Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-13 03:09:04 +01:00
Code Issues Projects Releases Wiki Activity

[headless] Add tests to ensure that remote contact adding needs auth token

Browse Source
This commit is contained in:
Torsten Grote
2019-05-14 16:47:38 -03:00
parent 3770a9f217
commit faa6a85148
4 changed files with 31 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
briar-headless/src/test/java/org/briarproject/briar/headless/IntegrationTest.kt
View File

@@ -59,6 +59,10 @@ abstract class IntegrationTest {
return khttp.post(url, getAuthTokenHeader(token), data = data)
}
protected fun postWithWrongToken(url: String) : Response {
return khttp.post(url, getAuthTokenHeader("wrongToken"), data = "")
}
protected fun delete(url: String) : Response {
return khttp.delete(url, getAuthTokenHeader(token))
}

26
briar-headless/src/test/java/org/briarproject/briar/headless/contact/ContactControllerIntegrationTest.kt
View File

@@ -45,6 +45,12 @@ class ContactControllerIntegrationTest: IntegrationTest() {
assertEquals(BASE32_LINK_BYTES + 8, link.length)
}
@Test
fun `returning own handshake link needs authentication token`() {
val response = getWithWrongToken("$url/contacts/add/link")
assertEquals(401, response.statusCode)
}
@Test
fun `returns list of pending contacts`() {
// retrieve empty list of pending contacts
@@ -58,7 +64,7 @@ class ContactControllerIntegrationTest: IntegrationTest() {
"link": "${getRealHandshakeLink(crypto)}",
"alias": "$alias"
}"""
response = post("$url/contacts/add", json)
response = post("$url/contacts/add/pending", json)
assertEquals(200, response.statusCode)
// get added contact as only list item
@@ -81,6 +87,24 @@ class ContactControllerIntegrationTest: IntegrationTest() {
assertEquals(0, response.jsonArray.length())
}
@Test
fun `returning list of pending contacts needs authentication token`() {
val response = getWithWrongToken("$url/contacts/add/pending")
assertEquals(401, response.statusCode)
}
@Test
fun `adding pending contacts needs authentication token`() {
val response = postWithWrongToken("$url/contacts/add/pending")
assertEquals(401, response.statusCode)
}
@Test
fun `removing a pending contact needs authentication token`() {
val response = deleteWithWrongToken("$url/contacts/add/pending")
assertEquals(401, response.statusCode)
}
@Test
fun `deleting contact need authentication token`() {
val response = deleteWithWrongToken("$url/contacts/1")