1from typing import Generator, Tuple, Union
2
3from abstract_tests import HTTP, AmbassadorTest, Node, ServiceType
4from kat.harness import Query
5
6# Note that there's also a CORS OptionTest in t_optiontests.py.
7
8
9class GlobalCORSTest(AmbassadorTest):
10 target: ServiceType
11
12 def init(self):
13 self.target = HTTP()
14
15 def config(self) -> Generator[Union[str, Tuple[Node, str]], None, None]:
16 yield self, self.format(
17 """
18---
19apiVersion: getambassador.io/v3alpha1
20kind: Module
21name: ambassador
22config:
23 cors:
24 origins: [http://foo.example.com]
25 methods: [POST, GET, OPTIONS]
26---
27apiVersion: getambassador.io/v3alpha1
28kind: Mapping
29name: {self.target.path.k8s}-foo
30hostname: "*"
31prefix: /foo/
32service: {self.target.path.fqdn}
33---
34apiVersion: getambassador.io/v3alpha1
35kind: Mapping
36name: {self.target.path.k8s}-bar
37hostname: "*"
38prefix: /bar/
39service: {self.target.path.fqdn}
40cors:
41 origins: [http://bar.example.com]
42 methods: [POST, GET, OPTIONS]
43"""
44 )
45
46 def queries(self):
47 # 0. No Access-Control-Allow-Origin because no Origin was provided.
48 yield Query(self.url("foo/"))
49
50 # 1. Access-Control-Allow-Origin because a matching Origin was provided.
51 yield Query(self.url("foo/"), headers={"Origin": "http://foo.example.com"})
52
53 # 2. No Access-Control-Allow-Origin because the provided Origin does not match.
54 yield Query(self.url("foo/"), headers={"Origin": "http://wrong.example.com"})
55
56 # 3. No Access-Control-Allow-Origin because no Origin was provided.
57 yield Query(self.url("bar/"))
58
59 # 4. Access-Control-Allow-Origin because a matching Origin was provided.
60 yield Query(self.url("bar/"), headers={"Origin": "http://bar.example.com"})
61
62 # 5. No Access-Control-Allow-Origin because no Origin was provided.
63 yield Query(self.url("bar/"), headers={"Origin": "http://wrong.example.com"})
64
65 def check(self):
66 assert self.results[0].backend
67 assert self.results[0].backend.name == self.target.path.k8s
68 assert "Access-Control-Allow-Origin" not in self.results[0].headers
69
70 assert self.results[1].backend
71 assert self.results[1].backend.name == self.target.path.k8s
72 assert self.results[1].headers["Access-Control-Allow-Origin"] == ["http://foo.example.com"]
73
74 assert self.results[2].backend
75 assert self.results[2].backend.name == self.target.path.k8s
76 assert "Access-Control-Allow-Origin" not in self.results[2].headers
77
78 assert self.results[3].backend
79 assert self.results[3].backend.name == self.target.path.k8s
80 assert "Access-Control-Allow-Origin" not in self.results[3].headers
81
82 assert self.results[4].backend
83 assert self.results[4].backend.name == self.target.path.k8s
84 assert self.results[4].headers["Access-Control-Allow-Origin"] == ["http://bar.example.com"]
85
86 assert self.results[5].backend
87 assert self.results[5].backend.name == self.target.path.k8s
88 assert "Access-Control-Allow-Origin" not in self.results[5].headers
View as plain text