diff --git a/src/app/bot/actions.js b/src/app/bot/actions.js index e1fa1a0..58a6bfc 100644 --- a/src/app/bot/actions.js +++ b/src/app/bot/actions.js @@ -70,7 +70,7 @@ async function handleAuthorize({ bot, group, user }) { if (rcUser) { trelloUser = await TrelloUser.findByPk(rcUser.trello_user_id); } - if (trelloUser && trelloUser.writeable_token) { + if (trelloUser && trelloUser.getWriteableToken()) { await bot.sendMessage(group.id, { text: `Hi ![:Person](${user.id}), you have authorized Trello.`, }); @@ -89,7 +89,7 @@ async function handleUnauthorize({ if (rcUser) { trelloUser = await TrelloUser.findByPk(rcUser.trello_user_id); } - if (!trelloUser || !trelloUser.writeable_token) { + if (!trelloUser || !trelloUser.getWriteableToken()) { await bot.sendMessage(group.id, { text: `Hi ![:Person](${user.id}), you have not authorized Trello yet.`, }); @@ -105,10 +105,10 @@ async function handleUnauthorize({ const trello = new Trello({ appKey: process.env.TRELLO_APP_KEY, redirectUrl: '', - token: trelloUser.writeable_token, + token: trelloUser.getWriteableToken(), }); await trello.revokeToken(); - trelloUser.writeable_token = ''; + trelloUser.removeWriteableToken(); trelloUser.username = ''; trelloUser.fullName = ''; await trelloUser.save(); diff --git a/src/app/handlers/interactiveMessages.js b/src/app/handlers/interactiveMessages.js index b66a336..69301a8 100644 --- a/src/app/handlers/interactiveMessages.js +++ b/src/app/handlers/interactiveMessages.js @@ -96,13 +96,13 @@ async function notificationInteractiveMessagesHandler(req, res) { res.send('ok'); return; } - if (!trelloUser || !trelloUser.writeable_token) { + if (!trelloUser || !trelloUser.getWriteableToken()) { await sendAuthorizeRequestCard(trelloWebhook.rc_webhook_id, webhookId); res.status(200); res.send('ok'); return; } - trello.setToken(trelloUser.writeable_token); + trello.setToken(trelloUser.getWriteableToken()); try { if (action === 'joinCard') { const members = await trello.getCardMembers(body.data.cardId); @@ -128,7 +128,7 @@ async function notificationInteractiveMessagesHandler(req, res) { } catch (e) { if (e.response) { if (e.response.status === 401) { - trelloUser.writeable_token = ''; + trelloUser.removeWriteableToken(); trelloUser.username = ''; trelloUser.fullName = ''; await trelloUser.save(); @@ -267,16 +267,16 @@ async function botInteractiveMessagesHandler(req, res) { redirectUrl: '', }); if (action === 'unauthorize') { - if (!trelloUser || !trelloUser.writeable_token) { + if (!trelloUser || !trelloUser.getWriteableToken()) { botActions.setMessageCard( bot, cardId, `Hi **${body.user.firstName} ${body.user.lastName}**, You have not authorized Trello yet.` ); } else { - trello.setToken(trelloUser.writeable_token); + trello.setToken(trelloUser.getWriteableToken()); await trello.revokeToken(); - trelloUser.writeable_token = ''; + trelloUser.removeWriteableToken(); trelloUser.username = ''; trelloUser.fullName = ''; await trelloUser.save(); @@ -304,7 +304,7 @@ async function botInteractiveMessagesHandler(req, res) { }); return; } - if (!rcUser || !trelloUser || !trelloUser.writeable_token) { + if (!rcUser || !trelloUser || !trelloUser.getWriteableToken()) { res.status(200); res.json(getAuthDialog(botId, body)); await analytics.trackUserAction('cardSubmitted', body.user.extId, { @@ -314,7 +314,7 @@ async function botInteractiveMessagesHandler(req, res) { }); return; } - trello.setToken(trelloUser.writeable_token); + trello.setToken(trelloUser.getWriteableToken()); if (action === 'joinCard') { const members = await trello.getCardMembers(body.data.cardId); if (members.find(member => member.id === trelloUser.id)) { @@ -362,7 +362,7 @@ async function botInteractiveMessagesHandler(req, res) { trello && e.response.config.url.indexOf('api.trello.com') > -1 ) { - trelloUser.writeable_token = ''; + trelloUser.removeWriteableToken(); trelloUser.username = ''; trelloUser.fullName = ''; await trelloUser.save(); diff --git a/src/app/models/trello-user.js b/src/app/models/trello-user.js index f14d6ac..0a2f662 100644 --- a/src/app/models/trello-user.js +++ b/src/app/models/trello-user.js @@ -1,8 +1,24 @@ const Sequelize = require('sequelize'); +const crypto = require('crypto'); const { sequelize } = require('./sequelize'); +function getCipherKey() { + if (!process.env.APP_SERVER_SECRET_KEY) { + throw new Error('APP_SERVER_SECRET_KEY is not defined'); + } + if (process.env.APP_SERVER_SECRET_KEY.length < 32) { + // pad secret key with spaces if it is less than 32 bytes + return process.env.APP_SERVER_SECRET_KEY.padEnd(32, ' '); + } + if (process.env.APP_SERVER_SECRET_KEY.length > 32) { + // truncate secret key if it is more than 32 bytes + return process.env.APP_SERVER_SECRET_KEY.slice(0, 32); + } + return process.env.APP_SERVER_SECRET_KEY; +} + // Model for Trello User data -exports.TrelloUser = sequelize.define('trello-users', { +const TrelloUser = sequelize.define('trello-users', { id: { type: Sequelize.STRING, // identify for trello user primaryKey: true, @@ -18,5 +34,62 @@ exports.TrelloUser = sequelize.define('trello-users', { }, writeable_token: { type: Sequelize.STRING - } + }, + encrypted_token: { + type: Sequelize.STRING + }, + encrypted_writeable_token: { + type: Sequelize.STRING + }, }); + +function encodeToken(token) { + const cipher = crypto.createCipheriv('aes-256-cbc', getCipherKey(), Buffer.alloc(16, 0)); + return cipher.update(token, 'utf8', 'hex') + cipher.final('hex'); +} + +function decodedCode(encryptedData) { + const decipher = crypto.createDecipheriv('aes-256-cbc', getCipherKey(), Buffer.alloc(16, 0)); + return decipher.update(encryptedData, 'hex', 'utf8') + decipher.final('utf8'); +} + +const originalSave = TrelloUser.prototype.save; +TrelloUser.prototype.save = async function () { + if (this.token) { + // encode data to encryptedData + this.encrypted_token = encodeToken(this.token); + this.token = ''; + } + if (this.writeable_token) { + // encode data to encryptedData + this.encrypted_writeable_token = encodeToken(this.writeable_token); + this.writeable_token = ''; + } + return originalSave.call(this); +} + +TrelloUser.prototype.removeToken = function () { + this.token = ''; + this.encrypted_token = ''; +}; + +TrelloUser.prototype.removeWriteableToken = function () { + this.writeable_token = ''; + this.encrypted_writeable_token = ''; +}; + +TrelloUser.prototype.getToken = function () { + if (this.encrypted_token) { + return decodedCode(this.encrypted_token); + } + return this.token; +}; + +TrelloUser.prototype.getWriteableToken = function () { + if (this.encrypted_writeable_token) { + return decodedCode(this.encrypted_writeable_token); + } + return this.writeable_token; +} + +exports.TrelloUser = TrelloUser; diff --git a/src/app/routes/authorization.js b/src/app/routes/authorization.js index 42a8080..f50b2d7 100644 --- a/src/app/routes/authorization.js +++ b/src/app/routes/authorization.js @@ -249,14 +249,14 @@ async function revokeToken(req, res) { const userId = decodedToken.id; try { const trelloUser = await TrelloUser.findByPk(userId); - if (trelloUser && trelloUser.token) { + if (trelloUser && trelloUser.getToken()) { const trello = new Trello({ appKey: process.env.TRELLO_APP_KEY, redirectUrl: `${process.env.APP_SERVER}/trello/oauth-callback`, - token: trelloUser.token, + token: trelloUser.getToken(), }); await trello.revokeToken(); - trelloUser.token = ''; + trelloUser.removeToken(); trelloUser.username = ''; trelloUser.fullName = ''; await trelloUser.save(); @@ -297,7 +297,7 @@ async function botRevokeToken(req, res) { return; } trelloUser = await TrelloUser.findByPk(rcUser.trello_user_id); - if (!trelloUser || !trelloUser.writeable_token) { + if (!trelloUser || !trelloUser.getWriteableToken()) { res.status(200); res.json({ result: 'ok' }); return; @@ -306,9 +306,9 @@ async function botRevokeToken(req, res) { appKey: process.env.TRELLO_APP_KEY, redirectUrl: '', }); - trello.setToken(trelloUser.writeable_token); + trello.setToken(trelloUser.getWriteableToken()); await trello.revokeToken(); - trelloUser.writeable_token = ''; + trelloUser.removeWriteableToken(); trelloUser.username = ''; trelloUser.fullName = ''; await trelloUser.save(); diff --git a/src/app/routes/bot-setup.js b/src/app/routes/bot-setup.js index cbd35cc..564c2cf 100644 --- a/src/app/routes/bot-setup.js +++ b/src/app/routes/bot-setup.js @@ -91,15 +91,15 @@ async function info(req, res) { if (rcUser.trello_user_id) { trelloUser = await TrelloUser.findByPk(rcUser.trello_user_id); if (trelloUser) { - botInfo.trelloAuthorized = !!trelloUser.writeable_token; + botInfo.trelloAuthorized = !!trelloUser.getWriteableToken(); botInfo.trelloUser = { fullName: '', }; - if (trelloUser.writeable_token) { + if (trelloUser.getWriteableToken()) { const trello = new Trello({ appKey: process.env.TRELLO_APP_KEY, redirectUrl: '', - token: trelloUser.writeable_token, + token: trelloUser.getWriteableToken(), }); botInfo.boards = await trello.getBoards(); const trelloUserInfo = await trello.getUserInfo(); @@ -115,7 +115,7 @@ async function info(req, res) { e.response.status === 401 && trelloUser ) { - trelloUser.writeable_token = ''; + trelloUser.removeWriteableToken(); trelloUser.username = ''; trelloUser.fullName = ''; await trelloUser.save(); @@ -177,7 +177,7 @@ async function saveSubscription(req, res) { return; } trelloUser = await TrelloUser.findByPk(rcUser.trello_user_id); - if (!trelloUser || !trelloUser.writeable_token) { + if (!trelloUser || !trelloUser.getWriteableToken()) { res.status(401); res.send('Trello authorization required'); return; @@ -185,7 +185,7 @@ async function saveSubscription(req, res) { const trello = new Trello({ appKey: process.env.TRELLO_APP_KEY, redirectUrl: '', - token: trelloUser.writeable_token, + token: trelloUser.getWriteableToken(), }); let trelloWebhook; if (subscriptionId) { @@ -246,7 +246,7 @@ async function saveSubscription(req, res) { e.response.status === 401 && trelloUser ) { - trelloUser.writeable_token = ''; + trelloUser.removeWriteableToken(); trelloUser.username = ''; trelloUser.fullName = ''; await trelloUser.save(); @@ -334,7 +334,7 @@ async function removeSubscription(req, res) { return; } trelloUser = await TrelloUser.findByPk(rcUser.trello_user_id); - if (!trelloUser || !trelloUser.writeable_token) { + if (!trelloUser || !trelloUser.getWriteableToken()) { res.status(401); res.send('Trello authorization required'); return; @@ -349,7 +349,7 @@ async function removeSubscription(req, res) { const trello = new Trello({ appKey: process.env.TRELLO_APP_KEY, redirectUrl: '', - token: trelloUser.writeable_token, + token: trelloUser.getWriteableToken(), }); await trello.deleteWebhook({ id: trelloWebhook.trello_webhook_id }); } diff --git a/src/app/routes/maintain.js b/src/app/routes/maintain.js index 896294c..6603267 100644 --- a/src/app/routes/maintain.js +++ b/src/app/routes/maintain.js @@ -24,11 +24,15 @@ async function removeUserName(req, res) { lastKey = ''; } for (const trelloUser of trelloUsers) { - if (!!trelloUser.username || !!trelloUser.fullName) { - await TrelloUser.update({ - username: '', - fullName: '', - }, { where: { id: trelloUser.id } }); + if ( + trelloUser.username || + trelloUser.fullName || + trelloUser.writeable_token || + trelloUser.token + ) { + trelloUser.username = ''; + trelloUser.fullName = ''; + await trelloUser.save(); } } res.status(200); diff --git a/src/app/routes/notification.js b/src/app/routes/notification.js index e24fc80..34e9a87 100644 --- a/src/app/routes/notification.js +++ b/src/app/routes/notification.js @@ -44,7 +44,7 @@ async function onRcWebhookRemoved(trello, trelloWebhook, trelloUser) { if (!trelloUser) { trelloUser = await TrelloUser.findByPk(trelloWebhook.trello_user_id); } - trello.setToken(trelloUser.token); + trello.setToken(trelloUser.getToken()); await trello.deleteWebhook({ id: trelloWebhook.trello_webhook_id }); await trelloWebhook.destroy(); const rcWebhookId = getRCWebhookId(trelloWebhook.rc_webhook_id); @@ -55,7 +55,7 @@ async function onBotRemoved(trello, trelloWebhook, trelloUser) { if (!trelloUser) { trelloUser = await TrelloUser.findByPk(trelloWebhook.trello_user_id); } - trello.setToken(trelloUser.writeable_token); + trello.setToken(trelloUser.getWriteableToken()); await trello.deleteWebhook({ id: trelloWebhook.trello_webhook_id }); } @@ -79,9 +79,9 @@ async function notification(req, res) { if (shouldUpdateBoardLabels(req.body.action.type)) { trelloUser = await TrelloUser.findByPk(trelloWebhook.trello_user_id); if (isBotNotification) { - trello.setToken(trelloUser.writeable_token); + trello.setToken(trelloUser.getWriteableToken()); } else { - trello.setToken(trelloUser.token); + trello.setToken(trelloUser.getToken()); } await updateBoardLabels(trello, trelloWebhook); } @@ -93,9 +93,9 @@ async function notification(req, res) { trelloUser = await TrelloUser.findByPk(trelloWebhook.trello_user_id); } if (isBotNotification) { - trello.setToken(trelloUser.writeable_token); + trello.setToken(trelloUser.getWriteableToken()); } else { - trello.setToken(trelloUser.token); + trello.setToken(trelloUser.getToken()); } card = await trello.getCard(req.body.action.data.card.id); if (!trelloWebhook.config.labels) { diff --git a/src/app/routes/webhooks.js b/src/app/routes/webhooks.js index 0712659..a78210f 100644 --- a/src/app/routes/webhooks.js +++ b/src/app/routes/webhooks.js @@ -52,7 +52,7 @@ async function webhookInfo(req, res) { let trelloUser; try { trelloUser = await TrelloUser.findByPk(userId); - if (!trelloUser || !trelloUser.token) { + if (!trelloUser || !trelloUser.getToken()) { res.status(401); res.send('Unauthorized'); return; @@ -68,7 +68,7 @@ async function webhookInfo(req, res) { const trello = new Trello({ appKey: process.env.TRELLO_APP_KEY, redirectUrl: `${process.env.APP_SERVER}/trello/oauth-callback`, - token: trelloUser.token, + token: trelloUser.getToken(), }); const boards = await trello.getBoards(); const userInfo = await trello.getUserInfo(); @@ -83,7 +83,7 @@ async function webhookInfo(req, res) { } catch (e) { if (e.response && e.response.status === 401) { if (trelloUser) { - trelloUser.token = ''; + trelloUser.removeToken(); trelloUser.username = ''; trelloUser.fullName = ''; await trelloUser.save(); @@ -121,7 +121,7 @@ async function createWebhook(req, res) { let trelloUser; try { trelloUser = await TrelloUser.findByPk(userId); - if (!trelloUser || !trelloUser.token) { + if (!trelloUser || !trelloUser.getToken()) { res.status(401); res.send('Session expired'); return @@ -137,7 +137,7 @@ async function createWebhook(req, res) { try { const trello = new Trello({ appKey: process.env.TRELLO_APP_KEY, - token: trelloUser.token, + token: trelloUser.getToken(), }); const labels = await trello.getLabels(boardId); rcWebhookRecord = await RCWebhook.findByPk(rcWebhookId); @@ -188,7 +188,7 @@ async function createWebhook(req, res) { }); } catch (e) { if (e.response && e.response.status === 401) { - trelloUser.token = ''; + trelloUser.removeToken(); trelloUser.username = ''; trelloUser.fullName = ''; await trelloUser.save(); diff --git a/test/authorization.test.js b/test/authorization.test.js index 672c9c5..9e50316 100644 --- a/test/authorization.test.js +++ b/test/authorization.test.js @@ -97,7 +97,9 @@ describe('Trello Authorization', () => { expect(res.status).toEqual(200); expect(JSON.parse(res.text).authorize).toEqual(true); const trelloUser = await TrelloUser.findByPk(trelloUserId); - expect(trelloUser.token).toEqual('xxxx'); + expect(trelloUser.token).toEqual(''); + expect(!!trelloUser.encrypted_token).toEqual(true); + expect(trelloUser.getToken()).toEqual('xxxx'); await TrelloUser.destroy({ where: { id: trelloUser.id }}); trelloUserScope.done(); }); @@ -119,7 +121,9 @@ describe('Trello Authorization', () => { expect(res.status).toEqual(200); expect(JSON.parse(res.text).authorize).toEqual(true); const trelloUser = await TrelloUser.findByPk(trelloUserId); - expect(trelloUser.token).toEqual('new_token'); + expect(trelloUser.token).toEqual(''); + expect(!!trelloUser.encrypted_token).toEqual(true); + expect(trelloUser.getToken()).toEqual('new_token'); await TrelloUser.destroy({ where: { id: trelloUser.id }}); trelloUserScope.done(); }); @@ -156,14 +160,16 @@ describe('Trello Authorization', () => { id: trelloUserId, }); const trelloRevokeScope = nock('https://api.trello.com') - .delete(uri => uri.includes(`/1/tokens/${trelloUserRecord.token}?`)) + .delete(uri => uri.includes(`/1/tokens/xxx?`)) .reply(200, {}); const res = await request(server).post('/trello/revoke').send({ token, }).set('Referer', process.env.RINGCENTRAL_CHATBOT_SERVER); expect(res.status).toEqual(200); trelloUserRecord = await TrelloUser.findByPk(trelloUserId); - expect(!!trelloUserRecord.token).toEqual(false); + expect(trelloUserRecord.token).toEqual(''); + expect(trelloUserRecord.encrypted_token).toEqual(''); + expect(!!trelloUserRecord.getToken()).toEqual(false); await TrelloUser.destroy({ where: { id: trelloUserRecord.id }}); trelloRevokeScope.done(); }); @@ -178,14 +184,16 @@ describe('Trello Authorization', () => { id: trelloUserId, }); const trelloRevokeScope = nock('https://api.trello.com') - .delete(uri => uri.includes(`/1/tokens/${trelloUserRecord.token}?`)) + .delete(uri => uri.includes(`/1/tokens/xxx?`)) .reply(404, {}); const res = await request(server).post('/trello/revoke').send({ token, }).set('Referer', process.env.RINGCENTRAL_CHATBOT_SERVER); expect(res.status).toEqual(200); trelloUserRecord = await TrelloUser.findByPk(trelloUserId); - expect(!!trelloUserRecord.token).toEqual(false); + expect(trelloUserRecord.token).toEqual(''); + expect(trelloUserRecord.encrypted_token).toEqual(''); + expect(!!trelloUserRecord.getToken()).toEqual(false); await TrelloUser.destroy({ where: { id: trelloUserRecord.id }}); trelloRevokeScope.done(); }); @@ -334,7 +342,8 @@ describe('Trello Authorization', () => { const rcUser = await RcUser.findByPk(`rcext-${rcUserId}`); expect(rcUser.trello_user_id).toEqual(trelloUserId); const trelloUser = await TrelloUser.findByPk(trelloUserId); - expect(trelloUser.writeable_token).toEqual('xxx'); + expect(trelloUser.writeable_token).toEqual(''); + expect(trelloUser.getWriteableToken()).toEqual('xxx'); await RcUser.destroy({ where: { id: rcUser.id } }); await TrelloUser.destroy({ where: { id: trelloUser.id }}); await Bot.destroy({ where: { id: bot.id }}); @@ -390,7 +399,8 @@ describe('Trello Authorization', () => { expect(res.status).toEqual(200); expect(requestBody.fallbackText).toContain('Connected with Trello successfully'); trelloUserRecord = await TrelloUser.findByPk(trelloUserId); - expect(trelloUserRecord.writeable_token).toEqual('xxx'); + expect(trelloUserRecord.writeable_token).toEqual(''); + expect(trelloUserRecord.getWriteableToken()).toEqual('xxx'); await RcUser.destroy({ where: { id: rcUserRecord.id } }); await TrelloUser.destroy({ where: { id: trelloUserRecord.id }}); await Bot.destroy({ where: { id: bot.id }}); @@ -434,7 +444,8 @@ describe('Trello Authorization', () => { }).set('Referer', process.env.RINGCENTRAL_CHATBOT_SERVER); expect(res.status).toEqual(200); trelloUserRecord = await TrelloUser.findByPk(trelloUserId); - expect(trelloUserRecord.writeable_token).toEqual('xxx'); + expect(trelloUserRecord.writeable_token).toEqual(''); + expect(trelloUserRecord.getWriteableToken()).toEqual('xxx'); await RcUser.destroy({ where: { id: rcUserRecord.id } }); await TrelloUser.destroy({ where: { id: trelloUserRecord.id }}); await Bot.destroy({ where: { id: bot.id }}); @@ -497,7 +508,8 @@ describe('Trello Authorization', () => { const rcUser = await RcUser.findByPk(`rcext-${rcUserId}`); expect(rcUser.trello_user_id).toEqual(trelloUserId); const trelloUser = await TrelloUser.findByPk(trelloUserId); - expect(trelloUser.writeable_token).toEqual('xxx'); + expect(trelloUser.writeable_token).toEqual(''); + expect(trelloUser.getWriteableToken()).toEqual('xxx'); await RcUser.destroy({ where: { id: rcUser.id } }); await TrelloUser.destroy({ where: { id: trelloUser.id }}); await Bot.destroy({ where: { id: bot.id }}); @@ -612,7 +624,7 @@ describe('Trello Authorization', () => { writeable_token: 'xxxxx', }); const trelloRevokeScope = nock('https://api.trello.com') - .delete(uri => uri.includes(`/1/tokens/${trelloUserRecord.writeable_token}?`)) + .delete(uri => uri.includes(`/1/tokens/xxxxx?`)) .reply(200, {}); const res = await request(server) .post('/trello/bot-revoke') @@ -621,6 +633,8 @@ describe('Trello Authorization', () => { expect(res.status).toEqual(200); const newTrelloUserRecord = await TrelloUser.findByPk('test_trello_user_id_xxx'); expect(newTrelloUserRecord.writeable_token).toEqual(''); + expect(newTrelloUserRecord.encrypted_writeable_token).toEqual(''); + expect(newTrelloUserRecord.getWriteableToken()).toEqual(''); await RcUser.destroy({ where: { id: rcUserRecord.id } }); await TrelloUser.destroy({ where: { id: trelloUserRecord.id } }); trelloRevokeScope.done(); @@ -658,7 +672,7 @@ describe('Trello Authorization', () => { }, }); const trelloRevokeScope = nock('https://api.trello.com') - .delete(uri => uri.includes(`/1/tokens/${trelloUserRecord.writeable_token}?`)) + .delete(uri => uri.includes(`/1/tokens/xxxxx?`)) .reply(200, {}); const res = await request(server) .post('/trello/bot-revoke') @@ -671,6 +685,8 @@ describe('Trello Authorization', () => { expect(newRcUserRecord.bot_subscriptions).toEqual(null); const newTrelloUserRecord = await TrelloUser.findByPk('test_trello_user_id_xxx'); expect(newTrelloUserRecord.writeable_token).toEqual(''); + expect(newTrelloUserRecord.encrypted_writeable_token).toEqual(''); + expect(newTrelloUserRecord.getWriteableToken()).toEqual(''); await RcUser.destroy({ where: { id: rcUserRecord.id } }); await TrelloUser.destroy({ where: { id: trelloUserRecord.id } }); trelloRevokeScope.done(); @@ -692,7 +708,7 @@ describe('Trello Authorization', () => { writeable_token: 'xxxxx', }); const trelloRevokeScope = nock('https://api.trello.com') - .delete(uri => uri.includes(`/1/tokens/${trelloUserRecord.writeable_token}?`)) + .delete(uri => uri.includes(`/1/tokens/xxxxx?`)) .reply(401, {}); const res = await request(server) .post('/trello/bot-revoke') @@ -701,6 +717,8 @@ describe('Trello Authorization', () => { expect(res.status).toEqual(200); const newTrelloUserRecord = await TrelloUser.findByPk('test_trello_user_id_xxx'); expect(newTrelloUserRecord.writeable_token).toEqual(''); + expect(newTrelloUserRecord.encrypted_writeable_token).toEqual(''); + expect(newTrelloUserRecord.getWriteableToken()).toEqual(''); await RcUser.destroy({ where: { id: rcUserRecord.id } }); await TrelloUser.destroy({ where: { id: trelloUserRecord.id } }); trelloRevokeScope.done(); diff --git a/test/maintain.test.js b/test/maintain.test.js index 9ecab1a..e023efb 100644 --- a/test/maintain.test.js +++ b/test/maintain.test.js @@ -41,15 +41,15 @@ describe('Maintain', () => { const user1 = await TrelloUser.findByPk('111'); expect(user1.username).toEqual(''); expect(user1.fullName).toEqual(''); - expect(user1.writeable_token).toEqual('test111'); + expect(user1.getWriteableToken()).toEqual('test111'); const user2 = await TrelloUser.findByPk('222'); expect(user2.username).toEqual(''); expect(user2.fullName).toEqual(''); - expect(user2.writeable_token).toEqual('test222'); + expect(user2.getWriteableToken()).toEqual('test222'); const user3 = await TrelloUser.findByPk('333'); expect(user3.username).toEqual(''); expect(user3.fullName).toEqual(''); - expect(user3.writeable_token).toEqual('test333'); + expect(user3.getWriteableToken()).toEqual('test333'); delete process.env.MAINTAIN_TOKEN; await TrelloUser.destroy({ where: { id: '111' } }); await TrelloUser.destroy({ where: { id: '222' } });