lego/providers/dns/netcup/internal/client_test.go
Ludovic Fernandez 42941ccea6
Refactor the core of the lib (#700)
- Packages
- Isolate code used by the CLI into the package `cmd`
- (experimental) Add e2e tests for HTTP01, TLS-ALPN-01 and DNS-01, use [Pebble](https://github.com/letsencrypt/pebble) and [challtestsrv](https://github.com/letsencrypt/boulder/tree/master/test/challtestsrv) 
- Support non-ascii domain name (punnycode)
- Check all challenges in a predictable order
- No more global exported variables
- Archive revoked certificates
- Fixes revocation for subdomains and non-ascii domains
- Disable pending authorizations
- use pointer for RemoteError/ProblemDetails
- Poll authz URL instead of challenge URL
- The ability for a DNS provider to solve the challenge sequentially
- Check all nameservers in a predictable order
- Option to disable the complete propagation Requirement
- CLI, support for renew with CSR
- CLI, add SAN on renew
- Add command to list certificates.
- Logs every iteration of waiting for the propagation
- update DNSimple client
- update github.com/miekg/dns
2018-12-06 22:50:17 +01:00

611 lines
14 KiB
Go

package internal
import (
"fmt"
"io/ioutil"
"net/http"
"net/http/httptest"
"strconv"
"strings"
"testing"
"github.com/xenolf/lego/platform/tester"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/xenolf/lego/challenge/dns01"
)
var envTest = tester.NewEnvTest(
"NETCUP_CUSTOMER_NUMBER",
"NETCUP_API_KEY",
"NETCUP_API_PASSWORD").
WithDomain("NETCUP_DOMAIN")
func setupClientTest() (*Client, *http.ServeMux, func()) {
handler := http.NewServeMux()
server := httptest.NewServer(handler)
client, err := NewClient("a", "b", "c")
if err != nil {
panic(err)
}
client.BaseURL = server.URL
return client, handler, server.Close
}
func TestGetDNSRecordIdx(t *testing.T) {
records := []DNSRecord{
{
ID: 12345,
Hostname: "asdf",
RecordType: "TXT",
Priority: "0",
Destination: "randomtext",
DeleteRecord: false,
State: "yes",
},
{
ID: 23456,
Hostname: "@",
RecordType: "A",
Priority: "0",
Destination: "127.0.0.1",
DeleteRecord: false,
State: "yes",
},
{
ID: 34567,
Hostname: "dfgh",
RecordType: "CNAME",
Priority: "0",
Destination: "example.com",
DeleteRecord: false,
State: "yes",
},
{
ID: 45678,
Hostname: "fghj",
RecordType: "MX",
Priority: "10",
Destination: "mail.example.com",
DeleteRecord: false,
State: "yes",
},
}
testCases := []struct {
desc string
record DNSRecord
expectError bool
}{
{
desc: "simple",
record: DNSRecord{
ID: 12345,
Hostname: "asdf",
RecordType: "TXT",
Priority: "0",
Destination: "randomtext",
DeleteRecord: false,
State: "yes",
},
},
{
desc: "wrong Destination",
record: DNSRecord{
ID: 12345,
Hostname: "asdf",
RecordType: "TXT",
Priority: "0",
Destination: "wrong",
DeleteRecord: false,
State: "yes",
},
expectError: true,
},
{
desc: "record type CNAME",
record: DNSRecord{
ID: 12345,
Hostname: "asdf",
RecordType: "CNAME",
Priority: "0",
Destination: "randomtext",
DeleteRecord: false,
State: "yes",
},
expectError: true,
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
idx, err := GetDNSRecordIdx(records, test.record)
if test.expectError {
assert.Error(t, err)
assert.Equal(t, -1, idx)
} else {
assert.NoError(t, err)
assert.Equal(t, records[idx], test.record)
}
})
}
}
func TestClient_Login(t *testing.T) {
client, mux, tearDown := setupClientTest()
defer tearDown()
mux.HandleFunc("/", func(rw http.ResponseWriter, req *http.Request) {
raw, err := ioutil.ReadAll(req.Body)
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
if string(raw) != `{"action":"login","param":{"customernumber":"a","apikey":"b","apipassword":"c"}}` {
http.Error(rw, fmt.Sprintf("invalid request body: %s", string(raw)), http.StatusBadRequest)
}
response := `
{
"serverrequestid": "srv-request-id",
"clientrequestid": "",
"action": "login",
"status": "success",
"statuscode": 2000,
"shortmessage": "Login successful",
"longmessage": "Session has been created successful.",
"responsedata": {
"apisessionid": "api-session-id"
}
}
`
_, err = rw.Write([]byte(response))
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
})
sessionID, err := client.Login()
require.NoError(t, err)
assert.Equal(t, "api-session-id", sessionID)
}
func TestClient_Login_errors(t *testing.T) {
testCases := []struct {
desc string
handler func(rw http.ResponseWriter, req *http.Request)
}{
{
desc: "HTTP error",
handler: func(rw http.ResponseWriter, req *http.Request) {
http.Error(rw, "error message", http.StatusInternalServerError)
},
},
{
desc: "API error",
handler: func(rw http.ResponseWriter, req *http.Request) {
response := `
{
"serverrequestid":"YxTr4EzdbJ101T211zR4yzUEMVE",
"clientrequestid":"",
"action":"login",
"status":"error",
"statuscode":4013,
"shortmessage":"Validation Error.",
"longmessage":"Message is empty.",
"responsedata":""
}`
_, err := rw.Write([]byte(response))
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
},
},
{
desc: "responsedata marshaling error",
handler: func(rw http.ResponseWriter, req *http.Request) {
response := `
{
"serverrequestid": "srv-request-id",
"clientrequestid": "",
"action": "login",
"status": "success",
"statuscode": 2000,
"shortmessage": "Login successful",
"longmessage": "Session has been created successful.",
"responsedata": ""
}`
_, err := rw.Write([]byte(response))
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
client, mux, tearDown := setupClientTest()
defer tearDown()
mux.HandleFunc("/", test.handler)
sessionID, err := client.Login()
assert.Error(t, err)
assert.Equal(t, "", sessionID)
})
}
}
func TestClient_Logout(t *testing.T) {
client, mux, tearDown := setupClientTest()
defer tearDown()
mux.HandleFunc("/", func(rw http.ResponseWriter, req *http.Request) {
raw, err := ioutil.ReadAll(req.Body)
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
if string(raw) != `{"action":"logout","param":{"customernumber":"a","apikey":"b","apisessionid":"session-id"}}` {
http.Error(rw, fmt.Sprintf("invalid request body: %s", string(raw)), http.StatusBadRequest)
}
response := `
{
"serverrequestid": "request-id",
"clientrequestid": "",
"action": "logout",
"status": "success",
"statuscode": 2000,
"shortmessage": "Logout successful",
"longmessage": "Session has been terminated successful.",
"responsedata": ""
}`
_, err = rw.Write([]byte(response))
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
})
err := client.Logout("session-id")
require.NoError(t, err)
}
func TestClient_Logout_errors(t *testing.T) {
testCases := []struct {
desc string
handler func(rw http.ResponseWriter, req *http.Request)
}{
{
desc: "HTTP error",
handler: func(rw http.ResponseWriter, req *http.Request) {
http.Error(rw, "error message", http.StatusInternalServerError)
},
},
{
desc: "API error",
handler: func(rw http.ResponseWriter, req *http.Request) {
response := `
{
"serverrequestid":"YxTr4EzdbJ101T211zR4yzUEMVE",
"clientrequestid":"",
"action":"logout",
"status":"error",
"statuscode":4013,
"shortmessage":"Validation Error.",
"longmessage":"Message is empty.",
"responsedata":""
}`
_, err := rw.Write([]byte(response))
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
client, mux, tearDown := setupClientTest()
defer tearDown()
mux.HandleFunc("/", test.handler)
err := client.Logout("session-id")
require.Error(t, err)
})
}
}
func TestClient_GetDNSRecords(t *testing.T) {
client, mux, tearDown := setupClientTest()
defer tearDown()
mux.HandleFunc("/", func(rw http.ResponseWriter, req *http.Request) {
raw, err := ioutil.ReadAll(req.Body)
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
if string(raw) != `{"action":"infoDnsRecords","param":{"domainname":"example.com","customernumber":"a","apikey":"b","apisessionid":"api-session-id"}}` {
http.Error(rw, fmt.Sprintf("invalid request body: %s", string(raw)), http.StatusBadRequest)
}
response := `
{
"serverrequestid":"srv-request-id",
"clientrequestid":"",
"action":"infoDnsRecords",
"status":"success",
"statuscode":2000,
"shortmessage":"Login successful",
"longmessage":"Session has been created successful.",
"responsedata":{
"apisessionid":"api-session-id",
"dnsrecords":[
{
"id":"1",
"hostname":"example.com",
"type":"TXT",
"priority":"1",
"destination":"bGVnbzE=",
"state":"yes",
"ttl":300
},
{
"id":"2",
"hostname":"example2.com",
"type":"TXT",
"priority":"1",
"destination":"bGVnbw==",
"state":"yes",
"ttl":300
}
]
}
}`
_, err = rw.Write([]byte(response))
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
})
expected := []DNSRecord{{
ID: 1,
Hostname: "example.com",
RecordType: "TXT",
Priority: "1",
Destination: "bGVnbzE=",
DeleteRecord: false,
State: "yes",
TTL: 300,
}, {
ID: 2,
Hostname: "example2.com",
RecordType: "TXT",
Priority: "1",
Destination: "bGVnbw==",
DeleteRecord: false,
State: "yes",
TTL: 300,
}}
records, err := client.GetDNSRecords("example.com", "api-session-id")
require.NoError(t, err)
assert.Equal(t, expected, records)
}
func TestClient_GetDNSRecords_errors(t *testing.T) {
testCases := []struct {
desc string
handler func(rw http.ResponseWriter, req *http.Request)
}{
{
desc: "HTTP error",
handler: func(rw http.ResponseWriter, req *http.Request) {
http.Error(rw, "error message", http.StatusInternalServerError)
},
},
{
desc: "API error",
handler: func(rw http.ResponseWriter, req *http.Request) {
response := `
{
"serverrequestid":"YxTr4EzdbJ101T211zR4yzUEMVE",
"clientrequestid":"",
"action":"infoDnsRecords",
"status":"error",
"statuscode":4013,
"shortmessage":"Validation Error.",
"longmessage":"Message is empty.",
"responsedata":""
}`
_, err := rw.Write([]byte(response))
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
},
},
{
desc: "responsedata marshaling error",
handler: func(rw http.ResponseWriter, req *http.Request) {
raw, err := ioutil.ReadAll(req.Body)
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
if string(raw) != `{"action":"infoDnsRecords","param":{"domainname":"example.com","customernumber":"a","apikey":"b","apisessionid":"api-session-id"}}` {
http.Error(rw, fmt.Sprintf("invalid request body: %s", string(raw)), http.StatusBadRequest)
}
response := `
{
"serverrequestid":"srv-request-id",
"clientrequestid":"",
"action":"infoDnsRecords",
"status":"success",
"statuscode":2000,
"shortmessage":"Login successful",
"longmessage":"Session has been created successful.",
"responsedata":""
}`
_, err = rw.Write([]byte(response))
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
}
},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
client, mux, tearDown := setupClientTest()
defer tearDown()
mux.HandleFunc("/", test.handler)
records, err := client.GetDNSRecords("example.com", "api-session-id")
require.Error(t, err)
assert.Empty(t, records)
})
}
}
func TestLiveClientAuth(t *testing.T) {
if !envTest.IsLiveTest() {
t.Skip("skipping live test")
}
// Setup
envTest.RestoreEnv()
client, err := NewClient(
envTest.GetValue("NETCUP_CUSTOMER_NUMBER"),
envTest.GetValue("NETCUP_API_KEY"),
envTest.GetValue("NETCUP_API_PASSWORD"))
require.NoError(t, err)
for i := 1; i < 4; i++ {
i := i
t.Run("Test_"+strconv.Itoa(i), func(t *testing.T) {
t.Parallel()
sessionID, err := client.Login()
require.NoError(t, err)
err = client.Logout(sessionID)
require.NoError(t, err)
})
}
}
func TestLiveClientGetDnsRecords(t *testing.T) {
if !envTest.IsLiveTest() {
t.Skip("skipping live test")
}
// Setup
envTest.RestoreEnv()
client, err := NewClient(
envTest.GetValue("NETCUP_CUSTOMER_NUMBER"),
envTest.GetValue("NETCUP_API_KEY"),
envTest.GetValue("NETCUP_API_PASSWORD"))
require.NoError(t, err)
sessionID, err := client.Login()
require.NoError(t, err)
fqdn, _ := dns01.GetRecord(envTest.GetDomain(), "123d==")
zone, err := dns01.FindZoneByFqdn(fqdn)
require.NoError(t, err, "error finding DNSZone")
zone = dns01.UnFqdn(zone)
// TestMethod
_, err = client.GetDNSRecords(zone, sessionID)
require.NoError(t, err)
// Tear down
err = client.Logout(sessionID)
require.NoError(t, err)
}
func TestLiveClientUpdateDnsRecord(t *testing.T) {
if !envTest.IsLiveTest() {
t.Skip("skipping live test")
}
// Setup
envTest.RestoreEnv()
client, err := NewClient(
envTest.GetValue("NETCUP_CUSTOMER_NUMBER"),
envTest.GetValue("NETCUP_API_KEY"),
envTest.GetValue("NETCUP_API_PASSWORD"))
require.NoError(t, err)
sessionID, err := client.Login()
require.NoError(t, err)
fqdn, _ := dns01.GetRecord(envTest.GetDomain(), "123d==")
zone, err := dns01.FindZoneByFqdn(fqdn)
require.NoError(t, err, fmt.Errorf("error finding DNSZone, %v", err))
hostname := strings.Replace(fqdn, "."+zone, "", 1)
record := DNSRecord{
Hostname: hostname,
RecordType: "TXT",
Destination: "asdf5678",
DeleteRecord: false,
TTL: 120,
}
// test
zone = dns01.UnFqdn(zone)
err = client.UpdateDNSRecord(sessionID, zone, []DNSRecord{record})
require.NoError(t, err)
records, err := client.GetDNSRecords(zone, sessionID)
require.NoError(t, err)
recordIdx, err := GetDNSRecordIdx(records, record)
require.NoError(t, err)
assert.Equal(t, record.Hostname, records[recordIdx].Hostname)
assert.Equal(t, record.RecordType, records[recordIdx].RecordType)
assert.Equal(t, record.Destination, records[recordIdx].Destination)
assert.Equal(t, record.DeleteRecord, records[recordIdx].DeleteRecord)
records[recordIdx].DeleteRecord = true
// Tear down
err = client.UpdateDNSRecord(sessionID, envTest.GetDomain(), []DNSRecord{records[recordIdx]})
require.NoError(t, err, "Did not remove record! Please do so yourself.")
err = client.Logout(sessionID)
require.NoError(t, err)
}