mirror of
https://codeberg.org/angestoepselt/homepage.git
synced 2026-03-21 22:32:17 +00:00
80 lines
2.6 KiB
Go
80 lines
2.6 KiB
Go
package antispam
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"net/url"
|
|
"strings"
|
|
"testing"
|
|
)
|
|
|
|
func setupHcaptchaTest(t *testing.T) (*httptest.Server, *HCaptcha) {
|
|
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if r.Method != http.MethodPost || r.URL.Path != "/siteverify" {
|
|
t.Errorf("Expecting call to `POST /siteverify`, got: %s %s", r.Method, r.URL.Path)
|
|
}
|
|
|
|
err := r.ParseForm()
|
|
if err != nil {
|
|
t.Errorf("Form parsing error: %s", err)
|
|
}
|
|
if secret := r.PostForm.Get("secret"); secret != "test" {
|
|
t.Errorf("Expecting hCaptcha secret key `test`, got: %s", secret)
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
if r.PostForm.Get("response") == "test" {
|
|
_, _ = w.Write([]byte(`{"success": true, "hostname": "localhost"}`))
|
|
} else {
|
|
_, _ = w.Write([]byte(`{"success": false, "hostname": "localhost", "error-codes": ["invalid-input-response"]}`))
|
|
}
|
|
}))
|
|
hcaptcha := newHcaptcha("test", "test", server.URL)
|
|
return server, hcaptcha
|
|
}
|
|
|
|
// TestHcaptchaEmpty checks that empty requests (without the hCaptcha token) are blocked.
|
|
func TestHcaptchaEmpty(t *testing.T) {
|
|
server, hcaptcha := setupHcaptchaTest(t)
|
|
defer server.Close()
|
|
|
|
req := httptest.NewRequest(http.MethodPost, "http://localhost/form", nil)
|
|
result, err := hcaptcha.CheckRequest(req)
|
|
if result || err != nil {
|
|
t.Errorf("hcaptcha.CheckRequest(req) = %v, %v, expecting false, nil", result, err)
|
|
}
|
|
}
|
|
|
|
// TestHcaptchaBadToken checks that invalid hCaptcha tokens are blocked.
|
|
func TestHcaptchaBadToken(t *testing.T) {
|
|
server, hcaptcha := setupHcaptchaTest(t)
|
|
defer server.Close()
|
|
|
|
form := url.Values{}
|
|
form.Add("x-captcha-response", "wrong")
|
|
req := httptest.NewRequest(http.MethodPost, "http://localhost/form", strings.NewReader(form.Encode()))
|
|
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
result, err := hcaptcha.CheckRequest(req)
|
|
if result || err != nil {
|
|
t.Errorf("hcaptcha.CheckRequest(req) = %v, %v, want false, nil", result, err)
|
|
}
|
|
}
|
|
|
|
// TestHcaptchaSuccess mocks a successful hCaptcha verification run.
|
|
func TestHcaptchaSuccess(t *testing.T) {
|
|
server, hcaptcha := setupHcaptchaTest(t)
|
|
defer server.Close()
|
|
|
|
form := url.Values{}
|
|
form.Add("x-captcha-response", "test")
|
|
req := httptest.NewRequest(http.MethodPost, "http://localhost/form", strings.NewReader(form.Encode()))
|
|
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
result, err := hcaptcha.CheckRequest(req)
|
|
if !result || err != nil {
|
|
t.Errorf("hcaptcha.CheckRequest(req) = %v, %v, want true, nil", result, err)
|
|
}
|
|
}
|