tests: add util tests

internal/utils/security_utils_test.go

@@ -0,0 +1,151 @@
+package utils_test
+
+import (
+	"os"
+	"testing"
+	"tinyauth/internal/utils"
+
+	"gotest.tools/v3/assert"
+)
+
+func TestGetSecret(t *testing.T) {
+	// Setup
+	file, err := os.Create("/tmp/tinyauth_test_secret")
+	assert.NilError(t, err)
+
+	_, err = file.WriteString("       secret       \n")
+	assert.NilError(t, err)
+
+	err = file.Close()
+	assert.NilError(t, err)
+	defer os.Remove("/tmp/tinyauth_test_secret")
+
+	// Get from config
+	assert.Equal(t, "mysecret", utils.GetSecret("mysecret", ""))
+
+	// Get from file
+	assert.Equal(t, "secret", utils.GetSecret("", "/tmp/tinyauth_test_secret"))
+
+	// Get from both (config should take precedence)
+	assert.Equal(t, "mysecret", utils.GetSecret("mysecret", "/tmp/tinyauth_test_secret"))
+
+	// Get from none
+	assert.Equal(t, "", utils.GetSecret("", ""))
+
+	// Get from non-existing file
+	assert.Equal(t, "", utils.GetSecret("", "/tmp/non_existing_file"))
+}
+
+func TestParseSecretFile(t *testing.T) {
+	// Normal case
+	content := "   mysecret   \n"
+	assert.Equal(t, "mysecret", utils.ParseSecretFile(content))
+
+	// Multiple lines (should take the first non-empty line)
+	content = "\n\n   firstsecret   \nsecondsecret\n"
+	assert.Equal(t, "firstsecret", utils.ParseSecretFile(content))
+
+	// All empty lines
+	content = "\n   \n  \n"
+	assert.Equal(t, "", utils.ParseSecretFile(content))
+
+	// Empty content
+	content = ""
+	assert.Equal(t, "", utils.ParseSecretFile(content))
+}
+
+func TestGetBasicAuth(t *testing.T) {
+	// Normal case
+	username := "user"
+	password := "pass"
+	expected := "dXNlcjpwYXNz" // base64 of "user:pass"
+	assert.Equal(t, expected, utils.GetBasicAuth(username, password))
+
+	// Empty username
+	username = ""
+	password = "pass"
+	expected = "OnBhc3M=" // base64 of ":pass"
+	assert.Equal(t, expected, utils.GetBasicAuth(username, password))
+
+	// Empty password
+	username = "user"
+	password = ""
+	expected = "dXNlcjo=" // base64 of "user:"
+	assert.Equal(t, expected, utils.GetBasicAuth(username, password))
+}
+
+func TestFilterIP(t *testing.T) {
+	// Exact match IPv4
+	ok, err := utils.FilterIP("10.10.0.1", "10.10.0.1")
+	assert.NilError(t, err)
+	assert.Equal(t, true, ok)
+
+	// Non-match IPv4
+	ok, err = utils.FilterIP("10.10.0.1", "10.10.0.2")
+	assert.NilError(t, err)
+	assert.Equal(t, false, ok)
+
+	// CIDR match IPv4
+	ok, err = utils.FilterIP("10.10.0.0/24", "10.10.0.2")
+	assert.NilError(t, err)
+	assert.Equal(t, true, ok)
+
+	// CIDR match IPv4 with '-' instead of '/'
+	ok, err = utils.FilterIP("10.10.10.0-24", "10.10.10.5")
+	assert.NilError(t, err)
+	assert.Equal(t, true, ok)
+
+	// CIDR non-match IPv4
+	ok, err = utils.FilterIP("10.10.0.0/24", "10.5.0.1")
+	assert.NilError(t, err)
+	assert.Equal(t, false, ok)
+
+	// Invalid CIDR
+	ok, err = utils.FilterIP("10.10.0.0/222", "10.0.0.1")
+	assert.ErrorContains(t, err, "invalid CIDR address")
+	assert.Equal(t, false, ok)
+
+	// Invalid IP in filter
+	ok, err = utils.FilterIP("invalid_ip", "10.5.5.5")
+	assert.ErrorContains(t, err, "invalid IP address in filter")
+	assert.Equal(t, false, ok)
+
+	// Invalid IP to check
+	ok, err = utils.FilterIP("10.10.10.10", "invalid_ip")
+	assert.ErrorContains(t, err, "invalid IP address")
+	assert.Equal(t, false, ok)
+}
+
+func TestCheckFilter(t *testing.T) {
+	// Empty filter
+	assert.Equal(t, true, utils.CheckFilter("", "anystring"))
+
+	// Exact match
+	assert.Equal(t, true, utils.CheckFilter("hello", "hello"))
+
+	// Regex match
+	assert.Equal(t, true, utils.CheckFilter("/^h.*o$/", "hello"))
+
+	// Invalid regex
+	assert.Equal(t, false, utils.CheckFilter("/[unclosed", "test"))
+
+	// Comma-separated values
+	assert.Equal(t, true, utils.CheckFilter("apple, banana, cherry", "banana"))
+
+	// No match
+	assert.Equal(t, false, utils.CheckFilter("apple, banana, cherry", "grape"))
+}
+
+func TestGenerateIdentifier(t *testing.T) {
+	// Consistent output for same input
+	id1 := utils.GenerateIdentifier("teststring")
+	id2 := utils.GenerateIdentifier("teststring")
+	assert.Equal(t, id1, id2)
+
+	// Different output for different input
+	id3 := utils.GenerateIdentifier("differentstring")
+	assert.Assert(t, id1 != id3)
+
+	// Check length (should be 8 characters from first segment of UUID)
+	assert.Equal(t, 8, len(id1))
+}