From 01c9afaacaf7792670509c7f46e743ab35e680ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20St=C3=A1rek?= Date: Mon, 28 Oct 2019 12:01:50 +0100 Subject: [PATCH] Added unit tests for both parser and fuzzer --- .travis.yml | 1 + .../unit_tests/request_build_helper_tests.py | 86 +++++++++++++++++++ parser/Parser.Tests/AttributeParserTests.cs | 28 ++++++ 3 files changed, 115 insertions(+) create mode 100644 fuzzer/src/unit_tests/request_build_helper_tests.py diff --git a/.travis.yml b/.travis.yml index 62d1bd8..3689f4b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -18,4 +18,5 @@ script: - cd ~/build/ysoftdevs/wapifuzz/parser/ && dotnet restore && dotnet test - cd ~/build/ysoftdevs/wapifuzz/fuzzer/src/ && python3 -m unittest unit_tests.fuzzing_json_decoder_tests - cd ~/build/ysoftdevs/wapifuzz/fuzzer/src/ && python3 -m unittest unit_tests.json_schema_parser_tests + - cd ~/build/ysoftdevs/wapifuzz/fuzzer/src/ && python3 -m unittest unit_tests.request_build_helper_tests - cd ~/build/ysoftdevs/wapifuzz/tests/ && chmod +x run_tests.sh && travis_wait ./run_tests.sh diff --git a/fuzzer/src/unit_tests/request_build_helper_tests.py b/fuzzer/src/unit_tests/request_build_helper_tests.py new file mode 100644 index 0000000..5237684 --- /dev/null +++ b/fuzzer/src/unit_tests/request_build_helper_tests.py @@ -0,0 +1,86 @@ +import unittest +from request_build_helper import RequestBuildHelper +from boofuzz import * +from configuration_manager import ConfigurationManager + + +class RequestBuilderHelperTests(unittest.TestCase): + def setUp(self): + # Just init block for boofuzz + s_initialize(self.id()) + + ConfigurationManager.config = [] + + def test_generate_simple_uri_without_parameters(self): + uri_parameters = [] + base_uri = '/api/endpoint' + + RequestBuildHelper.generate_uri(base_uri, uri_parameters) + + uri = s_render().decode('utf8', 'ignore') + self.assertEqual(base_uri, uri) + + def test_generate_uri_path_parameter_without_documentation(self): + uri_parameters = [] + + RequestBuildHelper.generate_uri('/api/endpoint/{id}', uri_parameters) + + uri = s_render().decode('utf8', 'ignore') + self.assertEqual('/api/endpoint/attribute', uri) + + def test_generate_uri_path_parameter_with_fixed_config_value(self): + uri_parameters = [] + ConfigurationManager.config = { + "fixed_url_attributes": { + "id": "20" + } + } + + RequestBuildHelper.generate_uri('/api/endpoint/{id}', uri_parameters) + + uri = s_render().decode('utf8', 'ignore') + self.assertEqual('/api/endpoint/20', uri) + + def test_generate_uri_path_parameter_with_documented_example(self): + uri_parameters = [{'Name': 'id', 'Required': True, 'ExampleValue': '1', 'Type': 'string', 'Format': None, 'Location': 'Path'}] + + RequestBuildHelper.generate_uri('/api/endpoint/{id}', uri_parameters) + + uri = s_render().decode('utf8', 'ignore') + self.assertEqual('/api/endpoint/1', uri) + + def test_generate_uri_single_query_parameter_with_documented_example(self): + uri_parameters = [{'Name': 'id', 'Required': True, 'ExampleValue': '1', 'Type': 'string', 'Format': None, 'Location': 'Query'}] + + RequestBuildHelper.generate_uri('/api/endpoint', uri_parameters) + + uri = s_render().decode('utf8', 'ignore') + self.assertEqual('/api/endpoint?id=1', uri) + + def test_generate_uri_single_query_parameter_with_multiple_documented_examples(self): + uri_parameters = [ + {'Name': 'id', 'Required': True, 'ExampleValue': '1', 'Type': 'string', 'Format': None, 'Location': 'Query'}, + {'Name': 'attr', 'Required': True, 'ExampleValue': '2', 'Type': 'string', 'Format': None, 'Location': 'Query'} + ] + + RequestBuildHelper.generate_uri('/api/endpoint', uri_parameters) + + uri = s_render().decode('utf8', 'ignore') + self.assertEqual('/api/endpoint?id=1&attr=2', uri) + + def test_generate_uri_combined_parameters(self): + ConfigurationManager.config = { + "fixed_url_attributes": { + "attr2": "20" + } + } + uri_parameters = [ + {'Name': 'id', 'Required': True, 'ExampleValue': '1', 'Type': 'string', 'Format': None, 'Location': 'Path'}, + {'Name': 'attr1', 'Required': True, 'ExampleValue': '2', 'Type': 'string', 'Format': None, 'Location': 'Query'}, + {'Name': 'attr2', 'Required': True, 'ExampleValue': '3', 'Type': 'integer', 'Format': 'int32', 'Location': 'Query'} + ] + + RequestBuildHelper.generate_uri('/api/endpoint/{id}', uri_parameters) + + uri = s_render().decode('utf8', 'ignore') + self.assertEqual('/api/endpoint/1?attr1=2&attr2=20', uri) diff --git a/parser/Parser.Tests/AttributeParserTests.cs b/parser/Parser.Tests/AttributeParserTests.cs index e14c68b..db1d454 100644 --- a/parser/Parser.Tests/AttributeParserTests.cs +++ b/parser/Parser.Tests/AttributeParserTests.cs @@ -19,6 +19,34 @@ namespace Parser.Tests Assert.IsNull(parsedAttribute); } + [Test] + public void ParsingPathAttributeWithPathLocation() + { + OpenApiParameter parameter = new OpenApiParameter + { + Schema = new OpenApiSchema { Type = "string", Format = null }, + In = ParameterLocation.Path + }; + + var parsedAttribute = AttributeParser.ParseAttribute(parameter); + + Assert.AreEqual("Path", parsedAttribute.Location); + } + + [Test] + public void ParsingPathAttributeWithQueryLocation() + { + OpenApiParameter parameter = new OpenApiParameter + { + Schema = new OpenApiSchema { Type = "string", Format = null }, + In = ParameterLocation.Query + }; + + var parsedAttribute = AttributeParser.ParseAttribute(parameter); + + Assert.AreEqual("Query", parsedAttribute.Location); + } + [Test] public void ParsingAttributeWithNoTypeOrFormatShouldReturnNull() {