From 2814a3841159c1c6313858c3800594357974fc82 Mon Sep 17 00:00:00 2001 From: Connor van Spronssen Date: Sun, 26 Jan 2025 12:12:59 +0100 Subject: [PATCH] test: Add additional tests to the DashboardEntriesTree function --- cmd/server/routes/dashboard-entries-tree.go | 1 + .../routes/dashboard-entries-tree_test.go | 158 +++++++++++++++++- 2 files changed, 158 insertions(+), 1 deletion(-) diff --git a/cmd/server/routes/dashboard-entries-tree.go b/cmd/server/routes/dashboard-entries-tree.go index 35a54bf..08ff66d 100644 --- a/cmd/server/routes/dashboard-entries-tree.go +++ b/cmd/server/routes/dashboard-entries-tree.go @@ -122,6 +122,7 @@ func getPublicKey() (string, error) { err = json.Unmarshal(respBody, &data) if err != nil { + fmt.Println("TEST") return "", err } diff --git a/cmd/server/routes/dashboard-entries-tree_test.go b/cmd/server/routes/dashboard-entries-tree_test.go index e2bbb6d..57eb8ad 100644 --- a/cmd/server/routes/dashboard-entries-tree_test.go +++ b/cmd/server/routes/dashboard-entries-tree_test.go @@ -4,6 +4,7 @@ import ( "bytes" "crypto/rsa" "errors" + "fmt" "io" "net/http" "net/http/httptest" @@ -24,6 +25,16 @@ func (m *MockClient) Do(req *http.Request) (*http.Response, error) { return m.DoFunc(req) } +type BrokenReader struct{} + +func (br *BrokenReader) Read(p []byte) (n int, err error) { + return 0, fmt.Errorf("failed reading") +} + +func (br *BrokenReader) Close() error { + return fmt.Errorf("failed closing") +} + var mockClient = &MockClient{ DoFunc: func(req *http.Request) (*http.Response, error) { if strings.Contains(req.URL.String(), "https://") { @@ -35,6 +46,33 @@ var mockClient = &MockClient{ }, nil } + if strings.Contains(req.URL.String(), "nil-body") { + reader := BrokenReader{} + + return &http.Response{ + StatusCode: http.StatusOK, + Body: &reader, + }, nil + } + + if strings.Contains(req.URL.String(), "json-err") { + return &http.Response{ + StatusCode: http.StatusOK, + Body: io.NopCloser(bytes.NewBufferString( + `{`, + )), + }, nil + } + + if strings.Contains(req.URL.String(), "json-empty") { + return &http.Response{ + StatusCode: http.StatusOK, + Body: io.NopCloser(bytes.NewBufferString( + `{}`, + )), + }, nil + } + return nil, errors.New("invalid URL") }, } @@ -70,7 +108,15 @@ func TestDashboardEntriesTreeSuccess(t *testing.T) { rr, cleanup := setupDashboardEntriesTreeTest() defer cleanup() - req, err := http.NewRequest("GET", "/?app-token=test-token", nil) + jwtParse = func(tokenString string, keyFunc jwt.Keyfunc, options ...jwt.ParserOption) (*jwt.Token, error) { + key := &jwt.Token{Valid: true} + _, err := keyFunc(key) + assert.NoError(t, err) + + return key, nil + } + + req, err := http.NewRequest("GET", "/?app-token=some.test.token", nil) assert.NoError(t, err) DashboardEntriesTree(rr, req) @@ -78,6 +124,43 @@ func TestDashboardEntriesTreeSuccess(t *testing.T) { assert.NotEmpty(t, rr.Body.String()) } +func TestDashboardEntriesTreeErrParsePublicKeyFromPem(t *testing.T) { + rr, cleanup := setupDashboardEntriesTreeTest() + defer cleanup() + + jwtParse = func(tokenString string, keyFunc jwt.Keyfunc, options ...jwt.ParserOption) (*jwt.Token, error) { + _, err := keyFunc(nil) + assert.EqualError(t, err, "cannot parse token") + + return nil, errors.New("") + } + + jwtParseRSAPublicKeyFromPEM = func(key []byte) (*rsa.PublicKey, error) { + return nil, errors.New("cannot parse token") + } + + req, err := http.NewRequest("GET", "/?app-token=test-token", nil) + assert.NoError(t, err) + + DashboardEntriesTree(rr, req) + assert.Equal(t, http.StatusForbidden, rr.Code) +} + +func TestDashboardEntriesTreeErrInvalidPayload(t *testing.T) { + rr, cleanup := setupDashboardEntriesTreeTest() + defer cleanup() + + jwtParse = func(tokenString string, keyFunc jwt.Keyfunc, options ...jwt.ParserOption) (*jwt.Token, error) { + return &jwt.Token{Valid: false}, nil + } + + req, err := http.NewRequest("GET", "/?app-token=test-token", nil) + assert.NoError(t, err) + + DashboardEntriesTree(rr, req) + assert.Equal(t, http.StatusForbidden, rr.Code) +} + func TestDashboardEntriesTreeErrNoToken(t *testing.T) { rr, cleanup := setupDashboardEntriesTreeTest() defer cleanup() @@ -137,3 +220,76 @@ func TestDashboardEntriesTreeErrGetPublicKey(t *testing.T) { DashboardEntriesTree(rr, req) assert.Equal(t, http.StatusForbidden, rr.Code) } + +func TestDashboardEntriesTreeErrJwtParseErr(t *testing.T) { + rr, cleanup := setupDashboardEntriesTreeTest() + defer cleanup() + + jwtParse = jwt.Parse + + req, err := http.NewRequest("GET", "/?app-token=bogus-token", nil) + assert.NoError(t, err) + + DashboardEntriesTree(rr, req) + assert.Equal(t, http.StatusForbidden, rr.Code) +} + +func TestDashboardEntriesTreeErrJwtParse(t *testing.T) { + rr, cleanup := setupDashboardEntriesTreeTest() + defer cleanup() + + csSdkGetUrl = func(useManagementToken bool) string { + return "bogus" + } + + req, err := http.NewRequest("GET", "/?app-token=bogus-token", nil) + assert.NoError(t, err) + + DashboardEntriesTree(rr, req) + assert.Equal(t, http.StatusForbidden, rr.Code) +} + +func TestDashboardEntriesTreeErrBody(t *testing.T) { + rr, cleanup := setupDashboardEntriesTreeTest() + defer cleanup() + + csSdkGetUrl = func(useManagementToken bool) string { + return "nil-body" + } + + req, err := http.NewRequest("GET", "/?app-token=bogus-token", nil) + assert.NoError(t, err) + + DashboardEntriesTree(rr, req) + assert.Equal(t, http.StatusForbidden, rr.Code) +} + +func TestDashboardEntriesTreeErrJsonUnmarshal(t *testing.T) { + rr, cleanup := setupDashboardEntriesTreeTest() + defer cleanup() + + csSdkGetUrl = func(useManagementToken bool) string { + return "json-err" + } + + req, err := http.NewRequest("GET", "/?app-token=bogus-token", nil) + assert.NoError(t, err) + + DashboardEntriesTree(rr, req) + assert.Equal(t, http.StatusForbidden, rr.Code) +} + +func TestDashboardEntriesTreeErrNoSigningKey(t *testing.T) { + rr, cleanup := setupDashboardEntriesTreeTest() + defer cleanup() + + csSdkGetUrl = func(useManagementToken bool) string { + return "json-empty" + } + + req, err := http.NewRequest("GET", "/?app-token=bogus-token", nil) + assert.NoError(t, err) + + DashboardEntriesTree(rr, req) + assert.Equal(t, http.StatusForbidden, rr.Code) +}