34 lines
865 B
JavaScript
34 lines
865 B
JavaScript
"use strict";
|
|
|
|
const test = require("node:test");
|
|
const assert = require("node:assert/strict");
|
|
const { hmacSHA256Hex, verifySignature } = require("../src/lib/signature");
|
|
|
|
test("verifies valid signature", () => {
|
|
const payload = JSON.stringify({ hello: "world" });
|
|
const secret = "topsecret";
|
|
const sig = hmacSHA256Hex(payload, secret);
|
|
|
|
assert.equal(
|
|
verifySignature({ payload, secret, signature: `sha256=${sig}` }),
|
|
true,
|
|
);
|
|
});
|
|
|
|
test("rejects invalid signature", () => {
|
|
const payload = JSON.stringify({ hello: "world" });
|
|
const secret = "topsecret";
|
|
|
|
assert.equal(
|
|
verifySignature({ payload, secret, signature: "sha256=deadbeef" }),
|
|
false,
|
|
);
|
|
});
|
|
|
|
test("rejects missing signature", () => {
|
|
const payload = "abc";
|
|
const secret = "topsecret";
|
|
|
|
assert.equal(verifySignature({ payload, secret, signature: "" }), false);
|
|
});
|