package acme import ( "crypto/rand" "crypto/rsa" "io/ioutil" "os" "strings" "testing" ) func TestHTTPChallenge(t *testing.T) { privKey, _ := rsa.GenerateKey(rand.Reader, 512) j := &jws{privKey: privKey} clientChallenge := challenge{Type: HTTP01, Token: "http1"} mockValidate := func(_ *jws, _, _ string, chlng challenge) error { uri := "http://localhost:23457/.well-known/acme-challenge/" + chlng.Token resp, err := httpGet(uri) if err != nil { return err } defer resp.Body.Close() if want := "text/plain"; resp.Header.Get("Content-Type") != want { t.Errorf("Get(%q) Content-Type: got %q, want %q", uri, resp.Header.Get("Content-Type"), want) } body, err := ioutil.ReadAll(resp.Body) if err != nil { return err } bodyStr := string(body) if bodyStr != chlng.KeyAuthorization { t.Errorf("Get(%q) Body: got %q, want %q", uri, bodyStr, chlng.KeyAuthorization) } return nil } solver := &httpChallenge{jws: j, validate: mockValidate, provider: &HTTPProviderServer{port: "23457"}} if err := solver.Solve(clientChallenge, "localhost:23457"); err != nil { t.Errorf("Solve error: got %v, want nil", err) } } func TestHTTPChallengeInvalidPort(t *testing.T) { privKey, _ := rsa.GenerateKey(rand.Reader, 128) j := &jws{privKey: privKey} clientChallenge := challenge{Type: HTTP01, Token: "http2"} solver := &httpChallenge{jws: j, validate: stubValidate, provider: &HTTPProviderServer{port: "123456"}} if err := solver.Solve(clientChallenge, "localhost:123456"); err == nil { t.Errorf("Solve error: got %v, want error", err) } else if want := "invalid port 123456"; !strings.HasSuffix(err.Error(), want) { t.Errorf("Solve error: got %q, want suffix %q", err.Error(), want) } } func TestHTTPChallengeWebRoot(t *testing.T) { privKey, _ := generatePrivateKey(rsakey, 512) j := &jws{privKey: privKey.(*rsa.PrivateKey)} clientChallenge := challenge{Type: HTTP01, Token: "http1"} mockValidate := func(_ *jws, _, _ string, chlng challenge) error { challengeFilePath := "webroot/.well-known/acme-challenge/" + chlng.Token if _, err := os.Stat(challengeFilePath); os.IsNotExist(err) { t.Error("Challenge file was not created in webroot") } data, err := ioutil.ReadFile(challengeFilePath) if err != nil { return err } dataStr := string(data) if dataStr != chlng.KeyAuthorization { t.Errorf("Challenge file content: got %q, want %q", dataStr, chlng.KeyAuthorization) } return nil } solver := &httpChallenge{jws: j, validate: mockValidate, provider: &HTTPProviderWebroot{path: "webroot"}} os.MkdirAll("webroot/.well-known/acme-challenge", 0777) if err := solver.Solve(clientChallenge, "localhost:23457"); err != nil { t.Errorf("Solve error: got %v, want nil", err) } defer os.RemoveAll("webroot") } func TestHTTPChallengeWebRootInvalidPath(t *testing.T) { privKey, _ := generatePrivateKey(rsakey, 128) j := &jws{privKey: privKey.(*rsa.PrivateKey)} clientChallenge := challenge{Type: HTTP01, Token: "http2"} solver := &httpChallenge{jws: j, validate: stubValidate, provider: &HTTPProviderWebroot{path: "/invalid-\000-path"}} if err := solver.Solve(clientChallenge, "localhost:123456"); err == nil { t.Errorf("Solve error: got %v, want error", err) } else if want := "Could not create required directories in webroot"; !strings.Contains(err.Error(), want) { t.Errorf("Solve error: got %q, want content %q", err.Error(), want) } }