799cc82bb5
* cmd/crowdsec: removed log.Fatal()s, added tests and print error for unrecognized argument * updated golangci-lint to v1.46 * lint/deadcode: fix existing issues * tests: cscli config backup/restore * tests: cscli completion powershell/fish * err check: pflags MarkHidden() * empty .dockerignore (and explain the reason) * tests, errors.Wrap * test for CS_LAPI_SECRET and minor refactoring * minor style changes * log cleanup
53 lines
1.3 KiB
Go
53 lines
1.3 KiB
Go
package apiserver
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"strings"
|
|
"testing"
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestAPIKey(t *testing.T) {
|
|
router, config, err := NewAPITest()
|
|
if err != nil {
|
|
log.Fatalf("unable to run local API: %s", err)
|
|
}
|
|
|
|
APIKey, err := CreateTestBouncer(config.API.Server.DbConfig)
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
// Login with empty token
|
|
w := httptest.NewRecorder()
|
|
req, _ := http.NewRequest("GET", "/v1/decisions", strings.NewReader(""))
|
|
req.Header.Add("User-Agent", UserAgent)
|
|
router.ServeHTTP(w, req)
|
|
|
|
assert.Equal(t, 403, w.Code)
|
|
assert.Equal(t, "{\"message\":\"access forbidden\"}", w.Body.String())
|
|
|
|
// Login with invalid token
|
|
w = httptest.NewRecorder()
|
|
req, _ = http.NewRequest("GET", "/v1/decisions", strings.NewReader(""))
|
|
req.Header.Add("User-Agent", UserAgent)
|
|
req.Header.Add("X-Api-Key", "a1b2c3d4e5f6")
|
|
router.ServeHTTP(w, req)
|
|
|
|
assert.Equal(t, 403, w.Code)
|
|
assert.Equal(t, "{\"message\":\"access forbidden\"}", w.Body.String())
|
|
|
|
// Login with valid token
|
|
w = httptest.NewRecorder()
|
|
req, _ = http.NewRequest("GET", "/v1/decisions", strings.NewReader(""))
|
|
req.Header.Add("User-Agent", UserAgent)
|
|
req.Header.Add("X-Api-Key", APIKey)
|
|
router.ServeHTTP(w, req)
|
|
|
|
assert.Equal(t, 200, w.Code)
|
|
assert.Equal(t, "null", w.Body.String())
|
|
|
|
}
|