//LogRequestFromValidationResult unmarshalls the ValidationResult and logs to keen.io
//
//http://api.keen.io/3.0/projects/<project_id>/events/<event_collection>
func (keen *KeenMetrics) LogRequestFromValidationResult(collectionName string, validationResult string) {
var url = keen.getEndpoint() + collectionName
var result goiban.ValidationResult
json.Unmarshal([]byte(validationResult), &result)
req := goreq.Request{
Method: "POST",
Uri: url,
ContentType: "application/json",
Body: ValidationResultToEvent(&result),
}
req.AddHeader("Authorization", keen.WriteAPIKey)
res, err := req.Do()
if err != nil {
log.Printf("Error while posting stats: %v", err)
return
}
// Close the response body
if res.Body != nil {
defer res.Body.Close()
}
if collectionName == "Test" {
log.Printf(url)
text, _ := res.Body.ToString()
log.Printf("Response (%v): %v", res.StatusCode, text)
}
}
func (m webhooksAlerter) Worker(q chan webhook) {
for {
select {
case webhook := <-q:
log.Info("Sending webhook alert to %s", webhook.Url)
req := goreq.Request{
Uri: webhook.Url,
Accept: "application/json",
ContentType: "application/json",
UserAgent: "Lovebeat",
Timeout: 10 * time.Second,
Body: webhook.Data,
}
req.AddHeader("X-Lovebeat", "1")
_, err := req.Do()
if err != nil {
log.Error("Failed to post webhook: %s", err)
}
}
}
}
//WriteLogRequest logs to keen.io
//
// http://api.keen.io/3.0/projects/<project_id>/events/<event_collection>
func (keen *KeenMetrics) WriteLogRequest(collectionName string, iban *goiban.Iban) {
var url = keen.getEndpoint() + collectionName
req := goreq.Request{
Method: "POST",
Uri: url,
ContentType: "application/json",
Body: IbanToEvent(iban),
}
req.AddHeader("Authorization", keen.WriteAPIKey)
res, err := req.Do()
if err != nil {
log.Printf("Error while posting stats: %v", err)
return
}
// Close the response body
if res.Body != nil {
defer res.Body.Close()
}
if collectionName == "Test" {
log.Printf(url)
text, _ := res.Body.ToString()
log.Printf("Response (%v): %v", res.StatusCode, text)
}
}
func (c Client) post(url string, requestData interface{}) []error {
var errs []error
req := goreq.Request{
Method: "POST",
Body: requestData,
Uri: url,
ContentType: "application/x-www-form-urlencoded; charset=UTF-8",
CookieJar: c.cookie,
}
req.AddHeader("X-Requested-With", "XMLHttpRequest")
resp, err := req.Do()
if err != nil {
errs = append(errs, errors.New(err.Error()))
log.Fatalln(err.Error())
}
defer func() {
err := resp.Body.Close()
if err != nil {
log.Fatal(err)
}
}()
if resp.StatusCode != http.StatusOK {
errs = append(errs, errors.New("Failed login: status code is "+resp.Status))
}
return errs
}
func (m slackhookAlerter) Worker(q chan slackhook, cfg *config.ConfigSlackhook) {
for {
select {
case slackhook := <-q:
var err error
var context = make(map[string]interface{})
context["View"] = slackhook.Data.View
context["Previous"] = slackhook.Data.Previous
context["Current"] = slackhook.Data.Current
var doc bytes.Buffer
err = m.template.Execute(&doc, context)
if err != nil {
log.Error("Failed to render template", err)
return
}
req := goreq.Request{
Method: "POST",
Uri: cfg.Uri,
Accept: "*/*",
ContentType: "application/x-www-form-urlencoded",
UserAgent: "Lovebeat",
Timeout: 10 * time.Second,
Body: "payload=" + url.QueryEscape(doc.String()),
}
req.AddHeader("X-Lovebeat", "1")
res, err := req.Do()
if err != nil {
log.Error("Failed to post slackhook:%v:", err)
}
robots, err := ioutil.ReadAll(res.Body)
res.Body.Close()
//it returned a 200 so ignore any error here
if err != nil {
log.Error("OK:unreadable response:%v:", err)
} else if res.StatusCode != http.StatusOK {
log.Error("NOK:non-200:%d:", res.StatusCode)
} else {
log.Info("OK:response:%s:", string(robots))
}
}
}
}
func apiRequestBase(authToken string) *goreq.Request {
req := goreq.Request{
Uri: apiURL(),
ShowDebug: debugging,
Insecure: !shouldVerifyHost(apiURL()),
}
if authToken != "" {
req.AddHeader("Authorization", "Bearer "+authToken)
}
if os.Getenv("HEROKU_HEADERS") != "" {
var h map[string]string
json.Unmarshal([]byte(os.Getenv("HEROKU_HEADERS")), &h)
for k, v := range h {
req.AddHeader(k, v)
}
}
return &req
}
func apiRequest(authToken string) *goreq.Request {
req := goreq.Request{
Uri: "https://" + apiHost(),
Accept: "application/vnd.heroku+json; version=3",
ShowDebug: debugging,
Insecure: !shouldVerifyHost(apiHost()),
}
if authToken != "" {
req.AddHeader("Authorization", "Bearer "+authToken)
}
if os.Getenv("HEROKU_HEADERS") != "" {
var h map[string]string
json.Unmarshal([]byte(os.Getenv("HEROKU_HEADERS")), &h)
for k, v := range h {
req.AddHeader(k, v)
}
}
return &req
}
func (c *HTTPClient) MakeRequest(args Args) (http.Header, int, []byte, error) {
header := make(map[string][]string)
url, err := url.Parse(c.Host)
if err != nil {
return header, 0, []byte{}, errors.NewInvalidHostError(err)
}
url.Path = args.Path
req := goreq.Request{
Uri: url.String(),
Method: args.Method,
Body: args.Body,
Timeout: args.Timeout,
ShowDebug: args.ShowDebug,
}
for name, value := range args.Headers {
for _, v := range value {
req.AddHeader(name, v)
}
}
resp, err := req.Do()
if err != nil {
return header, 0, []byte{}, errors.NewRequestError(err)
}
respBody, err := ioutil.ReadAll(resp.Body)
if err != nil {
return resp.Header, resp.StatusCode, []byte{}, errors.NewResponseError(err)
}
if resp.StatusCode == args.AcceptableCode {
return resp.Header, resp.StatusCode, respBody, nil
}
return resp.Header, resp.StatusCode, respBody, errors.NewResponseError(errors.ErrBadResponse)
}
// SendRequest sends the requested package (as a POST) to the defined
func (n NotificationsManager) SendRequest(wait bool, count int, notification interface{}) {
if wait {
if count < 3 {
time.Sleep(10 * time.Second)
} else {
log.Error("Too many notification attempts, aborting.")
return
}
}
req := goreq.Request{
Method: "POST",
Uri: n.OAuthKeyChangeURL,
UserAgent: "Tyk-Gatewy-Notifications",
ContentType: "application/json",
Body: notification,
}
req.AddHeader("X-Tyk-Shared-Secret", n.SharedSecret)
resp, reqErr := req.Do()
if reqErr != nil {
log.Error("Request failed, trying again in 10s. Error was: ", reqErr)
count++
go n.SendRequest(true, count, notification)
return
}
if resp.StatusCode != 200 {
log.Error("Request returned non-200 status, trying again in 10s.")
count++
go n.SendRequest(true, count, notification)
return
}
}
// Spawn sends the actual request.
func (r *Request) Spawn(parent *Response, wg *sync.WaitGroup) {
body := ""
if r.Data != nil {
body = r.Data.Format(parent)
}
greq := goreq.Request{Method: r.Method, Body: body, UserAgent: profile.UserAgent}
// Let's set the headers, if needed.
if r.Headers != nil {
for _, line := range strings.Split(r.Headers.Format(parent), "\n") {
line = strings.TrimSpace(line)
if line == "" {
continue
}
hdr := strings.Split(line, ":")
greq.AddHeader(strings.TrimSpace(hdr[0]), strings.TrimSpace(hdr[1]))
}
}
// Let's also add the cookies.
if r.FwdCookies && parent != nil {
if parent.cookies != nil {
for _, delicacy := range parent.cookies {
greq.AddCookie(delicacy)
}
}
}
// One go routine which pops responses from the channel and moves them to the list.
go func() {
for {
r.doneReqs = append(r.doneReqs, <-r.doneChan)
r.doneWg.Done()
perc := float64(len(r.doneReqs)) / float64(r.Repeat)
notify := false
if perc >= 0.75 && perc-0.75 < 1e-4 {
notify = true
} else if perc >= 0.5 && perc-0.5 < 1e-4 {
notify = true
} else if perc >= 0.25 && perc-0.25 < 1e-4 {
notify = true
} else if len(r.doneReqs)%100 == 0 {
notify = true
}
if notify {
log.Notice("Completed %d requests out of %d to %s.", len(r.doneReqs), r.Repeat, r.URL)
}
}
}()
// Let's spawn all the requests, with their respective concurrency.
wg.Add(r.Repeat)
r.doneWg.Add(r.Repeat)
for rno := 1; rno <= r.Repeat; rno++ {
go func(no int, greq goreq.Request) {
r.ongoingReqs <- struct{}{} // Adding sentinel value to limit concurrency.
greq.Uri = r.URL.Generate()
resp := Response{}
startTime := time.Now()
gresp, err := greq.Do()
resp.FromGoResp(gresp, err, startTime)
if err != nil {
log.Critical("could not send request to #%d %s: %s", no, r.URL, err)
}
<-r.ongoingReqs // We're done, let's make room for the next request.
resp.duration = time.Since(startTime)
// Let's add that request to the list of completed requests.
r.doneChan <- &resp
runtime.Gosched()
}(rno, greq)
}
// Let's now have a go routine which waits for all the requests to complete
// and spawns all the children.
go func() {
r.doneWg.Wait()
if r.Children != nil {
log.Debug("Spawning children for %s.", r.URL)
for _, child := range r.Children {
// Note that we always use the LAST response as the parent response.
child.Spawn(r.doneReqs[0], wg)
}
}
log.Debug("Computing result of %s.", r.URL)
r.ComputeResult(wg)
}()
}
func TestContactsRoute(t *testing.T) {
Convey("Given a working account", t, func() {
account := &models.Account{
Resource: models.MakeResource("", "johnorange2"),
Status: "complete",
AltEmail: "*****@*****.**",
}
err := account.SetPassword("fruityloops")
So(err, ShouldBeNil)
err = env.Accounts.Insert(account)
So(err, ShouldBeNil)
result, err := goreq.Request{
Method: "POST",
Uri: server.URL + "/tokens",
ContentType: "application/json",
Body: `{
"type": "auth",
"username": "******",
"password": "******"
}`,
}.Do()
So(err, ShouldBeNil)
var response routes.TokensCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
authToken := response.Token
Convey("Creating a contact with missing parts should fail", func() {
request := goreq.Request{
Method: "POST",
Uri: server.URL + "/contacts",
ContentType: "application/json",
Body: `{
"data": "` + uniuri.NewLen(64) + `",
"encoding": "json",
"version_major": 1,
"version_minor": 0,
"pgp_fingerprints": ["` + uniuri.New() + `"]
}`,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Invalid request")
So(response.Success, ShouldBeFalse)
})
Convey("Creating a contact with invalid input data should fail", func() {
request := goreq.Request{
Method: "POST",
Uri: server.URL + "/contacts",
ContentType: "application/json",
Body: "!@#!@#!@#",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Invalid input format")
So(response.Success, ShouldBeFalse)
})
Convey("Getting a non-owned contact should fail", func() {
contact := &models.Contact{
Encrypted: models.Encrypted{
Encoding: "json",
Data: uniuri.NewLen(64),
Schema: "contact",
VersionMajor: 1,
VersionMinor: 0,
},
Resource: models.MakeResource("not", uniuri.New()),
}
err := env.Contacts.Insert(contact)
So(err, ShouldBeNil)
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/contacts/" + contact.ID,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsGetResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Contact not found")
Convey("Update of a not-owned contact should fail", func() {
request := goreq.Request{
Method: "PUT",
Uri: server.URL + "/contacts/" + contact.ID,
ContentType: "application/json",
Body: `{
"data": "` + uniuri.NewLen(64) + `",
"name": "` + uniuri.New() + `",
"encoding": "xml",
"version_major": 8,
"version_minor": 3
}`,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsUpdateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Contact not found")
})
Convey("Deleting it should fail", func() {
request := goreq.Request{
Method: "DELETE",
Uri: server.URL + "/contacts/" + contact.ID,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsDeleteResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Contact not found")
})
})
Convey("Getting a non-existing contact should fail", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/contacts/" + uniuri.New(),
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsGetResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Contact not found")
})
Convey("Creating a contact should succeed", func() {
request := goreq.Request{
Method: "POST",
Uri: server.URL + "/contacts",
ContentType: "application/json",
Body: `{
"data": "` + uniuri.NewLen(64) + `",
"name": "` + uniuri.New() + `",
"encoding": "json",
"version_major": 1,
"version_minor": 0,
"pgp_fingerprints": ["` + uniuri.New() + `"]
}`,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "A new contact was successfully created")
So(response.Success, ShouldBeTrue)
So(response.Contact.ID, ShouldNotBeNil)
contact := response.Contact
Convey("The contact should be visible on the list", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/contacts",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsListResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(len(*response.Contacts), ShouldBeGreaterThan, 0)
So(response.Success, ShouldBeTrue)
found := false
for _, c := range *response.Contacts {
if c.ID == contact.ID {
found = true
break
}
}
So(found, ShouldBeTrue)
})
Convey("Getting that contact should succeed", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/contacts/" + contact.ID,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsGetResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
So(response.Contact.Name, ShouldEqual, contact.Name)
})
Convey("Updating that contact should succeed", func() {
newName := uniuri.New()
request := goreq.Request{
Method: "PUT",
Uri: server.URL + "/contacts/" + contact.ID,
ContentType: "application/json",
Body: `{
"data": "` + uniuri.NewLen(64) + `",
"name": "` + newName + `",
"encoding": "xml",
"version_major": 8,
"version_minor": 3
}`,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsUpdateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
So(response.Contact.Name, ShouldEqual, newName)
})
Convey("Deleting that contact should succeed", func() {
request := goreq.Request{
Method: "DELETE",
Uri: server.URL + "/contacts/" + contact.ID,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsDeleteResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
So(response.Message, ShouldEqual, "Contact successfully removed")
})
})
Convey("Update with invalid input should fail", func() {
request := goreq.Request{
Method: "PUT",
Uri: server.URL + "/contacts/" + uniuri.New(),
ContentType: "application/json",
Body: "123123!@#!@#",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsUpdateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Invalid input format")
})
Convey("Update of a non-existing contact should fail", func() {
request := goreq.Request{
Method: "PUT",
Uri: server.URL + "/contacts/gibberish",
ContentType: "application/json",
Body: `{
"data": "` + uniuri.NewLen(64) + `",
"name": "` + uniuri.New() + `",
"encoding": "xml",
"version_major": 8,
"version_minor": 3
}`,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsUpdateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Contact not found")
})
Convey("Deleting a non-existing contact should fail", func() {
request := goreq.Request{
Method: "DELETE",
Uri: server.URL + "/contacts/gibberish",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.ContactsDeleteResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Contact not found")
})
})
}
func TestKeysRoute(t *testing.T) {
Convey("Given a working account", t, func() {
account := &models.Account{
Resource: models.MakeResource("", "johnorange4"),
Status: "complete",
AltEmail: "*****@*****.**",
}
err := account.SetPassword("fruityloops")
So(err, ShouldBeNil)
err = env.Accounts.Insert(account)
So(err, ShouldBeNil)
result, err := goreq.Request{
Method: "POST",
Uri: server.URL + "/tokens",
ContentType: "application/json",
Body: `{
"type": "auth",
"username": "******",
"password": "******"
}`,
}.Do()
So(err, ShouldBeNil)
var response routes.TokensCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
authToken := response.Token
Convey("Uploading a new key using an invalid JSON format should fail", func() {
request := goreq.Request{
Method: "POST",
Uri: server.URL + "/keys",
ContentType: "application/json",
Body: "!@#!@!@#",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.KeysCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Invalid input format")
So(response.Success, ShouldBeFalse)
})
Convey("Uploading an invalid key should fail", func() {
request := goreq.Request{
Method: "POST",
Uri: server.URL + "/keys",
ContentType: "application/json",
Body: `{
"key": "hbnjmvnbhvm nbhm jhbjmnghnbgjvgbhvf bgvmj gvhnft"
}`,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.KeysCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Invalid key format")
So(response.Success, ShouldBeFalse)
})
Convey("Uploading a key should succeed", func() {
request := goreq.Request{
Method: "POST",
Uri: server.URL + "/keys",
ContentType: "application/json",
Body: `{
"key": "` + strings.Join(strings.Split(`-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQINBFR6JFoBEADoLOVi5NEkIELYOIfOsztAuPqNPiJcDXCsKuprjNj7n2vxyNim
WbArRZ4TJereG0H2skCQlKMx26EiHHdK3je4i6erD+OT4NolAsxVsl4PpkEDZnzz
tIwVb7FymahIrqwP9YPrXc0tr07HgnE3+it828ZJlCMfGUgJJrn12p+UetlBoFwr
OEgaCl4fOfAuUQUzD156AGV/S0H4ge8H7yngSxNTMCqypX6SaX+O0uhKqa3CxiiG
HxIGo+lNdM72Xm3Ym9sNKtfsflkqZdlWfdpit1mgveZMx2CpuYI1aS+FRzQczCDn
fDnSVqErIWUv64daC5qU3pPWjqRuOr4WXEdxXSCgi2oXVP+2hVyqgPk6ch64TodR
lKxFN2wvrJVYJd/5XQrojBtf/F/ZnlYq0rze+snZ5R1lBMZMU2oBnWtRQMSO/+8b
iHY/7mjyT+LGLXhbGGmgtycYsuujR54Smtzx1tc7CsoVLJ3JB4629YT6RtDnd85R
f7oUnjtd714e6k6zLIkppsSDse8WOPGtnfHxswrNRGnEPFYxQhCN+PbYdwGmSfmA
kzoJFumJF8KIXflGBZ0s2JdAx4G1aMhPR3rUNiJdh+DXXseLn/PAbDj2O4uMVi5F
/ai6U/vhNOatrt5syOwWZnShuIBj5VwwyJOdGjC9uwYrfocDtx7IdbaokQARAQAB
tCFQaW90ciBaZHVuaWFrIDxwaW90ckB6ZHVuaWFrLm5ldD6JAjgEEwECACIFAlR6
JFoCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEN9g3PR+HyAlZigP/3H2
l9icK0tazF5B4jcPaKJ4cToe/XiTU1eNNzTGftlbtCgb2e2TMuzcY7LpiK3zHO5z
0NlVKWxAoD7JHEaG5vwL74gB1324VbW08dWcz/a/jMyTAUhGIZ1WBIJGa9dVkN98
GZp6i8q2DfsvflQI5Q9s3+Y6nbl2FEDFc3U+UXyN3M7x94NEc+3BUPvds/CwD/L0
rjatqusCf1lo2GNZvVcoluerKjSR0/LryTbQwSlW0rDIVAoc5AB1ezpJKfW6O22i
4h8MpNGNJ3XVrMIX4/Tu4ESE75WQSVqThd1Zy3y9bVvhL8UxKV3qviuBRDtlk/7N
QznUBTJ0RFegebTDp6+jVaVt+RBJg8rnwXOT0iSEBionCjjuIWX7hzM3mRg8FnnJ
RUudJxN2b1mJHKCHEG3/SIbl6m32HesJahfNnmGV8xs7YpZWHQU+DXoTJN8+t/2E
kZ7+4X38jdWfLfw4Z+Cb3J+J4yf0uipUQ8+6f7zm2p0BINlt5TQczZpWYQolhKoK
Xhd+Sd2XieaAkxUQqaYjCbr5fC5QouWYlwqnghCVSs1MLCPdHDI2FOXB5Sh8hOHN
sxar+5r9iWLkAvr5k+QoR8fQgarIQKcXQc+NQR65D8eneGo/apVknvRVMLrtC1ZI
QLi8aLMFaM6HReXsHD6PJUsuuHys2fhT+6vD4ujjuQINBFR6JFoBEADMa8xp8O1W
WvRxBZ0Bd0EOm+znhCsDhdHxrq3x74k3229NVJ42tfRunegP+s+/nFQuSV/FXxiL
NFb7cfTL2ZlibNbOwbZ6RQ66BdPaBKyIc0QdIsaR/+ehGqbG0dN1aAiQJBustPzX
RQJBhzHKx4FpdJLrFppe5JLp2pcmI9CoMHdirIh3uFF85sNBTa0MAHNBHzXBeZbv
jZDCxTkFBPmUEbNiUWDOPDQnZlJAG9VvXzSLilsZ4Cgj/jN0/MUJ+vEOb1NvOWNH
Wo0/uFqmMhAFHxFSUETnZ4Q/6ZU2bdCeAp9uo1oEFvaEbmRdW1BkjMOXqJ4V5bXj
p9qREraEargj3+FKQHIiKDEz6p4C9y0RsJROIj8oZmvZsynzsnrmU5Gme5V8a4sS
ruPkm3kmdPCWq1SSZ/3V293NnE73KKdy6XinuyZBWVN1y8jSd/lJpyIZzIIMAQSp
OwWBYnVwTIlbFi0Ad1BGvMMSCM15AdrN9Ywb7xfnlkXEMHTQk4czwJUDKYodIw1u
KnGm/N/SPlgm1sk59rlMTQk0/TFT6KsYEoDdEJP934lldG+11vgpcicV8owM0AQ4
PYtVTKhHv7QNK0FCIHWIWq/QMLJn73X7kotgLB/1M94eTgcWasg4ENI/ZCCRelnL
6cs4Ggo4/j/bd5QhogdiJYHUlEDqUL+a0QARAQABiQIfBBgBAgAJBQJUeiRaAhsM
AAoJEN9g3PR+HyAled0P/0J9gp48UOSWmkoMOPbGCIyABYMmaoDKdYYf1rToP3wp
O2nOwG48ZFW9Q4r6LAiOmPjPtMsvjtFeHDQ5FjnXpbFI2NBn3YwB2fulim8TZL03
SvpiZD7TUiZKmUAOmVPoZJ+GUIE9lJtBrlOS5n0TkhmS14G3xPlex7jdJ63JFmME
XZ9gDcgUOzG7pSneCYyHOLKGwTmLV3HXUSIAm/8bW2xJ7g+j9qr/c78D8ThUY+I0
0edCq+tL5rpnPYIusI3lzh4xeSMSSVCKB+Fhz9DFdD6pZC6E6KWlaoUgw1DdvfFC
KFrEhGFPu80Y7zl77nME9Yg9JYrKlISZHtbT8mDduOXlJIyZxsIlg/bDhsN38HOE
3ZoAsJh/8Ui44b58x/u4P9uKDroCua/6sOb0JFuxPNZHc7Sjdy1S0md7YEW3vFyT
1H1XzRAOPLwJFoz4ymRz9COHTyzExycr/TIjoBG7v1nYOGUdqaTNU2/802LRQaE2
eUftQWTTiFoES4Z0vTKmKwq3CoP80Z5zTrcQf8CdMmTd9bu9kE3AvrK6OD0amxKw
LNHuuVgP/KuG0U4M8A641mUjCt0ZvtDCcAgO90cQKdHsuiCkX/wFYGg+lCzwjtRZ
UZSWZtUmAO12vjmUwGtRbp5xfdbV+PmIBRYe0iikrykoBy+FLw9yHlSCoey2ih6W
=r/yh
-----END PGP PUBLIC KEY BLOCK-----`, "\n"), "\\n") + `"
}`,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.KeysCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "A new key has been successfully inserted")
So(response.Success, ShouldBeTrue)
So(response.Key.ID, ShouldNotBeNil)
key := response.Key
Convey("Key should be visible on the user's key list", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/keys?user=johnorange4",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.KeysListResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
So(len(*response.Keys), ShouldBeGreaterThan, 0)
})
Convey("Getting that key should succeed", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/keys/" + key.ID,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.KeysGetResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
So(response.Key.ID, ShouldEqual, key.ID)
})
})
Convey("Listing keys without passing a username should fail", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/keys",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.KeysListResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Invalid username")
})
Convey("Getting a non-existing key should fail", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/keys/123",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.KeysGetResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Requested key does not exist on our server")
})
})
}
func TestLabelsRoute(t *testing.T) {
Convey("Given a working account", t, func() {
account := &models.Account{
Resource: models.MakeResource("", "johnorange2"),
Status: "complete",
AltEmail: "*****@*****.**",
}
err := account.SetPassword("fruityloops")
So(err, ShouldBeNil)
err = env.Accounts.Insert(account)
So(err, ShouldBeNil)
result, err := goreq.Request{
Method: "POST",
Uri: server.URL + "/tokens",
ContentType: "application/json",
Body: `{
"type": "auth",
"username": "******",
"password": "******"
}`,
}.Do()
So(err, ShouldBeNil)
var response routes.TokensCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
authToken := response.Token
Convey("Creating a new label using invalid input should fail", func() {
request := goreq.Request{
Method: "POST",
Uri: server.URL + "/labels",
ContentType: "application/json",
Body: "!@#!@!@#",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Invalid input format")
So(response.Success, ShouldBeFalse)
})
Convey("Updating a label using invalid input should fail", func() {
request := goreq.Request{
Method: "PUT",
Uri: server.URL + "/labels/anything",
ContentType: "application/json",
Body: "!@#!@!@#",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsUpdateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Invalid input format")
So(response.Success, ShouldBeFalse)
})
Convey("Creating a new label without enough information should fail", func() {
request := goreq.Request{
Method: "POST",
Uri: server.URL + "/labels",
ContentType: "application/json",
Body: "{}",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Invalid request")
So(response.Success, ShouldBeFalse)
})
Convey("Getting a non-existing label should fail", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/labels/nonexisting",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Label not found")
So(response.Success, ShouldBeFalse)
})
Convey("Updating a non-existing label should fail", func() {
request := goreq.Request{
Method: "PUT",
Uri: server.URL + "/labels/anything",
ContentType: "application/json",
Body: "{}",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsUpdateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Label not found")
So(response.Success, ShouldBeFalse)
})
Convey("Deleting a non-existing label should fail", func() {
request := goreq.Request{
Method: "DELETE",
Uri: server.URL + "/labels/anything",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsDeleteResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Label not found")
So(response.Success, ShouldBeFalse)
})
Convey("Getting a non-owned label should fail", func() {
label := &models.Label{
Resource: models.MakeResource("not", uniuri.New()),
Builtin: false,
}
err := env.Labels.Insert(label)
So(err, ShouldBeNil)
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/labels/" + label.ID,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsGetResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Label not found")
So(response.Success, ShouldBeFalse)
Convey("Updating it should fail", func() {
request := goreq.Request{
Method: "PUT",
Uri: server.URL + "/labels/" + label.ID,
ContentType: "application/json",
Body: "{}",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsUpdateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Label not found")
So(response.Success, ShouldBeFalse)
})
Convey("Deleting it should fail", func() {
request := goreq.Request{
Method: "DELETE",
Uri: server.URL + "/labels/" + label.ID,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsDeleteResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Label not found")
So(response.Success, ShouldBeFalse)
})
})
Convey("Creating a label should succeed", func() {
request := goreq.Request{
Method: "POST",
Uri: server.URL + "/labels",
ContentType: "application/json",
Body: `{
"name": "` + uniuri.New() + `"
}`,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Label.Name, ShouldNotBeEmpty)
So(response.Success, ShouldBeTrue)
label := response.Label
Convey("That label should be visible on the labels list", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/labels",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsListResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldBeEmpty)
So(len(*response.Labels), ShouldBeGreaterThan, 0)
So(response.Success, ShouldBeTrue)
})
Convey("Getting that label should succeed", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/labels/" + label.ID,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsGetResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Label.ID, ShouldEqual, label.ID)
So(response.Success, ShouldBeTrue)
})
Convey("Updating that label should succeed", func() {
request := goreq.Request{
Method: "PUT",
Uri: server.URL + "/labels/" + label.ID,
ContentType: "application/json",
Body: `{
"name": "test123"
}`,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsUpdateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Label.Name, ShouldEqual, "test123")
So(response.Success, ShouldBeTrue)
})
Convey("Deleting that label should succeed", func() {
request := goreq.Request{
Method: "DELETE",
Uri: server.URL + "/labels/" + label.ID,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.LabelsDeleteResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Message, ShouldEqual, "Label successfully removed")
So(response.Success, ShouldBeTrue)
})
})
})
}
func Test_api_registry_revoke_secure(t *testing.T) {
logging.SetLevel("debug")
go serve_api()
config.CORE_CONF_FILEPATH, _ = filepath.Abs("./test/core_config.yml")
config.CONF_FILEPATH, _ = filepath.Abs("./test/config_wo_groups.yml")
config.CoreConf.Secure_api_write = true // need to add signature
unsigner, _ = utils.LoadPublicKey(public_key) // override interval unsigner
signer, _ := utils.LoadPrivateKey(private_key)
hostname := newcore.GetHostname()
now := fmt.Sprintf("%d", time.Now().Unix())
uri, _ := url.Parse("http://localhost:3031/registry/revoke")
values := url.Values{}
values.Add("hostname", newcore.GetHostname())
values.Add("time", now)
values.Encode()
uri.RawQuery = values.Encode()
go_req := goreq.Request{
Method: "DELETE",
Uri: uri.String(),
Accept: "application/json",
Timeout: 1 * time.Second,
}
// mock registry file before call api
ioutil.WriteFile(config.REGISTRY_FILEPATH, []byte(`test`), 0644)
resp, _ := go_req.Do()
// if err == nil {
// t.Errorf("should fail but not.")
// return
// }
if resp.StatusCode == 200 {
t.Errorf("should fail but not")
return
}
if b, _ := utils.PathExists(config.REGISTRY_FILEPATH); b != true {
t.Errorf("should fail but not")
return
}
resp.Body.Close()
toSign := fmt.Sprintf("%s%s", hostname, now)
sign, _ := signer.Sign([]byte(toSign))
sign_str := base64.StdEncoding.EncodeToString(sign)
go_req.AddHeader("HICKWALL_ADMIN_SIGN", sign_str)
// mock registry file before call api
ioutil.WriteFile(config.REGISTRY_FILEPATH, []byte(`test`), 0644)
resp, err := go_req.Do()
if err != nil {
t.Errorf("should work but not: %v", err)
return
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
t.Errorf("statuscode != 200, %d", resp.StatusCode)
return
}
b, err := utils.PathExists(config.REGISTRY_FILEPATH)
if b != false || err != nil {
t.Errorf("revoke not working.")
}
}
func TestTokensRoute(t *testing.T) {
Convey("Given a working account", t, func() {
account := &models.Account{
Resource: models.MakeResource("", "johnorange5"),
Status: "complete",
AltEmail: "*****@*****.**",
}
err := account.SetPassword("fruityloops")
So(err, ShouldBeNil)
err = env.Accounts.Insert(account)
So(err, ShouldBeNil)
result, err := goreq.Request{
Method: "POST",
Uri: server.URL + "/tokens",
ContentType: "application/json",
Body: `{
"type": "auth",
"username": "******",
"password": "******"
}`,
}.Do()
So(err, ShouldBeNil)
var response routes.TokensCreateResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
authToken := response.Token
Convey("Creating a non-auth token should fail", func() {
request, err := goreq.Request{
Method: "POST",
Uri: server.URL + "/tokens",
ContentType: "application/json",
Body: `{
"type": "not-auth"
}`,
}.Do()
So(err, ShouldBeNil)
var response routes.TokensCreateResponse
err = request.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Only auth tokens are implemented")
})
Convey("Trying to sign in using wrong username should fail", func() {
request, err := goreq.Request{
Method: "POST",
Uri: server.URL + "/tokens",
ContentType: "application/json",
Body: `{
"type": "auth",
"username": "******",
"password": "******"
}`,
}.Do()
So(err, ShouldBeNil)
var response routes.TokensCreateResponse
err = request.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Wrong username or password")
})
Convey("Trying to sign in using wrong password should fail", func() {
request, err := goreq.Request{
Method: "POST",
Uri: server.URL + "/tokens",
ContentType: "application/json",
Body: `{
"type": "auth",
"username": "******",
"password": "******"
}`,
}.Do()
So(err, ShouldBeNil)
var response routes.TokensCreateResponse
err = request.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Wrong username or password")
})
Convey("Trying to sign in using an invalid JSON input should fail", func() {
request, err := goreq.Request{
Method: "POST",
Uri: server.URL + "/tokens",
ContentType: "application/json",
Body: "123123123###434$#$",
}.Do()
So(err, ShouldBeNil)
var response routes.TokensCreateResponse
err = request.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Invalid input format")
})
Convey("Getting the currently used token should succeed", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/tokens",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.TokensGetResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
So(response.Token.ExpiryDate.After(time.Now().UTC()), ShouldBeTrue)
})
Convey("Deleting the token by ID should succeed", func() {
request := goreq.Request{
Method: "DELETE",
Uri: server.URL + "/tokens/" + authToken.ID,
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.TokensDeleteResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
So(response.Message, ShouldEqual, "Successfully logged out")
})
Convey("Deleting a non-existing token should fail", func() {
request := goreq.Request{
Method: "DELETE",
Uri: server.URL + "/tokens/123",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.TokensDeleteResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Invalid token ID")
})
Convey("Deleting current token should succeed", func() {
request := goreq.Request{
Method: "DELETE",
Uri: server.URL + "/tokens",
}
request.AddHeader("Authorization", "Bearer "+authToken.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.TokensDeleteResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeTrue)
So(response.Message, ShouldEqual, "Successfully logged out")
})
})
}
func TestMiddleware(t *testing.T) {
Convey("While querying a secure endpoint", t, func() {
Convey("No header should fail", func() {
result, err := goreq.Request{
Method: "GET",
Uri: server.URL + "/accounts/me",
}.Do()
So(err, ShouldBeNil)
var response routes.AuthMiddlewareResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Missing auth token")
})
Convey("An invalid header should fail", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/accounts/me",
}
request.AddHeader("Authorization", "123")
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.AuthMiddlewareResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Invalid authorization header")
})
Convey("Invalid token should fail", func() {
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/accounts/me",
}
request.AddHeader("Authorization", "Bearer 123")
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.AuthMiddlewareResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Invalid authorization token")
})
Convey("Expired token should fail", func() {
account := &models.Account{
Resource: models.MakeResource("", "johnorange"),
Status: "complete",
AltEmail: "*****@*****.**",
}
err := account.SetPassword("fruityloops")
So(err, ShouldBeNil)
err = env.Accounts.Insert(account)
So(err, ShouldBeNil)
token := models.Token{
Resource: models.MakeResource(account.ID, "test invite token"),
Expiring: models.Expiring{
ExpiryDate: time.Now().UTC().Truncate(time.Hour * 8),
},
Type: "auth",
}
err = env.Tokens.Insert(token)
So(err, ShouldBeNil)
request := goreq.Request{
Method: "GET",
Uri: server.URL + "/accounts/me",
}
request.AddHeader("Authorization", "Bearer "+token.ID)
result, err := request.Do()
So(err, ShouldBeNil)
var response routes.AuthMiddlewareResponse
err = result.Body.FromJsonTo(&response)
So(err, ShouldBeNil)
So(response.Success, ShouldBeFalse)
So(response.Message, ShouldEqual, "Authorization token has expired")
})
})
}
