Mercurial > hg > nginx-tests

comparison secure_link.t @ 160:197d5d9fd7f9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: add tests for secure_link module.
author Maxim Dounin <mdounin@mdounin.ru>
date Thu, 28 Jul 2011 17:12:56 +0400
parents
children 2c07dc5bc354
comparison
equal deleted inserted replaced
159:b5d0fcb02980 160:197d5d9fd7f9
1 #!/usr/bin/perl
2
3 # (C) Maxim Dounin
4
5 # Tests for nginx secure_link module.
6
7 ###############################################################################
8
9 use warnings;
10 use strict;
11
12 use Test::More;
13
14 use Digest::MD5 qw/ md5 md5_hex /;
15 use MIME::Base64 qw/ encode_base64url /;
16
17 BEGIN { use FindBin; chdir($FindBin::Bin); }
18
19 use lib 'lib';
20 use Test::Nginx;
21
22 ###############################################################################
23
24 select STDERR; $| = 1;
25 select STDOUT; $| = 1;
26
27 my $t = Test::Nginx->new()->has(qw/http secure_link/)->plan(8);
28
29 $t->write_file_expand('nginx.conf', <<'EOF');
30
31 %%TEST_GLOBALS%%
32
33 daemon off;
34
35 events {
36 }
37
38 http {
39 %%TEST_GLOBALS_HTTP%%
40
41 server {
42 listen 127.0.0.1:8080;
43 server_name localhost;
44
45 location / {
46 # new style
47 # /test.html?hash=BASE64URL
48
49 secure_link $arg_hash;
50 secure_link_md5 secret$uri;
51
52 # invalid hash
53 if ($secure_link = "") {
54 return 403;
55 }
56
57 # expired
58 if ($secure_link = "0") {
59 return 403;
60 }
61
62 # $secure_link = "1"
63 }
64
65 location = /expires.html {
66 # new style with expires
67 # /test.html?hash=BASE64URL&expires=12345678
68
69 secure_link $arg_hash,$arg_expires;
70 secure_link_md5 secret$uri$arg_expires;
71
72 # invalid hash
73 if ($secure_link = "") {
74 return 403;
75 }
76
77 # expired
78 if ($secure_link = "0") {
79 return 403;
80 }
81
82 # $secure_link = "1"
83 }
84
85 location /p/ {
86 # old style
87 # /p/d8e8fca2dc0f896fd7cb4cb0031ba249/test.html
88
89 secure_link_secret secret;
90
91 if ($secure_link = "") {
92 return 403;
93 }
94
95 rewrite ^ /$secure_link break;
96 }
97 }
98 }
99
100 EOF
101
102 $t->write_file('test.html', 'PASSED');
103 $t->write_file('expires.html', 'PASSED');
104 $t->run();
105
106 ###############################################################################
107
108 # new style
109
110 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA=='),
111 qr/PASSED/, 'request md5');
112 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA'),
113 qr/PASSED/, 'request md5 no padding');
114 like(http_get('/test.html'), qr/^HTTP.*403/, 'request no hash');
115
116 # new style with expires
117
118 my ($expires, $hash);
119
120 $expires = time() + 86400;
121 $hash = encode_base64url(md5("secret/expires.html$expires"));
122 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires),
123 qr/PASSED/, 'request md5 not expired');
124
125 $expires = time() - 86400;
126 $hash = encode_base64url(md5("secret/expires.html$expires"));
127 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires),
128 qr/^HTTP.*403/, 'request md5 expired');
129
130 # old style
131
132 like(http_get('/p/' . md5_hex('test.html' . 'secret') . '/test.html'),
133 qr/PASSED/, 'request old style');
134 like(http_get('/p/' . md5_hex('fake') . '/test.html'), qr/^HTTP.*403/,
135 'request old style fake hash');
136 like(http_get('/p/test.html'), qr/^HTTP.*403/, 'request old style no hash');
137
138 ###############################################################################