func TestRemoveTrailingSlash(t *testing.T) { e := vodka.New() req := test.NewRequest(vodka.GET, "/remove-slash/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) h := RemoveTrailingSlash()(func(c vodka.Context) error { return nil }) h(c) assert.Equal(t, "/remove-slash", req.URL().Path()) assert.Equal(t, "/remove-slash", req.URI()) // With config req = test.NewRequest(vodka.GET, "/remove-slash/?key=value", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) h = RemoveTrailingSlashWithConfig(TrailingSlashConfig{ RedirectCode: http.StatusMovedPermanently, })(func(c vodka.Context) error { return nil }) h(c) assert.Equal(t, http.StatusMovedPermanently, rec.Status()) assert.Equal(t, "/remove-slash?key=value", rec.Header().Get(vodka.HeaderLocation)) // With bare URL req = test.NewRequest(vodka.GET, "http://localhost", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) h = RemoveTrailingSlash()(func(c vodka.Context) error { return nil }) h(c) assert.Equal(t, "", req.URL().Path()) }
func TestGzip(t *testing.T) { e := vodka.New() req := test.NewRequest(vodka.GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) // Skip if no Accept-Encoding header h := Gzip()(func(c vodka.Context) error { c.Response().Write([]byte("test")) // For Content-Type sniffing return nil }) h(c) assert.Equal(t, "test", rec.Body.String()) req = test.NewRequest(vodka.GET, "/", nil) req.Header().Set(vodka.HeaderAcceptEncoding, "gzip") rec = test.NewResponseRecorder() c = e.NewContext(req, rec) // Gzip h(c) assert.Equal(t, "gzip", rec.Header().Get(vodka.HeaderContentEncoding)) assert.Contains(t, rec.Header().Get(vodka.HeaderContentType), vodka.MIMETextPlain) r, err := gzip.NewReader(rec.Body) defer r.Close() if assert.NoError(t, err) { buf := new(bytes.Buffer) buf.ReadFrom(r) assert.Equal(t, "test", buf.String()) } }
func TestCORS(t *testing.T) { e := vodka.New() req := test.NewRequest(vodka.GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) cors := CORSWithConfig(CORSConfig{ AllowCredentials: true, }) h := cors(func(c vodka.Context) error { return c.String(http.StatusOK, "test") }) // No origin header h(c) assert.Equal(t, "", rec.Header().Get(vodka.HeaderAccessControlAllowOrigin)) // Empty origin header req = test.NewRequest(vodka.GET, "/", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) req.Header().Set(vodka.HeaderOrigin, "") h(c) assert.Equal(t, "*", rec.Header().Get(vodka.HeaderAccessControlAllowOrigin)) // Wildcard origin req = test.NewRequest(vodka.GET, "/", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) req.Header().Set(vodka.HeaderOrigin, "localhost") h(c) assert.Equal(t, "*", rec.Header().Get(vodka.HeaderAccessControlAllowOrigin)) // Simple request req = test.NewRequest(vodka.GET, "/", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) req.Header().Set(vodka.HeaderOrigin, "localhost") cors = CORSWithConfig(CORSConfig{ AllowOrigins: []string{"localhost"}, AllowCredentials: true, MaxAge: 3600, }) h = cors(func(c vodka.Context) error { return c.String(http.StatusOK, "test") }) h(c) assert.Equal(t, "localhost", rec.Header().Get(vodka.HeaderAccessControlAllowOrigin)) // Preflight request req = test.NewRequest(vodka.OPTIONS, "/", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) req.Header().Set(vodka.HeaderOrigin, "localhost") req.Header().Set(vodka.HeaderContentType, vodka.MIMEApplicationJSON) h(c) assert.Equal(t, "localhost", rec.Header().Get(vodka.HeaderAccessControlAllowOrigin)) assert.NotEmpty(t, rec.Header().Get(vodka.HeaderAccessControlAllowMethods)) assert.Equal(t, "true", rec.Header().Get(vodka.HeaderAccessControlAllowCredentials)) assert.Equal(t, "3600", rec.Header().Get(vodka.HeaderAccessControlMaxAge)) }
func TestStatic(t *testing.T) { e := vodka.New() req := test.NewRequest(vodka.GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) h := Static("../_fixture")(func(c vodka.Context) error { return vodka.ErrNotFound }) // Directory if assert.NoError(t, h(c)) { assert.Contains(t, rec.Body.String(), "Vodka") } // HTML5 mode req = test.NewRequest(vodka.GET, "/client", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) static := StaticWithConfig(StaticConfig{ Root: "../_fixture", HTML5: true, }) h = static(func(c vodka.Context) error { return vodka.ErrNotFound }) if assert.NoError(t, h(c)) { assert.Equal(t, http.StatusOK, rec.Status()) } // Browse req = test.NewRequest(vodka.GET, "/", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) static = StaticWithConfig(StaticConfig{ Root: "../_fixture/images", Browse: true, }) h = static(func(c vodka.Context) error { return vodka.ErrNotFound }) if assert.NoError(t, h(c)) { assert.Contains(t, rec.Body.String(), "walle") } // Not found req = test.NewRequest(vodka.GET, "/not-found", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) static = StaticWithConfig(StaticConfig{ Root: "../_fixture/images", }) h = static(func(c vodka.Context) error { return vodka.ErrNotFound }) assert.Error(t, h(c)) }
func TestLoggerIPAddress(t *testing.T) { e := vodka.New() req := test.NewRequest(vodka.GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) buf := new(bytes.Buffer) e.Logger().SetOutput(buf) ip := "127.0.0.1" h := Logger()(func(c vodka.Context) error { return c.String(http.StatusOK, "test") }) // With X-Real-IP req.Header().Add(vodka.HeaderXRealIP, ip) h(c) assert.Contains(t, ip, buf.String()) // With X-Forwarded-For buf.Reset() req.Header().Del(vodka.HeaderXRealIP) req.Header().Add(vodka.HeaderXForwardedFor, ip) h(c) assert.Contains(t, ip, buf.String()) buf.Reset() h(c) assert.Contains(t, ip, buf.String()) }
func TestVodkaNotFound(t *testing.T) { e := New() req := test.NewRequest(GET, "/files", nil) rec := test.NewResponseRecorder() e.ServeHTTP(req, rec) assert.Equal(t, http.StatusNotFound, rec.Status()) }
func TestSecure(t *testing.T) { e := vodka.New() req := test.NewRequest(vodka.GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) h := func(c vodka.Context) error { return c.String(http.StatusOK, "test") } // Default Secure()(h)(c) assert.Equal(t, "1; mode=block", rec.Header().Get(vodka.HeaderXXSSProtection)) assert.Equal(t, "nosniff", rec.Header().Get(vodka.HeaderXContentTypeOptions)) assert.Equal(t, "SAMEORIGIN", rec.Header().Get(vodka.HeaderXFrameOptions)) assert.Equal(t, "", rec.Header().Get(vodka.HeaderStrictTransportSecurity)) assert.Equal(t, "", rec.Header().Get(vodka.HeaderContentSecurityPolicy)) // Custom req.Header().Set(vodka.HeaderXForwardedProto, "https") rec = test.NewResponseRecorder() c = e.NewContext(req, rec) SecureWithConfig(SecureConfig{ XSSProtection: "", ContentTypeNosniff: "", XFrameOptions: "", HSTSMaxAge: 3600, ContentSecurityPolicy: "default-src 'self'", })(h)(c) assert.Equal(t, "", rec.Header().Get(vodka.HeaderXXSSProtection)) assert.Equal(t, "", rec.Header().Get(vodka.HeaderXContentTypeOptions)) assert.Equal(t, "", rec.Header().Get(vodka.HeaderXFrameOptions)) assert.Equal(t, "max-age=3600; includeSubdomains", rec.Header().Get(vodka.HeaderStrictTransportSecurity)) assert.Equal(t, "default-src 'self'", rec.Header().Get(vodka.HeaderContentSecurityPolicy)) }
func TestContextServeContent(t *testing.T) { e := New() req := test.NewRequest(GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) fs := http.Dir("_fixture/images") f, err := fs.Open("walle.png") if assert.NoError(t, err) { fi, err := f.Stat() if assert.NoError(t, err) { // Not cached if assert.NoError(t, c.ServeContent(f, fi.Name(), fi.ModTime())) { assert.Equal(t, http.StatusOK, rec.Status()) } // Cached rec = test.NewResponseRecorder() c = e.NewContext(req, rec) req.Header().Set(HeaderIfModifiedSince, fi.ModTime().UTC().Format(http.TimeFormat)) if assert.NoError(t, c.ServeContent(f, fi.Name(), fi.ModTime())) { assert.Equal(t, http.StatusNotModified, rec.Status()) } } } }
func TestVodkaMethodNotAllowed(t *testing.T) { e := New() e.GET("/", func(c Context) error { return c.String(http.StatusOK, "Vodka!") }) req := test.NewRequest(POST, "/", nil) rec := test.NewResponseRecorder() e.ServeHTTP(req, rec) assert.Equal(t, http.StatusMethodNotAllowed, rec.Status()) }
func TestContextRedirect(t *testing.T) { e := New() req := test.NewRequest(GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) assert.Equal(t, nil, c.Redirect(http.StatusMovedPermanently, "http://insionng.github.io/vodka")) assert.Equal(t, http.StatusMovedPermanently, rec.Status()) assert.Equal(t, "http://insionng.github.io/vodka", rec.Header().Get(HeaderLocation)) assert.Error(t, c.Redirect(310, "http://insionng.github.io/vodka")) }
func TestBinderQueryParams(t *testing.T) { e := New() req := test.NewRequest(GET, "/?id=1&name=Jon Snow", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) u := new(user) err := c.Bind(u) if assert.NoError(t, err) { assert.Equal(t, 1, u.ID) assert.Equal(t, "Jon Snow", u.Name) } }
func TestBinderForm(t *testing.T) { testBinderOkay(t, strings.NewReader(userForm), MIMEApplicationForm) testBinderError(t, nil, MIMEApplicationForm) e := New() req := test.NewRequest(POST, "/", strings.NewReader(userForm)) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) req.Header().Set(HeaderContentType, MIMEApplicationForm) var obj = make([]struct{ Field string }, 0) err := c.Bind(&obj) assert.Error(t, err) }
func TestGzipErrorReturned(t *testing.T) { e := vodka.New() e.Use(Gzip()) e.GET("/", func(c vodka.Context) error { return vodka.NewHTTPError(http.StatusInternalServerError, "error") }) req := test.NewRequest(vodka.GET, "/", nil) rec := test.NewResponseRecorder() e.ServeHTTP(req, rec) assert.Empty(t, rec.Header().Get(vodka.HeaderContentEncoding)) assert.Equal(t, "error", rec.Body.String()) }
func TestNonWWWRedirect(t *testing.T) { e := vodka.New() next := func(c vodka.Context) (err error) { return c.NoContent(http.StatusOK) } req := test.NewRequest(vodka.GET, "http://www.insionng.com", nil) res := test.NewResponseRecorder() c := e.NewContext(req, res) NonWWWRedirect()(next)(c) assert.Equal(t, http.StatusMovedPermanently, res.Status()) assert.Equal(t, "http://insionng.com", res.Header().Get(vodka.HeaderLocation)) }
func TestBodyLimit(t *testing.T) { e := vodka.New() hw := []byte("Hello, World!") req := test.NewRequest(vodka.POST, "/", bytes.NewReader(hw)) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) h := func(c vodka.Context) error { body, err := ioutil.ReadAll(c.Request().Body()) if err != nil { return err } return c.String(http.StatusOK, string(body)) } // Based on content length (within limit) if assert.NoError(t, BodyLimit("2M")(h)(c)) { assert.Equal(t, http.StatusOK, rec.Status()) assert.Equal(t, hw, rec.Body.Bytes()) } // Based on content read (overlimit) he := BodyLimit("2B")(h)(c).(*vodka.HTTPError) assert.Equal(t, http.StatusRequestEntityTooLarge, he.Code) // Based on content read (within limit) req = test.NewRequest(vodka.POST, "/", bytes.NewReader(hw)) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) if assert.NoError(t, BodyLimit("2M")(h)(c)) { assert.Equal(t, http.StatusOK, rec.Status()) assert.Equal(t, "Hello, World!", rec.Body.String()) } // Based on content read (overlimit) req = test.NewRequest(vodka.POST, "/", bytes.NewReader(hw)) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) he = BodyLimit("2B")(h)(c).(*vodka.HTTPError) assert.Equal(t, http.StatusRequestEntityTooLarge, he.Code) }
func testBinderOkay(t *testing.T, r io.Reader, ctype string) { e := New() req := test.NewRequest(POST, "/", r) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) req.Header().Set(HeaderContentType, ctype) u := new(user) err := c.Bind(u) if assert.NoError(t, err) { assert.Equal(t, 1, u.ID) assert.Equal(t, "Jon Snow", u.Name) } }
func TestLogger(t *testing.T) { // Note: Just for the test coverage, not a real test. e := vodka.New() req := test.NewRequest(vodka.GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) h := Logger()(func(c vodka.Context) error { return c.String(http.StatusOK, "test") }) // Status 2xx h(c) // Status 3xx rec = test.NewResponseRecorder() c = e.NewContext(req, rec) h = Logger()(func(c vodka.Context) error { return c.String(http.StatusTemporaryRedirect, "test") }) h(c) // Status 4xx rec = test.NewResponseRecorder() c = e.NewContext(req, rec) h = Logger()(func(c vodka.Context) error { return c.String(http.StatusNotFound, "test") }) h(c) // Status 5xx with empty path req = test.NewRequest(vodka.GET, "", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) h = Logger()(func(c vodka.Context) error { return errors.New("error") }) h(c) }
func TestCSRFTokenFromForm(t *testing.T) { f := make(url.Values) f.Set("csrf", "token") e := vodka.New() req := test.NewRequest(vodka.POST, "/", strings.NewReader(f.Encode())) req.Header().Add(vodka.HeaderContentType, vodka.MIMEApplicationForm) c := e.NewContext(req, nil) token, err := csrfTokenFromForm("csrf")(c) if assert.NoError(t, err) { assert.Equal(t, "token", token) } token, err = csrfTokenFromForm("invalid")(c) assert.Error(t, err) }
func TestGzipNoContent(t *testing.T) { e := vodka.New() req := test.NewRequest(vodka.GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) h := Gzip()(func(c vodka.Context) error { return c.NoContent(http.StatusOK) }) if assert.NoError(t, h(c)) { assert.Empty(t, rec.Header().Get(vodka.HeaderContentEncoding)) assert.Empty(t, rec.Header().Get(vodka.HeaderContentType)) assert.Equal(t, 0, len(rec.Body.Bytes())) } }
func TestRecover(t *testing.T) { e := vodka.New() buf := new(bytes.Buffer) e.SetLogOutput(buf) req := test.NewRequest(vodka.GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) h := Recover()(vodka.HandlerFunc(func(c vodka.Context) error { panic("test") })) h(c) assert.Equal(t, http.StatusInternalServerError, rec.Status()) assert.Contains(t, buf.String(), "PANIC RECOVER") }
func TestCSRF(t *testing.T) { e := vodka.New() req := test.NewRequest(vodka.GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) csrf := CSRFWithConfig(CSRFConfig{ TokenLength: 16, }) h := csrf(func(c vodka.Context) error { return c.String(http.StatusOK, "test") }) // Generate CSRF token h(c) assert.Contains(t, rec.Header().Get(vodka.HeaderSetCookie), "_csrf") // Without CSRF cookie req = test.NewRequest(vodka.POST, "/", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) assert.Error(t, h(c)) // Empty/invalid CSRF token req = test.NewRequest(vodka.POST, "/", nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) req.Header().Set(vodka.HeaderXCSRFToken, "") assert.Error(t, h(c)) // Valid CSRF token token := random.String(16) req.Header().Set(vodka.HeaderCookie, "_csrf="+token) req.Header().Set(vodka.HeaderXCSRFToken, token) if assert.NoError(t, h(c)) { assert.Equal(t, http.StatusOK, rec.Status()) } }
func TestMethodOverride(t *testing.T) { e := vodka.New() m := MethodOverride() h := func(c vodka.Context) error { return c.String(http.StatusOK, "test") } // Override with http header req := test.NewRequest(vodka.POST, "/", nil) rec := test.NewResponseRecorder() req.Header().Set(vodka.HeaderXHTTPMethodOverride, vodka.DELETE) c := e.NewContext(req, rec) m(h)(c) assert.Equal(t, vodka.DELETE, req.Method()) // Override with form parameter m = MethodOverrideWithConfig(MethodOverrideConfig{Getter: MethodFromForm("_method")}) req = test.NewRequest(vodka.POST, "/", bytes.NewReader([]byte("_method="+vodka.DELETE))) rec = test.NewResponseRecorder() req.Header().Set(vodka.HeaderContentType, vodka.MIMEApplicationForm) c = e.NewContext(req, rec) m(h)(c) assert.Equal(t, vodka.DELETE, req.Method()) // Override with query paramter m = MethodOverrideWithConfig(MethodOverrideConfig{Getter: MethodFromQuery("_method")}) req = test.NewRequest(vodka.POST, "/?_method="+vodka.DELETE, nil) rec = test.NewResponseRecorder() c = e.NewContext(req, rec) m(h)(c) assert.Equal(t, vodka.DELETE, req.Method()) // Ignore `GET` req = test.NewRequest(vodka.GET, "/", nil) req.Header().Set(vodka.HeaderXHTTPMethodOverride, vodka.DELETE) assert.Equal(t, vodka.GET, req.Method()) }
func TestContextMultipartForm(t *testing.T) { e := New() buf := new(bytes.Buffer) mw := multipart.NewWriter(buf) mw.WriteField("name", "Jon Snow") mw.Close() req := test.NewRequest(POST, "/", buf) req.Header().Set(HeaderContentType, mw.FormDataContentType()) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) f, err := c.MultipartForm() if assert.NoError(t, err) { assert.NotNil(t, f) } }
func TestCSRFTokenFromQuery(t *testing.T) { q := make(url.Values) q.Set("csrf", "token") e := vodka.New() req := test.NewRequest(vodka.GET, "/?"+q.Encode(), nil) req.Header().Add(vodka.HeaderContentType, vodka.MIMEApplicationForm) c := e.NewContext(req, nil) token, err := csrfTokenFromQuery("csrf")(c) if assert.NoError(t, err) { assert.Equal(t, "token", token) } token, err = csrfTokenFromQuery("invalid")(c) assert.Error(t, err) csrfTokenFromQuery("csrf") }
func TestVodka(t *testing.T) { e := New() req := test.NewRequest(GET, "/", nil) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) // Router assert.NotNil(t, e.Router()) // Debug e.SetDebug(true) assert.True(t, e.debug) // DefaultHTTPErrorHandler e.DefaultHTTPErrorHandler(errors.New("error"), c) assert.Equal(t, http.StatusInternalServerError, rec.Status()) }
func TestContextFormFile(t *testing.T) { e := New() buf := new(bytes.Buffer) mr := multipart.NewWriter(buf) w, err := mr.CreateFormFile("file", "test") if assert.NoError(t, err) { w.Write([]byte("test")) } mr.Close() req := test.NewRequest(POST, "/", buf) req.Header().Set(HeaderContentType, mr.FormDataContentType()) rec := test.NewResponseRecorder() c := e.NewContext(req, rec) f, err := c.FormFile("file") if assert.NoError(t, err) { assert.Equal(t, "test", f.Filename) } }
func TestContextQueryParam(t *testing.T) { q := make(url.Values) q.Set("name", "Jon Snow") q.Set("email", "*****@*****.**") req := test.NewRequest(GET, "/?"+q.Encode(), nil) e := New() c := e.NewContext(req, nil) // QueryParam assert.Equal(t, "Jon Snow", c.QueryParam("name")) assert.Equal(t, "*****@*****.**", c.QueryParam("email")) // QueryParams assert.Equal(t, map[string][]string{ "name": []string{"Jon Snow"}, "email": []string{"*****@*****.**"}, }, c.QueryParams()) }
func TestContextCookie(t *testing.T) { e := New() req := test.NewRequest(GET, "/", nil) theme := "theme=light" user := "******" req.Header().Add(HeaderCookie, theme) req.Header().Add(HeaderCookie, user) rec := test.NewResponseRecorder() c := e.NewContext(req, rec).(*context) // Read single cookie, err := c.Cookie("theme") if assert.NoError(t, err) { assert.Equal(t, "theme", cookie.Name()) assert.Equal(t, "light", cookie.Value()) } // Read multiple for _, cookie := range c.Cookies() { switch cookie.Name() { case "theme": assert.Equal(t, "light", cookie.Value()) case "user": assert.Equal(t, "Jon Snow", cookie.Value()) } } // Write cookie = &test.Cookie{Cookie: &http.Cookie{ Name: "SSID", Value: "Ap4PGTEq", Domain: "insionng.com", Path: "/", Expires: time.Now(), Secure: true, HttpOnly: true, }} c.SetCookie(cookie) assert.Contains(t, rec.Header().Get(HeaderSetCookie), "SSID") assert.Contains(t, rec.Header().Get(HeaderSetCookie), "Ap4PGTEq") assert.Contains(t, rec.Header().Get(HeaderSetCookie), "insionng.com") assert.Contains(t, rec.Header().Get(HeaderSetCookie), "Secure") assert.Contains(t, rec.Header().Get(HeaderSetCookie), "HttpOnly") }
func TestContextPathParam(t *testing.T) { e := New() req := test.NewRequest(GET, "/", nil) c := e.NewContext(req, nil) // ParamNames c.SetParamNames("uid", "fid") assert.EqualValues(t, []string{"uid", "fid"}, c.ParamNames()) // ParamValues c.SetParamValues("101", "501") assert.EqualValues(t, []string{"101", "501"}, c.ParamValues()) // P assert.Equal(t, "101", c.P(0)) // Param assert.Equal(t, "501", c.Param("fid")) }
func TestContextFormValue(t *testing.T) { f := make(url.Values) f.Set("name", "Jon Snow") f.Set("email", "*****@*****.**") e := New() req := test.NewRequest(POST, "/", strings.NewReader(f.Encode())) req.Header().Add(HeaderContentType, MIMEApplicationForm) c := e.NewContext(req, nil) // FormValue assert.Equal(t, "Jon Snow", c.FormValue("name")) assert.Equal(t, "*****@*****.**", c.FormValue("email")) // FormParams assert.Equal(t, map[string][]string{ "name": []string{"Jon Snow"}, "email": []string{"*****@*****.**"}, }, c.FormParams()) }