github.com/akamai/AkamaiOPEN-edgegrid-golang/v8@v8.1.0/pkg/dns/tsig_test.go (about) 1 package dns 2 3 import ( 4 "context" 5 "errors" 6 "net/http" 7 "net/http/httptest" 8 "testing" 9 10 "github.com/stretchr/testify/assert" 11 "github.com/stretchr/testify/require" 12 ) 13 14 func TestDNS_ListTSIGKeys(t *testing.T) { 15 tests := map[string]struct { 16 query TSIGQueryString 17 responseStatus int 18 responseBody string 19 expectedPath string 20 expectedResponse *TSIGReportResponse 21 withError error 22 }{ 23 "200 OK": { 24 query: TSIGQueryString{ 25 ContractIDs: []string{"1-1ABCD"}, 26 }, 27 responseStatus: http.StatusOK, 28 responseBody: ` 29 { 30 "metadata": { 31 "totalElements": 1 32 }, 33 "keys": [ 34 { 35 "name": "a.test.key.", 36 "algorithm": "hmac-sha256", 37 "secret": "DjY16JfIi3JnSDosQWE7Xkx60MbCLo1K7hUCqng8ccg=", 38 "zonesCount": 3 39 } 40 ] 41 }`, 42 expectedPath: "/config-dns/v2/keys?contractIds=1-1ABCD", 43 expectedResponse: &TSIGReportResponse{ 44 Metadata: &TSIGReportMeta{ 45 TotalElements: 1, 46 }, 47 Keys: []*TSIGKeyResponse{ 48 { 49 TSIGKey: TSIGKey{ 50 Name: "a.test.key.", 51 Algorithm: "hmac-sha256", 52 Secret: "DjY16JfIi3JnSDosQWE7Xkx60MbCLo1K7hUCqng8ccg=", 53 }, 54 ZoneCount: 3, 55 }, 56 }, 57 }, 58 }, 59 "500 internal server error": { 60 query: TSIGQueryString{ 61 ContractIDs: []string{"1-1ABCD"}, 62 }, 63 responseStatus: http.StatusInternalServerError, 64 responseBody: ` 65 { 66 "type": "internal_error", 67 "title": "Internal Server Error", 68 "detail": "Error fetching authorities", 69 "status": 500 70 }`, 71 expectedPath: "/config-dns/v2/keys?contractIds=1-1ABCD", 72 withError: &Error{ 73 Type: "internal_error", 74 Title: "Internal Server Error", 75 Detail: "Error fetching authorities", 76 StatusCode: http.StatusInternalServerError, 77 }, 78 }, 79 } 80 81 for name, test := range tests { 82 t.Run(name, func(t *testing.T) { 83 mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 84 assert.Equal(t, test.expectedPath, r.URL.String()) 85 assert.Equal(t, http.MethodGet, r.Method) 86 w.WriteHeader(test.responseStatus) 87 _, err := w.Write([]byte(test.responseBody)) 88 assert.NoError(t, err) 89 })) 90 client := mockAPIClient(t, mockServer) 91 result, err := client.ListTSIGKeys(context.Background(), &test.query) 92 if test.withError != nil { 93 assert.True(t, errors.Is(err, test.withError), "want: %s; got: %s", test.withError, err) 94 return 95 } 96 require.NoError(t, err) 97 assert.Equal(t, test.expectedResponse, result) 98 }) 99 } 100 } 101 102 func TestDNS_GetTSIGKeyZones(t *testing.T) { 103 tests := map[string]struct { 104 key TSIGKey 105 responseStatus int 106 responseBody string 107 expectedPath string 108 expectedResponse *ZoneNameListResponse 109 withError error 110 }{ 111 "200 OK": { 112 key: TSIGKey{ 113 Name: "example.com.akamai.com.", 114 Algorithm: "hmac-sha512", 115 Secret: "Ok1qR5IW1ajVka5cHPEJQIXfLyx5V3PSkFBROAzOn21JumDq6nIpoj6H8rfj5Uo+Ok55ZWQ0Wgrf302fDscHLw==", 116 }, 117 responseStatus: http.StatusOK, 118 responseBody: ` 119 { 120 "zones": [ 121 "river.com", 122 "stream.com" 123 ] 124 }`, 125 expectedPath: "/config-dns/v2/keys/used-by", 126 expectedResponse: &ZoneNameListResponse{ 127 Zones: []string{"river.com", "stream.com"}, 128 }, 129 }, 130 "500 internal server error": { 131 key: TSIGKey{ 132 Name: "example.com.akamai.com.", 133 Algorithm: "hmac-sha512", 134 Secret: "Ok1qR5IW1ajVka5cHPEJQIXfLyx5V3PSkFBROAzOn21JumDq6nIpoj6H8rfj5Uo+Ok55ZWQ0Wgrf302fDscHLw==", 135 }, 136 responseStatus: http.StatusInternalServerError, 137 responseBody: ` 138 { 139 "type": "internal_error", 140 "title": "Internal Server Error", 141 "detail": "Error fetching authorities", 142 "status": 500 143 }`, 144 expectedPath: "/config-dns/v2/keys/used-by", 145 withError: &Error{ 146 Type: "internal_error", 147 Title: "Internal Server Error", 148 Detail: "Error fetching authorities", 149 StatusCode: http.StatusInternalServerError, 150 }, 151 }, 152 } 153 154 for name, test := range tests { 155 t.Run(name, func(t *testing.T) { 156 mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 157 assert.Equal(t, test.expectedPath, r.URL.String()) 158 assert.Equal(t, http.MethodPost, r.Method) 159 w.WriteHeader(test.responseStatus) 160 _, err := w.Write([]byte(test.responseBody)) 161 assert.NoError(t, err) 162 })) 163 client := mockAPIClient(t, mockServer) 164 result, err := client.GetTSIGKeyZones(context.Background(), &test.key) 165 if test.withError != nil { 166 assert.True(t, errors.Is(err, test.withError), "want: %s; got: %s", test.withError, err) 167 return 168 } 169 require.NoError(t, err) 170 assert.Equal(t, test.expectedResponse, result) 171 }) 172 } 173 } 174 175 func TestDNS_GetTSIGKeyAliases(t *testing.T) { 176 tests := map[string]struct { 177 zone string 178 responseStatus int 179 responseBody string 180 expectedPath string 181 expectedResponse *ZoneNameListResponse 182 withError error 183 }{ 184 "200 OK": { 185 zone: "example.com", 186 responseStatus: http.StatusOK, 187 responseBody: ` 188 { 189 "aliases": [ 190 "exmaple.com", 191 "river.com", 192 "brook.com", 193 "ocean.com" 194 ] 195 }`, 196 expectedPath: "/config-dns/v2/zones/example.com/key/used-by", 197 expectedResponse: &ZoneNameListResponse{ 198 Aliases: []string{"exmaple.com", "river.com", "brook.com", "ocean.com"}, 199 }, 200 }, 201 "500 internal server error": { 202 zone: "example.com", 203 responseStatus: http.StatusInternalServerError, 204 responseBody: ` 205 { 206 "type": "internal_error", 207 "title": "Internal Server Error", 208 "detail": "Error fetching authorities", 209 "status": 500 210 }`, 211 expectedPath: "/config-dns/v2/zones/example.com/key/used-by", 212 withError: &Error{ 213 Type: "internal_error", 214 Title: "Internal Server Error", 215 Detail: "Error fetching authorities", 216 StatusCode: http.StatusInternalServerError, 217 }, 218 }, 219 } 220 221 for name, test := range tests { 222 t.Run(name, func(t *testing.T) { 223 mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 224 assert.Equal(t, test.expectedPath, r.URL.String()) 225 assert.Equal(t, http.MethodGet, r.Method) 226 w.WriteHeader(test.responseStatus) 227 _, err := w.Write([]byte(test.responseBody)) 228 assert.NoError(t, err) 229 })) 230 client := mockAPIClient(t, mockServer) 231 result, err := client.GetTSIGKeyAliases(context.Background(), test.zone) 232 if test.withError != nil { 233 assert.True(t, errors.Is(err, test.withError), "want: %s; got: %s", test.withError, err) 234 return 235 } 236 require.NoError(t, err) 237 assert.Equal(t, test.expectedResponse, result) 238 }) 239 } 240 } 241 242 func TestDNS_TSIGKeyBulkUpdate(t *testing.T) { 243 tests := map[string]struct { 244 bulk TSIGKeyBulkPost 245 responseStatus int 246 responseBody string 247 expectedPath string 248 expectedResponse *ZoneNameListResponse 249 withError error 250 }{ 251 "200 OK": { 252 bulk: TSIGKeyBulkPost{ 253 Key: &TSIGKey{ 254 Name: "brook.com.akamai.com.", 255 Algorithm: "hmac-sha512", 256 Secret: "Ok1qR5IW1ajVka5cHPEJQIXfLyx5V3PSkFBROAzOn21JumDq6nIpoj6H8rfj5Uo+Ok55ZWQ0Wgrf302fDscHLw==", 257 }, 258 Zones: []string{"brook.com", "river.com"}, 259 }, 260 responseStatus: http.StatusNoContent, 261 expectedPath: "/config-dns/v2/keys/bulk-update", 262 expectedResponse: &ZoneNameListResponse{ 263 Aliases: []string{"exmaple.com", "river.com", "brook.com", "ocean.com"}, 264 }, 265 }, 266 "500 internal server error": { 267 bulk: TSIGKeyBulkPost{ 268 Key: &TSIGKey{ 269 Name: "brook.com.akamai.com.", 270 Algorithm: "hmac-sha512", 271 Secret: "Ok1qR5IW1ajVka5cHPEJQIXfLyx5V3PSkFBROAzOn21JumDq6nIpoj6H8rfj5Uo+Ok55ZWQ0Wgrf302fDscHLw==", 272 }, 273 Zones: []string{"brook.com", "river.com"}, 274 }, 275 responseStatus: http.StatusInternalServerError, 276 responseBody: ` 277 { 278 "type": "internal_error", 279 "title": "Internal Server Error", 280 "detail": "Error fetching authorities", 281 "status": 500 282 }`, 283 expectedPath: "/config-dns/v2/keys/bulk-update", 284 withError: &Error{ 285 Type: "internal_error", 286 Title: "Internal Server Error", 287 Detail: "Error fetching authorities", 288 StatusCode: http.StatusInternalServerError, 289 }, 290 }, 291 } 292 293 for name, test := range tests { 294 t.Run(name, func(t *testing.T) { 295 mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 296 assert.Equal(t, test.expectedPath, r.URL.String()) 297 assert.Equal(t, http.MethodPost, r.Method) 298 w.WriteHeader(test.responseStatus) 299 if len(test.responseBody) > 0 { 300 _, err := w.Write([]byte(test.responseBody)) 301 assert.NoError(t, err) 302 } 303 })) 304 client := mockAPIClient(t, mockServer) 305 err := client.TSIGKeyBulkUpdate(context.Background(), &test.bulk) 306 if test.withError != nil { 307 assert.True(t, errors.Is(err, test.withError), "want: %s; got: %s", test.withError, err) 308 return 309 } 310 require.NoError(t, err) 311 }) 312 } 313 } 314 315 func TestDNS_GetTSIGKey(t *testing.T) { 316 tests := map[string]struct { 317 zone string 318 responseStatus int 319 responseBody string 320 expectedPath string 321 expectedResponse *TSIGKeyResponse 322 withError error 323 }{ 324 "200 OK": { 325 zone: "example.com", 326 responseStatus: http.StatusOK, 327 responseBody: ` 328 { 329 "name": "example.com.akamai.com.", 330 "algorithm": "hmac-sha512", 331 "secret": "Ok1qR5IW1ajVka5cHPEJQIXfLyx5V3PSkFBROAzOn21JumDq6nIpoj6H8rfj5Uo+Ok55ZWQ0Wgrf302fDscHLw==", 332 "zonesCount": 7 333 }`, 334 expectedPath: "/config-dns/v2/zones/example.com/key", 335 expectedResponse: &TSIGKeyResponse{ 336 TSIGKey: TSIGKey{ 337 Name: "example.com.akamai.com.", 338 Algorithm: "hmac-sha512", 339 Secret: "Ok1qR5IW1ajVka5cHPEJQIXfLyx5V3PSkFBROAzOn21JumDq6nIpoj6H8rfj5Uo+Ok55ZWQ0Wgrf302fDscHLw==", 340 }, 341 ZoneCount: 7, 342 }, 343 }, 344 "500 internal server error": { 345 zone: "example.com", 346 responseStatus: http.StatusInternalServerError, 347 responseBody: ` 348 { 349 "type": "internal_error", 350 "title": "Internal Server Error", 351 "detail": "Error fetching authorities", 352 "status": 500 353 }`, 354 expectedPath: "/config-dns/v2/zones/example.com/key", 355 withError: &Error{ 356 Type: "internal_error", 357 Title: "Internal Server Error", 358 Detail: "Error fetching authorities", 359 StatusCode: http.StatusInternalServerError, 360 }, 361 }, 362 } 363 364 for name, test := range tests { 365 t.Run(name, func(t *testing.T) { 366 mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 367 assert.Equal(t, test.expectedPath, r.URL.String()) 368 assert.Equal(t, http.MethodGet, r.Method) 369 w.WriteHeader(test.responseStatus) 370 _, err := w.Write([]byte(test.responseBody)) 371 assert.NoError(t, err) 372 })) 373 client := mockAPIClient(t, mockServer) 374 result, err := client.GetTSIGKey(context.Background(), test.zone) 375 if test.withError != nil { 376 assert.True(t, errors.Is(err, test.withError), "want: %s; got: %s", test.withError, err) 377 return 378 } 379 require.NoError(t, err) 380 assert.Equal(t, test.expectedResponse, result) 381 }) 382 } 383 } 384 385 func TestDNS_DeleteTSIGKey(t *testing.T) { 386 tests := map[string]struct { 387 zone string 388 responseStatus int 389 responseBody string 390 expectedPath string 391 expectedResponse *TSIGKeyResponse 392 withError error 393 }{ 394 "204 No Content": { 395 zone: "example.com", 396 responseStatus: http.StatusNoContent, 397 expectedPath: "/config-dns/v2/zones/example.com/key", 398 }, 399 "500 internal server error": { 400 zone: "example.com", 401 responseStatus: http.StatusInternalServerError, 402 responseBody: ` 403 { 404 "type": "internal_error", 405 "title": "Internal Server Error", 406 "detail": "Error Deleting TSig Key", 407 "status": 500 408 }`, 409 expectedPath: "/config-dns/v2/zones/example.com/key", 410 withError: &Error{ 411 Type: "internal_error", 412 Title: "Internal Server Error", 413 Detail: "Error Deleting TSig Key", 414 StatusCode: http.StatusInternalServerError, 415 }, 416 }, 417 } 418 419 for name, test := range tests { 420 t.Run(name, func(t *testing.T) { 421 mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 422 assert.Equal(t, test.expectedPath, r.URL.String()) 423 assert.Equal(t, http.MethodDelete, r.Method) 424 w.WriteHeader(test.responseStatus) 425 if len(test.responseBody) > 0 { 426 _, err := w.Write([]byte(test.responseBody)) 427 assert.NoError(t, err) 428 } 429 })) 430 client := mockAPIClient(t, mockServer) 431 err := client.DeleteTSIGKey(context.Background(), test.zone) 432 if test.withError != nil { 433 assert.True(t, errors.Is(err, test.withError), "want: %s; got: %s", test.withError, err) 434 return 435 } 436 require.NoError(t, err) 437 }) 438 } 439 } 440 441 func TestDNS_UpdateTSIGKey(t *testing.T) { 442 tests := map[string]struct { 443 key TSIGKey 444 zone string 445 responseStatus int 446 responseBody string 447 expectedPath string 448 expectedResponse *TSIGKeyResponse 449 withError error 450 }{ 451 "200 OK": { 452 key: TSIGKey{ 453 Name: "example.com.akamai.com.", 454 Algorithm: "hmac-sha512", 455 Secret: "Ok1qR5IW1ajVka5cHPEJQIXfLyx5V3PSkFBROAzOn21JumDq6nIpoj6H8rfj5Uo+Ok55ZWQ0Wgrf302fDscHLw==", 456 }, 457 zone: "example.com", 458 responseStatus: http.StatusNoContent, 459 expectedPath: "/config-dns/v2/zones/example.com/key", 460 }, 461 "500 internal server error": { 462 key: TSIGKey{ 463 Name: "example.com.akamai.com.", 464 Algorithm: "hmac-sha512", 465 Secret: "Ok1qR5IW1ajVka5cHPEJQIXfLyx5V3PSkFBROAzOn21JumDq6nIpoj6H8rfj5Uo+Ok55ZWQ0Wgrf302fDscHLw==", 466 }, 467 zone: "example.com", 468 responseStatus: http.StatusInternalServerError, 469 responseBody: ` 470 { 471 "type": "internal_error", 472 "title": "Internal Server Error", 473 "detail": "Error fetching authorities", 474 "status": 500 475 }`, 476 expectedPath: "/config-dns/v2/zones/example.com/key", 477 withError: &Error{ 478 Type: "internal_error", 479 Title: "Internal Server Error", 480 Detail: "Error fetching authorities", 481 StatusCode: http.StatusInternalServerError, 482 }, 483 }, 484 } 485 486 for name, test := range tests { 487 t.Run(name, func(t *testing.T) { 488 mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 489 assert.Equal(t, test.expectedPath, r.URL.String()) 490 assert.Equal(t, http.MethodPut, r.Method) 491 w.WriteHeader(test.responseStatus) 492 if len(test.responseBody) > 0 { 493 _, err := w.Write([]byte(test.responseBody)) 494 assert.NoError(t, err) 495 } 496 })) 497 client := mockAPIClient(t, mockServer) 498 err := client.UpdateTSIGKey(context.Background(), &test.key, test.zone) 499 if test.withError != nil { 500 assert.True(t, errors.Is(err, test.withError), "want: %s; got: %s", test.withError, err) 501 return 502 } 503 require.NoError(t, err) 504 }) 505 } 506 }