github.com/shashidharatd/test-infra@v0.0.0-20171006011030-71304e1ca560/prow/hook/server_test.go (about) 1 /* 2 Copyright 2016 The Kubernetes Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package hook 18 19 import ( 20 "net/http" 21 "net/http/httptest" 22 "strings" 23 "testing" 24 ) 25 26 func TestServeHTTPErrors(t *testing.T) { 27 metrics, err := NewMetrics() 28 if err != nil { 29 t.Fatal(err) 30 } 31 s := &Server{ 32 HMACSecret: []byte("abc"), 33 Metrics: metrics, 34 } 35 // This is the SHA1 signature for payload "{}" and signature "abc" 36 // echo -n '{}' | openssl dgst -sha1 -hmac abc 37 const hmac string = "sha1=db5c76f4264d0ad96cf21baec394964b4b8ce580" 38 const body string = "{}" 39 var testcases = []struct { 40 Method string 41 Header map[string]string 42 Body string 43 Code int 44 }{ 45 { 46 // GET 47 Method: http.MethodGet, 48 Header: map[string]string{ 49 "X-GitHub-Event": "ping", 50 "X-GitHub-Delivery": "I am unique", 51 "X-Hub-Signature": hmac, 52 "content-type": "application/json", 53 }, 54 Body: body, 55 Code: http.StatusMethodNotAllowed, 56 }, 57 { 58 // No event 59 Method: http.MethodPost, 60 Header: map[string]string{ 61 "X-GitHub-Delivery": "I am unique", 62 "X-Hub-Signature": hmac, 63 "content-type": "application/json", 64 }, 65 Body: body, 66 Code: http.StatusBadRequest, 67 }, 68 { 69 // No content type 70 Method: http.MethodPost, 71 Header: map[string]string{ 72 "X-GitHub-Event": "ping", 73 "X-GitHub-Delivery": "I am unique", 74 "X-Hub-Signature": hmac, 75 }, 76 Body: body, 77 Code: http.StatusBadRequest, 78 }, 79 { 80 // No event guid 81 Method: http.MethodPost, 82 Header: map[string]string{ 83 "X-GitHub-Event": "ping", 84 "X-Hub-Signature": hmac, 85 "content-type": "application/json", 86 }, 87 Body: body, 88 Code: http.StatusBadRequest, 89 }, 90 { 91 // No signature 92 Method: http.MethodPost, 93 Header: map[string]string{ 94 "X-GitHub-Event": "ping", 95 "X-GitHub-Delivery": "I am unique", 96 "content-type": "application/json", 97 }, 98 Body: body, 99 Code: http.StatusForbidden, 100 }, 101 { 102 // Bad signature 103 Method: http.MethodPost, 104 Header: map[string]string{ 105 "X-GitHub-Event": "ping", 106 "X-GitHub-Delivery": "I am unique", 107 "X-Hub-Signature": "this doesn't work", 108 "content-type": "application/json", 109 }, 110 Body: body, 111 Code: http.StatusForbidden, 112 }, 113 { 114 // Good 115 Method: http.MethodPost, 116 Header: map[string]string{ 117 "X-GitHub-Event": "ping", 118 "X-GitHub-Delivery": "I am unique", 119 "X-Hub-Signature": hmac, 120 "content-type": "application/json", 121 }, 122 Body: body, 123 Code: http.StatusOK, 124 }, 125 } 126 127 for _, tc := range testcases { 128 w := httptest.NewRecorder() 129 r, err := http.NewRequest(tc.Method, "", strings.NewReader(tc.Body)) 130 if err != nil { 131 t.Fatal(err) 132 } 133 for k, v := range tc.Header { 134 r.Header.Set(k, v) 135 } 136 s.ServeHTTP(w, r) 137 if w.Code != tc.Code { 138 t.Errorf("For test case: %+v\nExpected code %v, got code %v", tc, tc.Code, w.Code) 139 } 140 } 141 }