package keyfetch import ( "errors" "testing" ) func TestInvalidIssuer(t *testing.T) { _, err := NewWhitelist([]string{"somethingorother"}) if nil == err { t.Log("invalid http urls can get through, but that's okay") } _, err = NewWhitelist([]string{"//example.com/foo"}) if nil == err { t.Fatal(errors.New("semi-bad url got through")) } } func TestIssuerMatches(t *testing.T) { trusted := []string{ "https://example.com/", "http://happy.xyz/abc", "foobar.net/def/", "https://*.wild.org", "https://*.west.mali/verde", } _, err := NewWhitelist(trusted) if nil == err { t.Fatal(errors.New("An insecure domain got through!")) } list, err := NewWhitelist(trusted, true) if nil != err { t.Fatal(err) } var iss string iss = "https://example.com" if !IsTrustedIssuer(iss, list) { t.Fatal("A good domain didn't make it:", iss) } iss = "https://example.com/" if !IsTrustedIssuer(iss, list) { t.Fatal("A good domain didn't make it:", iss) } iss = "http://example.com" if IsTrustedIssuer(iss, list) { t.Fatal("A bad URL slipped past", iss) } iss = "https://example.com/foo" if IsTrustedIssuer(iss, list) { t.Fatal("A bad URL slipped past", iss) } iss = "http://happy.xyz/abc" if !IsTrustedIssuer(iss, list) { t.Fatal("A good URL didn't make it:", iss) } iss = "http://happy.xyz/abc/" if !IsTrustedIssuer(iss, list) { t.Fatal("A good URL didn't make it:", iss) } iss = "http://happy.xyz/abc/d" if IsTrustedIssuer(iss, list) { t.Fatal("A bad URL slipped past", iss) } iss = "http://happy.xyz/abcd" if IsTrustedIssuer(iss, list) { t.Fatal("A bad URL slipped past", iss) } iss = "https://foobar.net/def" if !IsTrustedIssuer(iss, list) { t.Fatal("A good URL didn't make it:", iss) } iss = "https://foobar.net/def/" if !IsTrustedIssuer(iss, list) { t.Fatal("A good URL didn't make it:", iss) } iss = "http://foobar.net/def/" if IsTrustedIssuer(iss, list) { t.Fatal("A bad URL slipped past", iss) } iss = "https://foobar.net/def/e" if IsTrustedIssuer(iss, list) { t.Fatal("A bad URL slipped past", iss) } iss = "https://foobar.net/defe" if IsTrustedIssuer(iss, list) { t.Fatal("A bad URL slipped past", iss) } iss = "https://wild.org" if IsTrustedIssuer(iss, list) { t.Fatal("A bad URL slipped past", iss) } iss = "https://foo.wild.org" if !IsTrustedIssuer(iss, list) { t.Fatal("A good URL didn't make it:", iss) } iss = "https://sub.foo.wild.org" if !IsTrustedIssuer(iss, list) { t.Fatal("A good URL didn't make it:", iss) } iss = "https://foo.wild.org/cherries" if IsTrustedIssuer(iss, list) { t.Fatal("A bad URL slipped past", iss) } iss = "https://sub.west.mali/verde/" if !IsTrustedIssuer(iss, list) { t.Fatal("A good URL didn't make it:", iss) } iss = "https://sub.west.mali" if IsTrustedIssuer(iss, list) { t.Fatal("A bad URL slipped past", iss) } }