nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 21:18:13 -05:00
Code

Add HTTP Tests

Browse Source
This commit is contained in:
Justin Baur 2025-04-04 15:02:21 -04:00
parent f5e10d6062
commit 62bdd91cf3
No known key found for this signature in database
1 changed files with 103 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
test/Core.Test/Platform/X509ChainCustomization/X509ChainCustomizationServiceCollectionExtensionsTests.cs
View File

@ -1,7 +1,11 @@
using System.Security.Cryptography; using System.Security.Authentication;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.X509Certificates;
using Bit.Core.Platform.X509ChainCustomization; using Bit.Core.Platform.X509ChainCustomization;
using Bit.Core.Settings; using Bit.Core.Settings;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Server.Kestrel.Https;
using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting; using Microsoft.Extensions.Hosting;
@ -182,6 +186,104 @@ public class X509ChainCustomizationServiceCollectionExtensionsTests
); );
} }
[Fact]
public async Task CallHttpWithSelfSignedCert_SelfSignedCertificateConfigured_Works()
{
var selfSignedCertificate = CreateSelfSignedCert("localhost");
await using var app = await CreateServerAsync(55555, options =>
{
options.ServerCertificate = selfSignedCertificate;
});
var services = CreateServices((gs, environment, config) => {}, services =>
{
services.Configure<X509ChainOptions>(options =>
{
options.AdditionalCustomTrustCertificates = [selfSignedCertificate];
});
});
var httpClient = services.GetRequiredService<IHttpClientFactory>().CreateClient();
var response = await httpClient.GetStringAsync("https://localhost:55555");
Assert.Equal("Hi", response);
}
[Fact]
public async Task CallHttpWithSelfSignedCert_SelfSignedCertificateNotConfigured_Throws()
{
var selfSignedCertificate = CreateSelfSignedCert("localhost");
await using var app = await CreateServerAsync(55556, options =>
{
options.ServerCertificate = selfSignedCertificate;
});
var services = CreateServices((gs, environment, config) => {}, services =>
{
services.Configure<X509ChainOptions>(options =>
{
options.AdditionalCustomTrustCertificates = [CreateSelfSignedCert("example.com")];
});
});
var httpClient = services.GetRequiredService<IHttpClientFactory>().CreateClient();
var requestException = await Assert.ThrowsAsync<HttpRequestException>(async () => await httpClient.GetStringAsync("https://localhost:55556"));
Assert.NotNull(requestException.InnerException);
var authenticationException = Assert.IsAssignableFrom<AuthenticationException>(requestException.InnerException);
Assert.Equal("The remote certificate was rejected by the provided RemoteCertificateValidationCallback.", authenticationException.Message);
}
[Fact]
public async Task CallHttpWithSelfSignedCert_SelfSignedCertificateConfigured_WithExtraCert_Works()
{
var selfSignedCertificate = CreateSelfSignedCert("localhost");
await using var app = await CreateServerAsync(55557, options =>
{
options.ServerCertificate = selfSignedCertificate;
});
var services = CreateServices((gs, environment, config) => {}, services =>
{
services.Configure<X509ChainOptions>(options =>
{
options.AdditionalCustomTrustCertificates = [selfSignedCertificate, CreateSelfSignedCert("example.com")];
});
});
var httpClient = services.GetRequiredService<IHttpClientFactory>().CreateClient();
var response = await httpClient.GetStringAsync("https://localhost:55557");
Assert.Equal("Hi", response);
}
private static async Task<IAsyncDisposable> CreateServerAsync(int port, Action<HttpsConnectionAdapterOptions> configure)
{
// Start HTTP Server with self signed cert
var builder = WebApplication.CreateSlimBuilder();
builder.Logging.AddFakeLogging();
builder.Services.AddRoutingCore();
builder.WebHost.UseKestrelCore()
.ConfigureKestrel(options =>
{
options.ListenLocalhost(port, listenOptions =>
{
listenOptions.UseHttps(httpsOptions =>
{
configure(httpsOptions);
});
});
});
var app = builder.Build();
app.MapGet("/", () => "Hi");
await app.StartAsync();
return app;
}
private static X509ChainOptions CreateOptions(Action<GlobalSettings, IHostEnvironment, Dictionary<string, string>> configure, Action<IServiceCollection>? after = null) private static X509ChainOptions CreateOptions(Action<GlobalSettings, IHostEnvironment, Dictionary<string, string>> configure, Action<IServiceCollection>? after = null)
{ {
var services = CreateServices(configure, after); var services = CreateServices(configure, after);