diff options
| author | mokha <mokha@cisco.com> | 2018-05-14 18:38:39 -0600 |
|---|---|---|
| committer | mokha <mokha@cisco.com> | 2018-05-14 18:38:39 -0600 |
| commit | d5299cb2c1149ff187b3b1da4d70a04253d82027 (patch) | |
| tree | 4d6cdd0d110f518e5f2d423f0bffc16905cb15a3 | |
| parent | a417b0f2a34582618c93740fd74ca1c620a39e54 (diff) | |
test mutual tls connection.
| -rw-r--r-- | lib/net/hippie/client.rb | 12 | ||||
| -rw-r--r-- | test/net/client_test.rb | 29 |
2 files changed, 33 insertions, 8 deletions
diff --git a/lib/net/hippie/client.rb b/lib/net/hippie/client.rb index 53f80d7..feb5025 100644 --- a/lib/net/hippie/client.rb +++ b/lib/net/hippie/client.rb @@ -62,10 +62,7 @@ module Net http.use_ssl = uri.is_a?(URI::HTTPS) http.verify_mode = verify_mode http.set_debug_output(Net::Hippie.logger) - if certificate && key - http.cert = OpenSSL::X509::Certificate.new(certificate) if certificate - http.key = private_key - end + apply_client_tls_to(http) http end @@ -87,6 +84,13 @@ module Net OpenSSL::PKey::RSA.new(key) end end + + def apply_client_tls_to(http) + return if certificate.nil? || key.nil? + + http.cert = OpenSSL::X509::Certificate.new(certificate) if certificate + http.key = private_key + end end end end diff --git a/test/net/client_test.rb b/test/net/client_test.rb index 8b9ee57..c6226c5 100644 --- a/test/net/client_test.rb +++ b/test/net/client_test.rb @@ -39,8 +39,8 @@ class ClientTest < Minitest::Test def test_get_with_headers headers = { 'Accept' => 'application/vnd.haveibeenpwned.v2+json' } WebMock.stub_request(:get, 'https://haveibeenpwned.com/api/breaches') - .with(headers: headers) - .to_return(status: 201, body: {}.to_json) + .with(headers: headers) + .to_return(status: 201, body: {}.to_json) uri = URI.parse('https://haveibeenpwned.com/api/breaches') @@ -53,8 +53,8 @@ class ClientTest < Minitest::Test uri = URI.parse('https://haveibeenpwned.com/api/breaches') body = { 'hello' => 'world' } WebMock.stub_request(:get, uri.to_s) - .with(body: body.to_json) - .to_return(status: 201, body: {}.to_json) + .with(body: body.to_json) + .to_return(status: 201, body: {}.to_json) response = subject.get(uri, body: body) @@ -103,4 +103,25 @@ class ClientTest < Minitest::Test assert_equal 'Congratulations!', JSON.parse(@response.body)['Message'] end end + + def test_client_tls + private_key = OpenSSL::PKey::RSA.new(2048) + certificate = OpenSSL::X509::Certificate.new + certificate.not_after = certificate.not_before = Time.now + certificate.public_key = private_key.public_key + certificate.sign(private_key, OpenSSL::Digest::SHA256.new) + + subject = Net::Hippie::Client.new(certificate: certificate.to_pem, key: private_key.export) + uri = URI.parse('https://haveibeenpwned.com/api/breaches') + + @called = false + VCR.use_cassette('get_breaches') do + subject.get(uri) do |_request, response| + @called = true + refute_nil response + assert_equal '000webhost', JSON.parse(response.body)[0]['Title'] + end + end + assert(@called) + end end |