From 2ab50c7f613419dd4334653ea2ef01ed31b4b6f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Nu=C3=B1ez?= <10672208+mind-ar@users.noreply.github.com> Date: Wed, 4 Jan 2023 19:37:43 -0300 Subject: [PATCH] test(handlers): add additional coverage (#4698) * test(handlers): handler_checks_safe_redirection * test(handlers): password_policy * test(handlers): health Co-authored-by: James Elliott --- .../handler_checks_safe_redirection_test.go | 30 +++++++ ...dler_configuration_password_policy_test.go | 83 +++++++++++++++++++ internal/handlers/handler_health_test.go | 26 ++++++ 3 files changed, 139 insertions(+) create mode 100644 internal/handlers/handler_configuration_password_policy_test.go create mode 100644 internal/handlers/handler_health_test.go diff --git a/internal/handlers/handler_checks_safe_redirection_test.go b/internal/handlers/handler_checks_safe_redirection_test.go index 807588deb..a77fefabb 100644 --- a/internal/handlers/handler_checks_safe_redirection_test.go +++ b/internal/handlers/handler_checks_safe_redirection_test.go @@ -63,3 +63,33 @@ func TestCheckSafeRedirection_SafeRedirection(t *testing.T) { OK: true, }) } + +func TestShouldFailOnInvalidBody(t *testing.T) { + mock := mocks.NewMockAutheliaCtxWithUserSession(t, session.UserSession{ + Username: "john", + AuthenticationLevel: authentication.OneFactor, + }) + defer mock.Close() + mock.Ctx.Configuration.Session.Domain = exampleDotComDomain + + mock.SetRequestBody(t, "not a valid json") + + CheckSafeRedirectionPOST(mock.Ctx) + mock.Assert200KO(t, "Operation failed.") +} + +func TestShouldFailOnInvalidURL(t *testing.T) { + mock := mocks.NewMockAutheliaCtxWithUserSession(t, session.UserSession{ + Username: "john", + AuthenticationLevel: authentication.OneFactor, + }) + defer mock.Close() + mock.Ctx.Configuration.Session.Domain = exampleDotComDomain + + mock.SetRequestBody(t, checkURIWithinDomainRequestBody{ + URI: "https//invalid-url", + }) + + CheckSafeRedirectionPOST(mock.Ctx) + mock.Assert200KO(t, "Operation failed.") +} diff --git a/internal/handlers/handler_configuration_password_policy_test.go b/internal/handlers/handler_configuration_password_policy_test.go new file mode 100644 index 000000000..600c89dfd --- /dev/null +++ b/internal/handlers/handler_configuration_password_policy_test.go @@ -0,0 +1,83 @@ +package handlers + +import ( + // "strings". + "encoding/json" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/stretchr/testify/suite" + + "github.com/authelia/authelia/v4/internal/mocks" +) + +type passwordPolicyResponseBody struct { + Status string + Data PasswordPolicyBody +} + +type PasswordPolicySuite struct { + suite.Suite + + mock *mocks.MockAutheliaCtx +} + +func (s *PasswordPolicySuite) SetupTest() { + s.mock = mocks.NewMockAutheliaCtx(s.T()) +} + +func (s *PasswordPolicySuite) TearDownTest() { + s.mock.Close() +} + +func (s *PasswordPolicySuite) TestShouldBeDisabled() { + s.mock.Ctx.Configuration.PasswordPolicy.ZXCVBN.Enabled = false + s.mock.Ctx.Configuration.PasswordPolicy.Standard.Enabled = false + + PasswordPolicyConfigurationGET(s.mock.Ctx) + + response := &passwordPolicyResponseBody{} + err := json.Unmarshal(s.mock.Ctx.Response.Body(), response) + + require.NoError(s.T(), err) + assert.Equal(s.T(), 200, s.mock.Ctx.Response.StatusCode()) + assert.Equal(s.T(), "disabled", response.Data.Mode) +} + +func (s *PasswordPolicySuite) TestShouldBeStandard() { + s.mock.Ctx.Configuration.PasswordPolicy.ZXCVBN.Enabled = false + s.mock.Ctx.Configuration.PasswordPolicy.Standard.Enabled = true + s.mock.Ctx.Configuration.PasswordPolicy.Standard.MinLength = 4 + s.mock.Ctx.Configuration.PasswordPolicy.Standard.MaxLength = 8 + + PasswordPolicyConfigurationGET(s.mock.Ctx) + + response := &passwordPolicyResponseBody{} + err := json.Unmarshal(s.mock.Ctx.Response.Body(), response) + + require.NoError(s.T(), err) + assert.Equal(s.T(), 200, s.mock.Ctx.Response.StatusCode()) + assert.Equal(s.T(), "standard", response.Data.Mode) + assert.Equal(s.T(), 4, response.Data.MinLength) + assert.Equal(s.T(), 8, response.Data.MaxLength) +} + +func (s *PasswordPolicySuite) TestShouldBeZXCVBN() { + s.mock.Ctx.Configuration.PasswordPolicy.ZXCVBN.Enabled = true + s.mock.Ctx.Configuration.PasswordPolicy.Standard.Enabled = false + + PasswordPolicyConfigurationGET(s.mock.Ctx) + + response := &passwordPolicyResponseBody{} + err := json.Unmarshal(s.mock.Ctx.Response.Body(), response) + + require.NoError(s.T(), err) + assert.Equal(s.T(), 200, s.mock.Ctx.Response.StatusCode()) + assert.Equal(s.T(), "zxcvbn", response.Data.Mode) +} + +func TestRunPasswordPolicySuite(t *testing.T) { + s := new(PasswordPolicySuite) + suite.Run(t, s) +} diff --git a/internal/handlers/handler_health_test.go b/internal/handlers/handler_health_test.go new file mode 100644 index 000000000..f268fccf7 --- /dev/null +++ b/internal/handlers/handler_health_test.go @@ -0,0 +1,26 @@ +package handlers + +import ( + "testing" + + "github.com/stretchr/testify/assert" + + "github.com/authelia/authelia/v4/internal/authentication" + "github.com/authelia/authelia/v4/internal/mocks" + "github.com/authelia/authelia/v4/internal/session" +) + +var okMessageBytes = []byte("{\"status\":\"OK\"}") + +func TestHealthOk(t *testing.T) { + mock := mocks.NewMockAutheliaCtxWithUserSession(t, session.UserSession{ + Username: "john", + AuthenticationLevel: authentication.OneFactor, + }) + defer mock.Close() + + HealthGET(mock.Ctx) + + assert.Equal(t, 200, mock.Ctx.Response.StatusCode()) + assert.Equal(t, okMessageBytes, mock.Ctx.Response.Body()) +}