inspec/test/unit/resources/http_test.rb

242 lines
8.6 KiB
Ruby
Raw Normal View History

require 'helper'
require "faraday_middleware/response/follow_redirects"
describe 'Inspec::Resources::Http' do
describe 'InSpec::Resources::Http::Worker::Local' do
let(:domain) { 'www.example.com' }
let(:http_method) { 'GET' }
let(:opts) { {} }
let(:worker) { Inspec::Resources::Http::Worker::Local.new(http_method, "http://#{domain}", opts) }
describe 'simple HTTP request with no options' do
it 'returns correct data' do
stub_request(:get, domain).to_return(status: 200, body: 'pong')
_(worker.status).must_equal 200
_(worker.body).must_equal 'pong'
end
end
describe 'request with basic auth' do
let(:opts) { { auth: { user: 'user', pass: 'pass' } } }
it 'returns correct data' do
stub_request(:get, domain).with(basic_auth: ['user', 'pass']).to_return(status: 200, body: 'auth ok')
_(worker.status).must_equal 200
_(worker.body).must_equal 'auth ok'
end
end
describe 'request with redirect enabled' do
let(:opts) { { max_redirects: 1 } }
it 'follows the redirect' do
stub_request(:get, domain).to_return(status: 302, headers: { location: 'http://example.com' } )
stub_request(:get, 'example.com').to_return(status: 200, body: 'redirect ok')
_(worker.status).must_equal 200
_(worker.body).must_equal 'redirect ok'
end
it 'does not exceed max_redirects' do
stub_request(:get, domain).to_return(status: 302, headers: { location: 'http://redirect1.com' } )
stub_request(:get, 'redirect1.com').to_return(status: 302, headers: { location: 'http://redirect2.com' } )
stub_request(:get, 'redirect2.com').to_return(status: 200, body: 'should not get here')
proc { worker.status }.must_raise FaradayMiddleware::RedirectLimitReached
end
end
describe 'POST request with data' do
let(:http_method) { 'POST'}
let(:opts) { { data: {a: '1', b: 'five'} } }
it 'returns correct data' do
stub_request(:post, domain).with(body: {a: '1', b: 'five'}).to_return(status: 200, body: 'post ok')
_(worker.status).must_equal 200
_(worker.body).must_equal 'post ok'
end
end
describe 'with request headers' do
let(:opts) { { headers: { 'accept' => 'application/json' } } }
it 'returns correct data' do
stub_request(:get, domain).with(headers: {'accept' => 'application/json'}).to_return(status: 200, body: 'headers ok', headers: {'mock' => 'ok'})
_(worker.status).must_equal 200
_(worker.body).must_equal 'headers ok'
_(worker.response_headers['mock']).must_equal 'ok'
end
end
describe 'with params' do
let(:opts) { { params: { a: 'b' } } }
it 'returns correct data' do
stub_request(:get, domain).with(query: {a: 'b'}).to_return(status: 200, body: 'params ok')
_(worker.status).must_equal 200
_(worker.body).must_equal 'params ok'
end
end
describe 'an OPTIONS request' do
let(:http_method) { 'OPTIONS' }
let(:opts) { { headers: { 'Access-Control-Request-Method' => 'GET',
'Access-Control-Request-Headers' => 'origin, x-requested-with',
'Origin' => 'http://www.example.com' } } }
it 'returns correct data' do
stub_request(:options, "http://www.example.com/").
with(:headers => {'Access-Control-Request-Headers'=>'origin, x-requested-with', 'Access-Control-Request-Method'=>'GET', 'Origin'=>'http://www.example.com'}).
to_return(:status => 200, :body => "", :headers => { 'mock' => 'ok', 'Access-Control-Allow-Origin' => 'http://www.example.com', 'Access-Control-Allow-Methods' => 'POST, GET, OPTIONS, DELETE', 'Access-Control-Max-Age' => '86400' })
_(worker.status).must_equal 200
_(worker.response_headers['mock']).must_equal 'ok'
_(worker.response_headers['access-control-allow-origin']).must_equal 'http://www.example.com'
_(worker.response_headers['access-control-allow-methods']).must_equal 'POST, GET, OPTIONS, DELETE'
_(worker.response_headers['access-control-max-age']).must_equal '86400'
end
end
end
describe 'Inspec::Resource::Http::Worker::Remote' do
let(:backend) { MockLoader.new.backend }
let(:http_method) { 'GET' }
let(:url) { 'http://www.example.com' }
let(:opts) { {} }
let(:worker) { Inspec::Resources::Http::Worker::Remote.new(backend, http_method, url, opts)}
describe 'simple HTTP request with no options' do
it 'returns correct data' do
_(worker.status).must_equal 200
_(worker.body).must_equal 'no options'
end
end
describe 'request with basic auth' do
let(:opts) { { auth: { user: 'user', pass: 'pass' } } }
it 'returns correct data' do
_(worker.status).must_equal 200
_(worker.body).must_equal 'auth ok'
end
end
describe 'request with redirect enabled' do
let(:opts) { { max_redirects: 1 } }
it 'follows the redirect' do
_(worker.status).must_equal 200
_(worker.body).must_equal 'followed redirect'
end
end
describe 'POST request with data' do
let(:http_method) { 'POST'}
let(:opts) { { data: {a: '1', b: 'five'} } }
it 'returns correct data' do
_(worker.status).must_equal 200
_(worker.body).must_equal 'post ok'
end
end
describe 'with request headers' do
let(:opts) { { headers: { 'accept' => 'application/json', 'foo' => 'bar' } } }
it 'returns correct data' do
_(worker.status).must_equal 200
_(worker.body).must_equal 'headers ok'
_(worker.response_headers['mock']).must_equal 'ok'
end
end
describe 'with params' do
let(:opts) { { params: { a: 'b', c: 'd' } } }
it 'returns correct data' do
_(worker.status).must_equal 200
_(worker.body).must_equal 'params ok'
end
end
describe 'a HEAD request' do
let(:http_method) { 'HEAD' }
it 'returns correct data' do
_(worker.status).must_equal 301
_(worker.response_headers['Location']).must_equal 'http://www.google.com/'
end
end
describe 'an OPTIONS request' do
let(:http_method) { 'OPTIONS' }
let(:opts) { { headers: { 'Access-Control-Request-Method' => 'GET',
'Access-Control-Request-Headers' => 'origin, x-requested-with',
'Origin' => 'http://www.example.com' } } }
it 'returns correct data' do
_(worker.status).must_equal 200
_(worker.response_headers['Access-Control-Allow-Origin']).must_equal 'http://www.example.com'
_(worker.response_headers['Access-Control-Allow-Methods']).must_equal 'POST, GET, OPTIONS, DELETE'
_(worker.response_headers['Access-Control-Max-Age']).must_equal '86400'
end
end
describe 'run_curl request' do
it 'returns nil when nil is returned' do
Inspec::Resources::Cmd.any_instance
.stubs(:stdout)
.returns(nil)
_(worker.send(:run_curl)).must_be_nil
end
it 'returns nil when failure is returned' do
Inspec::Resources::Cmd.any_instance
.stubs(:exit_status)
.returns(1)
_(worker.send(:run_curl)).must_be_nil
end
it 'returns html when html is returned' do
Inspec::Resources::Cmd.any_instance
.stubs(:stdout)
.returns("HTTP/1.1 200 OK\nDate: Tue, 03 Oct 2017 20:30:08 GMT\nExpires: -1\nCache-Control: private")
assert = ["Date: Tue, 03 Oct 2017 20:30:08 GMT", "Expires: -1", "Cache-Control: private"]
_(worker.send(:run_curl)).must_equal assert
end
end
end
describe 'Inspec::Resource::Http::Headers' do
let(:headers) { Inspec::Resources::Http::Headers.create(a: 1, B: 2, 'c' => 3, 'D' => 4) }
it 'returns the correct data via hash syntax ensuring case-insensitive keys' do
headers['a'].must_equal(1)
headers['A'].must_equal(1)
headers['b'].must_equal(2)
headers['B'].must_equal(2)
headers['c'].must_equal(3)
headers['C'].must_equal(3)
headers['d'].must_equal(4)
headers['D'].must_equal(4)
end
it 'returns the correct data via method syntax ensuring case-insensitive keys' do
headers.a.must_equal(1)
headers.A.must_equal(1)
headers.b.must_equal(2)
headers.B.must_equal(2)
headers.c.must_equal(3)
headers.C.must_equal(3)
headers.d.must_equal(4)
headers.D.must_equal(4)
end
end
end