This repository has been archived by the owner on Jul 15, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathutils_test.go
95 lines (85 loc) · 2.48 KB
/
utils_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
package hero
import (
"testing"
)
func TestExtraScopes(t *testing.T) {
sample := []struct {
access, refresh string
result bool
}{
{"one,two,three", "one", true},
{"one,two,three", "none", false},
}
for _, scope := range sample {
if e := extraScopes(scope.access, scope.refresh); e != scope.result {
t.Errorf("expected %v got %v aceess: %s refresh:: %s", scope.result, e, scope.access, scope.refresh)
}
}
}
func TestValidURL(t *testing.T) {
link := "http://www.example.com"
sample := []struct {
info, base, redir string
valid bool
}{
{"exact match", "/hero", "/hero", true},
{"trailing slash", "/hero", "/hero/", true},
{"exact match with trailing slash", "/hero/", "/hero/", true},
{"subpath", "/hero", "/hero/sub/path", true},
{"subpath with trailing slash", "/hero/", "/hero/sub/path", true},
{"subpath with traversal like", "/hero", "/hero/.../..sub../...", true},
{"traversal", "/hero/../allow", "/hero/../allow/sub/path", true},
{"base path mismatch", "/hero", "/heroine", false},
{"base path mismatch slash", "/hero/", "/hero", false},
{"traversal", "/hero", "/hero/..", false},
{"embed traversal", "/hero", "/hero/../sub", false},
{"not subpath", "/hero", "/hero../sub", false},
}
for _, v := range sample {
if v.valid {
err := validateURI(link+v.base, link+v.redir)
if err != nil {
t.Errorf("some fish for %s : %v", v.info, err)
}
} else {
err := validateURI(link+v.base, link+v.redir)
if err == nil {
t.Errorf("expected error for for %s : got %v", v.info, err)
}
}
}
sampleList := []struct {
base, redir, sep string
valid bool
}{
{"http://www.example.com/hero", "http://www.example.com/hero", "", true},
{"http://www.example.com/hero", "http://www.example.com/app", "", false},
{"http://xxx:14000/hero;http://www.example.com/hero", "http://www.example.com/hero", ";", true},
{"http://xxx:14000/hero;http://www.example.com/hero", "http://www.example.com/app", ";", false},
}
for _, v := range sampleList {
if v.valid {
err := validateURIList(v.base, v.redir, v.sep)
if err != nil {
t.Error(err)
}
} else {
err := validateURIList(v.base, v.redir, v.sep)
if err == nil {
t.Error("expected an error")
}
}
}
}
func TestRandGenerator(t *testing.T) {
sample := []int{32, 64}
for _, v := range sample {
token, err := generateRandomToken(v)
if err != nil {
t.Error(err)
}
if len(token) != v {
t.Errorf("expected %d got %d", v, len(token))
}
}
}