Files
simstudioai--sim/apps/sim/lib/webhooks/providers/gong.test.ts
T
wehub-resource-sync d25d482dc2
Publish CLI Package / publish-npm (push) Waiting to run
Publish Python SDK / publish-pypi (push) Waiting to run
Publish TypeScript SDK / publish-npm (push) Waiting to run
CI / Migrate Dev DB (push) Has been skipped
CI / Detect Version (push) Has been cancelled
CI / Migrate DB (push) Has been cancelled
CI / Build Dev ECR (./docker/app.Dockerfile, ECR_APP) (push) Has been cancelled
CI / Build Dev ECR (./docker/db.Dockerfile, ECR_MIGRATIONS) (push) Has been cancelled
CI / Build Dev ECR (./docker/pii.Dockerfile, ECR_PII) (push) Has been cancelled
CI / Build Dev ECR (./docker/realtime.Dockerfile, ECR_REALTIME) (push) Has been cancelled
CI / Deploy Trigger.dev (Dev) (push) Has been cancelled
CI / Build AMD64 (./docker/app.Dockerfile, ECR_APP, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build AMD64 (./docker/db.Dockerfile, ECR_MIGRATIONS, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build AMD64 (./docker/pii.Dockerfile, ECR_PII, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build AMD64 (./docker/realtime.Dockerfile, ECR_REALTIME, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/app.Dockerfile, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/db.Dockerfile, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/pii.Dockerfile, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/realtime.Dockerfile, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Check Docs Changes (push) Has been cancelled
CI / Process Docs (push) Has been cancelled
CI / Create GitHub Release (push) Has been cancelled
CI / Test and Build (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:20:55 +08:00

168 lines
5.0 KiB
TypeScript

import { createHash } from 'node:crypto'
import * as jose from 'jose'
import { NextRequest } from 'next/server'
import { describe, expect, it } from 'vitest'
import {
GONG_JWT_PUBLIC_KEY_CONFIG_KEY,
gongHandler,
normalizeGongPublicKeyPem,
verifyGongJwtAuth,
} from '@/lib/webhooks/providers/gong'
describe('normalizeGongPublicKeyPem', () => {
it('passes through PEM', () => {
const pem = '-----BEGIN PUBLIC KEY-----\nabc\n-----END PUBLIC KEY-----'
expect(normalizeGongPublicKeyPem(pem)).toBe(pem)
})
it('wraps raw base64', () => {
const raw = 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfj3'
const out = normalizeGongPublicKeyPem(raw)
expect(out).toContain('BEGIN PUBLIC KEY')
expect(out).toContain('END PUBLIC KEY')
expect(out).toContain('MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfj3')
})
it('returns null for garbage', () => {
expect(normalizeGongPublicKeyPem('not-base64!!!')).toBeNull()
})
})
describe('gongHandler formatInput', () => {
it('always returns callId as a string', async () => {
const { input } = await gongHandler.formatInput!({
webhook: {},
workflow: { id: 'wf', userId: 'u' },
body: { callData: { metaData: {} } },
headers: {},
requestId: 'gong-format',
})
expect((input as Record<string, unknown>).callId).toBe('')
})
it('exposes content topics and highlights alongside trackers', async () => {
const { input } = await gongHandler.formatInput!({
webhook: {},
workflow: { id: 'wf', userId: 'u' },
body: {
callData: {
metaData: { id: '99' },
content: {
trackers: [{ id: 't1', name: 'Competitor', count: 2 }],
topics: [{ name: 'Pricing', duration: 120 }],
highlights: [{ title: 'Action items' }],
},
},
},
headers: {},
requestId: 'gong-format-content',
})
const rec = input as Record<string, unknown>
expect(rec.callId).toBe('99')
expect(rec.trackers).toEqual([{ id: 't1', name: 'Competitor', count: 2 }])
expect(rec.topics).toEqual([{ name: 'Pricing', duration: 120 }])
expect(rec.highlights).toEqual([{ title: 'Action items' }])
})
})
describe('gongHandler verifyAuth (JWT)', () => {
it('returns null when JWT public key is not configured', async () => {
const request = new NextRequest('https://app.example.com/api/webhooks/trigger/abc', {
method: 'POST',
body: '{}',
})
const rawBody = '{}'
const res = await verifyGongJwtAuth({
webhook: {},
workflow: {},
request,
rawBody,
requestId: 't1',
providerConfig: {},
})
expect(res).toBeNull()
})
it('returns 401 when key is configured but Authorization is missing', async () => {
const { publicKey } = await jose.generateKeyPair('RS256')
const spki = await jose.exportSPKI(publicKey)
const request = new NextRequest('https://app.example.com/api/webhooks/trigger/abc', {
method: 'POST',
body: '{}',
})
const res = await verifyGongJwtAuth({
webhook: {},
workflow: {},
request,
rawBody: '{}',
requestId: 't2',
providerConfig: { [GONG_JWT_PUBLIC_KEY_CONFIG_KEY]: spki },
})
expect(res?.status).toBe(401)
})
it('accepts a valid Gong-style JWT', async () => {
const { publicKey, privateKey } = await jose.generateKeyPair('RS256')
const spki = await jose.exportSPKI(publicKey)
const url = 'https://app.example.com/api/webhooks/trigger/test-path'
const rawBody = '{"callData":{}}'
const bodySha = createHash('sha256').update(rawBody, 'utf8').digest('hex')
const jwt = await new jose.SignJWT({
webhook_url: url,
body_sha256: bodySha,
})
.setProtectedHeader({ alg: 'RS256' })
.setExpirationTime('1h')
.sign(privateKey)
const request = new NextRequest(url, {
method: 'POST',
body: rawBody,
headers: { Authorization: `Bearer ${jwt}` },
})
const res = await gongHandler.verifyAuth!({
webhook: {},
workflow: {},
request,
rawBody,
requestId: 't3',
providerConfig: { [GONG_JWT_PUBLIC_KEY_CONFIG_KEY]: spki },
})
expect(res).toBeNull()
})
it('rejects JWT when body hash does not match', async () => {
const { publicKey, privateKey } = await jose.generateKeyPair('RS256')
const spki = await jose.exportSPKI(publicKey)
const url = 'https://app.example.com/api/webhooks/trigger/x'
const rawBody = '{"a":1}'
const jwt = await new jose.SignJWT({
webhook_url: url,
body_sha256: 'deadbeef',
})
.setProtectedHeader({ alg: 'RS256' })
.setExpirationTime('1h')
.sign(privateKey)
const request = new NextRequest(url, {
method: 'POST',
body: rawBody,
headers: { Authorization: jwt },
})
const res = await verifyGongJwtAuth({
webhook: {},
workflow: {},
request,
rawBody,
requestId: 't4',
providerConfig: { [GONG_JWT_PUBLIC_KEY_CONFIG_KEY]: spki },
})
expect(res?.status).toBe(401)
})
})