(t *testing.T)
| 3048 | } |
| 3049 | |
| 3050 | func TestAllowedRequestNegateWithMethod(t *testing.T) { |
| 3051 | upstreamServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
| 3052 | w.WriteHeader(200) |
| 3053 | _, err := w.Write([]byte("Allowed Request")) |
| 3054 | if err != nil { |
| 3055 | t.Fatal(err) |
| 3056 | } |
| 3057 | })) |
| 3058 | t.Cleanup(upstreamServer.Close) |
| 3059 | |
| 3060 | opts := baseTestOptions() |
| 3061 | opts.UpstreamServers = options.UpstreamConfig{ |
| 3062 | Upstreams: []options.Upstream{ |
| 3063 | { |
| 3064 | ID: upstreamServer.URL, |
| 3065 | Path: "/", |
| 3066 | URI: upstreamServer.URL, |
| 3067 | }, |
| 3068 | }, |
| 3069 | } |
| 3070 | opts.SkipAuthRoutes = []string{ |
| 3071 | "GET!=^/api", // any non-api routes |
| 3072 | "POST=^/api/public-entity/?$", |
| 3073 | } |
| 3074 | err := validation.Validate(opts) |
| 3075 | assert.NoError(t, err) |
| 3076 | proxy, err := NewOAuthProxy(opts, func(_ string) bool { return true }) |
| 3077 | if err != nil { |
| 3078 | t.Fatal(err) |
| 3079 | } |
| 3080 | |
| 3081 | testCases := []struct { |
| 3082 | name string |
| 3083 | method string |
| 3084 | url string |
| 3085 | allowed bool |
| 3086 | }{ |
| 3087 | { |
| 3088 | name: "Some static file allowed", |
| 3089 | method: http.MethodGet, |
| 3090 | url: "/static/file.txt", |
| 3091 | allowed: true, |
| 3092 | }, |
| 3093 | { |
| 3094 | name: "POST to contact form not allowed", |
| 3095 | method: http.MethodPost, |
| 3096 | url: "/contact", |
| 3097 | allowed: false, |
| 3098 | }, |
| 3099 | { |
| 3100 | name: "Regex POST allowed", |
| 3101 | method: http.MethodPost, |
| 3102 | url: "/api/public-entity", |
| 3103 | allowed: true, |
| 3104 | }, |
| 3105 | { |
| 3106 | name: "Regex POST with trailing slash allowed", |
| 3107 | method: http.MethodPost, |
nothing calls this directly
no test coverage detected