Mercurial > hg > nginx-tests
comparison secure_link.t @ 160:197d5d9fd7f9
Tests: add tests for secure_link module.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 28 Jul 2011 17:12:56 +0400 |
parents | |
children | 2c07dc5bc354 |
comparison
equal
deleted
inserted
replaced
159:b5d0fcb02980 | 160:197d5d9fd7f9 |
---|---|
1 #!/usr/bin/perl | |
2 | |
3 # (C) Maxim Dounin | |
4 | |
5 # Tests for nginx secure_link module. | |
6 | |
7 ############################################################################### | |
8 | |
9 use warnings; | |
10 use strict; | |
11 | |
12 use Test::More; | |
13 | |
14 use Digest::MD5 qw/ md5 md5_hex /; | |
15 use MIME::Base64 qw/ encode_base64url /; | |
16 | |
17 BEGIN { use FindBin; chdir($FindBin::Bin); } | |
18 | |
19 use lib 'lib'; | |
20 use Test::Nginx; | |
21 | |
22 ############################################################################### | |
23 | |
24 select STDERR; $| = 1; | |
25 select STDOUT; $| = 1; | |
26 | |
27 my $t = Test::Nginx->new()->has(qw/http secure_link/)->plan(8); | |
28 | |
29 $t->write_file_expand('nginx.conf', <<'EOF'); | |
30 | |
31 %%TEST_GLOBALS%% | |
32 | |
33 daemon off; | |
34 | |
35 events { | |
36 } | |
37 | |
38 http { | |
39 %%TEST_GLOBALS_HTTP%% | |
40 | |
41 server { | |
42 listen 127.0.0.1:8080; | |
43 server_name localhost; | |
44 | |
45 location / { | |
46 # new style | |
47 # /test.html?hash=BASE64URL | |
48 | |
49 secure_link $arg_hash; | |
50 secure_link_md5 secret$uri; | |
51 | |
52 # invalid hash | |
53 if ($secure_link = "") { | |
54 return 403; | |
55 } | |
56 | |
57 # expired | |
58 if ($secure_link = "0") { | |
59 return 403; | |
60 } | |
61 | |
62 # $secure_link = "1" | |
63 } | |
64 | |
65 location = /expires.html { | |
66 # new style with expires | |
67 # /test.html?hash=BASE64URL&expires=12345678 | |
68 | |
69 secure_link $arg_hash,$arg_expires; | |
70 secure_link_md5 secret$uri$arg_expires; | |
71 | |
72 # invalid hash | |
73 if ($secure_link = "") { | |
74 return 403; | |
75 } | |
76 | |
77 # expired | |
78 if ($secure_link = "0") { | |
79 return 403; | |
80 } | |
81 | |
82 # $secure_link = "1" | |
83 } | |
84 | |
85 location /p/ { | |
86 # old style | |
87 # /p/d8e8fca2dc0f896fd7cb4cb0031ba249/test.html | |
88 | |
89 secure_link_secret secret; | |
90 | |
91 if ($secure_link = "") { | |
92 return 403; | |
93 } | |
94 | |
95 rewrite ^ /$secure_link break; | |
96 } | |
97 } | |
98 } | |
99 | |
100 EOF | |
101 | |
102 $t->write_file('test.html', 'PASSED'); | |
103 $t->write_file('expires.html', 'PASSED'); | |
104 $t->run(); | |
105 | |
106 ############################################################################### | |
107 | |
108 # new style | |
109 | |
110 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA=='), | |
111 qr/PASSED/, 'request md5'); | |
112 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA'), | |
113 qr/PASSED/, 'request md5 no padding'); | |
114 like(http_get('/test.html'), qr/^HTTP.*403/, 'request no hash'); | |
115 | |
116 # new style with expires | |
117 | |
118 my ($expires, $hash); | |
119 | |
120 $expires = time() + 86400; | |
121 $hash = encode_base64url(md5("secret/expires.html$expires")); | |
122 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), | |
123 qr/PASSED/, 'request md5 not expired'); | |
124 | |
125 $expires = time() - 86400; | |
126 $hash = encode_base64url(md5("secret/expires.html$expires")); | |
127 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), | |
128 qr/^HTTP.*403/, 'request md5 expired'); | |
129 | |
130 # old style | |
131 | |
132 like(http_get('/p/' . md5_hex('test.html' . 'secret') . '/test.html'), | |
133 qr/PASSED/, 'request old style'); | |
134 like(http_get('/p/' . md5_hex('fake') . '/test.html'), qr/^HTTP.*403/, | |
135 'request old style fake hash'); | |
136 like(http_get('/p/test.html'), qr/^HTTP.*403/, 'request old style no hash'); | |
137 | |
138 ############################################################################### |