openethereum/rpc/src/tests/ws.rs

186 lines
4.7 KiB
Rust
Raw Normal View History

// Copyright 2015-2017 Parity Technologies (UK) Ltd.
2016-09-01 10:16:04 +02:00
// This file is part of Parity.
// Parity is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// Parity is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with Parity. If not, see <http://www.gnu.org/licenses/>.
//! WebSockets server tests.
2016-09-01 10:16:04 +02:00
use std::sync::Arc;
2016-10-17 15:53:33 +02:00
use devtools::http_client;
use jsonrpc_core::MetaIoHandler;
2016-09-01 10:16:04 +02:00
use rand;
use ws;
2016-09-01 10:16:04 +02:00
use v1::{extractors, informant};
use tests::helpers::{GuardedAuthCodes, Server};
/// Setup a mock signer for tests
pub fn serve() -> (Server<ws::Server>, usize, GuardedAuthCodes) {
2016-09-01 10:16:04 +02:00
let port = 35000 + rand::random::<usize>() % 10000;
let address = format!("127.0.0.1:{}", port).parse().unwrap();
let io = MetaIoHandler::default();
let authcodes = GuardedAuthCodes::new();
let stats = Arc::new(informant::RpcStats::default());
let res = Server::new(|remote| ::start_ws(
&address,
io,
remote,
ws::DomainsValidation::Disabled,
ws::DomainsValidation::Disabled,
extractors::WsExtractor::new(Some(&authcodes.path)),
extractors::WsExtractor::new(Some(&authcodes.path)),
extractors::WsStats::new(stats),
).unwrap());
(res, port, authcodes)
2016-09-01 10:16:04 +02:00
}
2016-12-14 14:18:48 +01:00
/// Test a single request to running server
pub fn request(server: Server<ws::Server>, request: &str) -> http_client::Response {
http_client::request(server.server.addr(), request)
}
2016-12-14 14:18:48 +01:00
#[cfg(test)]
mod testing {
use std::time;
2017-08-31 11:35:41 +02:00
use hash::keccak;
2016-12-14 14:18:48 +01:00
use devtools::http_client;
use super::{serve, request};
#[test]
fn should_not_redirect_to_parity_host() {
// given
let (server, port, _) = serve();
// when
let response = request(server,
&format!("\
GET / HTTP/1.1\r\n\
Host: 127.0.0.1:{}\r\n\
Connection: close\r\n\
\r\n\
{{}}
", port)
);
// then
assert_eq!(response.status, "HTTP/1.1 200 Ok".to_owned());
2016-12-14 14:18:48 +01:00
}
2016-12-14 14:18:48 +01:00
#[test]
fn should_block_if_authorization_is_incorrect() {
// given
let (server, port, _) = serve();
// when
let response = request(server,
&format!("\
GET / HTTP/1.1\r\n\
Host: 127.0.0.1:{}\r\n\
Connection: Upgrade\r\n\
Sec-WebSocket-Key: x3JJHMbDL1EzLkh9GBhXDw==\r\n\
Sec-WebSocket-Protocol: wrong\r\n\
Sec-WebSocket-Version: 13\r\n\
\r\n\
{{}}
", port)
);
// then
assert_eq!(response.status, "HTTP/1.1 403 Forbidden".to_owned());
2016-12-14 14:18:48 +01:00
http_client::assert_security_headers_present(&response.headers, None);
}
2016-12-14 14:18:48 +01:00
#[test]
fn should_allow_if_authorization_is_correct() {
// given
let (server, port, mut authcodes) = serve();
let code = authcodes.generate_new().unwrap().replace("-", "");
authcodes.to_file(&authcodes.path).unwrap();
let timestamp = time::UNIX_EPOCH.elapsed().unwrap().as_secs();
// when
let response = request(server,
&format!("\
GET / HTTP/1.1\r\n\
Host: 127.0.0.1:{}\r\n\
Connection: Close\r\n\
Sec-WebSocket-Key: x3JJHMbDL1EzLkh9GBhXDw==\r\n\
Sec-WebSocket-Protocol: {:?}_{}\r\n\
Sec-WebSocket-Version: 13\r\n\
\r\n\
{{}}
",
port,
2017-08-31 11:35:41 +02:00
keccak(format!("{}:{}", code, timestamp)),
2016-12-14 14:18:48 +01:00
timestamp,
)
);
// then
assert_eq!(response.status, "HTTP/1.1 101 Switching Protocols".to_owned());
}
#[test]
fn should_allow_initial_connection_but_only_once() {
// given
let (server, port, authcodes) = serve();
let code = "initial";
let timestamp = time::UNIX_EPOCH.elapsed().unwrap().as_secs();
assert!(authcodes.is_empty());
// when
let response1 = http_client::request(server.addr(),
&format!("\
GET / HTTP/1.1\r\n\
Host: 127.0.0.1:{}\r\n\
Connection: Close\r\n\
Sec-WebSocket-Key: x3JJHMbDL1EzLkh9GBhXDw==\r\n\
Sec-WebSocket-Protocol:{:?}_{}\r\n\
Sec-WebSocket-Version: 13\r\n\
\r\n\
{{}}
",
port,
2017-08-31 11:35:41 +02:00
keccak(format!("{}:{}", code, timestamp)),
2016-12-14 14:18:48 +01:00
timestamp,
)
);
let response2 = http_client::request(server.addr(),
&format!("\
GET / HTTP/1.1\r\n\
Host: 127.0.0.1:{}\r\n\
Connection: Close\r\n\
Sec-WebSocket-Key: x3JJHMbDL1EzLkh9GBhXDw==\r\n\
Sec-WebSocket-Protocol:{:?}_{}\r\n\
Sec-WebSocket-Version: 13\r\n\
\r\n\
{{}}
",
port,
2017-08-31 11:35:41 +02:00
keccak(format!("{}:{}", code, timestamp)),
2016-12-14 14:18:48 +01:00
timestamp,
)
);
// then
assert_eq!(response1.status, "HTTP/1.1 101 Switching Protocols".to_owned());
assert_eq!(response2.status, "HTTP/1.1 403 Forbidden".to_owned());
2016-12-14 14:18:48 +01:00
http_client::assert_security_headers_present(&response2.headers, None);
}
}