test(12-02): add httptest tests for FOFA, Netlas, BinaryEdge sources

- FOFA: mock JSON with 2 results, credential validation, context cancellation - Netlas: mock JSON with 2 items, X-API-Key header check, context cancellation - BinaryEdge: mock JSON with 2 events, X-Key header check, context cancellation - All verify correct finding count, source type, and disabled state Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-06 12:24:11 +03:00
parent 270bbbfb49
commit d6c35f4f14
3 changed files with 364 additions and 0 deletions
--- a/pkg/recon/sources/netlas_test.go
+++ b/pkg/recon/sources/netlas_test.go
@@ -0,0 +1,117 @@
+package sources
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"sync/atomic"
+	"testing"
+	"time"
+
+	"github.com/salvacybersec/keyhunter/pkg/recon"
+)
+
+func netlasStubHandler(t *testing.T, calls *int32) http.HandlerFunc {
+	t.Helper()
+	return func(w http.ResponseWriter, r *http.Request) {
+		atomic.AddInt32(calls, 1)
+		if !strings.HasPrefix(r.URL.Path, "/api/responses/") {
+			t.Errorf("unexpected path: %s", r.URL.Path)
+		}
+		if got := r.Header.Get("X-API-Key"); got != "testkey" {
+			t.Errorf("missing X-API-Key header: %q", got)
+		}
+		body := netlasSearchResponse{
+			Items: []netlasItem{
+				{Data: netlasData{IP: "10.0.0.1", Port: 443}},
+				{Data: netlasData{IP: "10.0.0.2", Port: 8443}},
+			},
+		}
+		w.Header().Set("Content-Type", "application/json")
+		_ = json.NewEncoder(w).Encode(body)
+	}
+}
+
+func TestNetlasSource_EnabledRequiresAPIKey(t *testing.T) {
+	reg := syntheticRegistry()
+	lim := recon.NewLimiterRegistry()
+
+	s := &NetlasSource{APIKey: "", Registry: reg, Limiters: lim}
+	if s.Enabled(recon.Config{}) {
+		t.Error("expected Enabled=false with empty key")
+	}
+	s = &NetlasSource{APIKey: "key", Registry: reg, Limiters: lim}
+	if !s.Enabled(recon.Config{}) {
+		t.Error("expected Enabled=true with key")
+	}
+}
+
+func TestNetlasSource_SweepEmitsFindings(t *testing.T) {
+	reg := syntheticRegistry()
+	lim := recon.NewLimiterRegistry()
+	_ = lim.For("netlas", 1000, 100)
+
+	var calls int32
+	srv := httptest.NewServer(netlasStubHandler(t, &calls))
+	defer srv.Close()
+
+	s := &NetlasSource{
+		APIKey:   "testkey",
+		BaseURL:  srv.URL,
+		Registry: reg,
+		Limiters: lim,
+	}
+
+	out := make(chan recon.Finding, 32)
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	done := make(chan error, 1)
+	go func() { done <- s.Sweep(ctx, "", out); close(out) }()
+
+	var findings []recon.Finding
+	for f := range out {
+		findings = append(findings, f)
+	}
+	if err := <-done; err != nil {
+		t.Fatalf("Sweep error: %v", err)
+	}
+
+	// 2 keywords * 2 items = 4 findings
+	if len(findings) != 4 {
+		t.Fatalf("expected 4 findings, got %d", len(findings))
+	}
+	for _, f := range findings {
+		if f.SourceType != "recon:netlas" {
+			t.Errorf("SourceType=%q want recon:netlas", f.SourceType)
+		}
+	}
+	if got := atomic.LoadInt32(&calls); got != 2 {
+		t.Errorf("expected 2 API calls, got %d", got)
+	}
+}
+
+func TestNetlasSource_CtxCancelled(t *testing.T) {
+	reg := syntheticRegistry()
+	lim := recon.NewLimiterRegistry()
+	_ = lim.For("netlas", 1000, 100)
+
+	s := &NetlasSource{
+		APIKey:   "key",
+		BaseURL:  "http://127.0.0.1:1",
+		Registry: reg,
+		Limiters: lim,
+	}
+
+	ctx, cancel := context.WithCancel(context.Background())
+	cancel()
+
+	out := make(chan recon.Finding, 1)
+	err := s.Sweep(ctx, "", out)
+	if !errors.Is(err, context.Canceled) {
+		t.Fatalf("expected context.Canceled, got %v", err)
+	}
+}