Merge pull request #9 from gentlementlegen/fix/signature-check

fix: signature check
ubiquity-os-marketplace · Jun 18, 2024 · fb1dfb8 · fb1dfb8
2 parents be0f10d + 5cc14ff
commit fb1dfb8
Show file tree

Hide file tree

Showing 8 changed files with 61 additions and 748 deletions.
diff --git a/.dev.vars.example b/.dev.vars.example
@@ -1,2 +1,3 @@
 SUPABASE_URL=
 SUPABASE_KEY=
+UBIQUIBOT_PUBLIC_KEY=
diff --git a/.env.example b/.env.example
@@ -1,2 +1,3 @@
 SUPABASE_URL=
 SUPABASE_KEY=
+UBIQUIBOT_PUBLIC_KEY=
diff --git a/.github/workflows/worker-deploy.yml b/.github/workflows/worker-deploy.yml
@@ -1,6 +1,7 @@
 name: Deploy
 
 on:
+  workflow_dispatch:
   push:
     branches:
       - main
@@ -22,8 +23,8 @@ jobs:
           secrets: |
             SUPABASE_URL
             SUPABASE_KEY
-            UBIQUIBOT_TOKEN
+            UBIQUIBOT_PUBLIC_KEY
         env:
           SUPABASE_URL: ${{ secrets.SUPABASE_URL }}
           SUPABASE_KEY: ${{ secrets.SUPABASE_KEY }}
-          UBIQUIBOT_TOKEN: ${{ secrets.UBIQUIBOT_TOKEN }}
+          UBIQUIBOT_PUBLIC_KEY: ${{ secrets.UBIQUIBOT_PUBLIC_KEY }}
diff --git a/package.json b/package.json
@@ -38,7 +38,8 @@
     "@sinclair/typebox": "^0.32.15",
     "@supabase/supabase-js": "2.43.1",
     "commander": "12.0.0",
-    "dotenv": "^16.4.5"
+    "dotenv": "^16.4.5",
+    "typebox-validators": "0.3.5"
   },
   "devDependencies": {
     "@commitlint/cli": "^18.6.1",

diff --git a/src/types/env.ts b/src/types/env.ts
@@ -1,11 +1,13 @@
-import { Type as T } from "@sinclair/typebox";
-import { StaticDecode } from "@sinclair/typebox";
+import { StaticDecode, Type as T } from "@sinclair/typebox";
 import "dotenv/config";
+import { StandardValidator } from "typebox-validators";
 
 export const envSchema = T.Object({
   SUPABASE_URL: T.String(),
   SUPABASE_KEY: T.String(),
   UBIQUIBOT_PUBLIC_KEY: T.String(),
 });
 
+export const envConfigValidator = new StandardValidator(envSchema);
+
 export type Env = StaticDecode<typeof envSchema>;
diff --git a/src/worker.ts b/src/worker.ts
@@ -1,6 +1,6 @@
 import { Value } from "@sinclair/typebox/value";
 import { run } from "./run";
-import { Env } from "./types/env";
+import { Env, envConfigValidator } from "./types/env";
 import { assistivePricingSettingsSchema } from "./types/plugin-input";
 
 export default {
@@ -19,6 +19,16 @@ export default {
           headers: { "content-type": "application/json" },
         });
       }
+      if (!envConfigValidator.test(env)) {
+        const errorDetails: string[] = [];
+        for (const error of envConfigValidator.errors(env)) {
+          errorDetails.push(`${error.path}: ${error.message}`);
+        }
+        return new Response(JSON.stringify({ error: `The environment is invalid: ${errorDetails.join("; ")}` }), {
+          status: 400,
+          headers: { "content-type": "application/json" },
+        });
+      }
       const webhookPayload = await request.json();
       const signature = webhookPayload.signature;
       delete webhookPayload.signature;

diff --git a/tests/main.test.ts b/tests/main.test.ts
@@ -1,6 +1,7 @@
 import { afterAll, afterEach, beforeAll, beforeEach, describe, expect, it } from "@jest/globals";
 import { drop } from "@mswjs/data";
 import commandParser, { CommandArguments } from "../src/handlers/command-parser";
+import { Env } from "../src/types/env";
 import workerFetch from "../src/worker";
 import { db } from "./__mocks__/db";
 import { server } from "./__mocks__/node";
@@ -120,4 +121,24 @@ describe("User tests", () => {
     expect(result.ok).toEqual(false);
     expect(result.status).toEqual(405);
   });
+
+  it("Should reject an invalid environment", async () => {
+    const result = await workerFetch.fetch(
+      {
+        method: "POST",
+        headers: {
+          get: () => "application/json",
+        },
+      } as unknown as Request,
+      {
+        SUPABASE_URL: "url",
+        SUPABASE_KEY: "key",
+      } as unknown as Env
+    );
+    expect(result.ok).toEqual(false);
+    expect(result.status).toEqual(400);
+    expect(await result.json()).toEqual({
+      error: "The environment is invalid: /UBIQUIBOT_PUBLIC_KEY: Required property; /UBIQUIBOT_PUBLIC_KEY: Expected string",
+    });
+  });
 });