diff --git a/packages/taler-wallet-cli/src/integrationtests/harness.ts b/packages/taler-wallet-cli/src/integrationtests/harness.ts index a2d2b8e13..169aa8aa4 100644 --- a/packages/taler-wallet-cli/src/integrationtests/harness.ts +++ b/packages/taler-wallet-cli/src/integrationtests/harness.ts @@ -277,7 +277,9 @@ export class GlobalTestState { } assertAxiosError(e: any): asserts e is AxiosError { - return e.isAxiosError; + if (!e.isAxiosError) { + throw Error("expected axios error"); + } } assertTrue(b: boolean): asserts b { @@ -1191,6 +1193,14 @@ export class MerchantApiClient { }); } + async deleteInstance(instanceId: string) { + const baseUrl = this.baseUrl; + const url = new URL(`private/instances/${instanceId}`); + await axios.delete(url.href, { + headers: this.makeAuthHeader(), + }); + } + async createInstance(req: MerchantInstanceConfig): Promise { const baseUrl = this.baseUrl; const url = new URL("private/instances", baseUrl); @@ -1209,10 +1219,14 @@ export class MerchantApiClient { async getInstanceFullDetails(instanceId: string): Promise { const url = new URL(`private/instances/${instanceId}`, this.baseUrl); - const resp = await axios.get(url.href, { - headers: this.makeAuthHeader(), - }); - return resp.data; + try { + const resp = await axios.get(url.href, { + headers: this.makeAuthHeader(), + }); + return resp.data; + } catch (e) { + throw e; + } } makeAuthHeader(): Record { diff --git a/packages/taler-wallet-cli/src/integrationtests/test-merchant-instances.ts b/packages/taler-wallet-cli/src/integrationtests/test-merchant-instances.ts index 4691487de..5d1c06e1e 100644 --- a/packages/taler-wallet-cli/src/integrationtests/test-merchant-instances.ts +++ b/packages/taler-wallet-cli/src/integrationtests/test-merchant-instances.ts @@ -80,13 +80,23 @@ export async function runMerchantInstancesTest(t: GlobalTestState) { }, }); + // Add an instance, no auth! + await merchant.addInstance({ + id: "myinst", + name: "Second Instance", + paytoUris: [`payto://x-taler-bank/merchant-default`], + auth: { + method: "external", + }, + }); + let merchantClient = new MerchantApiClient(merchant.makeInstanceBaseUrl(), { method: "external", }); { const r = await merchantClient.getInstances(); - t.assertDeepEqual(r.instances.length, 1); + t.assertDeepEqual(r.instances.length, 2); } // Check that a "malformed" bearer Authorization header gets ignored @@ -94,7 +104,7 @@ export async function runMerchantInstancesTest(t: GlobalTestState) { const url = merchant.makeInstanceBaseUrl(); const resp = await axios.get(new URL("private/instances", url).href, { headers: { - "Authorization": "foo bar-baz", + Authorization: "foo bar-baz", }, }); t.assertDeepEqual(resp.status, 200); @@ -133,8 +143,8 @@ export async function runMerchantInstancesTest(t: GlobalTestState) { const resp = await axios.get(new URL("private/instances", url).href, { headers: { // Note the spaces - "Authorization": "Bearer secret-token:foobar", - } + Authorization: "Bearer secret-token:foobar", + }, }); t.assertDeepEqual(resp.status, 200); } @@ -146,6 +156,24 @@ export async function runMerchantInstancesTest(t: GlobalTestState) { // Token should *not* be reported back. t.assertDeepEqual(fullDetails.auth.token, undefined); } + + // Check that deleting an instance checks the auth + // of the default instance. + { + const unauthMerchantClient = new MerchantApiClient( + merchant.makeInstanceBaseUrl(), + { + method: "external", + }, + ); + + const exc = await t.assertThrowsAsync(async () => { + await unauthMerchantClient.deleteInstance(""); + }); + console.log(exc); + t.assertAxiosError(exc); + t.assertDeepEqual(exc.response?.status, 403); + } } runMerchantInstancesTest.suites = ["merchant"];