DeBros/orama
4
0
Fork 0
mirror of https://github.com/DeBrosOfficial/orama.git synced 2026-03-17 06:43:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
orama/pkg/gateway/handlers/join/handler_test.go
anonpenguin23 78d876e71b feat(monitor): add sandbox environment support 
- load nodes from active sandbox state for env=sandbox
- extract fanoutArchive for efficient server-to-server distribution
2026-03-09 10:19:40 +02:00

113 lines
3.0 KiB
Go
Raw Blame History

package join
import (
"encoding/base64"
"fmt"
"net"
"strings"
"testing"
)
func TestWgPeersContainsIP_found(t *testing.T) {
peers := []WGPeerInfo{
{PublicKey: "key1", Endpoint: "1.2.3.4:51820", AllowedIP: "10.0.0.1/32"},
{PublicKey: "key2", Endpoint: "5.6.7.8:51820", AllowedIP: "10.0.0.2/32"},
}
if !wgPeersContainsIP(peers, "10.0.0.1") {
t.Error("expected to find 10.0.0.1 in peer list")
}
if !wgPeersContainsIP(peers, "10.0.0.2") {
t.Error("expected to find 10.0.0.2 in peer list")
}
}
func TestWgPeersContainsIP_not_found(t *testing.T) {
peers := []WGPeerInfo{
{PublicKey: "key1", Endpoint: "1.2.3.4:51820", AllowedIP: "10.0.0.1/32"},
}
if wgPeersContainsIP(peers, "10.0.0.2") {
t.Error("did not expect to find 10.0.0.2 in peer list")
}
}
func TestWgPeersContainsIP_empty_list(t *testing.T) {
if wgPeersContainsIP(nil, "10.0.0.1") {
t.Error("did not expect to find any IP in nil peer list")
}
if wgPeersContainsIP([]WGPeerInfo{}, "10.0.0.1") {
t.Error("did not expect to find any IP in empty peer list")
}
}
func TestAssignWGIP_format(t *testing.T) {
// Verify the WG IP format used in the handler matches what wgPeersContainsIP expects
wgIP := "10.0.0.1"
allowedIP := fmt.Sprintf("%s/32", wgIP)
peers := []WGPeerInfo{{AllowedIP: allowedIP}}
if !wgPeersContainsIP(peers, wgIP) {
t.Errorf("format mismatch: wgPeersContainsIP(%q, %q) should match", allowedIP, wgIP)
}
}
func TestValidatePublicIP(t *testing.T) {
tests := []struct {
name string
ip string
valid bool
}{
{"valid IPv4", "46.225.234.112", true},
{"loopback", "127.0.0.1", true},
{"invalid string", "not-an-ip", false},
{"empty", "", false},
{"IPv6", "::1", false},
{"with newline", "1.2.3.4\n5.6.7.8", false},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
parsed := net.ParseIP(tt.ip)
isValid := parsed != nil && parsed.To4() != nil && !strings.ContainsAny(tt.ip, "\n\r")
if isValid != tt.valid {
t.Errorf("IP %q: expected valid=%v, got %v", tt.ip, tt.valid, isValid)
}
})
}
}
func TestValidateWGPublicKey(t *testing.T) {
// Valid WireGuard key: 32 bytes, base64 encoded = 44 chars
validKey := base64.StdEncoding.EncodeToString(make([]byte, 32))
tests := []struct {
name string
key string
valid bool
}{
{"valid 32-byte key", validKey, true},
{"too short", base64.StdEncoding.EncodeToString(make([]byte, 16)), false},
{"too long", base64.StdEncoding.EncodeToString(make([]byte, 64)), false},
{"not base64", "not-a-valid-base64-key!!!", false},
{"empty", "", false},
{"newline injection", validKey + "\n[Peer]", false},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if strings.ContainsAny(tt.key, "\n\r") {
if tt.valid {
t.Errorf("key %q contains newlines but expected valid", tt.key)
}
return
}
decoded, err := base64.StdEncoding.DecodeString(tt.key)
isValid := err == nil && len(decoded) == 32
if isValid != tt.valid {
t.Errorf("key %q: expected valid=%v, got %v", tt.key, tt.valid, isValid)
}
})
}
}
Reference in New Issue View Git Blame Copy Permalink