cloudflare/cloudflared
Publicmirrored from https://github.com/cloudflare/cloudflaredAvailable
validation/validation_test.go
243lines · modeblame
d06fc520Areg Harutyunyan8 years ago | 1 | package validation |
| 2 | | |
| 3 | import ( | |
| 4 | "fmt" | |
| 5 | "testing" | |
| 6 | | |
ca9902a8Areg Harutyunyan7 years ago | 7 | "context" |
| 8 | "crypto/tls" | |
| 9 | "crypto/x509" | |
d06fc520Areg Harutyunyan8 years ago | 10 | "github.com/stretchr/testify/assert" |
ca9902a8Areg Harutyunyan7 years ago | 11 | "net" |
| 12 | "net/http" | |
| 13 | "net/http/httptest" | |
| 14 | "net/url" | |
| 15 | "strings" | |
d06fc520Areg Harutyunyan8 years ago | 16 | ) |
| 17 | | |
| 18 | func TestValidateHostname(t *testing.T) { | |
| 19 | var inputHostname string | |
| 20 | hostname, err := ValidateHostname(inputHostname) | |
ca9902a8Areg Harutyunyan7 years ago | 21 | assert.Equal(t, err, nil) |
d06fc520Areg Harutyunyan8 years ago | 22 | assert.Empty(t, hostname) |
| 23 | | |
| 24 | inputHostname = "hello.example.com" | |
| 25 | hostname, err = ValidateHostname(inputHostname) | |
| 26 | assert.Nil(t, err) | |
| 27 | assert.Equal(t, "hello.example.com", hostname) | |
| 28 | | |
| 29 | inputHostname = "http://hello.example.com" | |
| 30 | hostname, err = ValidateHostname(inputHostname) | |
| 31 | assert.Nil(t, err) | |
| 32 | assert.Equal(t, "hello.example.com", hostname) | |
| 33 | | |
| 34 | inputHostname = "bücher.example.com" | |
| 35 | hostname, err = ValidateHostname(inputHostname) | |
| 36 | assert.Nil(t, err) | |
| 37 | assert.Equal(t, "xn--bcher-kva.example.com", hostname) | |
| 38 | | |
| 39 | inputHostname = "http://bücher.example.com" | |
| 40 | hostname, err = ValidateHostname(inputHostname) | |
| 41 | assert.Nil(t, err) | |
| 42 | assert.Equal(t, "xn--bcher-kva.example.com", hostname) | |
| 43 | | |
| 44 | inputHostname = "http%3A%2F%2Fhello.example.com" | |
| 45 | hostname, err = ValidateHostname(inputHostname) | |
| 46 | assert.Nil(t, err) | |
| 47 | assert.Equal(t, "hello.example.com", hostname) | |
| 48 | | |
| 49 | } | |
| 50 | | |
| 51 | func TestValidateUrl(t *testing.T) { | |
| 52 | validUrl, err := ValidateUrl("") | |
ca9902a8Areg Harutyunyan7 years ago | 53 | assert.Equal(t, fmt.Errorf("URL should not be empty"), err) |
d06fc520Areg Harutyunyan8 years ago | 54 | assert.Empty(t, validUrl) |
| 55 | | |
| 56 | validUrl, err = ValidateUrl("https://localhost:8080") | |
| 57 | assert.Nil(t, err) | |
| 58 | assert.Equal(t, "https://localhost:8080", validUrl) | |
| 59 | | |
| 60 | validUrl, err = ValidateUrl("localhost:8080") | |
| 61 | assert.Nil(t, err) | |
| 62 | assert.Equal(t, "http://localhost:8080", validUrl) | |
| 63 | | |
| 64 | validUrl, err = ValidateUrl("http://localhost") | |
| 65 | assert.Nil(t, err) | |
| 66 | assert.Equal(t, "http://localhost", validUrl) | |
| 67 | | |
| 68 | validUrl, err = ValidateUrl("http://127.0.0.1:8080") | |
| 69 | assert.Nil(t, err) | |
| 70 | assert.Equal(t, "http://127.0.0.1:8080", validUrl) | |
| 71 | | |
| 72 | validUrl, err = ValidateUrl("127.0.0.1:8080") | |
| 73 | assert.Nil(t, err) | |
| 74 | assert.Equal(t, "http://127.0.0.1:8080", validUrl) | |
| 75 | | |
| 76 | validUrl, err = ValidateUrl("127.0.0.1") | |
| 77 | assert.Nil(t, err) | |
| 78 | assert.Equal(t, "http://127.0.0.1", validUrl) | |
| 79 | | |
| 80 | validUrl, err = ValidateUrl("https://127.0.0.1:8080") | |
| 81 | assert.Nil(t, err) | |
| 82 | assert.Equal(t, "https://127.0.0.1:8080", validUrl) | |
| 83 | | |
| 84 | validUrl, err = ValidateUrl("[::1]:8080") | |
| 85 | assert.Nil(t, err) | |
| 86 | assert.Equal(t, "http://[::1]:8080", validUrl) | |
| 87 | | |
| 88 | validUrl, err = ValidateUrl("http://[::1]") | |
| 89 | assert.Nil(t, err) | |
| 90 | assert.Equal(t, "http://[::1]", validUrl) | |
| 91 | | |
| 92 | validUrl, err = ValidateUrl("http://[::1]:8080") | |
| 93 | assert.Nil(t, err) | |
| 94 | assert.Equal(t, "http://[::1]:8080", validUrl) | |
| 95 | | |
| 96 | validUrl, err = ValidateUrl("[::1]") | |
| 97 | assert.Nil(t, err) | |
| 98 | assert.Equal(t, "http://[::1]", validUrl) | |
| 99 | | |
| 100 | validUrl, err = ValidateUrl("https://example.com") | |
| 101 | assert.Nil(t, err) | |
| 102 | assert.Equal(t, "https://example.com", validUrl) | |
| 103 | | |
| 104 | validUrl, err = ValidateUrl("example.com") | |
| 105 | assert.Nil(t, err) | |
| 106 | assert.Equal(t, "http://example.com", validUrl) | |
| 107 | | |
| 108 | validUrl, err = ValidateUrl("http://hello.example.com") | |
| 109 | assert.Nil(t, err) | |
| 110 | assert.Equal(t, "http://hello.example.com", validUrl) | |
| 111 | | |
| 112 | validUrl, err = ValidateUrl("hello.example.com") | |
| 113 | assert.Nil(t, err) | |
| 114 | assert.Equal(t, "http://hello.example.com", validUrl) | |
| 115 | | |
| 116 | validUrl, err = ValidateUrl("hello.example.com:8080") | |
| 117 | assert.Nil(t, err) | |
| 118 | assert.Equal(t, "http://hello.example.com:8080", validUrl) | |
| 119 | | |
| 120 | validUrl, err = ValidateUrl("https://hello.example.com:8080") | |
| 121 | assert.Nil(t, err) | |
| 122 | assert.Equal(t, "https://hello.example.com:8080", validUrl) | |
| 123 | | |
| 124 | validUrl, err = ValidateUrl("https://bücher.example.com") | |
| 125 | assert.Nil(t, err) | |
| 126 | assert.Equal(t, "https://xn--bcher-kva.example.com", validUrl) | |
| 127 | | |
| 128 | validUrl, err = ValidateUrl("bücher.example.com") | |
| 129 | assert.Nil(t, err) | |
| 130 | assert.Equal(t, "http://xn--bcher-kva.example.com", validUrl) | |
| 131 | | |
| 132 | validUrl, err = ValidateUrl("https%3A%2F%2Fhello.example.com") | |
| 133 | assert.Nil(t, err) | |
| 134 | assert.Equal(t, "https://hello.example.com", validUrl) | |
| 135 | | |
| 136 | validUrl, err = ValidateUrl("ftp://alex:12345@hello.example.com:8080/robot.txt") | |
| 137 | assert.Equal(t, "Currently Argo Tunnel does not support ftp protocol.", err.Error()) | |
| 138 | assert.Empty(t, validUrl) | |
| 139 | | |
| 140 | validUrl, err = ValidateUrl("https://alex:12345@hello.example.com:8080") | |
| 141 | assert.Nil(t, err) | |
| 142 | assert.Equal(t, "https://hello.example.com:8080", validUrl) | |
| 143 | | |
| 144 | } | |
ca9902a8Areg Harutyunyan7 years ago | 145 | |
| 146 | func TestToggleProtocol(t *testing.T) { | |
| 147 | assert.Equal(t, "https", toggleProtocol("http")) | |
| 148 | assert.Equal(t, "http", toggleProtocol("https")) | |
| 149 | assert.Equal(t, "random", toggleProtocol("random")) | |
| 150 | assert.Equal(t, "", toggleProtocol("")) | |
| 151 | } | |
| 152 | | |
| 153 | func TestValidateHTTPService_HTTP2HTTP(t *testing.T) { | |
| 154 | server, client, err := createMockServerAndClient(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | |
| 155 | w.WriteHeader(200) | |
| 156 | })) | |
| 157 | assert.NoError(t, err) | |
| 158 | defer server.Close() | |
| 159 | | |
| 160 | assert.Equal(t, nil, ValidateHTTPService("http://example.com/", client.Transport)) | |
| 161 | } | |
| 162 | | |
| 163 | func TestValidateHTTPService_ServerNonOKResponse(t *testing.T) { | |
| 164 | server, client, err := createMockServerAndClient(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | |
| 165 | w.WriteHeader(400) | |
| 166 | })) | |
| 167 | assert.NoError(t, err) | |
| 168 | defer server.Close() | |
| 169 | | |
| 170 | assert.Equal(t, nil, ValidateHTTPService("http://example.com/", client.Transport)) | |
| 171 | } | |
| 172 | | |
| 173 | func TestValidateHTTPService_HTTPS2HTTP(t *testing.T) { | |
| 174 | server, client, err := createMockServerAndClient(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | |
| 175 | w.WriteHeader(200) | |
| 176 | })) | |
| 177 | assert.NoError(t, err) | |
| 178 | defer server.Close() | |
| 179 | | |
| 180 | assert.Equal(t, | |
| 181 | "example.com doesn't seem to work over https, but does seem to work over http. Consider changing the origin URL to http://example.com:1234/", | |
| 182 | ValidateHTTPService("https://example.com:1234/", client.Transport).Error()) | |
| 183 | } | |
| 184 | | |
| 185 | func TestValidateHTTPService_HTTPS2HTTPS(t *testing.T) { | |
| 186 | server, client, err := createSecureMockServerAndClient(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | |
| 187 | w.WriteHeader(200) | |
| 188 | })) | |
| 189 | assert.NoError(t, err) | |
| 190 | defer server.Close() | |
| 191 | | |
| 192 | assert.Equal(t, nil, ValidateHTTPService("https://example.com/", client.Transport)) | |
| 193 | } | |
| 194 | | |
| 195 | func TestValidateHTTPService_HTTP2HTTPS(t *testing.T) { | |
| 196 | server, client, err := createSecureMockServerAndClient(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | |
| 197 | w.WriteHeader(200) | |
| 198 | })) | |
| 199 | assert.NoError(t, err) | |
| 200 | defer server.Close() | |
| 201 | | |
| 202 | assert.Equal(t, | |
| 203 | "example.com doesn't seem to work over http, but does seem to work over https. Consider changing the origin URL to https://example.com:1234/", | |
| 204 | ValidateHTTPService("http://example.com:1234/", client.Transport).Error()) | |
| 205 | } | |
| 206 | | |
| 207 | func createMockServerAndClient(handler http.Handler) (*httptest.Server, *http.Client, error) { | |
| 208 | client := http.DefaultClient | |
| 209 | server := httptest.NewServer(handler) | |
| 210 | | |
| 211 | client.Transport = &http.Transport{ | |
| 212 | Proxy: func(req *http.Request) (*url.URL, error) { | |
| 213 | return url.Parse(server.URL) | |
| 214 | }, | |
| 215 | } | |
| 216 | | |
| 217 | return server, client, nil | |
| 218 | } | |
| 219 | | |
| 220 | func createSecureMockServerAndClient(handler http.Handler) (*httptest.Server, *http.Client, error) { | |
| 221 | client := http.DefaultClient | |
| 222 | server := httptest.NewTLSServer(handler) | |
| 223 | | |
| 224 | cert, err := x509.ParseCertificate(server.TLS.Certificates[0].Certificate[0]) | |
| 225 | if err != nil { | |
| 226 | server.Close() | |
| 227 | return nil, nil, err | |
| 228 | } | |
| 229 | | |
| 230 | certpool := x509.NewCertPool() | |
| 231 | certpool.AddCert(cert) | |
| 232 | | |
| 233 | client.Transport = &http.Transport{ | |
| 234 | DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) { | |
| 235 | return net.Dial("tcp", server.URL[strings.LastIndex(server.URL, "/")+1:]) | |
| 236 | }, | |
| 237 | TLSClientConfig: &tls.Config{ | |
| 238 | RootCAs: certpool, | |
| 239 | }, | |
| 240 | } | |
| 241 | | |
| 242 | return server, client, nil | |
| 243 | } |