstractions/log.service";
import { PlatformUtilsService } from "../abstractions/platformUtils.service";
import { StateService } from "../abstractions/state.service";
import { CryptoService } from "../services/crypto.service";
describe("cryptoService", () => {
let cryptoService: CryptoService;
const cryptoFunctionService = mock<CryptoFunctionService>();
const encryptService = mock<EncryptService>();
const platformUtilService = mock<PlatformUtilsService>();
const logService = mock<LogService>();
const stateService = mock<StateService>();
beforeEach(() => {
mockReset(cryptoFunctionService);
mockReset(encryptService);
mockReset(platformUtilService);
mockReset(logService);
mockReset(stateService);
cryptoService = new CryptoService(
cryptoFunctionService,
encryptService,
platformUtilService,
logService,
stateService
);
});
it("instantiates", () => {
expect(cryptoService).not.toBeFalsy();
});
});

191
libs/common/src/services/encrypt.service.spec.ts Normal file
View File

@@ -0,0 +1,191 @@
import { mockReset, mock } from "jest-mock-extended";
import { makeStaticByteArray } from "../../spec";
import { CryptoFunctionService } from "../abstractions/cryptoFunction.service";
import { LogService } from "../abstractions/log.service";
import { EncryptionType } from "../enums";
import { EncArrayBuffer } from "../models/domain/enc-array-buffer";
import { EncString } from "../models/domain/enc-string";
import { SymmetricCryptoKey } from "../models/domain/symmetric-crypto-key";
import { CsprngArray } from "../types/csprng";
import { EncryptServiceImplementation } from "./cryptography/encrypt.service.implementation";
describe("EncryptService", () => {
const cryptoFunctionService = mock<CryptoFunctionService>();
const logService = mock<LogService>();
let encryptService: EncryptServiceImplementation;
beforeEach(() => {
mockReset(cryptoFunctionService);
mockReset(logService);
encryptService = new EncryptServiceImplementation(cryptoFunctionService, logService, true);
});
describe("encryptToBytes", () => {
const plainValue = makeStaticByteArray(16, 1);
const iv = makeStaticByteArray(16, 30);
const mac = makeStaticByteArray(32, 40);
const encryptedData = makeStaticByteArray(20, 50);
it("throws if no key is provided", () => {
return expect(encryptService.encryptToBytes(plainValue, null)).rejects.toThrow(
"No encryption key"
);
});
describe("encrypts data", () => {
beforeEach(() => {
cryptoFunctionService.randomBytes
.calledWith(16)
.mockResolvedValueOnce(iv.buffer as CsprngArray);
cryptoFunctionService.aesEncrypt.mockResolvedValue(encryptedData.buffer);
});
it("using a key which supports mac", async () => {
const key = mock<SymmetricCryptoKey>();
const encType = EncryptionType.AesCbc128_HmacSha256_B64;
key.encType = encType;
key.macKey = makeStaticByteArray(16, 20);
cryptoFunctionService.hmac.mockResolvedValue(mac.buffer);
const actual = await encryptService.encryptToBytes(plainValue, key);
expect(actual.encryptionType).toEqual(encType);
expect(actual.ivBytes).toEqualBuffer(iv);
expect(actual.macBytes).toEqualBuffer(mac);
expect(actual.dataBytes).toEqualBuffer(encryptedData);
expect(actual.buffer.byteLength).toEqual(
1 + iv.byteLength + mac.byteLength + encryptedData.byteLength
);
});
it("using a key which doesn't support mac", async () => {
const key = mock<SymmetricCryptoKey>();
const encType = EncryptionType.AesCbc256_B64;
key.encType = encType;
key.macKey = null;
const actual = await encryptService.encryptToBytes(plainValue, key);
expect(cryptoFunctionService.hmac).not.toBeCalled();
expect(actual.encryptionType).toEqual(encType);
expect(actual.ivBytes).toEqualBuffer(iv);
expect(actual.macBytes).toBeNull();
expect(actual.dataBytes).toEqualBuffer(encryptedData);
expect(actual.buffer.byteLength).toEqual(1 + iv.byteLength + encryptedData.byteLength);
});
});
});
describe("decryptToBytes", () => {
const encType = EncryptionType.AesCbc256_HmacSha256_B64;
const key = new SymmetricCryptoKey(makeStaticByteArray(64, 100), encType);
const computedMac = new Uint8Array(1).buffer;
const encBuffer = new EncArrayBuffer(makeStaticByteArray(60, encType));
beforeEach(() => {
cryptoFunctionService.hmac.mockResolvedValue(computedMac);
});
it("throws if no key is provided", () => {
return expect(encryptService.decryptToBytes(encBuffer, null)).rejects.toThrow(
"No encryption key"
);
});
it("throws if no encrypted value is provided", () => {
return expect(encryptService.decryptToBytes(null, key)).rejects.toThrow(
"Nothing provided for decryption"
);
});
it("decrypts data with provided key", async () => {
const decryptedBytes = makeStaticByteArray(10, 200).buffer;
cryptoFunctionService.hmac.mockResolvedValue(makeStaticByteArray(1).buffer);
cryptoFunctionService.compare.mockResolvedValue(true);
cryptoFunctionService.aesDecrypt.mockResolvedValueOnce(decryptedBytes);
const actual = await encryptService.decryptToBytes(encBuffer, key);
expect(cryptoFunctionService.aesDecrypt).toBeCalledWith(
expect.toEqualBuffer(encBuffer.dataBytes),
expect.toEqualBuffer(encBuffer.ivBytes),
expect.toEqualBuffer(key.encKey)
);
expect(actual).toEqualBuffer(decryptedBytes);
});
it("compares macs using CryptoFunctionService", async () => {
const expectedMacData = new Uint8Array(
encBuffer.ivBytes.byteLength + encBuffer.dataBytes.byteLength
);
expectedMacData.set(new Uint8Array(encBuffer.ivBytes));
expectedMacData.set(new Uint8Array(encBuffer.dataBytes), encBuffer.ivBytes.byteLength);
await encryptService.decryptToBytes(encBuffer, key);
expect(cryptoFunctionService.hmac).toBeCalledWith(
expect.toEqualBuffer(expectedMacData),
key.macKey,
"sha256"
);
expect(cryptoFunctionService.compare).toBeCalledWith(
expect.toEqualBuffer(encBuffer.macBytes),
expect.toEqualBuffer(computedMac)
);
});
it("returns null if macs don't match", async () => {
cryptoFunctionService.compare.mockResolvedValue(false);
const actual = await encryptService.decryptToBytes(encBuffer, key);
expect(cryptoFunctionService.compare).toHaveBeenCalled();
expect(cryptoFunctionService.aesDecrypt).not.toHaveBeenCalled();
expect(actual).toBeNull();
});
it("returns null if encTypes don't match", async () => {
key.encType = EncryptionType.AesCbc256_B64;
cryptoFunctionService.compare.mockResolvedValue(true);
const actual = await encryptService.decryptToBytes(encBuffer, key);
expect(actual).toBeNull();
expect(cryptoFunctionService.aesDecrypt).not.toHaveBeenCalled();
});
});
describe("resolveLegacyKey", () => {
it("creates a legacy key if required", async () => {
const key = new SymmetricCryptoKey(makeStaticByteArray(32), EncryptionType.AesCbc256_B64);
const encString = mock<EncString>();
encString.encryptionType = EncryptionType.AesCbc128_HmacSha256_B64;
const actual = encryptService.resolveLegacyKey(key, encString);
const expected = new SymmetricCryptoKey(key.key, EncryptionType.AesCbc128_HmacSha256_B64);
expect(actual).toEqual(expected);
});
it("does not create a legacy key if not required", async () => {
const encType = EncryptionType.AesCbc256_HmacSha256_B64;
const key = new SymmetricCryptoKey(makeStaticByteArray(64), encType);
const encString = mock<EncString>();
encString.encryptionType = encType;
const actual = encryptService.resolveLegacyKey(key, encString);
expect(actual).toEqual(key);
});
});
});

202
libs/common/src/services/organization-domain/org-domain-api.service.spec.ts Normal file
View File

@@ -0,0 +1,202 @@
import { mock } from "jest-mock-extended";
import { lastValueFrom } from "rxjs";
import { ApiService } from "../../abstractions/api.service";
import { I18nService } from "../../abstractions/i18n.service";
import { OrganizationDomainSsoDetailsResponse } from "../../abstractions/organization-domain/responses/organization-domain-sso-details.response";
import { OrganizationDomainResponse } from "../../abstractions/organization-domain/responses/organization-domain.response";
import { PlatformUtilsService } from "../../abstractions/platformUtils.service";
import { OrgDomainApiService } from "./org-domain-api.service";
import { OrgDomainService } from "./org-domain.service";
import { OrganizationDomainSsoDetailsRequest } from "./requests/organization-domain-sso-details.request";
const mockedGetAllByOrgIdResponse: any = {
data: [
{
id: "ca01a674-7f2f-45f2-8245-af6d016416b7",
organizationId: "cb903acf-2361-4072-ae32-af6c014943b6",
txt: "bw=EUX6UKR8A68igAJkmodwkzMiqB00u7Iyq1QqALu6jFID",
domainName: "test.com",
creationDate: "2022-12-16T21:36:28.68Z",
nextRunDate: "2022-12-17T09:36:28.68Z",
jobRunCount: 0,
verifiedDate: null as any,
lastCheckedDate: "2022-12-16T21:36:28.7633333Z",
object: "organizationDomain",
},
{
id: "adbd44c5-90d5-4537-97e6-af6d01644870",
organizationId: "cb903acf-2361-4072-ae32-af6c014943b6",
txt: "bw=Ql4fCfDacmcjwyAP9BPmvhSMTCz4PkEDm4uQ3fH01pD4",
domainName: "test2.com",
creationDate: "2022-12-16T21:37:10.9566667Z",
nextRunDate: "2022-12-17T09:37:10.9566667Z",
jobRunCount: 0,
verifiedDate: "totally verified",
lastCheckedDate: "2022-12-16T21:37:11.1933333Z",
object: "organizationDomain",
},
{
id: "05cf3ab8-bcfe-4b95-92e8-af6d01680942",
organizationId: "cb903acf-2361-4072-ae32-af6c014943b6",
txt: "bw=EQNUs77BWQHbfSiyc/9nT3wCen9z2yMn/ABCz0cNKaTx",
domainName: "test3.com",
creationDate: "2022-12-16T21:50:50.96Z",
nextRunDate: "2022-12-17T09:50:50.96Z",
jobRunCount: 0,
verifiedDate: null,
lastCheckedDate: "2022-12-16T21:50:51.0933333Z",
object: "organizationDomain",
},
],
continuationToken: null as any,
object: "list",
};
const mockedOrgDomainServerResponse = {
id: "ca01a674-7f2f-45f2-8245-af6d016416b7",
organizationId: "cb903acf-2361-4072-ae32-af6c014943b6",
txt: "bw=EUX6UKR8A68igAJkmodwkzMiqB00u7Iyq1QqALu6jFID",
domainName: "test.com",
creationDate: "2022-12-16T21:36:28.68Z",
nextRunDate: "2022-12-17T09:36:28.68Z",
jobRunCount: 0,
verifiedDate: null as any,
lastCheckedDate: "2022-12-16T21:36:28.7633333Z",
object: "organizationDomain",
};
const mockedOrgDomainResponse = new OrganizationDomainResponse(mockedOrgDomainServerResponse);
const mockedOrganizationDomainSsoDetailsServerResponse = {
id: "fake-guid",
organizationIdentifier: "fake-org-identifier",
ssoAvailable: true,
domainName: "fake-domain-name",
verifiedDate: "2022-12-16T21:36:28.68Z",
};
const mockedOrganizationDomainSsoDetailsResponse = new OrganizationDomainSsoDetailsResponse(
mockedOrganizationDomainSsoDetailsServerResponse
);
describe("Org Domain API Service", () => {
let orgDomainApiService: OrgDomainApiService;
const apiService = mock<ApiService>();
let orgDomainService: OrgDomainService;
const platformUtilService = mock<PlatformUtilsService>();
const i18nService = mock<I18nService>();
beforeEach(() => {
orgDomainService = new OrgDomainService(platformUtilService, i18nService);
jest.resetAllMocks();
orgDomainApiService = new OrgDomainApiService(orgDomainService, apiService);
});
it("instantiates", () => {
expect(orgDomainApiService).not.toBeFalsy();
});
it("getAllByOrgId retrieves all org domains and calls orgDomainSvc replace", () => {
apiService.send.mockResolvedValue(mockedGetAllByOrgIdResponse);
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(0);
const orgDomainSvcReplaceSpy = jest.spyOn(orgDomainService, "replace");
orgDomainApiService
.getAllByOrgId("fakeOrgId")
.then((orgDomainResponses: Array<OrganizationDomainResponse>) => {
expect(orgDomainResponses).toHaveLength(3);
expect(orgDomainSvcReplaceSpy).toHaveBeenCalled();
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(3);
});
});
it("getByOrgIdAndOrgDomainId retrieves single org domain and calls orgDomainSvc upsert", () => {
apiService.send.mockResolvedValue(mockedOrgDomainServerResponse);
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(0);
const orgDomainSvcUpsertSpy = jest.spyOn(orgDomainService, "upsert");
orgDomainApiService
.getByOrgIdAndOrgDomainId("fakeOrgId", "fakeDomainId")
.then((orgDomain: OrganizationDomainResponse) => {
expect(orgDomain.id).toEqual(mockedOrgDomainServerResponse.id);
expect(orgDomainSvcUpsertSpy).toHaveBeenCalled();
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(1);
});
});
it("post success should call orgDomainSvc upsert", () => {
apiService.send.mockResolvedValue(mockedOrgDomainServerResponse);
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(0);
const orgDomainSvcUpsertSpy = jest.spyOn(orgDomainService, "upsert");
orgDomainApiService
.post("fakeOrgId", mockedOrgDomainResponse)
.then((orgDomain: OrganizationDomainResponse) => {
expect(orgDomain.id).toEqual(mockedOrgDomainServerResponse.id);
expect(orgDomainSvcUpsertSpy).toHaveBeenCalled();
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(1);
});
});
it("verify success should call orgDomainSvc upsert", () => {
apiService.send.mockResolvedValue(mockedOrgDomainServerResponse);
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(0);
const orgDomainSvcUpsertSpy = jest.spyOn(orgDomainService, "upsert");
orgDomainApiService
.verify("fakeOrgId", "fakeOrgId")
.then((orgDomain: OrganizationDomainResponse) => {
expect(orgDomain.id).toEqual(mockedOrgDomainServerResponse.id);
expect(orgDomainSvcUpsertSpy).toHaveBeenCalled();
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(1);
});
});
it("delete success should call orgDomainSvc delete", () => {
apiService.send.mockResolvedValue(true);
orgDomainService.upsert([mockedOrgDomainResponse]);
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(1);
const orgDomainSvcDeleteSpy = jest.spyOn(orgDomainService, "delete");
orgDomainApiService.delete("fakeOrgId", "fakeOrgId").then(() => {
expect(orgDomainSvcDeleteSpy).toHaveBeenCalled();
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(0);
});
});
it("getClaimedOrgDomainByEmail should call ApiService.send with correct parameters and return response", async () => {
const email = "test@example.com";
apiService.send.mockResolvedValue(mockedOrganizationDomainSsoDetailsServerResponse);
const result = await orgDomainApiService.getClaimedOrgDomainByEmail(email);
expect(apiService.send).toHaveBeenCalledWith(
"POST",
"/organizations/domain/sso/details",
new OrganizationDomainSsoDetailsRequest(email),
false, //anonymous
true
);
expect(result).toEqual(mockedOrganizationDomainSsoDetailsResponse);
});
});

169
libs/common/src/services/organization-domain/org-domain.service.spec.ts Normal file
View File

@@ -0,0 +1,169 @@
import { mock, mockReset } from "jest-mock-extended";
import { lastValueFrom } from "rxjs";
import { I18nService } from "../../abstractions/i18n.service";
import { OrganizationDomainResponse } from "../../abstractions/organization-domain/responses/organization-domain.response";
import { PlatformUtilsService } from "../../abstractions/platformUtils.service";
import { OrgDomainService } from "./org-domain.service";
const mockedUnverifiedDomainServerResponse = {
creationDate: "2022-12-13T23:16:43.7066667Z",
domainName: "bacon.com",
id: "12eac4ea-9ed8-4dd4-85da-af6a017f9f97",
jobRunCount: 0,
lastCheckedDate: "2022-12-13T23:16:43.8033333Z",
nextRunDate: "2022-12-14T11:16:43.7066667Z",
object: "organizationDomain",
organizationId: "e4bffa5e-6602-4bc7-a83f-af55016566ef",
txt: "bw=eRBGgwJhZk0Kmpd8qPdSrrkSsTD006B+JgmMztk4XjDX",
verifiedDate: null as any,
};
const mockedVerifiedDomainServerResponse = {
creationDate: "2022-12-13T23:16:43.7066667Z",
domainName: "cat.com",
id: "58715f70-8650-4a42-9d4a-af6a0188151b",
jobRunCount: 0,
lastCheckedDate: "2022-12-13T23:16:43.8033333Z",
nextRunDate: "2022-12-14T11:16:43.7066667Z",
object: "organizationDomain",
organizationId: "e4bffa5e-6602-4bc7-a83f-af55016566ef",
txt: "bw=eRBGgwJhZk0Kmpd8qPdSrrkSsTD006B+JgmMztk4XjDX",
verifiedDate: "2022-12-13T23:16:43.7066667Z",
};
const mockedExtraDomainServerResponse = {
creationDate: "2022-12-13T23:16:43.7066667Z",
domainName: "dog.com",
id: "fac7cdb6-283e-4805-aa55-af6b016bf699",
jobRunCount: 0,
lastCheckedDate: "2022-12-13T23:16:43.8033333Z",
nextRunDate: "2022-12-14T11:16:43.7066667Z",
object: "organizationDomain",
organizationId: "e4bffa5e-6602-4bc7-a83f-af55016566ef",
txt: "bw=eRBGgwJhZk0Kmpd8qPdSrrkSsTD006B+JgmMztk4XjDX",
verifiedDate: null as any,
};
const mockedUnverifiedOrgDomainResponse = new OrganizationDomainResponse(
mockedUnverifiedDomainServerResponse
);
const mockedVerifiedOrgDomainResponse = new OrganizationDomainResponse(
mockedVerifiedDomainServerResponse
);
const mockedExtraOrgDomainResponse = new OrganizationDomainResponse(
mockedExtraDomainServerResponse
);
describe("Org Domain Service", () => {
let orgDomainService: OrgDomainService;
const platformUtilService = mock<PlatformUtilsService>();
const i18nService = mock<I18nService>();
beforeEach(() => {
mockReset(platformUtilService);
mockReset(i18nService);
orgDomainService = new OrgDomainService(platformUtilService, i18nService);
});
it("instantiates", () => {
expect(orgDomainService).not.toBeFalsy();
});
it("orgDomains$ public observable exists and instantiates w/ empty array", () => {
expect(orgDomainService.orgDomains$).toBeDefined();
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toEqual([]);
});
it("replace and clear work", () => {
const newOrgDomains = [mockedUnverifiedOrgDomainResponse, mockedVerifiedOrgDomainResponse];
orgDomainService.replace(newOrgDomains);
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toEqual(newOrgDomains);
orgDomainService.clearCache();
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toEqual([]);
});
it("get successfully retrieves org domain by id", () => {
const orgDomains = [mockedUnverifiedOrgDomainResponse, mockedVerifiedOrgDomainResponse];
orgDomainService.replace(orgDomains);
expect(orgDomainService.get(mockedVerifiedOrgDomainResponse.id)).toEqual(
mockedVerifiedOrgDomainResponse
);
expect(orgDomainService.get(mockedUnverifiedOrgDomainResponse.id)).toEqual(
mockedUnverifiedOrgDomainResponse
);
});
it("upsert both updates an existing org domain and adds a new one", () => {
const orgDomains = [mockedUnverifiedOrgDomainResponse, mockedVerifiedOrgDomainResponse];
orgDomainService.replace(orgDomains);
const changedOrgDomain = new OrganizationDomainResponse(mockedVerifiedDomainServerResponse);
changedOrgDomain.domainName = "changed domain name";
expect(mockedVerifiedOrgDomainResponse.domainName).not.toEqual(changedOrgDomain.domainName);
orgDomainService.upsert([changedOrgDomain]);
expect(orgDomainService.get(mockedVerifiedOrgDomainResponse.id).domainName).toEqual(
changedOrgDomain.domainName
);
const newOrgDomain = new OrganizationDomainResponse({
creationDate: "2022-12-13T23:16:43.7066667Z",
domainName: "cat.com",
id: "magical-cat-id-number-999",
jobRunCount: 0,
lastCheckedDate: "2022-12-13T23:16:43.8033333Z",
nextRunDate: "2022-12-14T11:16:43.7066667Z",
object: "organizationDomain",
organizationId: "e4bffa5e-6602-4bc7-a83f-af55016566ef",
txt: "bw=eRBGgwJhZk0Kmpd8qPdSrrkSsTD006B+JgmMztk4XjDX",
verifiedDate: null as any,
});
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(2);
orgDomainService.upsert([newOrgDomain]);
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(3);
expect(orgDomainService.get(newOrgDomain.id)).toEqual(newOrgDomain);
});
it("delete successfully removes multiple org domains", () => {
const orgDomains = [
mockedUnverifiedOrgDomainResponse,
mockedVerifiedOrgDomainResponse,
mockedExtraOrgDomainResponse,
];
orgDomainService.replace(orgDomains);
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(3);
orgDomainService.delete([mockedUnverifiedOrgDomainResponse.id]);
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(2);
expect(orgDomainService.get(mockedUnverifiedOrgDomainResponse.id)).toEqual(undefined);
orgDomainService.delete([mockedVerifiedOrgDomainResponse.id, mockedExtraOrgDomainResponse.id]);
expect(lastValueFrom(orgDomainService.orgDomains$)).resolves.toHaveLength(0);
expect(orgDomainService.get(mockedVerifiedOrgDomainResponse.id)).toEqual(undefined);
expect(orgDomainService.get(mockedExtraOrgDomainResponse.id)).toEqual(undefined);
});
it("copyDnsTxt copies DNS TXT to clipboard and shows toast", () => {
orgDomainService.copyDnsTxt("fakeTxt");
expect(jest.spyOn(platformUtilService, "copyToClipboard")).toHaveBeenCalled();
expect(jest.spyOn(platformUtilService, "showToast")).toHaveBeenCalled();
});
});

415
libs/common/src/services/policy.service.spec.ts Normal file
View File

@@ -0,0 +1,415 @@
// eslint-disable-next-line no-restricted-imports
import { Arg, Substitute, SubstituteOf } from "@fluffy-spoon/substitute";
import { BehaviorSubject, firstValueFrom } from "rxjs";
import { CryptoService } from "../abstractions/crypto.service";
import { EncryptService } from "../abstractions/encrypt.service";
import { OrganizationService } from "../admin-console/abstractions/organization/organization.service.abstraction";
import { OrganizationUserStatusType, PolicyType } from "../admin-console/enums";
import { PermissionsApi } from "../admin-console/models/api/permissions.api";
import { OrganizationData } from "../admin-console/models/data/organization.data";
import { PolicyData } from "../admin-console/models/data/policy.data";
import { MasterPasswordPolicyOptions } from "../admin-console/models/domain/master-password-policy-options";
import { Organization } from "../admin-console/models/domain/organization";
import { Policy } from "../admin-console/models/domain/policy";
import { ResetPasswordPolicyOptions } from "../admin-console/models/domain/reset-password-policy-options";
import { PolicyResponse } from "../admin-console/models/response/policy.response";
import { PolicyService } from "../admin-console/services/policy/policy.service";
import { ListResponse } from "../models/response/list.response";
import { ContainerService } from "./container.service";
import { StateService } from "./state.service";
describe("PolicyService", () => {
let policyService: PolicyService;
let cryptoService: SubstituteOf<CryptoService>;
let stateService: SubstituteOf<StateService>;
let organizationService: SubstituteOf<OrganizationService>;
let encryptService: SubstituteOf<EncryptService>;
let activeAccount: BehaviorSubject<string>;
let activeAccountUnlocked: BehaviorSubject<boolean>;
beforeEach(() => {
stateService = Substitute.for();
organizationService = Substitute.for();
organizationService
.getAll("user")
.resolves([
new Organization(
organizationData(
"test-organization",
true,
true,
OrganizationUserStatusType.Accepted,
false
)
),
]);
organizationService.getAll(undefined).resolves([]);
organizationService.getAll(null).resolves([]);
activeAccount = new BehaviorSubject("123");
activeAccountUnlocked = new BehaviorSubject(true);
stateService.getDecryptedPolicies({ userId: "user" }).resolves(null);
stateService.getEncryptedPolicies({ userId: "user" }).resolves({
"1": policyData("1", "test-organization", PolicyType.MaximumVaultTimeout, true, {
minutes: 14,
}),
});
stateService.getEncryptedPolicies().resolves({
"1": policyData("1", "test-organization", PolicyType.MaximumVaultTimeout, true, {
minutes: 14,
}),
});
stateService.activeAccount$.returns(activeAccount);
stateService.activeAccountUnlocked$.returns(activeAccountUnlocked);
stateService.getUserId().resolves("user");
(window as any).bitwardenContainerService = new ContainerService(cryptoService, encryptService);
policyService = new PolicyService(stateService, organizationService);
});
afterEach(() => {
activeAccount.complete();
activeAccountUnlocked.complete();
});
it("upsert", async () => {
await policyService.upsert(policyData("99", "test-organization", PolicyType.DisableSend, true));
expect(await firstValueFrom(policyService.policies$)).toEqual([
{
id: "1",
organizationId: "test-organization",
type: PolicyType.MaximumVaultTimeout,
enabled: true,
data: { minutes: 14 },
},
{
id: "99",
organizationId: "test-organization",
type: PolicyType.DisableSend,
enabled: true,
},
]);
});
it("replace", async () => {
await policyService.replace({
"2": policyData("2", "test-organization", PolicyType.DisableSend, true),
});
expect(await firstValueFrom(policyService.policies$)).toEqual([
{
id: "2",
organizationId: "test-organization",
type: PolicyType.DisableSend,
enabled: true,
},
]);
});
it("locking should clear", async () => {
activeAccountUnlocked.next(false);
// Sleep for 100ms to avoid timing issues
await new Promise((r) => setTimeout(r, 100));
expect((await firstValueFrom(policyService.policies$)).length).toBe(0);
});
describe("clear", () => {
it("null userId", async () => {
await policyService.clear();
stateService.received(1).setEncryptedPolicies(Arg.any(), Arg.any());
expect((await firstValueFrom(policyService.policies$)).length).toBe(0);
});
it("matching userId", async () => {
await policyService.clear("user");
stateService.received(1).setEncryptedPolicies(Arg.any(), Arg.any());
expect((await firstValueFrom(policyService.policies$)).length).toBe(0);
});
it("mismatching userId", async () => {
await policyService.clear("12");
stateService.received(1).setEncryptedPolicies(Arg.any(), Arg.any());
expect((await firstValueFrom(policyService.policies$)).length).toBe(1);
});
});
describe("masterPasswordPolicyOptions", () => {
it("returns default policy options", async () => {
const data: any = {
minComplexity: 5,
minLength: 20,
requireUpper: true,
};
const model = [
new Policy(policyData("1", "test-organization-3", PolicyType.MasterPassword, true, data)),
];
const result = await firstValueFrom(policyService.masterPasswordPolicyOptions$(model));
expect(result).toEqual({
minComplexity: 5,
minLength: 20,
requireLower: false,
requireNumbers: false,
requireSpecial: false,
requireUpper: true,
enforceOnLogin: false,
});
});
it("returns null", async () => {
const data: any = {};
const model = [
new Policy(
policyData("3", "test-organization-3", PolicyType.DisablePersonalVaultExport, true, data)
),
new Policy(
policyData("4", "test-organization-3", PolicyType.MaximumVaultTimeout, true, data)
),
];
const result = await firstValueFrom(policyService.masterPasswordPolicyOptions$(model));
expect(result).toEqual(null);
});
it("returns specified policy options", async () => {
const data: any = {
minLength: 14,
};
const model = [
new Policy(
policyData("3", "test-organization-3", PolicyType.DisablePersonalVaultExport, true, data)
),
new Policy(policyData("4", "test-organization-3", PolicyType.MasterPassword, true, data)),
];
const result = await firstValueFrom(policyService.masterPasswordPolicyOptions$(model));
expect(result).toEqual({
minComplexity: 0,
minLength: 14,
requireLower: false,
requireNumbers: false,
requireSpecial: false,
requireUpper: false,
enforceOnLogin: false,
});
});
});
describe("evaluateMasterPassword", () => {
it("false", async () => {
const enforcedPolicyOptions = new MasterPasswordPolicyOptions();
enforcedPolicyOptions.minLength = 14;
const result = policyService.evaluateMasterPassword(10, "password", enforcedPolicyOptions);
expect(result).toEqual(false);
});
it("true", async () => {
const enforcedPolicyOptions = new MasterPasswordPolicyOptions();
const result = policyService.evaluateMasterPassword(0, "password", enforcedPolicyOptions);
expect(result).toEqual(true);
});
});
describe("getResetPasswordPolicyOptions", () => {
it("default", async () => {
const result = policyService.getResetPasswordPolicyOptions(null, null);
expect(result).toEqual([new ResetPasswordPolicyOptions(), false]);
});
it("returns autoEnrollEnabled true", async () => {
const data: any = {
autoEnrollEnabled: true,
};
const policies = [
new Policy(policyData("5", "test-organization-3", PolicyType.ResetPassword, true, data)),
];
const result = policyService.getResetPasswordPolicyOptions(policies, "test-organization-3");
expect(result).toEqual([{ autoEnrollEnabled: true }, true]);
});
});
describe("mapPoliciesFromToken", () => {
it("null", async () => {
const result = policyService.mapPoliciesFromToken(null);
expect(result).toEqual(null);
});
it("null data", async () => {
const model = new ListResponse(null, PolicyResponse);
model.data = null;
const result = policyService.mapPoliciesFromToken(model);
expect(result).toEqual(null);
});
it("empty array", async () => {
const model = new ListResponse(null, PolicyResponse);
const result = policyService.mapPoliciesFromToken(model);
expect(result).toEqual([]);
});
it("success", async () => {
const policyResponse: any = {
Data: [
{
Id: "1",
OrganizationId: "organization-1",
Type: PolicyType.DisablePersonalVaultExport,
Enabled: true,
Data: { requireUpper: true },
},
{
Id: "2",
OrganizationId: "organization-2",
Type: PolicyType.DisableSend,
Enabled: false,
Data: { minComplexity: 5, minLength: 20 },
},
],
};
const model = new ListResponse(policyResponse, PolicyResponse);
const result = policyService.mapPoliciesFromToken(model);
expect(result).toEqual([
new Policy(
policyData("1", "organization-1", PolicyType.DisablePersonalVaultExport, true, {
requireUpper: true,
})
),
new Policy(
policyData("2", "organization-2", PolicyType.DisableSend, false, {
minComplexity: 5,
minLength: 20,
})
),
]);
});
});
describe("policyAppliesToActiveUser$", () => {
it("MasterPassword does not apply", async () => {
const result = await firstValueFrom(
policyService.policyAppliesToActiveUser$(PolicyType.MasterPassword)
);
expect(result).toEqual(false);
});
it("MaximumVaultTimeout applies", async () => {
const result = await firstValueFrom(
policyService.policyAppliesToActiveUser$(PolicyType.MaximumVaultTimeout)
);
expect(result).toEqual(true);
});
it("PolicyFilter filters result", async () => {
const result = await firstValueFrom(
policyService.policyAppliesToActiveUser$(PolicyType.MaximumVaultTimeout, (p) => false)
);
expect(result).toEqual(false);
});
it("DisablePersonalVaultExport does not apply", async () => {
const result = await firstValueFrom(
policyService.policyAppliesToActiveUser$(PolicyType.DisablePersonalVaultExport)
);
expect(result).toEqual(false);
});
});
describe("policyAppliesToUser", () => {
it("MasterPassword does not apply", async () => {
const result = await policyService.policyAppliesToUser(
PolicyType.MasterPassword,
null,
"user"
);
expect(result).toEqual(false);
});
it("MaximumVaultTimeout applies", async () => {
const result = await policyService.policyAppliesToUser(
PolicyType.MaximumVaultTimeout,
null,
"user"
);
expect(result).toEqual(true);
});
it("PolicyFilter filters result", async () => {
const result = await policyService.policyAppliesToUser(
PolicyType.MaximumVaultTimeout,
(p) => false,
"user"
);
expect(result).toEqual(false);
});
it("DisablePersonalVaultExport does not apply", async () => {
const result = await policyService.policyAppliesToUser(
PolicyType.DisablePersonalVaultExport,
null,
"user"
);
expect(result).toEqual(false);
});
});
function policyData(
id: string,
organizationId: string,
type: PolicyType,
enabled: boolean,
data?: any
) {
const policyData = new PolicyData({} as any);
policyData.id = id;
policyData.organizationId = organizationId;
policyData.type = type;
policyData.enabled = enabled;
policyData.data = data;
return policyData;
}
function organizationData(
id: string,
enabled: boolean,
usePolicies: boolean,
status: OrganizationUserStatusType,
managePolicies: boolean
) {
const organizationData = new OrganizationData({} as any, {} as any);
organizationData.id = id;
organizationData.enabled = enabled;
organizationData.usePolicies = usePolicies;
organizationData.status = status;
organizationData.permissions = new PermissionsApi({ managePolicies: managePolicies } as any);
return organizationData;
}
});

84
libs/common/src/services/settings.service.spec.ts Normal file
View File

@@ -0,0 +1,84 @@
// eslint-disable-next-line no-restricted-imports
import { Arg, Substitute, SubstituteOf } from "@fluffy-spoon/substitute";
import { BehaviorSubject, firstValueFrom } from "rxjs";
import { CryptoService } from "../abstractions/crypto.service";
import { EncryptService } from "../abstractions/encrypt.service";
import { ContainerService } from "./container.service";
import { SettingsService } from "./settings.service";
import { StateService } from "./state.service";
describe("SettingsService", () => {
let settingsService: SettingsService;
let cryptoService: SubstituteOf<CryptoService>;
let encryptService: SubstituteOf<EncryptService>;
let stateService: SubstituteOf<StateService>;
let activeAccount: BehaviorSubject<string>;
let activeAccountUnlocked: BehaviorSubject<boolean>;
const mockEquivalentDomains = [
["example.com", "exampleapp.com", "example.co.uk", "ejemplo.es"],
["bitwarden.com", "bitwarden.co.uk", "sm-bitwarden.com"],
["example.co.uk", "exampleapp.co.uk"],
];
beforeEach(() => {
cryptoService = Substitute.for();
encryptService = Substitute.for();
stateService = Substitute.for();
activeAccount = new BehaviorSubject("123");
activeAccountUnlocked = new BehaviorSubject(true);
stateService.getSettings().resolves({ equivalentDomains: mockEquivalentDomains });
stateService.activeAccount$.returns(activeAccount);
stateService.activeAccountUnlocked$.returns(activeAccountUnlocked);
(window as any).bitwardenContainerService = new ContainerService(cryptoService, encryptService);
settingsService = new SettingsService(stateService);
});
afterEach(() => {
activeAccount.complete();
activeAccountUnlocked.complete();
});
describe("getEquivalentDomains", () => {
it("returns all equivalent domains for a URL", async () => {
const actual = settingsService.getEquivalentDomains("example.co.uk");
const expected = new Set([
"example.com",
"exampleapp.com",
"example.co.uk",
"ejemplo.es",
"exampleapp.co.uk",
]);
expect(actual).toEqual(expected);
});
it("returns an empty set if there are no equivalent domains", () => {
const actual = settingsService.getEquivalentDomains("asdf");
expect(actual).toEqual(new Set());
});
});
it("setEquivalentDomains", async () => {
await settingsService.setEquivalentDomains([["test2"], ["domains2"]]);
stateService.received(1).setSettings(Arg.any());
expect((await firstValueFrom(settingsService.settings$)).equivalentDomains).toEqual([
["test2"],
["domains2"],
]);
});
it("clear", async () => {
await settingsService.clear();
stateService.received(1).setSettings(Arg.any(), Arg.any());
expect(await firstValueFrom(settingsService.settings$)).toEqual({});
});
});

216
libs/common/src/services/state-migration.service.spec.ts Normal file
View File

@@ -0,0 +1,216 @@
// eslint-disable-next-line no-restricted-imports
import { Substitute, SubstituteOf } from "@fluffy-spoon/substitute";
import { MockProxy, any, mock } from "jest-mock-extended";
import { AbstractStorageService } from "../abstractions/storage.service";
import { StateVersion } from "../enums";
import { StateFactory } from "../factories/stateFactory";
import { Account } from "../models/domain/account";
import { GlobalState } from "../models/domain/global-state";
import { StateMigrationService } from "./stateMigration.service";
const userId = "USER_ID";
// Note: each test calls the private migration method for that migration,
// so that we don't accidentally run all following migrations as well
describe("State Migration Service", () => {
let storageService: MockProxy<AbstractStorageService>;
let secureStorageService: SubstituteOf<AbstractStorageService>;
let stateFactory: SubstituteOf<StateFactory>;
let stateMigrationService: StateMigrationService;
beforeEach(() => {
storageService = mock();
secureStorageService = Substitute.for<AbstractStorageService>();
stateFactory = Substitute.for<StateFactory>();
stateMigrationService = new StateMigrationService(
storageService,
secureStorageService,
stateFactory
);
});
afterEach(() => {
jest.resetAllMocks();
});
describe("StateVersion 3 to 4 migration", () => {
beforeEach(() => {
const globalVersion3: Partial<GlobalState> = {
stateVersion: StateVersion.Three,
};
storageService.get.calledWith("global", any()).mockResolvedValue(globalVersion3);
storageService.get.calledWith("authenticatedAccounts", any()).mockResolvedValue([userId]);
});
it("clears everBeenUnlocked", async () => {
const accountVersion3: Account = {
profile: {
apiKeyClientId: null,
convertAccountToKeyConnector: null,
email: "EMAIL",
emailVerified: true,
everBeenUnlocked: true,
hasPremiumPersonally: false,
kdfIterations: 100000,
kdfType: 0,
keyHash: "KEY_HASH",
lastSync: "LAST_SYNC",
userId: userId,
usesKeyConnector: false,
forcePasswordResetReason: null,
},
};
const expectedAccountVersion4: Account = {
profile: {
...accountVersion3.profile,
},
};
delete expectedAccountVersion4.profile.everBeenUnlocked;
storageService.get.calledWith(userId, any()).mockResolvedValue(accountVersion3);
await (stateMigrationService as any).migrateStateFrom3To4();
expect(storageService.save).toHaveBeenCalledTimes(2);
expect(storageService.save).toHaveBeenCalledWith(userId, expectedAccountVersion4, any());
});
it("updates StateVersion number", async () => {
await (stateMigrationService as any).migrateStateFrom3To4();
expect(storageService.save).toHaveBeenCalledWith(
"global",
{ stateVersion: StateVersion.Four },
any()
);
expect(storageService.save).toHaveBeenCalledTimes(1);
});
});
describe("StateVersion 4 to 5 migration", () => {
it("migrates organization keys to new format", async () => {
const accountVersion4 = new Account({
keys: {
organizationKeys: {
encrypted: {
orgOneId: "orgOneEncKey",
orgTwoId: "orgTwoEncKey",
orgThreeId: "orgThreeEncKey",
},
},
},
} as any);
const expectedAccount = new Account({
keys: {
organizationKeys: {
encrypted: {
orgOneId: {
type: "organization",
key: "orgOneEncKey",
},
orgTwoId: {
type: "organization",
key: "orgTwoEncKey",
},
orgThreeId: {
type: "organization",
key: "orgThreeEncKey",
},
},
} as any,
} as any,
});
const migratedAccount = await (stateMigrationService as any).migrateAccountFrom4To5(
accountVersion4
);
expect(migratedAccount).toEqual(expectedAccount);
});
});
describe("StateVersion 5 to 6 migration", () => {
it("deletes account.keys.legacyEtmKey value", async () => {
const accountVersion5 = new Account({
keys: {
legacyEtmKey: "legacy key",
},
} as any);
const migratedAccount = await (stateMigrationService as any).migrateAccountFrom5To6(
accountVersion5
);
expect(migratedAccount.keys.legacyEtmKey).toBeUndefined();
});
});
describe("StateVersion 6 to 7 migration", () => {
it("should delete global.noAutoPromptBiometrics value", async () => {
storageService.get
.calledWith("global", any())
.mockResolvedValue({ stateVersion: StateVersion.Six, noAutoPromptBiometrics: true });
storageService.get.calledWith("authenticatedAccounts", any()).mockResolvedValue([]);
await stateMigrationService.migrate();
expect(storageService.save).toHaveBeenCalledWith(
"global",
{
stateVersion: StateVersion.Seven,
},
any()
);
});
it("should call migrateStateFrom6To7 on each account", async () => {
const accountVersion6 = new Account({
otherStuff: "other stuff",
} as any);
storageService.get
.calledWith("global", any())
.mockResolvedValue({ stateVersion: StateVersion.Six, noAutoPromptBiometrics: true });
storageService.get.calledWith("authenticatedAccounts", any()).mockResolvedValue([userId]);
storageService.get.calledWith(userId, any()).mockResolvedValue(accountVersion6);
const migrateSpy = jest.fn();
(stateMigrationService as any).migrateAccountFrom6To7 = migrateSpy;
await stateMigrationService.migrate();
expect(migrateSpy).toHaveBeenCalledWith(true, accountVersion6);
});
it("should update account.settings.disableAutoBiometricsPrompt value if global is no prompt", async () => {
const result = await (stateMigrationService as any).migrateAccountFrom6To7(true, {
otherStuff: "other stuff",
});
expect(result).toEqual({
otherStuff: "other stuff",
settings: {
disableAutoBiometricsPrompt: true,
},
});
});
it("should not update account.settings.disableAutoBiometricsPrompt value if global auto prompt is enabled", async () => {
const result = await (stateMigrationService as any).migrateAccountFrom6To7(false, {
otherStuff: "other stuff",
});
expect(result).toEqual({
otherStuff: "other stuff",
});
});
});
});

560
libs/common/src/services/web-crypto-function.service.spec.ts Normal file
View File

@@ -0,0 +1,560 @@
// eslint-disable-next-line no-restricted-imports
import { Substitute } from "@fluffy-spoon/substitute";
import { PlatformUtilsService } from "../abstractions/platformUtils.service";
import { Utils } from "../misc/utils";
import { SymmetricCryptoKey } from "../models/domain/symmetric-crypto-key";
import { WebCryptoFunctionService } from "./webCryptoFunction.service";
const RsaPublicKey =
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0Vawl/toXzkEvB82FEtqHP" +
"4xlU2ab/v0crqIfXfIoWF/XXdHGIdrZeilnRXPPJT1B9dTsasttEZNnua/0Rek/cjNDHtzT52irfoZYS7X6HNIfOi54Q+egP" +
"RQ1H7iNHVZz3K8Db9GCSKPeC8MbW6gVCzb15esCe1gGzg6wkMuWYDFYPoh/oBqcIqrGah7firqB1nDedzEjw32heP2DAffVN" +
"084iTDjiWrJNUxBJ2pDD5Z9dT3MzQ2s09ew1yMWK2z37rT3YerC7OgEDmo3WYo3xL3qYJznu3EO2nmrYjiRa40wKSjxsTlUc" +
"xDF+F0uMW8oR9EMUHgepdepfAtLsSAQIDAQAB";
const RsaPrivateKey =
"MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCXRVrCX+2hfOQS8Hz" +
"YUS2oc/jGVTZpv+/Ryuoh9d8ihYX9dd0cYh2tl6KWdFc88lPUH11Oxqy20Rk2e5r/RF6T9yM0Me3NPnaKt+hlhLtfoc0h86L" +
"nhD56A9FDUfuI0dVnPcrwNv0YJIo94LwxtbqBULNvXl6wJ7WAbODrCQy5ZgMVg+iH+gGpwiqsZqHt+KuoHWcN53MSPDfaF4/" +
"YMB99U3TziJMOOJask1TEEnakMPln11PczNDazT17DXIxYrbPfutPdh6sLs6AQOajdZijfEvepgnOe7cQ7aeatiOJFrjTApK" +
"PGxOVRzEMX4XS4xbyhH0QxQeB6l16l8C0uxIBAgMBAAECggEASaWfeVDA3cVzOPFSpvJm20OTE+R6uGOU+7vh36TX/POq92q" +
"Buwbd0h0oMD32FxsXywd2IxtBDUSiFM9699qufTVuM0Q3tZw6lHDTOVG08+tPdr8qSbMtw7PGFxN79fHLBxejjO4IrM9lapj" +
"WpxEF+11x7r+wM+0xRZQ8sNFYG46aPfIaty4BGbL0I2DQ2y8I57iBCAy69eht59NLMm27fRWGJIWCuBIjlpfzET1j2HLXUIh" +
"5bTBNzqaN039WH49HczGE3mQKVEJZc/efk3HaVd0a1Sjzyn0QY+N1jtZN3jTRbuDWA1AknkX1LX/0tUhuS3/7C3ejHxjw4Dk" +
"1ZLo5/QKBgQDIWvqFn0+IKRSu6Ua2hDsufIHHUNLelbfLUMmFthxabcUn4zlvIscJO00Tq/ezopSRRvbGiqnxjv/mYxucvOU" +
"BeZtlus0Q9RTACBtw9TGoNTmQbEunJ2FOSlqbQxkBBAjgGEppRPt30iGj/VjAhCATq2MYOa/X4dVR51BqQAFIEwKBgQDBSIf" +
"TFKC/hDk6FKZlgwvupWYJyU9RkyfstPErZFmzoKhPkQ3YORo2oeAYmVUbS9I2iIYpYpYQJHX8jMuCbCz4ONxTCuSIXYQYUcU" +
"q4PglCKp31xBAE6TN8SvhfME9/MvuDssnQinAHuF0GDAhF646T3LLS1not6Vszv7brwSoGwKBgQC88v/8cGfi80ssQZeMnVv" +
"q1UTXIeQcQnoY5lGHJl3K8mbS3TnXE6c9j417Fdz+rj8KWzBzwWXQB5pSPflWcdZO886Xu/mVGmy9RWgLuVFhXwCwsVEPjNX" +
"5ramRb0/vY0yzenUCninBsIxFSbIfrPtLUYCc4hpxr+sr2Mg/y6jpvQKBgBezMRRs3xkcuXepuI2R+BCXL1/b02IJTUf1F+1" +
"eLLGd7YV0H+J3fgNc7gGWK51hOrF9JBZHBGeOUPlaukmPwiPdtQZpu4QNE3l37VlIpKTF30E6mb+BqR+nht3rUjarnMXgAoE" +
"Z18y6/KIjpSMpqC92Nnk/EBM9EYe6Cf4eA9ApAoGAeqEUg46UTlJySkBKURGpIs3v1kkf5I0X8DnOhwb+HPxNaiEdmO7ckm8" +
"+tPVgppLcG0+tMdLjigFQiDUQk2y3WjyxP5ZvXu7U96jaJRI8PFMoE06WeVYcdIzrID2HvqH+w0UQJFrLJ/0Mn4stFAEzXKZ" +
"BokBGnjFnTnKcs7nv/O8=";
const Sha1Mac = "4d4c223f95dc577b665ec4ccbcb680b80a397038";
const Sha256Mac = "6be3caa84922e12aaaaa2f16c40d44433bb081ef323db584eb616333ab4e874f";
const Sha512Mac =
"21910e341fa12106ca35758a2285374509326c9fbe0bd64e7b99c898f841dc948c58ce66d3504d8883c" +
"5ea7817a0b7c5d4d9b00364ccd214669131fc17fe4aca";
describe("WebCrypto Function Service", () => {
describe("pbkdf2", () => {
const regular256Key = "pj9prw/OHPleXI6bRdmlaD+saJS4awrMiQsQiDjeu2I=";
const utf8256Key = "yqvoFXgMRmHR3QPYr5pyR4uVuoHkltv9aHUP63p8n7I=";
const unicode256Key = "ZdeOata6xoRpB4DLp8zHhXz5kLmkWtX5pd+TdRH8w8w=";
const regular512Key =
"liTi/Ke8LPU1Qv+Vl7NGEVt/XMbsBVJ2kQxtVG/Z1/JFHFKQW3ZkI81qVlwTiCpb+cFXzs+57" +
"eyhhx5wfKo5Cg==";
const utf8512Key =
"df0KdvIBeCzD/kyXptwQohaqUa4e7IyFUyhFQjXCANu5T+scq55hCcE4dG4T/MhAk2exw8j7ixRN" +
"zXANiVZpnw==";
const unicode512Key =
"FE+AnUJaxv8jh+zUDtZz4mjjcYk0/PZDZm+SLJe3XtxtnpdqqpblX6JjuMZt/dYYNMOrb2+mD" +
"L3FiQDTROh1lg==";
testPbkdf2("sha256", regular256Key, utf8256Key, unicode256Key);
testPbkdf2("sha512", regular512Key, utf8512Key, unicode512Key);
});
describe("hkdf", () => {
const regular256Key = "qBUmEYtwTwwGPuw/z6bs/qYXXYNUlocFlyAuuANI8Pw=";
const utf8256Key = "6DfJwW1R3txgiZKkIFTvVAb7qVlG7lKcmJGJoxR2GBU=";
const unicode256Key = "gejGI82xthA+nKtKmIh82kjw+ttHr+ODsUoGdu5sf0A=";
const regular512Key = "xe5cIG6ZfwGmb1FvsOedM0XKOm21myZkjL/eDeKIqqM=";
const utf8512Key = "XQMVBnxVEhlvjSFDQc77j5GDE9aorvbS0vKnjhRg0LY=";
const unicode512Key = "148GImrTbrjaGAe/iWEpclINM8Ehhko+9lB14+52lqc=";
testHkdf("sha256", regular256Key, utf8256Key, unicode256Key);
testHkdf("sha512", regular512Key, utf8512Key, unicode512Key);
});
describe("hkdfExpand", () => {
const prk16Byte = "criAmKtfzxanbgea5/kelQ==";
const prk32Byte = "F5h4KdYQnIVH4rKH0P9CZb1GrR4n16/sJrS0PsQEn0Y=";
const prk64Byte =
"ssBK0mRG17VHdtsgt8yo4v25CRNpauH+0r2fwY/E9rLyaFBAOMbIeTry+" +
"gUJ28p8y+hFh3EI9pcrEWaNvFYonQ==";
testHkdfExpand("sha256", prk32Byte, 32, "BnIqJlfnHm0e/2iB/15cbHyR19ARPIcWRp4oNS22CD8=");
testHkdfExpand(
"sha256",
prk32Byte,
64,
"BnIqJlfnHm0e/2iB/15cbHyR19ARPIcWRp4oNS22CD9BV+" +
"/queOZenPNkDhmlVyL2WZ3OSU5+7ISNF5NhNfvZA=="
);
testHkdfExpand("sha512", prk64Byte, 32, "uLWbMWodSBms5uGJ5WTRTesyW+MD7nlpCZvagvIRXlk=");
testHkdfExpand(
"sha512",
prk64Byte,
64,
"uLWbMWodSBms5uGJ5WTRTesyW+MD7nlpCZvagvIRXlkY5Pv0sB+" +
"MqvaopmkC6sD/j89zDwTV9Ib2fpucUydO8w=="
);
it("should fail with prk too small", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const f = cryptoFunctionService.hkdfExpand(
Utils.fromB64ToArray(prk16Byte),
"info",
32,
"sha256"
);
await expect(f).rejects.toEqual(new Error("prk is too small."));
});
it("should fail with outputByteSize is too large", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const f = cryptoFunctionService.hkdfExpand(
Utils.fromB64ToArray(prk32Byte),
"info",
8161,
"sha256"
);
await expect(f).rejects.toEqual(new Error("outputByteSize is too large."));
});
});
describe("hash", () => {
const regular1Hash = "2a241604fb921fad12bf877282457268e1dccb70";
const utf81Hash = "85672798dc5831e96d6c48655d3d39365a9c88b6";
const unicode1Hash = "39c975935054a3efc805a9709b60763a823a6ad4";
const regular256Hash = "2b8e96031d352a8655d733d7a930b5ffbea69dc25cf65c7bca7dd946278908b2";
const utf8256Hash = "25fe8440f5b01ed113b0a0e38e721b126d2f3f77a67518c4a04fcde4e33eeb9d";
const unicode256Hash = "adc1c0c2afd6e92cefdf703f9b6eb2c38e0d6d1a040c83f8505c561fea58852e";
const regular512Hash =
"c15cf11d43bde333647e3f559ec4193bb2edeaa0e8b902772f514cdf3f785a3f49a6e02a4b87b3" +
"b47523271ad45b7e0aebb5cdcc1bc54815d256eb5dcb80da9d";
const utf8512Hash =
"035c31a877a291af09ed2d3a1a293e69c3e079ea2cecc00211f35e6bce10474ca3ad6e30b59e26118" +
"37463f20969c5bc95282965a051a88f8cdf2e166549fcdd";
const unicode512Hash =
"2b16a5561af8ad6fe414cc103fc8036492e1fc6d9aabe1b655497054f760fe0e34c5d100ac773d" +
"9f3030438284f22dbfa20cb2e9b019f2c98dfe38ce1ef41bae";
const regularMd5 = "5eceffa53a5fd58c44134211e2c5f522";
const utf8Md5 = "3abc9433c09551b939c80aa0aa3174e1";
const unicodeMd5 = "85ae134072c8d81257933f7045ba17ca";
testHash("sha1", regular1Hash, utf81Hash, unicode1Hash);
testHash("sha256", regular256Hash, utf8256Hash, unicode256Hash);
testHash("sha512", regular512Hash, utf8512Hash, unicode512Hash);
testHash("md5", regularMd5, utf8Md5, unicodeMd5);
});
describe("hmac", () => {
testHmac("sha1", Sha1Mac);
testHmac("sha256", Sha256Mac);
testHmac("sha512", Sha512Mac);
});
describe("compare", () => {
it("should successfully compare two of the same values", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const a = new Uint8Array(2);
a[0] = 1;
a[1] = 2;
const equal = await cryptoFunctionService.compare(a.buffer, a.buffer);
expect(equal).toBe(true);
});
it("should successfully compare two different values of the same length", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const a = new Uint8Array(2);
a[0] = 1;
a[1] = 2;
const b = new Uint8Array(2);
b[0] = 3;
b[1] = 4;
const equal = await cryptoFunctionService.compare(a.buffer, b.buffer);
expect(equal).toBe(false);
});
it("should successfully compare two different values of different lengths", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const a = new Uint8Array(2);
a[0] = 1;
a[1] = 2;
const b = new Uint8Array(2);
b[0] = 3;
const equal = await cryptoFunctionService.compare(a.buffer, b.buffer);
expect(equal).toBe(false);
});
});
describe("hmacFast", () => {
testHmacFast("sha1", Sha1Mac);
testHmacFast("sha256", Sha256Mac);
testHmacFast("sha512", Sha512Mac);
});
describe("compareFast", () => {
it("should successfully compare two of the same values", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const a = new Uint8Array(2);
a[0] = 1;
a[1] = 2;
const aByteString = Utils.fromBufferToByteString(a.buffer);
const equal = await cryptoFunctionService.compareFast(aByteString, aByteString);
expect(equal).toBe(true);
});
it("should successfully compare two different values of the same length", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const a = new Uint8Array(2);
a[0] = 1;
a[1] = 2;
const aByteString = Utils.fromBufferToByteString(a.buffer);
const b = new Uint8Array(2);
b[0] = 3;
b[1] = 4;
const bByteString = Utils.fromBufferToByteString(b.buffer);
const equal = await cryptoFunctionService.compareFast(aByteString, bByteString);
expect(equal).toBe(false);
});
it("should successfully compare two different values of different lengths", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const a = new Uint8Array(2);
a[0] = 1;
a[1] = 2;
const aByteString = Utils.fromBufferToByteString(a.buffer);
const b = new Uint8Array(2);
b[0] = 3;
const bByteString = Utils.fromBufferToByteString(b.buffer);
const equal = await cryptoFunctionService.compareFast(aByteString, bByteString);
expect(equal).toBe(false);
});
});
describe("aesEncrypt", () => {
it("should successfully encrypt data", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const iv = makeStaticByteArray(16);
const key = makeStaticByteArray(32);
const data = Utils.fromUtf8ToArray("EncryptMe!");
const encValue = await cryptoFunctionService.aesEncrypt(data.buffer, iv.buffer, key.buffer);
expect(Utils.fromBufferToB64(encValue)).toBe("ByUF8vhyX4ddU9gcooznwA==");
});
it("should successfully encrypt and then decrypt data fast", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const iv = makeStaticByteArray(16);
const key = makeStaticByteArray(32);
const value = "EncryptMe!";
const data = Utils.fromUtf8ToArray(value);
const encValue = await cryptoFunctionService.aesEncrypt(data.buffer, iv.buffer, key.buffer);
const encData = Utils.fromBufferToB64(encValue);
const b64Iv = Utils.fromBufferToB64(iv.buffer);
const symKey = new SymmetricCryptoKey(key.buffer);
const params = cryptoFunctionService.aesDecryptFastParameters(encData, b64Iv, null, symKey);
const decValue = await cryptoFunctionService.aesDecryptFast(params);
expect(decValue).toBe(value);
});
it("should successfully encrypt and then decrypt data", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const iv = makeStaticByteArray(16);
const key = makeStaticByteArray(32);
const value = "EncryptMe!";
const data = Utils.fromUtf8ToArray(value);
const encValue = await cryptoFunctionService.aesEncrypt(data.buffer, iv.buffer, key.buffer);
const decValue = await cryptoFunctionService.aesDecrypt(encValue, iv.buffer, key.buffer);
expect(Utils.fromBufferToUtf8(decValue)).toBe(value);
});
});
describe("aesDecryptFast", () => {
it("should successfully decrypt data", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const iv = Utils.fromBufferToB64(makeStaticByteArray(16).buffer);
const symKey = new SymmetricCryptoKey(makeStaticByteArray(32).buffer);
const data = "ByUF8vhyX4ddU9gcooznwA==";
const params = cryptoFunctionService.aesDecryptFastParameters(data, iv, null, symKey);
const decValue = await cryptoFunctionService.aesDecryptFast(params);
expect(decValue).toBe("EncryptMe!");
});
});
describe("aesDecrypt", () => {
it("should successfully decrypt data", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const iv = makeStaticByteArray(16);
const key = makeStaticByteArray(32);
const data = Utils.fromB64ToArray("ByUF8vhyX4ddU9gcooznwA==");
const decValue = await cryptoFunctionService.aesDecrypt(data.buffer, iv.buffer, key.buffer);
expect(Utils.fromBufferToUtf8(decValue)).toBe("EncryptMe!");
});
});
describe("rsaEncrypt", () => {
it("should successfully encrypt and then decrypt data", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const pubKey = Utils.fromB64ToArray(RsaPublicKey);
const privKey = Utils.fromB64ToArray(RsaPrivateKey);
const value = "EncryptMe!";
const data = Utils.fromUtf8ToArray(value);
const encValue = await cryptoFunctionService.rsaEncrypt(data.buffer, pubKey.buffer, "sha1");
const decValue = await cryptoFunctionService.rsaDecrypt(encValue, privKey.buffer, "sha1");
expect(Utils.fromBufferToUtf8(decValue)).toBe(value);
});
});
describe("rsaDecrypt", () => {
it("should successfully decrypt data", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const privKey = Utils.fromB64ToArray(RsaPrivateKey);
const data = Utils.fromB64ToArray(
"A1/p8BQzN9UrbdYxUY2Va5+kPLyfZXF9JsZrjeEXcaclsnHurdxVAJcnbEqYMP3UXV" +
"4YAS/mpf+Rxe6/X0WS1boQdA0MAHSgx95hIlAraZYpiMLLiJRKeo2u8YivCdTM9V5vuAEJwf9Tof/qFsFci3sApdbATkorCT" +
"zFOIEPF2S1zgperEP23M01mr4dWVdYN18B32YF67xdJHMbFhp5dkQwv9CmscoWq7OE5HIfOb+JAh7BEZb+CmKhM3yWJvoR/D" +
"/5jcercUtK2o+XrzNrL4UQ7yLZcFz6Bfwb/j6ICYvqd/YJwXNE6dwlL57OfwJyCdw2rRYf0/qI00t9u8Iitw=="
);
const decValue = await cryptoFunctionService.rsaDecrypt(data.buffer, privKey.buffer, "sha1");
expect(Utils.fromBufferToUtf8(decValue)).toBe("EncryptMe!");
});
});
describe("rsaExtractPublicKey", () => {
it("should successfully extract key", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const privKey = Utils.fromB64ToArray(RsaPrivateKey);
const publicKey = await cryptoFunctionService.rsaExtractPublicKey(privKey.buffer);
expect(Utils.fromBufferToB64(publicKey)).toBe(RsaPublicKey);
});
});
describe("rsaGenerateKeyPair", () => {
testRsaGenerateKeyPair(1024);
testRsaGenerateKeyPair(2048);
// Generating 4096 bit keys can be slow. Commenting it out to save CI.
// testRsaGenerateKeyPair(4096);
});
describe("randomBytes", () => {
it("should make a value of the correct length", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const randomData = await cryptoFunctionService.randomBytes(16);
expect(randomData.byteLength).toBe(16);
});
it("should not make the same value twice", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const randomData = await cryptoFunctionService.randomBytes(16);
const randomData2 = await cryptoFunctionService.randomBytes(16);
expect(
randomData.byteLength === randomData2.byteLength && randomData !== randomData2
).toBeTruthy();
});
});
});
function testPbkdf2(
algorithm: "sha256" | "sha512",
regularKey: string,
utf8Key: string,
unicodeKey: string
) {
const regularEmail = "user@example.com";
const utf8Email = "üser@example.com";
const regularPassword = "password";
const utf8Password = "pǻssword";
const unicodePassword = "😀password🙏";
it("should create valid " + algorithm + " key from regular input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const key = await cryptoFunctionService.pbkdf2(regularPassword, regularEmail, algorithm, 5000);
expect(Utils.fromBufferToB64(key)).toBe(regularKey);
});
it("should create valid " + algorithm + " key from utf8 input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const key = await cryptoFunctionService.pbkdf2(utf8Password, utf8Email, algorithm, 5000);
expect(Utils.fromBufferToB64(key)).toBe(utf8Key);
});
it("should create valid " + algorithm + " key from unicode input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const key = await cryptoFunctionService.pbkdf2(unicodePassword, regularEmail, algorithm, 5000);
expect(Utils.fromBufferToB64(key)).toBe(unicodeKey);
});
it("should create valid " + algorithm + " key from array buffer input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const key = await cryptoFunctionService.pbkdf2(
Utils.fromUtf8ToArray(regularPassword).buffer,
Utils.fromUtf8ToArray(regularEmail).buffer,
algorithm,
5000
);
expect(Utils.fromBufferToB64(key)).toBe(regularKey);
});
}
function testHkdf(
algorithm: "sha256" | "sha512",
regularKey: string,
utf8Key: string,
unicodeKey: string
) {
const ikm = Utils.fromB64ToArray("criAmKtfzxanbgea5/kelQ==");
const regularSalt = "salt";
const utf8Salt = "üser_salt";
const unicodeSalt = "😀salt🙏";
const regularInfo = "info";
const utf8Info = "üser_info";
const unicodeInfo = "😀info🙏";
it("should create valid " + algorithm + " key from regular input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const key = await cryptoFunctionService.hkdf(ikm, regularSalt, regularInfo, 32, algorithm);
expect(Utils.fromBufferToB64(key)).toBe(regularKey);
});
it("should create valid " + algorithm + " key from utf8 input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const key = await cryptoFunctionService.hkdf(ikm, utf8Salt, utf8Info, 32, algorithm);
expect(Utils.fromBufferToB64(key)).toBe(utf8Key);
});
it("should create valid " + algorithm + " key from unicode input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const key = await cryptoFunctionService.hkdf(ikm, unicodeSalt, unicodeInfo, 32, algorithm);
expect(Utils.fromBufferToB64(key)).toBe(unicodeKey);
});
it("should create valid " + algorithm + " key from array buffer input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const key = await cryptoFunctionService.hkdf(
ikm,
Utils.fromUtf8ToArray(regularSalt).buffer,
Utils.fromUtf8ToArray(regularInfo).buffer,
32,
algorithm
);
expect(Utils.fromBufferToB64(key)).toBe(regularKey);
});
}
function testHkdfExpand(
algorithm: "sha256" | "sha512",
b64prk: string,
outputByteSize: number,
b64ExpectedOkm: string
) {
const info = "info";
it("should create valid " + algorithm + " " + outputByteSize + " byte okm", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const okm = await cryptoFunctionService.hkdfExpand(
Utils.fromB64ToArray(b64prk),
info,
outputByteSize,
algorithm
);
expect(Utils.fromBufferToB64(okm)).toBe(b64ExpectedOkm);
});
}
function testHash(
algorithm: "sha1" | "sha256" | "sha512" | "md5",
regularHash: string,
utf8Hash: string,
unicodeHash: string
) {
const regularValue = "HashMe!!";
const utf8Value = "HǻshMe!!";
const unicodeValue = "😀HashMe!!!🙏";
it("should create valid " + algorithm + " hash from regular input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const hash = await cryptoFunctionService.hash(regularValue, algorithm);
expect(Utils.fromBufferToHex(hash)).toBe(regularHash);
});
it("should create valid " + algorithm + " hash from utf8 input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const hash = await cryptoFunctionService.hash(utf8Value, algorithm);
expect(Utils.fromBufferToHex(hash)).toBe(utf8Hash);
});
it("should create valid " + algorithm + " hash from unicode input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const hash = await cryptoFunctionService.hash(unicodeValue, algorithm);
expect(Utils.fromBufferToHex(hash)).toBe(unicodeHash);
});
it("should create valid " + algorithm + " hash from array buffer input", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const hash = await cryptoFunctionService.hash(
Utils.fromUtf8ToArray(regularValue).buffer,
algorithm
);
expect(Utils.fromBufferToHex(hash)).toBe(regularHash);
});
}
function testHmac(algorithm: "sha1" | "sha256" | "sha512", mac: string) {
it("should create valid " + algorithm + " hmac", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const computedMac = await cryptoFunctionService.hmac(
Utils.fromUtf8ToArray("SignMe!!").buffer,
Utils.fromUtf8ToArray("secretkey").buffer,
algorithm
);
expect(Utils.fromBufferToHex(computedMac)).toBe(mac);
});
}
function testHmacFast(algorithm: "sha1" | "sha256" | "sha512", mac: string) {
it("should create valid " + algorithm + " hmac", async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const keyByteString = Utils.fromBufferToByteString(Utils.fromUtf8ToArray("secretkey").buffer);
const dataByteString = Utils.fromBufferToByteString(Utils.fromUtf8ToArray("SignMe!!").buffer);
const computedMac = await cryptoFunctionService.hmacFast(
dataByteString,
keyByteString,
algorithm
);
expect(Utils.fromBufferToHex(Utils.fromByteStringToArray(computedMac).buffer)).toBe(mac);
});
}
function testRsaGenerateKeyPair(length: 1024 | 2048 | 4096) {
it(
"should successfully generate a " + length + " bit key pair",
async () => {
const cryptoFunctionService = getWebCryptoFunctionService();
const keyPair = await cryptoFunctionService.rsaGenerateKeyPair(length);
expect(keyPair[0] == null || keyPair[1] == null).toBe(false);
const publicKey = await cryptoFunctionService.rsaExtractPublicKey(keyPair[1]);
expect(Utils.fromBufferToB64(keyPair[0])).toBe(Utils.fromBufferToB64(publicKey));
},
30000
);
}
function getWebCryptoFunctionService() {
const platformUtilsMock = Substitute.for<PlatformUtilsService>();
platformUtilsMock.isEdge().mimicks(() => navigator.userAgent.indexOf(" Edg/") !== -1);
return new WebCryptoFunctionService(window);
}
function makeStaticByteArray(length: number) {
const arr = new Uint8Array(length);
for (let i = 0; i < length; i++) {
arr[i] = i;
}
return arr;
}

2
libs/common/src/tools/send/models/domain/send-access.spec.ts
View File

@@ -1,7 +1,7 @@
// eslint-disable-next-line no-restricted-imports
import { Substitute, Arg } from "@fluffy-spoon/substitute";
import { mockEnc } from "../../../../../spec/utils";
import { mockEnc } from "../../../../../spec";
import { SendType } from "../../enums/send-type";
import { SendAccessResponse } from "../response/send-access.response";

2
libs/common/src/tools/send/models/domain/send-file.spec.ts
View File

@@ -1,4 +1,4 @@
import { mockEnc } from "../../../../../spec/utils";
import { mockEnc } from "../../../../../spec";
import { SendFileData } from "../data/send-file.data";
import { SendFile } from "./send-file";

2
libs/common/src/tools/send/models/domain/send-text.spec.ts
View File

@@ -1,4 +1,4 @@
import { mockEnc } from "../../../../../spec/utils";
import { mockEnc } from "../../../../../spec";
import { SendTextData } from "../data/send-text.data";
import { SendText } from "./send-text";

2
libs/common/src/tools/send/models/domain/send.spec.ts
View File

@@ -1,7 +1,7 @@
// eslint-disable-next-line no-restricted-imports
import { Substitute, Arg, SubstituteOf } from "@fluffy-spoon/substitute";
import { makeStaticByteArray, mockEnc } from "../../../../../spec/utils";
import { makeStaticByteArray, mockEnc } from "../../../../../spec";
import { CryptoService } from "../../../../abstractions/crypto.service";
import { EncryptService } from "../../../../abstractions/encrypt.service";
import { EncString } from "../../../../models/domain/enc-string";

2
libs/common/src/vault/models/domain/attachment.spec.ts
View File

@@ -1,6 +1,6 @@
import { mock, MockProxy } from "jest-mock-extended";
import { makeStaticByteArray, mockEnc, mockFromJson } from "../../../../spec/utils";
import { makeStaticByteArray, mockEnc, mockFromJson } from "../../../../spec";
import { CryptoService } from "../../../abstractions/crypto.service";
import { EncryptService } from "../../../abstractions/encrypt.service";
import { EncString } from "../../../models/domain/enc-string";

2
libs/common/src/vault/models/domain/card.spec.ts
View File

@@ -1,4 +1,4 @@
import { mockEnc, mockFromJson } from "../../../../spec/utils";
import { mockEnc, mockFromJson } from "../../../../spec";
import { EncString } from "../../../models/domain/enc-string";
import { CardData } from "../../../vault/models/data/card.data";
import { Card } from "../../models/domain/card";

2
libs/common/src/vault/models/domain/cipher.spec.ts
View File

@@ -2,7 +2,7 @@
import { Substitute, Arg } from "@fluffy-spoon/substitute";
import { Jsonify } from "type-fest";
import { mockEnc, mockFromJson } from "../../../../spec/utils";
import { mockEnc, mockFromJson } from "../../../../spec";
import { FieldType, SecureNoteType, UriMatchType } from "../../../enums";
import { EncString } from "../../../models/domain/enc-string";
import { InitializerKey } from "../../../services/cryptography/initializer-key";

2
libs/common/src/vault/models/domain/field.spec.ts
View File

@@ -1,4 +1,4 @@
import { mockEnc, mockFromJson } from "../../../../spec/utils";
import { mockEnc, mockFromJson } from "../../../../spec";
import { FieldType } from "../../../enums";
import { EncString } from "../../../models/domain/enc-string";
import { FieldData } from "../../models/data/field.data";

2
libs/common/src/vault/models/domain/folder.spec.ts
View File

@@ -1,4 +1,4 @@
import { mockEnc, mockFromJson } from "../../../../spec/utils";
import { mockEnc, mockFromJson } from "../../../../spec";
import { EncString } from "../../../models/domain/enc-string";
import { FolderData } from "../../models/data/folder.data";
import { Folder } from "../../models/domain/folder";

2
libs/common/src/vault/models/domain/identity.spec.ts
View File

@@ -1,4 +1,4 @@
import { mockEnc, mockFromJson } from "../../../../spec/utils";
import { mockEnc, mockFromJson } from "../../../../spec";
import { EncString } from "../../../models/domain/enc-string";
import { IdentityData } from "../../models/data/identity.data";
import { Identity } from "../../models/domain/identity";

2
libs/common/src/vault/models/domain/login-uri.spec.ts
View File

@@ -1,6 +1,6 @@
import { Jsonify } from "type-fest";
import { mockEnc, mockFromJson } from "../../../../spec/utils";
import { mockEnc, mockFromJson } from "../../../../spec";
import { UriMatchType } from "../../../enums";
import { EncString } from "../../../models/domain/enc-string";
import { LoginUriData } from "../data/login-uri.data";

2
libs/common/src/vault/models/domain/login.spec.ts
View File

@@ -1,7 +1,7 @@
// eslint-disable-next-line no-restricted-imports
import { Substitute, Arg } from "@fluffy-spoon/substitute";
import { mockEnc, mockFromJson } from "../../../../spec/utils";
import { mockEnc, mockFromJson } from "../../../../spec";
import { UriMatchType } from "../../../enums";
import { EncString } from "../../../models/domain/enc-string";
import { LoginData } from "../../models/data/login.data";

2
libs/common/src/vault/models/domain/password.spec.ts
View File

@@ -1,4 +1,4 @@
import { mockEnc, mockFromJson } from "../../../../spec/utils";
import { mockEnc, mockFromJson } from "../../../../spec";
import { EncString } from "../../../models/domain/enc-string";
import { PasswordHistoryData } from "../../models/data/password-history.data";
import { Password } from "../../models/domain/password";

2
libs/common/src/vault/models/view/attachment.view.spec.ts
View File

@@ -1,4 +1,4 @@
import { mockFromJson } from "../../../../spec/utils";
import { mockFromJson } from "../../../../spec";
import { SymmetricCryptoKey } from "../../../models/domain/symmetric-crypto-key";
import { AttachmentView } from "./attachment.view";

2
libs/common/src/vault/models/view/cipher.view.spec.ts
View File

@@ -1,4 +1,4 @@
import { mockFromJson } from "../../../../spec/utils";
import { mockFromJson } from "../../../../spec";
import { CipherType } from "../../enums/cipher-type";
import { AttachmentView } from "./attachment.view";

2
libs/common/src/vault/models/view/login.view.spec.ts
View File

@@ -1,4 +1,4 @@
import { mockFromJson } from "../../../../spec/utils";
import { mockFromJson } from "../../../../spec";
import { LoginUriView } from "./login-uri.view";
import { LoginView } from "./login.view";