letsencrypt: More tests! \o/

caddy/letsencrypt/letsencrypt_test.go

@@ -122,7 +122,7 @@ func TestRedirPlaintextHost(t *testing.T) {
 }
 
 func TestSaveCertResource(t *testing.T) {
-	storage = Storage("./le_test")
+	storage = Storage("./le_test_save")
 	defer func() {
 		err := os.RemoveAll(string(storage))
 		if err != nil {
@@ -176,3 +176,168 @@ func TestSaveCertResource(t *testing.T) {
 		t.Errorf("Expected meta file to contain '%s', got '%s'", metaContents, string(metaFile))
 	}
 }
+
+func TestExistingCertAndKey(t *testing.T) {
+	storage = Storage("./le_test_existing")
+	defer func() {
+		err := os.RemoveAll(string(storage))
+		if err != nil {
+			t.Fatalf("Could not remove temporary storage directory (%s): %v", storage, err)
+		}
+	}()
+
+	domain := "example.com"
+
+	if existingCertAndKey(domain) {
+		t.Errorf("Did NOT expect %v to have existing cert or key, but it did", domain)
+	}
+
+	err := saveCertResource(acme.CertificateResource{
+		Domain:      domain,
+		PrivateKey:  []byte("key"),
+		Certificate: []byte("cert"),
+	})
+	if err != nil {
+		t.Fatalf("Expected no error, got: %v", err)
+	}
+
+	if !existingCertAndKey(domain) {
+		t.Errorf("Expected %v to have existing cert and key, but it did NOT", domain)
+	}
+}
+
+func TestHostHasOtherPort(t *testing.T) {
+	configs := []server.Config{
+		server.Config{Host: "example.com", Port: "80"},
+		server.Config{Host: "sub1.example.com", Port: "80"},
+		server.Config{Host: "sub1.example.com", Port: "443"},
+	}
+
+	if hostHasOtherPort(configs, 0, "80") {
+		t.Errorf(`Expected hostHasOtherPort(configs, 0, "80") to be false, but got true`)
+	}
+	if hostHasOtherPort(configs, 0, "443") {
+		t.Errorf(`Expected hostHasOtherPort(configs, 0, "443") to be false, but got true`)
+	}
+	if !hostHasOtherPort(configs, 1, "443") {
+		t.Errorf(`Expected hostHasOtherPort(configs, 1, "443") to be true, but got false`)
+	}
+}
+
+func TestMakePlaintextRedirects(t *testing.T) {
+	configs := []server.Config{
+		// Happy path = standard redirect from 80 to 443
+		server.Config{Host: "example.com", TLS: server.TLSConfig{Managed: true}},
+
+		// Host on port 80 already defined; don't change it (no redirect)
+		server.Config{Host: "sub1.example.com", Port: "80", Scheme: "http"},
+		server.Config{Host: "sub1.example.com", TLS: server.TLSConfig{Managed: true}},
+
+		// Redirect from port 80 to port 5000 in this case
+		server.Config{Host: "sub2.example.com", Port: "5000", TLS: server.TLSConfig{Managed: true}},
+
+		// Can redirect from 80 to either 443 or 5001, but choose 443
+		server.Config{Host: "sub3.example.com", Port: "443", TLS: server.TLSConfig{Managed: true}},
+		server.Config{Host: "sub3.example.com", Port: "5001", Scheme: "https", TLS: server.TLSConfig{Managed: true}},
+	}
+
+	result := MakePlaintextRedirects(configs)
+	expectedRedirCount := 3
+
+	if len(result) != len(configs)+expectedRedirCount {
+		t.Errorf("Expected %d redirect(s) to be added, but got %d",
+			expectedRedirCount, len(result)-len(configs))
+	}
+}
+
+func TestEnableTLS(t *testing.T) {
+	configs := []server.Config{
+		server.Config{TLS: server.TLSConfig{Managed: true}},
+		server.Config{}, // not managed - no changes!
+	}
+
+	EnableTLS(configs)
+
+	if !configs[0].TLS.Enabled {
+		t.Errorf("Expected config 0 to have TLS.Enabled == true, but it was false")
+	}
+	if configs[0].TLS.Certificate == "" {
+		t.Errorf("Expected config 0 to have TLS.Certificate set, but it was empty")
+	}
+	if configs[0].TLS.Key == "" {
+		t.Errorf("Expected config 0 to have TLS.Key set, but it was empty")
+	}
+
+	if configs[1].TLS.Enabled {
+		t.Errorf("Expected config 1 to have TLS.Enabled == false, but it was true")
+	}
+	if configs[1].TLS.Certificate != "" {
+		t.Errorf("Expected config 1 to have TLS.Certificate empty, but it was: %s", configs[1].TLS.Certificate)
+	}
+	if configs[1].TLS.Key != "" {
+		t.Errorf("Expected config 1 to have TLS.Key empty, but it was: %s", configs[1].TLS.Key)
+	}
+}
+
+func TestGroupConfigsByEmail(t *testing.T) {
+	if groupConfigsByEmail([]server.Config{}) == nil {
+		t.Errorf("With empty input, returned map was nil, but expected non-nil map")
+	}
+
+	configs := []server.Config{
+		server.Config{Host: "example.com", TLS: server.TLSConfig{LetsEncryptEmail: "", Managed: true}},
+		server.Config{Host: "sub1.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "foo@bar", Managed: true}},
+		server.Config{Host: "sub2.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "", Managed: true}},
+		server.Config{Host: "sub3.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "foo@bar", Managed: true}},
+		server.Config{Host: "sub4.example.com", TLS: server.TLSConfig{LetsEncryptEmail: "", Managed: true}},
+		server.Config{Host: "sub5.example.com", TLS: server.TLSConfig{LetsEncryptEmail: ""}}, // not managed
+	}
+	DefaultEmail = "test@example.com" // bypass prompt during tests...
+
+	groups := groupConfigsByEmail(configs)
+
+	if groups == nil {
+		t.Fatalf("Returned map was nil, but expected values")
+	}
+
+	if len(groups) != 2 {
+		t.Errorf("Expected 2 groups, got %d: %#v", len(groups), groups)
+	}
+	if len(groups["foo@bar"]) != 2 {
+		t.Errorf("Expected 2 configs for foo@bar, got %d: %#v", len(groups["foobar"]), groups["foobar"])
+	}
+	if len(groups[DefaultEmail]) != 3 {
+		t.Errorf("Expected 3 configs for %s, got %d: %#v", DefaultEmail, len(groups["foobar"]), groups["foobar"])
+	}
+}
+
+func TestMarkQualified(t *testing.T) {
+	// TODO: TestConfigQualifies and this test share the same config list...
+	configs := []server.Config{
+		{Host: "localhost"},
+		{Host: "example.com"},
+		{Host: "example.com", TLS: server.TLSConfig{Certificate: "cert.pem"}},
+		{Host: "example.com", TLS: server.TLSConfig{Key: "key.pem"}},
+		{Host: "example.com", TLS: server.TLSConfig{LetsEncryptEmail: "off"}},
+		{Host: "example.com", TLS: server.TLSConfig{LetsEncryptEmail: "foo@bar.com"}},
+		{Host: "example.com", Scheme: "http"},
+		{Host: "example.com", Port: "80"},
+		{Host: "example.com", Port: "1234"},
+		{Host: "example.com", Scheme: "https"},
+		{Host: "example.com", Port: "80", Scheme: "https"},
+	}
+	expectedManagedCount := 4
+
+	MarkQualified(configs)
+
+	count := 0
+	for _, cfg := range configs {
+		if cfg.TLS.Managed {
+			count++
+		}
+	}
+
+	if count != expectedManagedCount {
+		t.Errorf("Expected %d managed configs, but got %d", expectedManagedCount, count)
+	}
+}

caddy/letsencrypt/user_test.go

@@ -125,6 +125,11 @@ func TestGetUserAlreadyExists(t *testing.T) {
 }
 
 func TestGetEmail(t *testing.T) {
+	// let's not clutter up the output
+	origStdout := os.Stdout
+	os.Stdout = nil
+	defer func() { os.Stdout = origStdout }()
+
 	storage = Storage("./testdata")
 	defer os.RemoveAll(string(storage))
 	DefaultEmail = "test2@foo.com"