keyhunter/pkg/recon/sources/crtsh_test.go

package sources

import (
	"context"
	"net/http"
	"net/http/httptest"
	"strings"
	"testing"
	"time"

	"github.com/salvacybersec/keyhunter/pkg/recon"
)

func TestCrtSh_Name(t *testing.T) {
	s := &CrtShSource{}
	if s.Name() != "crtsh" {
		t.Fatalf("expected crtsh, got %s", s.Name())
	}
}

func TestCrtSh_Enabled(t *testing.T) {
	s := &CrtShSource{}
	if !s.Enabled(recon.Config{}) {
		t.Fatal("CrtShSource should always be enabled")
	}
}

func TestCrtSh_Sweep_SkipsKeywords(t *testing.T) {
	s := &CrtShSource{Client: NewClient()}

	out := make(chan recon.Finding, 10)
	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
	defer cancel()

	// "sk-proj-" has no dot -- should be skipped as a keyword.
	err := s.Sweep(ctx, "sk-proj-", out)
	close(out)
	if err != nil {
		t.Fatalf("Sweep error: %v", err)
	}
	var findings []recon.Finding
	for f := range out {
		findings = append(findings, f)
	}
	if len(findings) != 0 {
		t.Fatalf("expected no findings for keyword query, got %d", len(findings))
	}
}

func TestCrtSh_Sweep(t *testing.T) {
	// Mux handles both crt.sh API and probe endpoints.
	mux := http.NewServeMux()

	// crt.sh subdomain lookup.
	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
		if r.URL.Query().Get("output") == "json" {
			w.Header().Set("Content-Type", "application/json")
			_, _ = w.Write([]byte(`[
				{"name_value":"api.example.com","common_name":"api.example.com"},
				{"name_value":"staging.example.com","common_name":"staging.example.com"}
			]`))
			return
		}
		http.NotFound(w, r)
	})

	crtSrv := httptest.NewServer(mux)
	defer crtSrv.Close()

	// Probe server: serves /.env with key-like content.
	probeMux := http.NewServeMux()
	probeMux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
		if strings.HasSuffix(r.URL.Path, "/.env") {
			_, _ = w.Write([]byte(`API_KEY = "sk-proj-ABCDEF1234567890abcdef"`))
			return
		}
		http.NotFound(w, r)
	})
	probeSrv := httptest.NewServer(probeMux)
	defer probeSrv.Close()

	s := &CrtShSource{
		BaseURL:      crtSrv.URL,
		Client:       NewClient(),
		ProbeBaseURL: probeSrv.URL,
	}

	out := make(chan recon.Finding, 20)
	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
	defer cancel()

	err := s.Sweep(ctx, "example.com", out)
	close(out)
	if err != nil {
		t.Fatalf("Sweep error: %v", err)
	}

	var findings []recon.Finding
	for f := range out {
		findings = append(findings, f)
	}
	if len(findings) == 0 {
		t.Fatal("expected at least one finding from crt.sh probe")
	}
	if findings[0].SourceType != "recon:crtsh" {
		t.Fatalf("expected recon:crtsh, got %s", findings[0].SourceType)
	}
}

func TestCrtSh_Sweep_NoSubdomains(t *testing.T) {
	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		w.Header().Set("Content-Type", "application/json")
		_, _ = w.Write([]byte(`[]`))
	}))
	defer srv.Close()

	s := &CrtShSource{
		BaseURL: srv.URL,
		Client:  NewClient(),
	}

	out := make(chan recon.Finding, 10)
	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
	defer cancel()

	err := s.Sweep(ctx, "empty.example.com", out)
	close(out)
	if err != nil {
		t.Fatalf("Sweep error: %v", err)
	}

	var findings []recon.Finding
	for f := range out {
		findings = append(findings, f)
	}
	if len(findings) != 0 {
		t.Fatalf("expected no findings, got %d", len(findings))
	}
}