3541c82448
- Test overview returns 200 with KeyHunter in body - Test static asset serving for htmx.min.js - Test auth returns 401 when configured but no credentials - Test basic auth and bearer token pass through - Test overview shows stat cards
108 lines
2.9 KiB
Go
108 lines
2.9 KiB
Go
package web
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestOverview_Returns200WithKeyHunter(t *testing.T) {
|
|
srv, err := NewServer(Config{})
|
|
require.NoError(t, err)
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
|
rec := httptest.NewRecorder()
|
|
srv.Router().ServeHTTP(rec, req)
|
|
|
|
assert.Equal(t, http.StatusOK, rec.Code)
|
|
assert.Contains(t, rec.Body.String(), "KeyHunter")
|
|
}
|
|
|
|
func TestStaticAsset_HtmxJS(t *testing.T) {
|
|
srv, err := NewServer(Config{})
|
|
require.NoError(t, err)
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/static/htmx.min.js", nil)
|
|
rec := httptest.NewRecorder()
|
|
srv.Router().ServeHTTP(rec, req)
|
|
|
|
assert.Equal(t, http.StatusOK, rec.Code)
|
|
assert.Contains(t, rec.Body.String(), "htmx")
|
|
}
|
|
|
|
func TestAuth_Returns401_WhenConfiguredButNoCreds(t *testing.T) {
|
|
srv, err := NewServer(Config{
|
|
AuthUser: "admin",
|
|
AuthPass: "secret",
|
|
})
|
|
require.NoError(t, err)
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
|
rec := httptest.NewRecorder()
|
|
srv.Router().ServeHTTP(rec, req)
|
|
|
|
assert.Equal(t, http.StatusUnauthorized, rec.Code)
|
|
assert.Contains(t, rec.Header().Get("WWW-Authenticate"), "Basic")
|
|
}
|
|
|
|
func TestAuth_BasicAuth_Returns200(t *testing.T) {
|
|
srv, err := NewServer(Config{
|
|
AuthUser: "admin",
|
|
AuthPass: "secret",
|
|
})
|
|
require.NoError(t, err)
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
|
req.SetBasicAuth("admin", "secret")
|
|
rec := httptest.NewRecorder()
|
|
srv.Router().ServeHTTP(rec, req)
|
|
|
|
assert.Equal(t, http.StatusOK, rec.Code)
|
|
assert.Contains(t, rec.Body.String(), "KeyHunter")
|
|
}
|
|
|
|
func TestAuth_BearerToken_Returns200(t *testing.T) {
|
|
srv, err := NewServer(Config{
|
|
AuthToken: "my-secret-token",
|
|
})
|
|
require.NoError(t, err)
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
|
req.Header.Set("Authorization", "Bearer my-secret-token")
|
|
rec := httptest.NewRecorder()
|
|
srv.Router().ServeHTTP(rec, req)
|
|
|
|
assert.Equal(t, http.StatusOK, rec.Code)
|
|
assert.Contains(t, rec.Body.String(), "KeyHunter")
|
|
}
|
|
|
|
func TestAuth_NoAuthConfigured_PassesThrough(t *testing.T) {
|
|
srv, err := NewServer(Config{})
|
|
require.NoError(t, err)
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
|
rec := httptest.NewRecorder()
|
|
srv.Router().ServeHTTP(rec, req)
|
|
|
|
assert.Equal(t, http.StatusOK, rec.Code)
|
|
}
|
|
|
|
func TestOverview_ShowsStats(t *testing.T) {
|
|
srv, err := NewServer(Config{})
|
|
require.NoError(t, err)
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
|
rec := httptest.NewRecorder()
|
|
srv.Router().ServeHTTP(rec, req)
|
|
|
|
body := rec.Body.String()
|
|
// Should display stat values (zeroes when no DB)
|
|
assert.True(t, strings.Contains(body, "Total Keys Found"), "should show Total Keys stat card")
|
|
assert.True(t, strings.Contains(body, "Providers Loaded"), "should show Providers stat card")
|
|
assert.True(t, strings.Contains(body, "Recon Sources"), "should show Recon Sources stat card")
|
|
}
|