const sinon = require('sinon'); // eslint-disable-line node/no-unpublished-require
const Communication = require('../../lib/communication');
+const { ValidationError } = require('../../lib/errors');
+const dns = require('dns');
const stubLogger = require('../stub-logger');
const testData = require('../test-data/communication');
},
params: expectedUrlObj.searchParams,
responseType: 'text',
+ validateStatus: Communication._validateStatus,
};
const result = Communication._axiosConfig(method, urlObj, body, params, {
'Content-Type': contentType,
headers: {},
params: expectedUrlObj.searchParams,
responseType: 'text',
+ validateStatus: Communication._validateStatus,
};
const result = Communication._axiosConfig(method, urlObj);
delete result.transformResponse;
headers: {},
params: urlObj.searchParams,
responseType: 'text',
+ validateStatus: Communication._validateStatus,
};
const result = Communication._axiosConfig(method, urlObj, body, params, {});
delete result.transformResponse;
assert.deepStrictEqual(result, expected);
-
});
it('covers null response transform', function () {
const urlObj = new URL(requestUrl);
const result = Communication._axiosConfig('GET', urlObj, undefined, {}, {});
result.transformResponse[0]();
});
+
+ describe('_validateStatus', function () {
+ it('allows normal valid', function () {
+ const result = Communication._validateStatus(200);
+ assert.strictEqual(result, true);
+ });
+ it('allows unauthorized', function () {
+ const result = Communication._validateStatus(401);
+ assert.strictEqual(result, true);
+ });
+ it('rejects invalid', function () {
+ const result = Communication._validateStatus(400);
+ assert.strictEqual(result, false);
+ });
+ }); // _validateStatus
}); // Axios Configurations
describe('_baseUrlString', function () {
});
}); // fetchJSON
+ describe('validateProfile', function () {
+ let url, validationOptions;
+ beforeEach(function () {
+ url = 'https://example.com/';
+ options = {};
+ sinon.stub(dns, 'lookupAsync').resolves([{ family: 4, address: '10.11.12.14' }]);
+ });
+ it('rejects invalid url', async function () {
+ url = 'bad url';
+ await assert.rejects(() => communication.validateProfile(url, validationOptions), ValidationError);
+ });
+ it('covers success', async function () {
+ const result = await communication.validateProfile(url, validationOptions);
+ assert.strictEqual(result.isLoopback, false);
+ });
+ it('rejects invalid', async function () {
+ url = 'ftp://example.com/';
+ await assert.rejects(() => communication.validateProfile(url, validationOptions), ValidationError);
+ });
+
+ }); // validateProfile
+
+ describe('validateClientIdentifier', function () {
+ let url, validationOptions;
+ beforeEach(function () {
+ url = 'https://example.com/';
+ options = {};
+ sinon.stub(dns, 'lookupAsync').resolves([{ family: 4, address: '10.11.12.13' }]);
+ });
+ it('rejects invalid url', async function () {
+ try {
+ await communication.validateClientIdentifier('bad url');
+ assert.fail(noExpectedException);
+ } catch (e) {
+ assert(e instanceof ValidationError);
+ }
+ });
+ it('rejects invalid scheme', async function () {
+ url = 'ftp://example.com/';
+ try {
+ await communication.validateClientIdentifier(url, validationOptions);
+ assert.fail(noExpectedException);
+ } catch (e) {
+ assert(e instanceof ValidationError);
+ }
+ });
+ it('rejects fragment', async function () {
+ url = 'https://example.com/#foo';
+ try {
+ await communication.validateClientIdentifier(url, validationOptions);
+ assert.fail(noExpectedException);
+ } catch (e) {
+ assert(e instanceof ValidationError);
+ }
+ });
+ it('rejects username', async function () {
+ url = 'https://user@example.com/';
+ try {
+ await communication.validateClientIdentifier(url, validationOptions);
+ assert.fail(noExpectedException);
+ } catch (e) {
+ assert(e instanceof ValidationError);
+ }
+ });
+ it('rejects password', async function () {
+ url = 'https://:foo@example.com/';
+ try {
+ await communication.validateClientIdentifier(url, validationOptions);
+ assert.fail(noExpectedException);
+ } catch (e) {
+ assert(e instanceof ValidationError);
+ }
+ });
+ it('rejects relative path', async function () {
+ url = 'https://example.com/client/../sneaky';
+ try {
+ await communication.validateClientIdentifier(url, validationOptions);
+ assert.fail(noExpectedException);
+ } catch (e) {
+ assert(e instanceof ValidationError);
+ }
+ });
+ it('rejects ipv4', async function () {
+ url = 'https://10.11.12.13/';
+ try {
+ await communication.validateClientIdentifier(url, validationOptions);
+ assert.fail(noExpectedException);
+ } catch (e) {
+ assert(e instanceof ValidationError);
+ }
+ });
+ it('rejects ipv6', async function () {
+ url = 'https://[fd64:defa:00e5:caf4:0dff::ad39]/';
+ try {
+ await communication.validateClientIdentifier(url, validationOptions);
+ assert.fail(noExpectedException);
+ } catch (e) {
+ assert(e instanceof ValidationError);
+ }
+ });
+ it('accepts ipv4 loopback', async function () {
+ url = 'https://127.0.0.1/';
+ const result = await communication.validateClientIdentifier(url, validationOptions);
+ assert.strictEqual(result.isLoopback, true);
+ });
+ it('accepts ipv6 loopback', async function () {
+ url = 'https://[::1]/';
+ const result = await communication.validateClientIdentifier(url, validationOptions);
+ assert.strictEqual(result.isLoopback, true);
+ });
+ it('accepts resolved ipv4 loopback', async function () {
+ dns.lookupAsync.resolves([{ family: 4, address: '127.0.0.1' }]);
+ const result = await communication.validateClientIdentifier(url, validationOptions);
+ assert.strictEqual(result.isLoopback, true);
+ });
+ it('accepts resolved ipv6 loopback', async function () {
+ dns.lookupAsync.resolves([{ family: 6, address: '::1' }]);
+ const result = await communication.validateClientIdentifier(url, validationOptions);
+ assert.strictEqual(result.isLoopback, true);
+ });
+ it('covers success', async function () {
+ const result = await communication.validateClientIdentifier(url, validationOptions);
+ assert.strictEqual(result.isLoopback, false);
+ });
+ it('rejects resolution failure', async function () {
+ dns.lookupAsync.rejects(new Error('oh no'));
+ try {
+ await communication.validateClientIdentifier(url, validationOptions);
+ assert.fail(noExpectedException);
+ } catch (e) {
+ assert(e instanceof ValidationError);
+ }
+ });
+ it('rejects mismatched resolutions', async function () {
+ dns.lookupAsync.onCall(1).resolves([{ family: 4, address: '10.9.8.7' }]);
+ try {
+ await communication.validateClientIdentifier(url, validationOptions);
+ assert.fail(noExpectedException);
+ } catch (e) {
+ assert(e instanceof ValidationError);
+ }
+ });
+ it('ignores unknown dns family', async function () {
+ dns.lookupAsync.resolves([{ family: 5, address: '10.9.8.7' }]);
+ const result = await communication.validateClientIdentifier(url, validationOptions);
+ assert.strictEqual(result.isLoopback, false);
+ });
+ it('covers rooted hostname', async function() {
+ url = 'https://example.com./';
+ const result = await communication.validateClientIdentifier(url, validationOptions);
+ assert.strictEqual(result.isLoopback, false);
+ });
+ it('covers unresolved', async function () {
+ dns.lookupAsync.resolves();
+ const result = await communication.validateClientIdentifier(url, validationOptions);
+ assert.strictEqual(result.isLoopback, false);
+ });
+ }); // validateClientIdentifier
+
describe('fetchClientIdentifier', function () {
let expected, response, result, urlObj;
beforeEach(function () {
result = await communication.fetchClientIdentifier(urlObj);
assert.deepStrictEqual(result, expected);
});
+ it('covers loopback', async function () {
+ sinon.spy(communication, 'fetchMicroformat');
+ urlObj.isLoopback = true;
+ expected = {
+ rels: {},
+ items: [],
+ };
+ result = await communication.fetchClientIdentifier(urlObj);
+ assert.deepStrictEqual(result, expected);
+ assert(communication.fetchMicroformat.notCalled);
+ });
}); // fetchClientIdentifier
describe('fetchProfile', function () {
projects / squeep-indieauth-helper / blobdiff