diff options
| author | Xe Iaso <me@xeiaso.net> | 2025-03-26 19:04:18 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-26 19:04:18 -0400 |
| commit | e7cbd349f3ff96788dc7a8540d29808ca72e1c44 (patch) | |
| tree | 63cfdb5045e26bd86f09d156e0d7588514e39c55 /lib/anubis_test.go | |
| parent | 07bb5f63f9d57d7ac2a95d0bf7560a985078cfbc (diff) | |
| download | anubis-e7cbd349f3ff96788dc7a8540d29808ca72e1c44.tar.xz anubis-e7cbd349f3ff96788dc7a8540d29808ca72e1c44.zip | |
lib/anubis: support setting extended cookie flags (#120)
* lib/anubis: support setting extended cookie flags
Signed-off-by: Xe Iaso <me@xeiaso.net>
* lib: use cookie name consistently
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
Diffstat (limited to 'lib/anubis_test.go')
| -rw-r--r-- | lib/anubis_test.go | 99 |
1 files changed, 88 insertions, 11 deletions
diff --git a/lib/anubis_test.go b/lib/anubis_test.go index 0498c13..7369b5d 100644 --- a/lib/anubis_test.go +++ b/lib/anubis_test.go @@ -1,15 +1,18 @@ package lib import ( + "encoding/json" "fmt" "net/http" "net/http/httptest" "testing" "github.com/TecharoHQ/anubis" + "github.com/TecharoHQ/anubis/internal" + "github.com/TecharoHQ/anubis/lib/policy" ) -func spawnAnubis(t *testing.T, h http.Handler) string { +func loadPolicies(t *testing.T, fname string) *policy.ParsedConfig { t.Helper() policy, err := LoadPoliciesOrDefault("", anubis.DefaultDifficulty) @@ -17,23 +20,97 @@ func spawnAnubis(t *testing.T, h http.Handler) string { t.Fatal(err) } - s, err := New(Options{ - Next: h, - Policy: policy, - ServeRobotsTXT: true, - }) + return policy +} + +func spawnAnubis(t *testing.T, opts Options) *Server { + t.Helper() + + s, err := New(opts) if err != nil { t.Fatalf("can't construct libanubis.Server: %v", err) } - ts := httptest.NewServer(s) - t.Log(ts.URL) + return s +} + +func TestCookieSettings(t *testing.T) { + pol := loadPolicies(t, "") + pol.DefaultDifficulty = 0 + + srv := spawnAnubis(t, Options{ + Next: http.NewServeMux(), + Policy: pol, - t.Cleanup(func() { - ts.Close() + CookieDomain: "local.cetacean.club", + CookiePartitioned: true, + CookieName: t.Name(), }) - return ts.URL + ts := httptest.NewServer(internal.DefaultXRealIP("127.0.0.1", srv)) + defer ts.Close() + + cli := &http.Client{ + CheckRedirect: func(req *http.Request, via []*http.Request) error { + return http.ErrUseLastResponse + }, + } + + resp, err := cli.Post(ts.URL+"/.within.website/x/cmd/anubis/api/make-challenge", "", nil) + if err != nil { + t.Fatalf("can't request challenge: %v", err) + } + defer resp.Body.Close() + + var chall = struct { + Challenge string `json:"challenge"` + }{} + if err := json.NewDecoder(resp.Body).Decode(&chall); err != nil { + t.Fatalf("can't read challenge response body: %v", err) + } + + nonce := 0 + elapsedTime := 420 + redir := "/" + calcString := fmt.Sprintf("%s%d", chall.Challenge, nonce) + calculated := internal.SHA256sum(calcString) + + req, err := http.NewRequest(http.MethodGet, ts.URL+"/.within.website/x/cmd/anubis/api/pass-challenge", nil) + if err != nil { + t.Fatalf("can't make request: %v", err) + } + + q := req.URL.Query() + q.Set("response", calculated) + q.Set("nonce", fmt.Sprint(nonce)) + q.Set("redir", redir) + q.Set("elapsedTime", fmt.Sprint(elapsedTime)) + req.URL.RawQuery = q.Encode() + + resp, err = cli.Do(req) + if err != nil { + t.Fatalf("can't do challenge passing") + } + + if resp.StatusCode != http.StatusFound { + t.Errorf("wanted %d, got: %d", http.StatusFound, resp.StatusCode) + } + + found := false + for _, cookie := range resp.Cookies() { + t.Logf("%#v", cookie) + if cookie.Name == t.Name() { + found = true + } + + if found && cookie.Domain != "local.cetacean.club" { + t.Errorf("cookie domain is wrong, wanted local.cetacean.club, got: %s", cookie.Domain) + } + } + + if !found { + t.Errorf("Cookie %q not found", t.Name()) + } } func TestCheckDefaultDifficultyMatchesPolicy(t *testing.T) { |