test/net/client_test.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171

require 'test_helper'

class ClientTest < Minitest::Test
  attr_reader :subject

  def initialize(*args)
    super
    @subject = Net::Hippie::Client.new
  end

  def test_get
    VCR.use_cassette('get_breaches') do
      uri = URI.parse('https://haveibeenpwned.com/api/breaches')
      response = subject.get(uri)
      refute_nil response
      assert_equal(283, JSON.parse(response.body).count)
    end
  end

  def test_get_with_string_uri
    VCR.use_cassette('get_breaches') do
      response = subject.get('https://haveibeenpwned.com/api/breaches')
      refute_nil response
      assert_equal(283, JSON.parse(response.body).count)
    end
  end

  def test_get_with_generic_uri
    VCR.use_cassette('get_breaches') do
      uri = URI::Generic.build(host: 'haveibeenpwned.com', scheme: 'https', path: '/api/breaches', port: 443)
      response = subject.get(uri)
      refute_nil response
      assert_equal(283, JSON.parse(response.body).count)
    end
  end

  def test_get_with_block_syntax
    VCR.use_cassette('get_breaches') do
      uri = URI.parse('https://haveibeenpwned.com/api/breaches')
      subject.get(uri) do |_request, response|
        @response = response
      end
      refute_nil @response
      assert_equal(283, JSON.parse(@response.body).count)
    end
  end

  def test_get_with_headers
    headers = { 'Accept' => 'application/vnd.haveibeenpwned.v2+json' }
    WebMock.stub_request(:get, 'https://haveibeenpwned.com/api/breaches')
           .with(headers: headers)
           .to_return(status: 201, body: {}.to_json)

    uri = URI.parse('https://haveibeenpwned.com/api/breaches')

    response = subject.get(uri, headers: headers)
    refute_nil response
    assert_equal response.class, Net::HTTPCreated
  end

  def test_get_with_body
    uri = URI.parse('https://haveibeenpwned.com/api/breaches')
    body = { 'hello' => 'world' }
    WebMock.stub_request(:get, uri.to_s)
           .with(body: body.to_json)
           .to_return(status: 201, body: {}.to_json)

    response = subject.get(uri, body: body)

    refute_nil response
    assert_equal response.class, Net::HTTPCreated
  end

  def test_post
    VCR.use_cassette('post_breaches') do
      uri = URI.parse('https://haveibeenpwned.com/api/breaches')
      response = subject.post(uri)
      refute_nil response
      assert_equal 'Congratulations!', JSON.parse(response.body)['Message']
    end
  end

  def test_post_with_block_syntax
    VCR.use_cassette('post_breaches') do
      uri = URI.parse('https://haveibeenpwned.com/api/breaches')
      subject.post(uri) do |_request, response|
        @response = response
      end
      refute_nil @response
      assert_equal 'Congratulations!', JSON.parse(@response.body)['Message']
    end
  end

  def test_put
    VCR.use_cassette('put_breaches') do
      uri = URI.parse('https://haveibeenpwned.com/api/breaches')
      body = { command: 'echo hello' }.to_json
      response = subject.put(uri, body: body)
      refute_nil response
      assert_equal 'Congratulations!', JSON.parse(response.body)['Message']
    end
  end

  def test_put_with_block_syntax
    VCR.use_cassette('put_breaches') do
      uri = URI.parse('https://haveibeenpwned.com/api/breaches')
      body = { command: 'echo hello' }.to_json
      subject.put(uri, body: body) do |_request, response|
        @response = response
      end
      refute_nil @response
      assert_equal 'Congratulations!', JSON.parse(@response.body)['Message']
    end
  end

  def test_delete
    uri = URI.parse('https://haveibeenpwned.com/api/breaches')
    VCR.use_cassette('delete_breaches') do
      response = subject.delete(uri)
      refute_nil response
      assert_equal 'Congratulations!', JSON.parse(response.body)['Message']
    end
  end

  def test_client_tls
    private_key = OpenSSL::PKey::RSA.new(2048)
    certificate = OpenSSL::X509::Certificate.new
    certificate.not_after = certificate.not_before = Time.now
    certificate.public_key = private_key.public_key
    certificate.sign(private_key, OpenSSL::Digest::SHA256.new)

    subject = Net::Hippie::Client.new(certificate: certificate.to_pem, key: private_key.export)
    uri = URI.parse('https://haveibeenpwned.com/api/breaches')

    @called = false
    VCR.use_cassette('get_breaches') do
      subject.get(uri) do |_request, response|
        @called = true
        refute_nil response
        assert_equal '000webhost', JSON.parse(response.body)[0]['Title']
      end
    end
    assert(@called)
  end

  def test_client_tls_with_passphrase
    private_key = OpenSSL::PKey::RSA.new(2048)
    passphrase = SecureRandom.hex(16)
    certificate = OpenSSL::X509::Certificate.new
    certificate.not_after = certificate.not_before = Time.now
    certificate.public_key = private_key.public_key
    certificate.sign(private_key, OpenSSL::Digest::SHA256.new)

    subject = Net::Hippie::Client.new(
      certificate: certificate.to_pem,
      key: private_key.export(OpenSSL::Cipher.new('AES-256-CBC'), passphrase),
      passphrase: passphrase
    )
    uri = URI.parse('https://haveibeenpwned.com/api/breaches')

    @called = false
    VCR.use_cassette('get_breaches') do
      subject.get(uri) do |_request, response|
        @called = true
        refute_nil response
        assert_equal '000webhost', JSON.parse(response.body)[0]['Title']
      end
    end
    assert(@called)
  end
end