mirror of
https://github.com/aykhans/sarin.git
synced 2026-02-28 06:49:13 +00:00
Add e2e tests
This commit is contained in:
164
e2e/tls_test.go
Normal file
164
e2e/tls_test.go
Normal file
@@ -0,0 +1,164 @@
|
||||
package e2e
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestHTTPSWithInsecureFlag(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
// Create a TLS server with a self-signed cert
|
||||
srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}))
|
||||
defer srv.Close()
|
||||
|
||||
// Without --insecure, it should fail (cert not trusted)
|
||||
// With --insecure, it should succeed
|
||||
res := run("-U", srv.URL, "-r", "1", "-q", "-o", "json", "-I")
|
||||
assertExitCode(t, res, 0)
|
||||
|
||||
out := res.jsonOutput(t)
|
||||
assertHasResponseKey(t, out, "200")
|
||||
}
|
||||
|
||||
func TestHTTPSWithoutInsecureFails(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}))
|
||||
defer srv.Close()
|
||||
|
||||
// Without --insecure, should get a TLS error (not a clean 200)
|
||||
res := run("-U", srv.URL, "-r", "1", "-q", "-o", "json")
|
||||
assertExitCode(t, res, 0) // Process still exits 0, but response key is an error
|
||||
|
||||
out := res.jsonOutput(t)
|
||||
// Should NOT have a "200" key — should have a TLS error
|
||||
if _, ok := out.Responses["200"]; ok {
|
||||
t.Error("expected TLS error without --insecure, but got 200")
|
||||
}
|
||||
}
|
||||
|
||||
func TestHTTPSInsecureViaCLILongFlag(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}))
|
||||
defer srv.Close()
|
||||
|
||||
// Use the long form flag
|
||||
res := run("-U", srv.URL, "-r", "1", "-q", "-o", "json", "-insecure")
|
||||
assertExitCode(t, res, 0)
|
||||
|
||||
out := res.jsonOutput(t)
|
||||
assertHasResponseKey(t, out, "200")
|
||||
}
|
||||
|
||||
func TestHTTPSInsecureViaConfigFile(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}))
|
||||
defer srv.Close()
|
||||
|
||||
config := `
|
||||
url: "` + srv.URL + `"
|
||||
requests: 1
|
||||
insecure: true
|
||||
quiet: true
|
||||
output: json
|
||||
`
|
||||
configPath := writeTemp(t, "tls_config.yaml", config)
|
||||
|
||||
res := run("-f", configPath)
|
||||
assertExitCode(t, res, 0)
|
||||
|
||||
out := res.jsonOutput(t)
|
||||
assertHasResponseKey(t, out, "200")
|
||||
}
|
||||
|
||||
func TestHTTPSInsecureViaEnv(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}))
|
||||
defer srv.Close()
|
||||
|
||||
res := runWithEnv(map[string]string{
|
||||
"SARIN_URL": srv.URL,
|
||||
"SARIN_REQUESTS": "1",
|
||||
"SARIN_INSECURE": "true",
|
||||
"SARIN_QUIET": "true",
|
||||
"SARIN_OUTPUT": "json",
|
||||
})
|
||||
assertExitCode(t, res, 0)
|
||||
|
||||
out := res.jsonOutput(t)
|
||||
assertHasResponseKey(t, out, "200")
|
||||
}
|
||||
|
||||
func TestHTTPSEchoServer(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
// TLS echo server that returns request details
|
||||
srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
resp := map[string]any{
|
||||
"method": r.Method,
|
||||
"path": r.URL.Path,
|
||||
"tls": r.TLS != nil,
|
||||
}
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
json.NewEncoder(w).Encode(resp)
|
||||
}))
|
||||
defer srv.Close()
|
||||
|
||||
// Verify request was received over TLS
|
||||
res := run("-U", srv.URL+"/secure-path", "-r", "1", "-q", "-o", "json", "-I")
|
||||
assertExitCode(t, res, 0)
|
||||
|
||||
out := res.jsonOutput(t)
|
||||
assertHasResponseKey(t, out, "200")
|
||||
}
|
||||
|
||||
// tlsCaptureServer is like captureServer but with TLS
|
||||
func tlsCaptureServer() *captureServer {
|
||||
cs := &captureServer{}
|
||||
cs.Server = httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
cs.mu.Lock()
|
||||
cs.requests = append(cs.requests, echoResponse{
|
||||
Method: r.Method,
|
||||
Path: r.URL.Path,
|
||||
})
|
||||
cs.mu.Unlock()
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}))
|
||||
cs.TLS = &tls.Config{}
|
||||
cs.StartTLS()
|
||||
return cs
|
||||
}
|
||||
|
||||
func TestHTTPSHeadersSentCorrectly(t *testing.T) {
|
||||
t.Parallel()
|
||||
cs := tlsCaptureServer()
|
||||
defer cs.Close()
|
||||
|
||||
res := run("-U", cs.URL+"/api/test", "-r", "1", "-M", "POST", "-q", "-o", "json", "-I")
|
||||
assertExitCode(t, res, 0)
|
||||
|
||||
req := cs.lastRequest()
|
||||
if req.Method != http.MethodPost {
|
||||
t.Errorf("expected POST over HTTPS, got %s", req.Method)
|
||||
}
|
||||
if req.Path != "/api/test" {
|
||||
t.Errorf("expected path /api/test over HTTPS, got %s", req.Path)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user