예제 #1
0
//LogRequestFromValidationResult unmarshalls the ValidationResult and logs to keen.io
//
//http://api.keen.io/3.0/projects/<project_id>/events/<event_collection>
func (keen *KeenMetrics) LogRequestFromValidationResult(collectionName string, validationResult string) {
	var url = keen.getEndpoint() + collectionName

	var result goiban.ValidationResult
	json.Unmarshal([]byte(validationResult), &result)

	req := goreq.Request{
		Method:      "POST",
		Uri:         url,
		ContentType: "application/json",
		Body:        ValidationResultToEvent(&result),
	}

	req.AddHeader("Authorization", keen.WriteAPIKey)

	res, err := req.Do()

	if err != nil {
		log.Printf("Error while posting stats: %v", err)
		return
	}

	// Close the response body
	if res.Body != nil {
		defer res.Body.Close()
	}

	if collectionName == "Test" {
		log.Printf(url)
		text, _ := res.Body.ToString()
		log.Printf("Response (%v): %v", res.StatusCode, text)
	}

}
예제 #2
0
func (m webhooksAlerter) Worker(q chan webhook) {
	for {
		select {
		case webhook := <-q:
			log.Info("Sending webhook alert to %s", webhook.Url)

			req := goreq.Request{
				Uri:         webhook.Url,
				Accept:      "application/json",
				ContentType: "application/json",
				UserAgent:   "Lovebeat",
				Timeout:     10 * time.Second,
				Body:        webhook.Data,
			}

			req.AddHeader("X-Lovebeat", "1")

			_, err := req.Do()
			if err != nil {
				log.Error("Failed to post webhook: %s", err)
			}
		}
	}

}
예제 #3
0
//WriteLogRequest logs to keen.io
//
// http://api.keen.io/3.0/projects/<project_id>/events/<event_collection>
func (keen *KeenMetrics) WriteLogRequest(collectionName string, iban *goiban.Iban) {
	var url = keen.getEndpoint() + collectionName

	req := goreq.Request{
		Method:      "POST",
		Uri:         url,
		ContentType: "application/json",
		Body:        IbanToEvent(iban),
	}

	req.AddHeader("Authorization", keen.WriteAPIKey)

	res, err := req.Do()

	if err != nil {
		log.Printf("Error while posting stats: %v", err)
		return
	}

	// Close the response body
	if res.Body != nil {
		defer res.Body.Close()
	}

	if collectionName == "Test" {
		log.Printf(url)
		text, _ := res.Body.ToString()
		log.Printf("Response (%v): %v", res.StatusCode, text)
	}

}
예제 #4
0
파일: client.go 프로젝트: igrybkov/leosync
func (c Client) post(url string, requestData interface{}) []error {

	var errs []error
	req := goreq.Request{
		Method:      "POST",
		Body:        requestData,
		Uri:         url,
		ContentType: "application/x-www-form-urlencoded; charset=UTF-8",
		CookieJar:   c.cookie,
	}
	req.AddHeader("X-Requested-With", "XMLHttpRequest")
	resp, err := req.Do()

	if err != nil {
		errs = append(errs, errors.New(err.Error()))
		log.Fatalln(err.Error())
	}
	defer func() {
		err := resp.Body.Close()
		if err != nil {
			log.Fatal(err)
		}
	}()

	if resp.StatusCode != http.StatusOK {
		errs = append(errs, errors.New("Failed login: status code is "+resp.Status))
	}

	return errs
}
예제 #5
0
func (m slackhookAlerter) Worker(q chan slackhook, cfg *config.ConfigSlackhook) {
	for {

		select {
		case slackhook := <-q:

			var err error

			var context = make(map[string]interface{})
			context["View"] = slackhook.Data.View
			context["Previous"] = slackhook.Data.Previous
			context["Current"] = slackhook.Data.Current

			var doc bytes.Buffer

			err = m.template.Execute(&doc, context)
			if err != nil {
				log.Error("Failed to render template", err)
				return
			}

			req := goreq.Request{
				Method:      "POST",
				Uri:         cfg.Uri,
				Accept:      "*/*",
				ContentType: "application/x-www-form-urlencoded",
				UserAgent:   "Lovebeat",
				Timeout:     10 * time.Second,
				Body:        "payload=" + url.QueryEscape(doc.String()),
			}

			req.AddHeader("X-Lovebeat", "1")

			res, err := req.Do()

			if err != nil {
				log.Error("Failed to post slackhook:%v:", err)
			}

			robots, err := ioutil.ReadAll(res.Body)
			res.Body.Close()

			//it returned a 200 so ignore any error here
			if err != nil {
				log.Error("OK:unreadable response:%v:", err)
			} else if res.StatusCode != http.StatusOK {
				log.Error("NOK:non-200:%d:", res.StatusCode)
			} else {
				log.Info("OK:response:%s:", string(robots))
			}

		}
	}

}
예제 #6
0
func apiRequestBase(authToken string) *goreq.Request {
	req := goreq.Request{
		Uri:       apiURL(),
		ShowDebug: debugging,
		Insecure:  !shouldVerifyHost(apiURL()),
	}
	if authToken != "" {
		req.AddHeader("Authorization", "Bearer "+authToken)
	}
	if os.Getenv("HEROKU_HEADERS") != "" {
		var h map[string]string
		json.Unmarshal([]byte(os.Getenv("HEROKU_HEADERS")), &h)
		for k, v := range h {
			req.AddHeader(k, v)
		}
	}
	return &req
}
예제 #7
0
func apiRequest(authToken string) *goreq.Request {
	req := goreq.Request{
		Uri:       "https://" + apiHost(),
		Accept:    "application/vnd.heroku+json; version=3",
		ShowDebug: debugging,
		Insecure:  !shouldVerifyHost(apiHost()),
	}
	if authToken != "" {
		req.AddHeader("Authorization", "Bearer "+authToken)
	}
	if os.Getenv("HEROKU_HEADERS") != "" {
		var h map[string]string
		json.Unmarshal([]byte(os.Getenv("HEROKU_HEADERS")), &h)
		for k, v := range h {
			req.AddHeader(k, v)
		}
	}
	return &req
}
예제 #8
0
func (c *HTTPClient) MakeRequest(args Args) (http.Header, int, []byte, error) {
	header := make(map[string][]string)

	url, err := url.Parse(c.Host)
	if err != nil {
		return header, 0, []byte{}, errors.NewInvalidHostError(err)
	}
	url.Path = args.Path

	req := goreq.Request{
		Uri:       url.String(),
		Method:    args.Method,
		Body:      args.Body,
		Timeout:   args.Timeout,
		ShowDebug: args.ShowDebug,
	}

	for name, value := range args.Headers {
		for _, v := range value {
			req.AddHeader(name, v)
		}
	}

	resp, err := req.Do()
	if err != nil {
		return header, 0, []byte{}, errors.NewRequestError(err)
	}

	respBody, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		return resp.Header, resp.StatusCode, []byte{}, errors.NewResponseError(err)
	}

	if resp.StatusCode == args.AcceptableCode {
		return resp.Header, resp.StatusCode, respBody, nil
	}

	return resp.Header, resp.StatusCode, respBody, errors.NewResponseError(errors.ErrBadResponse)
}
예제 #9
0
// SendRequest sends the requested package (as a POST) to the defined
func (n NotificationsManager) SendRequest(wait bool, count int, notification interface{}) {
	if wait {
		if count < 3 {
			time.Sleep(10 * time.Second)
		} else {
			log.Error("Too many notification attempts, aborting.")
			return
		}
	}

	req := goreq.Request{
		Method:      "POST",
		Uri:         n.OAuthKeyChangeURL,
		UserAgent:   "Tyk-Gatewy-Notifications",
		ContentType: "application/json",
		Body:        notification,
	}

	req.AddHeader("X-Tyk-Shared-Secret", n.SharedSecret)

	resp, reqErr := req.Do()

	if reqErr != nil {
		log.Error("Request failed, trying again in 10s. Error was: ", reqErr)
		count++
		go n.SendRequest(true, count, notification)
		return
	}

	if resp.StatusCode != 200 {
		log.Error("Request returned non-200 status, trying again in 10s.")
		count++
		go n.SendRequest(true, count, notification)
		return
	}
}
예제 #10
0
// Spawn sends the actual request.
func (r *Request) Spawn(parent *Response, wg *sync.WaitGroup) {
	body := ""
	if r.Data != nil {
		body = r.Data.Format(parent)
	}
	greq := goreq.Request{Method: r.Method, Body: body, UserAgent: profile.UserAgent}
	// Let's set the headers, if needed.
	if r.Headers != nil {
		for _, line := range strings.Split(r.Headers.Format(parent), "\n") {
			line = strings.TrimSpace(line)
			if line == "" {
				continue
			}
			hdr := strings.Split(line, ":")
			greq.AddHeader(strings.TrimSpace(hdr[0]), strings.TrimSpace(hdr[1]))
		}
	}
	// Let's also add the cookies.
	if r.FwdCookies && parent != nil {
		if parent.cookies != nil {
			for _, delicacy := range parent.cookies {
				greq.AddCookie(delicacy)
			}
		}
	}

	// One go routine which pops responses from the channel and moves them to the list.
	go func() {
		for {
			r.doneReqs = append(r.doneReqs, <-r.doneChan)
			r.doneWg.Done()
			perc := float64(len(r.doneReqs)) / float64(r.Repeat)
			notify := false
			if perc >= 0.75 && perc-0.75 < 1e-4 {
				notify = true
			} else if perc >= 0.5 && perc-0.5 < 1e-4 {
				notify = true
			} else if perc >= 0.25 && perc-0.25 < 1e-4 {
				notify = true
			} else if len(r.doneReqs)%100 == 0 {
				notify = true
			}
			if notify {
				log.Notice("Completed %d requests out of %d to %s.", len(r.doneReqs), r.Repeat, r.URL)
			}
		}
	}()

	// Let's spawn all the requests, with their respective concurrency.
	wg.Add(r.Repeat)
	r.doneWg.Add(r.Repeat)
	for rno := 1; rno <= r.Repeat; rno++ {
		go func(no int, greq goreq.Request) {
			r.ongoingReqs <- struct{}{} // Adding sentinel value to limit concurrency.
			greq.Uri = r.URL.Generate()
			resp := Response{}

			startTime := time.Now()
			gresp, err := greq.Do()
			resp.FromGoResp(gresp, err, startTime)
			if err != nil {
				log.Critical("could not send request to #%d %s: %s", no, r.URL, err)
			}

			<-r.ongoingReqs // We're done, let's make room for the next request.
			resp.duration = time.Since(startTime)
			// Let's add that request to the list of completed requests.
			r.doneChan <- &resp
			runtime.Gosched()
		}(rno, greq)
	}

	// Let's now have a go routine which waits for all the requests to complete
	// and spawns all the children.
	go func() {
		r.doneWg.Wait()

		if r.Children != nil {
			log.Debug("Spawning children for %s.", r.URL)
			for _, child := range r.Children {
				// Note that we always use the LAST response as the parent response.
				child.Spawn(r.doneReqs[0], wg)
			}
		}
		log.Debug("Computing result of %s.", r.URL)
		r.ComputeResult(wg)
	}()
}
예제 #11
0
func TestContactsRoute(t *testing.T) {
	Convey("Given a working account", t, func() {
		account := &models.Account{
			Resource: models.MakeResource("", "johnorange2"),
			Status:   "complete",
			AltEmail: "*****@*****.**",
		}
		err := account.SetPassword("fruityloops")
		So(err, ShouldBeNil)

		err = env.Accounts.Insert(account)
		So(err, ShouldBeNil)

		result, err := goreq.Request{
			Method:      "POST",
			Uri:         server.URL + "/tokens",
			ContentType: "application/json",
			Body: `{
				"type": "auth",
				"username": "******",
				"password": "******"
			}`,
		}.Do()
		So(err, ShouldBeNil)

		var response routes.TokensCreateResponse
		err = result.Body.FromJsonTo(&response)
		So(err, ShouldBeNil)

		So(response.Success, ShouldBeTrue)
		authToken := response.Token

		Convey("Creating a contact with missing parts should fail", func() {
			request := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/contacts",
				ContentType: "application/json",
				Body: `{
					"data": "` + uniuri.NewLen(64) + `",
					"encoding": "json",
					"version_major": 1,
					"version_minor": 0,
					"pgp_fingerprints": ["` + uniuri.New() + `"]
				}`,
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.ContactsCreateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "Invalid request")
			So(response.Success, ShouldBeFalse)
		})

		Convey("Creating a contact with invalid input data should fail", func() {
			request := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/contacts",
				ContentType: "application/json",
				Body:        "!@#!@#!@#",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.ContactsCreateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "Invalid input format")
			So(response.Success, ShouldBeFalse)
		})

		Convey("Getting a non-owned contact should fail", func() {
			contact := &models.Contact{
				Encrypted: models.Encrypted{
					Encoding:     "json",
					Data:         uniuri.NewLen(64),
					Schema:       "contact",
					VersionMajor: 1,
					VersionMinor: 0,
				},
				Resource: models.MakeResource("not", uniuri.New()),
			}

			err := env.Contacts.Insert(contact)
			So(err, ShouldBeNil)

			request := goreq.Request{
				Method: "GET",
				Uri:    server.URL + "/contacts/" + contact.ID,
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.ContactsGetResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Contact not found")

			Convey("Update of a not-owned contact should fail", func() {
				request := goreq.Request{
					Method:      "PUT",
					Uri:         server.URL + "/contacts/" + contact.ID,
					ContentType: "application/json",
					Body: `{
						"data": "` + uniuri.NewLen(64) + `",
						"name": "` + uniuri.New() + `",
						"encoding": "xml",
						"version_major": 8,
						"version_minor": 3
					}`,
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.ContactsUpdateResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Success, ShouldBeFalse)
				So(response.Message, ShouldEqual, "Contact not found")
			})

			Convey("Deleting it should fail", func() {
				request := goreq.Request{
					Method: "DELETE",
					Uri:    server.URL + "/contacts/" + contact.ID,
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.ContactsDeleteResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Success, ShouldBeFalse)
				So(response.Message, ShouldEqual, "Contact not found")
			})
		})

		Convey("Getting a non-existing contact should fail", func() {
			request := goreq.Request{
				Method: "GET",
				Uri:    server.URL + "/contacts/" + uniuri.New(),
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.ContactsGetResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Contact not found")
		})

		Convey("Creating a contact should succeed", func() {
			request := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/contacts",
				ContentType: "application/json",
				Body: `{
					"data": "` + uniuri.NewLen(64) + `",
					"name": "` + uniuri.New() + `",
					"encoding": "json",
					"version_major": 1,
					"version_minor": 0,
					"pgp_fingerprints": ["` + uniuri.New() + `"]
				}`,
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.ContactsCreateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "A new contact was successfully created")
			So(response.Success, ShouldBeTrue)
			So(response.Contact.ID, ShouldNotBeNil)

			contact := response.Contact

			Convey("The contact should be visible on the list", func() {
				request := goreq.Request{
					Method: "GET",
					Uri:    server.URL + "/contacts",
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.ContactsListResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(len(*response.Contacts), ShouldBeGreaterThan, 0)
				So(response.Success, ShouldBeTrue)

				found := false
				for _, c := range *response.Contacts {
					if c.ID == contact.ID {
						found = true
						break
					}
				}

				So(found, ShouldBeTrue)
			})

			Convey("Getting that contact should succeed", func() {
				request := goreq.Request{
					Method: "GET",
					Uri:    server.URL + "/contacts/" + contact.ID,
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.ContactsGetResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Success, ShouldBeTrue)
				So(response.Contact.Name, ShouldEqual, contact.Name)
			})

			Convey("Updating that contact should succeed", func() {
				newName := uniuri.New()

				request := goreq.Request{
					Method:      "PUT",
					Uri:         server.URL + "/contacts/" + contact.ID,
					ContentType: "application/json",
					Body: `{
						"data": "` + uniuri.NewLen(64) + `",
						"name": "` + newName + `",
						"encoding": "xml",
						"version_major": 8,
						"version_minor": 3
					}`,
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.ContactsUpdateResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Success, ShouldBeTrue)
				So(response.Contact.Name, ShouldEqual, newName)
			})

			Convey("Deleting that contact should succeed", func() {
				request := goreq.Request{
					Method: "DELETE",
					Uri:    server.URL + "/contacts/" + contact.ID,
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.ContactsDeleteResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Success, ShouldBeTrue)
				So(response.Message, ShouldEqual, "Contact successfully removed")
			})
		})

		Convey("Update with invalid input should fail", func() {
			request := goreq.Request{
				Method:      "PUT",
				Uri:         server.URL + "/contacts/" + uniuri.New(),
				ContentType: "application/json",
				Body:        "123123!@#!@#",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.ContactsUpdateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Invalid input format")
		})

		Convey("Update of a non-existing contact should fail", func() {
			request := goreq.Request{
				Method:      "PUT",
				Uri:         server.URL + "/contacts/gibberish",
				ContentType: "application/json",
				Body: `{
						"data": "` + uniuri.NewLen(64) + `",
						"name": "` + uniuri.New() + `",
						"encoding": "xml",
						"version_major": 8,
						"version_minor": 3
					}`,
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.ContactsUpdateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Contact not found")
		})

		Convey("Deleting a non-existing contact should fail", func() {
			request := goreq.Request{
				Method: "DELETE",
				Uri:    server.URL + "/contacts/gibberish",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.ContactsDeleteResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Contact not found")
		})
	})
}
예제 #12
0
func TestKeysRoute(t *testing.T) {
	Convey("Given a working account", t, func() {
		account := &models.Account{
			Resource: models.MakeResource("", "johnorange4"),
			Status:   "complete",
			AltEmail: "*****@*****.**",
		}
		err := account.SetPassword("fruityloops")
		So(err, ShouldBeNil)

		err = env.Accounts.Insert(account)
		So(err, ShouldBeNil)

		result, err := goreq.Request{
			Method:      "POST",
			Uri:         server.URL + "/tokens",
			ContentType: "application/json",
			Body: `{
				"type": "auth",
				"username": "******",
				"password": "******"
			}`,
		}.Do()
		So(err, ShouldBeNil)

		var response routes.TokensCreateResponse
		err = result.Body.FromJsonTo(&response)
		So(err, ShouldBeNil)

		So(response.Success, ShouldBeTrue)
		authToken := response.Token

		Convey("Uploading a new key using an invalid JSON format should fail", func() {
			request := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/keys",
				ContentType: "application/json",
				Body:        "!@#!@!@#",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.KeysCreateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "Invalid input format")
			So(response.Success, ShouldBeFalse)
		})

		Convey("Uploading an invalid key should fail", func() {
			request := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/keys",
				ContentType: "application/json",
				Body: `{
					"key": "hbnjmvnbhvm nbhm jhbjmnghnbgjvgbhvf bgvmj gvhnft"
				}`,
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.KeysCreateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "Invalid key format")
			So(response.Success, ShouldBeFalse)
		})

		Convey("Uploading a key should succeed", func() {
			request := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/keys",
				ContentType: "application/json",
				Body: `{
			"key": "` + strings.Join(strings.Split(`-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1

mQINBFR6JFoBEADoLOVi5NEkIELYOIfOsztAuPqNPiJcDXCsKuprjNj7n2vxyNim
WbArRZ4TJereG0H2skCQlKMx26EiHHdK3je4i6erD+OT4NolAsxVsl4PpkEDZnzz
tIwVb7FymahIrqwP9YPrXc0tr07HgnE3+it828ZJlCMfGUgJJrn12p+UetlBoFwr
OEgaCl4fOfAuUQUzD156AGV/S0H4ge8H7yngSxNTMCqypX6SaX+O0uhKqa3CxiiG
HxIGo+lNdM72Xm3Ym9sNKtfsflkqZdlWfdpit1mgveZMx2CpuYI1aS+FRzQczCDn
fDnSVqErIWUv64daC5qU3pPWjqRuOr4WXEdxXSCgi2oXVP+2hVyqgPk6ch64TodR
lKxFN2wvrJVYJd/5XQrojBtf/F/ZnlYq0rze+snZ5R1lBMZMU2oBnWtRQMSO/+8b
iHY/7mjyT+LGLXhbGGmgtycYsuujR54Smtzx1tc7CsoVLJ3JB4629YT6RtDnd85R
f7oUnjtd714e6k6zLIkppsSDse8WOPGtnfHxswrNRGnEPFYxQhCN+PbYdwGmSfmA
kzoJFumJF8KIXflGBZ0s2JdAx4G1aMhPR3rUNiJdh+DXXseLn/PAbDj2O4uMVi5F
/ai6U/vhNOatrt5syOwWZnShuIBj5VwwyJOdGjC9uwYrfocDtx7IdbaokQARAQAB
tCFQaW90ciBaZHVuaWFrIDxwaW90ckB6ZHVuaWFrLm5ldD6JAjgEEwECACIFAlR6
JFoCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEN9g3PR+HyAlZigP/3H2
l9icK0tazF5B4jcPaKJ4cToe/XiTU1eNNzTGftlbtCgb2e2TMuzcY7LpiK3zHO5z
0NlVKWxAoD7JHEaG5vwL74gB1324VbW08dWcz/a/jMyTAUhGIZ1WBIJGa9dVkN98
GZp6i8q2DfsvflQI5Q9s3+Y6nbl2FEDFc3U+UXyN3M7x94NEc+3BUPvds/CwD/L0
rjatqusCf1lo2GNZvVcoluerKjSR0/LryTbQwSlW0rDIVAoc5AB1ezpJKfW6O22i
4h8MpNGNJ3XVrMIX4/Tu4ESE75WQSVqThd1Zy3y9bVvhL8UxKV3qviuBRDtlk/7N
QznUBTJ0RFegebTDp6+jVaVt+RBJg8rnwXOT0iSEBionCjjuIWX7hzM3mRg8FnnJ
RUudJxN2b1mJHKCHEG3/SIbl6m32HesJahfNnmGV8xs7YpZWHQU+DXoTJN8+t/2E
kZ7+4X38jdWfLfw4Z+Cb3J+J4yf0uipUQ8+6f7zm2p0BINlt5TQczZpWYQolhKoK
Xhd+Sd2XieaAkxUQqaYjCbr5fC5QouWYlwqnghCVSs1MLCPdHDI2FOXB5Sh8hOHN
sxar+5r9iWLkAvr5k+QoR8fQgarIQKcXQc+NQR65D8eneGo/apVknvRVMLrtC1ZI
QLi8aLMFaM6HReXsHD6PJUsuuHys2fhT+6vD4ujjuQINBFR6JFoBEADMa8xp8O1W
WvRxBZ0Bd0EOm+znhCsDhdHxrq3x74k3229NVJ42tfRunegP+s+/nFQuSV/FXxiL
NFb7cfTL2ZlibNbOwbZ6RQ66BdPaBKyIc0QdIsaR/+ehGqbG0dN1aAiQJBustPzX
RQJBhzHKx4FpdJLrFppe5JLp2pcmI9CoMHdirIh3uFF85sNBTa0MAHNBHzXBeZbv
jZDCxTkFBPmUEbNiUWDOPDQnZlJAG9VvXzSLilsZ4Cgj/jN0/MUJ+vEOb1NvOWNH
Wo0/uFqmMhAFHxFSUETnZ4Q/6ZU2bdCeAp9uo1oEFvaEbmRdW1BkjMOXqJ4V5bXj
p9qREraEargj3+FKQHIiKDEz6p4C9y0RsJROIj8oZmvZsynzsnrmU5Gme5V8a4sS
ruPkm3kmdPCWq1SSZ/3V293NnE73KKdy6XinuyZBWVN1y8jSd/lJpyIZzIIMAQSp
OwWBYnVwTIlbFi0Ad1BGvMMSCM15AdrN9Ywb7xfnlkXEMHTQk4czwJUDKYodIw1u
KnGm/N/SPlgm1sk59rlMTQk0/TFT6KsYEoDdEJP934lldG+11vgpcicV8owM0AQ4
PYtVTKhHv7QNK0FCIHWIWq/QMLJn73X7kotgLB/1M94eTgcWasg4ENI/ZCCRelnL
6cs4Ggo4/j/bd5QhogdiJYHUlEDqUL+a0QARAQABiQIfBBgBAgAJBQJUeiRaAhsM
AAoJEN9g3PR+HyAled0P/0J9gp48UOSWmkoMOPbGCIyABYMmaoDKdYYf1rToP3wp
O2nOwG48ZFW9Q4r6LAiOmPjPtMsvjtFeHDQ5FjnXpbFI2NBn3YwB2fulim8TZL03
SvpiZD7TUiZKmUAOmVPoZJ+GUIE9lJtBrlOS5n0TkhmS14G3xPlex7jdJ63JFmME
XZ9gDcgUOzG7pSneCYyHOLKGwTmLV3HXUSIAm/8bW2xJ7g+j9qr/c78D8ThUY+I0
0edCq+tL5rpnPYIusI3lzh4xeSMSSVCKB+Fhz9DFdD6pZC6E6KWlaoUgw1DdvfFC
KFrEhGFPu80Y7zl77nME9Yg9JYrKlISZHtbT8mDduOXlJIyZxsIlg/bDhsN38HOE
3ZoAsJh/8Ui44b58x/u4P9uKDroCua/6sOb0JFuxPNZHc7Sjdy1S0md7YEW3vFyT
1H1XzRAOPLwJFoz4ymRz9COHTyzExycr/TIjoBG7v1nYOGUdqaTNU2/802LRQaE2
eUftQWTTiFoES4Z0vTKmKwq3CoP80Z5zTrcQf8CdMmTd9bu9kE3AvrK6OD0amxKw
LNHuuVgP/KuG0U4M8A641mUjCt0ZvtDCcAgO90cQKdHsuiCkX/wFYGg+lCzwjtRZ
UZSWZtUmAO12vjmUwGtRbp5xfdbV+PmIBRYe0iikrykoBy+FLw9yHlSCoey2ih6W
=r/yh
-----END PGP PUBLIC KEY BLOCK-----`, "\n"), "\\n") + `"
		}`,
			}

			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.KeysCreateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "A new key has been successfully inserted")
			So(response.Success, ShouldBeTrue)
			So(response.Key.ID, ShouldNotBeNil)

			key := response.Key

			Convey("Key should be visible on the user's key list", func() {
				request := goreq.Request{
					Method: "GET",
					Uri:    server.URL + "/keys?user=johnorange4",
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.KeysListResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Success, ShouldBeTrue)
				So(len(*response.Keys), ShouldBeGreaterThan, 0)
			})

			Convey("Getting that key should succeed", func() {
				request := goreq.Request{
					Method: "GET",
					Uri:    server.URL + "/keys/" + key.ID,
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.KeysGetResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Success, ShouldBeTrue)
				So(response.Key.ID, ShouldEqual, key.ID)
			})
		})

		Convey("Listing keys without passing a username should fail", func() {
			request := goreq.Request{
				Method: "GET",
				Uri:    server.URL + "/keys",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.KeysListResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Invalid username")
		})

		Convey("Getting a non-existing key should fail", func() {
			request := goreq.Request{
				Method: "GET",
				Uri:    server.URL + "/keys/123",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.KeysGetResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Requested key does not exist on our server")
		})
	})
}
예제 #13
0
func TestLabelsRoute(t *testing.T) {
	Convey("Given a working account", t, func() {
		account := &models.Account{
			Resource: models.MakeResource("", "johnorange2"),
			Status:   "complete",
			AltEmail: "*****@*****.**",
		}
		err := account.SetPassword("fruityloops")
		So(err, ShouldBeNil)

		err = env.Accounts.Insert(account)
		So(err, ShouldBeNil)

		result, err := goreq.Request{
			Method:      "POST",
			Uri:         server.URL + "/tokens",
			ContentType: "application/json",
			Body: `{
				"type": "auth",
				"username": "******",
				"password": "******"
			}`,
		}.Do()
		So(err, ShouldBeNil)

		var response routes.TokensCreateResponse
		err = result.Body.FromJsonTo(&response)
		So(err, ShouldBeNil)

		So(response.Success, ShouldBeTrue)
		authToken := response.Token

		Convey("Creating a new label using invalid input should fail", func() {
			request := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/labels",
				ContentType: "application/json",
				Body:        "!@#!@!@#",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.LabelsCreateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "Invalid input format")
			So(response.Success, ShouldBeFalse)
		})

		Convey("Updating a label using invalid input should fail", func() {
			request := goreq.Request{
				Method:      "PUT",
				Uri:         server.URL + "/labels/anything",
				ContentType: "application/json",
				Body:        "!@#!@!@#",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.LabelsUpdateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "Invalid input format")
			So(response.Success, ShouldBeFalse)
		})

		Convey("Creating a new label without enough information should fail", func() {
			request := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/labels",
				ContentType: "application/json",
				Body:        "{}",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.LabelsCreateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "Invalid request")
			So(response.Success, ShouldBeFalse)
		})

		Convey("Getting a non-existing label should fail", func() {
			request := goreq.Request{
				Method: "GET",
				Uri:    server.URL + "/labels/nonexisting",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.LabelsCreateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "Label not found")
			So(response.Success, ShouldBeFalse)
		})

		Convey("Updating a non-existing label should fail", func() {
			request := goreq.Request{
				Method:      "PUT",
				Uri:         server.URL + "/labels/anything",
				ContentType: "application/json",
				Body:        "{}",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.LabelsUpdateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "Label not found")
			So(response.Success, ShouldBeFalse)
		})

		Convey("Deleting a non-existing label should fail", func() {
			request := goreq.Request{
				Method: "DELETE",
				Uri:    server.URL + "/labels/anything",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.LabelsDeleteResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "Label not found")
			So(response.Success, ShouldBeFalse)
		})

		Convey("Getting a non-owned label should fail", func() {
			label := &models.Label{
				Resource: models.MakeResource("not", uniuri.New()),
				Builtin:  false,
			}

			err := env.Labels.Insert(label)
			So(err, ShouldBeNil)

			request := goreq.Request{
				Method: "GET",
				Uri:    server.URL + "/labels/" + label.ID,
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.LabelsGetResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Message, ShouldEqual, "Label not found")
			So(response.Success, ShouldBeFalse)

			Convey("Updating it should fail", func() {
				request := goreq.Request{
					Method:      "PUT",
					Uri:         server.URL + "/labels/" + label.ID,
					ContentType: "application/json",
					Body:        "{}",
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.LabelsUpdateResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Message, ShouldEqual, "Label not found")
				So(response.Success, ShouldBeFalse)
			})

			Convey("Deleting it should fail", func() {
				request := goreq.Request{
					Method: "DELETE",
					Uri:    server.URL + "/labels/" + label.ID,
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.LabelsDeleteResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Message, ShouldEqual, "Label not found")
				So(response.Success, ShouldBeFalse)
			})
		})

		Convey("Creating a label should succeed", func() {
			request := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/labels",
				ContentType: "application/json",
				Body: `{
					"name": "` + uniuri.New() + `"
				}`,
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.LabelsCreateResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Label.Name, ShouldNotBeEmpty)
			So(response.Success, ShouldBeTrue)

			label := response.Label

			Convey("That label should be visible on the labels list", func() {
				request := goreq.Request{
					Method: "GET",
					Uri:    server.URL + "/labels",
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.LabelsListResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Message, ShouldBeEmpty)
				So(len(*response.Labels), ShouldBeGreaterThan, 0)
				So(response.Success, ShouldBeTrue)
			})

			Convey("Getting that label should succeed", func() {
				request := goreq.Request{
					Method: "GET",
					Uri:    server.URL + "/labels/" + label.ID,
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.LabelsGetResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Label.ID, ShouldEqual, label.ID)
				So(response.Success, ShouldBeTrue)
			})

			Convey("Updating that label should succeed", func() {
				request := goreq.Request{
					Method:      "PUT",
					Uri:         server.URL + "/labels/" + label.ID,
					ContentType: "application/json",
					Body: `{
						"name": "test123"
					}`,
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.LabelsUpdateResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Label.Name, ShouldEqual, "test123")
				So(response.Success, ShouldBeTrue)
			})

			Convey("Deleting that label should succeed", func() {
				request := goreq.Request{
					Method: "DELETE",
					Uri:    server.URL + "/labels/" + label.ID,
				}
				request.AddHeader("Authorization", "Bearer "+authToken.ID)
				result, err := request.Do()
				So(err, ShouldBeNil)

				var response routes.LabelsDeleteResponse
				err = result.Body.FromJsonTo(&response)
				So(err, ShouldBeNil)

				So(response.Message, ShouldEqual, "Label successfully removed")
				So(response.Success, ShouldBeTrue)
			})
		})
	})
}
예제 #14
0
func Test_api_registry_revoke_secure(t *testing.T) {
	logging.SetLevel("debug")
	go serve_api()
	config.CORE_CONF_FILEPATH, _ = filepath.Abs("./test/core_config.yml")
	config.CONF_FILEPATH, _ = filepath.Abs("./test/config_wo_groups.yml")
	config.CoreConf.Secure_api_write = true // need to add signature

	unsigner, _ = utils.LoadPublicKey(public_key) // override interval unsigner
	signer, _ := utils.LoadPrivateKey(private_key)

	hostname := newcore.GetHostname()
	now := fmt.Sprintf("%d", time.Now().Unix())

	uri, _ := url.Parse("http://localhost:3031/registry/revoke")
	values := url.Values{}
	values.Add("hostname", newcore.GetHostname())
	values.Add("time", now)
	values.Encode()
	uri.RawQuery = values.Encode()

	go_req := goreq.Request{
		Method:  "DELETE",
		Uri:     uri.String(),
		Accept:  "application/json",
		Timeout: 1 * time.Second,
	}

	// mock registry file before call api
	ioutil.WriteFile(config.REGISTRY_FILEPATH, []byte(`test`), 0644)
	resp, _ := go_req.Do()
	//	if err == nil {
	//		t.Errorf("should fail but not.")
	//		return
	//	}

	if resp.StatusCode == 200 {
		t.Errorf("should fail but not")
		return
	}

	if b, _ := utils.PathExists(config.REGISTRY_FILEPATH); b != true {
		t.Errorf("should fail but not")
		return
	}
	resp.Body.Close()

	toSign := fmt.Sprintf("%s%s", hostname, now)
	sign, _ := signer.Sign([]byte(toSign))
	sign_str := base64.StdEncoding.EncodeToString(sign)
	go_req.AddHeader("HICKWALL_ADMIN_SIGN", sign_str)

	// mock registry file before call api
	ioutil.WriteFile(config.REGISTRY_FILEPATH, []byte(`test`), 0644)
	resp, err := go_req.Do()
	if err != nil {
		t.Errorf("should work but not: %v", err)
		return
	}
	defer resp.Body.Close()

	if resp.StatusCode != 200 {
		t.Errorf("statuscode != 200, %d", resp.StatusCode)
		return
	}

	b, err := utils.PathExists(config.REGISTRY_FILEPATH)
	if b != false || err != nil {
		t.Errorf("revoke not working.")
	}
}
예제 #15
0
func TestTokensRoute(t *testing.T) {
	Convey("Given a working account", t, func() {
		account := &models.Account{
			Resource: models.MakeResource("", "johnorange5"),
			Status:   "complete",
			AltEmail: "*****@*****.**",
		}
		err := account.SetPassword("fruityloops")
		So(err, ShouldBeNil)

		err = env.Accounts.Insert(account)
		So(err, ShouldBeNil)

		result, err := goreq.Request{
			Method:      "POST",
			Uri:         server.URL + "/tokens",
			ContentType: "application/json",
			Body: `{
				"type": "auth",
				"username": "******",
				"password": "******"
			}`,
		}.Do()
		So(err, ShouldBeNil)

		var response routes.TokensCreateResponse
		err = result.Body.FromJsonTo(&response)
		So(err, ShouldBeNil)

		So(response.Success, ShouldBeTrue)
		authToken := response.Token

		Convey("Creating a non-auth token should fail", func() {
			request, err := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/tokens",
				ContentType: "application/json",
				Body: `{
					"type": "not-auth"
				}`,
			}.Do()
			So(err, ShouldBeNil)

			var response routes.TokensCreateResponse
			err = request.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Only auth tokens are implemented")
		})

		Convey("Trying to sign in using wrong username should fail", func() {
			request, err := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/tokens",
				ContentType: "application/json",
				Body: `{
					"type": "auth",
					"username": "******",
					"password": "******"
				}`,
			}.Do()
			So(err, ShouldBeNil)

			var response routes.TokensCreateResponse
			err = request.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Wrong username or password")
		})

		Convey("Trying to sign in using wrong password should fail", func() {
			request, err := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/tokens",
				ContentType: "application/json",
				Body: `{
					"type": "auth",
					"username": "******",
					"password": "******"
				}`,
			}.Do()
			So(err, ShouldBeNil)

			var response routes.TokensCreateResponse
			err = request.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Wrong username or password")
		})

		Convey("Trying to sign in using an invalid JSON input should fail", func() {
			request, err := goreq.Request{
				Method:      "POST",
				Uri:         server.URL + "/tokens",
				ContentType: "application/json",
				Body:        "123123123###434$#$",
			}.Do()
			So(err, ShouldBeNil)

			var response routes.TokensCreateResponse
			err = request.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Invalid input format")
		})

		Convey("Getting the currently used token should succeed", func() {
			request := goreq.Request{
				Method: "GET",
				Uri:    server.URL + "/tokens",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.TokensGetResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeTrue)
			So(response.Token.ExpiryDate.After(time.Now().UTC()), ShouldBeTrue)
		})

		Convey("Deleting the token by ID should succeed", func() {
			request := goreq.Request{
				Method: "DELETE",
				Uri:    server.URL + "/tokens/" + authToken.ID,
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.TokensDeleteResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeTrue)
			So(response.Message, ShouldEqual, "Successfully logged out")
		})

		Convey("Deleting a non-existing token should fail", func() {
			request := goreq.Request{
				Method: "DELETE",
				Uri:    server.URL + "/tokens/123",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.TokensDeleteResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Invalid token ID")
		})

		Convey("Deleting current token should succeed", func() {
			request := goreq.Request{
				Method: "DELETE",
				Uri:    server.URL + "/tokens",
			}
			request.AddHeader("Authorization", "Bearer "+authToken.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.TokensDeleteResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeTrue)
			So(response.Message, ShouldEqual, "Successfully logged out")
		})
	})
}
예제 #16
0
func TestMiddleware(t *testing.T) {
	Convey("While querying a secure endpoint", t, func() {
		Convey("No header should fail", func() {
			result, err := goreq.Request{
				Method: "GET",
				Uri:    server.URL + "/accounts/me",
			}.Do()
			So(err, ShouldBeNil)

			var response routes.AuthMiddlewareResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Missing auth token")
		})

		Convey("An invalid header should fail", func() {
			request := goreq.Request{
				Method: "GET",
				Uri:    server.URL + "/accounts/me",
			}
			request.AddHeader("Authorization", "123")
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.AuthMiddlewareResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Invalid authorization header")
		})

		Convey("Invalid token should fail", func() {
			request := goreq.Request{
				Method: "GET",
				Uri:    server.URL + "/accounts/me",
			}
			request.AddHeader("Authorization", "Bearer 123")
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.AuthMiddlewareResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Invalid authorization token")
		})

		Convey("Expired token should fail", func() {
			account := &models.Account{
				Resource: models.MakeResource("", "johnorange"),
				Status:   "complete",
				AltEmail: "*****@*****.**",
			}
			err := account.SetPassword("fruityloops")
			So(err, ShouldBeNil)

			err = env.Accounts.Insert(account)
			So(err, ShouldBeNil)

			token := models.Token{
				Resource: models.MakeResource(account.ID, "test invite token"),
				Expiring: models.Expiring{
					ExpiryDate: time.Now().UTC().Truncate(time.Hour * 8),
				},
				Type: "auth",
			}

			err = env.Tokens.Insert(token)
			So(err, ShouldBeNil)

			request := goreq.Request{
				Method: "GET",
				Uri:    server.URL + "/accounts/me",
			}
			request.AddHeader("Authorization", "Bearer "+token.ID)
			result, err := request.Do()
			So(err, ShouldBeNil)

			var response routes.AuthMiddlewareResponse
			err = result.Body.FromJsonTo(&response)
			So(err, ShouldBeNil)

			So(response.Success, ShouldBeFalse)
			So(response.Message, ShouldEqual, "Authorization token has expired")
		})
	})
}