Skip to content

Commit

Permalink
Basic Tests for configured Rules
Browse files Browse the repository at this point in the history 
Bugfix Requester
  • Loading branch information
@frickelbruder
frickelbruder committed Sep 12, 2016
1 parent ca3c6dd commit 5c011bf
Show file tree
Hide file tree
Showing 4 changed files with 226 additions and 11 deletions.
18 changes: 13 additions & 5 deletions src/Http/HttpRequester.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
namespace Frickelbruder\KickOff\Http;

use Frickelbruder\KickOff\Configuration\TargetUrl;
use GuzzleHttp\Exception\ClientException;
use GuzzleHttp\TransferStats;
use GuzzleHttp\Client;

Expand Down Expand Up @@ -36,11 +37,18 @@ private function call(TargetUrl $targetUrl) {
$response = new HttpResponse();

$client = $this->getClient();
$httpResponseFromWebsite = $client->request( $targetUrl->method,
$targetUrl->getUrl(),
$this->getOptionsArray( $targetUrl, $response )
);

try {
$httpResponseFromWebsite = $client->request( $targetUrl->method,
$targetUrl->getUrl(),
$this->getOptionsArray( $targetUrl, $response )
);
$headers = $this->prepareResponseHeaders( $httpResponseFromWebsite->getHeaders() );
$response->setHeaders( $headers );
$response->setBody( $httpResponseFromWebsite->getBody() );
$response->setStatus( $httpResponseFromWebsite->getStatusCode() );
} catch(ClientException $e) {
$httpResponseFromWebsite = $e->getResponse();
}
$headers = $this->prepareResponseHeaders( $httpResponseFromWebsite->getHeaders() );
$response->setHeaders( $headers );
$response->setBody( $httpResponseFromWebsite->getBody() );
Expand Down
186 changes: 186 additions & 0 deletions tests/Cli/ConfiguredRulesDefaultCommandTest.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,186 @@
<?php
namespace Frickelbruder\KickOff\Tests\Cli;

use Frickelbruder\KickOff\Configuration\Configuration;
use Frickelbruder\KickOff\Http\HttpRequester;
use Frickelbruder\KickOff\Log\Listener\ConsoleOutputListener;
use Frickelbruder\KickOff\Log\Logger;
use Frickelbruder\KickOff\Yaml\Yaml;
use GuzzleHttp\Client;
use GuzzleHttp\Handler\MockHandler;
use GuzzleHttp\HandlerStack;
use GuzzleHttp\Middleware;
use GuzzleHttp\Psr7\Response;

class ConfiguredRuleDefaultCommandTest extends \PHPUnit_Framework_TestCase {

/**
* @var DefaultCommandProxy
*/
private $defaultCommand;

/**
* @var HttpRequester
*/
private $requester = null;

/**
* @var Logger
*/
private $logger = null;

private $defaultHeaders = array();

public function setUp() {
$yaml = new Yaml();
$config = new Configuration($yaml);
$this->requester = new HttpRequester();

$this->logger = new Logger();
$this->logger->addListener('log', new ConsoleOutputListener());
$this->defaultCommand = new DefaultCommandProxy('test', $this->requester, $config, $this->logger);

$this->defaultHeaders = array(
'X-XSS-Protection' => '1; mode=block',
'X-Content-Type-Options' => 'nosniff',
'X-Frame-Options' => 'SAMEORIGIN',
'Set-Cookie' => 'PHPSESSID=SESSION; path=/; expires=WHENEVER; secure; HttpOnly',
'Strict-Transport-Security' => 'max-age=31536000; includeSubDomains; preload',
'Expires' => gmdate('D, d M Y H:i:s \G\M\T', time() + 2000000),
'ETag' => '1212112'
);

}

public function testHttpHeaderXSSProtectionPresent() {
$responses = array();
$responses[] = new Response( 200, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderXSSProtectionPresent');

$this->assertTrue($errorCount == 0);
}

public function testHttpHeaderXSSProtectionSecure() {
$responses = array();
$responses[] = new Response( 200, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderXSSProtectionSecure');

$this->assertTrue($errorCount == 0);
}
public function testHttpHeaderExposeLanguage() {
$responses = array();
$responses[] = new Response( 200, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderExposeLanguage');

$this->assertTrue($errorCount == 0);
}

public function testHttpHeaderHasEtag() {
$responses = array();
$responses[] = new Response( 200, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderHasEtag');

$this->assertTrue($errorCount == 0);
}
public function testHttpHeaderResourceFound() {
$responses = array();
$responses[] = new Response( 200, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderResourceFound');

$this->assertTrue($errorCount == 0);
}
public function testHttpHeaderResourceIsMissing() {
$responses = array();
$responses[] = new Response( 404, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderResourceIsMissing');

$this->assertTrue($errorCount == 0);
}
public function testHttpHeaderContentTypeNoSniffing() {
$responses = array();
$responses[] = new Response( 200, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderContentTypeNoSniffing');

$this->assertTrue($errorCount == 0);
}
public function testHttpHeaderFrameOptionsSameOrigin() {
$responses = array();
$responses[] = new Response( 200, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderFrameOptionsSameOrigin');

$this->assertTrue($errorCount == 0);
}
public function testHttpHeaderCookieWithHttpOnlyFlag() {
$responses = array();
$responses[] = new Response( 200, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderCookieWithHttpOnlyFlag');

$this->assertTrue($errorCount == 0);
}
public function testHttpHeaderCookieWithHttpSecureFlag() {
$responses = array();
$responses[] = new Response( 200, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderCookieWithHttpSecureFlag');

$this->assertTrue($errorCount == 0);
}
public function testHttpHeaderHSTSPresent() {
$responses = array();
$responses[] = new Response( 200, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderHSTSPresent');

$this->assertTrue($errorCount == 0);
}
public function testHttpHeaderHSTSWithSubdomains() {
$responses = array();
$responses[] = new Response( 200, $this->defaultHeaders, 'test123' );
$this->requester->setClient($this->setupClient($responses));

$errorCount = $this->defaultCommand->executeProxy(__DIR__ . '/files/configuredRules.yml', 'HttpHeaderHSTSWithSubdomains');

$this->assertTrue($errorCount == 0);
}



/**
* @return Client
*/
public function setupClient($responses = array(), &$historyContainer = null) {

$mock = new MockHandler($responses);

$handler = HandlerStack::create( $mock );

if(!is_null($historyContainer)) {
$history = Middleware::history($historyContainer);
$handler->push($history);
}

$client = new Client( array( 'handler' => $handler ) );

return $client;
}
}
8 changes: 4 additions & 4 deletions tests/Cli/DefaultCommandProxy.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,13 @@

class DefaultCommandProxy extends DefaultCommand {

public function executeProxy($path) {
public function executeProxy($path, $sectionName) {

$this->buildConfiguration($path);

foreach($this->configuration->getSections() as $sectionName => $section) {
$this->handleSection($section);
}
$sections = $this->configuration->getSections();

$this->handleSection($sections[$sectionName]);

return $this->errorCount;
}
Expand Down
25 changes: 23 additions & 2 deletions tests/Cli/files/configuredRules.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,18 +4,39 @@ defaults:
scheme: https://

Sections:
main:
HttpHeaderXSSProtectionPresent:
rules:
- HttpHeaderXSSProtectionPresent
HttpHeaderXSSProtectionSecure:
rules:
- HttpHeaderXSSProtectionSecure
HttpHeaderExposeLanguage:
rules:
- HttpHeaderExposeLanguage
- HttpHeaderHasFarFutureExpiresHeader
HttpHeaderHasEtag:
rules:
- HttpHeaderHasEtag
HttpHeaderResourceFound:
rules:
- HttpHeaderResourceFound
HttpHeaderResourceIsMissing:
rules:
- HttpHeaderResourceIsMissing
HttpHeaderContentTypeNoSniffing:
rules:
- HttpHeaderContentTypeNoSniffing
HttpHeaderFrameOptionsSameOrigin:
rules:
- HttpHeaderFrameOptionsSameOrigin
HttpHeaderCookieWithHttpOnlyFlag:
rules:
- HttpHeaderCookieWithHttpOnlyFlag
HttpHeaderCookieWithHttpSecureFlag:
rules:
- HttpHeaderCookieWithHttpSecureFlag
HttpHeaderHSTSPresent:
rules:
- HttpHeaderHSTSPresent
HttpHeaderHSTSWithSubdomains:
rules:
- HttpHeaderHSTSWithSubdomains

0 comments on commit 5c011bf

Please sign in to comment.