generated from jCloud/repository-template
117 lines
3.4 KiB
Python
117 lines
3.4 KiB
Python
# Copyright 2026 jCloud
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
from src.jcloud_deployment_server.integrations.gitea.middlewares.signature import GiteaSignatureMiddleware
|
|
from tests.utils.make_request import make_request, call_next
|
|
import pytest
|
|
import hashlib
|
|
import hmac
|
|
|
|
def make_signature(body: bytes, secret: bytes) -> str:
|
|
signature = hmac.new(
|
|
secret,
|
|
body,
|
|
hashlib.sha256
|
|
).hexdigest()
|
|
return f'sha256={signature}'
|
|
|
|
@pytest.mark.asyncio
|
|
@pytest.mark.parametrize('body,secret', [
|
|
(
|
|
b'{"event":"push"}',
|
|
b'\xa1\xd6h\x0c\xe6\xc0\x99\x82yd\x14\xfew\xcc\x8e\xb0\xf9\x8f\xe6yM\xe5\xdd4\xdc\xb5M+\xef\xc8O\x94'
|
|
),
|
|
(
|
|
b'{"event":"push"}',
|
|
b''
|
|
),
|
|
(
|
|
b'',
|
|
b'\xa1\xd6h\x0c\xe6\xc0\x99\x82yd\x14\xfew\xcc\x8e\xb0\xf9\x8f\xe6yM\xe5\xdd4\xdc\xb5M+\xef\xc8O\x94'
|
|
),
|
|
(
|
|
b'',
|
|
b''
|
|
),
|
|
(
|
|
b'',
|
|
b'\x42'
|
|
),
|
|
(
|
|
b'',
|
|
b'\x42'
|
|
),
|
|
(
|
|
b'',
|
|
b'\x04\x02'
|
|
),
|
|
(
|
|
b'',
|
|
b'\x04\x02'
|
|
),
|
|
])
|
|
async def test_GiteaSignatureMiddleware_valid_signature(body, secret):
|
|
middleware = GiteaSignatureMiddleware(app = None, secret = secret)
|
|
|
|
headers = {
|
|
'X-Gitea-Signature': make_signature(body, secret)
|
|
}
|
|
|
|
req = make_request(
|
|
body,
|
|
'/gitea/webhook',
|
|
headers
|
|
)
|
|
|
|
res = await middleware.dispatch(req, call_next)
|
|
assert hasattr(res, 'called')
|
|
|
|
@pytest.mark.asyncio
|
|
@pytest.mark.parametrize('signature,body,secret', [
|
|
(make_signature(b'body', b''), b'body', b'\x42'),
|
|
(make_signature(b'body', b'\x42'), b'body', b''),
|
|
(make_signature(b'body', b'\x43'), b'body', b'\x42'),
|
|
(make_signature(b'body', b'\x42'), b'body', b'\x43'),
|
|
(make_signature(b'body', b''), b'body', b'\x42\x43'),
|
|
(make_signature(b'body', b'\x42\x43'), b'body', b''),
|
|
(make_signature(b'body', b'\x43\x44'), b'body', b'\x42'),
|
|
(make_signature(b'body', b'\x42'), b'body', b'\x43\x44'),
|
|
(make_signature(b'', b''), b'', b'\x42'),
|
|
(make_signature(b'', b'\x42'), b'', b''),
|
|
(make_signature(b'', b'\x43'), b'', b'\x42'),
|
|
(make_signature(b'', b'\x42'), b'', b'\x43'),
|
|
(make_signature(b'', b''), b'', b'\x42\x43'),
|
|
(make_signature(b'', b'\x42\x43'), b'', b''),
|
|
(make_signature(b'', b'\x43\x44'), b'', b'\x42'),
|
|
(make_signature(b'', b'\x42'), b'', b'\x43\x44'),
|
|
|
|
(make_signature(b'a', b'\x42'), b'', b'\x42'),
|
|
(make_signature(b'a', b'\x42'), b'b', b'\x42'),
|
|
(make_signature(b'', b'\x42'), b'b', b'\x42'),
|
|
])
|
|
async def test_GiteaSignatureMiddleware_invalid_signature(signature, body, secret):
|
|
middleware = GiteaSignatureMiddleware(app = None, secret = secret)
|
|
|
|
headers = {
|
|
'X-Gitea-Signature': signature
|
|
}
|
|
|
|
req = make_request(
|
|
body,
|
|
'/gitea/webhook',
|
|
headers,
|
|
)
|
|
|
|
res = await middleware.dispatch(req, call_next)
|
|
assert res.status_code == 401 |