Merge pull request #100 from zhishi-project/add_jwt_validation_for_no…

…tification Add JWT validation to for the engine --> notification validation
zhishi-project · Jul 13, 2016 · 28a47ec · 28a47ec
2 parents 5de3752 + a98e759
commit 28a47ec
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 25 deletions.
diff --git a/app/services/token_manager.rb b/app/services/token_manager.rb
@@ -2,8 +2,8 @@
 
 class TokenManager
   class << self
-    def generate_token(user_id, exp = 24.hours.from_now)
-      payload = { user: user_id, exp: exp.to_i }
+    def generate_token(user_id, exp = 24.hours.from_now, notify_object = nil)
+      payload = { user: user_id, exp: exp.to_i, payload: notify_object }
       issue_token(payload)
     end
 

diff --git a/lib/zi_notification/client.rb b/lib/zi_notification/client.rb
@@ -9,7 +9,8 @@ class << self
       end
 
       def request(http_method, path, options)
-        ZiNotification::Connection.connection.send(http_method, path, options)
+        token = TokenManager.generate_token(nil, 5.minutes.from_now, options)
+        ZiNotification::Connection.connection(token).send(http_method, path)
       end
     end
   end

diff --git a/lib/zi_notification/connection.rb b/lib/zi_notification/connection.rb
@@ -5,10 +5,13 @@ def self.endpoint
         ENV['ZI_NOTIFICATION_URL']
       end
 
-      def self.connection
+      def self.connection(token)
         # NOTE we need to also add the authorization once implemented on notifications
         options = {
-          headers: { 'Accept' => 'application/json; charset=utf-8' }
+          headers: {
+            'Accept' => 'application/json; charset=utf-8',
+            'Authorization' => "Token token=#{token}"
+          }
         }
 
         ::Faraday::Connection.new(endpoint, options) do |connection|

diff --git a/spec/lib/zi_notification/connection_spec.rb b/spec/lib/zi_notification/connection_spec.rb
@@ -3,8 +3,8 @@
 RSpec.describe ZiNotification::Connection do
   # NOTE  If/when we want to switch adapter from Faraday, we only need to overide interfacing methods here
   describe ".connection" do
-    subject { described_class.connection }
-    
+    subject { described_class.connection('some.token') }
+
     it { should be_an_instance_of Faraday::Connection }
   end
 

diff --git a/spec/services/token_manager_spec.rb b/spec/services/token_manager_spec.rb
@@ -5,33 +5,56 @@
   let(:user){ create(:user) }
 
   describe ".generate_token" do
-    let(:token){ subject.generate_token(user.id) }
-
-    it 'generates a valid token' do
-      expect(token.split('.').count).to eq 3
-      expect{subject.decode(token)}.not_to raise_error
+    describe 'arguments' do
+      it 'throws argument error if no arg is provided' do
+        expect{ subject.generate_token }.to raise_error ArgumentError
+      end
     end
 
-    describe 'token expiration' do
-      it 'sets expiration time to 24hrs by default' do
-        decoded = subject.decode(token)
-        expect(decoded.first['exp']).to eql 24.hours.from_now.to_i
+    context "when generating token for a user" do
+      let(:token){ subject.generate_token(user.id) }
+
+      it 'generates a valid token' do
+        expect(token.split('.').count).to eq 3
+        expect{subject.decode(token)}.not_to raise_error
       end
 
-      it 'sets expiration time to any time given' do
-        temp_token = subject.generate_token(user.id, 2.minutes.from_now)
-        decoded = subject.decode(temp_token)
-        expect(decoded.first['exp']).to eql 2.minutes.from_now.to_i
-        expect(decoded.first['exp']).not_to eql 24.hours.from_now.to_i
+      describe 'token expiration' do
+        it 'sets expiration time to 24hrs by default' do
+          decoded = subject.decode(token)
+          expect(decoded.first['exp']).to eql 24.hours.from_now.to_i
+        end
+
+        it 'sets expiration time to any time given' do
+          temp_token = subject.generate_token(user.id, 2.minutes.from_now)
+          decoded = subject.decode(temp_token)
+          expect(decoded.first['exp']).to eql 2.minutes.from_now.to_i
+          expect(decoded.first['exp']).not_to eql 24.hours.from_now.to_i
+        end
       end
     end
 
-    describe 'arguments' do
-      it 'throws argument error if no arg is provided' do
-        expect{ subject.generate_token }.to raise_error ArgumentError
+    context "when generating token for notification" do
+      let(:object) { { "id" => 1, "title" => "sample object" } }
+      let(:token){ subject.generate_token(nil, 5.minutes.from_now, object) }
+
+      it 'generates a valid token' do
+        expect(token.split('.').count).to eq 3
+        expect{subject.decode(token)}.not_to raise_error
       end
-    end
 
+      describe 'token expiration' do
+        it 'sets expiration time to 5 minutes' do
+          decoded = subject.decode(token)
+          expect(decoded.first['exp']).to eql 5.minutes.from_now.to_i
+        end
+
+        it 'sets the notification object' do
+          decoded = subject.decode(token)
+          expect(decoded.first['payload']).to eql object
+        end
+      end
+    end
   end
 
   describe ".issue_token" do