bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/pkg/apiclient/auth_test.go

bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/pkg/apiclient/auth_test.go (about)

     1  package apiclient
     2  
     3  import (
     4  	"context"
     5  	"net/http"
     6  	"net/url"
     7  	"testing"
     8  
     9  	log "github.com/sirupsen/logrus"
    10  	"github.com/stretchr/testify/assert"
    11  	"github.com/stretchr/testify/require"
    12  )
    13  
    14  func TestApiAuth(t *testing.T) {
    15  	log.SetLevel(log.TraceLevel)
    16  
    17  	mux, urlx, teardown := setup()
    18  	mux.HandleFunc("/decisions", func(w http.ResponseWriter, r *http.Request) {
    19  		testMethod(t, r, "GET")
    20  		if r.Header.Get("X-Api-Key") == "ixu" {
    21  			assert.Equal(t, r.URL.RawQuery, "ip=1.2.3.4")
    22  			w.WriteHeader(http.StatusOK)
    23  			w.Write([]byte(`null`))
    24  		} else {
    25  			w.WriteHeader(http.StatusForbidden)
    26  			w.Write([]byte(`{"message":"access forbidden"}`))
    27  		}
    28  	})
    29  	log.Printf("URL is %s", urlx)
    30  	apiURL, err := url.Parse(urlx + "/")
    31  	if err != nil {
    32  		log.Fatalf("parsing api url: %s", apiURL)
    33  	}
    34  
    35  	defer teardown()
    36  
    37  	//ok no answer
    38  	auth := &APIKeyTransport{
    39  		APIKey: "ixu",
    40  	}
    41  
    42  	newcli, err := NewDefaultClient(apiURL, "v1", "toto", auth.Client())
    43  	if err != nil {
    44  		log.Fatalf("new api client: %s", err.Error())
    45  	}
    46  
    47  	alert := DecisionsListOpts{IPEquals: new(string)}
    48  	*alert.IPEquals = "1.2.3.4"
    49  	_, resp, err := newcli.Decisions.List(context.Background(), alert)
    50  	require.NoError(t, err)
    51  
    52  	if resp.Response.StatusCode != http.StatusOK {
    53  		t.Errorf("Alerts.List returned status: %d, want %d", resp.Response.StatusCode, http.StatusOK)
    54  	}
    55  
    56  	//ko bad token
    57  	auth = &APIKeyTransport{
    58  		APIKey: "bad",
    59  	}
    60  
    61  	newcli, err = NewDefaultClient(apiURL, "v1", "toto", auth.Client())
    62  	if err != nil {
    63  		log.Fatalf("new api client: %s", err.Error())
    64  	}
    65  
    66  	_, resp, err = newcli.Decisions.List(context.Background(), alert)
    67  
    68  	log.Infof("--> %s", err)
    69  	if resp.Response.StatusCode != http.StatusForbidden {
    70  		t.Errorf("Alerts.List returned status: %d, want %d", resp.Response.StatusCode, http.StatusOK)
    71  	}
    72  	assert.Contains(t, err.Error(), "API error: access forbidden")
    73  	//ko empty token
    74  	auth = &APIKeyTransport{}
    75  	newcli, err = NewDefaultClient(apiURL, "v1", "toto", auth.Client())
    76  	if err != nil {
    77  		log.Fatalf("new api client: %s", err.Error())
    78  	}
    79  
    80  	_, resp, err = newcli.Decisions.List(context.Background(), alert)
    81  	require.Error(t, err)
    82  
    83  	log.Infof("--> %s", err)
    84  	assert.Contains(t, err.Error(), "APIKey is empty")
    85  
    86  }