github.com/cloudfoundry/cli@v7.1.0+incompatible/cf/net/gateway_test.go (about) 1 package net_test 2 3 import ( 4 "bytes" 5 "crypto/tls" 6 "fmt" 7 "io/ioutil" 8 "log" 9 "net/http" 10 "net/http/httptest" 11 "net/url" 12 "os" 13 "reflect" 14 "runtime" 15 "strings" 16 "time" 17 18 "code.cloudfoundry.org/cli/cf/api/authentication" 19 "code.cloudfoundry.org/cli/cf/configuration/coreconfig" 20 "code.cloudfoundry.org/cli/cf/errors" 21 . "code.cloudfoundry.org/cli/cf/net" 22 "code.cloudfoundry.org/cli/cf/net/netfakes" 23 "code.cloudfoundry.org/cli/cf/terminal/terminalfakes" 24 "code.cloudfoundry.org/cli/cf/trace/tracefakes" 25 testconfig "code.cloudfoundry.org/cli/cf/util/testhelpers/configuration" 26 testnet "code.cloudfoundry.org/cli/cf/util/testhelpers/net" 27 "code.cloudfoundry.org/cli/version" 28 . "github.com/onsi/ginkgo" 29 . "github.com/onsi/gomega" 30 "github.com/onsi/gomega/ghttp" 31 ) 32 33 var ( 34 initialAccessToken = testconfig.BuildTokenString(time.Now().AddDate(0, 0, 1)) 35 refreshedAccessToken = testconfig.BuildTokenString(time.Now().AddDate(0, 1, 1)) 36 refreshToken = "refresh-token" 37 ) 38 39 var _ = Describe("Gateway", func() { 40 var ( 41 ccServer *ghttp.Server 42 ccGateway Gateway 43 uaaGateway Gateway 44 config coreconfig.ReadWriter 45 authRepo authentication.Repository 46 currentTime time.Time 47 clock func() time.Time 48 49 client *netfakes.FakeHTTPClientInterface 50 ) 51 52 BeforeEach(func() { 53 currentTime = time.Unix(0, 0) 54 clock = func() time.Time { return currentTime } 55 config = testconfig.NewRepository() 56 57 ccGateway = NewCloudControllerGateway(config, clock, new(terminalfakes.FakeUI), new(tracefakes.FakePrinter), "") 58 ccGateway.PollingThrottle = 3 * time.Millisecond 59 uaaGateway = NewUAAGateway(config, new(terminalfakes.FakeUI), new(tracefakes.FakePrinter), "") 60 }) 61 62 Describe("async timeout", func() { 63 Context("when the config has a positive async timeout", func() { 64 It("inherits the async timeout from the config", func() { 65 config.SetAsyncTimeout(9001) 66 ccGateway = NewCloudControllerGateway(config, time.Now, new(terminalfakes.FakeUI), new(tracefakes.FakePrinter), "") 67 Expect(ccGateway.AsyncTimeout()).To(Equal(9001 * time.Minute)) 68 }) 69 }) 70 }) 71 72 Describe("Connection errors", func() { 73 var oldNewHTTPClient func(tr *http.Transport, dumper RequestDumper) HTTPClientInterface 74 75 BeforeEach(func() { 76 client = new(netfakes.FakeHTTPClientInterface) 77 78 oldNewHTTPClient = NewHTTPClient 79 NewHTTPClient = func(tr *http.Transport, dumper RequestDumper) HTTPClientInterface { 80 return client 81 } 82 }) 83 84 AfterEach(func() { 85 NewHTTPClient = oldNewHTTPClient 86 }) 87 88 It("only retry when response body is nil and error occurred", func() { 89 client.DoReturns(&http.Response{Status: "internal error", StatusCode: 500}, errors.New("internal error")) 90 request, apiErr := ccGateway.NewRequest("GET", "https://example.com/v2/apps", "BEARER my-access-token", nil) 91 Expect(apiErr).ToNot(HaveOccurred()) 92 93 _, apiErr = ccGateway.PerformRequest(request) 94 Expect(client.DoCallCount()).To(Equal(1)) 95 Expect(apiErr).To(HaveOccurred()) 96 }) 97 98 It("Retries 3 times if we cannot contact the server", func() { 99 client.DoReturns(nil, errors.New("Connection refused")) 100 request, apiErr := ccGateway.NewRequest("GET", "https://example.com/v2/apps", "BEARER my-access-token", nil) 101 Expect(apiErr).ToNot(HaveOccurred()) 102 103 _, apiErr = ccGateway.PerformRequest(request) 104 Expect(apiErr).To(HaveOccurred()) 105 Expect(client.DoCallCount()).To(Equal(3)) 106 }) 107 }) 108 109 Describe("NewRequest", func() { 110 var ( 111 request *Request 112 apiErr error 113 ) 114 115 Context("when the body is nil", func() { 116 BeforeEach(func() { 117 request, apiErr = ccGateway.NewRequest("GET", "https://example.com/v2/apps", initialAccessToken, nil) 118 Expect(apiErr).NotTo(HaveOccurred()) 119 }) 120 121 It("does not use a ProgressReader as the SeekableBody", func() { 122 Expect(reflect.TypeOf(request.SeekableBody)).To(BeNil()) 123 }) 124 125 It("sets the Authorization header", func() { 126 Expect(request.HTTPReq.Header.Get("Authorization")).To(Equal(initialAccessToken)) 127 }) 128 129 It("sets the accept header to application/json", func() { 130 Expect(request.HTTPReq.Header.Get("accept")).To(Equal("application/json")) 131 }) 132 133 It("sets the user agent header", func() { 134 Expect(request.HTTPReq.Header.Get("User-Agent")).To(Equal("go-cli " + version.VersionString() + " / " + runtime.GOOS)) 135 }) 136 }) 137 138 Context("when the body is a file", func() { 139 BeforeEach(func() { 140 f, _ := os.Open("../../fixtures/test.file") 141 request, apiErr = ccGateway.NewRequestForFile("PUT", "https://example.com/v2/apps", initialAccessToken, f) 142 Expect(apiErr).NotTo(HaveOccurred()) 143 }) 144 145 It("Uses a ProgressReader as the SeekableBody", func() { 146 Expect(reflect.TypeOf(request.SeekableBody).String()).To(ContainSubstring("ProgressReader")) 147 }) 148 149 }) 150 151 }) 152 153 Describe("PerformRequestForJSONResponse()", func() { 154 BeforeEach(func() { 155 ccServer = ghttp.NewServer() 156 ccServer.HTTPTestServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 157 config.SetAPIEndpoint(ccServer.URL()) 158 }) 159 160 AfterEach(func() { 161 ccServer.Close() 162 }) 163 164 Context("When CC response with an api error", func() { 165 BeforeEach(func() { 166 ccServer.AppendHandlers( 167 ghttp.CombineHandlers( 168 ghttp.VerifyRequest("GET", "/v2/some-endpoint"), 169 ghttp.VerifyHeaderKV("Connection", "close"), 170 ghttp.VerifyHeader(http.Header{ 171 "accept": []string{"application/json"}, 172 }), 173 ghttp.RespondWith(http.StatusUnauthorized, `{ 174 "code": 10003, 175 "description": "You are not authorized to perform the requested action", 176 "error_code": "CF-NotAuthorized" 177 }`), 178 ), 179 ) 180 }) 181 182 It("tries to unmarshal error response into provided resource", func() { 183 type apiErrResponse struct { 184 Code int `json:"code,omitempty"` 185 Description string `json:"description,omitempty"` 186 } 187 188 errResponse := new(apiErrResponse) 189 request, _ := ccGateway.NewRequest("GET", config.APIEndpoint()+"/v2/some-endpoint", config.AccessToken(), nil) 190 _, apiErr := ccGateway.PerformRequestForJSONResponse(request, errResponse) 191 192 Expect(apiErr).To(HaveOccurred()) 193 Expect(errResponse.Code).To(Equal(10003)) 194 }) 195 196 It("ignores any unmarshal error and does not alter the api err response", func() { 197 request, _ := ccGateway.NewRequest("GET", config.APIEndpoint()+"/v2/some-endpoint", config.AccessToken(), nil) 198 _, apiErr := ccGateway.PerformRequestForJSONResponse(request, nil) 199 200 Expect(apiErr.Error()).To(Equal("Server error, status code: 401, error code: 10003, message: You are not authorized to perform the requested action")) 201 }) 202 203 }) 204 205 }) 206 207 Describe("CRUD methods", func() { 208 Describe("Delete", func() { 209 var apiServer *httptest.Server 210 211 Describe("DeleteResourceSynchronously", func() { 212 var queryParams string 213 BeforeEach(func() { 214 apiServer = httptest.NewTLSServer(http.HandlerFunc(func(_ http.ResponseWriter, request *http.Request) { 215 queryParams = request.URL.RawQuery 216 })) 217 apiServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 218 ccGateway.SetTrustedCerts(apiServer.TLS.Certificates) 219 }) 220 221 It("does not send the async=true flag", func() { 222 err := ccGateway.DeleteResourceSynchronously(apiServer.URL, "/v2/foobars/SOME_GUID") 223 Expect(err).NotTo(HaveOccurred()) 224 Expect(queryParams).ToNot(ContainSubstring("async=true")) 225 }) 226 227 It("deletes a resource", func() { 228 err := ccGateway.DeleteResource(apiServer.URL, "/v2/foobars/SOME_GUID") 229 Expect(err).ToNot(HaveOccurred()) 230 }) 231 }) 232 233 Context("when the config has an async timeout", func() { 234 BeforeEach(func() { 235 count := 0 236 apiServer = httptest.NewTLSServer(http.HandlerFunc(func(writer http.ResponseWriter, request *http.Request) { 237 switch request.URL.Path { 238 case "/v2/foobars/SOME_GUID": 239 writer.WriteHeader(http.StatusNoContent) 240 case "/v2/foobars/TIMEOUT": 241 currentTime = currentTime.Add(time.Minute * 31) 242 fmt.Fprintln(writer, ` 243 { 244 "metadata": { 245 "guid": "8438916f-5c00-4d44-a19b-1df65abe9d52", 246 "created_at": "2014-05-15T19:15:01+00:00", 247 "url": "/v2/jobs/8438916f-5c00-4d44-a19b-1df65abe9d52" 248 }, 249 "entity": { 250 "guid": "8438916f-5c00-4d44-a19b-1df65abe9d52", 251 "status": "queued" 252 } 253 }`) 254 writer.WriteHeader(http.StatusAccepted) 255 case "/v2/jobs/8438916f-5c00-4d44-a19b-1df65abe9d52": 256 if count == 0 { 257 count++ 258 currentTime = currentTime.Add(time.Minute * 31) 259 260 writer.WriteHeader(http.StatusOK) 261 fmt.Fprintln(writer, ` 262 { 263 "entity": { 264 "guid": "8438916f-5c00-4d44-a19b-1df65abe9d52", 265 "status": "queued" 266 } 267 }`) 268 } else { 269 panic("FAIL") 270 } 271 default: 272 panic("shouldn't have made call to this URL: " + request.URL.Path) 273 } 274 })) 275 276 config.SetAsyncTimeout(30) 277 ccGateway.SetTrustedCerts(apiServer.TLS.Certificates) 278 apiServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 279 }) 280 281 AfterEach(func() { 282 apiServer.Close() 283 }) 284 285 It("deletes a resource", func() { 286 err := ccGateway.DeleteResource(apiServer.URL, "/v2/foobars/SOME_GUID") 287 Expect(err).ToNot(HaveOccurred()) 288 }) 289 290 Context("when the request would take longer than the async timeout", func() { 291 It("returns an error", func() { 292 apiErr := ccGateway.DeleteResource(apiServer.URL, "/v2/foobars/TIMEOUT") 293 Expect(apiErr).To(HaveOccurred()) 294 Expect(apiErr).To(BeAssignableToTypeOf(errors.NewAsyncTimeoutError("http://some.url"))) 295 }) 296 }) 297 }) 298 }) 299 }) 300 301 Describe("making an async request", func() { 302 var ( 303 jobStatus string 304 apiServer *httptest.Server 305 authServer *httptest.Server 306 statusChannel chan string 307 ) 308 309 BeforeEach(func() { 310 jobStatus = "queued" 311 statusChannel = make(chan string, 10) 312 313 apiServer = httptest.NewTLSServer(http.HandlerFunc(func(writer http.ResponseWriter, request *http.Request) { 314 currentTime = currentTime.Add(time.Millisecond * 11) 315 316 updateStatus, ok := <-statusChannel 317 if ok { 318 jobStatus = updateStatus 319 } 320 321 switch request.URL.Path { 322 case "/v2/foo": 323 fmt.Fprintln(writer, `{ "metadata": { "url": "/v2/jobs/the-job-guid" } }`) 324 case "/v2/jobs/the-job-guid": 325 fmt.Fprintf(writer, ` 326 { 327 "entity": { 328 "status": "%s", 329 "error_details": { 330 "description": "he's dead, Jim" 331 } 332 } 333 }`, jobStatus) 334 default: 335 writer.WriteHeader(http.StatusInternalServerError) 336 fmt.Fprintf(writer, `"Unexpected request path '%s'"`, request.URL.Path) 337 } 338 })) 339 340 authServer, _ = testnet.NewTLSServer([]testnet.TestRequest{}) 341 342 config, authRepo = createAuthenticationRepository(apiServer, authServer) 343 ccGateway.SetTokenRefresher(authRepo) 344 345 ccGateway.SetTrustedCerts(apiServer.TLS.Certificates) 346 apiServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 347 authServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 348 }) 349 350 AfterEach(func() { 351 apiServer.Close() 352 authServer.Close() 353 }) 354 355 It("returns the last response if the job completes before the timeout", func() { 356 go func() { 357 statusChannel <- "queued" 358 statusChannel <- "finished" 359 }() 360 361 request, _ := ccGateway.NewRequest("GET", config.APIEndpoint()+"/v2/foo", config.AccessToken(), nil) 362 _, apiErr := ccGateway.PerformPollingRequestForJSONResponse(config.APIEndpoint(), request, new(struct{}), 500*time.Millisecond) 363 Expect(apiErr).NotTo(HaveOccurred()) 364 }) 365 366 It("returns an error with the right message when the job fails", func() { 367 go func() { 368 statusChannel <- "queued" 369 statusChannel <- "failed" 370 }() 371 372 request, _ := ccGateway.NewRequest("GET", config.APIEndpoint()+"/v2/foo", config.AccessToken(), nil) 373 _, apiErr := ccGateway.PerformPollingRequestForJSONResponse(config.APIEndpoint(), request, new(struct{}), 500*time.Millisecond) 374 Expect(apiErr.Error()).To(ContainSubstring("he's dead, Jim")) 375 }) 376 377 It("returns an error if jobs takes longer than the timeout", func() { 378 go func() { 379 statusChannel <- "queued" 380 statusChannel <- "OHNOES" 381 }() 382 request, _ := ccGateway.NewRequest("GET", config.APIEndpoint()+"/v2/foo", config.AccessToken(), nil) 383 _, apiErr := ccGateway.PerformPollingRequestForJSONResponse(config.APIEndpoint(), request, new(struct{}), 10*time.Millisecond) 384 Expect(apiErr).To(HaveOccurred()) 385 Expect(apiErr).To(BeAssignableToTypeOf(errors.NewAsyncTimeoutError("http://some.url"))) 386 }) 387 }) 388 389 Describe("when uploading a file", func() { 390 var ( 391 err error 392 request *Request 393 apiErr error 394 apiServer *httptest.Server 395 authServer *httptest.Server 396 fileToUpload *os.File 397 ) 398 399 BeforeEach(func() { 400 apiServer = httptest.NewTLSServer(refreshTokenAPIEndPoint( 401 `{ "code": 1000, "description": "Auth token is invalid" }`, 402 testnet.TestResponse{Status: http.StatusOK}, 403 )) 404 405 authServer = httptest.NewTLSServer(http.HandlerFunc(func(writer http.ResponseWriter, request *http.Request) { 406 fmt.Fprintln( 407 writer, 408 fmt.Sprintf(`{ "access_token": "%s", "token_type": "bearer", "refresh_token": "new-refresh-token"}`, refreshedAccessToken)) 409 })) 410 apiServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 411 authServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 412 413 fileToUpload, err = ioutil.TempFile("", "test-gateway") 414 strings.NewReader("expected body").WriteTo(fileToUpload) 415 416 config, auth := createAuthenticationRepository(apiServer, authServer) 417 ccGateway.SetTokenRefresher(auth) 418 ccGateway.SetTrustedCerts(apiServer.TLS.Certificates) 419 420 request, apiErr = ccGateway.NewRequestForFile("POST", config.APIEndpoint()+"/v2/foo", config.AccessToken(), fileToUpload) 421 }) 422 423 AfterEach(func() { 424 apiServer.Close() 425 authServer.Close() 426 fileToUpload.Close() 427 os.Remove(fileToUpload.Name()) 428 }) 429 430 It("sets the content length to the size of the file", func() { 431 Expect(err).NotTo(HaveOccurred()) 432 Expect(apiErr).NotTo(HaveOccurred()) 433 Expect(request.HTTPReq.ContentLength).To(Equal(int64(13))) 434 }) 435 }) 436 437 Describe("refreshing the auth token", func() { 438 var ( 439 authServer *httptest.Server 440 requestPath = "/v2/foo" 441 ) 442 443 AfterEach(func() { 444 authServer.Close() 445 }) 446 447 It("is done when the token is expired", func() { 448 authServer = httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 449 fmt.Fprintln(w, fmt.Sprintf(`{ 450 "access_token": "%s", 451 "token_type": "bearer", 452 "refresh_token": "%s" 453 }`, refreshedAccessToken, refreshToken)) 454 })) 455 uaaGateway.SetTrustedCerts(authServer.TLS.Certificates) 456 authServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 457 458 requestPath := "/v2/foo" 459 apiServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 460 // refresh call 461 if r.Header.Get("Authorization") == "bearer "+refreshedAccessToken && r.URL.Path == requestPath { 462 return // 200 with no body 463 } else { 464 http.Error(w, "unexpected request", http.StatusTeapot) 465 } 466 })) 467 468 defer apiServer.Close() 469 ccGateway.SetTrustedCerts(apiServer.TLS.Certificates) 470 471 config, auth := createAuthenticationRepository(apiServer, authServer) 472 expiredToken := testconfig.BuildTokenString(time.Time{}) 473 config.SetAccessToken("bearer " + expiredToken) 474 uaaGateway.SetTokenRefresher(auth) 475 request, apiErr := uaaGateway.NewRequest("POST", config.APIEndpoint()+requestPath, "bearer "+expiredToken, strings.NewReader("expected body")) 476 _, apiErr = uaaGateway.PerformRequest(request) 477 478 Expect(apiErr).NotTo(HaveOccurred()) 479 Expect(config.AccessToken()).To(Equal("bearer " + refreshedAccessToken)) 480 Expect(config.RefreshToken()).To(Equal(refreshToken)) 481 }) 482 483 It("is not done when the token is still valid", func() { 484 authServer = httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 485 http.Error(w, "dont call me", http.StatusTeapot) 486 })) 487 uaaGateway.SetTrustedCerts(authServer.TLS.Certificates) 488 authServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 489 490 apiServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 491 if r.Header.Get("Authorization") == "bearer "+initialAccessToken && r.URL.Path == requestPath { 492 return // 200 with no body 493 } else { 494 http.Error(w, "unexpected request", http.StatusTeapot) 495 } 496 })) 497 defer apiServer.Close() 498 ccGateway.SetTrustedCerts(apiServer.TLS.Certificates) 499 500 config, auth := createAuthenticationRepository(apiServer, authServer) 501 config.SetAccessToken("bearer " + initialAccessToken) 502 uaaGateway.SetTokenRefresher(auth) 503 request, apiErr := uaaGateway.NewRequest("POST", config.APIEndpoint()+requestPath, "bearer "+initialAccessToken, strings.NewReader("some body")) 504 _, apiErr = uaaGateway.PerformRequest(request) 505 506 Expect(apiErr).NotTo(HaveOccurred()) 507 Expect(config.AccessToken()).To(Equal("bearer " + initialAccessToken)) 508 }) 509 510 }) 511 512 Describe("SSL certificate validation errors", func() { 513 var ( 514 request *Request 515 apiServer *httptest.Server 516 ) 517 518 BeforeEach(func() { 519 apiServer = httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { 520 fmt.Fprintln(w, `{}`) 521 })) 522 apiServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 523 request, _ = ccGateway.NewRequest("POST", apiServer.URL+"/v2/foo", "the-access-token", nil) 524 }) 525 526 AfterEach(func() { 527 apiServer.Close() 528 }) 529 530 Context("when SSL validation is enabled", func() { 531 It("returns an invalid cert error if the server's CA is unknown (e.g. cert is self-signed)", func() { 532 apiServer.TLS.Certificates = []tls.Certificate{testnet.MakeSelfSignedTLSCert()} 533 534 _, apiErr := ccGateway.PerformRequest(request) 535 certErr, ok := apiErr.(*errors.InvalidSSLCert) 536 Expect(ok).To(BeTrue()) 537 Expect(certErr.URL).To(Equal(getHost(apiServer.URL))) 538 Expect(certErr.Reason).To(Equal("unknown authority")) 539 }) 540 541 It("returns an invalid cert error if the server's cert doesn't match its host", func() { 542 apiServer.TLS.Certificates = []tls.Certificate{testnet.MakeTLSCertWithInvalidHost()} 543 544 _, apiErr := ccGateway.PerformRequest(request) 545 certErr, ok := apiErr.(*errors.InvalidSSLCert) 546 Expect(ok).To(BeTrue()) 547 Expect(certErr.URL).To(Equal(getHost(apiServer.URL))) 548 if runtime.GOOS != "windows" { 549 Expect(certErr.Reason).To(Equal("not valid for the requested host")) 550 } 551 }) 552 553 It("returns an invalid cert error if the server's cert has expired", func() { 554 apiServer.TLS.Certificates = []tls.Certificate{testnet.MakeExpiredTLSCert()} 555 556 _, apiErr := ccGateway.PerformRequest(request) 557 certErr, ok := apiErr.(*errors.InvalidSSLCert) 558 Expect(ok).To(BeTrue()) 559 Expect(certErr.URL).To(Equal(getHost(apiServer.URL))) 560 if runtime.GOOS != "windows" { 561 Expect(certErr.Reason).To(Equal("")) 562 } 563 }) 564 }) 565 566 Context("when SSL validation is disabled", func() { 567 BeforeEach(func() { 568 apiServer.TLS.Certificates = []tls.Certificate{testnet.MakeExpiredTLSCert()} 569 config.SetSSLDisabled(true) 570 }) 571 572 It("succeeds", func() { 573 _, apiErr := ccGateway.PerformRequest(request) 574 Expect(apiErr).NotTo(HaveOccurred()) 575 }) 576 }) 577 578 }) 579 580 Describe("collecting warnings", func() { 581 var ( 582 apiServer *httptest.Server 583 authServer *httptest.Server 584 ) 585 586 BeforeEach(func() { 587 apiServer = httptest.NewTLSServer(http.HandlerFunc(func(writer http.ResponseWriter, request *http.Request) { 588 switch request.URL.Path { 589 case "/v2/happy": 590 fmt.Fprintln(writer, `{ "metadata": { "url": "/v2/jobs/the-job-guid" } }`) 591 case "/v2/warning1": 592 writer.Header().Add("X-Cf-Warnings", url.QueryEscape("Something not too awful has happened")) 593 fmt.Fprintln(writer, `{ "metadata": { "url": "/v2/jobs/the-job-guid" } }`) 594 case "/v2/warning2": 595 writer.Header().Add("X-Cf-Warnings", url.QueryEscape("Something a little awful")) 596 writer.WriteHeader(http.StatusInternalServerError) 597 fmt.Fprintf(writer, `{ "key": "value" }`) 598 } 599 })) 600 601 authServer, _ = testnet.NewTLSServer([]testnet.TestRequest{}) 602 603 config, authRepo = createAuthenticationRepository(apiServer, authServer) 604 ccGateway.SetTokenRefresher(authRepo) 605 606 ccGateway.SetTrustedCerts(apiServer.TLS.Certificates) 607 apiServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 608 authServer.Config.ErrorLog = log.New(&bytes.Buffer{}, "", 0) 609 610 config, authRepo = createAuthenticationRepository(apiServer, authServer) 611 }) 612 613 AfterEach(func() { 614 apiServer.Close() 615 authServer.Close() 616 }) 617 618 It("saves all X-Cf-Warnings headers and exposes them", func() { 619 request, _ := ccGateway.NewRequest("GET", config.APIEndpoint()+"/v2/happy", config.AccessToken(), nil) 620 ccGateway.PerformRequest(request) 621 request, _ = ccGateway.NewRequest("GET", config.APIEndpoint()+"/v2/warning1", config.AccessToken(), nil) 622 ccGateway.PerformRequest(request) 623 request, _ = ccGateway.NewRequest("GET", config.APIEndpoint()+"/v2/warning2", config.AccessToken(), nil) 624 ccGateway.PerformRequest(request) 625 626 Expect(ccGateway.Warnings()).To(Equal( 627 []string{"Something not too awful has happened", "Something a little awful"}, 628 )) 629 }) 630 631 It("defaults warnings to an empty slice", func() { 632 Expect(ccGateway.Warnings()).ToNot(BeNil()) 633 }) 634 }) 635 }) 636 637 func getHost(urlString string) string { 638 url, err := url.Parse(urlString) 639 Expect(err).NotTo(HaveOccurred()) 640 return url.Host 641 } 642 643 func refreshTokenAPIEndPoint(unauthorizedBody string, secondReqResp testnet.TestResponse) http.HandlerFunc { 644 return func(writer http.ResponseWriter, request *http.Request) { 645 var jsonResponse string 646 647 bodyBytes, err := ioutil.ReadAll(request.Body) 648 if err != nil || string(bodyBytes) != "expected body" { 649 writer.WriteHeader(http.StatusInternalServerError) 650 return 651 } 652 653 switch request.Header.Get("Authorization") { 654 case initialAccessToken: 655 writer.WriteHeader(http.StatusUnauthorized) 656 jsonResponse = unauthorizedBody 657 case refreshedAccessToken: 658 writer.WriteHeader(secondReqResp.Status) 659 jsonResponse = secondReqResp.Body 660 default: 661 writer.WriteHeader(http.StatusInternalServerError) 662 } 663 664 fmt.Fprintln(writer, jsonResponse) 665 } 666 } 667 668 func createAuthenticationRepository(apiServer *httptest.Server, authServer *httptest.Server) (coreconfig.ReadWriter, authentication.Repository) { 669 config := testconfig.NewRepository() 670 config.SetAuthenticationEndpoint(authServer.URL) 671 config.SetAPIEndpoint(apiServer.URL) 672 673 authGateway := NewUAAGateway(config, new(terminalfakes.FakeUI), new(tracefakes.FakePrinter), "") 674 authGateway.SetTrustedCerts(authServer.TLS.Certificates) 675 676 fakePrinter := new(tracefakes.FakePrinter) 677 dumper := NewRequestDumper(fakePrinter) 678 authenticator := authentication.NewUAARepository(authGateway, config, dumper) 679 680 return config, authenticator 681 }