...

Source file src/edge-infra.dev/pkg/sds/remoteaccess/authserver/checks_test.go

Documentation: edge-infra.dev/pkg/sds/remoteaccess/authserver 

     1  package authserver
     2  
     3  import (
     4  	"net/http"
     5  	"net/http/httptest"
     6  	"net/url"
     7  	"testing"
     8  
     9  	"github.com/gin-gonic/gin"
    10  	"github.com/stretchr/testify/assert"
    11  
    12  	"edge-infra.dev/pkg/edge/auth-proxy/session"
    13  )
    14  
    15  func TestGetClusterEdgeIdFromPath(t *testing.T) {
    16  	t.Parallel()
    17  
    18  	tests := map[string]struct {
    19  		path         string
    20  		expClusterID string
    21  	}{
    22  		"Remoteaccess without subpath": {
    23  			path:         "/remoteaccess/abcd",
    24  			expClusterID: "",
    25  		},
    26  		"Remoteaccess with trailing slash": {
    27  			path:         "/remoteaccess/abcd/",
    28  			expClusterID: "abcd",
    29  		},
    30  		"Remoteaccess with subpath": {
    31  			path:         "/remoteaccess/abcd/a",
    32  			expClusterID: "abcd",
    33  		},
    34  		"Missing / Prefix": {
    35  			path:         "remoteaccess/abcd/a/a",
    36  			expClusterID: "",
    37  		},
    38  		"Incorrect Prefix": {
    39  			path:         "/grafana/abcd/a",
    40  			expClusterID: "",
    41  		},
    42  	}
    43  
    44  	for name, tc := range tests {
    45  		tc := tc
    46  		t.Run(name, func(t *testing.T) {
    47  			t.Parallel()
    48  
    49  			out := getClusterEdgeIDFromPath(tc.path)
    50  			assert.Equal(t, tc.expClusterID, out)
    51  		})
    52  	}
    53  }
    54  
    55  func TestRejectAdditionalSlashes(t *testing.T) {
    56  	t.Parallel()
    57  
    58  	tests := map[string]struct {
    59  		path   string
    60  		expErr assert.ErrorAssertionFunc
    61  	}{
    62  		"Clean path": {
    63  			path:   "/abcd/efgh",
    64  			expErr: assert.NoError,
    65  		},
    66  		"Double slash": {
    67  			path:   "/abcd//efgh",
    68  			expErr: assert.Error,
    69  		},
    70  		"Empty path": {
    71  			path:   "http://example.com.",
    72  			expErr: assert.NoError,
    73  		},
    74  		"Root dir": {
    75  			path:   "/",
    76  			expErr: assert.NoError,
    77  		},
    78  		"Current Dir": {
    79  			path:   "/.",
    80  			expErr: assert.Error,
    81  		},
    82  		"Parent dir": {
    83  			path:   "/abcd/../efgh",
    84  			expErr: assert.Error,
    85  		},
    86  		"Current dir in path": {
    87  			path:   "/abcd/./efgh",
    88  			expErr: assert.Error,
    89  		},
    90  		"escaped slash": {
    91  			path:   "/" + url.PathEscape("/abcd//efgh"),
    92  			expErr: assert.NoError,
    93  		},
    94  		"Trailing Slash": {
    95  			path:   "/abcd/",
    96  			expErr: assert.NoError,
    97  		},
    98  		"Double trailing slash": {
    99  			path:   "/abcd//",
   100  			expErr: assert.Error,
   101  		},
   102  		"novnc single slash": {
   103  			path:   "/abcd/novnc/ws",
   104  			expErr: assert.NoError,
   105  		},
   106  		"novnc double slash": {
   107  			// Temporarily the novnc ws endpoint must accept a double slash for
   108  			// bwc. This exception will be removed in a future release
   109  			path:   "/abcd/novnc//ws",
   110  			expErr: assert.NoError,
   111  		},
   112  		"novnc triple slash": {
   113  			// novnc with a tripple slash should be rejected as this is an
   114  			// unexpected call
   115  			path:   "/abcd/novnc///ws",
   116  			expErr: assert.Error,
   117  		},
   118  		"novnc other path double slash": {
   119  			// There should only be an exception for the novnc ws endpoint
   120  			path:   "/abcd/novnc//authorize",
   121  			expErr: assert.Error,
   122  		},
   123  	}
   124  
   125  	for name, tc := range tests {
   126  		tc := tc
   127  		t.Run(name, func(t *testing.T) {
   128  			t.Parallel()
   129  
   130  			r := httptest.NewRecorder()
   131  			ctx, _ := gin.CreateTestContext(r)
   132  
   133  			req := httptest.NewRequest(http.MethodGet, tc.path, nil)
   134  			ctx.Request = req
   135  
   136  			as := &AuthServer{}
   137  
   138  			err := (*AuthServer).rejectDuplicateSlashes(as, ctx, session.NewMockSessions())
   139  			tc.expErr(t, err)
   140  		})
   141  	}
   142  }
   143  

View as plain text