-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathparser_test.go
More file actions
106 lines (94 loc) · 4.57 KB
/
parser_test.go
File metadata and controls
106 lines (94 loc) · 4.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
package httpsig
import (
"fmt"
"github.com/stretchr/testify/assert"
"net/http"
"regexp"
"strings"
"testing"
"time"
)
const (
SampleKeyID = "keyId"
SampleAlgorithm = "rsa-sha256"
SampleHeaders = "host date"
SampleSignature = "abcdefg"
)
func TestParseRequestWithNoAuthorizationHeader(t *testing.T) {
req, _ := http.NewRequest("GET", "http://example.com/path/to/resource", nil)
parsed, err := ParseRequest(req)
assert.NotNil(t, err)
assert.Nil(t, parsed)
assert.Contains(t, err.Error(), "no authorization header present")
}
func TestParseRequest(t *testing.T) {
req, _ := http.NewRequest("GET", "http://example.com/path/to/resource", nil)
req.Header.Set("Authorization", fmt.Sprintf("Signature keyId=\"%s\",algorithm=\"%s\",headers=\"%s\",signature=\"%s\"", SampleKeyID, SampleAlgorithm, SampleHeaders, SampleSignature))
req.Header.Set("Date", time.Now().Format(time.RFC1123))
parsed, err := ParseRequest(req)
assert.Nil(t, err)
assert.NotNil(t, parsed)
assert.Equal(t, "Signature", parsed.Scheme())
assert.NotNil(t, parsed.Params())
assert.Equal(t, SampleKeyID, parsed.KeyId())
assert.Equal(t, strings.ToUpper(SampleAlgorithm), parsed.Algorithm())
assert.Equal(t, SampleHeaders, strings.Join(parsed.Headers(), " "))
assert.Equal(t, SampleSignature, parsed.Signature())
rx, _ := regexp.Compile("host: example.com\ndate: [^\n]+")
assert.Regexp(t, rx, parsed.SigningString())
}
func TestParseRequestWithNoHeaders(t *testing.T) {
req, _ := http.NewRequest("GET", "http://example.com/path/to/resource", nil)
req.Header.Set("Authorization", fmt.Sprintf("Signature keyId=\"%s\",algorithm=\"%s\",signature=\"%s\"", SampleKeyID, SampleAlgorithm, SampleSignature))
req.Header.Set("Date", time.Now().Format(time.RFC1123))
parsed, err := ParseRequest(req)
assert.Nil(t, err)
assert.NotNil(t, parsed)
assert.Equal(t, "date", strings.Join(parsed.Headers(), " "))
rx, _ := regexp.Compile("date: [^\n]+")
assert.Regexp(t, rx, parsed.SigningString())
}
func TestParseRequestWithRequestLine(t *testing.T) {
req, _ := http.NewRequest("GET", "http://example.com/path/to/resource", nil)
req.RequestURI = "/path/to/resource"
req.Header.Set("Authorization", fmt.Sprintf("Signature keyId=\"%s\",algorithm=\"%s\",headers=\"%s request-line\",signature=\"%s\"", SampleKeyID, SampleAlgorithm, SampleHeaders, SampleSignature))
req.Header.Set("Date", time.Now().Format(time.RFC1123))
parsed, err := ParseRequest(req)
assert.Nil(t, err)
assert.NotNil(t, parsed)
assert.Equal(t, fmt.Sprintf("%s %s", SampleHeaders, "request-line"), strings.Join(parsed.Headers(), " "))
assert.Equal(t, SampleSignature, parsed.Signature())
rx, _ := regexp.Compile("host: example.com\ndate: [^\n]+\nGET /path/to/resource HTTP/1.1")
assert.Regexp(t, rx, parsed.SigningString())
}
func TestParseRequestWithRequestTarget(t *testing.T) {
req, _ := http.NewRequest("GET", "http://example.com/path/to/resource", nil)
req.RequestURI = "/path/to/resource"
req.Header.Set("Authorization", fmt.Sprintf("Signature keyId=\"%s\",algorithm=\"%s\",headers=\"%s (request-target)\",signature=\"%s\"", SampleKeyID, SampleAlgorithm, SampleHeaders, SampleSignature))
req.Header.Set("Date", time.Now().Format(time.RFC1123))
parsed, err := ParseRequest(req)
assert.Nil(t, err)
assert.NotNil(t, parsed)
assert.Equal(t, fmt.Sprintf("%s %s", SampleHeaders, "(request-target)"), strings.Join(parsed.Headers(), " "))
assert.Equal(t, SampleSignature, parsed.Signature())
rx, _ := regexp.Compile("host: example.com\ndate: [^\n]+\n\\(request-target\\): get /path/to/resource")
assert.Regexp(t, rx, parsed.SigningString())
}
func TestParseRequestWithDateBeforeClockSkewRange(t *testing.T) {
req, _ := http.NewRequest("GET", "http://example.com/path/to/resource", nil)
req.Header.Set("Authorization", fmt.Sprintf("Signature keyId=\"%s\",algorithm=\"%s\",signature=\"%s\"", SampleKeyID, SampleAlgorithm, SampleSignature))
req.Header.Set("Date", time.Now().Add(-DefaultClockSkew-time.Second).Format(time.RFC1123))
parsed, err := ParseRequest(req)
assert.NotNil(t, err)
assert.Nil(t, parsed)
assert.Contains(t, err.Error(), "Expired Request error")
}
func TestParseRequestWithDateAfterClockSkewRange(t *testing.T) {
req, _ := http.NewRequest("GET", "http://example.com/path/to/resource", nil)
req.Header.Set("Authorization", fmt.Sprintf("Signature keyId=\"%s\",algorithm=\"%s\",signature=\"%s\"", SampleKeyID, SampleAlgorithm, SampleSignature))
req.Header.Set("Date", time.Now().Add(DefaultClockSkew+time.Second).Format(time.RFC1123))
parsed, err := ParseRequest(req)
assert.NotNil(t, err)
assert.Nil(t, parsed)
assert.Contains(t, err.Error(), "Expired Request error")
}