summaryrefslogtreecommitdiffstats
path: root/vendor/github.com/xenolf/lego/acme/client_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/xenolf/lego/acme/client_test.go')
-rw-r--r--vendor/github.com/xenolf/lego/acme/client_test.go269
1 files changed, 0 insertions, 269 deletions
diff --git a/vendor/github.com/xenolf/lego/acme/client_test.go b/vendor/github.com/xenolf/lego/acme/client_test.go
deleted file mode 100644
index b18334c8a..000000000
--- a/vendor/github.com/xenolf/lego/acme/client_test.go
+++ /dev/null
@@ -1,269 +0,0 @@
-package acme
-
-import (
- "crypto"
- "crypto/rand"
- "crypto/rsa"
- "encoding/json"
- "net"
- "net/http"
- "net/http/httptest"
- "strings"
- "testing"
- "time"
-)
-
-func TestNewClient(t *testing.T) {
- keyBits := 32 // small value keeps test fast
- keyType := RSA2048
- key, err := rsa.GenerateKey(rand.Reader, keyBits)
- if err != nil {
- t.Fatal("Could not generate test key:", err)
- }
- user := mockUser{
- email: "test@test.com",
- regres: new(RegistrationResource),
- privatekey: key,
- }
-
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- data, _ := json.Marshal(directory{NewAuthzURL: "http://test", NewCertURL: "http://test", NewRegURL: "http://test", RevokeCertURL: "http://test"})
- w.Write(data)
- }))
-
- client, err := NewClient(ts.URL, user, keyType)
- if err != nil {
- t.Fatalf("Could not create client: %v", err)
- }
-
- if client.jws == nil {
- t.Fatalf("Expected client.jws to not be nil")
- }
- if expected, actual := key, client.jws.privKey; actual != expected {
- t.Errorf("Expected jws.privKey to be %p but was %p", expected, actual)
- }
-
- if client.keyType != keyType {
- t.Errorf("Expected keyType to be %s but was %s", keyType, client.keyType)
- }
-
- if expected, actual := 2, len(client.solvers); actual != expected {
- t.Fatalf("Expected %d solver(s), got %d", expected, actual)
- }
-}
-
-func TestClientOptPort(t *testing.T) {
- keyBits := 32 // small value keeps test fast
- key, err := rsa.GenerateKey(rand.Reader, keyBits)
- if err != nil {
- t.Fatal("Could not generate test key:", err)
- }
- user := mockUser{
- email: "test@test.com",
- regres: new(RegistrationResource),
- privatekey: key,
- }
-
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- data, _ := json.Marshal(directory{NewAuthzURL: "http://test", NewCertURL: "http://test", NewRegURL: "http://test", RevokeCertURL: "http://test"})
- w.Write(data)
- }))
-
- optPort := "1234"
- optHost := ""
- client, err := NewClient(ts.URL, user, RSA2048)
- if err != nil {
- t.Fatalf("Could not create client: %v", err)
- }
- client.SetHTTPAddress(net.JoinHostPort(optHost, optPort))
- client.SetTLSAddress(net.JoinHostPort(optHost, optPort))
-
- httpSolver, ok := client.solvers[HTTP01].(*httpChallenge)
- if !ok {
- t.Fatal("Expected http-01 solver to be httpChallenge type")
- }
- if httpSolver.jws != client.jws {
- t.Error("Expected http-01 to have same jws as client")
- }
- if got := httpSolver.provider.(*HTTPProviderServer).port; got != optPort {
- t.Errorf("Expected http-01 to have port %s but was %s", optPort, got)
- }
- if got := httpSolver.provider.(*HTTPProviderServer).iface; got != optHost {
- t.Errorf("Expected http-01 to have iface %s but was %s", optHost, got)
- }
-
- httpsSolver, ok := client.solvers[TLSSNI01].(*tlsSNIChallenge)
- if !ok {
- t.Fatal("Expected tls-sni-01 solver to be httpChallenge type")
- }
- if httpsSolver.jws != client.jws {
- t.Error("Expected tls-sni-01 to have same jws as client")
- }
- if got := httpsSolver.provider.(*TLSProviderServer).port; got != optPort {
- t.Errorf("Expected tls-sni-01 to have port %s but was %s", optPort, got)
- }
- if got := httpsSolver.provider.(*TLSProviderServer).iface; got != optHost {
- t.Errorf("Expected tls-sni-01 to have port %s but was %s", optHost, got)
- }
-
- // test setting different host
- optHost = "127.0.0.1"
- client.SetHTTPAddress(net.JoinHostPort(optHost, optPort))
- client.SetTLSAddress(net.JoinHostPort(optHost, optPort))
-
- if got := httpSolver.provider.(*HTTPProviderServer).iface; got != optHost {
- t.Errorf("Expected http-01 to have iface %s but was %s", optHost, got)
- }
- if got := httpsSolver.provider.(*TLSProviderServer).port; got != optPort {
- t.Errorf("Expected tls-sni-01 to have port %s but was %s", optPort, got)
- }
-}
-
-func TestNotHoldingLockWhileMakingHTTPRequests(t *testing.T) {
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- time.Sleep(250 * time.Millisecond)
- w.Header().Add("Replay-Nonce", "12345")
- w.Header().Add("Retry-After", "0")
- writeJSONResponse(w, &challenge{Type: "http-01", Status: "Valid", URI: "http://example.com/", Token: "token"})
- }))
- defer ts.Close()
-
- privKey, _ := rsa.GenerateKey(rand.Reader, 512)
- j := &jws{privKey: privKey, directoryURL: ts.URL}
- ch := make(chan bool)
- resultCh := make(chan bool)
- go func() {
- j.Nonce()
- ch <- true
- }()
- go func() {
- j.Nonce()
- ch <- true
- }()
- go func() {
- <-ch
- <-ch
- resultCh <- true
- }()
- select {
- case <-resultCh:
- case <-time.After(400 * time.Millisecond):
- t.Fatal("JWS is probably holding a lock while making HTTP request")
- }
-}
-
-func TestValidate(t *testing.T) {
- var statuses []string
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- // Minimal stub ACME server for validation.
- w.Header().Add("Replay-Nonce", "12345")
- w.Header().Add("Retry-After", "0")
- switch r.Method {
- case "HEAD":
- case "POST":
- st := statuses[0]
- statuses = statuses[1:]
- writeJSONResponse(w, &challenge{Type: "http-01", Status: st, URI: "http://example.com/", Token: "token"})
-
- case "GET":
- st := statuses[0]
- statuses = statuses[1:]
- writeJSONResponse(w, &challenge{Type: "http-01", Status: st, URI: "http://example.com/", Token: "token"})
-
- default:
- http.Error(w, r.Method, http.StatusMethodNotAllowed)
- }
- }))
- defer ts.Close()
-
- privKey, _ := rsa.GenerateKey(rand.Reader, 512)
- j := &jws{privKey: privKey, directoryURL: ts.URL}
-
- tsts := []struct {
- name string
- statuses []string
- want string
- }{
- {"POST-unexpected", []string{"weird"}, "unexpected"},
- {"POST-valid", []string{"valid"}, ""},
- {"POST-invalid", []string{"invalid"}, "Error Detail"},
- {"GET-unexpected", []string{"pending", "weird"}, "unexpected"},
- {"GET-valid", []string{"pending", "valid"}, ""},
- {"GET-invalid", []string{"pending", "invalid"}, "Error Detail"},
- }
-
- for _, tst := range tsts {
- statuses = tst.statuses
- if err := validate(j, "example.com", ts.URL, challenge{Type: "http-01", Token: "token"}); err == nil && tst.want != "" {
- t.Errorf("[%s] validate: got error %v, want something with %q", tst.name, err, tst.want)
- } else if err != nil && !strings.Contains(err.Error(), tst.want) {
- t.Errorf("[%s] validate: got error %v, want something with %q", tst.name, err, tst.want)
- }
- }
-}
-
-func TestGetChallenges(t *testing.T) {
- var ts *httptest.Server
- ts = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- switch r.Method {
- case "GET", "HEAD":
- w.Header().Add("Replay-Nonce", "12345")
- w.Header().Add("Retry-After", "0")
- writeJSONResponse(w, directory{NewAuthzURL: ts.URL, NewCertURL: ts.URL, NewRegURL: ts.URL, RevokeCertURL: ts.URL})
- case "POST":
- writeJSONResponse(w, authorization{})
- }
- }))
- defer ts.Close()
-
- keyBits := 512 // small value keeps test fast
- keyType := RSA2048
- key, err := rsa.GenerateKey(rand.Reader, keyBits)
- if err != nil {
- t.Fatal("Could not generate test key:", err)
- }
- user := mockUser{
- email: "test@test.com",
- regres: &RegistrationResource{NewAuthzURL: ts.URL},
- privatekey: key,
- }
-
- client, err := NewClient(ts.URL, user, keyType)
- if err != nil {
- t.Fatalf("Could not create client: %v", err)
- }
-
- _, failures := client.getChallenges([]string{"example.com"})
- if failures["example.com"] == nil {
- t.Fatal("Expecting \"Server did not provide next link to proceed\" error, got nil")
- }
-}
-
-// writeJSONResponse marshals the body as JSON and writes it to the response.
-func writeJSONResponse(w http.ResponseWriter, body interface{}) {
- bs, err := json.Marshal(body)
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- w.Header().Set("Content-Type", "application/json")
- if _, err := w.Write(bs); err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- }
-}
-
-// stubValidate is like validate, except it does nothing.
-func stubValidate(j *jws, domain, uri string, chlng challenge) error {
- return nil
-}
-
-type mockUser struct {
- email string
- regres *RegistrationResource
- privatekey *rsa.PrivateKey
-}
-
-func (u mockUser) GetEmail() string { return u.email }
-func (u mockUser) GetRegistration() *RegistrationResource { return u.regres }
-func (u mockUser) GetPrivateKey() crypto.PrivateKey { return u.privatekey }
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-05-20 16:38:50 +0000