keyhunter/pkg/recon/sources/hackernews_test.go

package sources

import (
	"context"
	"net/http"
	"net/http/httptest"
	"testing"
	"time"

	"github.com/salvacybersec/keyhunter/pkg/providers"
	"github.com/salvacybersec/keyhunter/pkg/recon"
)

func TestHackerNews_Name(t *testing.T) {
	s := &HackerNewsSource{}
	if s.Name() != "hackernews" {
		t.Fatalf("expected hackernews, got %s", s.Name())
	}
}

func TestHackerNews_Enabled(t *testing.T) {
	s := &HackerNewsSource{}
	if !s.Enabled(recon.Config{}) {
		t.Fatal("HackerNewsSource should always be enabled (credentialless)")
	}
}

func TestHackerNews_Sweep(t *testing.T) {
	mux := http.NewServeMux()
	mux.HandleFunc("/api/v1/search", func(w http.ResponseWriter, r *http.Request) {
		w.Header().Set("Content-Type", "application/json")
		_, _ = w.Write([]byte(`{"hits":[{
			"comment_text":"You should set your auth_token = \"sk-proj-ABCDEF1234567890abcdef\" in the config",
			"objectID":"98765432",
			"story_id":98765000
		}]}`))
	})

	srv := httptest.NewServer(mux)
	defer srv.Close()

	reg := providers.NewRegistryFromProviders([]providers.Provider{
		{Name: "openai", Keywords: []string{"sk-proj-"}},
	})

	s := &HackerNewsSource{
		BaseURL:  srv.URL,
		Registry: reg,
		Client:   NewClient(),
	}

	out := make(chan recon.Finding, 10)
	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
	defer cancel()

	err := s.Sweep(ctx, "", out)
	close(out)
	if err != nil {
		t.Fatalf("Sweep error: %v", err)
	}

	var findings []recon.Finding
	for f := range out {
		findings = append(findings, f)
	}
	if len(findings) == 0 {
		t.Fatal("expected at least one finding from Hacker News search")
	}
	if findings[0].SourceType != "recon:hackernews" {
		t.Fatalf("expected recon:hackernews, got %s", findings[0].SourceType)
	}
}