69 lines
1.6 KiB
69 lines
1.6 KiB
use warnings;
|
|
use strict;
|
|
|
|
use Net::Domain qw(hostfqdn);
|
|
use LWP::UserAgent;
|
|
use Test::More;
|
|
use File::Temp qw/tempfile/;
|
|
use Test::Collection;
|
|
|
|
my $uri = $ENV{CATALYST_SERVER} || ('https://'.hostfqdn.':4443');
|
|
|
|
#docker: CATALYST_SERVER=https://10.15.20.104:1443 perl t/api-rest/api-cert-auth.t
|
|
|
|
my ($invalid_ssl_client_cert, $valid_ssl_client_cert) = _download_certs($uri);
|
|
|
|
my ($ua, $res);
|
|
$ua = LWP::UserAgent->new;
|
|
|
|
SKIP1:
|
|
{
|
|
# invalid cert
|
|
$ua->ssl_opts(
|
|
SSL_cert_file => $invalid_ssl_client_cert,
|
|
SSL_key_file => $invalid_ssl_client_cert,
|
|
SSL_verify_mode => 0,
|
|
verify_hostname => 0,
|
|
);
|
|
$res = $ua->head($uri.'/api/');
|
|
is($res->code, 403, "check invalid client certificate")
|
|
|| note ($res->message);
|
|
}
|
|
SKIP2:
|
|
{
|
|
$ua->ssl_opts(
|
|
SSL_cert_file => $valid_ssl_client_cert,
|
|
SSL_key_file => $valid_ssl_client_cert,
|
|
SSL_verify_mode => 0,
|
|
verify_hostname => 0,
|
|
);
|
|
$res = $ua->head($uri.'/api/');
|
|
is($res->code, 200, "check valid client certificate")
|
|
|| note ($res->message);
|
|
}
|
|
|
|
# just to generate a new cert on file system cache:
|
|
$ua = Test::Collection->new()->ua();
|
|
|
|
done_testing;
|
|
|
|
sub _download_certs {
|
|
my ($uri) = @_;
|
|
my ($ua, $req, $res);
|
|
|
|
my $invalid_cert = '/tmp/invalidcert.pem';
|
|
my $valid_cert = '/tmp/validcert.pem';
|
|
|
|
-f $invalid_cert && unlink $invalid_cert;
|
|
-f $valid_cert && unlink $valid_cert;
|
|
|
|
my $coll = Test::Collection->new();
|
|
rename $coll->ssl_cert, $invalid_cert;
|
|
$coll->clear_cert;
|
|
rename $coll->ssl_cert, $valid_cert;
|
|
|
|
return ($invalid_cert, $valid_cert);
|
|
}
|
|
|
|
# vim: set tabstop=4 expandtab:
|