From 04c0edb71adb8a119fe3d0dd46ea9c8b8b27274b Mon Sep 17 00:00:00 2001
From: Michiel Kodde <mkodde@ibuildings.nl>
Date: Thu, 3 Jun 2021 16:19:00 +0200
Subject: [PATCH] Add event data integrity test

The Middleware command handler tests the correct data on an Event, this
however is the deserialized data that is constructed on the event. The
event payload may contain additional data which in turn could be
sensitive data.

This behat test is created to test the presence of certain data on the
event.
---
 .../behat/features/event_verification.feature | 23 ++++++++++++
 .../src/Repository/EventStreamRepository.php  | 35 +++++++++++++++++++
 2 files changed, 58 insertions(+)
 create mode 100644 tests/behat/features/event_verification.feature
 create mode 100644 tests/behat/features/src/Repository/EventStreamRepository.php

diff --git a/tests/behat/features/event_verification.feature b/tests/behat/features/event_verification.feature
new file mode 100644
index 00000000..f11e9247
--- /dev/null
+++ b/tests/behat/features/event_verification.feature
@@ -0,0 +1,23 @@
+Feature: The application managers are concerned with correct data ending up in the event stream
+  In order to ensure no sensitive data ends up in the event stream
+  As an administrator
+  I must check the payload of the events for presence of sensitive data
+
+  Scenario: Provision an institution and a user to promote later on by an authorized institution
+    Given institution "institution-a.example.com" can "use_ra" from institution "institution-a.example.com"
+    And institution "institution-a.example.com" can "select_raa" from institution "institution-a.example.com"
+    And institution "institution-d.example.com" can "use_ra" from institution "institution-a.example.com"
+    And a user "Jane Toppan" identified by "urn:collab:person:institution-a.example.com:jane-a-ra" from institution "institution-a.example.com"
+    And the user "urn:collab:person:institution-a.example.com:jane-a-ra" has a vetted "yubikey"
+    And the user "urn:collab:person:institution-a.example.com:jane-a-ra" has the role "ra" for institution "institution-a.example.com"
+
+  Scenario: RA user can vet a token from an institution it is RA for
+    Given I am logged in into the selfservice portal as "joe-a1"
+    And I register a new SMS token
+    And I verify my e-mail address
+    When I am logged in into the ra portal as "jane-a-ra" with a "yubikey" token
+    And I vet the last added second factor
+   Then the resulting "SecondFactorVetted" event should not contain "common_name"
+   And the resulting "SecondFactorVetted" event should not contain "vetting_type"
+   And the resulting "SecondFactorVetted" event should not contain "document_number"
+   And the resulting "SecondFactorVetted" event should contain "name_id"
\ No newline at end of file
diff --git a/tests/behat/features/src/Repository/EventStreamRepository.php b/tests/behat/features/src/Repository/EventStreamRepository.php
new file mode 100644
index 00000000..17632915
--- /dev/null
+++ b/tests/behat/features/src/Repository/EventStreamRepository.php
@@ -0,0 +1,35 @@
+<?php
+
+namespace Surfnet\StepupBehat\Repository;
+
+use PDO;
+
+/**
+ * A poor mans repository, a pdo connection to the test database is established in the constructor
+ */
+class EventStreamRepository
+{
+    /**
+     * @var PDO
+     */
+    private $connection;
+
+    public function __construct()
+    {
+        // Settings
+        $dbUser = 'root';
+        $dbPassword = 'password';
+        $dbName = 'middleware_test';
+        $dsn = 'mysql:host=127.0.0.1;dbname=%s';
+        // Open a PDO connection
+        $this->connection = new PDO(sprintf($dsn, $dbName), $dbUser, $dbPassword);
+    }
+
+    public function findLatestByEventName(string $name): array
+    {
+        $sql = 'SELECT * FROM `event_stream` WHERE type LIKE CONCAT("%", :name) ORDER BY recorded_on DESC LIMIT 1';
+        $statement = $this->connection->exec($sql);
+        $statement->execute(['name' => $name]);
+        return $statement->fetch();
+    }
+}