diff --git a/config_sample.json b/config_sample.json
index e6da2d1..ca5724a 100644
--- a/config_sample.json
+++ b/config_sample.json
@@ -7,7 +7,7 @@
"accessToken" : {
"cipherKey" : "unsecureKey1",
"signKey" : "unsecureKey2",
- "expiration" : 10
+ "expiration" : 1000
},
"refreshToken" : {
"cipherKey" : "unsecureKey3",
@@ -65,6 +65,12 @@
"avatars": "example-avatars"
}
},
+ "validators": {
+ "profile": {
+ "path": "",
+ "filename": "profile_create.json"
+ }
+ },
"phoneVerification": {
"pinSize": 4,
"attempts": 3,
@@ -83,7 +89,7 @@
}
]
},
- "emailVerification":{
+ "emailVerification": {
"subject": "Example email verification",
"body": "Thanks for register into Example, here is a link to activate your account click
here
If you have any problems on this process, please contact support@example.com and we will be pleased to help you.
",
"compatibleEmailDevices": [ "*iPhone*", "*iPad*", "*iPod*" , "*Android*"],
@@ -95,7 +101,10 @@
"scheme":"mycomms"
},
"externalServices":{
- "notifications": "http://localhost:3002"
+ "notifications": {
+ "base": "http://localhost:3002",
+ "pathEmail": "/api/notification/email"
+ }
},
"version" : {
"header" : "x-example-version",
@@ -103,23 +112,24 @@
"test" : {
"link" : "http://testLink",
"1" : true
- }
- },
+ },
"installPath" : "/install",
"db":"mongodb://localhost/versionControl?w=1"
+ }
},
"allowedDomains":[
"*@a.com"
],
"password":{
+ "validateOldPassword": false,
"regexValidation": "(?=.*\\d)(?=.*[A-Z])(?=.*[a-z]).{8}",
"message": "Your password must be at least 8 characters and must contain at least one capital, one lower and one number.",
"generatedRegex": "([a-z][\\d][A-Z]){3,4}",
"subject" :"Recover Example User Password",
"body" : "Here is your new password for accessing to your Example account, if you want, you can update it anytime from your edit profile screen. __PASSWD__
you can also click here from your mobile device to get in. If you receiver this email by error or you are sure you didn't requested it, please contact support@example.com"
},
- "endpoints" : [
- {
+ "endpoints" : [
+ {
"path" : "\/api\/profile",
"methods" : ["POST", "PUT"],
"roles" : ["admin"]
@@ -140,6 +150,9 @@
}
],
"directProxyUrls": [
- "\/upload$"
+ "\/upload$"
+ ],
+ "allowedHeaders": [
+ "x-custom-header"
]
}
diff --git a/features/proxy.feature b/features/proxy.feature
index 0f4d432..2704133 100644
--- a/features/proxy.feature
+++ b/features/proxy.feature
@@ -10,3 +10,15 @@ Feature: reverse proxy protects an applicacion behind cipherlayer
| PATH | METHOD | STATUS | REQUEST_PAYLOAD | RESPONSE_PAYLOAD |
| /test/get200 | GET | 200 | | {"m":"GET", "s":"200"} |
| /test/post200 | POST | 200 | {"key":"value"} | {"m":"POST", "s":"200"} |
+
+ @only
+ Scenario Outline: A protected service returns a response header
+ Given a user with role user and a valid access token
+ And a protected service replies to a request with to with status and a body and header and value
+ When the application makes a with to a protected
+ Then the response status code is
+ And the response body must be
+ And the response headers contains the with
+ Examples:
+ | PATH | METHOD | STATUS | REQUEST_PAYLOAD | RESPONSE_PAYLOAD | ALLOWED_HEADER | HEADER_VALUE |
+ | /test/get200 | GET | 200 | | {"m":"GET", "s":"200"} | x-custom-header | test |
diff --git a/features/step_definitions/client_pass_through.js b/features/step_definitions/client_pass_through.js
index 529d9ad..fbac0bc 100644
--- a/features/step_definitions/client_pass_through.js
+++ b/features/step_definitions/client_pass_through.js
@@ -7,7 +7,7 @@ var config = require('../../config.json');
module.exports = function(){
this.When(/^the client makes a pass through (.*) with the following (.*) in the body$/, function (METHOD, PUBLIC_PAYLOAD, callback) {
- var notifServiceURL = config.externalServices.notifications;
+ var notifServiceURL = config.externalServices.notifications.base;
var options = {
url: 'http://localhost:' + config.public_port + config.passThroughEndpoint.path,
diff --git a/features/step_definitions/method_request_to_path.js b/features/step_definitions/method_request_to_path.js
index ad13c19..11d427c 100644
--- a/features/step_definitions/method_request_to_path.js
+++ b/features/step_definitions/method_request_to_path.js
@@ -5,6 +5,9 @@ var nock = require('nock');
var request = require('request');
var assert = require('assert');
+var NOTIFICATION_SERVICE_URL = config.externalServices.notifications.base;
+var NOTIFICATION_EMAIL_SERVICE_PATH = config.externalServices.notifications.pathEmail;
+
var myStepDefinitionsWrapper = function () {
this.When(/^the client makes a (.*) request to (.*)$/, function (METHOD, PATH, callback) {
@@ -18,12 +21,12 @@ var myStepDefinitionsWrapper = function () {
};
options.headers[config.version.header] = "test/1";
- nock(config.externalServices.notifications)
- .post('/notification/email')
+ nock(NOTIFICATION_SERVICE_URL)
+ .post(NOTIFICATION_EMAIL_SERVICE_PATH)
.reply(204);
request(options, function(err,res) {
- assert.equal(err,null);
+ assert.equal(err,null);
world.getResponse().statusCode = res.statusCode;
callback();
});
diff --git a/features/step_definitions/protected_service_call.js b/features/step_definitions/protected_service_call.js
index 02022bd..9d26bb2 100644
--- a/features/step_definitions/protected_service_call.js
+++ b/features/step_definitions/protected_service_call.js
@@ -27,6 +27,8 @@ module.exports = function(){
} else {
world.getResponse().body = null;
}
+
+ world.getResponse().headers = res.headers;
callback();
});
});
diff --git a/features/step_definitions/protected_service_definiton.js b/features/step_definitions/protected_service_definiton.js
index a252792..73828b2 100644
--- a/features/step_definitions/protected_service_definiton.js
+++ b/features/step_definitions/protected_service_definiton.js
@@ -14,11 +14,24 @@ module.exports = function(){
callback();
});
+ this.Given(/^a protected service replies to a GET request with (.*) to (.*) with status (.*) and a body (.*) and header (.*) and value (.*)$/, function (REQUEST_PAYLOAD, PATH, STATUS, RESPONSE_PAYLOAD, ALLOWED_HEADER, HEADER_VALUE, callback){
+ var headers = {};
+ headers[ALLOWED_HEADER] = HEADER_VALUE;
+ nock('http://localhost:'+config.private_port, {
+ reqheaders: {
+ 'Content-Type': 'application/json; charset=utf-8',
+ 'x-user-id' : world.getUser().id
+ }
+ }).get(PATH).reply(Number(STATUS), JSON.parse(RESPONSE_PAYLOAD), headers);
+
+ callback();
+ });
+
this.Given(/^a protected service replies to a POST request with (.*) to (.*) with status (.*) and a body (.*)$/, function (REQUEST_PAYLOAD, PATH, STATUS, RESPONSE_PAYLOAD, callback){
nock('http://localhost:'+config.private_port)
.post(PATH, JSON.parse(REQUEST_PAYLOAD))
.reply(Number(STATUS), JSON.parse(RESPONSE_PAYLOAD));
-
+
callback();
});
diff --git a/features/step_definitions/response_header_content.js b/features/step_definitions/response_header_content.js
new file mode 100644
index 0000000..79588de
--- /dev/null
+++ b/features/step_definitions/response_header_content.js
@@ -0,0 +1,9 @@
+var world = require('../support/world');
+var assert = require('assert');
+
+module.exports = function(){
+ this.Given(/^the response headers contains the (.*) with (.*)$/, function (ALLOWEDHEADER, HEADERVALUE, callback) {
+ assert.equal(world.getResponse().headers[ALLOWEDHEADER], HEADERVALUE);
+ callback();
+ });
+};
diff --git a/scripts/add_users.js b/scripts/add_users.js
new file mode 100644
index 0000000..984aebe
--- /dev/null
+++ b/scripts/add_users.js
@@ -0,0 +1,98 @@
+var async = require('async'),
+ fs = require('fs'),
+ nock = require('nock'),
+ userMng = require('../src/managers/user'),
+ config = require('../config.json'),
+ userDao = require('../src/managers/dao.js');
+/*
+ * Objects for `async.eachSeries`
+ */
+
+// Function to apply to each fixture
+var addFixture = function(fixture, callback) {
+
+ var data = fixture;
+
+ // Define user object to be passed to userMng
+ var pin = null;
+ var profileBody = {
+ id: data._id.$oid || data._id,
+ email: data.email,
+ password: data.password || (process.env.DEFAULT_PASS ? process.env.DEFAULT_PASS : "qwerty")
+ };
+
+ if(!profileBody.id || !profileBody.email || !profileBody.password) {
+ console.log("Missing mandatory parameter(s)");
+ return callback();
+ }
+ // Nock the createUser URL
+ nock('http://' + config.private_host + ':' + config.private_port + config.passThroughEndpoint.path, { reqheaders: {
+ 'Content-Type': 'application/json; charset=utf-8'
+ }})
+ .post(config.passThroughEndpoint.path)
+ .reply(201,profileBody);
+
+ // Save user data to database
+ userMng().createUser(profileBody, pin, function(err) {
+ if(err) {
+
+ if (err.err === 'auth_proxy_user_error') {
+ console.log(profileBody.email + " " + err.des);
+ return callback();
+ }
+ return callback(err);
+ }
+ console.log(profileBody.email + " added");
+ return callback();
+ });
+
+};
+
+/*
+ * Main part of the script:
+ * - Exports the function, or
+ * - Executes the function if running from CLI
+ */
+var runLoadFixtures = module.exports = function(fixtureFile, callback) {
+
+ console.log("running Load Fixtures");
+
+
+ async.eachSeries(fixtureFile, addFixture, callback);
+
+};
+
+if (!module.parent) { // Run as CLI command exec
+ async.series([
+
+ // Start cipherLayer components (mongodb, redis...)
+ function connect(done) {
+ userDao.connect(done);
+ },
+
+ function drop(done) {
+ if(!process.env.DROP_DB) return done();
+ console.log("Dropping database");
+ userDao.deleteAllUsers(done);
+ },
+
+ function load(done) {
+ fixtureFile = require(__dirname + '/' + '../tests/fixtures/' + 'User.json');
+ runLoadFixtures(fixtureFile,done);
+ },
+
+ function disconnect(done) {
+ userDao.disconnect(done);
+ }
+
+ ], function(err) {
+ if (err) {
+ console.error(err);
+ process.exit(1);
+ }
+
+ console.info('Fixtures loaded');
+ process.exit();
+ });
+
+}
diff --git a/src/managers/email.js b/src/managers/email.js
index a295f47..a8c1e8f 100644
--- a/src/managers/email.js
+++ b/src/managers/email.js
@@ -7,7 +7,7 @@ var redisMng = require('./redis');
var _settings = {};
function sendEmailVerification(email, subject, emailBody, cbk){
- var notifServiceURL = _settings.externalServices.notifications;
+ var notifServiceURL = _settings.externalServices.notifications.base;
var emailOptions = {
to: email,
subject: subject,
@@ -15,7 +15,7 @@ function sendEmailVerification(email, subject, emailBody, cbk){
};
var options = {
- url: notifServiceURL + '/notification/email',
+ url: notifServiceURL + _settings.externalServices.notifications.pathEmail,
headers: {
'Content-Type': 'application/json; charset=utf-8'
},
@@ -96,7 +96,7 @@ function sendEmailForgotPassword(email, passwd, link, cbk){
};
var options = {
- url: _settings.externalServices.notifications + '/notification/email',
+ url: _settings.externalServices.notifications.base + _settings.externalServices.notifications.pathEmail ,
headers: {
'Content-Type': 'application/json; charset=utf-8'
},
diff --git a/src/managers/json_formats/profile_downloader.json b/src/managers/json_formats/profile_downloader.json
new file mode 100644
index 0000000..b7e726a
--- /dev/null
+++ b/src/managers/json_formats/profile_downloader.json
@@ -0,0 +1,20 @@
+{
+ "id": "/Profile",
+ "type": "object",
+ "properties": {
+ "password": {
+ "type": "string",
+ "required": true
+ },
+ "email": {
+ "type": "string",
+ "format": "email",
+ "required": true
+ },
+ "name": {
+ "type": "string",
+ "required": true
+ }
+ },
+ "additionalProperties": true
+}
\ No newline at end of file
diff --git a/src/managers/json_validator.js b/src/managers/json_validator.js
index c276556..d23754a 100644
--- a/src/managers/json_validator.js
+++ b/src/managers/json_validator.js
@@ -5,12 +5,14 @@ module.exports = {
if( !json || Object.keys(json).length === 0) {
return false;
}
- if(schema) {
+
+ if (!schema) {
+ return true;
+ }
var result = (new Validator()).validate(json, schema);
if (result.errors.length > 0) {
return false;
}
- }
- return true;
+ return true;
}
};
\ No newline at end of file
diff --git a/src/managers/phone.js b/src/managers/phone.js
index 0bd82ba..65caeca 100644
--- a/src/managers/phone.js
+++ b/src/managers/phone.js
@@ -34,7 +34,7 @@ function createPIN(redisKeyId, phone, cbk){
}
function sendPIN(phone, pin, cbk){
- var notifServiceURL = _settings.externalServices.notifications;
+ var notifServiceURL = _settings.externalServices.notifications.base;
var sms = {
phone: phone,
text: 'MyComms pin code: ' + pin
diff --git a/src/managers/user.js b/src/managers/user.js
index 21e2536..e64d282 100644
--- a/src/managers/user.js
+++ b/src/managers/user.js
@@ -3,7 +3,7 @@ var request = require('request');
var crypto = require('crypto');
var _ = require('lodash');
var ciphertoken = require('ciphertoken');
-
+var config = require(process.cwd() + '/config.json');
var userDao = require('./dao');
var tokenMng = require('./token');
var redisMng = require('./redis');
@@ -154,12 +154,14 @@ function createUserByToken(token, cbk) {
}
var body = bodyData.data;
- var profileSchema = require('./json_formats/profile_create.json');
+ var profileSchema = _.isEmpty(config.validators.profile.path) ? require('./json_formats/' + config.validators.profile.filename) : config.validators.profile.path;
+
//Validate the current bodyData with the schema profile_create.json
if( !jsonValidator.isValidJSON(body, profileSchema) || !body.transactionId) {
+
return cbk({
err:'invalid_profile_data',
- des:'The data format provided is nor valid.',
+ des:'The data format provided is not valid.',
code: 400
});
}
@@ -309,6 +311,28 @@ function setPassword(id, body, cbk){
}
}
+function validateOldPassword(username, oldPassword, cbk) {
+
+ userDao.getAllUserFields(username, function(err, user) {
+ if (err) {
+ res.send(401, err);
+ return next();
+ }
+
+ cryptoMng.encrypt(oldPassword, function(encrypted){
+ if (user.password !== encrypted) {
+ return cbk({
+ err: 'invalid_old_password',
+ des: 'invalid password',
+ code: 401
+ });
+ }
+
+ return cbk();
+ });
+ });
+}
+
//Aux functions
function random (howMany, chars) {
chars = chars || "abcdefghijklmnopqrstuwxyzABCDEFGHIJKLMNOPQRSTUWXYZ0123456789";
@@ -352,6 +376,7 @@ module.exports = function(settings) {
setPlatformData : setPlatformData,
createUser : createUser,
createUserByToken : createUserByToken,
- setPassword: setPassword
+ setPassword: setPassword,
+ validateOldPassword: validateOldPassword
};
};
diff --git a/src/middlewares/propagateRequest.js b/src/middlewares/propagateRequest.js
index f31cfff..1b1cc1c 100644
--- a/src/middlewares/propagateRequest.js
+++ b/src/middlewares/propagateRequest.js
@@ -34,6 +34,9 @@ function propagateRequest(req, res, next) {
// if url is a direct proxy request, use http-proxy
if (useDirectProxy) {
+ // add user id to proxy request headers
+ req.headers['x-user-id'] = req.options.headers['x-user-id'];
+
proxy.web(req, res, {
target: 'http://' + config.private_host + ':' + config.private_port
});
@@ -70,6 +73,10 @@ function propagateRequest(req, res, next) {
},
user: req.user
}, 'proxy call');
+
+
+ transferAllowedHeaders(config.allowedHeaders, private_res, res);
+
if (private_res.statusCode === 302) {
res.header('Location', private_res.headers.location);
res.send(302);
@@ -83,4 +90,17 @@ function propagateRequest(req, res, next) {
}
}
+function transferAllowedHeaders(headers, srcRes, dstRes) {
+
+ if (!headers || !headers.length ) {
+ return;
+ }
+
+ _.map(headers, function(header) {
+ if (srcRes.headers[header]) {
+ dstRes.header(header, srcRes.headers[header] );
+ }
+ });
+}
+
module.exports = propagateRequest;
diff --git a/src/routes/user.js b/src/routes/user.js
index 7fdeab3..6fdc76e 100644
--- a/src/routes/user.js
+++ b/src/routes/user.js
@@ -140,6 +140,46 @@ function createUserByToken(req, res, next) {
});
}
+function checkBody(req, res, next) {
+ var err;
+ if (!req.body){
+ err = {
+ err: 'invalid_body',
+ des: 'The call to this url must have body.'
+ };
+ res.send(400, err);
+ return next(false);
+ }
+
+ return next();
+}
+
+function validateOldPassword(req, res, next) {
+ var err;
+ if (!config.password.validateOldPassword) {
+ return next();
+ }
+
+ if (!req.body.oldPassword) {
+ err = {
+ err: 'missing_password',
+ des: 'Missing old password validation'
+ };
+ res.send(400, err);
+ return next(false);
+ }
+
+ debug('validating old password', req.user.password, req.body);
+
+ userMng().validateOldPassword(req.user.username, req.body.oldPassword, function(err){
+ if (err) {
+ res.send(401, err);
+ return next(false);
+ }
+ return next();
+ });
+
+}
function setPassword(req, res, next){
if(!req.body){
res.send(400, {
@@ -172,7 +212,7 @@ function addRoutes(service){
service.post(config.passThroughEndpoint.path, createUserEndpoint);
service.get('/user/activate', createUserByToken);
- service.put('/user/me/password', checkAccessTokenParam, checkAuthHeader, decodeToken, findUser, setPassword);
+ service.put('/user/me/password', checkAccessTokenParam, checkAuthHeader, decodeToken, checkBody, findUser, validateOldPassword, setPassword);
}
module.exports = addRoutes;
diff --git a/tests/email.js b/tests/email.js
index 1a07965..2d6cf5e 100644
--- a/tests/email.js
+++ b/tests/email.js
@@ -5,7 +5,8 @@ var nock = require('nock');
var redisMng = require('../src/managers/redis');
var config = require('../config.json');
-var notifServiceURL = config.externalServices.notifications;
+var notifServiceURL = config.externalServices.notifications.base;
+var notifServicePath = config.externalServices.notifications.pathEmail;
describe('email', function() {
@@ -26,7 +27,7 @@ describe('email', function() {
});
nock(notifServiceURL)
- .post('/notification/email')
+ .post(notifServicePath)
.reply(204);
var email = "test@test.com";
diff --git a/tests/fixtures/User.json b/tests/fixtures/User.json
new file mode 100644
index 0000000..b2631f3
--- /dev/null
+++ b/tests/fixtures/User.json
@@ -0,0 +1,23 @@
+[
+ {
+ "_id": {"$oid": "01f0000000000000003f0004"},
+ "phone": "555-7891-2365",
+ "email": "nick@intelygenz.com",
+ "password": "1234",
+ "country": "PL"
+ },
+ {
+ "_id": {"$oid": "01f0000000000000003f0002"},
+ "phone": "555-8899-1324",
+ "email": "gustavo@intelygenz.com",
+ "password": "asdf",
+ "country": "AR"
+ },
+ {
+ "_id": {"$oid": "01f0000000000000003f0003"},
+ "phone": "555-0012-7453",
+ "email": "josemanuel@intelygenz.com",
+ "password": "abcd",
+ "country": "ES"
+ }
+]
\ No newline at end of file
diff --git a/tests/managerUser.js b/tests/managerUser.js
index b62b280..1fa4061 100644
--- a/tests/managerUser.js
+++ b/tests/managerUser.js
@@ -11,7 +11,8 @@ var cryptoMng = require('../src/managers/crypto')({ password : 'password' });
var config = require('../config.json');
-var notifServiceURL = config.externalServices.notifications;
+var notifServiceURL = config.externalServices.notifications.base;
+var notifServicePath = config.externalServices.notifications.pathEmail;
var accessTokenSettings = {
cipherKey: config.accessToken.cipherKey,
@@ -195,7 +196,7 @@ describe('user Manager', function(){
.reply(201, {id: expectedUserId});
nock(notifServiceURL)
- .post('/notification/email')
+ .post(notifServicePath)
.reply(204);
userMng(testsConfigSettings).createUser( profileBody, pin, function(err, tokens){
@@ -225,7 +226,7 @@ describe('user Manager', function(){
.reply(201, {id: expectedUserId});
nock(notifServiceURL)
- .post('/notification/email')
+ .post(notifServicePath)
.reply(204);
userMng(testsConfigSettings).createUser( profileBody, pin, function(err, tokens){
@@ -545,7 +546,7 @@ describe('user Manager', function(){
var expectedError = {
err:"invalid_profile_data",
- des:"The data format provided is nor valid.",
+ des:"The data format provided is not valid.",
code:400
};
diff --git a/tests/phone.js b/tests/phone.js
index ecef7e5..1c3a707 100644
--- a/tests/phone.js
+++ b/tests/phone.js
@@ -36,8 +36,7 @@ describe('phone', function() {
password : 'validpassword'
};
- var notifServiceURL = config.externalServices.notifications;
-
+ var notifServiceURL = config.externalServices.notifications.base;
beforeEach(function(done){
async.parallel([
function(done){
@@ -68,7 +67,8 @@ describe('phone', function() {
});
it('create pin', function(done){
- nock(notifServiceURL)
+
+ nock(notifServiceURL)
.post('/notification/sms')
.reply(204);
diff --git a/tests/pinValidation.js b/tests/pinValidation.js
index 02a2585..e060feb 100644
--- a/tests/pinValidation.js
+++ b/tests/pinValidation.js
@@ -5,7 +5,7 @@ var config = require('../config.json');
var redisMng = require('../src/managers/redis');
var countries = require('countries-info');
-var notifServiceURL = config.externalServices.notifications;
+var notifServiceURL = config.externalServices.notifications.base;
describe('middleware pinValidation', function(){
diff --git a/tests/proxy/protectedCallsPassThrough.js b/tests/proxy/protectedCallsPassThrough.js
index af9bcc5..12f2940 100644
--- a/tests/proxy/protectedCallsPassThrough.js
+++ b/tests/proxy/protectedCallsPassThrough.js
@@ -8,7 +8,7 @@ var redisMng = require('../../src/managers/redis');
var dao = require('../../src/managers/dao.js');
var config = require('../../config.json');
-var notificationsServiceURL = config.externalServices.notifications;
+var notificationsServiceURL = config.externalServices.notifications.base;
module.exports = {
itCreated: function created(accessTokenSettings, refreshTokenSettings){
diff --git a/tests/routesUser.js b/tests/routesUser.js
index b75932e..c315d56 100644
--- a/tests/routesUser.js
+++ b/tests/routesUser.js
@@ -18,6 +18,8 @@ var accessTokenSettings = {
};
var AUTHORIZATION;
+var NOTIFICATION_SERVICE_URL = config.externalServices.notifications.base;
+var NOTIFICATION_EMAIL_SERVICE_PATH = config.externalServices.notifications.pathEmail;
var createdUserId;
@@ -73,10 +75,11 @@ describe('user', function () {
},
method: 'GET'
};
+
options.headers[config.version.header] = "test/1";
- nock(config.externalServices.notifications)
- .post('/notification/email')
+ nock(NOTIFICATION_SERVICE_URL)
+ .post(NOTIFICATION_EMAIL_SERVICE_PATH)
.reply(201);
request(options, function (err, res, body) {
@@ -108,8 +111,8 @@ describe('user', function () {
};
options.headers[config.version.header] = "test/1";
- nock(config.externalServices.notifications)
- .post('/notification/email')
+ nock(NOTIFICATION_SERVICE_URL)
+ .post(NOTIFICATION_EMAIL_SERVICE_PATH)
.times(2)
.reply(204);
diff --git a/tests/verifyPhone.js b/tests/verifyPhone.js
index 68dfe75..d5cddc8 100644
--- a/tests/verifyPhone.js
+++ b/tests/verifyPhone.js
@@ -15,7 +15,7 @@ var redisMng = require('../src/managers/redis');
describe('/api/profile (verify phone)', function(){
- var notifServiceURL = config.externalServices.notifications;
+ var notifServiceURL = config.externalServices.notifications.base;
var baseUser = {
email : "valid" + (config.allowedDomains[0] ? config.allowedDomains[0] : ''),