From 82de494f495481b5ae016038c7020898a135c8dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Wed, 26 Oct 2022 15:23:24 +0200 Subject: Generate digest preferable with sha2, then sha512 and fallback to insecure sha1 --- object_test.go | 59 ++++++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 45 insertions(+), 14 deletions(-) (limited to 'object_test.go') diff --git a/object_test.go b/object_test.go index 50bf622..a385434 100644 --- a/object_test.go +++ b/object_test.go @@ -19,12 +19,16 @@ package schwift import ( + "io" "net/http" + "strings" "testing" "time" ) -type tempurlBogusBackend struct{} +type tempurlBogusBackend struct { + mockInfoText string +} func (tempurlBogusBackend) EndpointURL() string { return "https://example.com/v1/AUTH_example/" @@ -32,27 +36,54 @@ func (tempurlBogusBackend) EndpointURL() string { func (tempurlBogusBackend) Clone(newEndpointURL string) Backend { panic("unimplemented") } -func (tempurlBogusBackend) Do(req *http.Request) (*http.Response, error) { +func (tBB tempurlBogusBackend) Do(req *http.Request) (*http.Response, error) { + if req.URL.Path == "/info" { + reader := strings.NewReader(tBB.mockInfoText) + return &http.Response{Body: io.NopCloser(reader)}, nil + } panic("unimplemented") } -func TestObjectTempURL(t *testing.T) { - //setup a bogus backend, account, container and object with exact names to - //reproducibly generate a temp URL - account, err := InitializeAccount(tempurlBogusBackend{}) - if err != nil { - t.Fatal(err.Error()) +func expectString(t *testing.T, expected, actual string) { + if actual != expected { + t.Error("temp URL generation failed") + t.Logf("expected: %s\n", expected) + t.Logf("actual: %s\n", actual) } +} - actualURL, err := account.Container("foo").Object("bar").TempURL("supersecretkey", "GET", time.Unix(1e9, 0)) +func must(t *testing.T, err error) { if err != nil { t.Fatal(err.Error()) } +} + +func TestObjectTempURLSha1Only(t *testing.T) { + //setup a bogus backend, account, container and object with exact names to + //reproducibly generate a temp URL + account, err := InitializeAccount(tempurlBogusBackend{ + mockInfoText: `{ "tempurl": { "allowed_digests": [ "sha1" ]}}`, + }) + must(t, err) + + actualURL, err := account.Container("foo").Object("bar").TempURL("supersecretkey", "GET", time.Unix(1e9, 0)) + must(t, err) expectedURL := "https://example.com/v1/AUTH_example/foo/bar?temp_url_sig=ed44d92005345aee463c884d76d4850ef6d2778d&temp_url_expires=1000000000" - if actualURL != expectedURL { - t.Error("temp URL generation failed") - t.Logf("expected: %s\n", expectedURL) - t.Logf("actual: %s\n", actualURL) - } + expectString(t, expectedURL, actualURL) +} + +func TestObjectTempURL(t *testing.T) { + //setup a bogus backend, account, container and object with exact names to + //reproducibly generate a temp URL + account, err := InitializeAccount(tempurlBogusBackend{ + mockInfoText: `{ "tempurl": { "allowed_digests": [ "sha1", "sha256", "sha512"]}}`, + }) + must(t, err) + + actualURL, err := account.Container("foo").Object("bar").TempURL("supersecretkey", "GET", time.Unix(1e9, 0)) + must(t, err) + + expectedURL := "https://example.com/v1/AUTH_example/foo/bar?temp_url_sig=5fc94a988b502d83e88863774812636ef0133b8aae04b20366fd906bff41189f&temp_url_expires=1000000000" + expectString(t, expectedURL, actualURL) } -- cgit v1.2.3