From 7d4be0dcecdbe8deca8d055c0e2f10a369dc86e6 Mon Sep 17 00:00:00 2001 From: Xe Iaso Date: Thu, 27 Mar 2025 15:24:03 -0400 Subject: Apply bits of the cookie settings PR one by one (#140) Enables uses to change the cookie domain and partitioned flags. Signed-off-by: Xe Iaso --- lib/anubis_test.go | 104 +++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 93 insertions(+), 11 deletions(-) (limited to 'lib/anubis_test.go') diff --git a/lib/anubis_test.go b/lib/anubis_test.go index 0498c13..90d2cdf 100644 --- a/lib/anubis_test.go +++ b/lib/anubis_test.go @@ -1,15 +1,18 @@ package lib import ( + "encoding/json" "fmt" "net/http" "net/http/httptest" "testing" "github.com/TecharoHQ/anubis" + "github.com/TecharoHQ/anubis/internal" + "github.com/TecharoHQ/anubis/lib/policy" ) -func spawnAnubis(t *testing.T, h http.Handler) string { +func loadPolicies(t *testing.T, fname string) *policy.ParsedConfig { t.Helper() policy, err := LoadPoliciesOrDefault("", anubis.DefaultDifficulty) @@ -17,23 +20,102 @@ func spawnAnubis(t *testing.T, h http.Handler) string { t.Fatal(err) } - s, err := New(Options{ - Next: h, - Policy: policy, - ServeRobotsTXT: true, - }) + return policy +} + +func spawnAnubis(t *testing.T, opts Options) *Server { + t.Helper() + + s, err := New(opts) if err != nil { t.Fatalf("can't construct libanubis.Server: %v", err) } - ts := httptest.NewServer(s) - t.Log(ts.URL) + return s +} + +func TestCookieSettings(t *testing.T) { + pol := loadPolicies(t, "") + pol.DefaultDifficulty = 0 - t.Cleanup(func() { - ts.Close() + srv := spawnAnubis(t, Options{ + Next: http.NewServeMux(), + Policy: pol, + + CookieDomain: "local.cetacean.club", + CookiePartitioned: true, + CookieName: t.Name(), }) - return ts.URL + ts := httptest.NewServer(internal.DefaultXRealIP("127.0.0.1", srv)) + defer ts.Close() + + cli := &http.Client{ + CheckRedirect: func(req *http.Request, via []*http.Request) error { + return http.ErrUseLastResponse + }, + } + + resp, err := cli.Post(ts.URL+"/.within.website/x/cmd/anubis/api/make-challenge", "", nil) + if err != nil { + t.Fatalf("can't request challenge: %v", err) + } + defer resp.Body.Close() + + var chall = struct { + Challenge string `json:"challenge"` + }{} + if err := json.NewDecoder(resp.Body).Decode(&chall); err != nil { + t.Fatalf("can't read challenge response body: %v", err) + } + + nonce := 0 + elapsedTime := 420 + redir := "/" + calcString := fmt.Sprintf("%s%d", chall.Challenge, nonce) + calculated := internal.SHA256sum(calcString) + + req, err := http.NewRequest(http.MethodGet, ts.URL+"/.within.website/x/cmd/anubis/api/pass-challenge", nil) + if err != nil { + t.Fatalf("can't make request: %v", err) + } + + q := req.URL.Query() + q.Set("response", calculated) + q.Set("nonce", fmt.Sprint(nonce)) + q.Set("redir", redir) + q.Set("elapsedTime", fmt.Sprint(elapsedTime)) + req.URL.RawQuery = q.Encode() + + resp, err = cli.Do(req) + if err != nil { + t.Fatalf("can't do challenge passing") + } + + if resp.StatusCode != http.StatusFound { + t.Errorf("wanted %d, got: %d", http.StatusFound, resp.StatusCode) + } + + var ckie *http.Cookie + for _, cookie := range resp.Cookies() { + t.Logf("%#v", cookie) + if cookie.Name == anubis.CookieName { + ckie = cookie + break + } + } + + if ckie.Domain != "local.cetacean.club" { + t.Errorf("cookie domain is wrong, wanted local.cetacean.club, got: %s", ckie.Domain) + } + + if ckie.Partitioned != srv.opts.CookiePartitioned { + t.Errorf("wanted partitioned flag %v, got: %v", srv.opts.CookiePartitioned, ckie.Partitioned) + } + + if ckie == nil { + t.Errorf("Cookie %q not found", anubis.CookieName) + } } func TestCheckDefaultDifficultyMatchesPolicy(t *testing.T) { -- cgit v1.2.3