bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/pkg/apiclient/auth_service_test.go (about) 1 package apiclient 2 3 import ( 4 "bytes" 5 "context" 6 "fmt" 7 "net/http" 8 "net/url" 9 "testing" 10 11 "bitbucket.org/Aishee/synsec/pkg/cwversion" 12 "bitbucket.org/Aishee/synsec/pkg/models" 13 log "github.com/sirupsen/logrus" 14 "github.com/stretchr/testify/assert" 15 ) 16 17 func TestWatcherAuth(t *testing.T) { 18 19 log.SetLevel(log.DebugLevel) 20 21 mux, urlx, teardown := setup() 22 defer teardown() 23 //body: models.WatcherRegistrationRequest{MachineID: &config.MachineID, Password: &config.Password} 24 25 mux.HandleFunc("/watchers/login", func(w http.ResponseWriter, r *http.Request) { 26 testMethod(t, r, "POST") 27 buf := new(bytes.Buffer) 28 _, _ = buf.ReadFrom(r.Body) 29 newStr := buf.String() 30 log.Printf("--> %s", newStr) 31 if newStr == `{"machine_id":"test_login","password":"test_password","scenarios":["breakteam/test"]} 32 ` { 33 log.Printf("ok cool") 34 w.WriteHeader(http.StatusOK) 35 fmt.Fprintf(w, `{"code":200,"expire":"2029-11-30T14:14:24+01:00","token":"toto"}`) 36 } else { 37 w.WriteHeader(http.StatusForbidden) 38 log.Printf("badbad") 39 fmt.Fprintf(w, `{"message":"access forbidden"}`) 40 } 41 }) 42 log.Printf("URL is %s", urlx) 43 apiURL, err := url.Parse(urlx + "/") 44 if err != nil { 45 log.Fatalf("parsing api url: %s", apiURL) 46 } 47 48 //ok auth 49 mycfg := &Config{ 50 MachineID: "test_login", 51 Password: "test_password", 52 UserAgent: fmt.Sprintf("synsec/%s", cwversion.VersionStr()), 53 URL: apiURL, 54 VersionPrefix: "v1", 55 Scenarios: []string{"breakteam/test"}, 56 } 57 client, err := NewClient(mycfg) 58 59 if err != nil { 60 log.Fatalf("new api client: %s", err.Error()) 61 } 62 63 _, err = client.Auth.AuthenticateWatcher(context.Background(), models.WatcherAuthRequest{ 64 MachineID: &mycfg.MachineID, 65 Password: &mycfg.Password, 66 Scenarios: mycfg.Scenarios, 67 }) 68 if err != nil { 69 t.Fatalf("unexpect auth err 0: %s", err) 70 } 71 72 //bad auth 73 mycfg = &Config{ 74 MachineID: "BADtest_login", 75 Password: "BADtest_password", 76 UserAgent: fmt.Sprintf("synsec/%s", cwversion.VersionStr()), 77 URL: apiURL, 78 VersionPrefix: "v1", 79 Scenarios: []string{"breakteam/test"}, 80 } 81 client, err = NewClient(mycfg) 82 83 if err != nil { 84 log.Fatalf("new api client: %s", err.Error()) 85 } 86 87 _, err = client.Auth.AuthenticateWatcher(context.Background(), models.WatcherAuthRequest{ 88 MachineID: &mycfg.MachineID, 89 Password: &mycfg.Password, 90 }) 91 assert.Contains(t, err.Error(), "403 Forbidden") 92 93 } 94 95 func TestWatcherRegister(t *testing.T) { 96 97 log.SetLevel(log.DebugLevel) 98 99 mux, urlx, teardown := setup() 100 defer teardown() 101 //body: models.WatcherRegistrationRequest{MachineID: &config.MachineID, Password: &config.Password} 102 103 mux.HandleFunc("/watchers", func(w http.ResponseWriter, r *http.Request) { 104 testMethod(t, r, "POST") 105 buf := new(bytes.Buffer) 106 _, _ = buf.ReadFrom(r.Body) 107 newStr := buf.String() 108 assert.Equal(t, newStr, `{"machine_id":"test_login","password":"test_password"} 109 `) 110 w.WriteHeader(http.StatusOK) 111 }) 112 log.Printf("URL is %s", urlx) 113 apiURL, err := url.Parse(urlx + "/") 114 if err != nil { 115 log.Fatalf("parsing api url: %s", apiURL) 116 } 117 client, err := RegisterClient(&Config{ 118 MachineID: "test_login", 119 Password: "test_password", 120 UserAgent: fmt.Sprintf("synsec/%s", cwversion.VersionStr()), 121 URL: apiURL, 122 VersionPrefix: "v1", 123 }, &http.Client{}) 124 if err != nil { 125 t.Fatalf("while registering client : %s", err) 126 } 127 log.Printf("->%T", client) 128 } 129 130 func TestWatcherUnregister(t *testing.T) { 131 132 log.SetLevel(log.DebugLevel) 133 134 mux, urlx, teardown := setup() 135 defer teardown() 136 //body: models.WatcherRegistrationRequest{MachineID: &config.MachineID, Password: &config.Password} 137 138 mux.HandleFunc("/watchers", func(w http.ResponseWriter, r *http.Request) { 139 testMethod(t, r, "DELETE") 140 assert.Equal(t, r.ContentLength, int64(0)) 141 w.WriteHeader(http.StatusOK) 142 }) 143 mux.HandleFunc("/watchers/login", func(w http.ResponseWriter, r *http.Request) { 144 testMethod(t, r, "POST") 145 buf := new(bytes.Buffer) 146 _, _ = buf.ReadFrom(r.Body) 147 newStr := buf.String() 148 if newStr == `{"machine_id":"test_login","password":"test_password","scenarios":["breakteam/test"]} 149 ` { 150 w.WriteHeader(http.StatusOK) 151 fmt.Fprintf(w, `{"code":200,"expire":"2029-11-30T14:14:24+01:00","token":"toto"}`) 152 } else { 153 w.WriteHeader(http.StatusForbidden) 154 fmt.Fprintf(w, `{"message":"access forbidden"}`) 155 } 156 }) 157 158 log.Printf("URL is %s", urlx) 159 apiURL, err := url.Parse(urlx + "/") 160 if err != nil { 161 log.Fatalf("parsing api url: %s", apiURL) 162 } 163 mycfg := &Config{ 164 MachineID: "test_login", 165 Password: "test_password", 166 UserAgent: fmt.Sprintf("synsec/%s", cwversion.VersionStr()), 167 URL: apiURL, 168 VersionPrefix: "v1", 169 Scenarios: []string{"breakteam/test"}, 170 } 171 client, err := NewClient(mycfg) 172 173 if err != nil { 174 log.Fatalf("new api client: %s", err.Error()) 175 } 176 _, err = client.Auth.UnregisterWatcher(context.Background()) 177 if err != nil { 178 t.Fatalf("while registering client : %s", err) 179 } 180 log.Printf("->%T", client) 181 }