feat(auth): add methods to verify auth token

kleros · May 8, 2018 · 76e16ad · 76e16ad
1 parent 26ea105
commit 76e16ad
Show file tree

Hide file tree

Showing 6 changed files with 57 additions and 11 deletions.
diff --git a/src/constants/error.js b/src/constants/error.js
@@ -80,3 +80,8 @@ export const MISSING_STORE_PROVIDER =
 export const MISSING_CONTRACT_INSTANCE = contractAddress =>
   `No contract instance stored for ${contractAddress}. Please call addContractInstance.`
 export const ERROR_FETCHING_EVENTS = error => `Unable to fetch events: ${error}`
+
+// Auth
+export const UNABLE_TO_SIGN_TOKEN = `There was an error signing the auth token. Please try again`
+export const INVALID_AUTH_TOKEN = msg =>
+  `Authorization Token is invalid: ${msg}`
diff --git a/src/resources/Auth.js b/src/resources/Auth.js
@@ -1,6 +1,7 @@
 import Personal from 'web3-eth-personal'
 
 import isRequired from '../utils/isRequired'
+import { UNABLE_TO_SIGN_TOKEN } from '../constants/error'
 
 class Auth {
   constructor(
@@ -34,13 +35,16 @@ class Auth {
    * @param {string} userAddress - Address of the user profile
    * @returns {string} Signed token for future use.
    */
-  validateNewAuthToken = async userAddress => {
+  getNewAuthToken = async userAddress => {
     const unsignedToken = (await this._StoreProviderInstance.newAuthToken(
       userAddress
     )).unsignedToken
 
     const signedToken = await this.signMessage(userAddress, unsignedToken)
-    this.setAuthToken(signedToken)
+    // make sure token is valid
+    if (!await this.validateAuthToken(userAddress, signedToken))
+      throw new Error(UNABLE_TO_SIGN_TOKEN)
+
     return signedToken
   }
 
@@ -60,6 +64,15 @@ class Auth {
       })
     })
   }
+
+  /**
+   * Validate an auth token.
+   * @param {string} userAddress - The address of the user.
+   * @param {string} authToken - Token to check.
+   * @returns {Promise} resolves to True if token is valid.
+   */
+  validateAuthToken = (userAddress, authToken) =>
+    this._StoreProviderInstance.isTokenValid(userAddress, authToken)
 }
 
 export default Auth
diff --git a/src/utils/StoreProviderWrapper.js b/src/utils/StoreProviderWrapper.js
@@ -51,6 +51,10 @@ class StoreProviderWrapper {
               body = JSON.parse(httpRequest.responseText)
               // eslint-disable-next-line no-unused-vars
             } catch (err) {}
+            // auth token error
+            if (httpRequest.status === 401)
+              reject(errorConstants.INVALID_AUTH_TOKEN(body.error))
+
             resolve({
               body: body,
               status: httpRequest.status
@@ -59,7 +63,7 @@ class StoreProviderWrapper {
         }
         httpRequest.send(body)
       } catch (err) {
-        reject(err)
+        reject(errorConstants.REQUEST_FAILED(err))
       }
     })
   }
@@ -110,6 +114,29 @@ class StoreProviderWrapper {
     return newTokenResponse.body
   }
 
+  /**
+   * Validate auth token
+   * @param {string} userAddress - Address of user profile.
+   * @param {string} token - <optional> token to use. Sets token.
+   * @returns {bool} - True if token is valid.
+   */
+  isTokenValid = async (userAddress, token) => {
+    if (token) this.setAuthToken(token)
+
+    try {
+      const response = await this._makeRequest(
+        'POST',
+        `${this._storeUri}/${userAddress}/authToken/verify`,
+        JSON.stringify({})
+      )
+
+      return response.status === 201
+      // eslint-disable-next-line no-unused-vars
+    } catch (err) {
+      return false
+    }
+  }
+
   // **************************** //
   // *          Read            * //
   // **************************** //

diff --git a/tests/integration/storeAuth.test.js b/tests/integration/storeAuth.test.js
@@ -36,7 +36,8 @@ describe('Auth', () => {
       '0x7b2276657273696f6e223a312c2265787069726174696f6e223a313532353830303831313932307d'
     const mockStoreProvider = {
       newAuthToken: () => ({ unsignedToken: mockToken }),
-      setAuthToken: () => true
+      setAuthToken: () => true,
+      isTokenValid: () => true
     }
     // set new store provider
     klerosInstance.auth.setStoreProviderInstance(mockStoreProvider)
@@ -51,7 +52,7 @@ describe('Auth', () => {
         })
       })
 
-    const signedToken = await klerosInstance.auth.validateNewAuthToken(
+    const signedToken = await klerosInstance.auth.getNewAuthToken(
       loggedInUserAddress
     )
 

diff --git a/tests/unit/contracts/abstractions/Arbitrator.test.js b/tests/unit/contracts/abstractions/Arbitrator.test.js
@@ -19,7 +19,7 @@ describe('Arbitrator', () => {
         disputeId: '1'
       }
       const mockStoreProvider = {
-        getDisputesForUser: mockGetDisputesForUser.mockReturnValue(
+        getDisputes: mockGetDisputesForUser.mockReturnValue(
           _asyncMockResponse([mockDispute])
         ),
         setUpUserProfile: mockShouldNotCall
@@ -51,7 +51,7 @@ describe('Arbitrator', () => {
         disputeId: '1'
       }
       const mockStoreProvider = {
-        getDisputesForUser: mockGetDisputesForUser.mockReturnValue(
+        getDisputes: mockGetDisputesForUser.mockReturnValue(
           _asyncMockResponse([mockDispute])
         ),
         setUpUserProfile: mockSetUpUserProfile.mockReturnValue(
@@ -91,7 +91,7 @@ describe('Arbitrator', () => {
         appealDraws: [1]
       }
       const mockStoreProvider = {
-        getDisputesForUser: mockGetDisputesForUser.mockReturnValue(
+        getDisputes: mockGetDisputesForUser.mockReturnValue(
           _asyncMockResponse([mockDispute])
         ),
         setUpUserProfile: mockSetUpUserProfile.mockReturnValue(

diff --git a/tests/unit/resources/Disputes.test.js b/tests/unit/resources/Disputes.test.js
@@ -178,7 +178,7 @@ describe('Disputes', () => {
       }
       const mockStoreProvider = {
         getContractByAddress: jest.fn().mockReturnValue(mockContract),
-        getDisputeData: jest.fn().mockReturnValue(mockUserData)
+        getDisputeDataForUser: jest.fn().mockReturnValue(mockUserData)
       }
       disputesInstance.setStoreProviderInstance(mockStoreProvider)
 
@@ -293,7 +293,7 @@ describe('Disputes', () => {
       }
       const mockStoreProvider = {
         getContractByAddress: jest.fn().mockReturnValue(mockContract),
-        getDisputeData: jest.fn().mockReturnValue(mockUserData)
+        getDisputeDataForUser: jest.fn().mockReturnValue(mockUserData)
       }
       disputesInstance.setStoreProviderInstance(mockStoreProvider)
 
@@ -410,7 +410,7 @@ describe('Disputes', () => {
       }
       const mockStoreProvider = {
         getContractByAddress: jest.fn().mockReturnValue(mockContract),
-        getDisputeData: jest.fn().mockReturnValue(mockUserData)
+        getDisputeDataForUser: jest.fn().mockReturnValue(mockUserData)
       }
       disputesInstance.setStoreProviderInstance(mockStoreProvider)