afan
/
gitea
Observar 1
Favorito 0
Fork 0
Código Issues 0 Pull Requests 0 Versões 0 Wiki Atividade
gitea源码
2 Commits
2 Branches
Tag: f5d5e77162
Branches Tags
${ item.name }
Criar branch ${ searchTerm }
de f5d5e77162
${ noResults }
gitea/services/webhook/deliver_test.go

deliver_test.go 7.9KB
Histórico Original

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295 
  1. // Copyright 2019 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package webhook

  5. 

  6. import (

  7. 	"io"

  8. 	"net/http"

  9. 	"net/http/httptest"

  10. 	"net/url"

  11. 	"strings"

  12. 	"testing"

  13. 	"time"

  14. 

  15. 	"code.gitea.io/gitea/models/unittest"

  16. 	webhook_model "code.gitea.io/gitea/models/webhook"

  17. 	"code.gitea.io/gitea/modules/hostmatcher"

  18. 	"code.gitea.io/gitea/modules/setting"

  19. 	"code.gitea.io/gitea/modules/util"

  20. 	webhook_module "code.gitea.io/gitea/modules/webhook"

  21. 

  22. 	"github.com/stretchr/testify/assert"

  23. 	"github.com/stretchr/testify/require"

  24. )

  25. 

  26. func TestWebhookProxy(t *testing.T) {

  27. 	oldWebhook := setting.Webhook

  28. 	t.Cleanup(func() {

  29. 		setting.Webhook = oldWebhook

  30. 	})

  31. 

  32. 	setting.Webhook.ProxyURL = "http://localhost:8080"

  33. 	setting.Webhook.ProxyURLFixed, _ = url.Parse(setting.Webhook.ProxyURL)

  34. 	setting.Webhook.ProxyHosts = []string{"*.discordapp.com", "discordapp.com"}

  35. 

  36. 	allowedHostMatcher := hostmatcher.ParseHostMatchList("webhook.ALLOWED_HOST_LIST", "discordapp.com,s.discordapp.com")

  37. 

  38. 	tests := []struct {

  39. 		req     string

  40. 		want    string

  41. 		wantErr bool

  42. 	}{

  43. 		{

  44. 			req:     "https://discordapp.com/api/webhooks/xxxxxxxxx/xxxxxxxxxxxxxxxxxxx",

  45. 			want:    "http://localhost:8080",

  46. 			wantErr: false,

  47. 		},

  48. 		{

  49. 			req:     "http://s.discordapp.com/assets/xxxxxx",

  50. 			want:    "http://localhost:8080",

  51. 			wantErr: false,

  52. 		},

  53. 		{

  54. 			req:     "http://github.com/a/b",

  55. 			want:    "",

  56. 			wantErr: false,

  57. 		},

  58. 		{

  59. 			req:     "http://www.discordapp.com/assets/xxxxxx",

  60. 			want:    "",

  61. 			wantErr: true,

  62. 		},

  63. 	}

  64. 	for _, tt := range tests {

  65. 		t.Run(tt.req, func(t *testing.T) {

  66. 			req, err := http.NewRequest(http.MethodPost, tt.req, nil)

  67. 			require.NoError(t, err)

  68. 

  69. 			u, err := webhookProxy(allowedHostMatcher)(req)

  70. 			if tt.wantErr {

  71. 				assert.Error(t, err)

  72. 				return

  73. 			}

  74. 

  75. 			assert.NoError(t, err)

  76. 

  77. 			got := ""

  78. 			if u != nil {

  79. 				got = u.String()

  80. 			}

  81. 			assert.Equal(t, tt.want, got)

  82. 		})

  83. 	}

  84. }

  85. 

  86. func TestWebhookDeliverAuthorizationHeader(t *testing.T) {

  87. 	assert.NoError(t, unittest.PrepareTestDatabase())

  88. 

  89. 	done := make(chan struct{}, 1)

  90. 	s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

  91. 		assert.Equal(t, "/webhook", r.URL.Path)

  92. 		assert.Equal(t, "Bearer s3cr3t-t0ken", r.Header.Get("Authorization"))

  93. 		w.WriteHeader(http.StatusOK)

  94. 		done <- struct{}{}

  95. 	}))

  96. 	t.Cleanup(s.Close)

  97. 

  98. 	hook := &webhook_model.Webhook{

  99. 		RepoID:      3,

  100. 		URL:         s.URL + "/webhook",

  101. 		ContentType: webhook_model.ContentTypeJSON,

  102. 		IsActive:    true,

  103. 		Type:        webhook_module.GITEA,

  104. 	}

  105. 	err := hook.SetHeaderAuthorization("Bearer s3cr3t-t0ken")

  106. 	assert.NoError(t, err)

  107. 	assert.NoError(t, webhook_model.CreateWebhook(t.Context(), hook))

  108. 

  109. 	hookTask := &webhook_model.HookTask{

  110. 		HookID:         hook.ID,

  111. 		EventType:      webhook_module.HookEventPush,

  112. 		PayloadVersion: 2,

  113. 	}

  114. 

  115. 	hookTask, err = webhook_model.CreateHookTask(t.Context(), hookTask)

  116. 	assert.NoError(t, err)

  117. 	assert.NotNil(t, hookTask)

  118. 

  119. 	assert.NoError(t, Deliver(t.Context(), hookTask))

  120. 	select {

  121. 	case <-done:

  122. 	case <-time.After(5 * time.Second):

  123. 		t.Fatal("waited to long for request to happen")

  124. 	}

  125. 

  126. 	assert.True(t, hookTask.IsSucceed)

  127. 	assert.Equal(t, "******", hookTask.RequestInfo.Headers["Authorization"])

  128. }

  129. 

  130. func TestWebhookDeliverHookTask(t *testing.T) {

  131. 	assert.NoError(t, unittest.PrepareTestDatabase())

  132. 

  133. 	done := make(chan struct{}, 1)

  134. 	s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

  135. 		assert.Equal(t, "PUT", r.Method)

  136. 		switch r.URL.Path {

  137. 		case "/webhook/66d222a5d6349e1311f551e50722d837e30fce98":

  138. 			// Version 1

  139. 			assert.Equal(t, "push", r.Header.Get("X-GitHub-Event"))

  140. 			assert.Empty(t, r.Header.Get("Content-Type"))

  141. 			body, err := io.ReadAll(r.Body)

  142. 			assert.NoError(t, err)

  143. 			assert.Equal(t, `{"data": 42}`, string(body))

  144. 

  145. 		case "/webhook/6db5dc1e282529a8c162c7fe93dd2667494eeb51":

  146. 			// Version 2

  147. 			assert.Equal(t, "push", r.Header.Get("X-GitHub-Event"))

  148. 			assert.Equal(t, "application/json", r.Header.Get("Content-Type"))

  149. 			body, err := io.ReadAll(r.Body)

  150. 			assert.NoError(t, err)

  151. 			assert.Len(t, body, 2147)

  152. 

  153. 		default:

  154. 			w.WriteHeader(http.StatusNotFound)

  155. 			t.Fatalf("unexpected url path %s", r.URL.Path)

  156. 			return

  157. 		}

  158. 		w.WriteHeader(http.StatusOK)

  159. 		done <- struct{}{}

  160. 	}))

  161. 	t.Cleanup(s.Close)

  162. 

  163. 	hook := &webhook_model.Webhook{

  164. 		RepoID:      3,

  165. 		IsActive:    true,

  166. 		Type:        webhook_module.MATRIX,

  167. 		URL:         s.URL + "/webhook",

  168. 		HTTPMethod:  "PUT",

  169. 		ContentType: webhook_model.ContentTypeJSON,

  170. 		Meta:        `{"message_type":0}`, // text

  171. 	}

  172. 	assert.NoError(t, webhook_model.CreateWebhook(t.Context(), hook))

  173. 

  174. 	t.Run("Version 1", func(t *testing.T) {

  175. 		hookTask := &webhook_model.HookTask{

  176. 			HookID:         hook.ID,

  177. 			EventType:      webhook_module.HookEventPush,

  178. 			PayloadContent: `{"data": 42}`,

  179. 			PayloadVersion: 1,

  180. 		}

  181. 

  182. 		hookTask, err := webhook_model.CreateHookTask(t.Context(), hookTask)

  183. 		assert.NoError(t, err)

  184. 		assert.NotNil(t, hookTask)

  185. 

  186. 		assert.NoError(t, Deliver(t.Context(), hookTask))

  187. 		select {

  188. 		case <-done:

  189. 		case <-time.After(5 * time.Second):

  190. 			t.Fatal("waited to long for request to happen")

  191. 		}

  192. 

  193. 		assert.True(t, hookTask.IsSucceed)

  194. 	})

  195. 

  196. 	t.Run("Version 2", func(t *testing.T) {

  197. 		p := pushTestPayload()

  198. 		data, err := p.JSONPayload()

  199. 		assert.NoError(t, err)

  200. 

  201. 		hookTask := &webhook_model.HookTask{

  202. 			HookID:         hook.ID,

  203. 			EventType:      webhook_module.HookEventPush,

  204. 			PayloadContent: string(data),

  205. 			PayloadVersion: 2,

  206. 		}

  207. 

  208. 		hookTask, err = webhook_model.CreateHookTask(t.Context(), hookTask)

  209. 		assert.NoError(t, err)

  210. 		assert.NotNil(t, hookTask)

  211. 

  212. 		assert.NoError(t, Deliver(t.Context(), hookTask))

  213. 		select {

  214. 		case <-done:

  215. 		case <-time.After(5 * time.Second):

  216. 			t.Fatal("waited to long for request to happen")

  217. 		}

  218. 

  219. 		assert.True(t, hookTask.IsSucceed)

  220. 	})

  221. }

  222. 

  223. func TestWebhookDeliverSpecificTypes(t *testing.T) {

  224. 	assert.NoError(t, unittest.PrepareTestDatabase())

  225. 

  226. 	type hookCase struct {

  227. 		gotBody    chan []byte

  228. 		httpMethod string // default to POST

  229. 	}

  230. 

  231. 	cases := map[string]*hookCase{

  232. 		webhook_module.SLACK:      {},

  233. 		webhook_module.DISCORD:    {},

  234. 		webhook_module.DINGTALK:   {},

  235. 		webhook_module.TELEGRAM:   {},

  236. 		webhook_module.MSTEAMS:    {},

  237. 		webhook_module.FEISHU:     {},

  238. 		webhook_module.MATRIX:     {httpMethod: "PUT"},

  239. 		webhook_module.WECHATWORK: {},

  240. 		webhook_module.PACKAGIST:  {},

  241. 	}

  242. 

  243. 	s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

  244. 		typ := strings.Split(r.URL.Path, "/")[1] // URL: "/{webhook_type}/other-path"

  245. 		assert.Equal(t, "application/json", r.Header.Get("Content-Type"), r.URL.Path)

  246. 		assert.Equal(t, util.IfZero(cases[typ].httpMethod, "POST"), r.Method, "webhook test request %q", r.URL.Path)

  247. 		body, _ := io.ReadAll(r.Body) // read request and send it back to the test by testcase's chan

  248. 		cases[typ].gotBody <- body

  249. 		w.WriteHeader(http.StatusNoContent)

  250. 	}))

  251. 	t.Cleanup(s.Close)

  252. 

  253. 	p := pushTestPayload()

  254. 	data, err := p.JSONPayload()

  255. 	assert.NoError(t, err)

  256. 

  257. 	for typ := range cases {

  258. 		cases[typ].gotBody = make(chan []byte, 1)

  259. 		t.Run(typ, func(t *testing.T) {

  260. 			t.Parallel()

  261. 			hook := &webhook_model.Webhook{

  262. 				RepoID:   3,

  263. 				IsActive: true,

  264. 				Type:     typ,

  265. 				URL:      s.URL + "/" + typ,

  266. 				Meta:     "{}",

  267. 			}

  268. 			assert.NoError(t, webhook_model.CreateWebhook(t.Context(), hook))

  269. 

  270. 			hookTask := &webhook_model.HookTask{

  271. 				HookID:         hook.ID,

  272. 				EventType:      webhook_module.HookEventPush,

  273. 				PayloadContent: string(data),

  274. 				PayloadVersion: 2,

  275. 			}

  276. 

  277. 			hookTask, err := webhook_model.CreateHookTask(t.Context(), hookTask)

  278. 			assert.NoError(t, err)

  279. 			assert.NotNil(t, hookTask)

  280. 

  281. 			assert.NoError(t, Deliver(t.Context(), hookTask))

  282. 

  283. 			select {

  284. 			case gotBody := <-cases[typ].gotBody:

  285. 				assert.NotEqual(t, string(data), string(gotBody), "request body must be different from the event payload")

  286. 				assert.Equal(t, hookTask.RequestInfo.Body, string(gotBody), "delivered webhook payload doesn't match saved request")

  287. 			case <-time.After(5 * time.Second):

  288. 				t.Fatal("waited to long for request to happen")

  289. 			}

  290. 

  291. 			assert.True(t, hookTask.IsSucceed)

  292. 		})

  293. 	}

  294. }