fix: now supports empty objects and arrays as request bodies

connorjburton · Jul 11, 2021 · 640bcbe · 640bcbe
1 parent 44a5beb
commit 640bcbe
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 8 deletions.
diff --git a/src/index.ts b/src/index.ts
@@ -64,7 +64,7 @@ export function HMAC(secret: string, options: Partial<Options> = {}): RequestHan
         hmac.update(request.originalUrl); // add url e.g /api/order
 
         // if we have a request body, create a md5 hash of it and add it to the hmac
-        if (typeof request.body === 'object' && request.body !== null && ((!Array.isArray(request.body) && Object.keys(request.body).length > 0) || request.body.length > 0)) {
+        if (typeof request.body === 'object' && request.body !== null) {
             const hash = crypto.createHash('md5');
             hash.update(JSON.stringify(request.body)); // we add it as a json string
             hmac.update(hash.digest('hex'));

diff --git a/tests/unit.test.ts b/tests/unit.test.ts
@@ -21,7 +21,8 @@ function mockedRequest(override: MockRequest = {}): Partial<Request> {
     req.headers = override.headers ?? { authorization: 'HMAC 1573504737300:76251c6323fbf6355f23816a4c2e12edfd10672517104763ab1b10f078277f86' };
     req.method = override.method ?? 'POST';
     req.originalUrl = override.originalUrl ?? '/api/order';
-    req.body = override.body ?? { foo: 'bar' };
+    // We want to override body with undefined if we pass it in
+    req.body = Object.prototype.hasOwnProperty.call(override, 'body') ? override.body : { foo: 'bar' };
 
     return req;
 }
@@ -32,7 +33,7 @@ describe('unit', () => {
     };
 
     afterEach(() => {
-        jest.restoreAllMocks();
+        jest.clearAllMocks();
     });
 
     test('passes hmac', () => {
@@ -251,7 +252,12 @@ describe('unit', () => {
 
         const middleware = HMAC('secret');
 
-        middleware(mockedRequest({ body: {} }) as Request, {} as Response, spies.next);
+        middleware(mockedRequest({
+            headers: {
+                authorization: 'HMAC 1573504737300:1af576ff2225e3955a2be42078e20f59d6c5d022aa21c3c83eb3896c39762df3'
+            },
+            body: {}
+        }) as Request, {} as Response, spies.next);
 
         expect(spies.next).toHaveBeenCalledWith();
 
@@ -264,7 +270,12 @@ describe('unit', () => {
 
         const middleware = HMAC('secret');
 
-        middleware(mockedRequest({ body: { foo: 'bar' } }) as Request, {} as Response, spies.next);
+        middleware(mockedRequest({
+            headers: {
+                authorization: 'HMAC 1573504737300:76251c6323fbf6355f23816a4c2e12edfd10672517104763ab1b10f078277f86'
+            },
+            body: { foo: 'bar' }
+        }) as Request, {} as Response, spies.next);
 
         expect(spies.next).toHaveBeenCalledWith();
 
@@ -277,7 +288,12 @@ describe('unit', () => {
 
         const middleware = HMAC('secret');
 
-        middleware(mockedRequest({ body: { foo: 'bar', baz: { fizz: 1, buzz: [1, 2] } } }) as Request, {} as Response, spies.next);
+        middleware(mockedRequest({
+            headers: {
+                authorization: 'HMAC 1573504737300:8ecf6a09404214f187e6746e37bdb0be995abb59001cd0b803133de240a0e395'
+            },
+            body: { foo: 'bar', baz: { fizz: 1, buzz: [1, 2] } }
+        }) as Request, {} as Response, spies.next);
 
         expect(spies.next).toHaveBeenCalledWith();
 
@@ -290,7 +306,12 @@ describe('unit', () => {
 
         const middleware = HMAC('secret');
 
-        middleware(mockedRequest({ body: [] }) as Request, {} as Response, spies.next);
+        middleware(mockedRequest({
+            headers: {
+                authorization: 'HMAC 1573504737300:099eb78ea6aa95d13f79cfb64023156f2f7cb00cdb63375169ea6a06b38796b4'
+            },
+            body: []
+        }) as Request, {} as Response, spies.next);
 
         expect(spies.next).toHaveBeenCalledWith();
 
@@ -303,7 +324,12 @@ describe('unit', () => {
 
         const middleware = HMAC('secret');
 
-        middleware(mockedRequest({ body: [1, 'test', {}, ['a', {}]] }) as Request, {} as Response, spies.next);
+        middleware(mockedRequest({
+            headers: {
+                authorization: 'HMAC 1573504737300:1a660f056f582b9154a745e7a04937d37e3980302de617f9bdcadf820902e5a6'
+            },
+            body: [1, 'test', {}, ['a', {}]]
+        }) as Request, {} as Response, spies.next);
 
         expect(spies.next).toHaveBeenCalledWith();