mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-04-01 03:17:55 +00:00
refactor: tests (#731)
* tests: rework tests for context controller * tests: add tests for health controller * tests: add tests for oidc controller * tests: use testify assert in context and health controller * tests: add tests for user controller * tests: add tests for resources controller * tests: add well known controller tests * test: add proxy controller tests * chore: review comments * chore: more review comments * chore: cancel lockdown in testing * tests: fix get cookie domain tests * chore: add comment for testing passwords
This commit is contained in:
Stavros
@@ -3,57 +3,81 @@ package controller_test
|
||||
import (
|
||||
"net/http/httptest"
|
||||
"os"
|
||||
"path"
|
||||
"testing"
|
||||
|
||||
"github.com/steveiliop56/tinyauth/internal/controller"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"gotest.tools/v3/assert"
|
||||
"github.com/steveiliop56/tinyauth/internal/controller"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestResourcesHandler(t *testing.T) {
|
||||
// Setup
|
||||
gin.SetMode(gin.TestMode)
|
||||
router := gin.New()
|
||||
group := router.Group("/")
|
||||
func TestResourcesController(t *testing.T) {
|
||||
tempDir := t.TempDir()
|
||||
|
||||
ctrl := controller.NewResourcesController(controller.ResourcesControllerConfig{
|
||||
Path: "/tmp/tinyauth",
|
||||
resourcesControllerCfg := controller.ResourcesControllerConfig{
|
||||
Path: path.Join(tempDir, "resources"),
|
||||
Enabled: true,
|
||||
}, group)
|
||||
ctrl.SetupRoutes()
|
||||
}
|
||||
|
||||
// Create test data
|
||||
err := os.Mkdir("/tmp/tinyauth", 0755)
|
||||
assert.NilError(t, err)
|
||||
defer os.RemoveAll("/tmp/tinyauth")
|
||||
err := os.Mkdir(resourcesControllerCfg.Path, 0777)
|
||||
require.NoError(t, err)
|
||||
|
||||
file, err := os.Create("/tmp/tinyauth/test.txt")
|
||||
assert.NilError(t, err)
|
||||
type testCase struct {
|
||||
description string
|
||||
run func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder)
|
||||
}
|
||||
|
||||
_, err = file.WriteString("This is a test file.")
|
||||
assert.NilError(t, err)
|
||||
file.Close()
|
||||
tests := []testCase{
|
||||
{
|
||||
description: "Ensure resources endpoint returns 200 OK for existing file",
|
||||
run: func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder) {
|
||||
req := httptest.NewRequest("GET", "/resources/testfile.txt", nil)
|
||||
router.ServeHTTP(recorder, req)
|
||||
|
||||
// Test existing file
|
||||
req := httptest.NewRequest("GET", "/resources/test.txt", nil)
|
||||
recorder := httptest.NewRecorder()
|
||||
router.ServeHTTP(recorder, req)
|
||||
assert.Equal(t, 200, recorder.Code)
|
||||
assert.Equal(t, "This is a test file.", recorder.Body.String())
|
||||
},
|
||||
},
|
||||
{
|
||||
description: "Ensure resources endpoint returns 404 Not Found for non-existing file",
|
||||
run: func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder) {
|
||||
req := httptest.NewRequest("GET", "/resources/nonexistent.txt", nil)
|
||||
router.ServeHTTP(recorder, req)
|
||||
|
||||
assert.Equal(t, 200, recorder.Code)
|
||||
assert.Equal(t, "This is a test file.", recorder.Body.String())
|
||||
assert.Equal(t, 404, recorder.Code)
|
||||
},
|
||||
},
|
||||
{
|
||||
description: "Ensure resources controller denies path traversal",
|
||||
run: func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder) {
|
||||
req := httptest.NewRequest("GET", "/resources/../somefile.txt", nil)
|
||||
router.ServeHTTP(recorder, req)
|
||||
|
||||
// Test non-existing file
|
||||
req = httptest.NewRequest("GET", "/resources/nonexistent.txt", nil)
|
||||
recorder = httptest.NewRecorder()
|
||||
router.ServeHTTP(recorder, req)
|
||||
assert.Equal(t, 404, recorder.Code)
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
assert.Equal(t, 404, recorder.Code)
|
||||
testFilePath := resourcesControllerCfg.Path + "/testfile.txt"
|
||||
err = os.WriteFile(testFilePath, []byte("This is a test file."), 0777)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Test directory traversal attack
|
||||
req = httptest.NewRequest("GET", "/resources/../etc/passwd", nil)
|
||||
recorder = httptest.NewRecorder()
|
||||
router.ServeHTTP(recorder, req)
|
||||
testFilePathParent := tempDir + "/somefile.txt"
|
||||
err = os.WriteFile(testFilePathParent, []byte("This file should not be accessible."), 0777)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, 404, recorder.Code)
|
||||
for _, test := range tests {
|
||||
t.Run(test.description, func(t *testing.T) {
|
||||
router := gin.Default()
|
||||
group := router.Group("/")
|
||||
gin.SetMode(gin.TestMode)
|
||||
|
||||
resourcesController := controller.NewResourcesController(resourcesControllerCfg, group)
|
||||
resourcesController.SetupRoutes()
|
||||
|
||||
recorder := httptest.NewRecorder()
|
||||
test.run(t, router, recorder)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user