diff options
author | Chris <ccbrown112@gmail.com> | 2018-02-12 12:02:54 -0600 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-02-12 12:02:54 -0600 |
commit | 1ae680aefae2deb1e9d07d7c2a1c863ec807a79f (patch) | |
tree | a99a74d6b858d73624c06f85e393acbe97c90586 /utils/api_test.go | |
parent | 9707ac3aaf2cb4352c573aadf54b8535e237dd9e (diff) | |
parent | 07fd7aeeb8eb2b198b01b713a4ab57f6352faef2 (diff) | |
download | chat-1ae680aefae2deb1e9d07d7c2a1c863ec807a79f.tar.gz chat-1ae680aefae2deb1e9d07d7c2a1c863ec807a79f.tar.bz2 chat-1ae680aefae2deb1e9d07d7c2a1c863ec807a79f.zip |
Merge branch 'master' into release-4.7
Diffstat (limited to 'utils/api_test.go')
-rw-r--r-- | utils/api_test.go | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/utils/api_test.go b/utils/api_test.go new file mode 100644 index 000000000..5e41c7bfe --- /dev/null +++ b/utils/api_test.go @@ -0,0 +1,49 @@ +// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package utils + +import ( + "crypto/ecdsa" + "crypto/elliptic" + "crypto/rand" + "crypto/sha256" + "encoding/asn1" + "encoding/base64" + "math/big" + "net/http" + "net/http/httptest" + "net/url" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestRenderWebError(t *testing.T) { + r := httptest.NewRequest("GET", "http://foo", nil) + w := httptest.NewRecorder() + key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + require.NoError(t, err) + RenderWebError(w, r, http.StatusTemporaryRedirect, url.Values{ + "foo": []string{"bar"}, + }, key) + + resp := w.Result() + location, err := url.Parse(resp.Header.Get("Location")) + require.NoError(t, err) + require.NotEmpty(t, location.Query().Get("s")) + + type ecdsaSignature struct { + R, S *big.Int + } + var rs ecdsaSignature + s, err := base64.URLEncoding.DecodeString(location.Query().Get("s")) + require.NoError(t, err) + _, err = asn1.Unmarshal(s, &rs) + require.NoError(t, err) + + assert.Equal(t, "bar", location.Query().Get("foo")) + h := sha256.Sum256([]byte("/error?foo=bar")) + assert.True(t, ecdsa.Verify(&key.PublicKey, h[:], rs.R, rs.S)) +} |