MCPcopy
hub / github.com/syncthing/syncthing / TestHTTPLogin

Function TestHTTPLogin

lib/api/api_test.go:573–839  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

571}
572
573func TestHTTPLogin(t *testing.T) {
574 // This test intentionally does not use t.Parallel()
575
576 httpGetBasicAuth := func(url string, username string, password string) *http.Response {
577 t.Helper()
578 return httpGet(url, username, password, "", "", nil, t)
579 }
580
581 httpGetXapikey := func(url string, xapikeyHeader string) *http.Response {
582 t.Helper()
583 return httpGet(url, "", "", xapikeyHeader, "", nil, t)
584 }
585
586 httpGetAuthorizationBearer := func(url string, bearer string) *http.Response {
587 t.Helper()
588 return httpGet(url, "", "", "", bearer, nil, t)
589 }
590
591 testWith := func(sendBasicAuthPrompt bool, expectedOkStatus int, expectedFailStatus int, path string) {
592 cfg := newMockedConfig()
593 cfg.GUIReturns(config.GUIConfiguration{
594 User: "üser",
595 Password: "$2a$10$IdIZTxTg/dCNuNEGlmLynOjqg4B1FvDKuIV5e0BB3pnWVHNb8.GSq", // bcrypt of "räksmörgås" in UTF-8
596 RawAddress: "127.0.0.1:0",
597 APIKey: testAPIKey,
598 SendBasicAuthPrompt: sendBasicAuthPrompt,
599 })
600 baseURL := startHTTP(t, cfg)
601 url := baseURL + path
602
603 t.Run(fmt.Sprintf("%d path", expectedOkStatus), func(t *testing.T) {
604 t.Run("no auth is rejected", func(t *testing.T) {
605 resp := httpGetBasicAuth(url, "", "")
606 if resp.StatusCode != expectedFailStatus {
607 t.Errorf("Unexpected non-%d return code %d for unauthed request", expectedFailStatus, resp.StatusCode)
608 }
609 if hasSessionCookie(resp.Cookies()) {
610 t.Errorf("Unexpected session cookie for unauthed request")
611 }
612 })
613
614 t.Run("incorrect password is rejected", func(t *testing.T) {
615 resp := httpGetBasicAuth(url, "üser", "rksmrgs")
616 if resp.StatusCode != expectedFailStatus {
617 t.Errorf("Unexpected non-%d return code %d for incorrect password", expectedFailStatus, resp.StatusCode)
618 }
619 if hasSessionCookie(resp.Cookies()) {
620 t.Errorf("Unexpected session cookie for incorrect password")
621 }
622 })
623
624 t.Run("incorrect username is rejected", func(t *testing.T) {
625 resp := httpGetBasicAuth(url, "user", "räksmörgås") // string literals in Go source code are in UTF-8
626 if resp.StatusCode != expectedFailStatus {
627 t.Errorf("Unexpected non-%d return code %d for incorrect username", expectedFailStatus, resp.StatusCode)
628 }
629 if hasSessionCookie(resp.Cookies()) {
630 t.Errorf("Unexpected session cookie for incorrect username")

Callers

nothing calls this directly

Calls 15

SetPasswordMethod · 0.95
WrapFunction · 0.92
httpGetFunction · 0.85
newMockedConfigFunction · 0.85
startHTTPFunction · 0.85
hasSessionCookieFunction · 0.85
httpPostFunction · 0.85
hasDeleteSessionCookieFunction · 0.85
initConfigFunction · 0.85
httpRequestFunction · 0.85
HelperMethod · 0.80

Tested by

no test coverage detected