lego/acme/client_test.go

package acme

import (
	"crypto"
	"crypto/rand"
	"crypto/rsa"
	"encoding/json"
	"net"
	"net/http"
	"net/http/httptest"
	"strings"
	"testing"
	"time"
)

func TestNewClient(t *testing.T) {
	keyBits := 32 // small value keeps test fast
	keyType := RSA2048
	key, err := rsa.GenerateKey(rand.Reader, keyBits)
	if err != nil {
		t.Fatal("Could not generate test key:", err)
	}
	user := mockUser{
		email:      "test@test.com",
		regres:     new(RegistrationResource),
		privatekey: key,
	}

	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		data, _ := json.Marshal(directory{NewAuthzURL: "http://test", NewCertURL: "http://test", NewRegURL: "http://test", RevokeCertURL: "http://test"})
		w.Write(data)
	}))

	client, err := NewClient(ts.URL, user, keyType)
	if err != nil {
		t.Fatalf("Could not create client: %v", err)
	}

	if client.jws == nil {
		t.Fatalf("Expected client.jws to not be nil")
	}
	if expected, actual := key, client.jws.privKey; actual != expected {
		t.Errorf("Expected jws.privKey to be %p but was %p", expected, actual)
	}

	if client.keyType != keyType {
		t.Errorf("Expected keyType to be %s but was %s", keyType, client.keyType)
	}

	if expected, actual := 2, len(client.solvers); actual != expected {
		t.Fatalf("Expected %d solver(s), got %d", expected, actual)
	}
}

func TestClientOptPort(t *testing.T) {
	keyBits := 32 // small value keeps test fast
	key, err := rsa.GenerateKey(rand.Reader, keyBits)
	if err != nil {
		t.Fatal("Could not generate test key:", err)
	}
	user := mockUser{
		email:      "test@test.com",
		regres:     new(RegistrationResource),
		privatekey: key,
	}

	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		data, _ := json.Marshal(directory{NewAuthzURL: "http://test", NewCertURL: "http://test", NewRegURL: "http://test", RevokeCertURL: "http://test"})
		w.Write(data)
	}))

	optPort := "1234"
	optHost := ""
	client, err := NewClient(ts.URL, user, RSA2048)
	if err != nil {
		t.Fatalf("Could not create client: %v", err)
	}
	client.SetHTTPAddress(net.JoinHostPort(optHost, optPort))
	client.SetTLSAddress(net.JoinHostPort(optHost, optPort))

	httpSolver, ok := client.solvers[HTTP01].(*httpChallenge)
	if !ok {
		t.Fatal("Expected http-01 solver to be httpChallenge type")
	}
	if httpSolver.jws != client.jws {
		t.Error("Expected http-01 to have same jws as client")
	}
	if got := httpSolver.provider.(*HTTPProviderServer).port; got != optPort {
		t.Errorf("Expected http-01 to have port %s but was %s", optPort, got)
	}
	if got := httpSolver.provider.(*HTTPProviderServer).iface; got != optHost {
		t.Errorf("Expected http-01 to have iface %s but was %s", optHost, got)
	}

	httpsSolver, ok := client.solvers[TLSSNI01].(*tlsSNIChallenge)
	if !ok {
		t.Fatal("Expected tls-sni-01 solver to be httpChallenge type")
	}
	if httpsSolver.jws != client.jws {
		t.Error("Expected tls-sni-01 to have same jws as client")
	}
	if got := httpsSolver.provider.(*TLSProviderServer).port; got != optPort {
		t.Errorf("Expected tls-sni-01 to have port %s but was %s", optPort, got)
	}
	if got := httpsSolver.provider.(*TLSProviderServer).iface; got != optHost {
		t.Errorf("Expected tls-sni-01 to have port %s but was %s", optHost, got)
	}

	// test setting different host
	optHost = "127.0.0.1"
	client.SetHTTPAddress(net.JoinHostPort(optHost, optPort))
	client.SetTLSAddress(net.JoinHostPort(optHost, optPort))

	if got := httpSolver.provider.(*HTTPProviderServer).iface; got != optHost {
		t.Errorf("Expected http-01 to have iface %s but was %s", optHost, got)
	}
	if got := httpsSolver.provider.(*TLSProviderServer).port; got != optPort {
		t.Errorf("Expected tls-sni-01 to have port %s but was %s", optPort, got)
	}
}

func TestNotHoldingLockWhileMakingHTTPRequests(t *testing.T) {
	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		time.Sleep(250 * time.Millisecond)
		w.Header().Add("Replay-Nonce", "12345")
		w.Header().Add("Retry-After", "0")
		writeJSONResponse(w, &challenge{Type: "http-01", Status: "Valid", URI: "http://example.com/", Token: "token"})
	}))
	defer ts.Close()

	privKey, _ := rsa.GenerateKey(rand.Reader, 512)
	j := &jws{privKey: privKey, directoryURL: ts.URL}
	ch := make(chan bool)
	resultCh := make(chan bool)
	go func() {
		j.Nonce()
		ch <- true
	}()
	go func() {
		j.Nonce()
		ch <- true
	}()
	go func() {
		<-ch
		<-ch
		resultCh <- true
	}()
	select {
	case <-resultCh:
	case <-time.After(400 * time.Millisecond):
		t.Fatal("JWS is probably holding a lock while making HTTP request")
	}
}

func TestValidate(t *testing.T) {
	var statuses []string
	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		// Minimal stub ACME server for validation.
		w.Header().Add("Replay-Nonce", "12345")
		w.Header().Add("Retry-After", "0")
		switch r.Method {
		case "HEAD":
		case "POST":
			st := statuses[0]
			statuses = statuses[1:]
			writeJSONResponse(w, &challenge{Type: "http-01", Status: st, URI: "http://example.com/", Token: "token"})

		case "GET":
			st := statuses[0]
			statuses = statuses[1:]
			writeJSONResponse(w, &challenge{Type: "http-01", Status: st, URI: "http://example.com/", Token: "token"})

		default:
			http.Error(w, r.Method, http.StatusMethodNotAllowed)
		}
	}))
	defer ts.Close()

	privKey, _ := rsa.GenerateKey(rand.Reader, 512)
	j := &jws{privKey: privKey, directoryURL: ts.URL}

	tsts := []struct {
		name     string
		statuses []string
		want     string
	}{
		{"POST-unexpected", []string{"weird"}, "unexpected"},
		{"POST-valid", []string{"valid"}, ""},
		{"POST-invalid", []string{"invalid"}, "Error Detail"},
		{"GET-unexpected", []string{"pending", "weird"}, "unexpected"},
		{"GET-valid", []string{"pending", "valid"}, ""},
		{"GET-invalid", []string{"pending", "invalid"}, "Error Detail"},
	}

	for _, tst := range tsts {
		statuses = tst.statuses
		if err := validate(j, "example.com", ts.URL, challenge{Type: "http-01", Token: "token"}); err == nil && tst.want != "" {
			t.Errorf("[%s] validate: got error %v, want something with %q", tst.name, err, tst.want)
		} else if err != nil && !strings.Contains(err.Error(), tst.want) {
			t.Errorf("[%s] validate: got error %v, want something with %q", tst.name, err, tst.want)
		}
	}
}

// writeJSONResponse marshals the body as JSON and writes it to the response.
func writeJSONResponse(w http.ResponseWriter, body interface{}) {
	bs, err := json.Marshal(body)
	if err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
		return
	}

	w.Header().Set("Content-Type", "application/json")
	if _, err := w.Write(bs); err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
	}
}

// stubValidate is like validate, except it does nothing.
func stubValidate(j *jws, domain, uri string, chlng challenge) error {
	return nil
}

type mockUser struct {
	email      string
	regres     *RegistrationResource
	privatekey *rsa.PrivateKey
}

func (u mockUser) GetEmail() string                       { return u.email }
func (u mockUser) GetRegistration() *RegistrationResource { return u.regres }
func (u mockUser) GetPrivateKey() crypto.PrivateKey       { return u.privatekey }
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`package acme`

			`import (`
Adapt tests to EC changes 2016-01-27 01:01:58 +00:00			`"crypto"`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`"crypto/rand"`
			`"crypto/rsa"`
Changed the client to pull the urls down from the directory on the CA server. CA Url now needs to point to the root of the CA 2015-09-26 20:59:16 +00:00			`"encoding/json"`
Update tests 2016-01-08 07:04:50 +00:00			`"net"`
Changed the client to pull the urls down from the directory on the CA server. CA Url now needs to point to the root of the CA 2015-09-26 20:59:16 +00:00			`"net/http"`
			`"net/http/httptest"`
Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests. 2015-12-05 14:53:53 +00:00			`"strings"`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`"testing"`
Reduce nonce locking (#340) * [reduce-locking] Prepare for change * [reduce-locking] Do not lock on http request * [reduce-locking] Move getNonce and getNonceFromResponse from jws struct cause they do not need access to it * [reduce-locking] Extract nonceManager * [reduce-locking] Add test that tries to show locking on http requests problem 2017-02-19 03:48:45 +00:00			`"time"`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`)`

			`func TestNewClient(t *testing.T) {`
			`keyBits := 32 // small value keeps test fast`
Adapt tests to EC changes 2016-01-27 01:01:58 +00:00			`keyType := RSA2048`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`key, err := rsa.GenerateKey(rand.Reader, keyBits)`
			`if err != nil {`
			`t.Fatal("Could not generate test key:", err)`
			`}`
			`user := mockUser{`
			`email: "test@test.com",`
			`regres: new(RegistrationResource),`
			`privatekey: key,`
			`}`
Changed the client to pull the urls down from the directory on the CA server. CA Url now needs to point to the root of the CA 2015-09-26 20:59:16 +00:00
			`ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`data, _ := json.Marshal(directory{NewAuthzURL: "http://test", NewCertURL: "http://test", NewRegURL: "http://test", RevokeCertURL: "http://test"})`
			`w.Write(data)`
			`}))`

Adapt tests to EC changes 2016-01-27 01:01:58 +00:00			`client, err := NewClient(ts.URL, user, keyType)`
Replaced fatal with print; return errors from NewClient 2015-10-27 23:00:42 +00:00			`if err != nil {`
			`t.Fatalf("Could not create client: %v", err)`
			`}`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00
			`if client.jws == nil {`
			`t.Fatalf("Expected client.jws to not be nil")`
			`}`
			`if expected, actual := key, client.jws.privKey; actual != expected {`
			`t.Errorf("Expected jws.privKey to be %p but was %p", expected, actual)`
			`}`

Adapt tests to EC changes 2016-01-27 01:01:58 +00:00			`if client.keyType != keyType {`
Remove keyBits from tests, use keyType instead. 2016-02-21 03:22:03 +00:00			`t.Errorf("Expected keyType to be %s but was %s", keyType, client.keyType)`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`}`

We have two solvers now 2015-11-22 18:33:26 +00:00			`if expected, actual := 2, len(client.solvers); actual != expected {`
Make acme.Logger optional; otherwise use standard log.Logger Also fixed lil' vet warning 2015-11-06 06:43:42 +00:00			`t.Fatalf("Expected %d solver(s), got %d", expected, actual)`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`}`
Make solvers configurable. Allows selecting which solvers are available, and specifying options for them. 2015-12-05 21:01:08 +00:00			`}`

Fix tests 2015-12-27 17:56:44 +00:00			`func TestClientOptPort(t *testing.T) {`
Make solvers configurable. Allows selecting which solvers are available, and specifying options for them. 2015-12-05 21:01:08 +00:00			`keyBits := 32 // small value keeps test fast`
			`key, err := rsa.GenerateKey(rand.Reader, keyBits)`
			`if err != nil {`
			`t.Fatal("Could not generate test key:", err)`
			`}`
			`user := mockUser{`
			`email: "test@test.com",`
			`regres: new(RegistrationResource),`
			`privatekey: key,`
			`}`

			`ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`data, _ := json.Marshal(directory{NewAuthzURL: "http://test", NewCertURL: "http://test", NewRegURL: "http://test", RevokeCertURL: "http://test"})`
			`w.Write(data)`
			`}))`

			`optPort := "1234"`
Update tests 2016-01-08 07:04:50 +00:00			`optHost := ""`
Adapt tests to EC changes 2016-01-27 01:01:58 +00:00			`client, err := NewClient(ts.URL, user, RSA2048)`
Make solvers configurable. Allows selecting which solvers are available, and specifying options for them. 2015-12-05 21:01:08 +00:00			`if err != nil {`
			`t.Fatalf("Could not create client: %v", err)`
			`}`
Update tests 2016-01-08 07:04:50 +00:00			`client.SetHTTPAddress(net.JoinHostPort(optHost, optPort))`
			`client.SetTLSAddress(net.JoinHostPort(optHost, optPort))`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00
Refactor challenge providers to new ChallengeProvider interface * new ChallengeProvider with Present and CleanUp methods * new Challenge type describing `http-01`, `tls-sni-01`, `dns-01` * new client.SetChallengeProvider to support custom implementations 2016-01-15 04:06:25 +00:00			`httpSolver, ok := client.solvers[HTTP01].(*httpChallenge)`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`if !ok {`
Don't try appending /directory to caURL (spec doesn't require it) Also improved some comments/docs and fixed a test 2015-11-20 19:01:06 +00:00			`t.Fatal("Expected http-01 solver to be httpChallenge type")`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`}`
Remove simpleHTTP - Update README 2015-11-18 21:15:37 +00:00			`if httpSolver.jws != client.jws {`
Don't try appending /directory to caURL (spec doesn't require it) Also improved some comments/docs and fixed a test 2015-11-20 19:01:06 +00:00			`t.Error("Expected http-01 to have same jws as client")`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`}`
Fix tests for new naming. 2016-02-14 21:07:27 +00:00			`if got := httpSolver.provider.(*HTTPProviderServer).port; got != optPort {`
Refactor challenge providers to new ChallengeProvider interface * new ChallengeProvider with Present and CleanUp methods * new Challenge type describing `http-01`, `tls-sni-01`, `dns-01` * new client.SetChallengeProvider to support custom implementations 2016-01-15 04:06:25 +00:00			`t.Errorf("Expected http-01 to have port %s but was %s", optPort, got)`
Update tests 2016-01-08 07:04:50 +00:00			`}`
Fix tests for new naming. 2016-02-14 21:07:27 +00:00			`if got := httpSolver.provider.(*HTTPProviderServer).iface; got != optHost {`
Refactor challenge providers to new ChallengeProvider interface * new ChallengeProvider with Present and CleanUp methods * new Challenge type describing `http-01`, `tls-sni-01`, `dns-01` * new client.SetChallengeProvider to support custom implementations 2016-01-15 04:06:25 +00:00			`t.Errorf("Expected http-01 to have iface %s but was %s", optHost, got)`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`}`
Fix tests 2015-12-27 17:56:44 +00:00
Refactor challenge providers to new ChallengeProvider interface * new ChallengeProvider with Present and CleanUp methods * new Challenge type describing `http-01`, `tls-sni-01`, `dns-01` * new client.SetChallengeProvider to support custom implementations 2016-01-15 04:06:25 +00:00			`httpsSolver, ok := client.solvers[TLSSNI01].(*tlsSNIChallenge)`
Fix tests 2015-12-27 17:56:44 +00:00			`if !ok {`
			`t.Fatal("Expected tls-sni-01 solver to be httpChallenge type")`
			`}`
			`if httpsSolver.jws != client.jws {`
			`t.Error("Expected tls-sni-01 to have same jws as client")`
			`}`
Fix tests for new naming. 2016-02-14 21:07:27 +00:00			`if got := httpsSolver.provider.(*TLSProviderServer).port; got != optPort {`
Refactor challenge providers to new ChallengeProvider interface * new ChallengeProvider with Present and CleanUp methods * new Challenge type describing `http-01`, `tls-sni-01`, `dns-01` * new client.SetChallengeProvider to support custom implementations 2016-01-15 04:06:25 +00:00			`t.Errorf("Expected tls-sni-01 to have port %s but was %s", optPort, got)`
Update tests 2016-01-08 07:04:50 +00:00			`}`
Fix tests for new naming. 2016-02-14 21:07:27 +00:00			`if got := httpsSolver.provider.(*TLSProviderServer).iface; got != optHost {`
Refactor challenge providers to new ChallengeProvider interface * new ChallengeProvider with Present and CleanUp methods * new Challenge type describing `http-01`, `tls-sni-01`, `dns-01` * new client.SetChallengeProvider to support custom implementations 2016-01-15 04:06:25 +00:00			`t.Errorf("Expected tls-sni-01 to have port %s but was %s", optHost, got)`
Update tests 2016-01-08 07:04:50 +00:00			`}`

			`// test setting different host`
			`optHost = "127.0.0.1"`
			`client.SetHTTPAddress(net.JoinHostPort(optHost, optPort))`
			`client.SetTLSAddress(net.JoinHostPort(optHost, optPort))`

Fix tests for new naming. 2016-02-14 21:07:27 +00:00			`if got := httpSolver.provider.(*HTTPProviderServer).iface; got != optHost {`
Refactor challenge providers to new ChallengeProvider interface * new ChallengeProvider with Present and CleanUp methods * new Challenge type describing `http-01`, `tls-sni-01`, `dns-01` * new client.SetChallengeProvider to support custom implementations 2016-01-15 04:06:25 +00:00			`t.Errorf("Expected http-01 to have iface %s but was %s", optHost, got)`
Update tests 2016-01-08 07:04:50 +00:00			`}`
Fix tests for new naming. 2016-02-14 21:07:27 +00:00			`if got := httpsSolver.provider.(*TLSProviderServer).port; got != optPort {`
Refactor challenge providers to new ChallengeProvider interface * new ChallengeProvider with Present and CleanUp methods * new Challenge type describing `http-01`, `tls-sni-01`, `dns-01` * new client.SetChallengeProvider to support custom implementations 2016-01-15 04:06:25 +00:00			`t.Errorf("Expected tls-sni-01 to have port %s but was %s", optPort, got)`
Fix tests 2015-12-27 17:56:44 +00:00			`}`
Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`}`

Reduce nonce locking (#340) * [reduce-locking] Prepare for change * [reduce-locking] Do not lock on http request * [reduce-locking] Move getNonce and getNonceFromResponse from jws struct cause they do not need access to it * [reduce-locking] Extract nonceManager * [reduce-locking] Add test that tries to show locking on http requests problem 2017-02-19 03:48:45 +00:00			`func TestNotHoldingLockWhileMakingHTTPRequests(t *testing.T) {`
			`ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`time.Sleep(250 * time.Millisecond)`
			`w.Header().Add("Replay-Nonce", "12345")`
			`w.Header().Add("Retry-After", "0")`
			`writeJSONResponse(w, &challenge{Type: "http-01", Status: "Valid", URI: "http://example.com/", Token: "token"})`
			`}))`
			`defer ts.Close()`

			`privKey, _ := rsa.GenerateKey(rand.Reader, 512)`
			`j := &jws{privKey: privKey, directoryURL: ts.URL}`
			`ch := make(chan bool)`
			`resultCh := make(chan bool)`
			`go func() {`
			`j.Nonce()`
			`ch <- true`
			`}()`
			`go func() {`
			`j.Nonce()`
			`ch <- true`
			`}()`
			`go func() {`
			`<-ch`
			`<-ch`
			`resultCh <- true`
			`}()`
			`select {`
			`case <-resultCh:`
			`case <-time.After(400 * time.Millisecond):`
			`t.Fatal("JWS is probably holding a lock while making HTTP request")`
			`}`
			`}`

Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests. 2015-12-05 14:53:53 +00:00			`func TestValidate(t *testing.T) {`
			`var statuses []string`
			`ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`// Minimal stub ACME server for validation.`
			`w.Header().Add("Replay-Nonce", "12345")`
Replace exponential back-off in validate with Retry-After header. Last paragraph of ACME spec, section 6.5: To check on the status of an authorization, the client sends a GET request to the authorization URI, and the server responds with the current authorization object. In responding to poll requests while the validation is still in progress, the server MUST return a 202 (Accepted) response with a Retry-After header field. 2015-12-05 21:32:53 +00:00			`w.Header().Add("Retry-After", "0")`
Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests. 2015-12-05 14:53:53 +00:00			`switch r.Method {`
			`case "HEAD":`
			`case "POST":`
			`st := statuses[0]`
			`statuses = statuses[1:]`
			`writeJSONResponse(w, &challenge{Type: "http-01", Status: st, URI: "http://example.com/", Token: "token"})`

			`case "GET":`
			`st := statuses[0]`
			`statuses = statuses[1:]`
			`writeJSONResponse(w, &challenge{Type: "http-01", Status: st, URI: "http://example.com/", Token: "token"})`

			`default:`
			`http.Error(w, r.Method, http.StatusMethodNotAllowed)`
			`}`
			`}))`
			`defer ts.Close()`

Adapt tests to EC changes 2016-01-27 01:01:58 +00:00			`privKey, _ := rsa.GenerateKey(rand.Reader, 512)`
			`j := &jws{privKey: privKey, directoryURL: ts.URL}`
Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests. 2015-12-05 14:53:53 +00:00
			`tsts := []struct {`
			`name string`
			`statuses []string`
			`want string`
			`}{`
			`{"POST-unexpected", []string{"weird"}, "unexpected"},`
			`{"POST-valid", []string{"valid"}, ""},`
Fix validateFunc tests 2015-12-27 18:26:47 +00:00			`{"POST-invalid", []string{"invalid"}, "Error Detail"},`
Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests. 2015-12-05 14:53:53 +00:00			`{"GET-unexpected", []string{"pending", "weird"}, "unexpected"},`
			`{"GET-valid", []string{"pending", "valid"}, ""},`
Fix validateFunc tests 2015-12-27 18:26:47 +00:00			`{"GET-invalid", []string{"pending", "invalid"}, "Error Detail"},`
Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests. 2015-12-05 14:53:53 +00:00			`}`

			`for _, tst := range tsts {`
			`statuses = tst.statuses`
Fix validateFunc tests 2015-12-27 18:26:47 +00:00			`if err := validate(j, "example.com", ts.URL, challenge{Type: "http-01", Token: "token"}); err == nil && tst.want != "" {`
Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests. 2015-12-05 14:53:53 +00:00			`t.Errorf("[%s] validate: got error %v, want something with %q", tst.name, err, tst.want)`
			`} else if err != nil && !strings.Contains(err.Error(), tst.want) {`
			`t.Errorf("[%s] validate: got error %v, want something with %q", tst.name, err, tst.want)`
			`}`
			`}`
			`}`

			`// writeJSONResponse marshals the body as JSON and writes it to the response.`
			`func writeJSONResponse(w http.ResponseWriter, body interface{}) {`
			`bs, err := json.Marshal(body)`
			`if err != nil {`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`

			`w.Header().Set("Content-Type", "application/json")`
			`if _, err := w.Write(bs); err != nil {`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`}`
			`}`

			`// stubValidate is like validate, except it does nothing.`
Fix validateFunc tests 2015-12-27 18:26:47 +00:00			`func stubValidate(j *jws, domain, uri string, chlng challenge) error {`
Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests. 2015-12-05 14:53:53 +00:00			`return nil`
			`}`

Test NewClient Just a simple test to make sure a Client gets set up properly 2015-06-13 15:00:18 +00:00			`type mockUser struct {`
			`email string`
			`regres *RegistrationResource`
			`privatekey *rsa.PrivateKey`
			`}`

			`func (u mockUser) GetEmail() string { return u.email }`
			`func (u mockUser) GetRegistration() *RegistrationResource { return u.regres }`
Adapt tests to EC changes 2016-01-27 01:01:58 +00:00			`func (u mockUser) GetPrivateKey() crypto.PrivateKey { return u.privatekey }`