2018-02-02 19:22:33 +00:00
|
|
|
package gandiv5
|
|
|
|
|
|
|
|
import (
|
2018-10-08 14:51:29 +00:00
|
|
|
"fmt"
|
2021-08-25 09:44:11 +00:00
|
|
|
"io"
|
2018-02-02 19:22:33 +00:00
|
|
|
"net/http"
|
|
|
|
"net/http/httptest"
|
|
|
|
"regexp"
|
|
|
|
"testing"
|
2018-06-11 15:32:50 +00:00
|
|
|
|
2020-09-02 01:20:01 +00:00
|
|
|
"github.com/go-acme/lego/v4/log"
|
|
|
|
"github.com/go-acme/lego/v4/platform/tester"
|
2018-10-12 17:29:18 +00:00
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
)
|
2018-10-08 14:51:29 +00:00
|
|
|
|
2023-09-20 03:42:25 +00:00
|
|
|
var envTest = tester.NewEnvTest(EnvAPIKey, EnvPersonalAccessToken)
|
2018-10-12 17:29:18 +00:00
|
|
|
|
|
|
|
func TestNewDNSProvider(t *testing.T) {
|
|
|
|
testCases := []struct {
|
|
|
|
desc string
|
|
|
|
envVars map[string]string
|
|
|
|
expected string
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
desc: "success",
|
|
|
|
envVars: map[string]string{
|
2020-03-11 22:51:10 +00:00
|
|
|
EnvAPIKey: "123",
|
2018-10-12 17:29:18 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
desc: "missing api key",
|
|
|
|
envVars: map[string]string{
|
2020-03-11 22:51:10 +00:00
|
|
|
EnvAPIKey: "",
|
2018-10-12 17:29:18 +00:00
|
|
|
},
|
2023-09-20 03:42:25 +00:00
|
|
|
expected: "gandiv5: credentials information are missing",
|
2018-10-12 17:29:18 +00:00
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, test := range testCases {
|
|
|
|
t.Run(test.desc, func(t *testing.T) {
|
2018-10-16 15:52:57 +00:00
|
|
|
defer envTest.RestoreEnv()
|
|
|
|
envTest.ClearEnv()
|
|
|
|
|
|
|
|
envTest.Apply(test.envVars)
|
2018-10-12 17:29:18 +00:00
|
|
|
|
|
|
|
p, err := NewDNSProvider()
|
|
|
|
|
2021-03-04 19:16:59 +00:00
|
|
|
if test.expected == "" {
|
2018-10-12 17:29:18 +00:00
|
|
|
require.NoError(t, err)
|
|
|
|
require.NotNil(t, p)
|
|
|
|
require.NotNil(t, p.config)
|
|
|
|
require.NotNil(t, p.inProgressFQDNs)
|
|
|
|
} else {
|
|
|
|
require.EqualError(t, err, test.expected)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestNewDNSProviderConfig(t *testing.T) {
|
|
|
|
testCases := []struct {
|
|
|
|
desc string
|
|
|
|
apiKey string
|
|
|
|
expected string
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
desc: "success",
|
|
|
|
apiKey: "123",
|
|
|
|
},
|
|
|
|
{
|
|
|
|
desc: "missing credentials",
|
2023-09-20 03:42:25 +00:00
|
|
|
expected: "gandiv5: credentials information are missing",
|
2018-10-12 17:29:18 +00:00
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, test := range testCases {
|
|
|
|
t.Run(test.desc, func(t *testing.T) {
|
|
|
|
config := NewDefaultConfig()
|
|
|
|
config.APIKey = test.apiKey
|
|
|
|
|
|
|
|
p, err := NewDNSProviderConfig(config)
|
|
|
|
|
2021-03-04 19:16:59 +00:00
|
|
|
if test.expected == "" {
|
2018-10-12 17:29:18 +00:00
|
|
|
require.NoError(t, err)
|
|
|
|
require.NotNil(t, p)
|
|
|
|
require.NotNil(t, p.config)
|
|
|
|
require.NotNil(t, p.inProgressFQDNs)
|
|
|
|
} else {
|
|
|
|
require.EqualError(t, err, test.expected)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-02-02 19:22:33 +00:00
|
|
|
// TestDNSProvider runs Present and CleanUp against a fake Gandi RPC
|
|
|
|
// Server, whose responses are predetermined for particular requests.
|
|
|
|
func TestDNSProvider(t *testing.T) {
|
2018-12-06 21:50:17 +00:00
|
|
|
// serverResponses is the JSON Request->Response map used by the
|
|
|
|
// fake JSON server.
|
2020-07-09 23:48:18 +00:00
|
|
|
serverResponses := map[string]map[string]string{
|
2018-12-06 21:50:17 +00:00
|
|
|
http.MethodGet: {
|
|
|
|
``: `{"rrset_ttl":300,"rrset_values":[],"rrset_name":"_acme-challenge.abc.def","rrset_type":"TXT"}`,
|
|
|
|
},
|
|
|
|
http.MethodPut: {
|
|
|
|
`{"rrset_ttl":300,"rrset_values":["TOKEN"]}`: `{"message": "Zone Record Created"}`,
|
|
|
|
},
|
|
|
|
http.MethodDelete: {
|
|
|
|
``: ``,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
2018-02-02 19:22:33 +00:00
|
|
|
fakeKeyAuth := "XXXX"
|
2018-06-11 15:32:50 +00:00
|
|
|
|
2018-12-06 21:50:17 +00:00
|
|
|
regexpToken := regexp.MustCompile(`"rrset_values":\[".+"\]`)
|
2018-06-11 15:32:50 +00:00
|
|
|
|
2018-02-02 19:22:33 +00:00
|
|
|
// start fake RPC server
|
2021-11-01 23:52:38 +00:00
|
|
|
mux := http.NewServeMux()
|
2023-05-05 07:49:38 +00:00
|
|
|
server := httptest.NewServer(mux)
|
|
|
|
t.Cleanup(server.Close)
|
|
|
|
|
2021-11-01 23:52:38 +00:00
|
|
|
mux.HandleFunc("/domains/example.com/records/_acme-challenge.abc.def/TXT", func(rw http.ResponseWriter, req *http.Request) {
|
2018-10-08 14:51:29 +00:00
|
|
|
log.Infof("request: %s %s", req.Method, req.URL)
|
|
|
|
|
2023-10-07 00:22:02 +00:00
|
|
|
if req.Header.Get("Authorization") != "Bearer 123412341234123412341234" {
|
|
|
|
http.Error(rw, `{"message": "missing or malformed Authorization"}`, http.StatusUnauthorized)
|
2018-10-08 14:51:29 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if req.Method == http.MethodPost && req.Header.Get("Content-Type") != "application/json" {
|
|
|
|
http.Error(rw, `{"message": "invalid content type"}`, http.StatusBadRequest)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-08-25 09:44:11 +00:00
|
|
|
body, errS := io.ReadAll(req.Body)
|
2018-10-08 14:51:29 +00:00
|
|
|
if errS != nil {
|
|
|
|
http.Error(rw, fmt.Sprintf(`{"message": "read body error: %v"}`, errS), http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
body = regexpToken.ReplaceAllLiteral(body, []byte(`"rrset_values":["TOKEN"]`))
|
|
|
|
|
|
|
|
responses, ok := serverResponses[req.Method]
|
|
|
|
if !ok {
|
|
|
|
http.Error(rw, fmt.Sprintf(`{"message": "Server response for request not found: %#q"}`, string(body)), http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
resp := responses[string(body)]
|
|
|
|
|
|
|
|
_, errS = rw.Write([]byte(resp))
|
|
|
|
if errS != nil {
|
|
|
|
http.Error(rw, fmt.Sprintf(`{"message": "failed to write response: %v"}`, errS), http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
})
|
2021-11-01 23:52:38 +00:00
|
|
|
mux.HandleFunc("/", func(rw http.ResponseWriter, req *http.Request) {
|
2018-10-08 14:51:29 +00:00
|
|
|
log.Infof("request: %s %s", req.Method, req.URL)
|
|
|
|
http.Error(rw, fmt.Sprintf(`{"message": "URL doesn't match: %s"}`, req.URL), http.StatusNotFound)
|
|
|
|
})
|
|
|
|
|
2018-02-02 19:22:33 +00:00
|
|
|
// define function to override findZoneByFqdn with
|
2018-12-06 21:50:17 +00:00
|
|
|
fakeFindZoneByFqdn := func(fqdn string) (string, error) {
|
2018-02-02 19:22:33 +00:00
|
|
|
return "example.com.", nil
|
|
|
|
}
|
2018-06-11 15:32:50 +00:00
|
|
|
|
2018-09-15 17:07:24 +00:00
|
|
|
config := NewDefaultConfig()
|
2023-09-20 03:42:25 +00:00
|
|
|
config.PersonalAccessToken = "123412341234123412341234"
|
2018-10-08 14:51:29 +00:00
|
|
|
config.BaseURL = server.URL
|
2018-09-15 17:07:24 +00:00
|
|
|
|
|
|
|
provider, err := NewDNSProviderConfig(config)
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
// override findZoneByFqdn function
|
2018-12-06 21:50:17 +00:00
|
|
|
savedFindZoneByFqdn := provider.findZoneByFqdn
|
2018-02-02 19:22:33 +00:00
|
|
|
defer func() {
|
2018-12-06 21:50:17 +00:00
|
|
|
provider.findZoneByFqdn = savedFindZoneByFqdn
|
2018-02-02 19:22:33 +00:00
|
|
|
}()
|
2018-12-06 21:50:17 +00:00
|
|
|
provider.findZoneByFqdn = fakeFindZoneByFqdn
|
2018-06-11 15:32:50 +00:00
|
|
|
|
2018-02-02 19:22:33 +00:00
|
|
|
// run Present
|
|
|
|
err = provider.Present("abc.def.example.com", "", fakeKeyAuth)
|
2018-06-11 15:32:50 +00:00
|
|
|
require.NoError(t, err)
|
|
|
|
|
2018-02-02 19:22:33 +00:00
|
|
|
// run CleanUp
|
|
|
|
err = provider.CleanUp("abc.def.example.com", "", fakeKeyAuth)
|
2018-06-11 15:32:50 +00:00
|
|
|
require.NoError(t, err)
|
2018-02-02 19:22:33 +00:00
|
|
|
}
|