ARCHIVE/clio
1
0
Fork 0
mirror of https://github.com/XRPLF/clio.git synced 2025-11-28 15:45:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Integrate new webserver (#1722)

Browse Source 
For #919.
The new web server is not using dosguard yet. It will be fixed by a
separate PR.
This commit is contained in:
Sergey Kuznetsov
2024-11-21 14:48:32 +00:00
committed by GitHub
parent fc3ba07f2e
commit c77154a5e6
90 changed files with 4029 additions and 683 deletions
Download Patch File Download Diff File Expand all files Collapse all files

180
tests/unit/web/impl/AdminVerificationTests.cpp
View File

@@ -1,180 +0,0 @@
//------------------------------------------------------------------------------
/*
This file is part of clio: https://github.com/XRPLF/clio
Copyright (c) 2023, the clio developers.
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
//==============================================================================
#include "util/LoggerFixtures.hpp"
#include "util/config/Config.hpp"
#include "web/impl/AdminVerificationStrategy.hpp"
#include <boost/beast/http/field.hpp>
#include <boost/beast/http/message.hpp>
#include <boost/beast/http/string_body.hpp>
#include <boost/json/parse.hpp>
#include <gtest/gtest.h>
#include <optional>
#include <string>
namespace http = boost::beast::http;
class IPAdminVerificationStrategyTest : public NoLoggerFixture {
protected:
web::impl::IPAdminVerificationStrategy strat_;
http::request<http::string_body> request_;
};
TEST_F(IPAdminVerificationStrategyTest, IsAdminOnlyForIP_127_0_0_1)
{
EXPECT_TRUE(strat_.isAdmin(request_, "127.0.0.1"));
EXPECT_FALSE(strat_.isAdmin(request_, "127.0.0.2"));
EXPECT_FALSE(strat_.isAdmin(request_, "127"));
EXPECT_FALSE(strat_.isAdmin(request_, ""));
EXPECT_FALSE(strat_.isAdmin(request_, "localhost"));
}
class PasswordAdminVerificationStrategyTest : public NoLoggerFixture {
protected:
std::string const password_ = "secret";
std::string const passwordHash_ = "2bb80d537b1da3e38bd30361aa855686bde0eacd7162fef6a25fe97bf527a25b";
web::impl::PasswordAdminVerificationStrategy strat_{password_};
static http::request<http::string_body>
makeRequest(std::string const& password, http::field const field = http::field::authorization)
{
http::request<http::string_body> request = {};
request.set(field, "Password " + password);
return request;
}
};
TEST_F(PasswordAdminVerificationStrategyTest, IsAdminReturnsTrueOnlyForValidPasswordInAuthHeader)
{
EXPECT_TRUE(strat_.isAdmin(makeRequest(passwordHash_), ""));
EXPECT_TRUE(strat_.isAdmin(makeRequest(passwordHash_), "123"));
// Wrong password
EXPECT_FALSE(strat_.isAdmin(makeRequest("SECRET"), ""));
EXPECT_FALSE(strat_.isAdmin(makeRequest("SECRET"), "127.0.0.1"));
EXPECT_FALSE(strat_.isAdmin(makeRequest("S"), "127.0.0.1"));
EXPECT_FALSE(strat_.isAdmin(makeRequest("SeCret"), "127.0.0.1"));
EXPECT_FALSE(strat_.isAdmin(makeRequest("secre"), "127.0.0.1"));
EXPECT_FALSE(strat_.isAdmin(makeRequest("s"), "127.0.0.1"));
EXPECT_FALSE(strat_.isAdmin(makeRequest("a"), "127.0.0.1"));
// Wrong header
EXPECT_FALSE(strat_.isAdmin(makeRequest(passwordHash_, http::field::authentication_info), ""));
}
struct MakeAdminVerificationStrategyTestParams {
std::string testName;
std::optional<std::string> passwordOpt;
bool expectIpStrategy;
bool expectPasswordStrategy;
};
class MakeAdminVerificationStrategyTest : public testing::TestWithParam<MakeAdminVerificationStrategyTestParams> {};
TEST_P(MakeAdminVerificationStrategyTest, ChoosesStrategyCorrectly)
{
auto strat = web::impl::make_AdminVerificationStrategy(GetParam().passwordOpt);
auto ipStrat = dynamic_cast<web::impl::IPAdminVerificationStrategy*>(strat.get());
EXPECT_EQ(ipStrat != nullptr, GetParam().expectIpStrategy);
auto passwordStrat = dynamic_cast<web::impl::PasswordAdminVerificationStrategy*>(strat.get());
EXPECT_EQ(passwordStrat != nullptr, GetParam().expectPasswordStrategy);
}
INSTANTIATE_TEST_CASE_P(
MakeAdminVerificationStrategyTest,
MakeAdminVerificationStrategyTest,
testing::Values(
MakeAdminVerificationStrategyTestParams{
.testName = "NoPassword",
.passwordOpt = std::nullopt,
.expectIpStrategy = true,
.expectPasswordStrategy = false
},
MakeAdminVerificationStrategyTestParams{
.testName = "HasPassword",
.passwordOpt = "p",
.expectIpStrategy = false,
.expectPasswordStrategy = true
},
MakeAdminVerificationStrategyTestParams{
.testName = "EmptyPassword",
.passwordOpt = "",
.expectIpStrategy = false,
.expectPasswordStrategy = true
}
)
);
struct MakeAdminVerificationStrategyFromConfigTestParams {
std::string testName;
std::string config;
bool expectedError;
};
struct MakeAdminVerificationStrategyFromConfigTest
: public testing::TestWithParam<MakeAdminVerificationStrategyFromConfigTestParams> {};
TEST_P(MakeAdminVerificationStrategyFromConfigTest, ChecksConfig)
{
util::Config const serverConfig{boost::json::parse(GetParam().config)};
auto const result = web::impl::make_AdminVerificationStrategy(serverConfig);
if (GetParam().expectedError) {
EXPECT_FALSE(result.has_value());
}
}
INSTANTIATE_TEST_SUITE_P(
MakeAdminVerificationStrategyFromConfigTest,
MakeAdminVerificationStrategyFromConfigTest,
testing::Values(
MakeAdminVerificationStrategyFromConfigTestParams{
.testName = "NoPasswordNoLocalAdmin",
.config = "{}",
.expectedError = true
},
MakeAdminVerificationStrategyFromConfigTestParams{
.testName = "OnlyPassword",
.config = R"({"admin_password": "password"})",
.expectedError = false
},
MakeAdminVerificationStrategyFromConfigTestParams{
.testName = "OnlyLocalAdmin",
.config = R"({"local_admin": true})",
.expectedError = false
},
MakeAdminVerificationStrategyFromConfigTestParams{
.testName = "OnlyLocalAdminDisabled",
.config = R"({"local_admin": false})",
.expectedError = true
},
MakeAdminVerificationStrategyFromConfigTestParams{
.testName = "LocalAdminAndPassword",
.config = R"({"local_admin": true, "admin_password": "password"})",
.expectedError = true
},
MakeAdminVerificationStrategyFromConfigTestParams{
.testName = "LocalAdminDisabledAndPassword",
.config = R"({"local_admin": false, "admin_password": "password"})",
.expectedError = false
}
)
);

288
tests/unit/web/impl/ErrorHandlingTests.cpp Normal file
View File

@@ -0,0 +1,288 @@
//------------------------------------------------------------------------------
/*
This file is part of clio: https://github.com/XRPLF/clio
Copyright (c) 2024, the clio developers.
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
//==============================================================================
#include "rpc/Errors.hpp"
#include "util/LoggerFixtures.hpp"
#include "util/NameGenerator.hpp"
#include "util/Taggable.hpp"
#include "util/config/Config.hpp"
#include "web/SubscriptionContextInterface.hpp"
#include "web/impl/ErrorHandling.hpp"
#include "web/interface/ConnectionBase.hpp"
#include "web/interface/ConnectionBaseMock.hpp"
#include <boost/beast/http/status.hpp>
#include <boost/json/object.hpp>
#include <boost/json/serialize.hpp>
#include <gmock/gmock.h>
#include <gtest/gtest.h>
#include <memory>
#include <optional>
#include <string>
using namespace web::impl;
using namespace web;
struct ErrorHandlingTests : NoLoggerFixture {
util::TagDecoratorFactory tagFactory_{util::Config{}};
std::string const clientIp_ = "some ip";
ConnectionBaseStrictMockPtr connection_ =
std::make_shared<testing::StrictMock<ConnectionBaseMock>>(tagFactory_, clientIp_);
};
struct ErrorHandlingComposeErrorTestBundle {
std::string testName;
bool connectionUpgraded;
std::optional<boost::json::object> request;
boost::json::object expectedResult;
};
struct ErrorHandlingComposeErrorTest : ErrorHandlingTests,
testing::WithParamInterface<ErrorHandlingComposeErrorTestBundle> {};
TEST_P(ErrorHandlingComposeErrorTest, composeError)
{
connection_->upgraded = GetParam().connectionUpgraded;
ErrorHelper errorHelper{connection_, GetParam().request};
auto const result = errorHelper.composeError(rpc::RippledError::rpcNOT_READY);
EXPECT_EQ(boost::json::serialize(result), boost::json::serialize(GetParam().expectedResult));
}
INSTANTIATE_TEST_CASE_P(
ErrorHandlingComposeErrorTestGroup,
ErrorHandlingComposeErrorTest,
testing::ValuesIn(
{ErrorHandlingComposeErrorTestBundle{
"NoRequest_UpgradedConnection",
true,
std::nullopt,
{{"error", "notReady"},
{"error_code", 13},
{"error_message", "Not ready to handle this request."},
{"status", "error"},
{"type", "response"}}
},
ErrorHandlingComposeErrorTestBundle{
"NoRequest_NotUpgradedConnection",
false,
std::nullopt,
{{"result",
{{"error", "notReady"},
{"error_code", 13},
{"error_message", "Not ready to handle this request."},
{"status", "error"},
{"type", "response"}}}}
},
ErrorHandlingComposeErrorTestBundle{
"Request_UpgradedConnection",
true,
boost::json::object{{"id", 1}, {"api_version", 2}},
{{"error", "notReady"},
{"error_code", 13},
{"error_message", "Not ready to handle this request."},
{"status", "error"},
{"type", "response"},
{"id", 1},
{"api_version", 2},
{"request", {{"id", 1}, {"api_version", 2}}}}
},
ErrorHandlingComposeErrorTestBundle{
"Request_NotUpgradedConnection",
false,
boost::json::object{{"id", 1}, {"api_version", 2}},
{{"result",
{{"error", "notReady"},
{"error_code", 13},
{"error_message", "Not ready to handle this request."},
{"status", "error"},
{"type", "response"},
{"id", 1},
{"request", {{"id", 1}, {"api_version", 2}}}}}}
}}
),
tests::util::NameGenerator
);
struct ErrorHandlingSendErrorTestBundle {
std::string testName;
bool connectionUpgraded;
rpc::Status status;
std::string expectedMessage;
boost::beast::http::status expectedStatus;
};
struct ErrorHandlingSendErrorTest : ErrorHandlingTests,
testing::WithParamInterface<ErrorHandlingSendErrorTestBundle> {};
TEST_P(ErrorHandlingSendErrorTest, sendError)
{
connection_->upgraded = GetParam().connectionUpgraded;
ErrorHelper errorHelper{connection_};
EXPECT_CALL(*connection_, send(std::string{GetParam().expectedMessage}, GetParam().expectedStatus));
errorHelper.sendError(GetParam().status);
}
INSTANTIATE_TEST_CASE_P(
ErrorHandlingSendErrorTestGroup,
ErrorHandlingSendErrorTest,
testing::ValuesIn({
ErrorHandlingSendErrorTestBundle{
"UpgradedConnection",
true,
rpc::Status{rpc::RippledError::rpcTOO_BUSY},
R"({"error":"tooBusy","error_code":9,"error_message":"The server is too busy to help you now.","status":"error","type":"response"})",
boost::beast::http::status::ok
},
ErrorHandlingSendErrorTestBundle{
"NotUpgradedConnection_InvalidApiVersion",
false,
rpc::Status{rpc::ClioError::rpcINVALID_API_VERSION},
"invalid_API_version",
boost::beast::http::status::bad_request
},
ErrorHandlingSendErrorTestBundle{
"NotUpgradedConnection_CommandIsMissing",
false,
rpc::Status{rpc::ClioError::rpcCOMMAND_IS_MISSING},
"Null method",
boost::beast::http::status::bad_request
},
ErrorHandlingSendErrorTestBundle{
"NotUpgradedConnection_CommandIsEmpty",
false,
rpc::Status{rpc::ClioError::rpcCOMMAND_IS_EMPTY},
"method is empty",
boost::beast::http::status::bad_request
},
ErrorHandlingSendErrorTestBundle{
"NotUpgradedConnection_CommandNotString",
false,
rpc::Status{rpc::ClioError::rpcCOMMAND_NOT_STRING},
"method is not string",
boost::beast::http::status::bad_request
},
ErrorHandlingSendErrorTestBundle{
"NotUpgradedConnection_ParamsUnparseable",
false,
rpc::Status{rpc::ClioError::rpcPARAMS_UNPARSEABLE},
"params unparseable",
boost::beast::http::status::bad_request
},
ErrorHandlingSendErrorTestBundle{
"NotUpgradedConnection_RippledError",
false,
rpc::Status{rpc::RippledError::rpcTOO_BUSY},
R"({"result":{"error":"tooBusy","error_code":9,"error_message":"The server is too busy to help you now.","status":"error","type":"response"}})",
boost::beast::http::status::bad_request
},
}),
tests::util::NameGenerator
);
TEST_F(ErrorHandlingTests, sendInternalError)
{
ErrorHelper errorHelper{connection_};
EXPECT_CALL(
*connection_,
send(
std::string{
R"({"result":{"error":"internal","error_code":73,"error_message":"Internal error.","status":"error","type":"response"}})"
},
boost::beast::http::status::internal_server_error
)
);
errorHelper.sendInternalError();
}
TEST_F(ErrorHandlingTests, sendNotReadyError)
{
ErrorHelper errorHelper{connection_};
EXPECT_CALL(
*connection_,
send(
std::string{
R"({"result":{"error":"notReady","error_code":13,"error_message":"Not ready to handle this request.","status":"error","type":"response"}})"
},
boost::beast::http::status::ok
)
);
errorHelper.sendNotReadyError();
}
TEST_F(ErrorHandlingTests, sendTooBusyError_UpgradedConnection)
{
connection_->upgraded = true;
ErrorHelper errorHelper{connection_};
EXPECT_CALL(
*connection_,
send(
std::string{
R"({"error":"tooBusy","error_code":9,"error_message":"The server is too busy to help you now.","status":"error","type":"response"})"
},
boost::beast::http::status::ok
)
);
errorHelper.sendTooBusyError();
}
TEST_F(ErrorHandlingTests, sendTooBusyError_NotUpgradedConnection)
{
connection_->upgraded = false;
ErrorHelper errorHelper{connection_};
EXPECT_CALL(
*connection_,
send(
std::string{
R"({"error":"tooBusy","error_code":9,"error_message":"The server is too busy to help you now.","status":"error","type":"response"})"
},
boost::beast::http::status::service_unavailable
)
);
errorHelper.sendTooBusyError();
}
TEST_F(ErrorHandlingTests, sendJsonParsingError_UpgradedConnection)
{
connection_->upgraded = true;
ErrorHelper errorHelper{connection_};
EXPECT_CALL(
*connection_,
send(
std::string{
R"({"error":"badSyntax","error_code":1,"error_message":"Syntax error.","status":"error","type":"response"})"
},
boost::beast::http::status::ok
)
);
errorHelper.sendJsonParsingError();
}
TEST_F(ErrorHandlingTests, sendJsonParsingError_NotUpgradedConnection)
{
connection_->upgraded = false;
ErrorHelper errorHelper{connection_};
EXPECT_CALL(
*connection_,
send(std::string{"Unable to parse JSON from the request"}, boost::beast::http::status::bad_request)
);
errorHelper.sendJsonParsingError();
}