mirror of
https://github.com/inspec/inspec
synced 2025-01-26 03:45:40 +00:00
a4f4fe5231
Signed-off-by: Miah Johnson <miah@chia-pet.org>
246 lines
8.6 KiB
Ruby
246 lines
8.6 KiB
Ruby
require "helper"
|
|
require "inspec/resource"
|
|
require "inspec/resources/http"
|
|
require "faraday_middleware/response/follow_redirects"
|
|
|
|
describe "Inspec::Resources::Http" do
|
|
describe "InSpec::Resources::Http::Worker::Local" do
|
|
let(:domain) { "www.example.com" }
|
|
let(:http_method) { "GET" }
|
|
let(:opts) { {} }
|
|
let(:worker) { Inspec::Resources::Http::Worker::Local.new(http_method, "http://#{domain}", opts) }
|
|
|
|
describe "simple HTTP request with no options" do
|
|
it "returns correct data" do
|
|
stub_request(:get, domain).to_return(status: 200, body: "pong")
|
|
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "pong"
|
|
end
|
|
end
|
|
|
|
describe "request with basic auth" do
|
|
let(:opts) { { auth: { user: "user", pass: "pass" } } }
|
|
|
|
it "returns correct data" do
|
|
stub_request(:get, domain).with(basic_auth: %w{user pass}).to_return(status: 200, body: "auth ok")
|
|
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "auth ok"
|
|
end
|
|
end
|
|
|
|
describe "request with redirect enabled" do
|
|
let(:opts) { { max_redirects: 1 } }
|
|
|
|
it "follows the redirect" do
|
|
stub_request(:get, domain).to_return(status: 302, headers: { location: "http://example.com" } )
|
|
stub_request(:get, "example.com").to_return(status: 200, body: "redirect ok")
|
|
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "redirect ok"
|
|
end
|
|
|
|
it "does not exceed max_redirects" do
|
|
stub_request(:get, domain).to_return(status: 302, headers: { location: "http://redirect1.com" } )
|
|
stub_request(:get, "redirect1.com").to_return(status: 302, headers: { location: "http://redirect2.com" } )
|
|
stub_request(:get, "redirect2.com").to_return(status: 200, body: "should not get here")
|
|
|
|
proc { worker.status }.must_raise FaradayMiddleware::RedirectLimitReached
|
|
end
|
|
end
|
|
|
|
describe "POST request with data" do
|
|
let(:http_method) { "POST" }
|
|
let(:opts) { { data: { a: "1", b: "five" } } }
|
|
|
|
it "returns correct data" do
|
|
stub_request(:post, domain).with(body: { a: "1", b: "five" }).to_return(status: 200, body: "post ok")
|
|
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "post ok"
|
|
end
|
|
end
|
|
|
|
describe "with request headers" do
|
|
let(:opts) { { headers: { "accept" => "application/json" } } }
|
|
|
|
it "returns correct data" do
|
|
stub_request(:get, domain).with(headers: { "accept" => "application/json" }).to_return(status: 200, body: "headers ok", headers: { "mock" => "ok" })
|
|
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "headers ok"
|
|
_(worker.response_headers["mock"]).must_equal "ok"
|
|
end
|
|
end
|
|
|
|
describe "with params" do
|
|
let(:opts) { { params: { a: "b" } } }
|
|
|
|
it "returns correct data" do
|
|
stub_request(:get, domain).with(query: { a: "b" }).to_return(status: 200, body: "params ok")
|
|
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "params ok"
|
|
end
|
|
end
|
|
|
|
describe "an OPTIONS request" do
|
|
let(:http_method) { "OPTIONS" }
|
|
let(:opts) do
|
|
{ headers: { "Access-Control-Request-Method" => "GET",
|
|
"Access-Control-Request-Headers" => "origin, x-requested-with",
|
|
"Origin" => "http://www.example.com" } }
|
|
end
|
|
|
|
it "returns correct data" do
|
|
stub_request(:options, "http://www.example.com/")
|
|
.with(headers: { "Access-Control-Request-Headers" => "origin, x-requested-with", "Access-Control-Request-Method" => "GET", "Origin" => "http://www.example.com" })
|
|
.to_return(status: 200, body: "", headers: { "mock" => "ok", "Access-Control-Allow-Origin" => "http://www.example.com", "Access-Control-Allow-Methods" => "POST, GET, OPTIONS, DELETE", "Access-Control-Max-Age" => "86400" })
|
|
|
|
_(worker.status).must_equal 200
|
|
_(worker.response_headers["mock"]).must_equal "ok"
|
|
_(worker.response_headers["access-control-allow-origin"]).must_equal "http://www.example.com"
|
|
_(worker.response_headers["access-control-allow-methods"]).must_equal "POST, GET, OPTIONS, DELETE"
|
|
_(worker.response_headers["access-control-max-age"]).must_equal "86400"
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "Inspec::Resource::Http::Worker::Remote" do
|
|
let(:backend) { MockLoader.new.backend }
|
|
let(:http_method) { "GET" }
|
|
let(:url) { "http://www.example.com" }
|
|
let(:opts) { {} }
|
|
let(:worker) { Inspec::Resources::Http::Worker::Remote.new(backend, http_method, url, opts) }
|
|
|
|
describe "simple HTTP request with no options" do
|
|
it "returns correct data" do
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "no options"
|
|
end
|
|
end
|
|
|
|
describe "request with basic auth" do
|
|
let(:opts) { { auth: { user: "user", pass: "pass" } } }
|
|
|
|
it "returns correct data" do
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "auth ok"
|
|
end
|
|
end
|
|
|
|
describe "request with redirect enabled" do
|
|
let(:opts) { { max_redirects: 1 } }
|
|
|
|
it "follows the redirect" do
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "followed redirect"
|
|
end
|
|
end
|
|
|
|
describe "POST request with data" do
|
|
let(:http_method) { "POST" }
|
|
let(:opts) { { data: { a: "1", b: "five" } } }
|
|
|
|
it "returns correct data" do
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "post ok"
|
|
end
|
|
end
|
|
|
|
describe "with request headers" do
|
|
let(:opts) { { headers: { "accept" => "application/json", "foo" => "bar" } } }
|
|
|
|
it "returns correct data" do
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "headers ok"
|
|
_(worker.response_headers["mock"]).must_equal "ok"
|
|
end
|
|
end
|
|
|
|
describe "with params" do
|
|
let(:opts) { { params: { a: "b", c: "d" } } }
|
|
|
|
it "returns correct data" do
|
|
_(worker.status).must_equal 200
|
|
_(worker.body).must_equal "params ok"
|
|
end
|
|
end
|
|
|
|
describe "a HEAD request" do
|
|
let(:http_method) { "HEAD" }
|
|
|
|
it "returns correct data" do
|
|
_(worker.status).must_equal 301
|
|
_(worker.response_headers["Location"]).must_equal "http://www.google.com/"
|
|
end
|
|
end
|
|
|
|
describe "an OPTIONS request" do
|
|
let(:http_method) { "OPTIONS" }
|
|
let(:opts) do
|
|
{ headers: { "Access-Control-Request-Method" => "GET",
|
|
"Access-Control-Request-Headers" => "origin, x-requested-with",
|
|
"Origin" => "http://www.example.com" } }
|
|
end
|
|
|
|
it "returns correct data" do
|
|
_(worker.status).must_equal 200
|
|
_(worker.response_headers["Access-Control-Allow-Origin"]).must_equal "http://www.example.com"
|
|
_(worker.response_headers["Access-Control-Allow-Methods"]).must_equal "POST, GET, OPTIONS, DELETE"
|
|
_(worker.response_headers["Access-Control-Max-Age"]).must_equal "86400"
|
|
end
|
|
end
|
|
|
|
describe "run_curl request" do
|
|
it "returns nil when nil is returned" do
|
|
Inspec::Resources::Cmd.any_instance
|
|
.stubs(:stdout)
|
|
.returns(nil)
|
|
_(worker.send(:run_curl)).must_be_nil
|
|
end
|
|
|
|
it "returns nil when failure is returned" do
|
|
Inspec::Resources::Cmd.any_instance
|
|
.stubs(:exit_status)
|
|
.returns(1)
|
|
_(worker.send(:run_curl)).must_be_nil
|
|
end
|
|
|
|
it "returns html when html is returned" do
|
|
Inspec::Resources::Cmd.any_instance
|
|
.stubs(:stdout)
|
|
.returns("HTTP/1.1 200 OK\nDate: Tue, 03 Oct 2017 20:30:08 GMT\nExpires: -1\nCache-Control: private")
|
|
assert = ["Date: Tue, 03 Oct 2017 20:30:08 GMT", "Expires: -1", "Cache-Control: private"]
|
|
_(worker.send(:run_curl)).must_equal assert
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "Inspec::Resource::Http::Headers" do
|
|
let(:headers) { Inspec::Resources::Http::Headers.create(a: 1, B: 2, "c" => 3, "D" => 4) }
|
|
|
|
it "returns the correct data via hash syntax ensuring case-insensitive keys" do
|
|
headers["a"].must_equal(1)
|
|
headers["A"].must_equal(1)
|
|
headers["b"].must_equal(2)
|
|
headers["B"].must_equal(2)
|
|
headers["c"].must_equal(3)
|
|
headers["C"].must_equal(3)
|
|
headers["d"].must_equal(4)
|
|
headers["D"].must_equal(4)
|
|
end
|
|
|
|
it "returns the correct data via method syntax ensuring case-insensitive keys" do
|
|
headers.a.must_equal(1)
|
|
headers.A.must_equal(1)
|
|
headers.b.must_equal(2)
|
|
headers.B.must_equal(2)
|
|
headers.c.must_equal(3)
|
|
headers.C.must_equal(3)
|
|
headers.d.must_equal(4)
|
|
headers.D.must_equal(4)
|
|
end
|
|
end
|
|
end
|