From 22dbed6c937515466db819be624c0cfd0404ee76 Mon Sep 17 00:00:00 2001
From: Beppe Catanese <1771700+gcatanese@users.noreply.github.com>
Date: Tue, 10 Oct 2023 11:12:23 +0200
Subject: [PATCH] Preauth webhook tests (#52)

* Add failing webhook test

* Add successful webhook test
---
 .../webhook-failure.spec.js                   | 42 +++++++++++++++
 .../authorisation-adjustment/webhook.spec.js  | 54 ++++++++++---------
 2 files changed, 71 insertions(+), 25 deletions(-)
 create mode 100644 tests/authorisation-adjustment/webhook-failure.spec.js

diff --git a/tests/authorisation-adjustment/webhook-failure.spec.js b/tests/authorisation-adjustment/webhook-failure.spec.js
new file mode 100644
index 0000000..c38edf0
--- /dev/null
+++ b/tests/authorisation-adjustment/webhook-failure.spec.js
@@ -0,0 +1,42 @@
+// @ts-check
+const { test, expect } = require('@playwright/test');
+
+// test webhook is rejected (invalid HMAC signature)
+test('Webhook Notification', async ({ request }) => {
+    const notifications = await request.post(`/api/webhooks/notifications`, {
+        data: {
+            "live": "false",
+            "notificationItems":[
+                {
+                    "NotificationRequestItem":{
+                        "additionalData":{
+                            "hmacSignature":"INVALID_HMAC_SIGNATURE"
+                        },
+                        "eventCode":"AUTHORISATION",
+                        "success":"true",
+                        "eventDate":"2019-06-28T18:03:50+01:00",
+                        "merchantAccountCode":"YOUR_MERCHANT_ACCOUNT",
+                        "pspReference": "7914073381342284",
+                        "merchantReference": "YOUR_REFERENCE",
+                        "amount": {
+                            "value":24999,
+                            "currency":"EUR"
+                        }
+                    }
+                }
+            ]
+        }
+    });
+
+    /// Verify notification is not accepted (invalid HMAC)
+
+    // Status code not 404 (verify webhook is found)
+    expect(notifications.status()).not.toEqual(404);
+
+    // Status code not 200 (verify webhook does not accept the notification ie HMAC invalid)
+    expect(notifications.status()).not.toEqual(200);
+
+    // Body response does not contain [accepted]
+    notifications.text()
+        .then(value => {expect(value).not.toEqual("[accepted]");} );
+});
diff --git a/tests/authorisation-adjustment/webhook.spec.js b/tests/authorisation-adjustment/webhook.spec.js
index 27a4037..3a457be 100644
--- a/tests/authorisation-adjustment/webhook.spec.js
+++ b/tests/authorisation-adjustment/webhook.spec.js
@@ -1,41 +1,45 @@
 // @ts-check
 const { test, expect } = require('@playwright/test');
+const utilities = require('../utilities');
 
+// test webhook is successfully delivered
 test('Webhook Notification', async ({ request }) => {
+
+    var notificationRequestItem = {
+        "eventCode":"AUTHORISATION",
+        "success":"true",
+        "eventDate":"2019-06-28T18:03:50+01:00",
+        "merchantAccountCode":"YOUR_MERCHANT_ACCOUNT",
+        "pspReference": "7914073381342284",
+        "merchantReference": "YOUR_REFERENCE",
+        "amount": {
+            "value":1130,
+            "currency":"EUR"
+        }
+    };
+
+    // calculate signature from payload
+    const hmacSignature = await utilities.calculateHmacSignature(notificationRequestItem);
+    // add hmacSignature to 'additionalData'
+    notificationRequestItem["additionalData"] = {"hmacSignature" : ""+hmacSignature+""}
+
+    // POST webhook
     const notifications = await request.post(`/api/webhooks/notifications`, {
         data: {
             "live": "false",
             "notificationItems":[
                 {
-                    "NotificationRequestItem":{
-                        "additionalData":{
-                            "hmacSignature":"+JWKfq4ynALK+FFzGgHnp1jSMQJMBJeb87dlph24sXw="
-                        },
-                        "eventCode":"AUTHORISATION",
-                        "success":"true",
-                        "eventDate":"2019-06-28T18:03:50+01:00",
-                        "merchantAccountCode":"YOUR_MERCHANT_ACCOUNT",
-                        "pspReference": "7914073381342284",
-                        "merchantReference": "YOUR_REFERENCE",
-                        "amount": {
-                            "value":24999,
-                            "currency":"EUR"
-                        }
-                    }
-                }
+                    "NotificationRequestItem": notificationRequestItem    
+                }           
             ]
         }
     });
 
-    /// Verify notification is not accepted (invalid HMAC)
+    // Verify status code 
+    expect(notifications.status()).toEqual(200);
 
-    // Status code not 404 (verify webhook is found)
-    expect(notifications.status()).not.toEqual(404);
-
-    // Status code not 200 (verify webhook does not accept the notification ie HMAC invalid)
-    expect(notifications.status()).not.toEqual(200);
-
-    // Body response does not contain [accepted]
+    // Verify body response 
     notifications.text()
-        .then(value => {expect(value).not.toEqual("[accepted]");} );
+        .then(value => {expect(value).toEqual("[accepted]");} );
 });
+