From 050461f28da4c97733af412d41c4ac75be877012 Mon Sep 17 00:00:00 2001
From: Florian Dold <florian@dold.me>
Date: Thu, 4 Mar 2021 13:42:08 +0100
Subject: test merchant issue reported by MS

---
 .../integrationtests/test-merchant-instances.ts    | 36 +++++++++++++++++++---
 1 file changed, 32 insertions(+), 4 deletions(-)

(limited to 'packages/taler-wallet-cli/src/integrationtests/test-merchant-instances.ts')

diff --git a/packages/taler-wallet-cli/src/integrationtests/test-merchant-instances.ts b/packages/taler-wallet-cli/src/integrationtests/test-merchant-instances.ts
index 4691487de..5d1c06e1e 100644
--- a/packages/taler-wallet-cli/src/integrationtests/test-merchant-instances.ts
+++ b/packages/taler-wallet-cli/src/integrationtests/test-merchant-instances.ts
@@ -80,13 +80,23 @@ export async function runMerchantInstancesTest(t: GlobalTestState) {
     },
   });
 
+  // Add an instance, no auth!
+  await merchant.addInstance({
+    id: "myinst",
+    name: "Second Instance",
+    paytoUris: [`payto://x-taler-bank/merchant-default`],
+    auth: {
+      method: "external",
+    },
+  });
+
   let merchantClient = new MerchantApiClient(merchant.makeInstanceBaseUrl(), {
     method: "external",
   });
 
   {
     const r = await merchantClient.getInstances();
-    t.assertDeepEqual(r.instances.length, 1);
+    t.assertDeepEqual(r.instances.length, 2);
   }
 
   // Check that a "malformed" bearer Authorization header gets ignored
@@ -94,7 +104,7 @@ export async function runMerchantInstancesTest(t: GlobalTestState) {
     const url = merchant.makeInstanceBaseUrl();
     const resp = await axios.get(new URL("private/instances", url).href, {
       headers: {
-        "Authorization": "foo bar-baz",
+        Authorization: "foo bar-baz",
       },
     });
     t.assertDeepEqual(resp.status, 200);
@@ -133,8 +143,8 @@ export async function runMerchantInstancesTest(t: GlobalTestState) {
     const resp = await axios.get(new URL("private/instances", url).href, {
       headers: {
         // Note the spaces
-        "Authorization": "Bearer     secret-token:foobar",
-      }
+        Authorization: "Bearer     secret-token:foobar",
+      },
     });
     t.assertDeepEqual(resp.status, 200);
   }
@@ -146,6 +156,24 @@ export async function runMerchantInstancesTest(t: GlobalTestState) {
     // Token should *not* be reported back.
     t.assertDeepEqual(fullDetails.auth.token, undefined);
   }
+
+  // Check that deleting an instance checks the auth
+  // of the default instance.
+  {
+    const unauthMerchantClient = new MerchantApiClient(
+      merchant.makeInstanceBaseUrl(),
+      {
+        method: "external",
+      },
+    );
+
+    const exc = await t.assertThrowsAsync(async () => {
+      await unauthMerchantClient.deleteInstance("");
+    });
+    console.log(exc);
+    t.assertAxiosError(exc);
+    t.assertDeepEqual(exc.response?.status, 403);
+  }
 }
 
 runMerchantInstancesTest.suites = ["merchant"];
-- 
cgit v1.2.3