github.com/Jeffail/benthos/v3@v3.65.0/lib/api/api_test.go

github.com/Jeffail/benthos/v3@v3.65.0/lib/api/api_test.go (about)

     1  package api
     2  
     3  import (
     4  	"net/http"
     5  	"net/http/httptest"
     6  	"testing"
     7  
     8  	"github.com/Jeffail/benthos/v3/lib/log"
     9  	"github.com/Jeffail/benthos/v3/lib/metrics"
    10  	"github.com/stretchr/testify/assert"
    11  	"github.com/stretchr/testify/require"
    12  )
    13  
    14  func TestAPIEnableCORS(t *testing.T) {
    15  	conf := NewConfig()
    16  	conf.CORS.Enabled = true
    17  	conf.CORS.AllowedOrigins = []string{"*"}
    18  
    19  	s, err := New("", "", conf, nil, log.Noop(), metrics.Noop())
    20  	require.NoError(t, err)
    21  
    22  	handler := s.server.Handler
    23  
    24  	request, _ := http.NewRequest("OPTIONS", "/version", http.NoBody)
    25  	request.Header.Add("Origin", "meow")
    26  	request.Header.Add("Access-Control-Request-Method", "POST")
    27  
    28  	response := httptest.NewRecorder()
    29  	handler.ServeHTTP(response, request)
    30  
    31  	assert.Equal(t, http.StatusOK, response.Code)
    32  	assert.Equal(t, "*", response.Header().Get("Access-Control-Allow-Origin"))
    33  }
    34  
    35  func TestAPIEnableCORSOrigins(t *testing.T) {
    36  	conf := NewConfig()
    37  	conf.CORS.Enabled = true
    38  	conf.CORS.AllowedOrigins = []string{"foo", "bar"}
    39  
    40  	s, err := New("", "", conf, nil, log.Noop(), metrics.Noop())
    41  	require.NoError(t, err)
    42  
    43  	handler := s.server.Handler
    44  
    45  	request, _ := http.NewRequest("OPTIONS", "/version", http.NoBody)
    46  	request.Header.Add("Origin", "foo")
    47  	request.Header.Add("Access-Control-Request-Method", "POST")
    48  
    49  	response := httptest.NewRecorder()
    50  	handler.ServeHTTP(response, request)
    51  
    52  	assert.Equal(t, http.StatusOK, response.Code)
    53  	assert.Equal(t, "foo", response.Header().Get("Access-Control-Allow-Origin"))
    54  
    55  	request, _ = http.NewRequest("OPTIONS", "/version", http.NoBody)
    56  	request.Header.Add("Origin", "bar")
    57  	request.Header.Add("Access-Control-Request-Method", "POST")
    58  
    59  	response = httptest.NewRecorder()
    60  	handler.ServeHTTP(response, request)
    61  
    62  	assert.Equal(t, http.StatusOK, response.Code)
    63  	assert.Equal(t, "bar", response.Header().Get("Access-Control-Allow-Origin"))
    64  
    65  	request, _ = http.NewRequest("OPTIONS", "/version", http.NoBody)
    66  	request.Header.Add("Origin", "baz")
    67  	request.Header.Add("Access-Control-Request-Method", "POST")
    68  
    69  	response = httptest.NewRecorder()
    70  	handler.ServeHTTP(response, request)
    71  
    72  	assert.Equal(t, http.StatusOK, response.Code)
    73  	assert.Equal(t, "", response.Header().Get("Access-Control-Allow-Origin"))
    74  }
    75  
    76  func TestAPIEnableCORSNoHeaders(t *testing.T) {
    77  	conf := NewConfig()
    78  	conf.CORS.Enabled = true
    79  
    80  	_, err := New("", "", conf, nil, log.Noop(), metrics.Noop())
    81  	require.Error(t, err)
    82  	assert.Contains(t, err.Error(), "must specify at least one allowed origin")
    83  }