feat: more tests

server/backend/auth_test.go

@@ -0,0 +1,38 @@
+package backend
+
+import "testing"
+
+func TestHashPassword(t *testing.T) {
+	hash, err := HashPassword("password")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if hash == "" {
+		t.Fatal("hash is empty")
+	}
+}
+
+func TestVerifyPassword(t *testing.T) {
+	hash, err := HashPassword("password")
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !VerifyPassword("password", hash) {
+		t.Fatal("password did not verify")
+	}
+}
+
+func TestGenerateToken(t *testing.T) {
+	token := GenerateToken()
+	if token == "" {
+		t.Fatal("token is empty")
+	}
+}
+
+func TestHashToken(t *testing.T) {
+	token := GenerateToken()
+	hash := HashToken(token)
+	if hash == "" {
+		t.Fatal("hash is empty")
+	}
+}

server/lfs/pointer_test.go

@@ -0,0 +1,95 @@
+package lfs
+
+import (
+	"errors"
+	"strconv"
+	"strings"
+	"testing"
+)
+
+func TestReadPointer(t *testing.T) {
+	cases := []struct {
+		name     string
+		content  string
+		want     Pointer
+		wantErr  error
+		wantErrp interface{}
+	}{
+		{
+			name: "valid pointer",
+			content: `version https://git-lfs.github.com/spec/v1
+oid sha256:1234567890123456789012345678901234567890123456789012345678901234
+size 1234
+`,
+			want: Pointer{
+				Oid:  "1234567890123456789012345678901234567890123456789012345678901234",
+				Size: 1234,
+			},
+		},
+		{
+			name: "invalid prefix",
+			content: `version https://foobar/spec/v2
+oid sha256:1234567890123456789012345678901234567890123456789012345678901234
+size 1234
+`,
+			wantErr: ErrMissingPrefix,
+		},
+		{
+			name: "invalid oid",
+			content: `version https://git-lfs.github.com/spec/v1
+oid sha256:&2345a78$012345678901234567890123456789012345678901234567890123
+size 1234
+`,
+			wantErr: ErrInvalidOIDFormat,
+		},
+		{
+			name: "invalid size",
+			content: `version https://git-lfs.github.com/spec/v1
+oid sha256:1234567890123456789012345678901234567890123456789012345678901234
+size abc
+`,
+			wantErrp: &strconv.NumError{},
+		},
+		{
+			name: "invalid structure",
+			content: `version https://git-lfs.github.com/spec/v1
+`,
+			wantErr: ErrInvalidStructure,
+		},
+		{
+			name:    "empty pointer",
+			wantErr: ErrMissingPrefix,
+		},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			p, err := ReadPointerFromBuffer([]byte(tc.content))
+			if err != tc.wantErr && !errors.As(err, &tc.wantErrp) {
+				t.Errorf("ReadPointerFromBuffer() error = %v(%T), wantErr %v(%T)", err, err, tc.wantErr, tc.wantErr)
+				return
+			}
+			if err != nil {
+				return
+			}
+
+			if err == nil {
+				if !p.IsValid() {
+					t.Errorf("Expected a valid pointer")
+					return
+				}
+				if p.Oid != strings.ReplaceAll(p.RelativePath(), "/", "") {
+					t.Errorf("Expected oid to be the relative path without slashes")
+					return
+				}
+			}
+
+			if p.Oid != tc.want.Oid {
+				t.Errorf("ReadPointerFromBuffer() oid = %v, want %v", p.Oid, tc.want.Oid)
+			}
+			if p.Size != tc.want.Size {
+				t.Errorf("ReadPointerFromBuffer() size = %v, want %v", p.Size, tc.want.Size)
+			}
+		})
+	}
+}

server/web/goget.go

@@ -31,7 +31,8 @@ var repoIndexHTMLTpl = template.Must(template.New("index").Parse(`<!DOCTYPE html
 <body>
 Redirecting to docs at <a href="https://godoc.org/{{ .ImportRoot }}/{{ .Repo }}">godoc.org/{{ .ImportRoot }}/{{ .Repo }}</a>...
 </body>
-</html>`))
+</html>
+`))
 
 // GoGetHandler handles go get requests.
 type GoGetHandler struct{}

testscript/testdata/http.txtar

@@ -1,7 +1,7 @@
 # vi: set ft=conf
 
 # convert crlf to lf on windows
-[windows] dos2unix http1.txt
+[windows] dos2unix http1.txt http2.txt http3.txt goget.txt
 
 # create user
 soft user create user1 --key "$USER1_AUTHORIZED_KEY"
@@ -11,6 +11,10 @@ soft token create --expires-in '1h' 'repo2'
 stdout 'ss_*'
 cp stdout tokenfile
 envfile TOKEN=tokenfile
+soft token create --expires-in '1ns' 'repo2'
+stdout 'ss_*'
+cp stdout etokenfile
+envfile ETOKEN=etokenfile
 usoft token create 'repo2'
 stdout 'ss_*'
 cp stdout utokenfile
@@ -40,38 +44,63 @@ exec curl -s -XGET http://localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
 stdout '.*Method Not Allowed.*'
 exec curl -s -XPOST http://$UTOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
 stdout '.*Not Acceptable.*'
-exec curl -s -XPOST  -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
+exec curl -s -XPOST -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
 stdout '.*validation error.*'
-exec curl -s -XPOST  -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{}' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
+exec curl -s -XPOST -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{}' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
 stdout '.*no objects found.*'
-exec curl -s -XPOST  -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{"operation":"download","transfers":["foo"]}' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
+exec curl -s -XPOST -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{"operation":"download","transfers":["foo"]}' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
 stdout '.*unsupported transfer.*'
-exec curl -s -XPOST  -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{"operation":"bar","objects":[{}]}' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
+exec curl -s -XPOST -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{"operation":"bar","objects":[{}]}' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
 stdout '.*unsupported operation.*'
-exec curl -s -XPOST  -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{"operation":"download","objects":[{}]}' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
+exec curl -s -XPOST -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{"operation":"download","objects":[{}]}' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
 cmp stdout http1.txt
-exec curl -s -XPOST  -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{"operation":"upload","objects":[{}]}' http://$UTOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
+exec curl -s -XPOST -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{"operation":"upload","objects":[{}]}' http://$UTOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
 stdout '.*credentials needed.*'
-exec curl -s -XPOST  -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{"operation":"upload","objects":[{}]}' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
+exec curl -s -XPOST -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' -d '{"operation":"upload","objects":[{}]}' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
 cmp stdout http1.txt
 
 # set private
 soft repo private repo2 true
 
 # allow access private
-exec curl -s http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
-stdout .
+exec curl -s -XPOST -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' http://$TOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
+cmp stdout http2.txt
+exec curl -s -XPOST -H 'Accept: application/vnd.git-lfs+json' -H 'Content-Type: application/vnd.git-lfs+json' http://$ETOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
+cmp stdout http3.txt
 
 # deny access private
 exec curl -s http://localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
 stdout '.*credentials needed.*'
 exec curl -s http://$UTOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
 stdout '.*credentials needed.*'
 exec curl -s http://0$UTOKEN@localhost:$HTTP_PORT/repo2.git/info/lfs/objects/batch
-stdout '.*bad credentials.*'
+cmp stdout http3.txt
 ! git clone http://someuser:somepassword@localhost:$HTTP_PORT/repo2 repo2_clone
 stderr '.*Unauthorized.*'
 
+# go-get endpoints not found
+exec curl -s http://localhost:$HTTP_PORT/repo2.git
+stdout '404.*'
+
+# go-get endpoints
+exec curl -s http://localhost:$HTTP_PORT/repo2.git?go-get=1
+cmpenv stdout goget.txt
 
 -- http1.txt --
 {"transfer":"basic","objects":[{"oid":"","size":0,"error":{"code":422,"message":"invalid object"}}],"hash_algo":"sha256"}
+-- http2.txt --
+{"message":"validation error in request: EOF"}
+-- http3.txt --
+{"message":"bad credentials"}
+-- goget.txt --
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+    <meta http-equiv="refresh" content="0; url=https://godoc.org/localhost:$HTTP_PORT/repo2">
+    <meta name="go-import" content="localhost:$HTTP_PORT/repo2 git http://localhost:$HTTP_PORT/repo2">
+</head>
+<body>
+Redirecting to docs at <a href="https://godoc.org/localhost:$HTTP_PORT/repo2">godoc.org/localhost:$HTTP_PORT/repo2</a>...
+</body>
+</html>

testscript/testdata/token.txtar

@@ -0,0 +1,32 @@
+# vi: set ft=conf
+
+# convert crlf to lf on windows
+[windows] dos2unix tokens.txt
+
+# create user
+soft user create user1 --key "$USER1_AUTHORIZED_KEY"
+
+# generate jwt token
+usoft token create 'test1'
+stdout 'ss_.*'
+stderr 'Access token created'
+usoft token create --expires-in 1y 'test2'
+stdout 'ss_.*'
+stderr 'Access token created'
+usoft token create --expires-in 1ns 'test3'
+stdout 'ss_.*'
+stderr 'Access token created'
+
+# list tokens
+usoft token list
+cmp stdout tokens.txt
+
+# delete token
+usoft token delete 1
+
+-- tokens.txt --
+
+ID        Name        Expires In         Created At        
+1         test1       -                  now
+2         test2       1 year from now    now
+3         test3       expired            now