func TestSendRequestToAPIFailBadRemoteAddrAndClientDo(t *testing.T) {
r, err := http.NewRequest("GET", "", nil)
if err != nil {
t.Fatal(err)
}
r.RemoteAddr = ":wef:wf:"
w := httptest.NewRecorder()
b := new(bytes.Buffer)
log.SetOutput(b)
defer log.SetOutput(os.Stderr)
l.Set(l.WarnMessage)
defer l.Set(l.ErrorMessage)
if _, err := SendRequestToAPI("@#J#*FHQA@J@(FFU(#R@#NR@#(RAU(A*CC*##(#", "", w, r); err == nil {
t.Error("Should have failed with nonsense URL")
}
if w.Code != http.StatusInternalServerError {
t.Error("Should have returned an InternalServerError with nonsense URL")
}
if !strings.Contains(b.String(), "The remote address in an incoming request is not set properly.") {
t.Error("Didn't log the bad remote addr.")
}
}
func init() {
l.Set(l.ErrorMessage)
log.SetOutput(ioutil.Discard)
}
func main() {
flag.Parse()
l.Set(l.ParseLogLevel(*logLevel))
overrideUnsetFlagsFromEnvironmentVariables()
l.SetupLumberjack(
*logFileLocation,
*logMaxSize,
*logMaxBackups,
*logMaxAge)
l.Log("Starting Tyro", l.InfoMessage)
l.Log("Serving on address: "+*address, l.InfoMessage)
l.Log("Using Client Key: "+*clientKey, l.InfoMessage)
l.Log("Using Client Secret: "+*clientSecret, l.InfoMessage)
l.Log("Connecting to API URL: "+*apiURL, l.InfoMessage)
l.Log("Using ACAO header: "+*headerACAO, l.InfoMessage)
l.Log(fmt.Sprintf("Allowing access to raw Sierra API: %v", *raw), l.InfoMessage)
if *clientKey == "" {
log.Fatal("FATAL: A client key is required to authenticate against the Sierra API.")
} else if *clientSecret == "" {
log.Fatal("FATAL: A client secret is required to authenticate against the Sierra API.")
}
if *headerACAO == "*" {
l.Log("Using \"*\" for \"Access-Control-Allow-Origin\" header. API will be public!", l.WarnMessage)
}
if *certFile != "" {
l.Log("Going to try to serve through HTTPS", l.InfoMessage)
l.Log("Using Certificate File: "+*certFile, l.InfoMessage)
l.Log("Using Private Key File: "+*keyFile, l.InfoMessage)
}
parsedURL, err := parseURLandJoinToPath(*apiURL, sierraapi.TokenRequestEndpoint)
if err != nil {
log.Fatal("FATAL: Unable to parse API URL.")
}
tokenStore.Refresher(parsedURL.String(), *clientKey, *clientSecret)
defer close(tokenStore.Refresh)
http.HandleFunc("/", homeHandler)
http.HandleFunc("/status/", statusHandler)
http.HandleFunc("/status/item/", statusItemHandler)
http.HandleFunc("/status/bib/", statusBibHandler)
http.HandleFunc("/new", newBibsHandler)
if *raw {
l.Log("Allowing access to raw Sierra API.", l.WarnMessage)
rawProxy := httputil.NewSingleHostReverseProxy(&url.URL{})
rawProxy.Director = rawRewriter
http.Handle("/raw/", rawProxy)
}
if *certFile == "" {
log.Fatalf("FATAL: %v", http.ListenAndServe(*address, nil))
} else {
//Remove SSL 3.0 compatibility for POODLE exploit mitigation
config := &tls.Config{MinVersion: tls.VersionTLS10}
server := &http.Server{Addr: *address, Handler: nil, TLSConfig: config}
log.Fatalf("FATAL: %v", server.ListenAndServeTLS(*certFile, *keyFile))
}
}
