55 lines
1.7 KiB
Bash
55 lines
1.7 KiB
Bash
#! /bin/bash
|
|
|
|
function setup {
|
|
# Load helper functions
|
|
load ../helper
|
|
# Which forgehook implementation to use?
|
|
if [ -z "$FORGEHOOK" ]; then FORGEHOOK="forgehook"; fi
|
|
port=$(find_free_port)
|
|
[ ! -z "$FORGEHOOKENDPOINT" ]
|
|
|
|
if [ -z "$WHCK" ]; then export WHCK="whck"; fi
|
|
export WHCK_DIR="$(mktemp -d)"
|
|
|
|
# Need 3>&- so bats doesn't hang because of background task
|
|
$FORGEHOOKENDPOINT $port 3>&- &
|
|
export FORGEHOOKPID="$!"
|
|
[[ $? = 0 ]]
|
|
export FORGEHOOKSRV="http://localhost:$port"
|
|
}
|
|
|
|
function teardown {
|
|
# If setup fails, $FORGEHOOKPID will be empty so nothing to clean
|
|
if [ ! -z "$FORGEHOOKPID" ]; then
|
|
# Also kill the PID's children processes
|
|
kill $(ps -o pid= --ppid $FORGEHOOKPID)
|
|
fi
|
|
if [ -d $WHCK_DIR ]; then rm -r $WHCK_DIR; fi
|
|
}
|
|
|
|
@test "gitea: correct signature works" {
|
|
repo="https://tildegit.org/forge/hook.sh"
|
|
id="$(echo -n "$repo" | base64)"
|
|
webhook="$(gen_webhook ../gitea.json "$repo")"
|
|
secret="$($FORGEHOOK secret $repo)"
|
|
echo -n "$secret" > "$WHCK_DIR"/"$id"
|
|
sig="$(hash_hmac sha256 "$webhook" "$secret")"
|
|
run send_webhook "${FORGEHOOKSRV}?action=gitea" "$webhook" "$sig" "X-Gitea-Signature"
|
|
echo "$output"
|
|
[ $status -eq 0 ]
|
|
[[ "$output" = "" ]]
|
|
}
|
|
|
|
@test "gitea: incorrect signature fails" {
|
|
repo="https://tildegit.org/forge/hook.sh"
|
|
id="$(echo -n "$repo" | base64)"
|
|
webhook="$(gen_webhook ../gitea.json "$repo")"
|
|
# Calculate wrong signature
|
|
secret="$($FORGEHOOK secret $repo)"
|
|
echo -n "$secret" > "$WHCK_DIR"/"$id"
|
|
sig="$(hash_hmac sha256 "EXTRA$webhook" "$secret")"
|
|
run send_webhook "${FORGEHOOKSRV}?action=gitea" "$webhook" "$sig" "X-Gitea-Signature"
|
|
[ "$status" -eq 2 ]
|
|
[[ "$output" != "" ]]
|
|
}
|