refactor(idevaffiliate): use FoxyWebhook validate

Author: ndvo

src/foxy/FoxyWebhook.js

@@ -182,6 +182,12 @@ function validFoxyRequest(requestEvent) {
   } else if (!verifyWebhookSignature(requestEvent)) {
     err = 'Forbidden';
   }
+  try {
+    JSON.parse(requestEvent.body);
+  } catch (e) {
+    console.log('body' , requestEvent.body);
+    err = 'Payload is not valid JSON.';
+  }
   return err;
 }
 

src/functions/idevaffiliate-marketplace/idevaffiliate-marketplace.js

@@ -1,17 +1,18 @@
 require("dotenv").config();
 const config = require("../../../config.js");
 const fetch = require("node-fetch");
+const FoxyWebhook = require("../../foxy/FoxyWebhook.js");
 
 const { URLSearchParams } = require("url");
 const { FoxyApi } = require("@foxy.io/node-api");
 
-const foxy = new FoxyApi();
-const store = foxy.follow("fx:store");
 
 const idevApiUrl = config.idevAffiliate.apiUrl || "";
 const idevSecretKey = config.idevAffiliate.secretKey || "";
 const foxyWebhookEncryptionKey = config.foxy.webhook.encryptionKey || "";
 
+const getFoxyApi = () => new FoxyApi();
+
 const getAffiliateIdFromProduct = (productCode) => {
   if (productCode.match(/\-a(\d+)$/i)) {
     return productCode.match(/\-a(\d+)$/i)[1];
@@ -27,12 +28,10 @@ const pushToIdev = async (item, webhook) => {
   if (!item.name || !item.code || !item.price) {
     return false;
   }
-
   const params = new URLSearchParams();
   params.append("affiliate_id", getAffiliateIdFromProduct(item.code));
   params.append("idev_saleamt", item.price);
   params.append("idev_ordernum", webhook.id);
-
   // TODO: Check an existing attribute to see if this has already been done.
   // Upsert a Foxy API attribute on the product after pushing so it's not duplicated
   // with a re-run of the webhook.
@@ -62,43 +61,23 @@ const processTransaction = async (message) => {
  */
 
 exports.handler = async (event, context) => {
-  // Verify the Foxy webhook is valid
-  const foxyWebhookIsVerified = FoxyApi.webhook.verify({
-    signature: event.headers["foxy-webhook-signature"],
-    payload: event.body,
-    key: config.foxy.webhook.encryptionKey,
-  });
-
-  // Parse the body
-  let payload;
-  try {
-    payload = JSON.parse(event.body);
-  } catch (error) {
-    console.log("ERROR: Payload is not a valid Foxy webhook.");
-    return {
-      statusCode: 400,
-      body: JSON.stringify({ message: "Cannot parse body." }),
-    };
+  const foxy = getFoxyApi();
+  const err = FoxyWebhook.validFoxyRequest(event);
+  if (err) {
+    return FoxyWebhook.response(err);
   }
-
+  const payload = JSON.parse(event.body);
   // Make sure everything looks ok
   if (
-    !foxyWebhookIsVerified ||
     event.headers["foxy-webhook-event"] !== "transaction/created" ||
     !payload._embedded ||
     !payload._embedded["fx:items"] ||
     !payload._embedded["fx:items"].length > 0
   ) {
-    console.log("ERROR: Payload is not a valid Foxy webhook.");
-    return {
-      statusCode: 400,
-      body: JSON.stringify({ message: "Invalid signature." }),
-    };
+    return FoxyWebhook.response("Invalid payload.");
   }
-
   return processTransaction(payload)
     .then((data) => {
-      console.log(data);
       return {
         statusCode: 200,
         body: JSON.stringify({ message: "success." }),

test/functions/datastore-integration-orderdesk/index.test.js

@@ -53,7 +53,7 @@ describe("Order Desk Pre-payment Webhook", function() {
   });
 
   it ("Should return a Foxy Prepayment Webhook Response", async function () {
-    const responsePromise = odHandler.handler();
+    const responsePromise = odHandler.handler('');
     expect(responsePromise).to.be.a("Promise");
     const response = await responsePromise;
     expect(response.statusCode).to.exist;

test/functions/datastore-integration-webflow/index.test.js

@@ -62,7 +62,7 @@ describe("Initialize and validate the webhook", () => {
     config.datastore.provider.webflow.token = undefined;
     await prePayment.handler(null, null, noToken);
     config.datastore.provider.webflow.token = "FOOBAR";
-    await prePayment.handler(null, null, withToken);
+    await prePayment.handler({}, null, withToken);
   });
 
   it("Extracts the items from FoxyCart payload", async () => {
@@ -453,22 +453,6 @@ describe("Verifies the price of an item in a Webflow collection", () => {
     });
   });
 
-  it("Returns Bad Request when no body is provided", async () => {
-    let response;
-    const event = MockFoxyRequests.validRequest();
-    injectedWebflow.items = () =>
-      Promise.resolve(
-        mockWebflow.arbitrary(JSON.parse(event.body)._embedded["fx:items"])({}, {})
-      );
-    delete event.body;
-    response = await prePayment.handler(event);
-    expect(response.statusCode).to.equal(400);
-    expect(JSON.parse(response.body)).to.deep.equal({
-      details: "Empty request.",
-      ok: false,
-    });
-  });
-
   it("Returns Rate limit exceeded when Webflow limit is exceeded", async () => {
     let response;
     const event = mockFoxyCart.request();

test/functions/idevaffiliate-marketplace/idevaffiliate-marketplace.test.js

@@ -1 +1,28 @@
+const { after, afterEach, before, beforeEach, describe, it } = require("mocha");
+const {expect} = require("chai");
+const rewire = require("rewire");
 
+
+const chaiHttp = require('chai-http');
+const handler = rewire('../../../src/functions/idevaffiliate-marketplace/idevaffiliate-marketplace.js');
+const config = handler.__get__('config');
+
+
+
+function setConfig() {
+}
+
+describe("Idev Affiliate", function() {
+
+  before(
+    function () {
+      config.foxy.api.clientId = 'foo';
+    }
+  );
+
+  it ("Should require Foxy Client Id", async function () {
+    expect(async () => {await handler({})}).to.throw;
+  });
+
+
+});