neoris/openvidu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

backend: update environment variables to use initial configuration for admin credentials, API key and webhook settings

Browse Source
This commit is contained in:
juancarmore 2025-08-27 12:57:25 +02:00
parent e958fb2340
commit 981c7e0d96
14 changed files with 98 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
backend/.env.dev
View File

@ -1,5 +1,5 @@
USE_HTTPS=false USE_HTTPS=false
MEET_LOG_LEVEL=debug MEET_LOG_LEVEL=debug
SERVER_CORS_ORIGIN=* SERVER_CORS_ORIGIN=*
MEET_API_KEY=meet-api-key MEET_INITIAL_API_KEY=meet-api-key
MEET_WEBHOOK_ENABLED=false MEET_INITIAL_WEBHOOK_ENABLED=false

4
backend/.env.test
View File

@ -1,5 +1,5 @@
USE_HTTPS=false USE_HTTPS=false
MEET_LOG_LEVEL=verbose MEET_LOG_LEVEL=verbose
SERVER_CORS_ORIGIN=* SERVER_CORS_ORIGIN=*
MEET_API_KEY=meet-api-key MEET_INITIAL_API_KEY=meet-api-key
MEET_WEBHOOK_ENABLED=false MEET_INITIAL_WEBHOOK_ENABLED=false

32
backend/src/environment.ts
View File

@ -21,26 +21,28 @@ export const {
MEET_LOG_LEVEL = 'info', MEET_LOG_LEVEL = 'info',
MEET_NAME_ID = 'openviduMeet', MEET_NAME_ID = 'openviduMeet',
// Authentication configuration
MEET_API_KEY = '',
MEET_ADMIN_USER = 'admin',
/** /**
* Authentication configuration
*
* IMPORTANT: * IMPORTANT:
* - This variable is only used the first time the server starts, storing the value in the database. * - These variables are only used the first time the server starts, storing their values in the database.
* - To change it after the initial start, use the OpenVidu Meet API instead of modifying this environment variable. * - To change them after the initial start, use the OpenVidu Meet API instead of modifying these environment variables.
*/ */
MEET_ADMIN_SECRET = 'admin', MEET_INITIAL_ADMIN_USER = 'admin',
MEET_INITIAL_ADMIN_PASSWORD = 'admin',
MEET_INITIAL_API_KEY = '',
MEET_COOKIE_SECURE = 'false', MEET_COOKIE_SECURE = 'false',
/** /**
* Webhook configuration * Webhook configuration
* *
* IMPORTANT: * IMPORTANT:
* - These variables are only used the first time the server starts, storing the values in the database. * - These variables are only used the first time the server starts, storing their values in the database.
* - To change them after the initial start, use the OpenVidu Meet API instead of modifying these environment variables. * - To change them after the initial start, use the OpenVidu Meet API instead of modifying these environment variables.
*/ */
MEET_WEBHOOK_ENABLED = 'false', MEET_INITIAL_WEBHOOK_ENABLED = 'false',
MEET_WEBHOOK_URL = 'http://localhost:5080/webhook', MEET_INITIAL_WEBHOOK_URL = 'http://localhost:5080/webhook',
// LiveKit configuration // LiveKit configuration
LIVEKIT_URL = 'ws://localhost:7880', LIVEKIT_URL = 'ws://localhost:7880',
@ -106,14 +108,14 @@ export const logEnvVars = () => {
console.log('SERVICE NAME ID: ', text(MEET_NAME_ID)); console.log('SERVICE NAME ID: ', text(MEET_NAME_ID));
console.log('CORS ORIGIN:', text(SERVER_CORS_ORIGIN)); console.log('CORS ORIGIN:', text(SERVER_CORS_ORIGIN));
console.log('MEET LOG LEVEL: ', text(MEET_LOG_LEVEL)); console.log('MEET LOG LEVEL: ', text(MEET_LOG_LEVEL));
console.log('MEET API KEY: ', credential('****' + MEET_API_KEY.slice(-3)));
console.log('MEET ADMIN USER: ', credential('****' + MEET_ADMIN_USER.slice(-3)));
console.log('MEET ADMIN PASSWORD: ', credential('****' + MEET_ADMIN_SECRET.slice(-3)));
console.log('MEET PREFERENCES STORAGE:', text(MEET_PREFERENCES_STORAGE_MODE)); console.log('MEET PREFERENCES STORAGE:', text(MEET_PREFERENCES_STORAGE_MODE));
console.log('MEET_WEBHOOK_ENABLED:', text(MEET_WEBHOOK_ENABLED)); console.log('MEET INITIAL ADMIN USER: ', credential('****' + MEET_INITIAL_ADMIN_USER.slice(-3)));
console.log('MEET INITIAL ADMIN PASSWORD: ', credential('****' + MEET_INITIAL_ADMIN_PASSWORD.slice(-3)));
console.log('MEET INITIAL API KEY: ', credential('****' + MEET_INITIAL_API_KEY.slice(-3)));
console.log('MEET INITIAL WEBHOOK ENABLED:', text(MEET_INITIAL_WEBHOOK_ENABLED));
if (MEET_WEBHOOK_ENABLED === 'true') { if (MEET_INITIAL_WEBHOOK_ENABLED === 'true') {
console.log('MEET_WEBHOOK_URL:', text(MEET_WEBHOOK_URL)); console.log('MEET INITIAL WEBHOOK URL:', text(MEET_INITIAL_WEBHOOK_URL));
} }
console.log('---------------------------------------------------------'); console.log('---------------------------------------------------------');

6
backend/src/services/auth.service.ts
View File

@ -1,6 +1,6 @@
import { User } from '@typings-ce'; import { User } from '@typings-ce';
import { inject, injectable } from 'inversify'; import { inject, injectable } from 'inversify';
import { MEET_API_KEY } from '../environment.js'; import { MEET_INITIAL_API_KEY } from '../environment.js';
import { PasswordHelper } from '../helpers/index.js'; import { PasswordHelper } from '../helpers/index.js';
import { errorApiKeyNotConfigured } from '../models/error.model.js'; import { errorApiKeyNotConfigured } from '../models/error.model.js';
import { MeetStorageService, UserService } from './index.js'; import { MeetStorageService, UserService } from './index.js';
@ -48,11 +48,11 @@ export class AuthService {
storedApiKeys = []; storedApiKeys = [];
} }
if (storedApiKeys.length === 0 && !MEET_API_KEY) { if (storedApiKeys.length === 0 && !MEET_INITIAL_API_KEY) {
throw errorApiKeyNotConfigured(); throw errorApiKeyNotConfigured();
} }
// Check if the provided API key matches any stored API key or the MEET_API_KEY // Check if the provided API key matches any stored API key or the MEET_API_KEY
return storedApiKeys.some((key) => key.key === apiKey) || apiKey === MEET_API_KEY; return storedApiKeys.some((key) => key.key === apiKey) || apiKey === MEET_INITIAL_API_KEY;
} }
} }

6
backend/src/services/openvidu-webhook.service.ts
View File

@ -8,7 +8,7 @@ import {
} from '@typings-ce'; } from '@typings-ce';
import crypto from 'crypto'; import crypto from 'crypto';
import { inject, injectable } from 'inversify'; import { inject, injectable } from 'inversify';
import { MEET_API_KEY } from '../environment.js'; import { MEET_INITIAL_API_KEY } from '../environment.js';
import { AuthService, LoggerService, MeetStorageService } from './index.js'; import { AuthService, LoggerService, MeetStorageService } from './index.js';
import { errorWebhookUrlUnreachable } from '../models/error.model.js'; import { errorWebhookUrlUnreachable } from '../models/error.model.js';
@ -222,8 +222,8 @@ export class OpenViduWebhookService {
if (apiKeys.length === 0) { if (apiKeys.length === 0) {
// If no API keys are configured, check if the MEET_API_KEY environment variable is set // If no API keys are configured, check if the MEET_API_KEY environment variable is set
if (MEET_API_KEY) { if (MEET_INITIAL_API_KEY) {
return MEET_API_KEY; return MEET_INITIAL_API_KEY;
} }
throw new Error('There are no API keys configured yet. Please, create one to use webhooks.'); throw new Error('There are no API keys configured yet. Please, create one to use webhooks.');

18
backend/src/services/storage/storage.service.ts
View File

@ -12,11 +12,11 @@ import { inject, injectable } from 'inversify';
import ms from 'ms'; import ms from 'ms';
import { Readable } from 'stream'; import { Readable } from 'stream';
import { import {
MEET_ADMIN_SECRET, MEET_INITIAL_ADMIN_PASSWORD,
MEET_ADMIN_USER, MEET_INITIAL_ADMIN_USER,
MEET_NAME_ID, MEET_INITIAL_WEBHOOK_ENABLED,
MEET_WEBHOOK_ENABLED, MEET_INITIAL_WEBHOOK_URL,
MEET_WEBHOOK_URL MEET_NAME_ID
} from '../../environment.js'; } from '../../environment.js';
import { MeetLock, PasswordHelper, RecordingHelper } from '../../helpers/index.js'; import { MeetLock, PasswordHelper, RecordingHelper } from '../../helpers/index.js';
import { import {
@ -141,8 +141,8 @@ export class MeetStorageService<
// Save the default admin user // Save the default admin user
const admin = { const admin = {
username: MEET_ADMIN_USER, username: MEET_INITIAL_ADMIN_USER,
passwordHash: await PasswordHelper.hashPassword(MEET_ADMIN_SECRET), passwordHash: await PasswordHelper.hashPassword(MEET_INITIAL_ADMIN_PASSWORD),
roles: [UserRole.ADMIN, UserRole.USER] roles: [UserRole.ADMIN, UserRole.USER]
} as MUser; } as MUser;
await this.saveUser(admin); await this.saveUser(admin);
@ -885,8 +885,8 @@ export class MeetStorageService<
return { return {
projectId: MEET_NAME_ID, projectId: MEET_NAME_ID,
webhooksPreferences: { webhooksPreferences: {
enabled: MEET_WEBHOOK_ENABLED === 'true', enabled: MEET_INITIAL_WEBHOOK_ENABLED === 'true',
url: MEET_WEBHOOK_URL url: MEET_INITIAL_WEBHOOK_URL
}, },
securityPreferences: { securityPreferences: {
authentication: { authentication: {

38
backend/tests/helpers/request-helpers.ts
View File

@ -9,9 +9,9 @@ import INTERNAL_CONFIG from '../../src/config/internal-config.js';
import { import {
LIVEKIT_API_KEY, LIVEKIT_API_KEY,
LIVEKIT_API_SECRET, LIVEKIT_API_SECRET,
MEET_ADMIN_SECRET, MEET_INITIAL_ADMIN_PASSWORD,
MEET_ADMIN_USER, MEET_INITIAL_ADMIN_USER,
MEET_API_KEY MEET_INITIAL_API_KEY
} from '../../src/environment.js'; } from '../../src/environment.js';
import { createApp, registerDependencies } from '../../src/server.js'; import { createApp, registerDependencies } from '../../src/server.js';
import { RecordingService, RoomService } from '../../src/services/index.js'; import { RecordingService, RoomService } from '../../src/services/index.js';
@ -29,8 +29,8 @@ import {
const CREDENTIALS = { const CREDENTIALS = {
admin: { admin: {
username: MEET_ADMIN_USER, username: MEET_INITIAL_ADMIN_USER,
password: MEET_ADMIN_SECRET password: MEET_INITIAL_ADMIN_PASSWORD
} }
}; };
@ -204,7 +204,7 @@ export const createRoom = async (options: MeetRoomOptions = {}): Promise<MeetRoo
const response = await request(app) const response = await request(app)
.post(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`) .post(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.send(options) .send(options)
.expect(201); .expect(201);
return response.body; return response.body;
@ -215,7 +215,7 @@ export const getRooms = async (query: Record<string, any> = {}) => {
return await request(app) return await request(app)
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`) .get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.query(query); .query(query);
}; };
@ -235,7 +235,7 @@ export const getRoom = async (roomId: string, fields?: string, cookie?: string,
if (cookie && role) { if (cookie && role) {
req.set('Cookie', cookie).set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, role); req.set('Cookie', cookie).set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, role);
} else { } else {
req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
} }
return await req; return await req;
@ -282,7 +282,7 @@ export const deleteRoom = async (roomId: string, query: Record<string, any> = {}
const result = await request(app) const result = await request(app)
.delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms/${roomId}`) .delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms/${roomId}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.query(query); .query(query);
await sleep('1s'); await sleep('1s');
return result; return result;
@ -293,7 +293,7 @@ export const bulkDeleteRooms = async (roomIds: any[], force?: any) => {
const result = await request(app) const result = await request(app)
.delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`) .delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.query({ roomIds: roomIds.join(','), force }); .query({ roomIds: roomIds.join(','), force });
await sleep('1s'); await sleep('1s');
return result; return result;
@ -308,7 +308,7 @@ export const deleteAllRooms = async () => {
const response: any = await request(app) const response: any = await request(app)
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`) .get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`)
.query({ fields: 'roomId', maxItems: 100, nextPageToken }) .query({ fields: 'roomId', maxItems: 100, nextPageToken })
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.expect(200); .expect(200);
nextPageToken = response.body.pagination?.nextPageToken ?? undefined; nextPageToken = response.body.pagination?.nextPageToken ?? undefined;
@ -321,7 +321,7 @@ export const deleteAllRooms = async () => {
await request(app) await request(app)
.delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`) .delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`)
.query({ roomIds: roomIds.join(','), force: true }) .query({ roomIds: roomIds.join(','), force: true })
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
} while (nextPageToken); } while (nextPageToken);
await sleep('1s'); await sleep('1s');
@ -630,7 +630,7 @@ export const getRecording = async (recordingId: string) => {
return await request(app) return await request(app)
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}`) .get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
}; };
export const getRecordingMedia = async (recordingId: string, range?: string) => { export const getRecordingMedia = async (recordingId: string, range?: string) => {
@ -638,7 +638,7 @@ export const getRecordingMedia = async (recordingId: string, range?: string) =>
const req = request(app) const req = request(app)
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}/media`) .get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}/media`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
if (range) { if (range) {
req.set('range', range); req.set('range', range);
@ -653,7 +653,7 @@ export const getRecordingUrl = async (recordingId: string, privateAccess = false
return await request(app) return await request(app)
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}/url`) .get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}/url`)
.query({ privateAccess }) .query({ privateAccess })
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
}; };
export const deleteRecording = async (recordingId: string) => { export const deleteRecording = async (recordingId: string) => {
@ -661,7 +661,7 @@ export const deleteRecording = async (recordingId: string) => {
return await request(app) return await request(app)
.delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}`) .delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
}; };
export const bulkDeleteRecordings = async (recordingIds: any[], recordingTokenCookie?: string): Promise<Response> => { export const bulkDeleteRecordings = async (recordingIds: any[], recordingTokenCookie?: string): Promise<Response> => {
@ -674,7 +674,7 @@ export const bulkDeleteRecordings = async (recordingIds: any[], recordingTokenCo
if (recordingTokenCookie) { if (recordingTokenCookie) {
req.set('Cookie', recordingTokenCookie); req.set('Cookie', recordingTokenCookie);
} else { } else {
req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
} }
return await req; return await req;
@ -694,7 +694,7 @@ export const downloadRecordings = async (
if (recordingTokenCookie) { if (recordingTokenCookie) {
req.set('Cookie', recordingTokenCookie); req.set('Cookie', recordingTokenCookie);
} else { } else {
req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
} }
if (asBuffer) { if (asBuffer) {
@ -743,7 +743,7 @@ export const getAllRecordings = async (query: Record<string, any> = {}) => {
return await request(app) return await request(app)
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings`) .get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.query(query); .query(query);
}; };

10
backend/tests/integration/api/global-preferences/webhook.test.ts
View File

@ -1,6 +1,6 @@
import { afterAll, afterEach, beforeAll, describe, expect, it } from '@jest/globals'; import { afterAll, afterEach, beforeAll, describe, expect, it } from '@jest/globals';
import { Request } from 'express'; import { Request } from 'express';
import { MEET_WEBHOOK_ENABLED, MEET_WEBHOOK_URL } from '../../../../src/environment.js'; import { MEET_INITIAL_WEBHOOK_ENABLED, MEET_INITIAL_WEBHOOK_URL } from '../../../../src/environment.js';
import { expectValidationError } from '../../../helpers/assertion-helpers.js'; import { expectValidationError } from '../../../helpers/assertion-helpers.js';
import { import {
getWebbhookPreferences, getWebbhookPreferences,
@ -12,8 +12,8 @@ import { startWebhookServer, stopWebhookServer } from '../../../helpers/test-sce
const restoreDefaultWebhookPreferences = async () => { const restoreDefaultWebhookPreferences = async () => {
const defaultPreferences = { const defaultPreferences = {
enabled: MEET_WEBHOOK_ENABLED === 'true', enabled: MEET_INITIAL_WEBHOOK_ENABLED === 'true',
url: MEET_WEBHOOK_URL url: MEET_INITIAL_WEBHOOK_URL
}; };
await updateWebbhookPreferences(defaultPreferences); await updateWebbhookPreferences(defaultPreferences);
}; };
@ -114,8 +114,8 @@ describe('Webhook Preferences API Tests', () => {
expect(response.status).toBe(200); expect(response.status).toBe(200);
expect(response.body).toEqual({ expect(response.body).toEqual({
enabled: MEET_WEBHOOK_ENABLED === 'true', enabled: MEET_INITIAL_WEBHOOK_ENABLED === 'true',
url: MEET_WEBHOOK_URL url: MEET_INITIAL_WEBHOOK_URL
}); });
}); });
}); });

8
backend/tests/integration/api/security/meeting-security.test.ts
View File

@ -2,7 +2,7 @@ import { afterAll, beforeAll, beforeEach, describe, expect, it } from '@jest/glo
import { Express } from 'express'; import { Express } from 'express';
import request from 'supertest'; import request from 'supertest';
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js'; import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
import { LIVEKIT_URL, MEET_API_KEY } from '../../../../src/environment.js'; import { LIVEKIT_URL, MEET_INITIAL_API_KEY } from '../../../../src/environment.js';
import { MeetTokenMetadata, ParticipantRole } from '../../../../src/typings/ce'; import { MeetTokenMetadata, ParticipantRole } from '../../../../src/typings/ce';
import { getPermissions } from '../../../helpers/assertion-helpers.js'; import { getPermissions } from '../../../helpers/assertion-helpers.js';
import { import {
@ -39,7 +39,7 @@ describe('Meeting API Security Tests', () => {
it('should fail when request includes API key', async () => { it('should fail when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}`) .delete(`${MEETINGS_PATH}/${roomData.room.roomId}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(401); expect(response.status).toBe(401);
}); });
@ -98,7 +98,7 @@ describe('Meeting API Security Tests', () => {
it('should fail when request includes API key', async () => { it('should fail when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.patch(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`) .patch(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.send({ role }); .send({ role });
expect(response.status).toBe(401); expect(response.status).toBe(401);
}); });
@ -147,7 +147,7 @@ describe('Meeting API Security Tests', () => {
it('should fail when request includes API key', async () => { it('should fail when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_IDENTITY}`) .delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_IDENTITY}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(401); expect(response.status).toBe(401);
}); });

14
backend/tests/integration/api/security/preferences-security.test.ts
View File

@ -2,9 +2,9 @@ import { beforeAll, describe, expect, it } from '@jest/globals';
import { Express } from 'express'; import { Express } from 'express';
import request from 'supertest'; import request from 'supertest';
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js'; import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
import { MEET_API_KEY } from '../../../../src/environment.js'; import { MEET_INITIAL_API_KEY } from '../../../../src/environment.js';
import { loginUser, startTestServer } from '../../../helpers/request-helpers.js';
import { AuthMode, AuthType } from '../../../../src/typings/ce/index.js'; import { AuthMode, AuthType } from '../../../../src/typings/ce/index.js';
import { loginUser, startTestServer } from '../../../helpers/request-helpers.js';
const PREFERENCES_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/preferences`; const PREFERENCES_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/preferences`;
@ -26,7 +26,7 @@ describe('Global Preferences API Security Tests', () => {
it('should fail when request includes API key', async () => { it('should fail when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.put(`${PREFERENCES_PATH}/webhooks`) .put(`${PREFERENCES_PATH}/webhooks`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.send(webhookPreferences); .send(webhookPreferences);
expect(response.status).toBe(401); expect(response.status).toBe(401);
}); });
@ -49,7 +49,7 @@ describe('Global Preferences API Security Tests', () => {
it('should fail when request includes API key', async () => { it('should fail when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.get(`${PREFERENCES_PATH}/webhooks`) .get(`${PREFERENCES_PATH}/webhooks`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(401); expect(response.status).toBe(401);
}); });
@ -77,7 +77,7 @@ describe('Global Preferences API Security Tests', () => {
it('should fail when request includes API key', async () => { it('should fail when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.put(`${PREFERENCES_PATH}/security`) .put(`${PREFERENCES_PATH}/security`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.send(securityPreferences); .send(securityPreferences);
expect(response.status).toBe(401); expect(response.status).toBe(401);
}); });
@ -107,7 +107,7 @@ describe('Global Preferences API Security Tests', () => {
it('should fail when request includes API key', async () => { it('should fail when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.put(`${PREFERENCES_PATH}/appearance`) .put(`${PREFERENCES_PATH}/appearance`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.send({}); .send({});
expect(response.status).toBe(401); expect(response.status).toBe(401);
}); });
@ -130,7 +130,7 @@ describe('Global Preferences API Security Tests', () => {
it('should fail when request includes API key', async () => { it('should fail when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.get(`${PREFERENCES_PATH}/appearance`) .get(`${PREFERENCES_PATH}/appearance`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(401); expect(response.status).toBe(401);
}); });

20
backend/tests/integration/api/security/recording-security.test.ts
View File

@ -2,7 +2,7 @@ import { afterAll, beforeAll, describe, expect, it } from '@jest/globals';
import { Express } from 'express'; import { Express } from 'express';
import request from 'supertest'; import request from 'supertest';
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js'; import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
import { MEET_API_KEY } from '../../../../src/environment.js'; import { MEET_INITIAL_API_KEY } from '../../../../src/environment.js';
import { MeetRecordingAccess, ParticipantRole } from '../../../../src/typings/ce/index.js'; import { MeetRecordingAccess, ParticipantRole } from '../../../../src/typings/ce/index.js';
import { expectValidStopRecordingResponse } from '../../../helpers/assertion-helpers.js'; import { expectValidStopRecordingResponse } from '../../../helpers/assertion-helpers.js';
import { import {
@ -47,7 +47,7 @@ describe('Recording API Security Tests', () => {
const response = await request(app) const response = await request(app)
.post(INTERNAL_RECORDINGS_PATH) .post(INTERNAL_RECORDINGS_PATH)
.send({ roomId: roomData.room.roomId }) .send({ roomId: roomData.room.roomId })
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(401); expect(response.status).toBe(401);
}); });
@ -108,7 +108,7 @@ describe('Recording API Security Tests', () => {
it('should fail when request includes API key', async () => { it('should fail when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.post(`${INTERNAL_RECORDINGS_PATH}/${roomData.recordingId}/stop`) .post(`${INTERNAL_RECORDINGS_PATH}/${roomData.recordingId}/stop`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(401); expect(response.status).toBe(401);
}); });
@ -160,7 +160,7 @@ describe('Recording API Security Tests', () => {
it('should succeed when request includes API key', async () => { it('should succeed when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.get(RECORDINGS_PATH) .get(RECORDINGS_PATH)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
@ -224,7 +224,7 @@ describe('Recording API Security Tests', () => {
it('should succeed when request includes API key', async () => { it('should succeed when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.get(`${RECORDINGS_PATH}/${recordingId}`) .get(`${RECORDINGS_PATH}/${recordingId}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
@ -351,7 +351,7 @@ describe('Recording API Security Tests', () => {
it('should succeed when request includes API key', async () => { it('should succeed when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.delete(`${RECORDINGS_PATH}/${fakeRecordingId}`) .delete(`${RECORDINGS_PATH}/${fakeRecordingId}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(404); expect(response.status).toBe(404);
}); });
@ -437,7 +437,7 @@ describe('Recording API Security Tests', () => {
const response = await request(app) const response = await request(app)
.delete(RECORDINGS_PATH) .delete(RECORDINGS_PATH)
.query({ recordingIds: fakeRecordingId }) .query({ recordingIds: fakeRecordingId })
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
@ -516,7 +516,7 @@ describe('Recording API Security Tests', () => {
it('should succeed when request includes API key', async () => { it('should succeed when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.get(`${RECORDINGS_PATH}/${recordingId}/media`) .get(`${RECORDINGS_PATH}/${recordingId}/media`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
@ -640,7 +640,7 @@ describe('Recording API Security Tests', () => {
it('should succeed when request includes API key', async () => { it('should succeed when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.get(`${RECORDINGS_PATH}/${recordingId}/url`) .get(`${RECORDINGS_PATH}/${recordingId}/url`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
@ -715,7 +715,7 @@ describe('Recording API Security Tests', () => {
const response = await request(app) const response = await request(app)
.get(`${RECORDINGS_PATH}/download`) .get(`${RECORDINGS_PATH}/download`)
.query({ recordingIds: recordingId }) .query({ recordingIds: recordingId })
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });

18
backend/tests/integration/api/security/room-security.test.ts
View File

@ -2,7 +2,7 @@ import { afterAll, beforeAll, beforeEach, describe, expect, it } from '@jest/glo
import { Express } from 'express'; import { Express } from 'express';
import request from 'supertest'; import request from 'supertest';
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js'; import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
import { MEET_API_KEY } from '../../../../src/environment.js'; import { MEET_INITIAL_API_KEY } from '../../../../src/environment.js';
import { AuthMode, MeetRecordingAccess, ParticipantRole } from '../../../../src/typings/ce/index.js'; import { AuthMode, MeetRecordingAccess, ParticipantRole } from '../../../../src/typings/ce/index.js';
import { import {
changeSecurityPreferences, changeSecurityPreferences,
@ -37,7 +37,7 @@ describe('Room API Security Tests', () => {
it('should succeed when request includes API key', async () => { it('should succeed when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.post(ROOMS_PATH) .post(ROOMS_PATH)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.send({}); .send({});
expect(response.status).toBe(201); expect(response.status).toBe(201);
}); });
@ -55,7 +55,9 @@ describe('Room API Security Tests', () => {
describe('Get Rooms Tests', () => { describe('Get Rooms Tests', () => {
it('should succeed when request includes API key', async () => { it('should succeed when request includes API key', async () => {
const response = await request(app).get(ROOMS_PATH).set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); const response = await request(app)
.get(ROOMS_PATH)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
@ -82,7 +84,7 @@ describe('Room API Security Tests', () => {
const response = await request(app) const response = await request(app)
.delete(ROOMS_PATH) .delete(ROOMS_PATH)
.query({ roomIds: roomId }) .query({ roomIds: roomId })
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(204); expect(response.status).toBe(204);
}); });
@ -110,7 +112,7 @@ describe('Room API Security Tests', () => {
it('should succeed when request includes API key', async () => { it('should succeed when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.get(`${ROOMS_PATH}/${roomData.room.roomId}`) .get(`${ROOMS_PATH}/${roomData.room.roomId}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
@ -162,7 +164,7 @@ describe('Room API Security Tests', () => {
it('should succeed when request includes API key', async () => { it('should succeed when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.delete(`${ROOMS_PATH}/${roomId}`) .delete(`${ROOMS_PATH}/${roomId}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(204); expect(response.status).toBe(204);
}); });
@ -197,7 +199,7 @@ describe('Room API Security Tests', () => {
it('should succeed when request includes API key', async () => { it('should succeed when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.put(`${ROOMS_PATH}/${roomId}`) .put(`${ROOMS_PATH}/${roomId}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
.send(roomPreferences); .send(roomPreferences);
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
@ -226,7 +228,7 @@ describe('Room API Security Tests', () => {
it('should fail when request includes API key', async () => { it('should fail when request includes API key', async () => {
const response = await request(app) const response = await request(app)
.get(`${INTERNAL_ROOMS_PATH}/${roomData.room.roomId}/preferences`) .get(`${INTERNAL_ROOMS_PATH}/${roomData.room.roomId}/preferences`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
expect(response.status).toBe(401); expect(response.status).toBe(401);
}); });

6
backend/tests/integration/api/security/user-security.test.ts
View File

@ -2,7 +2,7 @@ import { beforeAll, describe, expect, it } from '@jest/globals';
import { Express } from 'express'; import { Express } from 'express';
import request from 'supertest'; import request from 'supertest';
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js'; import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
import { MEET_ADMIN_SECRET } from '../../../../src/environment.js'; import { MEET_INITIAL_ADMIN_PASSWORD } from '../../../../src/environment.js';
import { changePassword, loginUser, startTestServer } from '../../../helpers/request-helpers.js'; import { changePassword, loginUser, startTestServer } from '../../../helpers/request-helpers.js';
const USERS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/users`; const USERS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/users`;
@ -34,7 +34,7 @@ describe('User API Security Tests', () => {
describe('Change Password Tests', () => { describe('Change Password Tests', () => {
const changePasswordRequest = { const changePasswordRequest = {
currentPassword: MEET_ADMIN_SECRET, currentPassword: MEET_INITIAL_ADMIN_PASSWORD,
newPassword: 'newpassword123' newPassword: 'newpassword123'
}; };
@ -52,7 +52,7 @@ describe('User API Security Tests', () => {
expect(response.status).toBe(200); expect(response.status).toBe(200);
// Reset password // Reset password
await changePassword(changePasswordRequest.newPassword, MEET_ADMIN_SECRET, adminCookie); await changePassword(changePasswordRequest.newPassword, MEET_INITIAL_ADMIN_PASSWORD, adminCookie);
}); });
it('should fail when user is not authenticated', async () => { it('should fail when user is not authenticated', async () => {

8
backend/tests/integration/api/users/change-password.test.ts
View File

@ -1,5 +1,5 @@
import { beforeAll, describe, expect, it } from '@jest/globals'; import { beforeAll, describe, expect, it } from '@jest/globals';
import { MEET_ADMIN_SECRET } from '../../../../src/environment.js'; import { MEET_INITIAL_ADMIN_PASSWORD } from '../../../../src/environment.js';
import { expectValidationError } from '../../../helpers/assertion-helpers.js'; import { expectValidationError } from '../../../helpers/assertion-helpers.js';
import { changePassword, loginUser, startTestServer } from '../../../helpers/request-helpers.js'; import { changePassword, loginUser, startTestServer } from '../../../helpers/request-helpers.js';
@ -14,12 +14,12 @@ describe('Users API Tests', () => {
describe('Change Password Tests', () => { describe('Change Password Tests', () => {
it('should successfully change password', async () => { it('should successfully change password', async () => {
const newPassword = 'newpassword123'; const newPassword = 'newpassword123';
const response = await changePassword(MEET_ADMIN_SECRET, newPassword, adminCookie); const response = await changePassword(MEET_INITIAL_ADMIN_PASSWORD, newPassword, adminCookie);
expect(response.status).toBe(200); expect(response.status).toBe(200);
expect(response.body).toHaveProperty('message', 'Password changed successfully'); expect(response.body).toHaveProperty('message', 'Password changed successfully');
// Reset password // Reset password
await changePassword(newPassword, MEET_ADMIN_SECRET, adminCookie); await changePassword(newPassword, MEET_INITIAL_ADMIN_PASSWORD, adminCookie);
}); });
it('should fail when current password is incorrect', async () => { it('should fail when current password is incorrect', async () => {
@ -29,7 +29,7 @@ describe('Users API Tests', () => {
}); });
it('should fail when new password is not 5 characters long', async () => { it('should fail when new password is not 5 characters long', async () => {
const response = await changePassword(MEET_ADMIN_SECRET, '1234', adminCookie); const response = await changePassword(MEET_INITIAL_ADMIN_PASSWORD, '1234', adminCookie);
expectValidationError(response, 'newPassword', 'New password must be at least 5 characters long'); expectValidationError(response, 'newPassword', 'New password must be at least 5 characters long');
}); });
}); });