Add tests for special headers

This commit is contained in:
Natsu Kagami 2024-06-11 20:19:54 +02:00 committed by Floatingghost
parent d29930f310
commit 87c8622d62

View file

@ -16,6 +16,8 @@ defmodule HttpSignaturesTest do
"(request-target)" => "post /foo?param=value&pet=dog", "(request-target)" => "post /foo?param=value&pet=dog",
"host" => "example.com", "host" => "example.com",
"date" => "Thu, 05 Jan 2014 21:31:40 GMT", "date" => "Thu, 05 Jan 2014 21:31:40 GMT",
"(created)" => "1388957500", # the same date, in unix timestamp
"(expires)" => "1388967500", # 10000 seconds later
"content-type" => "application/json", "content-type" => "application/json",
"digest" => "SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=", "digest" => "SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=",
"content-length" => "18" "content-length" => "18"
@ -29,6 +31,16 @@ defmodule HttpSignaturesTest do
keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date",signature="HUxc9BS3P/kPhSmJo+0pQ4IsCo007vkv6bUm4Qehrx+B1Eo4Mq5/6KylET72ZpMUS80XvjlOPjKzxfeTQj4DiKbAzwJAb4HX3qX6obQTa00/qPDXlMepD2JtTw33yNnm/0xV7fQuvILN/ys+378Ysi082+4xBQFwvhNvSoVsGv4=" keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date",signature="HUxc9BS3P/kPhSmJo+0pQ4IsCo007vkv6bUm4Qehrx+B1Eo4Mq5/6KylET72ZpMUS80XvjlOPjKzxfeTQj4DiKbAzwJAb4HX3qX6obQTa00/qPDXlMepD2JtTw33yNnm/0xV7fQuvILN/ys+378Ysi082+4xBQFwvhNvSoVsGv4="
""" """
# IO.puts HTTPSignatures.sign(@private_key, "Test", %{
# "(request-target)" => "post /foo?param=value&pet=dog",
# "host" => "example.com",
# "(created)" => "1388957500", # the same date, in unix timestamp
# "(expires)" => "1388967500", # 10000 seconds later
# })
@timestamped_signature """
keyId="Test",algorithm="rsa-sha256",headers="(created) (expires) (request-target) host",signature="rR4LdJSX1ZkmFmh9HUxQt0DFFPuYfvaV+mVMhEws6fMkxHO2AE0vAteYp22T7DFRYcCiXoLrqp+53aKaCX1ade2KZM7obKJ78fMZ4jETqUM9P/ziSHCIEmnNohWoGrCkpU775AXmh0A7lsfKeNLYqdYkS6G85asxn1QGWzeE4O8=",created="1388957500",expires="1388967500"
"""
@all_headers_signature """ @all_headers_signature """
keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date content-type digest content-length",signature="Ef7MlxLXoBovhil3AlyjtBwAL9g4TN3tibLj7uuNB3CROat/9KaeQ4hW2NiJ+pZ6HQEOx9vYZAyi+7cmIkmJszJCut5kQLAwuX+Ms/mUFvpKlSo9StS2bMXDBNjOh4Auj774GFj4gwjS+3NhFeoqyr/MuN6HsEnkvn6zdgfE2i0=" keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date content-type digest content-length",signature="Ef7MlxLXoBovhil3AlyjtBwAL9g4TN3tibLj7uuNB3CROat/9KaeQ4hW2NiJ+pZ6HQEOx9vYZAyi+7cmIkmJszJCut5kQLAwuX+Ms/mUFvpKlSo9StS2bMXDBNjOh4Auj774GFj4gwjS+3NhFeoqyr/MuN6HsEnkvn6zdgfE2i0="
""" """
@ -55,6 +67,11 @@ defmodule HttpSignaturesTest do
assert HTTPSignatures.validate(@headers, signature, @public_key) assert HTTPSignatures.validate(@headers, signature, @public_key)
end end
test "validates the timestamped case" do
signature = HTTPSignatures.split_signature(@timestamped_signature)
assert HTTPSignatures.validate(@headers, signature, @public_key)
end
test "validates the all-headers case" do test "validates the all-headers case" do
signature = HTTPSignatures.split_signature(@all_headers_signature) signature = HTTPSignatures.split_signature(@all_headers_signature)
assert HTTPSignatures.validate(@headers, signature, @public_key) assert HTTPSignatures.validate(@headers, signature, @public_key)
@ -62,7 +79,9 @@ defmodule HttpSignaturesTest do
test "it contructs a signing string" do test "it contructs a signing string" do
expected = "date: Thu, 05 Jan 2014 21:31:40 GMT\ncontent-length: 18" expected = "date: Thu, 05 Jan 2014 21:31:40 GMT\ncontent-length: 18"
assert expected == HTTPSignatures.build_signing_string(@headers, ["date", "content-length"], nil, nil) assert expected == HTTPSignatures.build_signing_string(@headers, ["date", "content-length"], @headers["(created)"], @headers["(expires)"])
expected = "(created): 1388957500\n(expires): 1388967500\ncontent-length: 18"
assert expected == HTTPSignatures.build_signing_string(@headers, ["(created)", "(expires)", "content-length"], @headers["(created)"], @headers["(expires)"])
end end
test "it parses the http signature for a conn" do test "it parses the http signature for a conn" do