MCPcopy Index your code
hub / github.com/NdoleStudio/httpsms / assertWebhookJWT

Function assertWebhookJWT

tests/helpers_test.go:255–285  ·  view source on GitHub ↗
(t *testing.T, request wmJournal.Request, signingKey string)

Source from the content-addressed store, hash-verified

253}
254
255func assertWebhookJWT(t *testing.T, request wmJournal.Request, signingKey string) {
256 t.Helper()
257
258 authHeader := request.Headers["Authorization"]
259 if authHeader == "" {
260 authHeader = request.Headers["authorization"]
261 }
262 require.NotEmpty(t, authHeader, "webhook request missing Authorization header")
263 require.True(t, strings.HasPrefix(authHeader, "Bearer "), "Authorization header must start with Bearer")
264
265 tokenString := strings.TrimPrefix(authHeader, "Bearer ")
266 token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
267 require.Equal(t, jwt.SigningMethodHS256, token.Method, "unexpected signing method")
268 return []byte(signingKey), nil
269 })
270 require.NoError(t, err, "JWT validation failed")
271 require.True(t, token.Valid, "JWT token is not valid")
272
273 claims, ok := token.Claims.(jwt.MapClaims)
274 require.True(t, ok, "cannot parse claims")
275 require.Equal(t, "api.httpsms.com", claims["iss"], "issuer mismatch")
276 require.NotEmpty(t, claims["sub"], "subject mismatch")
277
278 exp, err := claims.GetExpirationTime()
279 require.NoError(t, err)
280 require.True(t, exp.After(time.Now()), "token is expired")
281
282 nbf, err := claims.GetNotBefore()
283 require.NoError(t, err)
284 require.True(t, nbf.Before(time.Now()), "token not yet valid")
285}
286
287func waitForWebhookEvents(t *testing.T, webhookPath string, expectedCount int, timeout time.Duration) []wmJournal.GetRequestResponse {
288 t.Helper()

Callers 4

TestSendSMS_EncryptedFunction · 0.85
TestReceiveSMS_EncryptedFunction · 0.85
TestSendSMS_RateLimitFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected