// This just checks the URL routing is working correctly and cache headers are set correctly.
// More detailed tests for this path including negative
// tests are located in /server/handlers/
func TestGetCurrentRole(t *testing.T) {
store := storage.NewMemStorage()
metadata, _, err := testutils.NewRepoMetadata("gun")
require.NoError(t, err)
// need both the snapshot and the timestamp, because when getting the current
// timestamp the server checks to see if it's out of date (there's a new snapshot)
// and if so, generates a new one
store.UpdateCurrent("gun", storage.MetaUpdate{
Role: data.CanonicalSnapshotRole,
Version: 1,
Data: metadata[data.CanonicalSnapshotRole],
})
store.UpdateCurrent("gun", storage.MetaUpdate{
Role: data.CanonicalTimestampRole,
Version: 1,
Data: metadata[data.CanonicalTimestampRole],
})
ctx := context.WithValue(
context.Background(), "metaStore", store)
ctx = context.WithValue(ctx, "keyAlgorithm", data.ED25519Key)
ccc := utils.NewCacheControlConfig(10, false)
handler := RootHandler(nil, ctx, signed.NewEd25519(), ccc, ccc, nil)
serv := httptest.NewServer(handler)
defer serv.Close()
res, err := http.Get(fmt.Sprintf(
"%s/v2/gun/_trust/tuf/%s.json",
serv.URL,
data.CanonicalTimestampRole,
))
require.NoError(t, err)
require.Equal(t, http.StatusOK, res.StatusCode)
verifyGetResponse(t, res, metadata[data.CanonicalTimestampRole])
}
// This just checks the URL routing is working correctly and cache headers are set correctly.
// More detailed tests for this path including negative
// tests are located in /server/handlers/
func TestGetRoleByHash(t *testing.T) {
store := storage.NewMemStorage()
ts := data.SignedTimestamp{
Signatures: make([]data.Signature, 0),
Signed: data.Timestamp{
SignedCommon: data.SignedCommon{
Type: data.TUFTypes[data.CanonicalTimestampRole],
Version: 1,
Expires: data.DefaultExpires(data.CanonicalTimestampRole),
},
},
}
j, err := json.Marshal(&ts)
require.NoError(t, err)
store.UpdateCurrent("gun", storage.MetaUpdate{
Role: data.CanonicalTimestampRole,
Version: 1,
Data: j,
})
checksumBytes := sha256.Sum256(j)
checksum := hex.EncodeToString(checksumBytes[:])
// create and add a newer timestamp. We're going to try and request
// the older version we created above.
ts = data.SignedTimestamp{
Signatures: make([]data.Signature, 0),
Signed: data.Timestamp{
SignedCommon: data.SignedCommon{
Type: data.TUFTypes[data.CanonicalTimestampRole],
Version: 2,
Expires: data.DefaultExpires(data.CanonicalTimestampRole),
},
},
}
newTS, err := json.Marshal(&ts)
require.NoError(t, err)
store.UpdateCurrent("gun", storage.MetaUpdate{
Role: data.CanonicalTimestampRole,
Version: 1,
Data: newTS,
})
ctx := context.WithValue(
context.Background(), "metaStore", store)
ctx = context.WithValue(ctx, "keyAlgorithm", data.ED25519Key)
ccc := utils.NewCacheControlConfig(10, false)
handler := RootHandler(nil, ctx, signed.NewEd25519(), ccc, ccc, nil)
serv := httptest.NewServer(handler)
defer serv.Close()
res, err := http.Get(fmt.Sprintf(
"%s/v2/gun/_trust/tuf/%s.%s.json",
serv.URL,
data.CanonicalTimestampRole,
checksum,
))
require.NoError(t, err)
require.Equal(t, http.StatusOK, res.StatusCode)
// if content is equal, checksums are guaranteed to be equal
verifyGetResponse(t, res, j)
}