Clients who specified no key could publish services and make changes
rejected.js test was broken
Added missing_key.js test
This fixes bugs in the authorized key verification logic. Clients who specified no key could publish services.
Also, the "rejected" test was broken. It wasn't passing authorized keys properly, passing the set of keys rather than just the public key. It also expected to receive a reject event on message type address which shouldn't happen because "untrusted" should still be able to connect and query, just not register services and change data. So the test logic was changed to look for a reject emitted on the server for the service registration attempt.
Going forward, it seems incomplete that the the untrusted isn't notified that there key is invalid and that there service registration failed because of an invalid key, unless we trigger a delete change event on the registration that should delete their local copy. For another day...
Authorized keys bug fix
Merged and published in 1.5.1.
Suuuuuper fast! Thanks!
Awesome thanks for fixing this @mbrevoort and thanks @substack for adding in these changes so quickly!