Add verification for user_identity parameter

Tim Mendoza · Tim Mendoza · commit 61cdcba9fa7b · 2020-03-12T16:22:19.000-06:00
diff --git a/src/video-token-server.js b/src/video-token-server.js
@@ -46,6 +46,18 @@ module.exports.handler = (context, event, callback) => {
     return;
   }
 
+  if (!user_identity) {
+    response.setStatusCode(400);
+    response.setBody({
+      error: {
+        message: 'missing user_identity',
+        explanation: 'The user_identity parameter is missing.',
+      },
+    });
+    callback(null, response);
+    return;
+  }
+
   const token = new AccessToken(TWILIO_ACCOUNT_SID, TWILIO_API_KEY_SID, TWILIO_API_KEY_SECRET, {
     ttl: MAX_ALLOWED_SESSION_DURATION,
   });
diff --git a/test/video-token-server.test.js b/test/video-token-server.test.js
@@ -16,7 +16,7 @@ describe('the video-token-server', () => {
   it('should return an "unauthorized" error when the passcode is incorrect', () => {
     Date.now = () => 5;
 
-    handler(mockContext, { passcode: '9876543210' }, callback);
+    handler(mockContext, { passcode: '9876543210', user_identity: 'test identity' }, callback);
 
     expect(callback).toHaveBeenCalledWith(null, {
       body: {
@@ -33,7 +33,7 @@ describe('the video-token-server', () => {
   it('should return an "expired" error when the current time is past the API_PASSCODE_EXPIRY time', () => {
     Date.now = () => 15;
 
-    handler(mockContext, { passcode: '1234566789' }, callback);
+    handler(mockContext, { passcode: '1234566789', user_identity: 'test identity'}, callback);
 
     expect(callback).toHaveBeenCalledWith(null, {
       body: {
@@ -48,11 +48,29 @@ describe('the video-token-server', () => {
     });
   });
 
-  it('should return a token when only the passcode is supplied', () => {
+  it('should return a "missing user_identity" error when the "user_identity" parameter is not supplied', () => {
     Date.now = () => 5;
 
     handler(mockContext, { passcode: '1234566789' }, callback);
 
+    expect(callback).toHaveBeenCalledWith(null, {
+      body: {
+        error: {
+          message: 'missing user_identity',
+          explanation:
+            'The user_identity parameter is missing.',
+        },
+      },
+      headers: { 'Content-Type': 'application/json' },
+      statusCode: 400,
+    });
+  });
+
+  it('should return a token when no room_name is supplied', () => {
+    Date.now = () => 5;
+
+    handler(mockContext, { passcode: '1234566789',  user_identity: 'test identity' }, callback);
+
     expect(callback).toHaveBeenCalledWith(null, {
       body: { token: expect.any(String) },
       headers: { 'Content-Type': 'application/json' },
@@ -62,6 +80,7 @@ describe('the video-token-server', () => {
     expect(jwt.decode(callback.mock.calls[0][1].body.token)).toEqual({
       exp: 14400,
       grants: {
+        identity: "test identity",
         video: {},
       },
       iat: 0,
