crowdsec/pkg/apiserver/jwt_test.go

95 lines
3.1 KiB
Go

package apiserver
import (
"net/http"
"net/http/httptest"
"strings"
"testing"
log "github.com/sirupsen/logrus"
"github.com/stretchr/testify/assert"
)
func TestLogin(t *testing.T) {
router, config, err := NewAPITest()
if err != nil {
log.Fatalf("unable to run local API: %s", err)
}
body, err := CreateTestMachine(router)
if err != nil {
log.Fatalln(err.Error())
}
// Login with machine not validated yet
w := httptest.NewRecorder()
req, _ := http.NewRequest("POST", "/v1/watchers/login", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, 401, w.Code)
assert.Equal(t, "{\"code\":401,\"message\":\"machine test not validated\"}", w.Body.String())
// Login with machine not exist
w = httptest.NewRecorder()
req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader("{\"machine_id\": \"test1\", \"password\": \"test1\"}"))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, 401, w.Code)
assert.Equal(t, "{\"code\":401,\"message\":\"ent: machine not found\"}", w.Body.String())
// Login with invalid body
w = httptest.NewRecorder()
req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader("test"))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, 401, w.Code)
assert.Equal(t, "{\"code\":401,\"message\":\"missing: invalid character 'e' in literal true (expecting 'r')\"}", w.Body.String())
// Login with invalid format
w = httptest.NewRecorder()
req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader("{\"machine_id\": \"test1\"}"))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, 401, w.Code)
assert.Equal(t, "{\"code\":401,\"message\":\"input format error\"}", w.Body.String())
//Validate machine
err = ValidateMachine("test", config.API.Server.DbConfig)
if err != nil {
log.Fatalln(err.Error())
}
// Login with invalid password
w = httptest.NewRecorder()
req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader("{\"machine_id\": \"test\", \"password\": \"test1\"}"))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, 401, w.Code)
assert.Equal(t, "{\"code\":401,\"message\":\"incorrect Username or Password\"}", w.Body.String())
// Login with valid machine
w = httptest.NewRecorder()
req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, 200, w.Code)
assert.Contains(t, w.Body.String(), "\"token\"")
assert.Contains(t, w.Body.String(), "\"expire\"")
// Login with valid machine + scenarios
w = httptest.NewRecorder()
req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader("{\"machine_id\": \"test\", \"password\": \"test\", \"scenarios\": [\"crowdsecurity/test\", \"crowdsecurity/test2\"]}"))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, 200, w.Code)
assert.Contains(t, w.Body.String(), "\"token\"")
assert.Contains(t, w.Body.String(), "\"expire\"")
}