390 lines
9.1 KiB
Lua
390 lines
9.1 KiB
Lua
local lu = require("luaunit")
|
|
local conf = require("ssso_config")
|
|
|
|
local here = debug.getinfo(1).source:sub(2, -17)
|
|
conf.load_conf(here)
|
|
|
|
local ngx = require("ngx")
|
|
local ng = require("ssso_nginx")
|
|
|
|
function test_refe_host_meth_uri_taken_from_ngx()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.http_referer = "R"
|
|
ngx.var.host = "H"
|
|
ngx.var.request_method = "M"
|
|
ngx.var.request_uri = "U"
|
|
-- when
|
|
local r = ng.get_request()
|
|
-- then
|
|
lu.assertEquals(r.referer, "R")
|
|
lu.assertEquals(r.host, "H")
|
|
lu.assertEquals(r.method, "M")
|
|
lu.assertEquals(r.uri, "U")
|
|
lu.assertEquals(r.target, "U")
|
|
lu.assertEquals(r.query_params, {})
|
|
end
|
|
|
|
function test_empty_referer_reported_as_nil()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "U"
|
|
ngx.var.http_referer = ""
|
|
-- when
|
|
local r = ng.get_request()
|
|
-- then
|
|
lu.assertEquals(r.referer, nil)
|
|
end
|
|
|
|
function test_query_params_split_from_uri_and_decoded()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "U?P=V&Q=W"
|
|
-- when
|
|
local r = ng.get_request()
|
|
-- then
|
|
lu.assertEquals(r.uri, "U?P=V&Q=W")
|
|
lu.assertEquals(r.target, "U")
|
|
lu.assertEquals(r.query_params, {P = "v", Q = "w"})
|
|
end
|
|
|
|
function test_default_scheme_is_http()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "U"
|
|
-- when
|
|
local r = ng.get_request()
|
|
-- then
|
|
lu.assertEquals(r.scheme, "http")
|
|
end
|
|
|
|
function test_scheme_is_https_when_proxy_https_var()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "U"
|
|
ngx.var.proxy_https = 1
|
|
-- when
|
|
local r = ng.get_request()
|
|
-- then
|
|
lu.assertEquals(r.scheme, "https")
|
|
end
|
|
|
|
function test_scheme_is_https_when_https_var()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "U"
|
|
ngx.var.https = 1
|
|
-- when
|
|
local r = ng.get_request()
|
|
-- then
|
|
lu.assertEquals(r.scheme, "https")
|
|
end
|
|
|
|
function test_get_jws_cookie_returns_the_cookie_from_nginx()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.cookie_SSSO_TOKEN = "cookie"
|
|
-- when
|
|
local c = ng.get_jws_cookie()
|
|
-- then
|
|
lu.assertEquals(c, "cookie")
|
|
end
|
|
|
|
function test_jws_cookie_sent_back_through_ngx()
|
|
-- given
|
|
ngx.reset_header()
|
|
-- when
|
|
ng.set_jws_cookie("J", 999)
|
|
-- then
|
|
lu.assertEquals(ngx.header["Set-Cookie"], {v = "SSSO_TOKEN=J; Path=/; Expires=999; Secure", link = nil})
|
|
end
|
|
|
|
function test_ngx_now_converted_to_integer()
|
|
lu.assertEquals(ng.get_seconds_since_epoch(), 1626546790)
|
|
end
|
|
|
|
function test_add_cookie_works_once()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.req.reset()
|
|
-- when
|
|
ng.add_cookie("C", "V")
|
|
-- then
|
|
lu.assertEquals(ngx.req.header["Cookie"], "C=V")
|
|
end
|
|
|
|
function test_add_cookie_works_twice()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.req.reset()
|
|
-- when
|
|
ng.add_cookie("C1", "V1")
|
|
ng.add_cookie("C2", "V2")
|
|
-- then
|
|
lu.assertEquals(ngx.req.header["Cookie"], "C1=V1; C2=V2")
|
|
end
|
|
|
|
function test_add_header_works()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.req.reset()
|
|
-- when
|
|
ng.add_header("H1", "V1")
|
|
ng.add_header("H2", "V2")
|
|
ng.add_header("H1", "V3")
|
|
-- then
|
|
lu.assertEquals(ngx.req.header["H1"], "V3")
|
|
lu.assertEquals(ngx.req.header["H2"], "V2")
|
|
end
|
|
|
|
function test_method_is_recognized_case_insensitive()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_method = "get"
|
|
ngx.var.request_uri = "U"
|
|
local r = ng.get_request()
|
|
-- when
|
|
local is_get = ng.has_method(r, "GET")
|
|
local is_post = ng.has_method(r, "POST")
|
|
-- then
|
|
lu.assertTrue(is_get and true)
|
|
lu.assertFalse(is_post or false)
|
|
end
|
|
|
|
function test_uri_identity_ignores_query_parameters()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "U?P=V&Q=W"
|
|
local r = ng.get_request()
|
|
-- when
|
|
local is_without_qp = ng.is(r, "U")
|
|
local is_with_qp = ng.is(r, "U?P=V&Q=W")
|
|
-- then
|
|
lu.assertTrue(is_without_qp and true)
|
|
lu.assertFalse(is_with_qp or false)
|
|
end
|
|
|
|
function test_uri_match_ignores_query_parameters()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "/aa?bb"
|
|
local r = ng.get_request()
|
|
-- when
|
|
local matches_without_qp = ng.matches(r, "/a+$")
|
|
local matches_with_qp = ng.matches(r, "/a.*b")
|
|
-- then
|
|
lu.assertTrue(matches_without_qp and true)
|
|
lu.assertFalse(matches_with_qp or false)
|
|
end
|
|
|
|
function test_starts_with_ignores_query_parameters()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "/aa?bb"
|
|
local r = ng.get_request()
|
|
-- when
|
|
local start_without_qp = ng.starts_with(r, "/a")
|
|
local start_with_qp = ng.starts_with(r, "/aa?b")
|
|
-- then
|
|
lu.assertTrue(start_without_qp and true)
|
|
lu.assertFalse(start_with_qp or false)
|
|
end
|
|
|
|
function test_starts_with_must_start_with_given_value()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "/aa?bb"
|
|
local r = ng.get_request()
|
|
-- when
|
|
local start_in_middle = ng.starts_with(r, "aa")
|
|
local does_not_start = ng.starts_with(r, "x")
|
|
-- then
|
|
lu.assertFalse(start_in_middle or false)
|
|
lu.assertFalse(does_not_start or false)
|
|
end
|
|
|
|
function test_has_param_works_disregarding_the_value()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "/aa?bb&c=1"
|
|
local r = ng.get_request()
|
|
-- when
|
|
local has_unknown_param = ng.has_param(r, "b")
|
|
local has_unvalued_param = ng.has_param(r, "bb")
|
|
local has_valued_param = ng.has_param(r, "c")
|
|
-- then
|
|
lu.assertFalse(has_unknown_param or false)
|
|
lu.assertTrue(has_unvalued_param and true)
|
|
lu.assertTrue(has_valued_param and true)
|
|
end
|
|
|
|
function test_has_param_works_with_a_correct_value()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "/aa?bb&c=1"
|
|
local r = ng.get_request()
|
|
-- when
|
|
local has_unvalued_param = ng.has_param(r, "bb", true)
|
|
local has_valued_param = ng.has_param(r, "c", "1")
|
|
-- then
|
|
lu.assertTrue(has_unvalued_param and true)
|
|
lu.assertTrue(has_valued_param and true)
|
|
end
|
|
|
|
function test_has_param_works_with_a_wrong_value()
|
|
-- given
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "/aa?bb&c=1"
|
|
local r = ng.get_request()
|
|
-- when
|
|
local has_unknown_param = ng.has_param(r, "b", "x")
|
|
local has_unvalued_param = ng.has_param(r, "bb", "x")
|
|
local has_valued_param = ng.has_param(r, "c", "x")
|
|
-- then
|
|
lu.assertFalse(has_unknown_param or false)
|
|
lu.assertFalse(has_unvalued_param or false)
|
|
lu.assertFalse(has_valued_param or false)
|
|
end
|
|
|
|
function test_answer_not_found_returns_404()
|
|
lu.assertEquals(ng.answer_not_found(), 404)
|
|
end
|
|
|
|
function test_answer_unexpected_error_returns_500()
|
|
lu.assertEquals(ng.answer_unexpected_error(), 500)
|
|
end
|
|
|
|
function test_redirect_to_page_prepends_host()
|
|
lu.assertEquals(ng.redirect_to_page("/url"), "302:https://my-domain.tld/url")
|
|
end
|
|
|
|
function test_redirect_to_portal()
|
|
lu.assertEquals(ng.redirect_to_portal(), "307:https://my-domain.tld/ssso/portal")
|
|
end
|
|
|
|
function test_return_contents_returns_data_and_headers_http_200()
|
|
-- given
|
|
ngx.reset_resp_body()
|
|
ngx.reset_header()
|
|
-- when
|
|
local resp = ng.return_contents("Contents", "Mime; Charset")
|
|
-- then
|
|
lu.assertEquals(resp, 200)
|
|
lu.assertEquals(ngx.say(), "Contents")
|
|
lu.assertEquals(ngx.header["Content-Type"], "Mime; Charset")
|
|
lu.assertEquals(ngx.header["Content-Length"], "8")
|
|
lu.assertEquals(ngx.header["Cache-Control"], "no-store,max-age=0")
|
|
end
|
|
|
|
function test_with_post_parameters_merges_post_parameters_to_request_data()
|
|
-- given
|
|
ngx.reset_post_var()
|
|
ngx.reset_var()
|
|
ngx.var.request_uri = "url?p&q=3"
|
|
ngx.post_var.p = "5"
|
|
ngx.post_var.r = "hello"
|
|
-- when (1)
|
|
local r = ng.get_request()
|
|
-- then (1)
|
|
lu.assertEquals(r, {
|
|
scheme = "http",
|
|
uri = "url?p&q=3",
|
|
target = "url",
|
|
query_params = {
|
|
p = true,
|
|
q = "3",
|
|
},
|
|
})
|
|
-- when (2)
|
|
r = ng.with_post_parameters(r)
|
|
-- then (2)
|
|
lu.assertEquals(r, {
|
|
scheme = "http",
|
|
uri = "url?p&q=3",
|
|
target = "url",
|
|
query_params = {
|
|
p = "5",
|
|
q = "3",
|
|
r = "hello",
|
|
},
|
|
})
|
|
end
|
|
|
|
function test_get_basic_auth_with_no_header_returns_nil()
|
|
-- given
|
|
ngx.reset_header()
|
|
-- when
|
|
local u, p = ng.get_basic_auth()
|
|
-- then
|
|
lu.assertNil(u)
|
|
lu.assertNil(p)
|
|
end
|
|
|
|
function test_get_basic_auth_with_non_basic_header_returns_nil()
|
|
-- given
|
|
ngx.reset_header()
|
|
ngx.var.Authentication = "Bearer uuid"
|
|
-- when
|
|
local u, p = ng.get_basic_auth()
|
|
-- then
|
|
lu.assertNil(u)
|
|
lu.assertNil(p)
|
|
end
|
|
|
|
function test_get_basic_auth_with_basic_header_but_no_base64_returns_nil()
|
|
-- given
|
|
ngx.reset_header()
|
|
ngx.var.Authentication = "Basic "
|
|
-- when
|
|
local u, p = ng.get_basic_auth()
|
|
-- then
|
|
lu.assertNil(u)
|
|
lu.assertNil(p)
|
|
end
|
|
|
|
function test_get_basic_auth_with_basic_header_but_invalid_base64_returns_nil()
|
|
-- given
|
|
ngx.reset_header()
|
|
ngx.var.Authentication = "Basic !!!!"
|
|
-- when
|
|
local u, p = ng.get_basic_auth()
|
|
-- then
|
|
lu.assertNil(u)
|
|
lu.assertNil(p)
|
|
end
|
|
|
|
function test_get_basic_auth_with_valid_basic_header_returns_auth()
|
|
-- given
|
|
ngx.reset_header()
|
|
ngx.var.Authentication = "Basic dTpw"
|
|
-- when
|
|
local u, p = ng.get_basic_auth()
|
|
-- then
|
|
lu.assertEquals(u, "u")
|
|
lu.assertEquals(p, "p")
|
|
end
|
|
|
|
function test_get_basic_auth_works_with_an_empty_login()
|
|
-- given
|
|
ngx.reset_header()
|
|
ngx.var.Authentication = "Basic OnA="
|
|
-- when
|
|
local u, p = ng.get_basic_auth()
|
|
-- then
|
|
lu.assertEquals(u, "")
|
|
lu.assertEquals(p, "p")
|
|
end
|
|
|
|
function test_get_basic_auth_works_with_an_empty_password()
|
|
-- given
|
|
ngx.reset_header()
|
|
ngx.var.Authentication = "Basic dTo="
|
|
-- when
|
|
local u, p = ng.get_basic_auth()
|
|
-- then
|
|
lu.assertEquals(u, "u")
|
|
lu.assertEquals(p, "")
|
|
end
|
|
|
|
os.exit(lu.LuaUnit.run())
|